Archive for the ‘Cloud Security’ Category

Tuesday, February 5th, 2013 by Dr. GoGrid Dr. GoGrid

The rapidly evolving cloud infrastructure market is providing organizations around the world with new opportunities to improve operations through innovation. These capabilities are not only limited to the private sector, as government agencies and other public sector bodies will also begin to implement cloud services to enhance the way tasks are carried out.

Public sector makes cloud infrastructure moves

A recent report by Gartner highlighted how the growing public cloud industry is changing how the government consumes security solutions because many of these will be hosted in cloud-based environments in the coming years. Furthermore, the ongoing adoption of various cloud computing services is forcing the public sector to prioritize the protection of their virtual infrastructure. As a result, the cloud will be incorporated into national infrastructure regulations by 2016, requiring decision-makers to implement advanced security tools.

“The popularity and increased adoption of cloud-based security services, albeit at different degrees, will influence the shape of future security marketplaces,” said Ruggero Contu, research director at Gartner. “Deployments of virtualization, and its replacing of traditional physical hardware platforms, are expected to impact the deployment model of future network security capabilities, which are expected to be based increasingly on virtual security appliances.”

Security’s future may rest in the clouds
Gartner analysts forecast growth rates for cloud-based security solutions to outpace premise-based offerings within the next three years because 10 percent of overall IT security applications will be delivered via the cloud by 2015. While this trend is likely to occur around the world, Gartner predicts North America will account for the majority of spending.

A separate report by Trend Micro highlighted similar findings, noting that the cloud security software market is forecast to expand at a compound annual growth rate of more than 41 percent through 2014, eventually generating more than $963 million in revenue.

(more…) «Public sector makes cloud infrastructure moves»

Tags: cloud, Cloud Computing, Gartner, Government, infrastructure, IT, public sector
Posted in Cloud Computing, Cloud Security, General, Industry, News, Public Cloud | 5889No Comments »2013-02-05+16%3A33%3A40Dr.+GoGrid

How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)

Tuesday, January 29th, 2013 by Mario Duarte Mario Duarte

This is Part 2 of a GoGrid security blog series on identifying and recovering from a Linux security breach. Part 1 provided general guidelines for conducting a security analysis on a compromised Linux server and forming strategic teams to address and resolve the breach.

In this article, we’ll review some recommended steps for recovering from a breach.

Recovering from the Breach

Lock the doors

Now that you’ve confirmed that there are no intruders logged in and you’ve identified the established connections, it’s time to “lock the doors.” Locking the doors largely depends on who is managing your firewall. Contact GoGrid in the event that we’re managing your firewall or perform the following actions if you manage your firewall:

Modify your system’s iptables configuration to restrict all remote console connections such as SSH to your office network
Modify your system’s iptables configuration to block all previously identified suspicious connections from and to your system.
Modify your system’s iptables to block all other services from the public Internet to your server. Doing so will effectively bring down your website or services, but you want to avoid compromising your customers or web site visitors.

Install and run a rootkit analyzer

(more…) «How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)»

Tags: attack, Breach, cloud, Cloud Computing, cloud security, firewall, forensics, GoGrid, hack, How To, iptables, Linux Breach, OSSEC, OWASP, recover from security breach, RIPS, rkhunter, rootkit, rootkit analyzer, Rootkit Hunter, Security, Security Breach, server breach, server security
Posted in Cloud Computing, Cloud Security, General, GoGrid, How To, Linux, Public Cloud, Security | 57611 Comment »2013-01-29+16%3A00%3A48Mario+Duarte

How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)

Monday, January 28th, 2013 by Mario Duarte Mario Duarte

This 2-part GoGrid security blog series provides general guidelines for conducting a security analysis on a compromised Linux server and for recovering from a breach. Before you begin the security analysis, you need to consider two important factors:

1. The type of data your compromised server is storing or transmitting,
2. How important the server’s function is to your business

The data type—Personally Identifiable Information (PII) or Protected Health Information (PHI), for example—is important because your organization could be legally required to notify external parties and local or federal government agencies in the event of a breach. The compromised server’s function is important because its criticality may drive the recovery timeline.

You also may want to consider engaging a third-party that specializes in security forensics.

