According to a new report by cloud security company CipherCloud, compliance is the single biggest concern for large organizations looking at cloud adoption. The company surveyed its 100-plus large global customers and found that, for 64 percent, compliance was their top cloud security obstacle, followed by unprotected data for 32 percent. Of those concerned most about compliance, 58 percent said that cloud services violated data protection laws in their country, 31 percent said they violated […]
Encryption
15 posts
NO DOUBT ABOUT IT – there is a sea change happening as individuals and companies slowly grasp the upside of cloud computing. But I still get challenged at conferences: “What about the security risk? I have to know that my bits are safe. How do I know these service providers are not going to mine my data and exploit all my information?” The short answer is that you don’t – no one does. But then […]
As the second law of thermodynamics tells us, all things trend toward chaos and this is no less true with a virtual environment. Sprawl can have a real security impact, and it takes discipline and planning to control sprawl — discipline and planning that won’t occur without someone from the security team actively monitoring the problem and formulating strategies for how to address the issue. Virtualization has been one of the most rapidly and widely […]
VoIP-over-VPN technology protects the privacy of corporate voice communications in industrial networks, while delivering the cost-saving and technology benefits of Voice-over-IP. By reducing or eliminating phone charges, consolidating infrastructure, and streamlining network operations and maintenance, Voice over Internet Protocol (VoIP) offers tremendous cost-savings for oil and gas companies and other industrial sectors. As with any new technology, however, there can be a down-side. Most VoIP gateways compromise communication security by transporting VoIP and data traffic […]
One of the main reasons for deploying desktop virtualization is the security advantages it can provide, such as keeping sensitive data off the endpoint, according to Citrix. And Citrix is practicing what it preaches at its Ft. Lauderdale, Fla., headquarters where employees, for example, use the Citrix virtualization product Citrix Receiver for smartphones and tablets. Citrix Receiver brings full-fledged desktop apps to smartphones and tablets “It’s required to access some systems such as SAP,” says […]
Using the OSI network layer model as a basis, here’s how to derive a simplified three-layer model for SIP-based VoIP and corresponding threats and defenses. The resurgence of interest in VoIP to provide telephone services worldwide is often credited to the use of session initiation protocol (SIP) for signaling. Both residential and enterprise VoIP services are widely deployed. IP telephony may be used either to replace the primary telephone service or to provide additional telephone […]
Cloud computing has flunked a security test, reports Tim Wilson at Dark Reading. That probably doesn’t surprise you. Conventional wisdom says clouds are inherently insecure. But are they? Or are clouds actually more secure than conventional IT environments? A growing number of technologists are making that argument. And they’re not cloud vendors or marketers or startups who have placed their bet on the cloud. They’re some of the senior-most technology officials in government, including those […]
While conventional wisdom says virtualized environments and public clouds create massive security headaches, the godfather of Xen, Simon Crosby, says virtualization actually holds a key to better security. Isolation — the ability to restrict what computing goes on in a given context — is a fundamental characteristic of virtualization that can be exploited to improve trustworthiness of processes on a physical system even if other processes have been compromised, says Crosby, a creator of the […]
You are not alone if you are confused about cloud computing – recent research has shown that nearly half of those not using cloud computing don’t know what it means. Whether you are worried about security or how you would access your data without internet access read on and see my answers to the common questions which people ask me about cloud computing. 1. Is there a difference between ‘The Cloud’ and ‘Cloud Computing’? Isn’t […]
Meeting the requirements for cloud data security entails applying existing security techniques and following sound security practices. To be effective, cloud data security depends on more than simply applying appropriate countermeasures. Taken collectively, countermeasures must comprise a resilient mosaic that protects data at rest as well as data in motion. While the use of encryption is a key component for cloud security, even the most robust encryption is pointless if the keys are exposed or […]
Securing Voice over IP (VoIP) doesn’t have to be a challenge for small and medium-sized businesses (SMBs). VoIP is basically a phone call over the Internet. It offers the same promises – and pitfalls – as the Internet. The promises are cheap and easy communication over a readily available and easy-to-use public network – the Internet. The pitfalls are the same security weaknesses of that network, which wasn’t originally designed for security – or phone […]
Cloud computing is a priority for enterprises seeking greater agility, operational efficiency and overall cost reduction, but security concerns continue to inhibit its use. Half of all companies not adopting cloud computing cite security as the reason, according to a Forrester Research October 2010 study, “Security and the Cloud.” Whether considering a private cloud or public cloud, IT professionals face new security and compliance challenges. As data moves to the cloud, it can migrate internally […]
Cloud computing is a boon, but its vectors need to be kept on a short leash, says Mushegh Hakhinian, security architect at IntraLinks. The pace of business today requires that critical information be accessible anywhere, anytime, often among both internal and external parties. Hosted services are an important tool to enable this, but while the tools facilitate communication, they bring additional risk and challenges to the firms that use them. Technology is rapidly evolving to […]
Businesses concerned about the security of infrastructure as a service (IaaS) cloud technology should be more worried about how they secure data themselves rather than the levels of security offered by cloud providers. A recent survey by Forrester Research found that security is the main concern about IaaS technology for 58 per cent of European technology decision-makers. And these concerns – combined with others – appear to be hampering adoption, with just two per cent […]
Cloud computing security is an incredibly broad (and deep) topic, so I can only scratch the surface in a short article. Even so, let’s try to get the basics under control. The first order of business is making sure we’re talking about the same thing. Some cloud vendors try to blur the lines between security, reliability, and disaster recovery/business continuity. While all these are important attributes, it just confuses the conversation. So let’s stick with […]