Cloud Security

Homomorphic Encryption

Grazed from MIT Technology Review.  Author: Erica Naone.

Craig Gentry is creating an encryption system that could solve the problem keeping many organizations from using cloud computing to analyze and mine data: it's too much of a security risk to give a public cloud provider such as Amazon or Google access to unencrypted data.

Security 'is not the only concern when conducting email marketing'

Grazed from Experian QAS.  Author: James Glass.

Firms in New Zealand that rely on email marketing strategies are among those to have been warned of some of the factors they must address when operating such a system.

Russell Parsons, writing for Marketing Week, explained security is the obvious item on the agenda, but there can be several others.

He noted there are numerous benefits to email marketing, such as reliability, a low carbon footprint and the ability to target the right audience.

Why Microsoft and Google Are Fighting Over Uncle Sam

Grazed from GigaOM.  Author: Derrick Harris.

CW Security Think Tank: What’s holding up the cloud?

Grazed from Computer Weekly.  Author: Warwick Ashford.

CW Security Think Tank: Are security concerns and a lack of adequate risk assessment tools the reason SMEs are not adopting cloud computing, or is the real reason something else that security professionals are also in a good position to address?

Incapsula Launches Cloud-Based Web App Firewall

Grazed from GigaOM.  Author: Derrick Harris.

Security zone: Extending compliance to the cloud

Grazed from Computer Weekly.  Author: James Hanlon.

Most security and compliance mandates were simply not designed with cloud environments in mind – an unfortunate state of affairs as a huge amount of our data is about to go "cloudwards".

Even recent updates to common compliance mandates such as PCI DSS 2.0 do not adequately address compliance issues when using cloud services. The key benefits of cost saving, agility, collaboration and availability often overshadow the implications of expanding your audit scope to include your chosen cloud provider. How do you guarantee your compliance when moving to the different forms of cloud services?

Security: The Biggest Holdup to Cloud Computing

Grazed from Server Watch.  Author: Jeff Vance.

Safe Harbour fails to answer overseas cloud security concerns

Grazed from Computer Weekly.  Author: Cliff Saran.

In the past week I've met IBM and Google and asked them about cloud security.  Sure, data is mirrored, replicated and always available...

No my question concerns data jurisdiction and the ability for governments to subpoena hosting and cloud providers to provide law and anti-terrorism agencies with customers' data.

Google UK cites the Safe Harbour agreement that exists between the UK and US, that allows UK data to be stored in the US. But who's stopping the US Department of Homeland Security from taking that data under the Patriot Act.
 

ISF lists 'seven deadly sins' of cloud computing

Grazed from ComputerWorld.  Author: Antony Savvas.

The Information Security Forum (ISF) has identified the "seven deadly sins" of cloud computing implementations in a new report, and has offered guidance on how to tackle them.

The 'Securing cloud computing: addressing the seven deadly sins' report aims to help organisations move quickly to developing business-oriented systems to securing cloud services.

The seven deadly sins outlined in the ISF report are:

How security can rescue cloud computing

Grazed from ComputerWorld.  Author: Andreas M. Antonopoulos.

Whenever the topic of security is mentioned in the context of cloud computing, it is usually discussed as the "big barrier" to adoption. The perceived or actual lack of security in the cloud makes it impossible for businesses to make the leap into this new computing paradigm. I propose a different perspective: Security will rescue cloud computing.