KML_FLASHEMBED_PROCESS_SCRIPT_CALLS

Author Archive

 

Does it take a village to ensure security (or just hard work)?

Monday, January 6th, 2014 by

I watched an interview this morning where Snapchat’s CEO was discussing the recent exposure of its users’ phone numbers and names and something he said stood out for me: “Tech businesses are susceptible to hacking attacks. You have to work really, really, really hard with law enforcement, security experts, and various external and internal groups to make sure that you’re addressing security concerns.”

image

I have to agree with him: It takes a lot of effort to keep up with the latest security threats and vulnerabilities, to continuously assess existing security safeguards, to open channels of communications with security peers in other organizations, and to work with local and federal law enforcement to solve common security problems. Even companies that spend millions on security like Target are clearly challenged every day to identify and remove vulnerabilities to protect their customers’ data.

The rapid growth of cloud services and cloud service providers has only added new areas of concern for organizations hoping to leverage the benefits of the cloud. Organizations must perform their due diligence in identifying the right cloud service provider for their needs—preferably one that’s had time to develop security best practices based on firsthand experience and hard-won expertise. Securing a company’s production environment requires a cloud partner that is mature and has dedicated resources to provide robust security services and products.

Consider the recent DigitalOcean security revelation that its customers can view data from a VM previously used by another customer. According to one reporter, a DigitalOcean customer “noted that DigitalOcean was not by default scrubbing user’s data from its hard drives after a virtual machine instance was deleted.” Why not? DigitalOcean confided that the deletes were taking too long to complete and resulted in potential performance degradation of its services.

I recognize that challenge because GoGrid addressed this same issue years ago. All our deleted VMs go through an automated secure scrubbing process that ensures a previous customer’s data isn’t inadvertently shared with a new customer—and we do so without impacting our production environment. Was that easy to accomplish? No, it wasn’t. In fact, it took a lot of engineering work and resources to develop the right way to secure our customers’ data without impacting performance. Taking technical shortcuts when it comes to security often results in unexpected consequences that can affect an organization’s overall security—and ultimately, its reputation.

(more…) «Does it take a village to ensure security (or just hard work)?»

Get on the Road to HIPAA Compliance with GoGrid’s New Solution Bundle

Thursday, October 10th, 2013 by

If your company deals with protected health information (PHI), thinking about HIPAA-compliant IT is something you can’t afford not to do. But achieving HIPAA compliance requires sound security practices, robust technical solutions, and expert security support. That’s a lot to manage, even with a dedicated IT team, which is why we’ve created a turnkey solution to get you started on the road to compliance.

HIPAA-graphic

Bundled Services Streamline Time to Compliance

GoGrid’s HIPAA Solution Bundle is designed to be highly available out-of-the-box and includes a recommended set of infrastructure components, managed security monitoring, and reporting. Our Solution features application and database server isolation, breach monitoring and vulnerability assessment reporting, and failover services.

We developed our new HIPAA Solution Bundle to provide a secure cloud solution to help our customers with their HIPAA compliance without requiring they spend their annual IT budget in the process. We also engaged an external HIPAA audit organization to assess the new Solution Bundle and ensure it met the new HIPAA Omnibus Rule objectives.

Naturally, any GoGrid HIPAA customer should carefully study the new HIPAA Omnibus Rule to develop and to deploy the right set of controls to safeguard PHI. Ultimately, no cloud provider can absolutely guarantee a customer’s HIPAA compliance because each organization faces unique business challenges and risks. (more…) «Get on the Road to HIPAA Compliance with GoGrid’s New Solution Bundle»

How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)

Tuesday, January 29th, 2013 by

This is Part 2 of a GoGrid security blog series on identifying and recovering from a Linux security breach. Part 1 provided general guidelines for conducting a security analysis on a compromised Linux server and forming strategic teams to address and resolve the breach.

In this article, we’ll review some recommended steps for recovering from a breach.

Recovering from the Breach

Lock the doors

Now that you’ve confirmed that there are no intruders logged in and you’ve identified the established connections, it’s time to “lock the doors.” Locking the doors largely depends on who is managing your firewall. Contact GoGrid in the event that we’re managing your firewall or perform the following actions if you manage your firewall:

  • Modify your system’s iptables configuration to restrict all remote console connections such as SSH to your office network
  • Modify your system’s iptables configuration to block all previously identified suspicious connections from and to your system.
  • Modify your system’s iptables to block all other services from the public Internet to your server. Doing so will effectively bring down your website or services, but you want to avoid compromising your customers or web site visitors.

Install and run a rootkit analyzer

(more…) «How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)»

How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)

Monday, January 28th, 2013 by

This 2-part GoGrid security blog series provides general guidelines for conducting a security analysis on a compromised Linux server and for recovering from a breach. Before you begin the security analysis, you need to consider two important factors:

1. The type of data your compromised server is storing or transmitting,
2. How important the server’s function is to your business

The data type—Personally Identifiable Information (PII) or Protected Health Information (PHI), for example—is important because your organization could be legally required to notify external parties and local or federal government agencies in the event of a breach. The compromised server’s function is important because its criticality may drive the recovery timeline.

You also may want to consider engaging a third-party that specializes in security forensics.

This series will cover 3 important items:

1) Understanding & assessing the breach
2) Setting up forensics & recovery teams
3) Recovering from the breach

Although this series won’t replace what a competent security firm can accomplish, it does provide an overview of some core processes, procedures, and activities you can do to potentially recover from a breach. And because each incident varies based on your computer system, be sure to conduct additional analysis and consult with experts to double-check your breach identification and resolution plan. (more…) «How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)»

Security Basics: 4 Steps to Tighten up Linux Security

Tuesday, November 20th, 2012 by

Our previous security articles from GoGrid discussed 5 steps to enhance your security on Microsoft Windows and how to tighten up Windows security. But what about making your Linux server security a bit more robust?

security-camera

Overview

Security studies strongly demonstrate that most systems will be attacked within 5 hours after becoming publicly accessible—in some cases, in less than 2 hours. The sources of the attacks are often unsuspecting users whose systems have been compromised by malware and are in turn being used to attack and infect other systems. The majority of attacks target two common threats:

  1. A combination of commonly used system accounts (e.g., the root account) with weak, dictionary-based passwords
  2. Systems that are missing critical or high-security vulnerabilities

Solution

This article provides GoGrid’s security recommendations for Cloud Servers running Linux. Perform these 4 steps in sequential order immediately after provisioning new GoGrid Cloud Servers to maintain the security (confidentiality + integrity + availability) of your system. (more…) «Security Basics: 4 Steps to Tighten up Linux Security»