This series will cover 3 important items:

1) Understanding & assessing the breach
2) Setting up forensics & recovery teams
3) Recovering from the breach

Although this series won’t replace what a competent security firm can accomplish, it does provide an overview of some core processes, procedures, and activities you can do to potentially recover from a breach. And because each incident varies based on your computer system, be sure to conduct additional analysis and consult with experts to double-check your breach identification and resolution plan. (more…) «How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)»

Cloud Worries Dissolving with Service Provider Assistance

Monday, December 31st, 2012 by Dr. GoGrid Dr. GoGrid

Today’s cloud computing world is rapidly maturing, especially as more users migrate mission-critical resources to the hosted environment. As the cloud continues to evolve, many decision-makers will become increasingly confident in the technology’s ability to keep sensitive assets protected, enabling vendors to watch their services reach full-scale adoption.

A recent study by KPMG International highlighted this ongoing phenomenon, noting that cloud computing revenue will double in size during the next two years, largely because companies are moving more mission-critical, data-rich applications to hosted environments.

Cloud worries dissolving with service provider assistance

In the past, decision-makers were somewhat intimidated by the cloud. In today’s world, executives are less worried about falsified security concerns and more interested in saving money, as roughly 60 percent of service providers said cost savings was the primary driver behind the adoption of their offerings, KPMG reported.

“While providers are seeing the challenges of a maturing, yet still relatively young, market, we are at a pivotal point in the evolution of the cloud ecosystem as users become more comfortable with a variety of cloud applications,” said Gary Matuszak, an executive at KPMG’s technology, media and telecommunications practice. “Leading cloud providers know they must evolve to provide a new level of scale, capacity and capability.”

Addressing challenges in the industry
The primary difficulty most service providers are having is supplying evidence to users about real cost-saving opportunities, as only 39 percent of vendors believe cloud users have a realistic idea of the cost-reducing capability of the cloud, KPMG noted.

(more…) «Cloud Worries Dissolving with Service Provider Assistance»

Tags: cloud, Cloud Computing, cost-savings, Hosting, IaaS, infrastructure, infrastructure as a service, service provider
Posted in Cloud Computing, Cloud Security, General, GoGrid, Industry, News, Public Cloud | 5559No Comments »2012-12-31+17%3A37%3A07Dr.+GoGrid

Small companies should consider cloud-based disaster recovery programs

Thursday, November 29th, 2012 by Dr. GoGrid Dr. GoGrid

In the past, every new technology implemented by a company needed to have a positive return on investment or reduce costs in some way for it to have a sound impact on an organization. While saving money is still important today, it is not necessarily the main reason companies are deploying innovative solutions.

As new cyber dangers and natural disasters pressure small organizations to be prepared with robust disaster recovery and business continuity plans, decision-makers are turning to cloud computing for scalable and automated environments, according to a study by InformationWeek Reports. Since the cloud comes in a variety of forms, enabling executives to leverage on- or off-site structures to host mission-critical information, small companies can use the services to promote long-term safety.

Small companies should consider cloud-based disaster recovery programs

The study revealed that the cloud is also raising awareness of the importance of businesses continuity and disaster recovery programs, as 67 percent of respondents said they currently have a plan in place, while another 23 percent have a strategy to launch an initiative within the next 12 to 24 months. Only 10 percent of respondents lack any plans.

The survey also found that 17 percent of decision-makers are using cloud-based services to enhance disaster recovery programs, while another 26 percent are considering doing so.

Why use the cloud for disaster recovery?
In addition to the scalable and financial benefits associated with incorporating cloud computing into a business continuity strategy, executives can also ensure their initiatives are on pace with evolving demands through frequent testing programs, InformationWeek Reports said. While legacy disaster recovery tools often enable companies to check operations every so often, the cloud provides decision-makers with the ability to ensure sensitive applications and data are recoverable at any time.

InformationWeek Reports said cloud-based business continuity programs enable small firms to have end-to-end backup orchestrated for their entire data center. This lets executives migrate massive volumes of records to the public or private cloud on demand.

(more…) «Small companies should consider cloud-based disaster recovery programs»

Tags: cloud, cloud security, Disaster Recovery, DR, solutions
Posted in Cloud Computing, Cloud Security, Disaster Recovery, General, GoGrid, News, Private Cloud, Public Cloud, Security | 5391No Comments »2012-11-29+16%3A09%3A51Dr.+GoGrid

« Older Entries

Newer Entries »

GoGrid Blog

Archive for the ‘Cloud Security’ Category

Connect with GoGrid

Search GoGrid Blog

Categories

Recent Articles

Blog Archives

Subscribe via Email

GoGrid FaceBook Fan Page

Cloud Blog Watch

GoGrid on Twitter

Pages

Site Authors

Top Posts & Pages

PRODUCTS

SOLUTIONS

SUPPORT

LEGAL

PARTNERS

ABOUT US

CONNECT WITH US