Tag Cloud

Bloggers

Blog

Follow and talk to Infosecurity's bloggers.

Follow Infosecurity's bloggers as they share their thoughts on the industry, technology, and much more. Our bloggers have been selected for their industry expertise. They welcome interaction, so we encourage you to add your opinions to theirs.

0
comments
By Jonathan Gohstand The increasingly global nature of business requires companies to collaborate more and more across borders, exchanging all manner of documents: contracts, engineering documents and other intellectual property, customer lists, marketing programs and materials, and so on. Unfortun ...
Posted 20 November 2013 by Cloud Security Alliance (CSA)
0
comments
Patching the Perpetual MD5 Vulnerability
By Gavin Hill Earlier this month, Microsoft updated the security advisory that deprecates the use of MD5 hash algorithms for certificates issued by certification authorities (CA) in the Microsoft root certificate program. The patch has been released so that administrators can test its impact before ...
Posted 18 October 2013 by Cloud Security Alliance (CSA)
0
comments
By Gavin Hill For years, cybercriminals have been taking advantage of the blind trust organizations and users place in cryptographic keys and digital certificates. Only now are vendors starting to respond to the use of keys and certificates as an attack vector. In late August, for example, Google ...
Posted 18 October 2013 by Cloud Security Alliance (CSA)
1
comment
By Kamal Shah Given the recent influx of cybersecurity attacks and the hubbub about the National Security Agency’s PRISM program, there is lot of talk about the importance of encryption to protect corporate data in the cloud. (PRISM is a clandestine data mining operation authorized by the US ...
Posted 03 September 2013 by Cloud Security Alliance (CSA)
0
comments
Learning from Operation PRISM
We’re obviously not even close to the end of the revelations around both Operation PRISM and Edward Snowden, but (avoiding political or ethical commentary on what happened) a few things are becoming clear around the challenges and best practices of dealing with the malicious privileged insider ...
Posted 15 June 2013 by Geoff Webb
0
comments
By Gerry Grealish Earlier this year, McKinsey & Company released an article titled “Protecting information in the cloud,” discussing the increased use of cloud computing by enterprises across several industries and the benefits and risks associated with cloud usage. The article reco ...
Posted 26 April 2013 by Cloud Security Alliance (CSA)
0
comments
By Joe Sturonas As the proliferation of data continues to plague businesses, the pressure is on for companies to migrate away from their physical data centers. Cloud computing is being adopted at a rapid rate because it addresses not only the costs for physical space, but also rising energy costs a ...
Posted 28 March 2013 by Cloud Security Alliance (CSA)
0
comments
How to Harden Your APIs
By Andy Thurai The market for APIs has experienced explosive growth in recent years, yet the major issues that providers still face are protection and hardening of the APIs that they expose to users. In particular, when you are exposing APIs from a cloud-based platform, this becomes very difficult ...
Posted 26 March 2013 by Cloud Security Alliance (CSA)
0
comments
By David Baker The line between enterprise and consumer is fading as employees work from all manner of devices to access the on-premises, cloud and even consumer applications needed to get work done. But it’s important to not confuse enterprise and consumer services from a security standpoint ...
Posted 22 March 2013 by Cloud Security Alliance (CSA)
2
comments
By David Stott Earlier this year, the US National Institute of Standards and Technology (NIST) released a publication titled Cloud Computing Synopsis & Recommendations (Special Publication 800-146) describing in detail the current cloud computing environment, explaining the economic opport ...
Posted 21 February 2013 by Cloud Security Alliance (CSA)
0
comments
In the wonderfully opulent setting of the Savoy hotel, London, I recently met with the co-founder and CEO of BeCrypt, Bernard Parsons, and his colleague Keith Ricketts, head of marketing. Bernard Parsons isn’t your typical CEO. He’s quiet and understated but what he does say is intellig ...
Posted 26 November 2012 by Eleanor Dallaway
1
comment
By Eric Hay Advanced technology is a beautiful thing. Not only has it enabled the creation of new, more efficient methods of application delivery and data storage (the Cloud is a prime example), but it’s also helped propel the development of more sophisticated solutions for data protection as ...
Posted 21 September 2012 by Cloud Security Alliance (CSA)
3
comments
  Even after the world has witnessed major Wi-Fi security incidents, such as Google’s Wi-Fi snooping controversy, a recent survey has indicated that WEP based Wi-Fi networks are still operational in large numbers, even though, WEP, at present, is widely understood as an easily broken sec ...
Posted 07 September 2012 by Ajay Gupta
1
comment
Is Crypto in the Cloud Enough?
By Jon-Michael C. Brook Box.net, DropBox, iCloud, SkyDrive, Amazon Cloud Drive... the list goes on for convenient cloud storage options. Some have had a security incident; the rest will. All implement some form of protection against accidental exposure with varying degrees of protection. Are these ...
Posted 27 August 2012 by Cloud Security Alliance (CSA)
0
comments
By Eric Sheridan “We programmatically interface with Cloud Providers to manage our customer data, so we can rely on them for securing our services right?” Wrong! The moment you start interfacing with a Cloud Provider you immediately inherit the risks associated with their deployment, d ...
Posted 21 August 2012 by Cloud Security Alliance (CSA)
1
comment
By Michael Lin, Symantec Cloud computing appears here to stay, bringing with it new challenges and security risks on one hand, while on the other hand boasting efficiencies, cost savings and competitive advantage. With the new security risks of cloud and the mounting skill and cunning of today&rsqu ...
Posted 30 September 2011 by Cloud Security Alliance (CSA)
0
comments
Unhealthy Irritation
I have to admit, I find this sort of thing just irritating: The Register last week reported that eight million patient records were lost on a laptop. Unencrypted records.  No, really. As a spokesperson for the UK's National Health Service (NHS) said: "We have set clear standards for NHS ...
Posted 20 June 2011 by Geoff Webb
0
comments
Finding a Home for BitLocker
With the last several posts being about BitLocker  (and especially Recovery Keys) hopefully you now have some idea of the things you will want to think about when planning for a BitLocker deployment.  Beyond that, however, the obvious question that now needs to be addressed is: Where ...
Posted 17 May 2011 by Geoff Webb
0
comments
By Stuart Lisk, Senior Product Manager, Hubspan Are you losing sleep over whether to implement tokenization or full encryption as your cloud security methodology? Do you find yourself lying awake wondering if you locked all the doors to your sensitive data? Your “sleepless with security&rdquo ...
Posted 20 April 2011 by Cloud Security Alliance (CSA)
0
comments
Last time  I covered an introduction to BitLocker, the Trusted Platform Module (TPM) and what TPM does to assist in keeping your system secure. This time I'm writing about the most important aspect of BitLocker management – Recovery Keys (and Recovery Passwords too).  While one ...
Posted 14 April 2011 by Geoff Webb
Showing 1 - 20 of 24 blogs
View the RSS feed for this blog »
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×