Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Cloud Security Journal
Asserting control of the IT environment through collaborative and integrated identity and user access strategies create the necessary visibility. Security is not an all-or-nothing proposition. And that’s part of the problem. It creates blind spots; gaps in vulnerability. Partly becaus...
Increasing the I/O performance of next-generation data centers and cloud computing environments is essential for supporting enterprise e-commerce, database and email applications. To successfully deploy high-performance storage, it’s essential for storage appliance software to be flash...
Strong InfoSec strategies must answer the key questions of who is logging in, what is accessed, when was it changed and how is the IT landscape affected. Enterprise security can be a labyrinthine, complex beast with many moving parts, dozen upon dozen of requirements, needs, implicati...
The latest reports surrounding the surveillance programs of the NSA and their International counterparts reveal that these agencies have been able to decode the encryption methods some enterprises and organizations use to keep their online data private. While these headlines are likel...
For many enterprises, moving business processes and data to the cloud has become a next step for improving both operational and technological capabilities. The cost savings and efficiencies created by utilizing cloud applications continue to increase, including opportunities for more b...
The major retailer BCBG migrated to a cloud security platform and discovered the CloudAccess'SIEM and Log Management capabilities enhanced their abilities for enterprise security. There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in...
New reports show that when the NSA was conducting its surveillance programs, perhaps including XKeyscore and PRISM, the agency was not following its own legal guidelines. These reports, based on internal NSA audit reports leaked via the “Snowden leak”, showing the NSA violated its own ...
Restaurants, food service orgs feel the sting of security breaches via POS integration..ask Raleys, Schnucks, Subway, Zaxbys aned many others. Affordable real time monitoring must become a key priority. I love sushi. I love big fat burritos. I love tikka masala. So now that my taste b...
Part 2 of Cloud Monitoring Essentials presents 3 key actions to ensure that cloud users maintain a strong security posture. The cloud offers users agility and flexibility at, potentially, a far lower cost than a traditional data center model. However, with these benefits come risks f...
Some businesses today are nervous about moving to cloud-delivered technology because it means allowing their system data to reside somewhere other than their own data center. For some, this can be a tough concept to grasp, especially for those who have spent 25 years or more hosting th...
Enterprise organizations are bombarded daily with the myriad reasons to deploy their line of business applications in the cloud. Efficiency, flexibility, cost savings, agility – and the list goes on and on – are just some of the benefits exhorted by cloud computing supporters. And indu...
"When it comes to securing business information, taking the proper precautions on the front-end is well worth the time and effort," said Cbeyond director of information security Jeff Jenkins, as Cbeyond shared its top five tips to help businesses secure critical information, maintain b...
In the last five years, organizations have increasingly embraced cloud applications to help them innovate and transform their business. Applications that automate sales processes, HR management, collaboration, email and file sharing are growing fast and enabling organizations to meet t...
Want the secret to user provisioning/de-provisioning in an enterprise setting, The one word answer,…Integration.The question is why, how & with what? The need to credential authorized users to your network and other proprietary assets is clear. You only want those with the proper righ...
These days, it seems that every cloud provider claims that cloud is safer than your traditional datacenter. Is it though? In his General Session at 12th Cloud Expo, Rishi Bhargava, VP of Product Management for Datacenter and Server Security group at McAfee, helps you explore and addr...
For most enterprises, cost savings and increased efficiencies are the primary motivations for making the move to cloud computing. But recent studies from Gartner and other firms have identified concerns over cloud security and data privacy as being the leading barriers to cloud adoptio...
Cisco, in a diversification move, is buying Maryland-based cyber-security house Sourcefire for $76 a share in cash and retention bonuses, paying roughly a 29% premium to Monday’s closing price of $59.08. The pair means to combine their widgetry to protect users everywhere – from any ...
Behind every cloud service or cloud-based solution, there are real people... A robust ecosystem of solutions providers has emerged around cloud computing. But who are the CEOs & CTOs behind those providers, who are the internal and external entrepreneurs driving companies involved i...
Every cloud infrastructure can be home to potentially hundreds of thousands of vulnerable privileged accounts. The presence of automated hacking tools means improperly secured privileged logins are almost certain to give hackers free reign on the network and access to customers’ privat...
Ping Identity, the 11-year-old Denver company that provides secure cloud-ified single sign-on to half of the Fortune 100 and reportedly has its eye on going public next year, has raised a $44 million F round led by private equity house W Capital Partners, brought in to help with the IP...
Everyone has an opinion about the ‘Cloud’ and its effect on business – some believe it is dark and scary and fraught with unnecessary risk, while others would argue it’s silver lined and the path to greater business performance and cost savings. The truth is that the Cloud undeniably h...
For many companies with whom I talk, there isn’t a lack of IT talent when it comes to security--just a lack of hours in the day, computing resources and necessary headcount with specific expertise to change the culture from reactive to proactive and strategic risk management. Executive...
HyTrust, the cloud automation security company, has gotten a new funding and strategic pal in In-Q-Tel (IQT), the venture arm of the CIA and other American black ops. HyTrust said the undisclosed investment, which is supposed to tickle its technology at scale, was a direct result of ...
Australian Government agencies have some new regulations to consider when they are contemplating moves to the cloud, particularly clouds hosted outside of Australian borders. These guidelines, known as “The Australian Government policy and risk management guidelines for the processing ...
Few things in this world are guaranteed, but when it comes to the health of a small business, guaranteeing you're backed up in the event of a disaster is of the utmost importance. There are so many ways that cloud computing can streamline a business, yet one real advantage often goes...
When organizations look to protect sensitive data at rest in the cloud or in transit on the way to it, there are two primary obfuscation strategies most consider – tokenization or encryption. But some enterprises may not know the details of how these methods work or how they differ. A...
That’s some serious savings, even in a state where just about everything seems to cost just a bit more. A recent study has found that moving common software applications used by 86 million U.S. workers to the cloud could save enough energy annually to power Los Angeles for a year. Th...
Every day, employees make tradeoffs between productivity and security, which means routine security training is necessary for safeguarding company and customer data. Common sense alone is inadequate. For instance, do most of your employees think it’s okay to connect an encrypted USB st...
As with other industries, the daily operations of law enforcement and criminal justice organizations rely heavily on obtaining, holding and sharing sensitive data. The FBI’s Criminal Justice Information System (CJIS) is responsible for providing many critical pieces of data that crimin...
Microsoft and Engine Yard, the Platform-as-a-Service, announced a strategic alliance Wednesday to deliver a commercial-grade open source-based platform on top of Windows Azure’s on-demand infrastructure. Engine Yard Cloud will be available in the Azure Marketplace beginning July 31. ...
The personal cloud will be the main catalyst in bringing services otherwise unavailable to developing nations. While businesses have been deploying cloud technology for some time, it's only recently that personal cloud services have emerged. The rise of the personal cloud means conten...
The cloud security challenge is about more than new technologies, architectures and business models. It is about change. The organizational process of cloud adoption and migration executed by disparate IT teams and business units delivers point cloud and security solutions that create ...
The cloud will soon supplant on-premise security initiatives. IT is at a crossroads: the acceptance of cloud-based computing as the chief business driver. Erasmus Wilson, the celebrated Oxford professor once proclaimed, "When the Paris Exhibition [of 1878] closes, electric light will ...
For many organizations, cloud computing has become an integral part of their everyday business. Many companies are relying on cloud applications for fundamental operations such as CRM and email and are looking to increase utilization of the cloud for other functions. For others, adopti...
Organizations of all sizes are challenged because of an industry-wide deficit of information security professionals. Compounding this problem is the steady adoption of cloud-based services, including software and infrastructure as a service, where information security is not always a c...
Nowadays every single CIO, CTO, or business executive that I speak to is captivated by these three new technologies: Big Data, API management and IoTs (Internet of Things). Every single organizational executive that I speak with confirms that they either have current projects that are ...
Enterprises should have a clear understanding of potential security benefits and risks associated with cloud computing to set realistic expectations with their cloud provider. With this baseline knowledge, enterprises can effect changes in security and privacy that are in the best inte...
Amazon Web Services said Tuesday that its GovCloud (US) in all US AWS regions has gotten an Agency Authority to Operate (ATO) from the US Department of Health and Human Services (HHS) under the Federal Risk and Authorization Management Program (FedRAMP) requirements at the moderate-imp...
Cloud service providers store data all over the globe, and are constantly moving that data from one datacenter to the next for reasons as wide-ranging as cost considerations and redundancy requirements. Does this mean that the requirements outlined in varying data residency laws and pr...
What is the most secure way to authenticate electronic data? Until recently, many technical people would have answered ‘cryptographic keys’ without blinking. But recent headline events – and a ‘biggie’ last year – have raised serious doubts about the ability of cryptographic keys to pr...