Second Annual Cloud Computing Security Alliance Congress – November 16-17, 2011 In 2010, cloud computing began the shift from a ‘nice to have’ to a ‘need to understand’ technology, as the promises of cost efficiencies and agility have begun to bear fruit. The Second Annual Cloud Security Alliance Congress, the industry’s only conference devoted to the topic of cloud security, will provide practical solutions for managing the transition to the cloud, and implementing security as a key component rather than an afterthought of this transition. It will provide insight on the models and architectures, the controls and real ‘nuts and
cloud security
LastPass Possibly Hacked, Cloud Security Concerns on the Rise Conspiracy theory admirers will be happy to hear the news that today, following Amazon’s outage and recent security breaches at Sony, cloud-based password storage and management company LastPass announced a possible successful hacker’s attack against its servers. “If you have a strong, non-dictionary-based password or pass phrase, this shouldn’t impact you – the potential threat here is brute-forcing your master password using dictionary words, then going to LastPass with that password to get your data. Unfortunately not everyone picks a master password that’s immune to brute-forcing,” the company wrote in a
THE NEED TO RECONSIDER SECURITY APPROACHES The convergence of numerous trends is causing organizations to reconsider their approach to security. While widespread email viruses and worms have decreased, attacks via the web are on the rise. This is because web browsers consolidate many applications ─ including those used for email, instant messaging, and ecommerce ─ making the browser an attractive launch pad for attacks. Web 2.0 and other complex web technologies also open the door to new two‐stage web attacks and social‐engineering exploits. 1. In fact, during the first quarter of 2009, Web 2.0 services and sites led with the
NTT America Demos Cloud Computing Platform at Web 2.0 Expo NTT America will demonstrate its cloud computing platform at the Web 2.0 Expo San Francisco. Attendees will get a chance to listen to NTT America‘s technical staff who will discuss the company’s hosting, cloud computing, security and colocation offerings. These offerings help businesses to tap the opportunities offered by the rapid growth of new technologies and Web content services. During this event, CEO of Cloud Approach and cloud security specialist, Eric Greenberg, will give a talk entitled Crack the Code of Cloud Security and Unleash its Power on Tuesday, March
Cloud security: Keeping those keys safe Jack Murgia, from Cloud Controllers, sent me an interesting query last week: “How does LabSlice ensure that the Amazon Web Services (AWS) Access Keys remain secure within the application?” This is a great question, as the AWS Access Keys are the keys to the house for any business using the Amazon Web Services cloud. It’s true that our application stores more keys than most (we provide an AWS management service that utilizes our customers’ keys), but you will more than likely find keys used within your application, whether to upload files to cloud storage (S3)
Last week I wrote about the RSA Conference currently on in San Francisco and what it meant for cloud security (See: Can The RSA Conference Help Dispel Cloud Computing Security Fears? ). Today’s article is an update on what’s happening in “The City by the Bay.” For one, cloud computing is high on the agenda at the conference, so much so that there is a Cloud Security Alliance (CSA) Summit on the schedule. I had touched on the CSA in an earlier article (See: Big 4 Auditing Firm Ernst & Young Joins Cloud Security Alliance) and there’s no doubt that
AT&T Announces New Cloud Capabilities Communications giant AT&T is launching new cloud capabilities, new mobile applications for the cloud and increases third-party development and industry activity, the company said in a press release. The communications holding will continue its partnership with other leading companies in the cloud such as IBM and Vmware, the company added. New features include an enhanced computing offer allowing customers to tie their cloud computing systems to AT&T’s network in an easier manner. The company’s enhanced storage offer includes features that help companies meet corporate governance and compliance requirements. The company also releases a new mobile
