Untitled Document
|
Enterprise Cloud Computing A Fistful of Fears: Our Top Five Security Issues
The industry as a whole does seem to have formed a rough consensus as to what our top security priorities are now
May. 1, 2012 09:30 AM
If you work in information technology and you passed through the city of London over the last week it would have been hard not to notice the InfoSec IT security conference being held at the Earl's Court exhibition center.
Logically of course, certain themes and trends came out of this event, which (at a macroeconomic level at least) may provide some insight for chief information officers trying to analyse the state of their current security operation as they try to quantify the vulnerabilities that they may be harboring within their firm's operational structure.
Whether we are all genuinely on the same page technologically, or whether our social media streams are now so inextricably interconnected is hard to say - but the industry as a whole does seem to have formed a rough consensus as to what our top security priorities are now.
Let us try and summarize...
Cloud based risks - As any cloud vendor/hosting provider will tell you, the cloud itself is not inherently insecure; the risk factor here is simply a question of what type of data you decide to host inside a virtualized hosted environment (i.e., mission-critical or less sensitive) and what encryption mechanisms you place over it.
Despite this "essential truism" there is disquiet, discord and discomfort among many companies considering cloud migration procedures stemming from security fears, real or perceived.
Privacy-related risks - Sir Tim Berners-Lee has called for web companies like Facebook and Google to stop profiteering (as he puts it) from selling information people don't even know these companies have. At the same time, business interaction networks company Axway has revealed findings that show that since April 2010, 35% of complaints to the Information Commissioner Office (ICO) involved disclosure of personal data and security breaches despite Data Protection Act (DPA) penalties and the threat of prosecution that corporations face.
According to Axway's John Thielens, "Alarming as that figure is, it comes as no surprise that consumers in the UK are uniting in voicing their concerns about how their personal identifiable information is being leaked by trusted private and public organizations without their knowledge. Conversely, and of heightened concern, is that the average data breach costs UK companies £79 per record, of which £37 equates to indirect costs - such as loyal customer defection and brand erosion."
Mobile related risks - Okay so who wants to say it first? Bring Your Own Device is the most pertinent mobile-related IT security risk and threat at the moment. This is of course brought about by the so-called consumerization of IT where users takes their own high-end smartphones, tablets and laptops into the work environment and connect them (wired or wirelessly) to the corporate network in an unsecured and unmanaged manner.
You can expect to see more and more "solutions" directly addressing this issue, especially as users need to use these devices to remotely synchronize data with the corporate network when they are on the move.
Advanced persistent threats - Common understanding of the problem of advanced persistent threats is that a wide range of attack techniques and vectors (advanced) will be used for a period of consistent activity focused on a specific target (persistent) to produce an attack to compromise and damage (threaten) a commercial firm's or a public body's data stack.
Security intelligence and deep analytics - Some (but not all) of the problem here is at the application development level as we start to drill down into exactly what data sources individual applications use to execute. HP Fortify Software security consultant Lucas von Stockhausen has said that with HP Fortify Solutions developers have the possibility to test their code for security vulnerabilities before going live. This can be carried out either locally on their desktops, centrally on a build server, or in the cloud.
"With this approach developers get all the information to fix the issues and deliver secure code for desktop, server, web and mobile applications. Together with the industry-proven Software Security Assurance (SSA) methodology, HP can integrate this seamlessly into the existing development processes without security becoming a burden for the developer," said Stockhausen.
So if April was the month for security awareness, then let's hope that May and onwards are the months of security competency for companies in all verticals and of all shapes and sizes.
• • •
This post was first published on the Enterprise CIO Forum.
About Adrian BridgwaterAdrian Bridgwater is a freelance journalist and corporate content creation specialist focusing on cross platform software application development as well as all related aspects software engineering, project management and technology as a whole.
Reader Feedback: Page 1 of 1
Untitled Document
| Virtualization Expo Looms Large on SYS-CON.TV |
 |
Cloud Expo 2010 East Opening Keynote by Oracle
View this Keynote, recorded live at the Jacob Javits Center, featuring Richard Sarwal, CSVP of Development and Hasan Rizvi, Senior Vice President of Oracle Fusion Middleware Products.
|
|
The Science of Doing Business in the Clouds
During this Cloud Expo Day Two Keynote, Tony Bishop will describe Adaptivity’s systematic and prescriptive approach that combines Fit-for-Purpose infrastructure technologies and management capabilities in order to create the optimal economics, environment and autonomics needed for the business to leverage cloud services.
|
|
Pete Malcolm, CEO of Abiquo Live From New York City
Join Pete Malcolm, CEO Abiquo, for this vendor-neutral keynote, where you will learn about the next chapter in the Virtualization story. What it is, what it means, why open standards are key, and most importantly, how it will revolutionize the way your organization manages IT.
