Tag Archives: security

Cloudflare, Funding, Google, Microsoft, News & Analysis, Qualcomm, startup

Cloud security start up Cloudflare gets $110 million in venture funding

Secure cloudGoogle, Microsoft and chip maker Qualcomm are among the investors to collectively stake $110 million in networking and cyber security start up CloudFlare, according to a report in Fortune.

Cloudflare offers services that speed up cloud systems and web sites while beefing up security. Its main market proposition is to speed up the functioning of any services used by enterprises at the edge of their networks. By doing so it provides a cheaper alternative to the traditional model of on-premise appliances.

Cloudflare claims enterprises can quickly set up cloud-based firewall, load balancing, WAN optimization, distributed denial of service (DDoS) mitigation, content delivery and domain name services services worldwide without needing any hardware. It claims that in one day it saved Chinese users more than 243 years of time that would have been collectively spent waiting for web content to load.

Last week Cloudflare finalized a joint venture with Chinese Internet giant Baidu that allows both US-based companies and Chinese-based companies to use CloudFlare’s website performance service while adhering to Chinese data laws.

Although CloudFlare maintains no physical operations in China, it has worked with Baidu to set up technology within Baidu’s facilities that mimic CloudFlare’s services elsewhere, Prince said.

The funding round was led by Fidelity Investments with Google Capital, Microsoft, Baidu and Qualcomm Ventures, the investment arm of Qualcomm all contributing funds. CloudFlare now has $182 million in total funding.

Matthew Prince, CEO of the start up, said Cloudflare didn’t need the funding as much as it needed the credibility that comes with top brand association. The confidence that comes with the backing of Google and Microsoft could convince nervous buyers that this is a solid investment when the company prepares itself for an initial public offering, it was reported. However, the IPO is unlikely to happen this year, said Prince, and he hinted that it would come no earlier than 2017.

Analytics, IBM, News & Analysis

IBM launches Cloud Security Enforcer to counter employee data leakage failures

Security concept with padlock icon on digital screenIBM has created a Cloud Security Enforcer service to give companies a more commanding view of all third-party cloud apps used by their employees and new powers to secure them. The Enforcer aims to give companies more control over granting access to corporate data and applications.

Most companies can only see a fraction of the cloud applications used by their workforce, according to IBM’s research. An Ipsos poll, conducted on behalf of IBM in July, found that one-third of employees at Fortune 1000 companies are sharing and uploading corporate data on third-party cloud apps. These employees increasingly engage in risky practices on these tools, such as signing in with their personal email addresses, using weak passwords or re-using corporate log-in credentials, says IBM.

The cloud’s productivity dividend for companies is being undermined by the loss of control of corporate data and the lack of employee protection, it says. The Millennial generation (those born between 1982 and 2002) are the worst offenders and the biggest users of cloud apps, according to IBM’s study. By 2020 half the employees at Fortune 1000 companies will be millennials and of these 51 per cent use cloud services at work. One in four employees links these apps to his or her corporate log-in and password, leaving loopholes through which hackers can gain access to company networks.

Rogue activities on unsanctioned apps, known as ‘Shadow IT’, lead to a loss of control that IBM’s new cloud-based tool combats by scanning corporate networks, finding the apps that employees are using and providing a more secure way to access them. The system was built in partnership with file sharing app maker Box, which aims to strengthen the security of files shared over mobile devices and the web. IBM has also built secure connectors into Box’s file-sharing cloud app for Cloud Security Enforcer, as well as Microsoft Office 365, Google Apps and Salesforce with more apps connectors to be added to its catalogue.

The Cloud Enforcer users deep threat analytics from IBM X-Force Exchange, IBM’s global threat intelligence network, which is manned by a global network of security analysts which monitors the internet for malicious activity and analyses 20 billion global security events daily.

Internet of Things, IoT, IoT Security, Opinion

How IoT Security could change infrastructure forever

CybersecurityOn September 22nd and 23rd, the first-ever dedicated IoT Security conference and exhibition will take place in Boston.

While at first glance this may appear to concern a specific and rather specialized area, the relationship of the Internet of Things to the broad issue of human security may well prove much more far-reaching and fundamental.

After all, the development of the Internet itself was driven by a Cold War desire to create resilient computer networks that could withstand a nuclear attack. This threat inspired a whole new architecture for sharing and protecting information – one that was intentionally decentralized.

History suggests that precaution can be a key driver of technological innovation. In changing things to protect them, we often open up unforeseen new opportunities.

