Blog

  Recently HTC acknowledged a vulnerability that can expose a user’s WiFi credentials, including the WiFi SSID and security passwords to a malicious app running on some of its Android phones. The vulnerability was discovered by the security architects Chris Hessing and Bret Jordan, and i ...

I thought this piece by Jo Maitland over at SearchCloudComputing.com was interesting, because it so closely reflects the experiences of a large number of businesses faced with the specter of uncontrolled cloud usage. Indeed, the story is an old, familiar one: Girl meets cloud. Girl ...

Adding to the users convenience, Wi-Fi is increasingly becoming a default capability of many consumer devices, including smartphones, printers, cameras, TVs, etc. to wirelessly share contents, access Internet or connect to a particular network.   However, configuring the correct Wi-Fi settings ...

By Ken Biery Can a cloud be as secure as a traditional network? In a word, yes! I agree that some may find this statement surprising. Depending on the network, that may be a low bar, but good security principles and approaches are just as applicable to cloud environments as they are to tradition ...

By Allen Allison Regardless of your industry, customer base, or product, it is highly likely that you face regulatory compliance requirements. If you handle Protected Health Information (PHI), the Health Insurance Portability and Accountability Act (HIPAA) – along with the HITECH enhancement ...

By Ken Biery This two-part guest blog series explores the topic of cloud security. Part one of the series focuses on the questions enterprise IT decision makers should ask when considering moving business applications to a cloud-based computing environment. There is no shortage of information abo ...

Good post here from Brandon Williams on the inherent weakness of security processes that ignores the human element. There's nothing new in saying that humans are the weakest link in the security chain (ok, in *most* people's security chain) but Brandon's right: People really are the new perimeter. ...

 People of a certain age often enjoy recalling for younger folk the size of the early mobile phones that were lugged around in the mid-1980s, whilst marvelling at the latest smartphones. These brick-sized devices could not even send text (SMS) messages (the first of which was sent in 1992); the ...

By Merritt Maximi A major benefit associated with deploying identity management and/or identity governance into an organization is that these solutions provide the ability to detect and remove orphan accounts. Orphan accounts refer to active accounts belonging to a user who is no longer involved w ...

By Michael Lin, Symantec Cloud computing appears here to stay, bringing with it new challenges and security risks on one hand, while on the other hand boasting efficiencies, cost savings and competitive advantage. With the new security risks of cloud and the mounting skill and cunning of today&rsqu ...

By Stuart Lisk File transfer has been around since the beginning of time. Ok, well maybe that is an exaggeration, but the point is, file transfer was one of the earliest uses of “network” computing dating back to the early 1970’s when IBM introduced the floppy disk. While we have ...

By Ed King The elephant in the room when it comes to barriers to the growth and adoption of cloud computing by enterprises is the lack of trust held for cloud service providers. Enterprise IT has legitimate concerns over the security, integrity, and reliability of cloud-based services. The r ...

By Oded Valin “When it absolutely, positively has to be there overnight.” There’s a lot we can identify with when it comes to reciting FedEx’s famous slogan, especially as it relates to modern file transfer processes. When you think about sharing health care records, financ ...

Apple security, that is. Clearly, the company's hiring of a product security manager carries a very clear "we need to improve" message, but it's clearly tied to a marketing and IP problem with its much publicized habit of losing prototype iPhones: hat tip to the New York Times and Ni ...

By Allen Allison With the rapid adoption of cloud computing technologies, IT organizations have found a way to deliver applications and services more quickly and efficiently to their customers, incorporating the nearly ubiquitous utility-like platforms of managed cloud services companies. The use ...

Magnus Stjernstrom recently pointed out Cisco’s advice on how to detect Dropbox traffic originating in your network. It’s interesting given what it tells us about the concerns of Cisco's customers: "Dropbox network traffic may consume network resources and may be a vector f ...

The high-profile security conference season is usually enlivened with a few Mac attacks, Apple app attacks, and other euphonious assonances. While the most consistent source of such diversions is probably CanSecWest, BlackHat and Defcon often have some interesting harvesting from the Apple orchard t ...

I saw this recently and it really drove home on the key truths about cloud computing when it comes to control over your information. Here's a great quote: "Any data which is housed, stored or processed by a company, which is a U.S. based company or is wholly owned by a U.S. parent compan ...

By Rakesh Shah Recent high-profile security incidents heightened awareness of how Distributed Denial of Service (DDoS) attacks can compromise the availability of critical websites, applications and services. Any downtime can result in lost business, brand damage, financial penalties, and lost prod ...

By Todd Thiemann Cloud computing changes the equation of responsibility and accountability for information security and poses some new challenges for enterprise IT. At Vormetric we are working with service providers and enterprises to help them secure and control sensitive data in the cloud with en ...