Items Tagged with "Cloud Security"


0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud - A Model Driven Approach

April 27, 2012 Added by:Rafal Los

As we discussed at OWASP AppSec APAC in Sydney recently, there is still too much focus being given to the security of infrastructure, and we're spending a disproportionate amount of time on the security of networks, servers, etc. rather than actually looking at the applications...

Comments  (0)

B8db824b8b275afb1f4160f03cd3f733

Wait, What? Someone Has to Look at Those Logs?

April 26, 2012 Added by:Jack Daniel

Monitoring the performance of your MSSP is cheap insurance- the last thing you want to face is a failure of your service and the need to rebuild an in-house program. You thought getting all that data pushed out to the MSSP was a pain- just imagine trying to get it back...

Comments  (1)

7ddc1f3000a13e4dfec28074e9e7b658

Court Orders Megaupload Parties to Come Up with a Plan

April 25, 2012 Added by:Electronic Frontier Foundation

The government, which had originally seized files and still apparently holds all of Megaupload's financial assets, had argued that it had no obligation to make sure the files of innocent Megaupload users were returned and, in fact, believed that they could be destroyed...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Making an Intelligent, Defensible Trust Valuation

April 23, 2012 Added by:Rafal Los

Is trust a binary decision? Can you trust something to varying levels? These are important questions for any security professional to have good answers to. Applying this logic to computing - can we ever really trust any computer environment, system, or application?

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

More on the IT Business Boiling Point

April 22, 2012 Added by:Ben Kepes

This tension between old and new is interesting to watch and has some interesting parallels within organizations. I’m talking about the tension that exists between IT and business units. The former who want to ensure security and control, the latter who simply want to get stuff done...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Cloud Adoption Tension: IT vs Business

April 19, 2012 Added by:Ben Kepes

On the side of IT it’s all about security, control and transparency. On the side of the business, it’s years of frustration at slow and cumbersome IT procurement processes – they want to get stuff done. It’s fair to say that we’re still in the Wild West of cloud adoption...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Zeus Trojan Takes Aim at Cloud Payroll Services

April 12, 2012 Added by:Headlines

"Zeus captures a screenshot of a Ceridian payroll services web page when a corporate user whose machine is infected... visits this website. This allows Zeus to steal the user id, password, company number and the icon selected by the user for the image-based authentication system..."

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Megaupload Goes to Court: A Primer

April 11, 2012 Added by:Electronic Frontier Foundation

Does the government have a responsibility to protect innocent third parties from collateral damage when it seizes their property in the course of prosecuting alleged copyright infringement? That is the question a federal district court will consider...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ENISA: Guidelines for Monitoring Cloud Computing Contracts

April 05, 2012

Cloud computing services are increasingly important for governments and businesses, and information security is a key pain-point. To help solve this problem ENISA released a guide focusing on continuous security monitoring throughout the life-cycle of a cloud contract...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Cloud Security: Forecast Sunny with Possibility of Showers

April 04, 2012 Added by:Fergal Glynn

Even as companies are adapting to this new paradigm, there are growing concerns about the safety of their data in the cloud. Incidents at cloud service providers like Dropbox highlight dangers of storing information in the cloud...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Cloud Services Strategy: Security First - Growth Second

March 30, 2012 Added by:Richard Stiennon

Cisco, Juniper, Oracle, and Microsoft might have security initiatives and even good sales of security products. But security takes a back seat to functionality too often. Why are there no secure switches? Secure apps for Windows? Or secure databases?

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Cloud Security and the Enterprise

March 29, 2012 Added by:Ben Kepes

We need to ensure that legislation and regulations for cloud services truly reflect the realities of the cloudy world we live in and do not allow for a shotgun approach to compliance that primarily meets the needs of just one powerful interest group...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ENISA: Study on Data Collection and Storage

March 27, 2012

Given the contrast between the importance of the privacy by design principle and the reality of lax data protection practices with many service providers, the aim of this study is to present an analysis of the relevant legal framework on the principles of minimal disclosure...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Data Back-Up Strategies for Your Business

March 25, 2012 Added by:Robert Siciliano

Do you backup data? One of the problems with getting a small businesses to secure data is they think they need to load up thumbdrives, DVDs or tape devices manually. This is in fact tedious and overwhelming. I’ve got news for you, data backup is easy...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Transborder Data Flows at Risk

March 22, 2012 Added by:David Navetta

The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries...

Comments  (0)

3071bd3c5c013c8c3defcccad0259c16

Reaching for the Cloud: A Contemporary Infosec Perspective

March 21, 2012 Added by:Hani Banayoti

We need to entrust information security to professionals who not only know the fundamental principles and technologies, but are also able to understand and support the business's goals in order to influence and contribute positively to the ongoing infosec challenge...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »