Traditionally businesses have focused their IT security on perimeter defense—blocking threats before they enter the network. This protection is still important. But with today’s cloud computing, mobile devices, and advanced persistent threats (APTs), businesses need security that protects their data wherever it travels and in whatever type of device it resides, requiring new data-centric security. …
Read MoreFor the last few months, we’ve been conducting a cloud, virtualization, and VDI security survey of 1200 IT professionals from larger companies in 6 countries around the world. Not only did I get to help shape the questions on the survey, I’ve also been on the team interpreting the results. We’ve learned more than a…
Read MoreNot long ago, we set out on a mission to perform a full scalability test on one of our products (Trend Micro Deep Security). After some quick, back-of-the-napkin calculations we discovered that we needed somewhere in the order of 35 Dell 710’s with virtualization to complete our test. Finding that many available servers is a…
Read MoreA year ago we posted a compendium of Cloud and Cloud Security resources. This posting has been consistently among the top hits to the Cloud Security Blog proving that, when it comes to Cloud the one thing we all need is clarity!
Two of the most useful resources…
Is Virtualization stupid? It forces guest VMs sharing a host to do the same things over and over, without sharing. It takes up countless hours of otherwise useful – and expensive – server time.
Read MoreToday’s threat landscape has required security vendors to change their approach to protecting customer data. TrendLabs℠, Trend Micro’s threat research arm, states there are now 3.5 new threats released every second by cybercriminals. Traditional approaches to security just cannot keep up with this. Enter cloud computing and the subsequent development of cloud-based protection networks. Customers who utilize a security vendor who has a robust cloud-based protection network will see significant advantages over those customers who still use more traditional methods. Not only can cloud-based protection networks use cloud computing methods to manage this security process more effectively, but also they are able to scale with the certain increase in threats in the future.
Read MoreI’m constantly annoyed by how broad the term “cloud” can be, and I try to use IaaS, PaaS, and SaaS instead, but even these categories are blurring at the edges. The bottom line is that if it’s hooked up to the internet, it can be controlled from a central location, and it scales up and down on demand, it’s in the cloud.
Read MoreCloud Security Alliance Congress 2010 Summary – Part 4 of 4 The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days. For those who were not in attendance at…
Read MoreThe cloud is putting so much pressure on the old device-centric security model that it’s forcing a change to an identity-centric security model, where it matters far more who a person is than what device or network they are using. In a single day, one person might access cloud applications from his iPhone, home, main office, and Peet’s Coffee, and he may use his home PC, his work laptop, his phone, or even his Xbox. Trying to identify and secure what that person does based on a device IP address or network address is simply a lost cause.
The Cloud Security Alliance kicked off its first major event November 16-17, 2010 in Orlando, Florida. The CSA Congress 2010 successfully hosted 370 people with talks covering all aspects of cloud security over two days.
For those who were not in attendance at congress, this four-part series will summarize some of the most popular sessions at the event.