Cloud Security

Gartner: Virtualisation and cloud computing race ahead of security practices

Grazed from ComputerWorld.  Author:  Ellen Messmer.

The rush toward virtualisation of internal enterprise computing resources and cloud computing can have many advantages, such as server consolidation, but it's largely outracing traditional security and identity management practices.

That's leaving huge gaps, a sense of chaos and questions about where security products and services should be applied in the world of multi-vendor virtual-machine (VM) hypervisors.

Improving the Security of Cloud Computing

Grazed from MIT Technology Review.  Author: David Talbot.

On-demand cloud computing and data storage can save companies money, but many businesses—particularly in finance and health care—are wary of handing data to third parties, fearing hacking, accidental data loss, or theft by rogue employees of cloud providers.

New security solutions are appearing: One verifies cloud providers' claims that your data is safely lodged on its own server. Another protects your cloud-based data by using a math function to divide it into 16 segments, any 10 of which can be used to re-create the entire original set.

Homomorphic encryption: Can it save cloud computing?

Grazed from ZDNet.  Author: Michael Kassner.

Homomorphic what? My Oxford English Dictionary suggests the following definition: "Pertaining to two sets that are related by a homomorphism."

Come on. Let's try homomorphism: "A transformation of one set into another that preserves in the second set the relations between elements of the first."

Put homomorphic with encryption and thankfully Wikipedia provides something useful: "A form of encryption where a specific algebraic operation performed on the plain text is equivalent to another (possibly different) algebraic operation performed on the cipher text."

Cloud Security's Stormy Outlook

Grazed from IT Business Edge.  Author: Sue Marquette Poremba.

When I talk to people who deal with network security on a daily basis, I often ask how they feel about cloud security. The reaction I get is usually mixed. Some love it, but a surprising number are very wary about it, and more than a few have resisted the move to the cloud because they don't trust the security. I'm not the only one who has noticed this trend. My colleague Arthur Cole wrote:

Making the Case for Security

Grazed from MIT Technology Review.  Author: Brian Krebs.

Major corporations have made serious mistakes with information security recently, resulting in spectacular failures to protect business and customer records. After years of warnings, why do so many businesses still fail to deal properly with this issue? Eugene H. Spafford, a professor of computer science at Purdue University who frequently advises government, law enforcement, and big companies, has some ideas. He spoke with technology journalist Brian Krebs for Technology Review.

How can businesses be secure and successful in cyberspace?

Grazed from Computer Weekly.  Author: Warwick Ashford.

Cybersecurity experts agree the only way for business to be 100% safe from cyber attacks is to shut down all electronic connections, but no business could operate that way. The challenge facing most businesses, in the light of growing cyber threats, is to be secure and succeed in cyberspace. So what's needed?

Technological controls play a role, but that is not the most important element and certainly not the starting point, according to panellists who took part in a debate on the topic at the EastWest Institute's Second Worldwide Cybersecurity Summit in London.


The Costs of Bad Security

Grazed from MIT Technology Review.  Author: David Talbot.

Keeping up: The Enterprise Strategy Group, a consulting firm, asked 308 IT professionals in large companies what factors motivated their decisions to improve data security. Regulatory compliance topped the list
Credit: Credit: ESG Research Report, Protecting Confidential Data Revisited, April 2009

A guide to ensuring your security in the cloud

Grazed from Computer Weekly.  Author: Editorial Staff.

Everyone’s talking about cloud computing these days. However, there is a significant security risk that increases with the explosion of cloud computing adoption and could easily burst the bubble of the hype – leaving businesses and their suppliers without the silver lining they expected.

Cloud computing, SaaS, PaaS, IaaS … just choose your terminology, the one thing they have in common is they make applications or infrastructure available on an as-needed basis.


First-generation firewalls do not cut the mustard

Grazed from Computer Weekly.  Author: Adrian Bridgwater.

In the wake of the InfoSec information security exhibition in London last month, I think I finally have Part II to my blog written to coincide with the event: Infosec 2011: application (development) appetisers Part I.

What I was looking for was some insight into how the mechanics of security technologies work, so I spoke to Florian Malecki who is EMEA enterprise marketing and product marketing manager at SonicWALL -- a company that describes itself as a purveyor of intelligent network security and data protection solutions.

Who Is Responsible for Cloud Security?

Grazed from IT Business Edge.  Author: Sue Marquette Poremba.

On the tails of the Sony and Amazon breaches, a recent Ponemon Institute report had some very sobering news.


The study, “Security of Cloud Computing Providers," was sponsored by CA Technologies and found the following issues involving cloud security: