Posted by
admin in
Privacy, Compliance and Identity, Secure Data Centers, Securing the Cloud, Virtualization
Jan 28th, 2010 |
No Comments
Frank Gens of IDC says 2010 will be a transformational year for IT, driven in part by cloud computing. Although cloud computing is a hot topic, a lot of IT folks remain confused and unsure about a host of issues from vendor selection and control to security and compliance. We’ve tried to help by compiling a list of great resources to help you navigate these issues. If you find others that are worth sharing, please let us know.
There are several industry organizations and groups which help facilitate understanding of the cloud, provide best practices and enable standards:
The Cloud Security...
Posted by
Todd in
Securing the Cloud
Dec 17th, 2009 |
No Comments
The Cloud Security Alliance (known affectionately as CSA) today published the second version of its “Guidance for Critical Areas of Focus in Cloud Computing” which you can download from the CSA website. As full disclosure, I am co-chair of the Solution Provider group within the CSA along with my esteemed colleague Tim Matthews from PGP .
An excerpt from the CSA press release concisely describes the document’s value:
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and...
Posted by
Wael in
Privacy, Compliance and Identity, Securing the Cloud, Virtualization
Nov 9th, 2009 |
1 Comment
Are you still a skeptic about cloud computing?
Do you remember when you refused to bank online because it couldn’t be safe? I do. In fact, I even remember working with one of the leading banks in Canada when the CIO declared that no employees should have access to the Internet—for any business reason, ever. He did not last long in his job.
Over the past 15 years our reliance on the Internet has steadily increased, encouraged by advancements in technology (including security), a culture of instant gratification and an obsession with efficiency. After a year of media frenzy, some of us are still...
Posted by
Jon in
Securing the Cloud
Nov 2nd, 2009 |
1 Comment
Recently, there have been some high profile failures of cloud computing, including the Sidekick outage, the DDos attack on Amazon’s EC2 and disruption to Google’s hosted email. Following these debacles, some people have expressed scepticism about the cloud computing model. For example, a response to a CNET article was: “Putting all your beans in a single point of failure for users (in an enterprise or corporation) is suicide.”
Here I will consider a range of activities as “Cloud Computing” including SaaS, PaaS and IaaS. All three raise some concerns for companies. Companies that...
Posted by
Andrew in
Securing the Cloud
Oct 20th, 2009 |
No Comments
Adding to what my colleague Todd has written on the Microsoft/Danger data loss issue…
What has been billed as a large scale failure of cloud computing, more specifically, cloud storage, is making headlines and generating lots of heat but little light.
Major outage hits T-Mobile Sidekick users: “Users of T-Mobile’s Sidekick have been suffering through a major outage over the past several days that left many without access to the Web or their address books.”
Lawsuits filed over Sidekick outages: “In that lawsuit, Thompson’s lawyers argue why the outage...
Posted by
Todd in
Securing the Cloud
Oct 19th, 2009 |
No Comments
T-Mobile USA’s Sidekick mobile phone service operated by Microsoft’s Danger subsidiary encountered a service disruption that resulted in some Sidekick phone customers losing their personal information including contact names, phone numbers and digital photos (the New York Times had a summary, and The Register has some juicy speculation on the origin of the outage). Many commentators used this episode and other recent “cloud” system outages to cast doubt on the reliability of cloud computing. I suggest taking a breath and a think.
What happened to Microsoft with Danger was an IT...
Posted by
Todd in
Cloud-based Security, Threats from the Cloud
Oct 9th, 2009 |
No Comments
Amazon EC2 customers recently suffered from a concerted Distributed Denial of Service (DDoS) attack that caused some consternation for the web-based code hosting service Bitbucket (news courtesy of my favorite IT tabloid, The Register). An unfortunate fact of life about the massive DDoS such as Bitbucket appears to have suffered is that there is no defense once the incoming network pipes are full other than shutting off the DDoS.
Trend Micro has to wrestle with DDoS attacks as part of our antivirus business as well as our hosted security business (shameless sales plug: check out InterScan Hosted...
Posted by
admin in
Securing the Cloud, Virtualization
Oct 5th, 2009 |
No Comments
Trend Micro CEO Eva Chen took part in a Security Experts Roundtable at the InformationWeek 500 Conference in September. She was joined by Pacific Northwest Labs’ Jerry Johnson, RSA’s Mischel Kwon, and Time Warner’s Renee Guttman who shared their thoughts with Alex Wolfe about the changing nature of threats and the challenge of securing the cloud. The panel had some interesting thoughts about about where to invest security dollars and how to securely realize the benefits of cloud computing.
Posted by
YC in
Privacy, Compliance and Identity, Securing the Cloud
Sep 15th, 2009 |
No Comments
The topic of cloud computing is very hot these days. The advances in hardware, software and networking technologies have made the dream of computing as a utility service for cost-conscious companies or ordinary individuals a reality. Under this new paradigm, it’s possible to rent by the hour to take advantage of cloud computing. The public cloud simultaneously solves three resource bottlenecks . First, we can use it as a poor-man’s supercomputer if we want to do compute-intensive jobs. Second, we can use it to process large amounts of data that traditional file systems just cannot tackle. Third,...
Posted by
Todd in
Cloud-based Security, Securing the Cloud
Sep 13th, 2009 |
No Comments
Cloud computing is the buzzword in the computing industry, but it can mean many things to many people. Trend Micro is challenged to use a common vocabulary to describe the various facets of cloud computing. This post articulates the various aspects of cloud computing so we can speak a similar language. It is intended to be more pragmatic than doctrinaire and express what we see customers saying in their conversations around cloud computing and the different cloud formations.
Lots of smart people have started looking at cloud computing security and the ways in which we consume cloud computing. ...
