Items Tagged with "Cloud Security"
July 17, 2012 Added by:Brandon Knight
One area where companies seem to become lost is when talking about performing penetration testing services against their deployment. While there are some details to work out, fundamentally this type of assessment translates well when talking about applications and infrastructure deployed in the cloud...
July 16, 2012 Added by:Rafal Los
If we as IT professionals and architects acknowledge that the perimeter is now around the data, what solutions do we have for protecting it? How can we protect data which is mobile, usable, and in a constant state of danger? The answer seems to be some form of protection that involves our old friend, encryption...
July 12, 2012 Added by:Stefano Mele
The DOD has specific challenges that require careful adoption considerations, especially in areas of cybersecurity, continuity of operations, information assurance, and resilience. Additional challenges include service acquisition and funding, data migration and management, and overcoming network dependence...
July 12, 2012 Added by:Wendy Nather
I agree that some apps can't be remediated in a short time span, others can't ever be fixed, and so on - for those exigencies a WAF is better than nothing. However, I would caution anyone against deciding that the wave of the future is to rely on the WAF or other network-based security device for application security...
July 11, 2012 Added by:Rafal Los
The challenges of dealing with a completely connected, ubiquitously computable world are that data can be moved, stored, and used anywhere and that the infrastructure that moves that data around is less and less under your control. That's an interesting thing for information security professionals...
July 11, 2012 Added by:Ben Kepes
NBVP had around 40 industry collaborators survey close to 800 respondents to ascertain their key issues impacting cloud computing. Security remains the primary inhibitor to adoption with 55% of respondents identifying it as a concern, followed by regulatory compliance at 38% and vendor lock-in at 32%...
July 05, 2012 Added by:Jack Daniel
You cannot “stop attacks”, you can only alter the consequences of the attacks. You can stop attacks from succeeding sometimes, and minimize the impact on your organization, but the attacks will come no matter what. Further, the idea that “attacks” only fall into two categories, zero-day and patchable, is more nonsense...
June 25, 2012 Added by:Headlines
“The most disturbing findings were the number of companies that report they have no way to track what data is being stored in the cloud, no process to manage access to that data (or plans to do so), and that management doesn’t know where enterprise data is stored. This should act as a wakeup call for organizations..."
June 24, 2012 Added by:Ben Kepes
I was interested to read recently a survey that was commissioned by the Cloud Alliance. What was key for the respondents? Data security and end-user privacy were paramount. One-quarter of survey respondents in organizations with more than 200 workers listed security and privacy as their primary concerns...
June 14, 2012 Added by:Headlines
“If you’re moving information into the cloud, it just seems to me that all kinds of nasty activity could go on in there. I would take a Missouri approach and say, ‘prove it to me, show it to me,’ how it’s more secure,” said former director of intelligence, surveillance and reconnaissance for the Air Force...
June 12, 2012 Added by:Rafal Los
So what is the single most valuable piece of technology that can push a development closer towards a NoOps methodology? I believe it's the adoption of cloud computing. While many of the security folks who read this blog are probably shaking their heads right about now, read on and let me convince you...
June 11, 2012 Added by:Ben Kepes
Some cloud vendors are engaged with IT and following a top down adoption approach while others are aiming for a more viral bottom up adoption. What issues do these different approaches raise and how do we navigate this path while ensuring agility and compliance?
June 06, 2012 Added by:Neira Jones
There are numerous third parties and cloud providers around. A few have already achieved a dominant position, but a recent article highlighted that "others have opportunities to get into the act by offering more security and protection". So there you are, security can be a unique selling proposition...
June 05, 2012 Added by:Ben Kepes
"Migrating to the cloud is not an easy process but good preparation goes a long way toward making it easier. Many businesses do not have their internal systems in good shape in the first place so migrating them to the cloud in bad condition must be horrendous"...
June 05, 2012
This document reprises the definition of cloud computing, describes cloud computing benefits and open issues, presents an overview of major classes of cloud technology, and provides guidelines and recommendations on how organizations should consider the opportunities and risks of cloud computing...
June 01, 2012 Added by:Electronic Frontier Foundation
EFF’s asked the court to return files lost when Megaupload was seized last January. Since then, we’ve been to court both for a hearing and a mediation and nothing has changed. The key problem: the government has failed to help third parties get access to their data. So we have no choice but to go back to court...