|
|
The Time is Right for Enterprise Cloud Computing
During his keynote, Rich Marcello, Senior Vice President of Unisys, will discuss the latest technologies and approaches that help knock down these barriers, creating the opportunity for attendees to now consider cloud managed services as part of their data center journey to secure "IT as a Service".
|
|
Accelerating Innovation with Cloud Computing
Join Shelton Shugar, Senior Vice President of Cloud Computing at Yahoo! for a keynote elaborating on how Yahoo! and consumers benefit from Yahoo! Cloud Services and will describe Yahoo! Cloud Services and technologies. |
 |
Virtualization Articles & Feature Stories By Liz McMillan  Organizations across the world are increasingly starting to see the benefits of moving more and more services to the cloud. The focus on the cost-saving potential of cloud is rapidly shifting to completely transforming the business with cloud. As organizations are investing enormous sums on technology they are starting to realize that in order to maximize the return on investment and accelerate the business transformation process the first area of focus should be people. By ensuring the organiza... May. 22, 2013 09:00 AM EDT | By Maureen O'Gara  Big Data and the cloud each contributed a start-up to the stock market last Friday.
Tableau Software, a profitable chart-making BI data visualization firm, IPO’d on the Big Board in New York sporting the highly desirable ticker symbol DATA and selling at the open for $31 a share. It rose to $50.75 by the end of the trading day, up nearly 64%.
It has subsequently inched up further and ran as high as $59.60 before falling back a few bucks. Its market cap was $1.9 billion at noon Tuesday. May. 22, 2013 09:00 AM EDT | By Maureen O'Gara  Amazon Web Services said Tuesday that its GovCloud (US) in all US AWS regions has gotten an Agency Authority to Operate (ATO) from the US Department of Health and Human Services (HHS) under the Federal Risk and Authorization Management Program (FedRAMP) requirements at the moderate-impact level.
FedRAMP is a US government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.
Since AWS has demonstrat... May. 22, 2013 08:45 AM EDT |
Latest Virtualization Conference News By Jeremy Geelan  With Cloud Expo New York | 12th Cloud Expo [June 10-13, 2013] hurtling towards us, let's start to take a look at the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference coming up June 10-13 at the Jacob Javits Center in New York City.
We have technical and strategy sessions for you all four days dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where do they ... Feb. 21, 2013 09:30 AM EST | By Jeremy Geelan  What changes in the cloud computing and big data landscape should we be expecting in 2013? In this article we offer a round-up of industry experts' opinions as they were asked by Cloud Expo Conference Chair Jeremy Geelan to preview the year ahead. Dec. 18, 2012 01:00 AM EST | By Elizabeth White  What does Cisco's Cloud CTO have in common with the CTOs of Rackspace, Progress Software, Eucalyptus Systems, SOA Software, and the Cloud CTO of Symantec, as well as the CEOs of Nebula, Cordys, Adaptive Computing, and Virtustream, and the Executive Director of the OpenStack Foundation?
The answer is that they are all speaking here in Silicon Valley from today, at 11th Cloud Expo | Cloud Expo Silicon Valley - are you joining them?
The high-energy event is a must-attend for senior technolog... Nov. 5, 2012 08:20 AM EST |
Best Recent Articles on Cloud Computing & Big Data Topics  By Jeremy Geelan The Arlington, Virginia-based National Science Foundation has just released its "Report on Support for Cloud Computing" - in response to the America Competes Reauthorization Act of 2010, Section 524.
It is an absolute must-read for all concerned with current and future research projects in Cloud Computing. Reads: 8,358  By Jeremy Geelan "The volume of data we're generating now from machines pales in comparison to the volume of data we'll soon generate from our own bodies," says data security expert Dave Asprey. Writing in a Trend Micro blog, Asprey - who is one of the leaders in the emerging Quantified Self movement - explains his vision of a world in which personal biometrical data is shared via the cloud. Reads: 14,410  By Wolfram Jost Cloud computing has caught the attention of business leaders around the world in every
industry because of its enormous transformative potential. Visionary companies know that
the value of the cloud is far greater than the current focus solely on technology and operating
costs: when combined with a collaborative approach to designing processes, cloud computing
will change how we do business.
Reads: 19,899  By Elizabeth White Want to make sense of the hottest new concept in Enterprise IT?
Want to understand in just hours what experts have spent many hundreds of days deciphering?
Cloud computing is a technology that has rapidly evolving peppered with a lot of hype along the way. Customers find it hard to navigate through this and make sense of what aspects of this technology will give them real business benefit.
Cloud Computing Bootcamp, led by our 2013 Bootcamp Instructor Larry Carvalho, is a great way to get a practical understanding of this technology. We offer multiple days of actionable insight into what vendor offerings are currently available and help you comprehend their strategy.