Which is why, if we return to 2015, there is something fascinating in seeing the same decentralized architectures applied to real-world infrastructures in the name of collective safety.

“When you apply this kind of Internet-type architecture to core infrastructure — whether it’s water or energy or transportation –  these systems start looking a lot more like the Internet,” says John Miri, Chief Administrative Officer at the Lower Colorado River Authority (LRCA) and a speaker at this month’s Boston event. “You start to see water systems, flood data systems and, hopefully, electric grids that are less centralized, more resilient and more difficult to disrupt.”

The LCRA is an 80-year-old institution with roots in the Great Depression, entrusted with providing reliable water, flood protection and electricity to Central Texas and beyond. The areas LCRA serves covers a number of the fastest growing cities in the United States, meaning LCRA faces some pretty substantial demands on its infrastructure.

“Providing the water and power to support growing communities and a growing business and industrial base is no small task,” Miri says. Indeed, LCRA has  broken ground on a quarter of a billion dollar new reservoir, the region’s first new water supply in decades.

Many of these additional demands make  safety and security more important than ever.

“LCRA is now the second largest electric transmission utility in Texas. Our high tension transmission lines go across a large portion of the state. Protecting the electric grid is a pretty hot topic,” Miri says.

These hypothetical threats encompass what Miri calls “bad actors,”  but also less hypothetical threats to the infrastructure.

“When you have a flood, we may have to intentionally shut down electric substations. Everyone knows electricity and water don’t mix – but even having the situational awareness to know that water is approaching a substation is very important to us in keeping the lights on. Using these kinds of smart networks to get a better picture of the threats and dangers to the power grid helps us protect it rather than just saying ‘build more,’” Miri says.

Similarly, a vast number of sensors throughout its Hydromet network enable LCRA to better monitor water levels – and to effectively manage floods.

“By adopting a new, more open, shared technology approach, we could expand the infrastructure we have for flood data collection at a 90% lower cost than if we had done it a traditional way. The technology  actually opens up our infrastructure to a very wide region that never considered it before. We can offer a level of flood monitoring across a wider region and  extend it rural and agricultural communities and other areas that might not have the resources to gain access to this technology.”

Looking ahead, Miri says, there are new opportunities to apply this decentralized, Internet-style architecture to other projects.

“I think when you look forward 10, 15 or 20 years, the whole infrastructure may work differently. It opens up new possibilities and business models that we didn’t have before. For instance, Texas is on the coast. As with any coastal area, we spend time thinking about desalination. Some of the work we’ve been doing on the Internet of Things  is making people think, maybe we don’t need a couple of giant desalination plants – which has been the approach in Australia and Israel – but a number of smaller plants that are networked together, and share the water more efficiently. In the longer term, IoT may actually change the infrastructure itself, which would be very exciting.”

It could be interesting to one day look back at this month’s inaugural IoT Security event and see how many of the topics discussed went on to fundamentally evolve and affect their wider respective domains.

Azure, cloud security, Gemalto, Microsoft, News & Analysis

Gemalto’s cloud-based encryption now available in Microsoft Azure marketplace

Mobile securitySecurity vendor Gemalto is to sell its SafeNet ProtectV encryption system on the Azure Marketplace. This means Microsoft’s Azure users will find it easier to encrypt and protect data and applications in the cloud and meet compliance regulations, it claims.

Gemalto says SafeNet ProtectV simplifies the protection of data. It encrypts each virtual machine created in the cloud in its entirety and extends this protection to attached storage volumes. By automating this process it saves users from the aggregated admin burden of configuring each virtual machine individually. Though the process is automated, SafeNet ProtectV allows customers to separate security administration duties. This means security enforcers can exert ‘granular’ levels of control and establish clear accountability with audit trails and detailed compliance reporting, it claims.

Maryland-based SafeNet was bought by Gemalto in August 2014 for US$890 million. SafeNet technology protects 80 per cent of the world’s intra-bank fund transfers and it employs 550 cryptographic engineers. Gemalto specialises in the protection of data, digital identities, payments, and transactions, at all points from the point of sale to the data centre.

The cloud infrastructure services market is on target to be a $42.7 billion industry in the next four years, said Gemalto’s encryption product VP Todd Moore. But, he said, that momentum will only be maintained if cloud services like Azure can meet the top levels of security and compliance.

“Easy implements of strong data protection and security in the cloud are a major consideration when moving sensitive workloads,” said Moore. Gemalto’s strategy is to make robust encryption frameworks simple so companies can move to the cloud with confidence – and ProtectV provides the audit controls, according to Moore.

Adding companies with cloud-based data encryption, like Gemalto, will convince more companies that it’s safe to use the cloud, according to Nicole Herskowitz, Senior Director of Product Marketing at Microsoft Azure. “Azure Marketplace provides customers with choice, flexibility and access,” said Herskowitz.

Bomgar, News & Analysis, Privileged Access Management

Bomgar launches system to secure cloud access for VIPs without a VPN

Cloud securityCloud security vendor Bomgar has unveiled its new Privileged Access Management (PAM) system aimed at securing cloud users.

The system protects ‘super users’ (i.e. elite workers) a task which market analyst Gartner has dubbed Privileged Access (AKA Privileged Identity) management. Securing those with privileged identities can take months and even years to complete, according to Bomgar, and often involves an extensive structural re-organisation.

Bomgar’s new PAM system will simplify this by through its use of cloud access control, it claims. The latest incarnation of Bomgar’s PAM allows security professionals to manage any VIP worker’s privileged access to cloud resources. It will also make it possible to conduct forensic searches on access activity and to monitor access from mobiles.

With companies facing rising numbers of cyber attacks, the complexity of management is making companies vulnerable, according to Bomgar, with VIP workers being especially vulnerable targets. Under the circumstances, a virtual private network (VPN) can become a liability, according to Bomgar, since the VPN can be hijacked by increasingly sophisticated hackers who know how to target key individuals. In both the 2013 Target and 2015 Ashley Maddison cyber attacks, the VPNs of privileged users gave hackers a foothold within a secure network, according to Bomgar sources.

Bomgar’s new PAM 15.2 offers cloud access controls, so that security managers can close all unnecessary ports, while still giving users shell and remote screen access. It supports Windows, Redhat, CentOS, and Ubuntu Linux VMs powered by AWS, Azure and VMWare. Its forensic search systems can audit log activity data across all privileged sessions so that auditors can identify critical security events, detect cyber breaches and compile forensic evidence. The audit trails can now be integrated with behavioural analysis tools. Mobile access consoles now make it possible to chaperone users directly from their Android or Apple devices. The mobile apps support access to internal critical systems from 3G and other mobile networks without needing a VPN.

“Hackers are constantly probing, infiltrating and compromising networks,” said Dan DeRosa, Bomgar’s SVP of product management, “meanwhile, securing privileged identities can take months. Our system is designed for easy implementation and to support current access processes.”

cloud security, Funding, Identity management, News & Analysis, Okta

Okta raises $75m in funding as cloud identity management leader is valued as $1.2 bn

identity access managementCloud security vendor Okta has raised $75 million from existing shareholders, taking its market valuation at $1.2 billion.

A specialist in identity and mobility management, Okta raised the finance from lead investors Andreessen Horowitz, Greylock Partners and Sequoia Capital. New investment has been attracted from Khosla Ventures, Altimeter, Glynn Capital and others.

Since its founding in 2009, Okta has now raised a total of $230 million.

Okta has added to its management team with Michelle Wilson, former general counsel at Amazon, joining as the first independent director on its board. In addition, Okta has appointed Michael Guerchon, ex-Riversoft HR man, as its Chief People Officer and Jon Runyan as its General Counsel. Runyan, formerly a partner in Goodwin Proctor’s technology companies practice, will oversee the company’s legal affairs worldwide.

In September Okta announced a ‘substantial investment’ in private cloud infrastructure rented from Amazon Web Services in Germany. An additional disaster recovery facility has been established in Eire. The use of the AWS facilities was a move to manage all European data in a single facility within Europe.

“We’re at an important inflection point where IT leaders, product developers and industry analysts see the critical role identity plays in connecting people, apps, devices and organizations,” said Todd McKinnon, Okta CEO, “Okta pioneered cloud-based identity management, which set us up to become the foundation for secure connections.”

Okta stakeholder Ben Horowitz, co-founder of investment partner Andreessen Horowitz, described Okta as the ‘runaway market leader in identity management’.

“This new round of funding will expand their scope and bring that solution to the world,” said Horowitz.

Since its start-up in 2009, Okta has won 2,500 customers globally catering to demand for cloud security with its identity management service.

Meanwhile, Cybersecurity vendor Webroot announced new channel to market for its cloud based services, in a partnership with New Zealand-based distributor exceed. The agreement gives retailers, IT resellers and managed service providers access to Webroot’s cloud-based big data analytics, automated machine learning and intelligent endpoint security.

