Category Archives: cloud security

Kii and KDDI say their joint platform will make IoT safe on cloud

Secure cloudJapanese telco KDDI is working with Internet of Things (IoT) cloud platform provider Kii to create a risk averse system in which enterprises can develop mobile apps.

The KDDI cloud platform service (KCPS) is described as a mobile back end as a service (mBaaS) offering that uses Kii’s software to create mobile and IoT apps on a private network. The two companies have worked together on ways to apply cloud disciplines for efficient sharing of resources, contained within the confines on an Intranet environment. The object of the collaboration is to allow companies to develop machine to machine systems, without exposing them to the public cloud while they are in development.

According to KDDI, the KCPS uses the telco’s Wide Area Virtual Switch to integrate a number of different virtual network layers with Kii’s software. Together they create a new level of fast connections across the Intranet. KCPS also provides a service environment for intranet-conscious customers who need high standards of security and enterprise functions without resorting to the public Internet, according to the vendor.

KDDI claims this is the first instance in which both Intranet and Internet services can work seamlessly with any mobile application developed on the KCPS platform.

KDDI’s application development support will allow developers to build better quality, lower priced applications in a short period of time, it claims. The platform is designed to help developers manage application development, devices and data, while providing essential features like push notifications and geo-location information. KCPS should be compatible with mobile apps on Android and iOS, according to KDDI.

“As the IoT gains mass acceptance, we see tremendous value helping mobile app developers get more IoT devices into the hands of consumers,” said Kii CEO Masanari Arai, “our collaboration will use the cloud to build the backend support of these apps in Japan.”

Gemalto’s cloud-based encryption now available in Microsoft Azure marketplace

Mobile securitySecurity vendor Gemalto is to sell its SafeNet ProtectV encryption system on the Azure Marketplace. This means Microsoft’s Azure users will find it easier to encrypt and protect data and applications in the cloud and meet compliance regulations, it claims.

Gemalto says SafeNet ProtectV simplifies the protection of data. It encrypts each virtual machine created in the cloud in its entirety and extends this protection to attached storage volumes. By automating this process it saves users from the aggregated admin burden of configuring each virtual machine individually. Though the process is automated, SafeNet ProtectV allows customers to separate security administration duties. This means security enforcers can exert ‘granular’ levels of control and establish clear accountability with audit trails and detailed compliance reporting, it claims.

Maryland-based SafeNet was bought by Gemalto in August 2014 for US$890 million. SafeNet technology protects 80 per cent of the world’s intra-bank fund transfers and it employs 550 cryptographic engineers. Gemalto specialises in the protection of data, digital identities, payments, and transactions, at all points from the point of sale to the data centre.

The cloud infrastructure services market is on target to be a $42.7 billion industry in the next four years, said Gemalto’s encryption product VP Todd Moore. But, he said, that momentum will only be maintained if cloud services like Azure can meet the top levels of security and compliance.

“Easy implements of strong data protection and security in the cloud are a major consideration when moving sensitive workloads,” said Moore. Gemalto’s strategy is to make robust encryption frameworks simple so companies can move to the cloud with confidence – and ProtectV provides the audit controls, according to Moore.

Adding companies with cloud-based data encryption, like Gemalto, will convince more companies that it’s safe to use the cloud, according to Nicole Herskowitz, Senior Director of Product Marketing at Microsoft Azure. “Azure Marketplace provides customers with choice, flexibility and access,” said Herskowitz.

Okta raises $75m in funding as cloud identity management leader is valued as $1.2 bn

identity access managementCloud security vendor Okta has raised $75 million from existing shareholders, taking its market valuation at $1.2 billion.

A specialist in identity and mobility management, Okta raised the finance from lead investors Andreessen Horowitz, Greylock Partners and Sequoia Capital. New investment has been attracted from Khosla Ventures, Altimeter, Glynn Capital and others.

Since its founding in 2009, Okta has now raised a total of $230 million.

Okta has added to its management team with Michelle Wilson, former general counsel at Amazon, joining as the first independent director on its board. In addition, Okta has appointed Michael Guerchon, ex-Riversoft HR man, as its Chief People Officer and Jon Runyan as its General Counsel. Runyan, formerly a partner in Goodwin Proctor’s technology companies practice, will oversee the company’s legal affairs worldwide.

In September Okta announced a ‘substantial investment’ in private cloud infrastructure rented from Amazon Web Services in Germany. An additional disaster recovery facility has been established in Eire. The use of the AWS facilities was a move to manage all European data in a single facility within Europe.

“We’re at an important inflection point where IT leaders, product developers and industry analysts see the critical role identity plays in connecting people, apps, devices and organizations,” said Todd McKinnon, Okta CEO, “Okta pioneered cloud-based identity management, which set us up to become the foundation for secure connections.”

Okta stakeholder Ben Horowitz, co-founder of investment partner Andreessen Horowitz, described Okta as the ‘runaway market leader in identity management’.

“This new round of funding will expand their scope and bring that solution to the world,” said Horowitz.

Since its start-up in 2009, Okta has won 2,500 customers globally catering to demand for cloud security with its identity management service.

Meanwhile, Cybersecurity vendor Webroot announced new channel to market for its cloud based services, in a partnership with New Zealand-based distributor exceed. The agreement gives retailers, IT resellers and managed service providers access to Webroot’s cloud-based big data analytics, automated machine learning and intelligent endpoint security.

Distributors, resellers and service providers are revising their business model to focus on cloud services, giving security vendors the scope for rapid expansion, according to Justin Tye, Exeed’s managing director. “We selected Webroot for its flexible, fast, and effective solutions, as well as its business model that clearly supports a multifaceted sales strategy,” said Tye.

Microsoft unveils cloud security plans for Adallom amid rising cloud unrest

Cloud securityMicrosoft has announced its plans for Israeli founded cloud security firm Adallom, the cloud security firm it bought for a reported $250 million.

Detail of the plans for its new acquisition was unveiled in a Microsoft blog by corporate VP for cloud and enterprise marketing Takeshi Numoto. Though reports of the acquisition emerged in July details of Microsoft’s cloud security strategy have only just been unveiled.

The frequency of advanced cybersecurity attacks has made security ‘top of mind’ among cloud users, according to Numoto. The acquisition of Adallom will expand Microsoft’s existing identity assets by acting as a cloud access security broker, allowing customer to see and control application access, Numoto explained. It will also protect critical company data stored across cloud services. Adallom helps secure and manage popular cloud applications including Salesforce, Box, Dropbox, ServiceNow, Ariba and Microsoft’s own Office 365.

Adallom will complement existing Microsoft offerings as part of Office 365 (serving in a monitoring capacity) and the Enterprise Mobility Suite (EMS), which includes Microsoft’s Advanced Threat Analytics system. Microsoft had previously bought another cloud-security vendor, Aorato, with Israeli Defence Force ties, in 2014. Aorato was rebranded as Advanced Threat Analytics.

Adallom’s technology monitors the use of software-as-a-service applications and was created by founders 2012 by Assaf Rappaport, Ami Luttwak and Roy Reznik who met while serving in intelligence for the Israel Defense Forces.

The unveiling of Microsoft’s cloud defence plans coincides with an independent report, by Osterman Research, that 76 per cent of UK firms are concerned about the lack of security in the cloud, with consumer-grade cloud storage of corporate documents being named as the chief cause of unease.

The report found that employees preferred consumer-focused file sync and share (CFSS) solutions to enterprise-grade file sync and share (EFSS) solutions in the workplace, and often failed to consider the security risk posed by CFSS solutions.

Services that will be monitored by Microsoft’s new cloud security acquisition, such as Dropbox, which allow consumers to instantly sync files across all devices, but do not provide the same protection of information as EFSS, were identified in Osterman Research’s report as a particular cause for concern.

“Use of CFSS over EFSS significantly increases corporate risk and liability,” the Osterman Research report warned.

“We are thrilled to welcome the Adallom team into the Microsoft family,” said Numoto in his Microsoft blog, “cybercrime will persist in this mobile-first, cloud-first era, but at Microsoft we remain committed to helping our customers protect their data.”

Cloud broker Netskope raises $75 million for analytics based security enforcement services

Secure cloudCloud security firm Netskope has received $75 million to develop its policy enforcement systems for cloud applications.

Describing itself as a cloud access security broker, Netskope raised the investment in a Series D funding round led by Iconiq Capital. Existing investors Accel Partners, Lightspeed Venture Partners and the Social + Capital Partnership also participated.

Netskope monitors and enforces policy on data shared across cloud applications. It aims to give companies an instant view of the use of their data and creates plans of action to prevent betrayed confidences and information leakage. In May 2014 investors staked $35 million in a Series C round of funding. It total, the company has raised $130 million in investment.

Data protection for cloud based apps is an emerging niche in the security market which, according to analysis by Gartner, has a market value of $5 billion. The new genre of Cloud Access Security Brokers solves problems that cannot be addressed by traditional firewalls, according to Gartner.

Netskope’s founder claims that the company differentiates itself by being more precise, and going deeper into the data. This, says founder and CEO Sanjay Beri, helps customers gain better understanding of their data’s exposure.

While cloud apps give the workforce better tools and flexibility, the IT department has to manage the proliferation of data shared across the masses of unsanctioned cloud apps, said Beri. Since there are often ten times more cloud apps in use than IT departments are aware of, this is creating a massive security problem, which Netskope aims to solve, according to Beri.

“Only Netskope provides surgical visibility and control for all cloud apps, whether sanctioned by IT or not,” said Beri. Mobile apps in particular will create security problems for enterprises, as the bring your own device trend continues, according to Netskope, which offers a data loss prevention system that examines 400 different file types across over 3000 different data identifiers. Its own internal figures suggest that 90 per cent of the apps used by its enterprise customers are unsanctioned and not considered as enterprise ready. In addition, 13.6 per cent of those app users have had their account credentials compromised.

The new capital will be used to expand sales, marketing, customer success, engineering and research operations worldwide, adding to its current 250 person headcount. New data centres are planned for Asia-Pacific and Europe to meet growing demand.

Microsoft Plans to Buy Security Firm Adallom

Microsoft is set to be paying 320 million dollars in cash for Adallom, a startup with software for monitoring the use of cloud-based services. A source has claimed all 90 employees, including the 30 in the US, will function an independent unit of Microsoft and will manage material related to cybersecurity for Microsoft.

While Microsoft has refused to comment on the supposed deal, the Wall Street Journal claims, “According to the people familiar with the matter, Adallom, which employs 90 people world-wide, will continue to operate from Israel, building up Microsoft’s cybersecurity-focused operations in the country.” The first to report the deal were Israeli media outlets Calcalist and Globes, with reports later coming from the Wall Street Journal.

ht_microsoft_cc_120823_wg

Microsoft has continued making the cloud a priority throughout the whole company, and building an intelligent cloud platform is one of three areas of investment for the company. Cloud security is vital to the company as they switch to more internet based occupations, hence the move to purchase Adallom. Usage and revenue from application Office 365 has increased during the first quarter of 2015, and Microsoft want to protect this trend.

This is just one of Microsoft’s myriad of partnerships and acquisitions this year. Microsoft has previously attained a provider of machine learning technologies for e-discovery and information governance. The company’s software uses advanced text analytics to perform multidimensional analyses of data collections, intelligently sorting documents into themes, grouping near-duplicates, and isolating unique data. In addition,  Microsoft has purchased N-trig and Aorato.

The post Microsoft Plans to Buy Security Firm Adallom appeared first on Cloud News Daily.

Salesforce Adds Security Service

Salesforce has recently announced Shield, a set of services that expands the security and compliance tool sets of developers creating apps on the Salesforce1 platform for regulated industries. The service adds auditing, encryption, archiving and monitoring services to Salesforce1 to make it easier for developers to ensure that cloud apps meet the security, compliance and governance requirements of their organization and industry standards. Shield may be explored in a drag-and-drop interface instead of requiring app developers to search through code.

cloud security

Tod Nielsen, executive vice president of Salesforce1 Platform, said “[Companies] in regulated industries have struggled to take full advantage of the cloud due to regulatory and compliance constraints. With Salesforce Shield, we are liberating these IT leaders and developers, and empowering them to quickly build the cloud apps their businesses need, with the trust Salesforce is known for.”

Shield will have three main features: Field Audit Trail, Data Archive and Platform Encryption. Field Audit Trail allows developers to monitor data exchanged through their apps to ensure that it is kept up to date and compliant with industry regulations; it may track data changes for up to 10 years. Data may be deleted when no longer needed. Data Archive allows historical data that needs to be kept for a long time to be stored, which helps ensure data is available when needed. Platform Encryption allows developers working on the Salesforce1 platform to encrypt data without affecting the way it is used by other areas of the business so that they do not need specialist hardware or software.

The post Salesforce Adds Security Service appeared first on Cloud News Daily.

Open API Efforts Begin

Ciphercloud and the Cloud Security Alliance (CSA) have been working to fill a gap in the cloud access security broker market. It is a new working group for defining a uniform Open API. The group is led by CipherCloud and also includes from Deloitte, Infosys, Intel Security and SAP. The Open API looks to define a standard for the emerging cloud access security broker (CASB) space. CASB will cover four categories: data protection, threat prevention, visibility and compliance.

csalogo

Cloud identity is mainly handled by Security Assertion Markup Language (SAML) assertions, which can enable federated identity across cloud vendors. Chenxi Wang, vice president of Cloud Security & Strategy at CipherCloud, explains that identity management is only part of the battle in cloud security, and that the API will cover not only identity management but also data classification, data protection and access management.

Wang describes, “We will not propose new protocols to replace SAML, but instead, we will fill gaps where existing standards are lacking. For instance, how does the enterprise specify to the cloud service that a particular piece of data and content can only be stored in a particular geography? You can’t do that today automatically.

“This Open API effort will standardize the specification, control and assessment across the tiers of the cloud infrastructure, which will in turn significantly lessen the work on the developers’ part and hence expedite time to market for cloud adoption. The immediate goals of this effort are to issue specifications for the API framework, reference architecture documents, as well as a few whitepapers. After that, we may propose to incorporate that as part of the CSA STAR, if the industry embraces the API standards.”

The group is focused on its immediate goals first and foremost. While the groups formation was announced in late June, it is expected to begin operations in July.

The post Open API Efforts Begin appeared first on Cloud News Daily.

Cisco to Acquire OpenDNS

Cisco has announced that it plans to buy cloud security company OpenDNS for $635 million. This amount is to be paid in cash and assumed equity awards, plus retention based incentives for OpenDNS, according to information released by Cisco.

OpenDNS provides a cross-platform online threat-protection service that Cisco will utilize to increase its own security, stating, “broad visibility and threat intelligence from the OpenDNS cloud delivered platform.”

Hilton Romanski, leader of business development at Cisco, said, “The acquisition will extend our ability to provide customers enhanced visibility and threat protection for unmonitored and potentially unsecure entry points into the network, and to quickly and efficiently deploy and integrate these capabilities as part of their defense architecture.”

Open-dns-logo

OpenDNS will join the Cisco Security Business Group and the deal is expected to close during the first quarter of fiscal 2016.  David Ulevitch, founder and CEO of OpenDNS, said,  “We’re not going anywhere and OpenDNS as you know it will continue to work as it does today.” While OpenDNS has over 50 million users, it has only 10,000 paying customers and runs 24 data centers.

Cisco has stated, “The burgeoning digital economy and the Internet of Everything are expected to spur the connection of nearly 50 billion devices by 2020, creating a vast new wave of opportunities for security breaches across networks.”

Hilton Romanski also added “As more people, processes, data and things become connected, opportunities for security breaches and malicious threats grow exponentially when away from secure enterprise networks.”

The post Cisco to Acquire OpenDNS appeared first on Cloud News Daily.

CSA, CipherCloud look to standardise APIs for cloud access security brokerage

The CSA and CipherCloud are leading an initiative to standardise API implementation for cloud access security brokerage

The CSA and CipherCloud are leading an initiative to standardise API implementation for cloud access security brokerage

The Cloud Security Alliance (CSA) and cloud security vendor CipherCloud are forming a working group to jointly develop best practice around API deployment for cloud access security brokerage services.

Cloud Security Open API Working Group, which at its founding will include contributions from Deloitte, InfoSys, Intel Security, and SAP among others, will jointly define protocols, guidelines and best practices for implementing data security services – encryption, tokenisation and other technologies – across cloud environments.

The CSA said the working group plans to develop API specifications and reference architectures to guide cloud-based data protection.

“Standards are an important frontier for the cloud security ecosystem,” said Jim Reavis, chief executive of CSA.

“The right set of working definitions can boost adoption. This working group will help foster a secure cloud-computing environment – a win for vendors, partners and users. Standardising APIs will help the ecosystem coalesce around a universal language and process for integrating security tools into the cloud applications,” Reavis said.

Pravin Kothari, founder and chief executive of CipherCloud said: “Cloud is the killer app for security innovation. But currently, inefficiencies at the technical level in the form of custom connector protocols can hold back innovations in cloud security. Defining a uniform set of standards can enable us all to operate from the same playbook. As a pioneer in [cloud access security brokerage], we are excited to co-lead this initiative with CSA to accelerate security across clouds.”

The initiative may enhance the ability to integrate various cloud services securely according the Jeff Margolies, principal at Deloitte, and open up what is generally considered to be a fairly closed, proprietary-dominated space.

“Currently the cloud security ecosystem lacks basic integration standards for connecting third-party security solutions to cloud applications, platforms and infrastructure,” he said, adding that the working group may help consolidate standards among vendors and cloud customers.