How to avoid security issues in cloud computing

Grazed from TechTarget.  Author: Steve Weissman.

A recent piece I wrote on the outsourcing considerations for software as a service (SaaS) and cloud services has sparked some interesting conversation, especially in the realm of security issues in cloud computing. Yet, most of this discussion hasn't touched what I see to be one of the biggest areas of possible vulnerability: avoidable gaps that open as departmental initiatives weaken the enterprise imperative.

Sure, access control, encryption and policy ramifications and the like are all critical -- but what happens when business units are given (or assume) the right and ability to do their own thing? Nothing good, I can tell you...

Dealing With Data Privacy in the Cloud

Grazed from CIO. Author: Paul Trotter.

Data has become a buzzword that means different things to different people, but all organisations agree that understanding customer behaviour, sales performance, and information processes can build a platform for achieving business success. However, our reliance on data and the potential pitfalls associated with managing it have given rise to the need for safeguards for the protection of information, particularly in Europe where the General Data Protection Regulation (GDPR) will soon come into force.

GDPR is designed to harmonise the current data protection regulations across EU member states, with strict data compliance stipulations and the possibility of huge financial penalties for those who breach of the rules. While the regulation doesn’t deal specifically with cloud service providers, it does have implications for organisations that use cloud services to store data...

9 Cloud Computing Security Risks Every Company Faces

Grazed from SkyhighNetworks.  Author: Editorial Staff.

 The worldwide cloud computing market is expected to grow to $191 billion by 2020, according to analyst firm Forrester, up from $91 billion in 2015. There are numerous advantages of cloud computing driving a secular move to the cloud; among them lower cost, faster time to market, and increased employee productivity. However, the security of data in the cloud is a key concern holding back cloud adoption for IT departments.

Employees are not waiting for IT; they’re bringing cloud services to work as part of a larger “bring your own cloud” or BYOC movement. The Ponemon Institute surveyed 400 IT and IT security leaders to uncover how companies are managing user-led cloud adoption...

Cloud Computing: Menlo Comes Out of Stealth with Plan To Fight Malware

Grazed from TopTechNews. Author: Jeff Cozza.

A new security company has just entered the market with a new plan to defeat malware attacks over the Web and e-mail. Menlo Security, which just closed on a $25 million Series B funding round, unveiled its Isolation Platform aimed at protecting end users by executing all Web content in the cloud rather than on users' devices.

Headquartered in Menlo Park, Calif., the company, which emerged from stealth on Monday, consists of several researchers from the University of California, Berkeley, along with experts in security, cloud, and virtualization technology. The new round of financing brings the total company funding to $35.5 million -- Menlo also announced $10.5 million in Series A funding in November...

Dropbox opens up on enterprise cloud strategy with security and integration updates

Grazed from CloudTech. Author: James Bourne.

Dropbox has announced new features in administration, security and integration in a bid to change the way the cloud storage provider works for business. The company is introducing tighter account security through two-step verification, tiered administrative controls, as well as an extension to the Dropbox for Business API, with new capabilities for shared folders.

CloudLock, Netskope and SkySync are among the data migration providers who are already beginning to build integrations, alongside Israeli firm Adallom, which recently announced it was looking after the security for Dropbox for Business. “This is a major milestone for Dropbox for Business,” said UK country manager Mark van der Linden...

Google Centralizes Security, Privacy For Web, Android Users

Grazed from InformationWeek. Author: Thomas Claburn.

Google's new account hub, for users of its Web services and Android smartphones, gives IT organizations a new tool to improve employee awareness of security and privacy. Following its developer conference last week, on Monday Google enhanced its security and privacy offerings with a unified security page and a Web resource for those with privacy questions.

For IT organizations that have to deal with the intricacies of employee devices in the workplace and shadow IT, Google's effort to educate users about security and privacy provide a potential opportunity to raise awareness of issues that confront every company. In a blog post, Google product manager Guemmy Kim said the company wants to change the perception that people are unable to control their personal information...

Read more from the source @

Cloud Computing: How Secure Is Your Small Business? 5 Tips to Protect Against Modern Cyber Attacks

Grazed from Entrepreneur. Author: John Mason.

Today, technologies like cloud computing, mobility, social, and big data and analytics are enabling small- and midsized businesses (SMBs) to do more with less, reach new markets and focus on creativity and invention instead of IT. But with all this new opportunity comes responsibility. Whether an SMB is moving to the cloud or implementing a bring your own device (BYOD) mobile program, security should be part of the plan.

Each year, cyber crime costs the economy about $445 billion, according to the Center for Strategic and International Studies, and SMBs can be attractive targets for hackers tapping into this profitable black market. SMBs tend to have weaker online security, use cloud services void of strong encryption technology and lack the robust IT and internal policies needed to protect against increasingly sophisticated cyber-crime rings, which operate with an enviable efficiency and effectiveness...

Read more from the source @

Survey: Cloud has cleared the QoS hurdle, but security is a different story

Grazed from ITWorldCanada. Author: Danny Bradbury.

Cloud-based communications provider Switch Communications just landed $35m in funding, highlighting a growing interest in the online communications and collaboration market. The series C financing follows an $18 million B-round for Switch Communications, which provides cloud-based unified communications and phone systems.

The funding round for the San Francisco-based firm was led by Amasia Associates, with Felicis Ventures, SoftBank, Work-Bench Ventures and previous investors Andreessen Horowitz and Google Ventures. The deal might signal good fortunes for companies selling cloud-based telecommunications, but companies are still showing themselves to be wary of the cloud, especially when it comes to mission-critical infrastructural applications...

Cloud Computing: Empowering your business – the ‘Triple A’ security approach

Grazed from ITProPortal.  Author: Florian Malecki.

Chief Financial Officers (CFOs) keeping a tab on John Moody’s bond credit rating. In the world of IT however, how can a CIO or IT decision maker (ITDM) rate the efficiency of an IT security implementation?

IT security is one of the main concerns for ITDMs with recent attacks such as Shellshock and Heartbleed and others affecting organisations globally. Therefore ITDMs are taking steps to protect the corporate network from threats of all sizes. However, as it stands security is still at risk from internal and external stand point...

Microsoft Research Unveils VC3 Cloud Workload Privacy Project

Grazed from eWeek. Author: Pedro Hernandez.

Extending its "lockbox" approach to securing data on the cloud, Microsoft's research arm today announced a new technology dubbed Verifiable Confidential Cloud Computing, or VC3. Last year, the Redmond, Wash.-based software giant announced a new process for safeguarding cloud data called a lockbox.

Encompassing a set of technologies, along with strict policies and IT practices at the company's cloud data centers, the approach essentially places customers in complete control of their data and requires that they issue their approval before even Microsoft's own administrators can access protected information...