SecurityRatty: Cloud Security

Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security

2008-07-01 19:03:10 by Craig Balding in Cloud Security

...information cloudsecurity.org: What criteria did you apply to Python module selection GvR: We first looked for modules that were useful and straightforward to audit. If a module was large or complex, wed only audit it (fixing things we found) if it was deemed essential or at least useful for a large number of users; otherwise wed exclude it...

Tags: app engine, google app engine, app, app engine treatment, security, app engine project, app engine crew, secure app engine, security vulnerabilities

A Question of Integrity: To MD5 or Not to MD5

2008-06-25 19:50:57 by Craig Balding in Cloud Security

Cloud Storage offers pay per drink off-site storage. Data to be saved is shuffled from the customer to the Cloud Storage Provider by the network. This all works wonderfully most of the time, what you upload is what you get back later. But what happens where the gremlins strike and what you send is not what is received This happened recently to...

Tags: amazon prior, amazon, aws, aws status page, md5, load balancer, single load balancer, status, data

Cloud Computing and Security For The Masses: Interview on NPR

2008-05-05 11:52:27 by Craig Balding in Cloud Security

...Security on NPR Morning Edition NPR - National Public Radio - is a US based, non-commercial radio station covering news, talk and current affairs. British readers may find it similar to BBC Radio 4 Every Monday, the Morning Edition has a technology theme. The Cloud Computing segment was high level and aimed primarily at a non-tech audience. I...

Tags: security, npr, cloud, real security conversation, npr listeners, national public radio, technology theme, technology, non-commercial radio station

Your Turn At The Bar Again? Security Costs in a Pay Per Drink Cloud

2008-05-01 20:55:26 by Craig Balding in Cloud Security

...security tools at all, Cloud Computing may impact the way you calculate your IT security budgets. Assessing The Cost of Runtime Security Security costs can be overt or hidden budget items spread across infrastructure, security, compliance, midrange the runtime security costs of security tools that execute on the systems How many organisations...

Tags: security costs, costs, runtime security costs, security runtime costs, security, security tool, security tool inefficiency, security tools plays, plays

12 Signs that Your Company is Already in the Cloud

2008-04-25 19:14:19 by Craig Balding in Cloud Security

...Security Awareness posters have been replaced with pictures of Jeff Bezos You are asked to authorise a visit from the local environment group. Fearing protesters, you are surprised to learn that your company has won a prize for reducing its Carbon Footprint Your Intrusion Prevention System is preventing the call center from uploading...

Tags: company, company car park, signs, cloud, company internet connection, telltale signs, credit card, credit card charges, security

Cloud Stacks: Please Mind The Gap

2008-04-24 20:54:37 by Craig Balding in Cloud Security

Security gaps creep in when people think other people are taking care of it When a security practitioner assesses a complex system, theyll look at the hand offs between different players within the system. In fact, if theyve been in the game for a while, theyll apply laser sharp focus to where the responsibilities of one party ends and another...

Tags: cloud, service, cloud service providers, cloud storage, cloud providers, cloud security alter, cloud security, cloud compute, end-user service

5 Reasons Why IT Security People Shouldnt Ignore Cloud Computing

2008-04-22 22:17:55 by Craig Balding in Cloud Security

...security operations to deal with? No in-house penetration tests to run? No vulnerability assessment tools to run? No incident response where you actually do something One scenario is you find yourself on a constant round of conference calls with 3rd parties trying to pin down security in the cloud If you thought handling security issues...

Tags: cloud, security, cloud storage provider, in-house, in-house security operations, cloud security, employers security arrangements, cloud provider, outsource security responsibility

Security In The Cloud: Introducing Cloud Mashups

2008-04-21 16:40:49 by Craig Balding in Cloud Security

...Information Security community, we have to start figuring out some of these issues before we find our options severely limited What do you think

Tags: cloud, cloud mashups, cloud storage arrangements, security, appirio cloud storage, appirio, data, data portability, crm data

Thin Client Security: Wise up!

2008-04-18 23:36:44 by Craig Balding in Cloud Security

...Security people expect you to provide a secure, vendor independent method for thin client OS updates. FTP for software updates took its place in the infosec wall of shame a while back. Ditto DHCP Bragging that your unpublished API makes your thin client OS secure loses you so much credibility. A hint: you will want to engage a qualified 3rd...

Tags: thin client, thin clients, thin clients vendors, secure, api, secure loses, security people expect, rest protection issues, minimal attack surface

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo