Cloud Security

Europol to reveal cybercrime risk level

Grazed from ComputerWorld.  Author: Jennifer Baker.

European law enforcement agency Europol on Friday will present its assessment of the threat posed by cybercrime, along with its strategy to tackle it.

"Cybercrime is borderless by nature, this makes criminal investigations more complicated for law enforcement authorities," said Europol Director Rob Wainwright. "To effectively tackle cybercrime, adequate cross-border provisions are needed."

A Glimmer of Security Hope for 2011

Grazed from IT Business Edge.  Author: Michael Vizard.

We’ve been talking as an industry about the convergence of security and IT operations management for the better part of a decade.

Developer Says FBI Fiddled With OpenBSD

Grazed from Internet Evolution.  Author: Sean Gallagher.

A former contributor to the code in the OpenBSD operating system that handles encryption of data has alleged that the FBI paid developers working on the code to write in backdoor mechanisms to circumvent authentication and give law enforcement unfettered access to data.

Microsoft gains cloud security certification, follows Google lead

Grazed from ComputerWorld.  Author:  Jon Brodkin.

Microsoft has received FISMA certification for its cloud computing data centres, a key step toward gaining customers in the federal government market that has been infiltrated by rival Google. However, Microsoft's hosted Exchange and Online services have not yet been awarded FISMA approval.

White hat hacker Mafiaboy casts doubt on cloud computing security

Grazed from ComputerWorld.  Author: Jeff Jedras.

 

Michael Calce, the reformed hacker from Montreal who will forever be known as Mafiaboy, told a group of IT professionals Tuesday that he has serious concerns about the inherent vulnerabilities in the latest evolution of information technology: cloud computing.

Kroes calls for better EU cloud security

Grazed from ZDNet.  Author:  Jack Clark.

"A cloud without robust data protection is not the sort of cloud we need. So these features should be well-integrated in the design of cloud-computing products and services, from the very beginning of the business processes," Kroes said on Thursday in a speech at the Les Assises du Numerique conference in Paris.

Data protection standards must also be transnational, she added, noting that "the free movement of personal data within the EU is another way to complete the digital single market in Europe".

Authenticating yourself in the cloud

Grazed from ComputerWorld.  Author:  Manny Vellon.

Of all that has been written about cloud computing, precious little attention has been paid to authentication in the cloud.

Before we get to that, let's review how authentication works on a private network.

When you log on to your machine and then try to access a resource, say a file server or database, something needs to assure that your username and password are valid.  If you're logging onto a Windows machine, this authentication is performed by a component called the "Local Security Authority Subsystem Service".

Gartner: Companies need shift in private cloud security

Grazed from ComputerWorld.  Author:  Antony Savvas.

The security systems of businesses must "evolve" as they move from virtualised data centres towards private cloud infrastructures, according to analysts at Gartner.

Gartner predicts that by 2015, 40 percent of the security controls used within enterprise data centres will be virtualised, up from less than five percent in 2010.

US Defense Dept. Expands Cyber-Security Role

Grazed from Internet Evolution.  Author: Sean Gallagher.

When the US Department of Defense started the ball rolling to create US Cyber Command, its network and information systems security and intelligence organization, there were a lot of people who were uncertain what such a command would do -- in fact, the whole idea of "cyber-warfare" was still sort of nebulous. There were concerns from within the government, in Congress, and from observers outside that Cyber Command would expand DOD's activities out into the civilian domain.

Cloud computing vendors 'should address security concerns'

Grazed from Experian QAS.  Author: Neil Hill.

Cloud computing vendors looking to increase the number of companies using their services will be most successful if they can prove the security of the offerings.

According to Rob Ayoub, global programme director for information security research at Frost & Sullivan, many companies are currently holding back on a move to the cloud because of security and availability concerns.

He said that cloud computing providers should be in a position to provide reassurance to potential clients on these issues, reports Computerworld New Zealand.