Posts Tagged ‘ Cloud Security ’

Lessons We Can Learn from the Code Spaces Attack

June 20, 2014
By
CloudComputing

It was all over the web on June 18: Code Spaces went off the air, as we discussed during the Virtualization Security Podcast on 6/19. The reasons are fairly normal in the world of IT and the cloud. They were hacked. Not by subverting the Amazon cloud, but in ways considered more traditional—even mundane. An…

Read more »

Are US Tech Companies Suffering a Slow and Agonizing Death?

January 30, 2014
By
VirtualizationSecurity

Are United States technology companies now suffering from a slow and antagonizing death from what is being called “The Snowden Effect”? The disclosures by the infamous or notorious former National Security Agency that gave a glimpse into the extent of the NSA worldwide spying effort that have prompted companies to avoid and or leave US…

Read more »

Lowest-Hanging Fruit of Cloud Security

December 10, 2013
By
VirtualizationSecurity

At nearly every conference, we talk about the lowest-hanging fruit of virtualization security, but we often miss the discussion about the lowest-hanging fruit of cloud security. They are not the same. Are we talking about good SSL hygiene? That is a part of it, but there is something even more basic than that. John Dickson,…

Read more »

A Tale of Two Clouds

December 5, 2013
By
CloudComputing

Recently I have had the pleasure of discussing security with a number of cloud providers. Specifically, we talked about what security they implement and how they inform their tenants of security-related issues. In other words, do they provide transparency? I have come to an early conclusion that there are two types of clouds out there:…

Read more »

News: Sky High Networks provides Cloud Service Security Ratings

February 28, 2013
By
CloudComputing

There has been a dearth of intelligence reporting on cloud services and up until now we had to rely upon the Verizon Breach Report, Alert Logic's State of the Cloud report, the Enisa and other reports, but even so there was nothing specifically about a given cloud service outside the lightly used Cloud Security Alliances…

Read more »

Threats and Risks in the Cloud

November 29, 2012
By
CloudComputing

There are threats to the cloud and there are risks within the cloud. A recent article from Tech Target Search Security blog spurred several thoughts. The main claim here is that there are not enough people who can differentiate threats and risks enough to talk to business leaders who may know very little about security,…

Read more »

Gaining Visibility into The Cloud: Migration and Security

October 18, 2012
By
IaaSSec

On many a Virtualization Security Podcast I tend to mention that we need greater visibility into the cloud to judge whether Cloud Service Provider security measures are good enough. But why should we bother? I am not saying we should not be concerned about a cloud's security but that we should as tenants be concerned…

Read more »

Virtualization Field Day Delegates Discuss Cloud Security and Compliance

March 14, 2012
By
VirtualizationSecurity

The Virtualization Field Day delegates joined the Virtualization Security Podcast as guest panelists on 2/23 and the topic of the day was cloud security. There were questions about compliance, security of the tenant, and security of the administrators, and legal issues. There were answers from Rodney Haywood (Rodos), another Virtualization Field Day Delegate and cloud…

Read more »

Virtualization Security is NOT Cloud Security!

January 31, 2012
By

I and others look at Virtualization Security constructs with an eye towards Cloud Security, but they are not necessarily the same. Granted for some clouds, virtualization security can lead to cloud security but this really depends on how the cloud's architecture. Even so, what we know from Virtualization Security WILL apply to Cloud Security and…

Read more »

Featured Solutions