Cloud Security

Authenticating yourself in the cloud

Grazed from ComputerWorld.  Author:  Manny Vellon.

Of all that has been written about cloud computing, precious little attention has been paid to authentication in the cloud.

Before we get to that, let's review how authentication works on a private network.

When you log on to your machine and then try to access a resource, say a file server or database, something needs to assure that your username and password are valid.  If you're logging onto a Windows machine, this authentication is performed by a component called the "Local Security Authority Subsystem Service".

Gartner: Companies need shift in private cloud security

Grazed from ComputerWorld.  Author:  Antony Savvas.

The security systems of businesses must "evolve" as they move from virtualised data centres towards private cloud infrastructures, according to analysts at Gartner.

Gartner predicts that by 2015, 40 percent of the security controls used within enterprise data centres will be virtualised, up from less than five percent in 2010.

US Defense Dept. Expands Cyber-Security Role

Grazed from Internet Evolution.  Author: Sean Gallagher.

When the US Department of Defense started the ball rolling to create US Cyber Command, its network and information systems security and intelligence organization, there were a lot of people who were uncertain what such a command would do -- in fact, the whole idea of "cyber-warfare" was still sort of nebulous. There were concerns from within the government, in Congress, and from observers outside that Cyber Command would expand DOD's activities out into the civilian domain.

Cloud computing vendors 'should address security concerns'

Grazed from Experian QAS.  Author: Neil Hill.

Cloud computing vendors looking to increase the number of companies using their services will be most successful if they can prove the security of the offerings.

According to Rob Ayoub, global programme director for information security research at Frost & Sullivan, many companies are currently holding back on a move to the cloud because of security and availability concerns.

He said that cloud computing providers should be in a position to provide reassurance to potential clients on these issues, reports Computerworld New Zealand.

RSA Sees GRC Moving to the Cloud

Grazed from IT Business Edge.  Author: Michael Vizard.

The increasing complexity of complying with regulations has become one of the primary drivers pushing IT organizations to shift management of governance, risk management and compliance (GRC) into the cloud.

According to Art Coviello, president of the RSA division of EMC, a new report issued by a Security Council for Business Innovation, which is made up of senior IT executives that are customers of RSA, highlights the increased nuance and specificity required to manage GRC.

Forecast for Cloud Security: Still Cloudy

Grazed from ChannelPro SMB.  Author: Herman Mehling.

While many companies are moving their apps and services to the cloud, roughly half are unaware of what they are getting themselves into, security-wise. That’s the main finding of Security of Cloud Computing Users, a recent study done by the Ponemon Institute for CA Technologies.

European Data Privacy Restrictions Slow Cloud Computing Spread

Grazed from IT Business Edge.  Author:  Lora Bentley.

Adoption of cloud computing is spreading rapidly in the United States, primarily because it "allows companies to tap enormous computing power...without having to invest in the infrastructure," The New York TImes reports. According to Gartner, global sales of cloud services are expected to reach $102.1 billion by 2012. But Europe is only expected to account for approximately 29 percent of those sales.


Will Two-Step Authentication Provide Better Cloud Security?

Grazed from IT Business Edge.  Author:  Sue Marquette Poremba.

As more enterprises consider moving to cloud computing, security in the cloud remains a major concern, particularly the ease in which hackers can gain access to data.


Google fires engineer for privacy violations

Grazed from ComputerWorld.  Author:  Sumner Lemon.

A Google engineer was fired for violating the company's privacy rules, Google said today. The search giant was responding to a report that the engineer had improperly accessed the accounts of several teenagers.

"We dismissed David Barksdale for breaking Google's strict internal privacy policies," said Bill Coughran, senior vice president of Google, in a statement.

Security, availability drive APAC private cloud interest

Grazed from ZDNet.  Author: Kevin Kwang.

Chris Morris, director of IDC Asia-Pacific's practice group, said that 2011 will be a "big year for private clouds" as more CIOs look to the safer option of creating a virtualized, cloud computing datacenter environment within the company.

He went on to note in his presentation at a conference Monday that security concerns over transacting in a public cloud environment, as well as worries about possible downtime and poor performance of public cloud services, have made CIOs wary.