Items Tagged with "Cloud Security"
December 16, 2011 Added by:Rafal Los
There is an operational perspective in terms of provider transparency. We are now starting to see cases where a SaaS service offering is built on top of a PaaS service, built using multiple IaaS services and that is enough to make anyone's head spin...
December 14, 2011 Added by:Mike Meikle
Carefully crafted and monitored SLAs to keep vendors in check, mandating FIPS 140-2 certification of potential vendors and benefiting from vendor technology investments (economies of scale) can add significant weight to cloud solution providers being more secure than in-house solutions...
December 13, 2011 Added by:Danny Lieberman
A client asked us to find a way to reduce risk exposure at the lowest cost. Using the Business Threat Modeling methodology and Practical Threat Analysis software, we were able to mitigate 80% of the total risk exposure in dollars at half the security budget proposed by the vendor....
December 12, 2011 Added by:Ben Kepes
Passwords it seems are both the bane of our existence and, apparently, the most important thing in our lives. Unfortunately the Cloud doesn’t really change this, good password protocols are as important in the Cloud as they were in an on-premise world and potentially even more so...
December 08, 2011 Added by:Rafal Los
The glut of blinking lights and devices that require time and effort to manage has gotten out of control... or so I'm being told. I've not manged a security team in 4 years now, but even back then the glut of boxes, products and solutions was becoming too much to bear. I can only imagine it now...
December 06, 2011 Added by:Ben Kepes
In our cloud security whitepaper we spent time talking about why Cloud Computing is potentially more secure than traditional models of IT delivery while at the same time pointing out the fact that there’s still security issues that organizations need to think about when using Cloud...
November 28, 2011 Added by:Ben Kepes
Cloud security is a two way street – both vendors and customers have a part to play in keeping it safe, and both parties need to bring something to the table. But, notwithstanding this fact, Cloud is still the best option for a number of SMB use cases...
November 28, 2011 Added by:Kevin L. Jackson
GovCoud is the “go to” place for everything related to federal cloud computing. Our mission is to help federal organizations learn about, try and securely adopt cloud computing technologies. This site will provide a community hub for information dissemination and GovCloud best practices...
November 22, 2011 Added by:Robert Siciliano
Security is paramount. Amazon states: “In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides appropriate security features in those services, and documents how to use those features..."
November 15, 2011 Added by:Headlines
“India welcomes the decision of the EastWest Institute to bring this powerful forum to New Delhi. Working together with like-minded countries and businesses worldwide, India will work hard to assure that practical advances in cybersecurity are made and international cooperation advanced..."
November 13, 2011 Added by:Ben Kepes
The report gives a higher rating to applications that have native integration, and kind of discounts the awesome work that third party integrators are doing to tie together application as somehow inferior. But the report then goes on to give one example of a native integration...
November 10, 2011 Added by:Paula Skokowski
The potential for a data breach a lot higher with the launch of Apple's iCloud. When content changes on one device, all other devices are automatically updated. A wonderful service for consumers; however, for enterprises iCloud has the potential to wreak havoc...
November 03, 2011
"Your management fears the auditors more than the hackers. So why is it they're looking at moving cardholder data so quickly? Because 'cloud computing' is the new marketing buzzword that promises to do everything..."
November 03, 2011 Added by:David Navetta
NIST intends the definition "to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing..."
November 02, 2011 Added by:PCI Guru
This SIG is to be created to guide merchants and service providers in what should be the result of a proper risk assessment, not create another risk assessment methodology. While such an Information Supplement is an admirable ideal, you understand why this SIG is a losing proposition...
October 31, 2011 Added by:Enno Rey
Recently Apple launched its new offering iCloud. At this point, most infosec people start to worry a little bit: The common cloud concept of centralized data storage on premise of a third party does not cope well with the usual control focused approach of most technical infosec guys...