Subscribe to Email Updates

Subscribe

All about Virtualization and Cloud Security | Recent Articles:

Why Aurora is more than a sunrise

Nov 25 by Shaun Donaldson

A short while ago, Amazon announced a new offering called Aurora. In a nutshell, Aurora is a MySQL database engine wrapped as a service. It’s relatively cheap, and Amazon handles the nitty-gritty of the thing.

It begs the question, why does it matter? As Amazon declares, it’s the fifth SQL database engine that they have made available. So, why the big deal? It is a big deal because it says quite a bit about how Amazon operates.

First, let’s have a look at the product page:

 

Amazon Aurora provides up to five times better performance than MySQL at a price point one tenth that of a commercial database while delivering similar performance and availability.”

 

Read More

Government Agencies: Prime Targets for Security Breaches

Nov 20 by Robert Krauss

Up to now in our series about security in various sectors, we have been covering different types of businesses and the information security and compliance challenges and issues they face. In this post, we examine the security challenges and needs of the public sector.

Because of the array of services that federal, state and local government agencies offer to the public, and the vast amounts of information they gather and share about citizens and businesses—including financial data—these organizations are a likely target for cyber attacks.

The United States federal government is the largest employer in the country and maintains a “massive volume” of data on both its employees and constituents, according to Verizon’s 2014 Data Breach Investigations Report, which looked at security threats in 20 different industries.

Read More

No Big Surprise: Security Lessons Fail to Hit Home

Nov 18 by George V. Hulme

Despite years of data security failures, enterprises fail to heed the many lessons learned.

I wasn’t surprised when the Home Depot breach notification hit my inbox this past weekend. But I knew that rarely only one shoe drops following a breach disclosure of the 56-million-user magnitude Home Depot disclosed earlier.

Here is the second shoe:

 

Today, we are providing an update on the investigation into the breach of our payment data systems. Our investigation to date has determined the hackers stole separate files containing email addresses, in addition to the payment card data we announced in September that may have been compromised.”

Read More

Re-thinking “trust”: Security in software-defined networking

Nov 13 by Dave Shackleford

One of the hottest topics in IT today is software-defined networking, or SDN. SDN separates the control layer for the network from the underlying hardware typically associated with networking functionality. Applications that interact with the network are also separate, and can potentially communicate with the control plane via APIs. The control plane and hardware also communicate with emerging protocols and APIs like OpenFlow. A related concept is Network Functions Virtualization (NFV), where network capabilities like NATing, firewalling and access controls, and intrusion detection are all decoupled from the hardware, as well, usually in a virtual machine or software-based implementation.

If this all sounds confusing, it can be, so here’s the short version - hardware is a commodity, and all network controls and functions are now software somewhere else. That “somewhere else” is where things get interesting, and make for some compelling pros and cons related to security.

Read More

Many SMBs are not in the business of IT, but need cloud more than ever

Nov 12 by Shaun Donaldson

The National Small Business association published a report, the “2013 Small Business Technology Survey”. While it contains interesting information, one particular quote stood-out for me.

 

Not surprising, there was a huge jump in small firms utilizing cloud computing. In 2010, it was just five percent—today, 43 percent are on the cloud.”

Read More

It's 1 a.m. – Do You Know Where Your Data Is?

Nov 11 by Brian Honan

Cloud computing provides us with many benefits. It allows us to scale services quickly in accordance with demand. Cloud computing enables us to deploy new systems, services, and applications rapidly in response to business needs. It also allows us to outsource certain functions to Cloud Service Providers that specialise in those areas allowing our internal IT departments to focus more on key business requirements.

Finally, another benefit cloud computing provides is to transfer the task of securing our data to providers that may have more skills, specialists, and budget to do so.

Read More

4 Things You Should Know Before Running A Botnet

Nov 06 by Shaun Donaldson

 1) They understand what they are doing

 

Herding a botnet isn’t easy these days. The people doing it understand that it is decidedly illegal to run malicious software on computers that are owned by others. They are professionals; where there’s money, there is dedicated will. Over the years, we have observed that the business of malware has gone from creating nuisance software (almost accidental attacks) to stealthy, sophisticated networks of compromised systems.

Read More

Revisiting the “Goldilocks Zone”: Moving toward the virtual data center

Nov 05 by Dave Shackleford

There is no question that the footprint of today’s data center is rapidly moving toward the virtual. This changes so many things about the way IT operations functions that we must start asking hard questions about security, continuity, and control of our data. Perhaps one of the biggest questions is this - what happens when everything is a file?

All of our virtual server and desktop instances are simply files run by hypervisors.

The trend toward Software-Defined Data Centers (sometimes abbreviated SDDC) is moving fast. Increasingly, organizations are implementing Software-Defined-Networks (SDN), systems, and application instances, with less focus on hardware-based tools and standalone software installation.

Read More

A ‘Teachable Moment’ for VARs and MSPs: Security in the Education Sector

Nov 04 by Robert Krauss

The next entry in our ongoing series covering industry-specific security issues is the education sector. Whether it’s higher education or K through 12, education has its own unique set of information security challenges and risks.

As with other industries, managed service providers (MSPs) and value-added resellers (VARs) have a great opportunity to share their expertise on security threats and solutions with clients in education. But they need to have a clear understanding of what technology and security managers in the industry are trying to achieve, and the unique hurdles facing organizations in this environment.

Read More

Cloud Security

Virtualization Security




Subscribe to Blog Updates

Latest Tweets