Distributors, resellers and service providers are revising their business model to focus on cloud services, giving security vendors the scope for rapid expansion, according to Justin Tye, Exeed’s managing director. “We selected Webroot for its flexible, fast, and effective solutions, as well as its business model that clearly supports a multifaceted sales strategy,” said Tye.

acquisition, Adallom, cloud security, M&A, Microsoft, News & Analysis

Microsoft unveils cloud security plans for Adallom amid rising cloud unrest

Cloud securityMicrosoft has announced its plans for Israeli founded cloud security firm Adallom, the cloud security firm it bought for a reported $250 million.

Detail of the plans for its new acquisition was unveiled in a Microsoft blog by corporate VP for cloud and enterprise marketing Takeshi Numoto. Though reports of the acquisition emerged in July details of Microsoft’s cloud security strategy have only just been unveiled.

The frequency of advanced cybersecurity attacks has made security ‘top of mind’ among cloud users, according to Numoto. The acquisition of Adallom will expand Microsoft’s existing identity assets by acting as a cloud access security broker, allowing customer to see and control application access, Numoto explained. It will also protect critical company data stored across cloud services. Adallom helps secure and manage popular cloud applications including Salesforce, Box, Dropbox, ServiceNow, Ariba and Microsoft’s own Office 365.

Adallom will complement existing Microsoft offerings as part of Office 365 (serving in a monitoring capacity) and the Enterprise Mobility Suite (EMS), which includes Microsoft’s Advanced Threat Analytics system. Microsoft had previously bought another cloud-security vendor, Aorato, with Israeli Defence Force ties, in 2014. Aorato was rebranded as Advanced Threat Analytics.

Adallom’s technology monitors the use of software-as-a-service applications and was created by founders 2012 by Assaf Rappaport, Ami Luttwak and Roy Reznik who met while serving in intelligence for the Israel Defense Forces.

The unveiling of Microsoft’s cloud defence plans coincides with an independent report, by Osterman Research, that 76 per cent of UK firms are concerned about the lack of security in the cloud, with consumer-grade cloud storage of corporate documents being named as the chief cause of unease.

The report found that employees preferred consumer-focused file sync and share (CFSS) solutions to enterprise-grade file sync and share (EFSS) solutions in the workplace, and often failed to consider the security risk posed by CFSS solutions.

Services that will be monitored by Microsoft’s new cloud security acquisition, such as Dropbox, which allow consumers to instantly sync files across all devices, but do not provide the same protection of information as EFSS, were identified in Osterman Research’s report as a particular cause for concern.

“Use of CFSS over EFSS significantly increases corporate risk and liability,” the Osterman Research report warned.

“We are thrilled to welcome the Adallom team into the Microsoft family,” said Numoto in his Microsoft blog, “cybercrime will persist in this mobile-first, cloud-first era, but at Microsoft we remain committed to helping our customers protect their data.”

News

Censornets Newest Round of Funding

Censornet, a cloud security company, has recently announced a channel drive. It hopes to increase its partner base within the United Kingdom by upwards of 250 percent over the upcoming months. Censornet plans to work with distributor Blue Solutions to acquire 50 partners. Censornet has been an active participant in the email security sector since 2007 and was acquired by a group of experience industry member led by Ed Macnair.

The company has raised £2m in Series A funding to power the next phase of its growth, funding expansion of its channel teams and R&D. This round of funding comes in conjunction with growing risks of increased utilization of cloud application as mobile devices. Censornet has recently added three heads to both channel sales and management teams with plans of adding at least 5 more.

The round was led by London based Talis Capital; existing investors and management participated. Vasile Foca, Talis Capital founder, has plans to become an investor director on the Censornet . Ed Macnair has commented, “The entire CensorNet team are pleased to be working with Talis Capital and we welcome Vasile to the board. We are confident their experience in SaaS and cyber security will prove invaluable as we continue to grow an exciting business”

Vasile Foca, co-founder and director of Talis Capital, explained, “CensorNet has developed a market-leading product suite which caters to the needs of SMEs struggling to respond to ever more sophisticated cyber security threats.Their experienced team have a track record of building successful software businesses, so we are delighted to be working with them through the next stage of the company’s development.”

 

security

 

CensorNet specializes in cloud application control and analysis, allowing IT departments to monitor and control information flowing to and from cloud applications like Salesforce and Dropbox. Because more companies are utilizing SaaS applications, confidential information is out free in the cloud, outside of an administrator’s control. Alex Kurz, director of sales engineering at CensorNet, has stated, “From our perspective, that’s the logical place we the cloud application controller should sit, because the web gateway already has all the data – it just needs to be analyzed.”

