Cloud Recovery

Thoughts and Topics Around Cloud Backup and Recovery

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4 other followers

  • Subscribe

  • RSS Cloud Security

    • GoGrid Security Breach
      Bad news for GoGrid customers as today we received the following breach notification by email… Dear Valued Customer: In the normal process of reviewing our system activity, our Security Team discovered that an unauthorized third party may have viewed your account information, including payment card data. We immediately took action to protect our custom […]

  • RSS Cloud Computing Journal

    • Cloud Expo New York Speaker Profile: Chris MacGown – Piston Cloud Computing
      With Cloud Expo 2012 New York (10th Cloud Expo) now less than three three weeks away, what better time to start introducing you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference... We have technical and strategy sessions for you every day from June 11 through June 14 […]

Archive for the ‘Security’ Category

Topics around Cloud Security

Amazon CTO Counters Skepticism on Cloud Security

Posted by brennels on August 2, 2010

Jon Brodkin, Network World Wednesday, July 28, 2010

(07-28) 15:49 PDT – Amazon’s cloud computing division is planning to “raise the bar” on security, and provide better security than most enterprises can achieve on their own, says Amazon CTO Werner Vogels.

But some analysts believe Amazon is not transparent enough about its internal security practices, judging by comments after a presentation Vogels made at the Burton Group Catalyst conference in San Diego Wednesday.

Amazon called out over cloud security, secrecy

Vogels provided an optimistic view of cloud security, saying that cloud networks such as Amazon’s already provide better security, and disaster recovery, than most enterprises are capable of. “I believe the cloud is the area where we have to raise the bar for enterprise security,” Vogels said.”

Read the rest of the article on Networkworld.com

Posted in Amazon, Cloud Architecture, Cloud Computing, Cloud Providers, Security | Tagged: , , | Leave a Comment »

What’s New in AWS Security: Vulnerability Reporting and Penetration Testing

Posted by brennels on July 23, 2010

“Security is a top priority for Amazon Web Services. Providing a trustworthy infrastructure for you to develop and deploy applications is a responsibility we take very seriously. One important aspect of gaining your trust is being open and transparent about our security processes and continually working toward achieving industry-recognized certifications. Other important aspects include providing you with mechanisms for contacting us about potential security issues and enabling you to conduct security tests of the applications you deploy on AWS. I’m pleased to announce today two new policies: one that outlines our vulnerability reporting process and one that describes how to receive permission to conduct penetration tests of the applications running on your EC2 instances.”

Read the full post on the Amazon Web Services Blog here

Posted in Amazon, Cloud Computing, Cloud Hosting, Cloud Providers, IaaS, Security | Tagged: , , | Leave a Comment »

The Upgraded Security of Cloud Computing

Posted by brennels on June 22, 2010

“How often do you hear about the latest Microsoft worm? Take, for example, the Conficker worm of 2009 that infected over 15 million machines, giving “back door” access to hackers, and making mission critical data completely insecure. The fact of the matter is that PC security breaches happen all the time, but don’t fret, there may be a solution.”

“With the advent of cloud computing, there has also been an increase in the security capabilities of everyone who takes advantage of cloud computing. The reason for this is quite simple – the providers of cloud computing services concentrate far more resources towards the security of the services they provide than the average PC user ever could. Why? For one, they have to in order to survive. But also, by definition, cloud computing service providers must utilize an assortment of technology that resides within specialized datacenters. In turn, these datacenters are built from the ground up with security and reliability as the foremost objectives.”

Read the full article here on trackvia.com

Posted in Cloud Availability, Cloud Hosting, Cloud Providers, Security | Tagged: , | 1 Comment »

Transitioning to Cloud Computing

Posted by amcanty on February 4, 2010

Auditability must be a goal

By Robert Grapes

February 3, 2010 03:00 PM EST

“The drive toward cloud computing continues to be a dominant infrastructure deployment theme for organizations looking to reduce costs, increase storage and optimize mobility. What many fail to realize is the trend towards cloud computing is continually forcing IT managers to rethink fundamental security issues as a barrage of new attacks and exploits continue to assault the cloud every day.

Compelling for any business model, cloud computing delivers a scalable, accessible and high-performing computing infrastructure that comes at an appealing price for organizations.

Similarly, operating in the cloud allows for the convergence of new and emerging technologies. Providing appeal to both the provider and the consumer, cloud computing enables new application deployment and recovery options, as well as new application business models. However, cloud computing may not be the panacea that the press and many organizations make it out to be. We must have trust and confidence in the platform on which we are deploying our applications and data. We must be able to maintain control of the information that drives our business. Ultimately, we must be able to prove that trust to our auditors. The solution, having not yet been defined, could be deemed “auditability.”

Cloud computing is made possible and viable through its use of new and emerging technologies. These same technologies also introduce new security threats that if left unaddressed could prove to be the Achilles’ heel of cloud computing. Auditability stems from an understanding of the threats and risks that face an application and its associated data. It is deployed to any system or platform and makes certain the commensurate security measures are taken to mitigate risks and monitor and address the threats. Traditional security risks and more sophisticated attacks are all threats that plague the deployment of applications and data in the cloud. It’s of the utmost importance that organizations understand and increase the auditability of their cloud computing deployments to ensure the best security solutions are in place to protect their systems.

Threat and Risk Assessment
Threat and risk assessments provide insight to the potential weaknesses of systems and applications that could be exploited by an attacker for malicious purposes. Often these assessments identify weaknesses that could provide opportunities for damage through simple negligence. An attack analysis, as part of these assessments, places one in the mindset of an attacker for the purposes of identifying all the possible ways a system could be breached. One should not be afraid of performing an attack analysis on existing systems and applications as it is better to find potential areas to exploit prior to deployment than by a malicious attacker once in production. To make an attack analysis more thorough, one should include external and internal attacks, static and dynamic analysis attacks, and manual and automated attack types. The more tests that are run, the more resilient the auditability reports will be to auditor scrutiny and the more confident an organization will be placing applications and data into the cloud.

Virtualization
Virtualization is the cornerstone technology upon which the cloud computing infrastructure is built. Without it, the capital and operating costs of the cloud would simply outweigh the return. With it, providers are able to deliver near-instant recovery options and portability, using snapshots and elastic computing capabilities. This offers cloud consumers the benefit of on-demand utilization of resources to meet peak computing needs without requiring the overhead and cost of standby and latent computing power, all at very reasonable costs.”

For the rest of the article, click here!

Posted in Cloud Computing, Security | Tagged: , , , , , | Leave a Comment »

Amazon is Working to Secure its Xen-Based Infrastructure Cloud

Posted by brennels on June 12, 2009

by Alessandro Perilli   |   Thursday, June 11, 2009   |   0 Comments

It doesn’t matter if we are talking about SaaS, PaaS or IaaS architectures. Customers have many reasons to not trust the cloud computing solutions that the market offers today and one of them is the lack of security.

Amazon has the oldest, most popular and very likely the largest cloud infrastructure existing today, and thus it must under continuous fire when enterprise customers evaluate its Xen-based Elastic Computing Cloud (EC2).

The company recently announced a series of initiatives to make EC2, S3 and the other Amazon Web Services (AWS) facilities more secure, and to clarify the level of security currently in place:

Read the rest of the article on virtualization.info

Posted in Amazon, Security | Tagged: , , , , | Leave a Comment »

 
Follow

Get every new post delivered to your Inbox.