The ever-popular Bootcamp, which is now held regularly around the world, is being held in conjunction with the 12th Cloud Expo, June 10-13, 2013, at the Javits Center, New York, NY. Reads: 10,472  By Larry Bettino Did you know that ninety percent of the data in the world has been created in the last two years? Every day, we create 2.5 quintillion (or 2.518) bytes of data, according to IBM.
As corporations across all industries globally are struggling with how to retain, aggregate and analyze this mounting volume of what the industry refers to as Big Data, it also provides a unique opportunity for innovative startups that recognize the business prospects Big Data presents. Big Data is not just unlocking new information but new sources of economic and business value.
Interactivity is driving Big Data, with people and machines both consuming and creating it. Digital companies focused on becoming good at aggregating and analyzing the data created by the end users of their product, who then provide their customers with solid insights taken from that data are at a distinct competitive advantage over others in the marketplace. Reads: 8,295  By Elizabeth White Industry-specific clouds are those PaaS, IaaS, and PaaS services that are tailored for a specific vertical, such as transportation, retail, finance, and health care. IDC sees a $65 billion market in these industry solutions for 2013, rising to $100 billion in 2016.
The value of industry-specific clouds is that businesses within a vertical can connect to applications, processes, and databases that are pre-defined for that vertical within a public or private cloud. They can extend processes and databases into the business domain, versus defining the data and processes within a generic cloud-based platform.
So, are industry specific clouds right for your business? What options are out there? How do you figure out the ROI? Reads: 6,114  By Pat Romanski SYS-CON Events announced today that Rackspace Hosting, the open cloud company, has been named "Platinum Plus Sponsor" of SYS-CON's 12th International Cloud Expo, which will take place on June 10-13, 2013, at the Javits Center in New York City, New York.
Rackspace® Hosting (NYSE: RAX) is the open cloud company, delivering open technologies and powering more than 205,000 customers worldwide. Rackspace provides its renowned Fanatical Support® across a broad portfolio of IT products, including Public Cloud, Private Cloud, Hybrid Hosting and Dedicated Hosting. Rackspace has been recognized by Bloomberg BusinessWeek as a Top 100 Performing Technology Company, is featured on Fortune's list of 100 Best Companies to Work For and is included on the Dow Jones Sustainability Index. Rackspace was positioned in the Leaders Quadrant by Gartner Inc. in the "2011 Magic Quadrant for Managed Hosting." Rackspace is headquartered in San Antonio with offices and data centers around the world.  By Liz McMillan 10th International Cloud Expo, held on June 11-14, 2012 at the Javits Center in New York City, featured four content-packed days with a rich array of sessions about the business and technical value of cloud computing led by exceptional speakers from every sector of the cloud computing ecosystem.
The Cloud Expo series is the fastest-growing Enterprise IT event in the past 10 years, devoted to every aspect of delivering massively scalable enterprise IT as a service.
We invite you to enjoy our photo album of the show - we'll be adding new images all week. Reads: 8,931  By Carmen Gonzalez Ulitzer.com announced "the World's 30 most influential Cloud bloggers," who collectively generated more than 24 million Ulitzer page views. Ulitzer's annual "most influential Cloud bloggers" list was announced at Cloud Expo, which drew more delegates than all other Cloud-related events put together worldwide. "The world's 50 most influential Cloud bloggers 2010" list will be announced at the Cloud Expo 2010 East, which will take place April 19-21, 2010, at the Jacob Javitz Convention Center, in New York City, with more than 5,000 expected to attend. Reads: 45,753  By Kevin Hartig Cloud computing is becoming one of the next industry buzz words. It joins the ranks of terms including: grid computing, utility computing, virtualization, clustering, etc.
Cloud computing overlaps some of the concepts of distributed, grid and utility computing, however it does have its own meaning if contextually used correctly. The conceptual overlap is partly due to technology changes, usages and implementations over the years.
Trends in usage of the terms from Google searches shows Cloud Computing is a relatively new term introduced in the past year. There has also been a decline in general interest of Grid, Utility and Distributed computing.
Likely they will be around in usage for quit a while to come. But Cloud computing has become the new buzz word driven largely by marketing and service offerings from big corporate players like Google, IBM and Amazon. Reads: 199,664  By Elizabeth White SYS-CON Events announced today that Dell Inc. has been named "Silver Sponsor" of SYS-CON's 12th International Cloud Expo, which will take place on June 10-13, 2013, at the Javits Center in New York City, New York.