 

The post Censornets Newest Round of Funding appeared first on Cloud News Daily.

cloud backup, Enterprise IT, Fujitsu, News & Analysis

New Fujitsu data protection appliance backs up hybrid IT

FujitsuFujitsu has announced its new Rapid Recovery Appliance, which it claimed will make it easier to install a cloud backup as a service (BaaS) offering. The new appliance will make Fujitsu’s globally available Fujitsu Cloud BaaS more resilient and secure, it claimed.

The pre-configured system is designed to be installed on the customer’s premises in order to give users of hybrid IT systems greater control over their data protection processes. The new system will solve the logistical problems created by the mixture of internal IT and external cloud services that many companies now have, according to Fujitsu.

The system should combine the benefits of a backup and recovery appliance with the convenience of cloud-computing’s ‘pay-as-you-grow’ pricing policies and data security. According to Fujitsu, it makes an enterprise’s data both secure and readily recoverable, wherever it resides.

The new Fujitsu BaaS automatically replicates data to the secure cloud for offsite data protection. It facilitates the rapid recovery of recent local backup data through the use of Fujitsu’s cloud-based backup data and retrieval services. The system uses deduplication technology from Seagate and compression techniques to minimise the cost of transferring large volumes of data across the cloud.

Fujitsu Cloud BaaS will use 256-bit AES encryption to convert data both in-flight and at-rest in both the onsite appliance backup vault and the cloud backup vault. The BaaS Rapid Recovery Appliance also provides automated, continuous cloud replication, helping to cut the costs and resources needed to maintain system integrity.

The pre-configured system will cut the storage footprint and minimise the bandwidth costs associated with cloud backup, said Fujitsu’s Global Offering Manager James Jefferd. The main business benefit, he said, is that it simplifies and speeds up a process that hybrid clouds could make more complicated for end users.

“With the trend toward a cloud service delivery model, IT buyers want easy-to-integrate cloud offerings that combine the benefits of cloud with existing assets,” said Jefferd. The BaaS Rapid Recovery Appliance can replace traditional on-site, tape-based backup with an easy to use flexible system, he said.

Gartner analyst Dave Russell predicted it would be good for remote-office and departmental computing environments. “Most organisations cite concerns over security as their top cloud issue. The greater issue is often latency, so a disk-to-disk-to-cloud model is emerging,” said Russell.

cloud security, Funding, Netskope, News & Analysis

Cloud broker Netskope raises $75 million for analytics based security enforcement services

Secure cloudCloud security firm Netskope has received $75 million to develop its policy enforcement systems for cloud applications.

Describing itself as a cloud access security broker, Netskope raised the investment in a Series D funding round led by Iconiq Capital. Existing investors Accel Partners, Lightspeed Venture Partners and the Social + Capital Partnership also participated.

Netskope monitors and enforces policy on data shared across cloud applications. It aims to give companies an instant view of the use of their data and creates plans of action to prevent betrayed confidences and information leakage. In May 2014 investors staked $35 million in a Series C round of funding. It total, the company has raised $130 million in investment.

Data protection for cloud based apps is an emerging niche in the security market which, according to analysis by Gartner, has a market value of $5 billion. The new genre of Cloud Access Security Brokers solves problems that cannot be addressed by traditional firewalls, according to Gartner.

Netskope’s founder claims that the company differentiates itself by being more precise, and going deeper into the data. This, says founder and CEO Sanjay Beri, helps customers gain better understanding of their data’s exposure.

While cloud apps give the workforce better tools and flexibility, the IT department has to manage the proliferation of data shared across the masses of unsanctioned cloud apps, said Beri. Since there are often ten times more cloud apps in use than IT departments are aware of, this is creating a massive security problem, which Netskope aims to solve, according to Beri.

“Only Netskope provides surgical visibility and control for all cloud apps, whether sanctioned by IT or not,” said Beri. Mobile apps in particular will create security problems for enterprises, as the bring your own device trend continues, according to Netskope, which offers a data loss prevention system that examines 400 different file types across over 3000 different data identifiers. Its own internal figures suggest that 90 per cent of the apps used by its enterprise customers are unsanctioned and not considered as enterprise ready. In addition, 13.6 per cent of those app users have had their account credentials compromised.

The new capital will be used to expand sales, marketing, customer success, engineering and research operations worldwide, adding to its current 250 person headcount. New data centres are planned for Asia-Pacific and Europe to meet growing demand.