RSS Alerts

Share

More services

Geoff Webb

Job title:
senior product marketing manager, Credant Technologies

Areas of expertise:
security, compliance, security process automation, security information, event management

Biography:
Geoff Webb has over 20 years of experience in the tech industry and has provided commentary on security and compliance trends, and written on a number of related topics for such journals and websites as: CIO Update, The Tech Herald, Compliance Authority, Virtual Strategy Magazine, TechBlind, Internetnews.com, e-Finance & Payments, Law & Policy, Dark Reading, BankInfoSecurity.com, Payment News and InfoSecurity.com, among others. As a senior manager of product marketing at Credant Technologies, Webb is responsible for compliance, security management and configuration control solutions. Prior to Credant, Webb held management positions at NetIQ, FutureSoft, SurfControl and JSB. Webb holds a combined bachelor of science degree in computer science and prehistoric archaeology from the University of Liverpool.

Tag Cloud

CompliancecloudSecuritycloud securityhackingMalwareDavid HarleyWiFi

Bloggers

Blog

Dropping In

Magnus Stjernstrom recently pointed out Cisco’s advice on how to detect Dropbox traffic originating in your network.

It’s interesting given what it tells us about the concerns of Cisco's customers:

"Dropbox network traffic may consume network resources and may be a vector for data that is leaving the network."

Indeed.  While most security organizations aren't going to be overly concerned with network resources getting consumed (unless a sudden pattern change indicates an attack is under way) they are definitely increasingly concerned with the potential for data loss through this kind of cloud storage-and-sharing services.

At first glance and in the grand scheme of things it may not seem all that significant. But it is. It speaks volumes on the effect of consumerization of cloud, and the inherent risk this is introducing to enterprise organizations.

Tools that allow you to move, store and share files in the cloud are incredibly useful, especially when you need to show Grandma the vacation snaps from Disneyland. But, that usefulness is becoming a real problem. As consumers bring these same services into the enterprise, they expect to be able to use them in the same way. 

Need to quickly share some data? Throw it up into the cloud. Want to make sure that presentation is available when you arrive on site? Keep a copy where you know it will be available – up in the cloud.

The problem for enterprises is that the level of security required to protect the location of a new oil field is much different from the group hug with Minnie Mouse at Disney. Yet the cloud storage provider doesn't differentiate between the two (and indeed, we should be glad that they can't.) 

So it's not surprising that Cisco is offering advice on ways to track cloud storage use on the network: they're responding because their customers are worried.

Of course, the people who should really be worried are the storage vendors themselves. If they are increasingly seen as a security problem by enterprises, they invite the same kind of treatment that P2P file sharing received ten years ago. If a solution isn't found soon, they may start to find their client application appearing in the AV vendor's signature files, ready to be hunted down and killed along with the rest of the malware. And then everyone loses out.

Posted 22/08/2011 by Geoff Webb

Tagged under:Cloud,Security,Dropbox,Cisco

Comment on this blog

You must be registered and logged in to leave a comment about this blog.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012