For more than 28 years, Dell has empowered countries, communities, customers and people everywhere to use technology to realize their dreams. Customers trust Dell to deliver technology solutions that help them do and achieve more, whether they're at home, work, school or anywhere in their world. Learn more about Dell's story, purpose and people behind its customer-centric approach. Reads: 2,685  By Liz McMillan One of the most compelling promises of the cloud is that you can pull out a credit card and be working in minutes. No purchase orders to fill out, no equipment to wait for on the loading dock. Just instant access to the resources you need, when you need them. But accessibility comes at a price, and an unintentional consequence may be that you create yet another orphaned identity silo. Enterprise IT has spent years consolidating its mishmash of directories, only to discover that cloud now threatens to turn back their hard-won victories.
In his session at the 12th International Cloud Expo, Scott Morrison, CTO and Chief Architect at Layer 7 Technologies, will look at strategies to incorporate identity into cloud applications. Enterprise identity or social login can both be a part of your go-to-cloud strategy, but you must plan for this upfront, rather than try to retrofit identity and access control at a later date. Reads: 3,038 By Roger Strukhoff Cloud Expo, Cloud Expo East, Cloud Expo West, Cloud Expo Silicon Valley, Cloud Expo Europe, Cloud Expo Tokyo, Cloud Expo Prague, Cloud Expo Hong Kong, Cloud Expo Sao Paolo are trademarks and /or registered trademarks (USPTO serial number 85009040) of Cloud Expo, Inc. Reads: 16,957 |
Untitled Document
 |
|
Save $500
on your “Gold Pass” Registration! Call 201.802.3020 or click here to Register Early Bird Expires January 2nd.
|
 |
|
 |
|
|
Please Call
201.802.3021
events (at) sys-con.com
|
 |
| SYS-CON's Virtualization Expo, held each year in California, New York, Prague and Tokyo, is the world’s leading Cloud event in its 4th year, larger than all other Virtualization events put together. For sponsorship, exhibit opportunites and show prospectus, please contact Carmen Gonzalez. |
|
|
|
|
| Senior Technologists including CIOs, CTOs, VPs of technology, IT directors and managers, network and storage managers, network engineers, enterprise architects, communications and networking specialists, directors of infrastructure Business Executives including CEOs, CMOs, CIOs, presidents, VPs, directors, business development; product and purchasing managers. |
|
 |
Virtualization Blogs Live By Lori MacVittie  Don and I have four children, all of whom have had the fortune to take piano lessons (I'm not sure if the youngest would agree he's fortunate at this point in his life but at five, he's not really able to answer the question with any degree of wisdom, anyway. Come to think of it, not sure the other three would agree either. I'll have a chat with them next time they're home).
Anyway, most people who play piano understand the concept of "muscle memory". That's what allows me to sit down at a piano, without music, and play. We call it "memorization" but that's not what it is, at least not in th... May. 22, 2013 09:00 AM EDT | By Nicos Vekiarides  Our prior post, A Roadmap to High-Value Cloud Infrastructure: Disaster Recovery and Data Protection, discussed both the benefits and limitations of a cloud-based disaster recovery (DR) strategy. As we highlighted last week, traditional disaster recovery options leave open a huge hole: At one extreme are high-cost, quick recovery time options using hosted or colocation sites and at the other extreme are low-cost, long recovery time options such as tape or disk backup.
As a result, organizations who cannot afford a cold or hot standby site have been left to either cobble together a complicated ... May. 22, 2013 08:45 AM EDT | By Peter Silva  According to a ComputerWorld article citing a recent Gartner survey, about half the world’s companies will stop providing computing devices to employees and embrace some form of BYOD by 2017. They also noted that about 40% will offer a choice between employee owned or company issued while 15% say they will never support BYOD. While most surveyed felt there were benefits to BYOD, only about a quarter (22%) felt they have made a strong business case for it. This might have to do with the fact that many organizations are still in the exploratory process for BYOD and are looking for a mobile st... May. 21, 2013 03:11 PM EDT | By David Deans  Online collaboration has evolved during the last decade, delivering even greater value -- thanks to a new generation of business technology applications. Forbes Insights released "Collaborating in the Cloud," a Cisco-sponsored study examining the ways business leaders increasingly look at cloud collaboration as a way to increase productivity, accelerate business results and enhance innovation across borders and functions.
The research combines a global survey of more than 500 executives with 15 executive interviews.
"The ability to collaborate in the cloud is becoming a key driver of competi... May. 21, 2013 08:45 AM EDT |
Untitled Document
|
|
SARWAL
Oracle |
COFFEE
Salesforce |
KHAN
Sybase |
BISHOP
Adaptivity |
MALCOLM
Abiquo |
KHALIDI
Microsoft |
RILEY
AWS |
AZUA
IBM |
BARRETO
Intel |
CHAKRAVARTY
Novell |
CRANDELL
RightScale |
GAUVIN
Virtual Ark |
GROSS
Unisys |
SCHALK
Google |
YEN
Juniper Networks |
WILLOUGHBY
Compuware |
|
|
|
.gif)
