Posts Tagged ‘Security’

 

Cloud computing improves security for SMBs, studies reveal

Tuesday, June 18th, 2013 by

For the past several years, cloud computing has been disrupting the business world by providing organizations with innovative ways to save money, improve operations and gain access to next-generation applications. Small and medium-sized businesses (SMBs) have begun to recognize that the benefits of the cloud have reached their organizations as well. Still, some fears about the hosted services held many companies back. A recent study of US SMBs by Microsoft, however, revealed that many of these concerns are not backed by data but are really just misconceptions about the technology.

Cloud computing improves security, not impairs it

Cloud computing improves security, not impairs it

The survey found that 60 percent of organizations that have not yet adopted the cloud because of security concerns. Other SMBs that have not embraced the cloud said the fear of unreliability or loss of control over sensitive data held them back.

Conversely, businesses that have adopted the cloud have experienced benefits in all of these categories, suggesting the shroud of uncertainty surrounding the cloud should not be an obstacle.

“There’s a big gap between perception and reality when it comes to the cloud. SMBs that have adopted cloud services found security, privacy and reliability advantages to an extent they didn’t expect,” said Adrienne Hall of Microsoft. “The real silver lining in cloud computing is that it enables companies not only to invest more time and money into growing their business, but to better secure their data and to do so with greater degrees of service reliability as well.”

The truth about the cloud
The underlying reality of a cloud infrastructure is that it is often more secure and reliable than traditional premise-based systems. Microsoft highlighted this truth when it found that a whopping 94 percent of SMBs using the cloud revealed that they acquired more security benefits using the hosted services than they did with legacy solutions. This meant having access to more innovative and up-to-date antivirus and data management tools.

(more…) «Cloud computing improves security for SMBs, studies reveal»

Software Defined Networking on the Edge

Thursday, March 14th, 2013 by

One of the recent trends in technology is the movement toward software-defined networks (SDN). With SDN, networking is no longer tied to a specific proprietary device but rather integrated via software. GoGrid has adopted this software defined networking architecture for its new product offerings starting with Dynamic Load Balancers and now with our new Firewall Service.

SDN typically means that the control plane is separated from the forwarding plane and is centralized. This setup is easier to manage and enables a more distributed system. In addition, management of the network is typically programmatic with SDN. In GoGrid’s architecture, for example, management is centralized while the activities are distributed. This design allows for greater resiliency and self-healing capabilities, meaning there’s always a way to return a failed distributed node to its previously stable state. We also enable access to these services via our management console and a public RESTful API.

Although most people think of SDN as it applies to the core (switches and routers), GoGrid’s strategy has been to start at the edge and then work toward the core. Dynamic Load Balancers and the Firewall Service are considered to be on the network edge. However, other services closer to the core, such as Private Network Automation (PNA), have adopted this architecture as well. Details about the Dynamic Load Balancer are explained in this previous blog post.

Firewall Service

GoGrid is introducing a new Firewall Service designed to be self-healing and available to all customers in all our data centers. Customers can deploy this service through the management console or API. Having a Firewall Service available to all our customers is an important step in further securing infrastructure in the cloud. Although GoGrid has secured its data centers and has built-in security measures to protect our customers’ infrastructure, our customers want greater granular control of port access for their individual servers. Our new Firewall Service is designed to meet and exceed those needs by making it easy to set up security wherever Cloud Servers are located.

This service comes with several key features: (more…) «Software Defined Networking on the Edge»

Are These Really Mysteries? Solving Forbes’ “7 Great Unsolved Mysteries of Cloud Computing”

Wednesday, February 6th, 2013 by

From time to time, I come across an article that I feel compelled to respond to. Yesterday, I read “7 Great Unsolved Mysteries of Cloud Computing” written by Joe McKendrick (an author and independent researcher covering IT trends and markets) in Forbes.com. Although McKendrick definitely offers some thought-provoking questions in the form of “cloud mysteries,” part of me feels these mysteries were already solved a long time ago.

Forbes-article

What follows are the questions that McKendrick asks, my interpretation of his descriptions, and my responses to these mysteries. I’d love to hear your feedback on these mysteries and my responses, so be sure to leave a comment.

7 Great “Unsolved” Mysteries of Cloud Computing

McKendrick alludes to the 2010s as a “cloud computing migration.” A “migration” connotes a feeling of evolution, and I do believe that cloud computing is evolving through a natural progression (see “Riding the Gartner Hype Cycle Roller Coaster: Hang on to your Magic Quadrants!”) toward mainstream adoption.

But let’s take a look at the “unsolved” mysteries.

(more…) «Are These Really Mysteries? Solving Forbes’ “7 Great Unsolved Mysteries of Cloud Computing”»

How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)

Tuesday, January 29th, 2013 by

This is Part 2 of a GoGrid security blog series on identifying and recovering from a Linux security breach. Part 1 provided general guidelines for conducting a security analysis on a compromised Linux server and forming strategic teams to address and resolve the breach.

In this article, we’ll review some recommended steps for recovering from a breach.

Recovering from the Breach

Lock the doors

Now that you’ve confirmed that there are no intruders logged in and you’ve identified the established connections, it’s time to “lock the doors.” Locking the doors largely depends on who is managing your firewall. Contact GoGrid in the event that we’re managing your firewall or perform the following actions if you manage your firewall:

  • Modify your system’s iptables configuration to restrict all remote console connections such as SSH to your office network
  • Modify your system’s iptables configuration to block all previously identified suspicious connections from and to your system.
  • Modify your system’s iptables to block all other services from the public Internet to your server. Doing so will effectively bring down your website or services, but you want to avoid compromising your customers or web site visitors.

Install and run a rootkit analyzer

(more…) «How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)»

How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)

Monday, January 28th, 2013 by

This 2-part GoGrid security blog series provides general guidelines for conducting a security analysis on a compromised Linux server and for recovering from a breach. Before you begin the security analysis, you need to consider two important factors:

1. The type of data your compromised server is storing or transmitting,
2. How important the server’s function is to your business

The data type—Personally Identifiable Information (PII) or Protected Health Information (PHI), for example—is important because your organization could be legally required to notify external parties and local or federal government agencies in the event of a breach. The compromised server’s function is important because its criticality may drive the recovery timeline.

You also may want to consider engaging a third-party that specializes in security forensics.

This series will cover 3 important items:

1) Understanding & assessing the breach
2) Setting up forensics & recovery teams
3) Recovering from the breach

Although this series won’t replace what a competent security firm can accomplish, it does provide an overview of some core processes, procedures, and activities you can do to potentially recover from a breach. And because each incident varies based on your computer system, be sure to conduct additional analysis and consult with experts to double-check your breach identification and resolution plan. (more…) «How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)»