Search This Blog

Thursday, December 16, 2010

The Cloud Security Newsletter - December 2010 Edition

The Cloud Security Newsletter
The most trusted source for security and IT professionals December 2010 Edition
 

         
 
LEAD STORY OF THE MONTH
Skeptics to Believers : Cloud Web Security put to test.

Network Computing

Web based malware is an exponentially growing problem and even the smallest of businesses need a solution in place to ensure business continuity. Traditional on-premise hardware or software based solutions are ineffective as workforces are becoming increasingly mobile; employees are connecting to the Web from outside the perimeter of their enterprises with an assortment of internet enabled devices. Cloud based security is gaining traction such that even traditional security vendors have produced offerings. However, there is a great deal of disparity in services offered across vendors as well as general skepticism surrounding the effectiveness of such solutions.
 
Recently, Network Computing released a detailed report on cloud based security services including Barracuda, McAfee, Symantec, Webroot and Zscaler. The analysts compared key elements like latency, URL & malware filtering, Security Threat  Identification and blocking capability, Reporting capabilities and Value Added services. Find out how skeptics were turned into believers. Learn More
 
TECH TALK
Hacktivism on Display: Operation Payback and the Wikileaks Saga
Hacktivism on Display: Operation Payback and the Wikileaks Saga
The Wikileaks saga has come with no shortage of drama and intrigue but it also serves as a remarkable example of hacktivism in the social networking era. Operation Payback demonstrates just how quickly large, disparate groups can organize and with relatively simple technology do very real damage. It targeted a variety of websites, all of which are perceived to have either caved to government demands to not support Wikileaks or have spoken out against Wikileaks and Julian Assange. Despite the relatively unsophisticated nature of the attacks, they do appear to have been successful in at least temporarily taking sites for Visa, PayPal and Mastercard offline. What should corporations and governments take away from this week's events? Learn More
 
SECURITY INNOVATIONS
Amazon Social Network Under Attack
Amazon, one of the largest US-based multinational electronic commerce companies, is an online retailer of books, movies, music and games along with electronics, toys, apparel, sports, tools, groceries and general home and garden items.
 
Amazon's online store-front has a social networking component, where people with accounts can create user seller profiles to share their interests; what they are reading, listening to, selling, etc. For the most part, anytime a site allows user-driven content to be published on the web, some certain kinds of abuses have repeatedly appeared. Amazon profile abuse includes illegal child pornography  content, malware, pharma spam, etc. There are thousands of these profiles. Learn More
 
EDUCATIONAL RESOURCES
WEBINAR: Zscaler Web Security Service
DATE: Dec 21  11 AM PST / 2 PM EST
WEBINAR: Zscaler Web Security Service Join an interactive session highlighting the latest Web 2.0 security issues and the potential risks to your organization. The session will conclude with a live Zscaler product demo that illustrates near-zero latency as malware is blocked instantly and reports are generated in real-time. Register Now
 
NEWS HIGHLIGHTS
Malware incidents drive up IT costs, survey finds
Info Security
According to the survey, mobile/remote workers (50%), PC desktop/laptop vulnerabilities (48%), and the introduction of third-party applications onto the network (39%) are the greatest areas of end point risk currently. This is a shift from last year, where end point security concerns were mainly focused on removable media and data center risks.
 
Firesheep Wi-Fi eavesdropper works at McDonald's, Starbucks and elsewhere
The Last Watchdog
Firesheep enables sidejacking of Windows PCs — and Apple Macs. Anyone sitting within 50 feet of you at the airport, or your favorite café or book shop could be using Firesheep.  Since its Oct. 25th unveiling, the free program has been downloaded 764,000-plus times.
 
FTC Warns Businesses About Digital Copier Security
eWeek Security Watch
"Copiers often are leased, returned and then leased again or sold," the FTC said. "It's important to know how to secure data that may be retained on a copier hard drive, and what to do with a hard drive when you return a leased copier or dispose of one you own."
 
SECURITY PRACTITIONER'S COLUMN
60,000 Healthcare Workers Move to the Cloud
60,000 Healthcare Workers Move to the Cloud Founded in 1959, HCR ManorCare Inc. (HCR) is a leading provider of short and long term medical and rehabilitation care. It has 60,000 employees over 500 locations with 14,000 internet users accessing a wide range of web applications. As a result, having a solid web security solution is paramount for employee productivity.
 
Renewal of HCR's legacy web security solution or upgrade to a new appliance based solution was cost prohibitive. Also, the solution did not provide any protection for road warriors. CentraComm, an industry-leading managed service provider known for its routing-switching-security expertise and best-of-breed partnerships, approached HCR with a cloud based security solution. Thomas Vines, Director of Information Security at HCR, evaluated the solution for its low risk and cost, quick and effective implementation, and simple IT administration attributes.
 
"The deployment of Zscaler is so painless. Once you get the deployments schedule formalized and engineers in your project plans are executing as they should be, it's seriously magic."
- Thomas Vines, Director Information Security, HCR
Read Case      View Video
 
     
  If you or your colleagues would like to receive this newsletter, please sign up.
 
     
Copyright 2010 Zscaler, Inc.
392 Potrero Avenue, Sunnyvale, CA 94085 | 1.866.902.7811 | webcast@zscaler.com.
Zscaler

Note: Your e-mail is in our mailing list as security.world@gmail.com, if you wish to be removed from our mailing list please use the link below to unsubscribe from any future mailings. We will respect all unsubscribe requests Unsubscribe

1 comment:

Anonymous said...

Would love to be able to read this blog, but half of it is not displayed on my screen and I can't scroll over to it. Frustrating!