Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Remote connectivity services provider LogMeIn announced the acquisition of Meldium, a startup that specializes in cloud-based single-sign-on (SSO), password management, and identity and access management (IAM) solutions.
Skyfence has released a free tool designed to provide organizations visibility into cloud app usage and risks.
The use of virtualized systems in a enterprise environments can provide many benefits, but these systems need some special attention paid to security, Symantec said in a new report examining threats to virtual environments.
Amazon is giving customers the option of an an extra layer of protection to their WorkSpaces virtual desktops by enabling a new two-factor authentication (2FA) feature.
Hypervisors have become an important part of enterprise environments and while they should normally reduce the attack surface, experts warn that they can be plagued by security vulnerabilities that could be leveraged by malicious actors.
The security teams at Drupal and WordPress have fixed a remotely exploitable a denial-of-service (DoS) vulnerability in PHP XML parsing that affects tens of millions of websites that use their publishing platforms.
Qualys, a provider of cloud-based security and compliance solutions, announced enhancements to its cloud service Qualys Continuous Monitoring (CM) solution this week.
Many organizations still haven't patched their installations of VMware to address the Heartbleed vulnerability, CloudPhysics reported.
To protect sensitive data from prying eyes, some organizations are turning to Bring-Your-Own-Encryption (BYOE), but experts warn that there are some aspects that need to be take into consideration before making the move.
Fortinet has introduced a new on-demand, pay-as-you-go offering for its FortiWeb-VM Web Application Firewalls (WAFs) for Amazon Web Services (AWS).

FEATURES, INSIGHTS // Cloud Security

rss icon

Rebecca Lawson's picture
There is a common misconception that in order to move to virtual security solutions, companies can, or should, replace physical security technologies they rely on to keep their networks safe today.
Danelle Au's picture
The recent iCloud attack brings up very important considerations on data security, not only for consumers, but for any enterprise that uses the cloud.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
Danelle Au's picture
Enterprises can gain tremendous competitive advantages by having IT focus on the things that matter – users and information rather than infrastructure maintenance and building.
Danelle Au's picture
As the era of Internet of Things dawns, the amount of data and other cloud applications developed for unique industries will increase and bring a new era of privacy and security concerns.
Danelle Au's picture
As SaaS adoption grows, so do the security concerns. But there is so much confusion around SaaS security that many enterprises are focusing on the wrong problems. Here are the three biggest myths when it comes to SaaS security...
Chris Hinkley's picture
Why aren’t more organizations implementing two-factor authentication? In a word: inconvenience. Businesses are afraid of annoying their buyers by demanding multiple passwords or asking them to take an extra action that might spur them into abandoning the sale.
Marc Solomon's picture
Data center administrators need technologies that allow them to be as ‘centered’ on security as attackers are on the data center.
Torsten George's picture
Shortcomings in a cloud providers’ security architecture can trickle down to customers that leverage their services. So what steps should organizations take to retool their security practices for the cloud age?
Gil Zimmermann's picture
What needs to change is the perception that the primary role of IT is in safeguarding and blocking data from being viewed by an outsider.