Thoughts on Mobile Security and Applications
I had an interesting discussion about mobile systems security and banking over the weekend with some friends from the University of Washington. Here are my thoughts on what is going to be some of the more advanced issues with information security, mobile systems, and the idea that the phone is the new credit card. Few [...]
Firehost Gives Customers A Peep Into Their Security
Firehost (see previous CloudAve coverage), the managed hosting provider with strong focus on security, today announced a new feature called “Security View”, available through the customer portal, which will give them a first hand view on how the company blocks hack attacks on the servers and applications. This allows the customers to gain better visibility [...]
Your Twitter security is an egg, not an onion
Hard to come up with a more fuzzy title really. Let me cut through the usual Twitter conversation show and pick only one: .@CoCreatr @VenessaMiemis @dsearls Twitter DMs can be seen by 3rd parties http://bit.ly/auSmBL < what part of “access” did u not understand? That was a rather short version of the original tweet, including [...]
Foxmarks, Xmarks, LastPass, Xpass, LastX, X%^&% Quick Rant
Warning: I think I’m becoming a curmudgeon – except that title has until now been reserved for somebody else . But I still have doubts about the recent transaction: LastPass acquired Xmarks. I really liked Xmarks – when it was Foxmarks. A simple bookmark synchronization service that would keep your Firefox up-to-date no matter where [...]
Enterprise Cloud Computing And Wikileaks Saga
In my previous post, I argued about how public clouds will eventually dominate the enterprise IT scene though better economics. I also pointed out that it is not going to happen anytime sooner because of concerns about security and compliance. Many of the public cloud advocates dismiss such enterprise concerns immediately and some even want [...]
Cloud Vendors Push US Congress For More Data Protection
One of the biggest concerns regarding Cloud Computing is about the privacy of data on third party servers. Along with data thefts that could happen due to bad security policies of the vendors, there is always a threat from overzealous governments trying to use their authority to take anyone’s data out from the third party [...]
The future of cyber protests takes out RIAA MPAA and AiPlex
If you have not followed the events this weekend where a group of users from 4Chan decided that it was appropriate to take out the MPAA, RIAA and AiPlex using a simple DDoS tool called LOIC, there is an interesting dynamic that as Panda Security says “Is the future of cyber protests”. Hactivism has been [...]
Open Source Security Revisited – With Enough Eyeballs, All Bugs Are Shallow
It is a common knowledge that, usually, Open Source projects are successful because of the developers scratching their personal itch. It often starts with a group of disgruntled developers frustrated with a proprietary software because it fails to satisfy their needs. The very fact that they are left helpless due to the absence of source [...]
Firehost Enhances Transparency Over Their Performance
Firehost, one of the managed hosting providers focussing more on security, today announced enhanced visibility and control for their customers on their servers. Yes, this is a cloud blog and Firehost is not a cloud provider per se. However, there are certain use cases for which Cloud is not 100% ready yet. One such scenario [...]
Surprising little information about Cloud Computing and Terrorism or Crime
All new technologies introduce security concerns, from faulty applications, to faulty configurations, to users who are simply dangerous in the new environment. A cloud computing infrastructure is no different from the basic idea of being misused, by an…
Government Cloud Computing Privacy Recommendations Privacy Thresholds
The CIO Council released a number of guidelines for Privacy Thresholds that government agencies should be aware of, but in the overall viewpoint of cloud computing and privacy, many of these recommendations simply make sense for companies that also deal with confidential information. The original file was released towards the end of august 2010 and [...]
Cloud Computing Security One Year in the Cloud
Over the last year I have been working on a project for where I work to see just what the threat level was for systems in the “cloud”.
Understanding VMware vShield Endpoint And Agentless Malware Protection
When I wrote my analysis on VMware’s VMworld 2010 announcements earlier this week, I didn’t cover a product which piqued my interest. It is about VMware’s moves to beef up virtualization and cloud security through their vShield offering. I decided to wait because I wanted to talk to one of VMware’s partners, Trend Micro, before [...]
Questions to Discuss with your SaaS Provider
Today I’m practicing the part of the Lazy Blogger, who just points to what others write… Two years ago Krish wrote about Questions To Ask Before Trusting a Cloud Vendor. His focus was largely infrastructure, security, data ownership, privacy and service level. He listed 14 questions, not because it was some magic number, but he [...]
Novell Announces The General Availability Of Its Cloud Security Service
Novell has been talking about cloud and cloud security for more than a year now and, slowly, we are getting a glimpse of where they are going. After realizing that Cloud has taken off in a big way, Novell has been trying to position themselves as a serious cloud player with a stronger emphasis on security. [...]
