FBI insists cloud providers meet strict security requirements

Grazed from FierceCIO.  Author: Caron Carlson.

Large enterprises continue to have reservations about the security of cloud computing, and apparently the FBI does too. The agency made it clear this week that any cloud providers who want to do business with U.S. law enforcement agencies must abide by its Criminal Justice Information Systems security requirements--which is a very high bar, reports Jaikumar Vijayan at Computerworld.

"The FBI remains committed to using technology in its information-sharing processes, but not at the sacrifice of the security of the information with which it has been entrusted," Stephen Fischer Jr., a spokesman for the FBI's CJIS division, told Computerworld...

Cloud computing can add an extra layer of security

Grazed from iHotDesk.  Author: Editorial Staff.

Contrary to what some people believe, cloud computing can work as an additional security measure.

Despite security issues being one of the biggest concerns brought up by businesses since cloud computing platforms began to take off a few years ago, John Dunn, security editor of Techworld, believes that the technology can actually help protect your company if used correctly.  Indeed, he feels that many people merely get the jitters when they think about off-site application hosting because, on the face of it at least, it does sound like a hacker's dream.

"The security layer the companies have, the security software and products they buy and the infrastructure they run means there is a real move to actually buy that as a service," Mr Dunn said. "So all of the traffic that goes in and out of your company will come through a layer that's run by a cloud company - it will be filtered and looked at...

Safe and Sound: Cloud Security and Reliability

Grazed from PipeLine.  Author: Tim Young

The thing about hype is that, sooner or later, it's time to put-up or shut-up. That time, it seems, has come for the cloud.

Here in the U.S., the National Institute for Standards and Technology (NIST) has published its final, official definition of cloud computing, after 15 previous iterations. This "model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources" is more than just web-apps and off-site storage. It's a definition that characterizes a baseline for cloud computing against which agencies and potential cloud adopters can judge so-called "cloud" services.

By having this standard against which to measure services, according to NIST computer scientist Peter Mell, "They are more likely to reap the promised benefits of cloud—cost savings, energy savings, rapid deployment and customer empowerment." ...

Cloud Computing: Easing Some Of Virtual Security's Complexities

Grazed from Network Computing.  Author: Robert Mullins.

While virtualization and cloud computing pretty much dominate the IT world, security and compliance with IT standards are neither trivial concerns, nor going away anytime soon. But in some ways, security is easier to accomplish in virtual systems than in physical

Take the task of tracking an inventory of IT assets in a data center, for instance. Catbird, a security and compliance technology vendor, has just introduced version 5.0 of its vSecurity suite of tools for securing virtual, cloud and physical networks. One feature of the product is Automated Asset Inventory: every time a new device is attached to the network -- a server, a router or a printer -- the inventory feature sees it and applies the appropriate security rules to it...

How to protect your IP in the cloud

Grazed from InfoWorld.  Author: Stephanie Overby.

Around this time last year, the cloud computing contract signings were coming fast and furious -- not just for commodity work like IT management or email, but for software and infrastructure closer to the core of corporate value. Not long after that, the calls started to come in to Greg Bell, principal and the Americas service leader for information protection at KPMG.

Cloud services customers more often line of business leaders that IT executive -- were panicked as they began to realize that their intellectual property (IP) was now at risk. Some, like one client who discovered that he'd potentially exposed his company's precious formulas, had to bring the software and associated processes back in-house -- at no small expense. "They quickly went through an assessment, made very aggressive movement [into cloud computing], and then had to retreat because they were not able to put the proper controls in place," says Bell...

Financial Information on the Cloud: Considering the Role of Trust

Grazed from Business Insider.  Author: Editorial Staff.

Cloud computing is the latest buzz word. Many companies are adopting this convenient, on-demand service to enable themselves to save the costs involved in establishing computing infrastructure such as hard drives, development platforms, databases, computing power, or complete software applications.

Whether you are using public cloud, private cloud, virtual private cloud and/or hybrid cloud for your organization, cloud computing focuses on core business processes and offers greater efficiency by allowing data center upkeep and maintenance to be managed offsite. Cloud computing is certainly an alternative technology to get the job done in with less money.

Cloud computing has penetrated each and every department of any organization including human resources, maintenance/operations, marketing, product development, IT (maybe), logistics (if shipping/movement of items), customer service (if needed)/product support, and legal (if a large corporation)...

CloudPassage Launches Halo NetSec to Automate Strong Network Security in the Cloud

Grazed from MarketWatch.  Author: PR Announcement.

CloudPassage, the leading cloud server security company, today unveils Halo NetSec, an automated solution that provides advanced network access control for servers running in public clouds including Rackspace and Amazon EC2. Halo NetSec is specifically designed for multi-cloud environments, installs in less than five minutes and provides administrators with easy-to-manage perimeter controls.

"Cloud computing has ushered in a new set of security risks and challenges that are not addressed at the IaaS level, and traditional firewall defenses do not adequately translate into the cloud," said Andrew Hay, senior security analyst for 451 Research. "A host-based server security solution designed specifically for cloud environments picks up where the IaaS leaves off, providing organizations with the scalable security they need to consider when migrating traditional on-premise systems to the cloud."...

Beware cloud computing’s trapdoors

Grazed from The Globe & Mail.  Author: Grant Buckler.

The toll of cyber crime appears to be rising as criminals become more sophisticated and more focused on financial gain. And while businesses are doing a bit better at protecting themselves, criminals have become better at bypassing the standard security measures, experts say.

To complicate matters, more businesses are adopting cloud computing, in which they run software and store data on computers outside their own premises and their own direct control. (The term can also refer to internal or private clouds, which distribute work over multiple servers but only within an organization.)...

Cloud Security, Costs Concern Federal IT Pros

Grazed from InformationWeek.  Author: J. Nicholas Hoover.

Federal IT managers are working to adopt cloud computing technologies and comply with White House cloud computing initiatives, but aren't yet sold on cloud computing's cost savings or security, according to a recent survey.

According to the survey by research group the Ponemon Institute, 91% of federal IT workers are either somewhat or very familiar with the Office of Management and Budget's Cloud First initiative, but 69% believe that the initiative's requirement to move three services to the cloud over 18 months is too fast. In fact, 71% of respondents said that pressure to move to the cloud creates security risks for their organizations...

Cloud-Based Security Is Gaining Momentum

Grazed from InfoBoom.  Author: Shawn Drew.

Sourcefire recently announced the release of its FireAMP software, which harnesses the power of the cloud to provide malware protection to businesses. The release is one more example of the rise of cloud-based security, which uses the massive computing power of the cloud to provide solutions that would have been unthinkable just a few years ago.