So far in this series, Justin and I have provided tips for securing the foundations of your AWS deployment. Taken together, these tips work to reduce the overall attack surface—the area exposed to the outside world—of your application. Now it’s time to add the next layer of controls to you application, starting with a host-based…Read More
By Vic Hargrave Phishing is an ever-present danger on the Internet threat landscape. In my blog Dealing With Phishy Emails I wrote about what you can do to combat conventional phishing attempts. By “conventional” I mean those emails that use social engineering techniques to get you to click on links in the messages that would…Read More
By Christopher Budd There’s one club right now that some major public figures and celebrities are in that they wish they weren’t a member of and you don’t want to join either: the doxxing club. Famous victims have had their detailed personal information stolen via “doxxing” and posted out on the Internet for all to…Read More
With more data security concerns coming to light, customers are being more choosy as to where they do businesses and which services they work with. A report by Avaya and Sabio spoke with 2,000 U.K. customers and found that 46 percent were worried about high level data breaches at financial institutions, while 40 were worried about mobile operators and 37 percent retailers.
Millions of people use Java everyday, but unfortunately, the number who are operating properly secured applications is much smaller. Matthew Schwartz wrote on InformationWeek that half of users are still on Java 6, which Oracle retired last month, which shows that most don’t know how important making sure this program is secure as possible is.
Every field seems to be doing its own diligence on how securing cloud computing will work for them. Even the healthcare industry, which is usually reticent to investing in new technology if there is a risk factor, is looking at the risk-versus-benefit analysis of the cloud and taking the security issue head on, according to Health IT Security.
Recently I was honored to give a keynote about the future of cloud security at the Cloud Security Alliance Summit at RSA 2013 . This video is worth your time to watch. It covers a brief history of cloud security, where it is headed, and who it will impact. The bottom line is that no…Read More
In this series, Mark and I have covered tips for securing your Amazon Web Services (AWS) account, building hardened Amazon Machine Images and locking down the operating system. Now we turn our attention to one of the most simple, yet powerful ways to secure your instances: the firewall. Implementing a firewall policy is just basic survival when…Read More
The convergence of consumerization, BYOD, and cloud computing is a phenomenon difficult to describe in a few words. I’ve heard IT managers call it “a perfect storm” — and there’s some truth to that. However, I just found the most accurate, blog-worthy description in a new IDC Analyst Connection. Analyst Phil Hochmuth states, “All these trends…Read More