Security Monitoring

Tech companies rally round Microsoft over US government cloud surveillance

Grazed from Computing. Author: Graeme Burton.

Microsoft has been backed by technology companies and a swathe of US corporates in a legal action against the US government over laws that could have major implications for the development of cloud computing. The law would enable US government agencies to seize data hosted on third-party computers, while at the same time barring the hosting company from informing its customers of the seizure.

Microsoft claims that the law is unconstitutional, and filed suit in April in a Seattle federal court in a bid to have the law overturned. Microsoft argues that the law violates the Fourth Amendment, prohibiting unreasonable searches and seizures, and requiring warrants to be judicially sanctioned and supported by "probable cause"...

Gartner: Start security monitoring in the public cloud

Grazed from Network World. Author: Ellen Messmer.

Security monitoring — the type involving traditional security information and event management (SIEM) — can be done in some public cloud environments, according to Gartner. And if you’re using public cloud services, it’s time to think about doing it.

Security monitoring of assets that the enterprise has placed in cloud is still not a common practice, but it really should be, said Gartner analyst Anton Chuvakin during his presentation this week at the Gartner Security and Risk Management Summit. There is always a “loss of control” when turning corporate data assets over to the cloud, Chuvakin says, but “you can compensate by increasing the visibility that comes with collection of logs and network traffic.”...