Posts Tagged ‘Public Clouds’

h1

Google Drive Wants a Piece of the File Sharing and Storage Pie – But It Might Not Taste So Sweet for Businesses

May 1, 2012

This week Google announced its newest offering, Google Drive. The launch of Google Drive, a cloud-based file storage and synchronization tool, places Google’s hat in the ring with other file sharing services. In response, Vice President of Sales and Client Services at FilesAnywhere, Shayne Mehringer, gave this statement:

“Google is king when it comes to Internet searching, and websites around the world count on them for outstanding targeted advertising abilities. However, this doesn’t necessarily make them right for the business and consumer file storage market. Oversaturation in the online storage and collaboration market is actually a good thing for us. Smart, professional consumers and corporations will now be forced to do their homework. Source 

Advertisements
h1

Apple holds the master decryption key when it comes to iCloud security, privacy

April 5, 2012

Apple can potentially decrypt and access all data stored on iCloud servers. This includes contacts, notes, unencrypted e-mails, application preferences, Safari bookmarks, calendars, and reminders.

This was recently confirmed by a source speaking to Ars, and security researcher and forensic data analysis expert Jonathan Zdziarski agreed. “I can tell you that the iCloud terms and conditions are pretty telling about what the capabilities are at Apple with respect to iCloud, and suggests they can view any and all content,” Zdziarski told Ars.

In particular, Zdziarski cited particular clauses of iCloud Terms and Conditions that state that Apple can “pre-screen, move, refuse, modify and/or remove Content at any time” if the content is deemed “objectionable” or otherwise in violation of the terms of service. Furthermore, Apple can “access, use, preserve and/or disclose your Account information and Content to law enforcement authorities” whenever required or permitted by law. Apple further says that it will review content reportedly in violation of copyright under DMCA statutes.

“If iCloud data was fully encrypted, they wouldn’t be able to review content, provide content to law enforcement, or attempt to identify DMCA violations,” Zdziarski told Ars.

Source

h1

Free cloud services compared

March 13, 2012

Not all cloud services are built alike. We take a look at some of the most popular options — what they’re for, how you can use them and, most importantly, what you get.

h1

Cloud Computing – Business Transformation in the Cloud

February 3, 2012
h1

CES 2012: A Federation of Storage Clouds will need data encryption

January 17, 2012

In 2012, these new technological advances provide home and personal cloud storage that can be used in addition to remote data center cloud storage. Together these various levels of networked storage, connected together through the public Internet, are creating a larger federated cloud service composed of public and private consumer cloud services.  Such a federation might provide new and useful services and entertainment capabilities for consumers in 2012. A federated cloud storage infrastructure could spur new businesses, new types of content, and new consumer devices to service these opportunities. Source CES 2012: A Federation of Storage Clouds

h1

Security Will Top IT Concerns for 2012

January 7, 2012

“In 2012, we will see progressive organizations applying a risk-based, continuous approach to security,” said Torsten George, vice president of worldwide marketing at Agiliance.

The company’s top five predictions for the coming year are:

  • Mobile Devices and Social Media: New products and services will emerge that deal with issues regarding employer-owned versus employee-owned data on mobile devices. These products will go beyond anti-virus and malware software. For social media threats, the capabilities of security tools will be extended to tackle increased social media cyberwarfare.
  • Cloud Computing Security: There will be an acceleration of efforts to create standards around cloud security, and independent, continuous monitoring of cloud-service providers’ security controls will become a standard part of service-level agreements.
  • Legislative Initiatives: In the second half of 2012, a government mandate will be passed that will circulate the implementation of a proactive Information Security Risk Management system and related best practices to tackle cybersecurity threats.
  • Anti-Cybercrime Collaboration: Sharing of sensitive threat information will become vital to prevent widespread cyberattacks across different verticals and industries. The increase in cybersecurity attacks and data breaches will lead to the introduction of a formal information-sharing database.
  • Risk is Security’s New Compliance: There will be a further increase in demand for software tools that provide both advanced reporting capabilities and interconnectivity to ensure that remediation actions can be triggered and followed through easily. To better describe the capabilities of these tools, analysts will create a new software category called Security Risk Management.

Source Security Will Top IT Concerns for 2012

h1

A Handful of 2012 Privacy & Security Predictions

January 3, 2012

A handful of thoughts on what 2012 may hold by Attorney Richard L. Santalesa:

  • The EU’s on deck Data Protection Regulation promises – or threatens depending on your viewpoint – to significantly revamp the EU’s data protection regimes, adding additional potential uncertainty to the EU arena.  The leaked DPR indicated a new broad extraterritorial reach, stronger protections for children under 18, embracing privacy by design and the right to be forgotten, a requirement to designate a privacy officer, and increased enforcement powers and penalties.  We’ll see what happens when the rubber meets the road.
  • Will the final version of the HIPAA breach notification rule make a long-awaited appearance in 2012, along with guidelines per Stage 2 of the electronic record incentive program within the HITECH Act ?  The smart money says yes, especially since Congress recently admonished DHS to hurry up already given that the “interim” rule has been around since 2009.
  • The FTC plans to issue in early 2012 its finalized Privacy Report, formally titled “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers,” which I believe will have a significant impact on the 2012 privacy/infosec landscape.  The draft version, issued a year ago in December 2010, immediately sparked wide-ranging conversations on Do-Not-Track, Privacy by Design, Fair Information Practice Principles, Geolocation and other privacy-related issues, many of which quickly found their way into 2011’s proposed bills.  I expect the finalized report to be heavily influential on 2012’s infosec and privacy debates.
  • Information security and data protection issues surrounding contracting for cloud services will begin the road to maturity in 2012 as the federal government continues its push of fed agency IT needs into the cloud.  The result will help provide guidance on cloud contracting issues addressing audit assurances, cloud security and accreditation, e-discovery issues, security controls and allocation of liability and responsibility for data security, to name but a few.
  • Finally, 2012 will unfortunately see no end in sight to advanced attacks resulting in data breaches, with attacks on mobile devices to ramp up significantly.  In response the move to Big Data and data hoarding may reverse as companies in specific sectoral areas begin paring back on how much data they retain.

For additional 2012 infosec and privacy predictions, pop over to Christine Marciano of Cyber Data Risk Managers’ collection, which includes the author’s  views of 2012, at  http://www.dataprivacyinsurance.com/wp-content/uploads/2012/01/2012-DATA-PRIVACY-AND-INFORMATION-SECURITY-PREDICTIONS.pdf