For most enterprises, cost savings and increased efficiencies are the primary motivations for making the move to cloud computing. But recent studies from Gartner and other firms have identified concerns over cloud security and data privacy as being the leading barriers to cloud adoption. In this piece, Ron Ross of the National Institute of Standards and Technology (NIST) and Purdue University professor, Eugene Spafford, discussed the question of whether adopting the cloud actually brings more or less risk to an enterprise.
Ron Ross’s belief is that a portion of an enterprise’s operational complexities can be mediated by moving certain types of data to the cloud. He specifically believes that when a company is able to classify data as critical versus not as sensitive, it helps organizations identify what data can be moved to the cloud without the same level of concern over security. Moving less sensitive data off premise reduces complexity by decreasing the data the enterprise must manage and secure internally. This shift in data storage essentially puts the security concerns on the public cloud provider and removes it from the organization.

read more

These days, it seems that every cloud provider claims that cloud is safer than your traditional datacenter. Is it though?
In his General Session at 12th Cloud Expo, Rishi Bhargava, VP of Product Management for Datacenter and Server Security group at McAfee, helps you explore and address the security challenges and considerations for public cloud (IaaS, PaaS and SaaS).
Rishi Bhargava is Vice President of Product Management for Datacenter and Server Security group at McAfee, Inc. He is responsible for Product management and strategy for datacenter solution. A visionary and technology enthusiast, he is also driving all Embedded Security Products Initiatives at McAfee. With over 12 years of diverse experience in product development and product management, he has a reputation for turning small ideas into successful market leading products.

read more

Cisco, in a diversification move, is buying Maryland-based cyber-security house Sourcefire for $76 a share in cash and retention bonuses, paying roughly a 29% premium to Monday’s closing price of $59.08.
The pair means to combine their widgetry to protect users everywhere – from any device to any cloud – before, during and after an attack.
They say that the evolution of the “Internet of Everything” is making discrete security products useless against dynamic threats and that Sourcefire can provide highly automated, continuously aware threat detection including next-generation intrusion prevention systems, next-generation firewalls and advanced malware protection.

read more

A key advantage of AWS and the cloud is that it is dynamic and can be scaled according to need. That advantage, however, can cause security nightmares. With that in mind, here are five easy tips to ensure that you keep up your end of the bargain.
Use ‘least privileging’ when permissioning. What does this mean? It means use either the templates AWS provides or create your own to insure that users are not given more access than they require. Use AWS’ resource level controls. This is equally critical when considering programs that are gaining API access. Do not over permission and carefully control privileges.
AWS allows MFA. Use it for privileged accounts. Similarly, create and enforce policies to insure that passwords are appropriately complex and secure for all accounts. Ensure that your security groups are properly configured and permissioned.

read more

As with every technology, definitions almost immediately become muddled when it becomes apparent that the technology is going to “change the world.” SDN is currently suffering from this phenomenon and it appears that cloud continues to suffer from it. Let me present Exhibit AAAA:
Which Cloud Delivery Model is Right for Your Business?
Private clouds are great solutions for organizations looking to keep their hardware locally managed.

read more

Google cloud platform has come up with great innovations in the field of web development and storage. It allows you to develop your websites, applications, data storage on the Google’s infrastructure. With Google cloud platform you can build your websites or applications faster without worrying about the scaling and servers. Google Cloud platform is like a big umbrella that composes of innumerable resources which make the computing, database management, storage and application development processes quite easier. Also Google assures reliability and robustness. The computing workloads are increasing day by day by leaps and bounds and therefore Google has introduced various cloud based services that run on its own infrastructure.

read more

Of the concerns people have about cloud security today, data control and data loss rank high—just second behind BYOD according to Infonetic’s April 2013 report. No wonder the market for cloud-based security services is growing at 69%.

Despite the popularity of texting and social networking, email remains the preferred method of communication in the enterprise, transporting not only the data within the messages themselves but via the attachments they carry with them.

While most large enterprises have had the management and security of email mostly under control for sometime, the migration of email to the cloud requires proper planning and new methods of management to keep sensitive data from getting into the wrong hands—whether its unlawfully transferred or stolen, or simply accidentally sent where it shouldn’t have been.

For enterprises that are moving email to the cloud, here are some points to keep in mind:

• Consider …

Jim Hagemann Snabe, whose contract was supposed to run through 2017, has apparently tired of his half of SAP’s CEO job and will be stepping down next May leaving the post solely to Bill McDermott, a 51-year-old American.
The plan then is for the 47-year-old Dane, who’s been responsible for SAP’s product development, to join the German company’s supervisory board (provided 25% of SAP’s shareholders vote for him).
Supposedly he wants to see more of his family. In a canned statement he said, “After more than 20 years with SAP, I have decided that it is time for me to begin the next phase of my career, closer to my family.”

read more

“With all the attacks that have been going on recently around the password where users are no long under threat individually but en masse, we decided to scrap the password and replace it with something visual,” explained Terry Woloszyn, Founder & CEO of Leeward Security Ltd, in this SYS-CON.tv interview with Cloud Expo Conference Chair Jeremy Geelan at the 12th International Cloud Expo, held June 10–13, 2013, at the Javits Center in New York City.
Cloud Expo 2013 Silicon Valley, November 4–7, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading Cloud industry players in the world.

read more