enStratus Cloud Management Platform Selected For CSA Certification
The Cloud Security Alliance (CSA) was formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing. Yesterday, at the Black Hat USA 2010 Conference, CSA announced industry’s first certification program on secure cloud computing. CSA has been [...]
Google Apps Shapes Up Nicely In Spite Of Noise Around City Of LA Bungling
The noise surrounding Google App’s City of LA deployment doesn’t appear to be dying down anytime soon. Yesterday, another article highlighting Google’s failure came up on the basis of a leaked email from the City of Los Angeles. The April 13 letter, addressed to L.A.’s information technology and government affairs committee from City Administrative Officer Miguel [...]
Amazon Takes Necessary Steps Towards Luring The Enterprises
Amazon Web Services is on a roll lately. They have been announcing variety of features, both big and small, and they even announced their datacenters in Asia-Pacific. Being a runaway leader in marketshare and poster boy for cloud computing, AWS has been receiving lot of positive press and some flak. Usually, the criticism is about [...]
Openstack Joins Cloud Audit
When Openstack project was announced on Monday, there were two reasons for my excitement. The foremost being its open source licensing with a potential to disrupt the industry. The second one was the tweets by Chris Hoff (@beaker) whose initial reaction was positive and his thinking that Openstack and CloudAudit can work together. Whether we [...]
Are You Still Using Your Real Credit Card Online? You Shouldn’t.
So iTunes got hacked and some users saw unauthorized purchases up to $600 in their accounts. I’m shocked. Not at the fact that iTunes got hacked, but that users exposed their credit accounts to such extent. Websites do get hacked, it’s a fact of life. Users need to change their passwords, consider what other sites [...]
The Case of the Disappearing Posts – No Malware Here
Well, isn’t it funny Ben just wrote about crutches, and this morning we almost needed them here @ CloudAve… Earlier readers who used the Chrome browser may have been greeted by this warning: Our support team @ Zoho (thanks, guys!) quickly jumped on the case and determined that the CloudAve itself does not contain malware, [...]
Facebook May Not Care About Your Privacy But It Definitely Cares About Your Security
Facebook may not give you a damn about your privacy and it may have gone rogue. But, it is serious about ensuring the security of your account. Today, they have announced some steps to ensure that there are no unauthorized access to your facebook account. Even though this effort is highly laudable, it is somewhat hypocritical [...]
Facebook Big Mac Attack – Not For Me, Thanks. Top 10 Reasons to …
Oh, just what the Doctor has ordered: more junk food coming your way, left and right, from the social network that’s taking over the Internet: Facebook. McDonald’s will be the first advertiser taking advantage of Facebook’s soon-t0-be-releasing location feature. The first reaction from most is this will kill leading location-based services: Hey Foursquare, Time To [...]
Atlassian Security Breach and Warning >>> Update: Apology and Disclosure
Well, well, hours after telling you not to change passwords, now I am telling you to change it… but this time with good reason. Minutes ago I’ve received a email from Atlassian: We are sending you this message because we experienced a security breach and suspect that your Atlassian customer account password details (only) may [...]
The Password Conundrum
I’m not a security expert and don’t pretend to be one, but half-cooked advice on fundamental security issues p***es me off big time. Today it’s a lengthy article at the Boston Globe: Please do not change your password. It’s based on a study by a Microsoft researcher, who concludes that regularly changing passwords is a [...]
Seven Deadly Sins in Cloud Computing Security
A few days back the Cloud Security Alliance released their paper on the Seven Deadly Sins for Cloud Computing Security. This is a very good guide for security engineers to at least read. The more traditionally minded will ignore it, but those who are working in the cloud space, this gives us something to talk [...]
Nothing says Information Security Fail quite like 75000 compromised computers
Information Security people in companies worldwide are reeling this morning with the news of just how large the Google break in was, and the sheer number of company’s and computers compromised in the latest round of attacks. Nothing says “Information Security Failed” more than this simple number, 2,500 companies, 75,000 computers and counting, and hundreds [...]
LastPass – So Good I’ll Dismiss Any Concerns
I spend a significant amount of time online – and do so using a myriad of online services – from accounting to banking, from email to my various blogs, from e-commerce sites to airline services – I live in a world of usernames and passwords. Like others I tend to have a few variations on [...]
In The Era Of Mashups, MashSSL Could Be A Savior
Image via Wikipedia From Web 2.0 era to the current SaaS era, we are seeing a proliferation of Mashups, not just in the consumer space but also in the enterprise space. Well, the idea of mashing up of data from two or more data sources/applications is not unique to these times. We have seen such [...]
Thinking About Security Is Old School? – A Dangerous Trend
Recently, I was listening to a podcast in which analysts were debating about public and private clouds. During the course of the discussions, one of the participants, a SaaS vendor, made a comment that disturbed me a bit. I think it is important that I address this issue here at Cloud Ave. It is my [...]
