(c)iStock.com/LeoWolfert

By Paul Fletcher, Security Evangelist at Alert Logic

Despite the pervasive use of the cloud to handle complex, secure workloads, many organisations question whether the cloud is natively secure. They still think that the security of a system depends on their ability to touch and control a physical device. Visibility from layer one (physical) up to layer seven (application) of the OSI Model gives us security professionals a good gut feeling.

Veteran systems administrators are challenged to both embrace the cloud as being inherently secure, and share responsibility for the ultimate security of the environment. This can be a tall order for these professionals who are used to having complete control of IT systems and security controls. However, as with most challenges in IT, properly skilled staff and good processes are the foundation to a secure framework. Leveraging a shared security responsibility model can help organisations struggling to meet IT demand while implementing security best practices on the cloud.

Cloud security advantages

The advantages of using the cloud versus on-premises are well documented. From a security standpoint, one of the biggest advantages is the ability to easily scale and deploy new cloud systems with security features already enabled (as part of a pre-set image) and deployed within a specific security zone. In order to take advantage of this, organizations should integrate the native cloud security features built-in by their provider.  These features include built-in security groups for access control, tags (or labels) to organize and group assets to create security processes and technology commensurate with those assets, and the use of the Virtual Private Cloud (VPC) as a network segmentation option so that each VPC can be managed and monitored in accordance with their level of data sensitivity.

With cloud innovations growing exponentially there are many security technology options that include encryption, anti-virus, file integrity management, identity and access management, vulnerability testing, email encryption, intrusion detection, DDOS, anomaly detection, virtual private network (VPN), network and web application firewalls, along with log collection, analysis and correlation.  Also, organisations need to have people and processes focused on the care and feeding of these technology solutions.

Cloud security pitfalls

The same threats to any IT infrastructure apply to cloud security, but the technology options to defend against them can be limited in scope. It is important to source those that have been designed from the ground up to integrate with the cloud infrastructure providers they’re servicing. When organisations appreciate and understand where their responsibilities begin and end, this is where the integration of people, process and technology gives synergy to the security posture of an organisation.

Maximising the advantages of cloud security

The advantages of security in the cloud are leveraging the built-in security functionality of a cloud provider.  Commitment to training and educating staff can bridge the gap for organisations to maximise the performance of the cloud while maintaining proper secure procedures.

It is key to have dedicated professionals committed to continued education on cloud infrastructure and security best practices. Finding and retaining those individuals can be challenging which is why many organisations turn to a cloud security services provider to be their trusted advisor and subject matter expert.

Cloud security providers enable organisations to refocus their IT talent to on core business initiatives rather than cloud security and infrastructure maintenance. These providers go beyond the value in time, cost, and efficiencies gained to provide peace of mind that the provider is taking every measure to help ensure ongoing security requirements are met.

The post The Key to Maximizing the Advantages of Cloud Security appeared first on Logicworks Gathering Clouds.

(c)iStock.com/tarik kizilkiya

Google’s infrastructure as a service (IaaS) offering Compute Engine lost connectivity across all regions for 18 minutes on April 11 after problems experienced with a bug in its network configuration management software.

In a status update discussing the outage and how it occurred posted yesterday, the search giant confirmed the event affected Compute Engine only, and bemoaned how its ‘canary step’ process – a configuration deployed to a single site to ensure there are no issues with upstream failures – had a software bug. The result was that the push system wrongly believed there were no issues with the new configuration, and therefore happily began its rollout resulting in dropped traffic.

“The Google engineers who had been investigating a localised failure of the asia-east1 VPN now knew that they had a widespread and serious problem,” a post from Benjamin Treynor Sloss, the interestingly titled ‘VP 24×7’ at Google, reads. “They did precisely what we train for, and decided to revert the most recent configuration changes made to the network even before knowing for sure what the problem was.

“This was the correct action, and the time from detection to decision to revert to the end of the outage was thus just 18 minutes,” Sloss adds.

Naturally Google has apologised to its customers, and has also thrown in discounts of service credits up to 25% of impacted Compute Engine and VPN applications for those affected ‘to underscore how seriously we are taking this event.’ Previously, Google’s cloud has fallen over due to a connectivity fault in February last year, and an issue with manual link activation back in November.

Google says that the latest issue is under control meaning there is no risk of a reoccurrence, while its engineering teams will be working on prevention, detection, and mitigation systems over the next ‘several weeks’ to aim to ensure this sort of thing won’t happen again.

Throughout history, industrial revolutions have hinged on the power of automating processes. While automation today offers many benefits, imagine if you could automate thousands – or even millions – of processes simultaneously? This is the next potential wave of innovation, and it’s the organizations that are “geographically dispersed” or “automation heavy” that will benefit the most.
While long-range communications and connectivity have become increasingly easier to attain, businesses need to be able to break down their isolated islands of automation in industry to achieve comprehensive and connected automation at scale. For example, there always has been a clear line dividing operations technology (OT) and information technology (IT) networks. The emergence of the Internet of Things (IoT) blurs that line as industrial operations head in the direction of complete connectivity for all devices on a network – including those remotely located in the field. With new dedicated access layer platforms, IoT data can be analyzed, acted upon and transmitted from anywhere in an Industrial IoT (IIoT) network.

read more

Stop me if you’ve heard this one before: there’s another side to the Internet that isn’t just about connecting people. The Internet of Things (IoT) is about connecting virtually any “thing” or machine. They could range from personal wearables to smart homes, smart cities’ infrastructure, utilities, transportation, and manufacturing. You’ve probably heard by now; the IoT is far bigger than the Internet of people, and it’s growing fast. Gartner says the IoT will grow 30 percent in 2016, reaching 6.4 billion devices, with more than five million new devices connected daily. It’s expected to continue growing to 20.8 billion devices by 2020.

read more

In the rush to compete in the digital age, a successful digital transformation is essential, but many organizations are setting themselves up for failure. There’s a common misconception that the process is just about technology, but it’s not. It’s about your business. It shouldn’t be treated as an isolated IT project; it should be driven by business needs with the committed involvement of a range of stakeholders.

read more

This is an excerpt of some concepts from his upcoming book, NANOKRIEG: BEYOND BLITZKRIEG, a book covering the changes in Military Infrastructure, Strategies and Tactics needed to win the War on Terrorism. It includes chapters on cyberterrorism and cyberwarfare.
With the latest terrorist occurrences in Brussels, Belgium, and Paris, France, on hard targets, we tend to equate terrorism with overt acts of small groups in shootings, stabbings, and bombings of people in order to disrupt their day-to-day lives and create fear in a region’s economy.

read more

Over the last few years, more and more businesses have been embracing the cloud-based technologies for their CRMs, customer service, project development and management, accounting, etc. The reasons of the trend are pretty obvious – all you need to access cloud services are web browser and Internet connection, what allows cloud-based companies to minimize maintenance costs and to boost productivity.

read more

Major new trends in technology are translating into disruption, and for the innovative business — opportunity.
The next BriefingsDirect technology innovation thought leadership discussion focuses on how major new trends in technology are translating into disruption, and for the innovative business — opportunity.

From invisible robots, to drones as data servers — from virtual reality to driverless cars — technology innovation is faster than ever, impacting us everywhere, broadening our knowledge, and newly augmenting processes and commerce. We’ll now explore the ways that these technology innovations translate into business impacts, and how consumers and suppliers of services and goods can best prepare.

read more