| The Cloud Security Newsletter |
| The most trusted source for security and IT professionals | April 2011 Edition |
| |
| | | | | | | | | | LEAD STORY OF THE MONTH | | Will Mobile Apps be the Achilles' Heel of Web Security? |
|  |
| | As an end user, you've followed best practices to keep your access credentials safe. You've chosen a complex password; you change it regularly and never share it with anyone. Unfortunately, all of that effort goes out the window when you trust an app with your data, and that app doesn't store it securely. Successful web services such as Twitter, Dropbox, Evernote, etc. have willingly provided APIs to allow integration with third party technologies, including mobile apps. This greatly enhances the value of such services, but unfortunately, the services then entrust third parties to implement appropriate security controls so as not to expose confidential user data. | In this situation, if you're a JotNot user and someone gains access to your computer either locally or remotely, they now have access to web services where you store confidential data such as documents, photos, receipts, etc. They may also gain access to your email accounts. As a user, you really have no way of knowing which apps have incorporated appropriate security controls. Learn More  | | | | TECH TALK | | 30 Days of Cycbot | | "Cycbot," detected around August 2010, is a botnet that has not appeared much in the media, but appears to be making its rounds infecting hosts in greater numbers—especially within the last month by a beaconing pattern. Learn More | | | | SECURITY INNOVATIONS | | Cloud-delivered Security Service Ensures Immediate and Transparent Protection for Client-Side Web-Based Threats | | Enterprises often struggle with large patch cycles as remediating devices across locations and for mobile workers is a daunting challenge. As a SaaS provider, Zscaler deployed immediate protections against threats included in Microsoft's largest-ever patch cycle. Such protections apply to both end-user systems on the enterprise network and laptops out in the field. Learn More | | | | EDUCATIONAL RESOURCES | | What Hackers Know that You Don't | | Appliances vs. Cloud Security – Keynote from Forrester Research | | Webcast: 3, 4, 5, May 2011 |  | | We all know that hackers are making billions of dollars annually by targeting business blind spots, but how many of us know our own blind spots, and how to protect against them?. Learn More | | | | | NEWS HIGHLIGHTS | | The Epsilon data breach affected millions - so what happens next? | | The Techherald | | Epsilon Interactive issued a statement four sentences long informing the public that a "subset" of client data was exposed due to unauthorized access to its email system and suffered a data breach. Learn More | | | | Google Fights 'Poisoned' Search Results | | Security News Daily | | In a frequent practice known as "SEO poisoning," online criminals tweak search results for popular topics so that sites containing malware rise to the top. Learn More | | | | Fake AV Site Uses Code as Well as Binary Randomization | | Spamfighter | | Security specialists say that a large number of contaminated websites exist that divert Web-surfers onto bogus security software schemes. Learn More | | | | SECURITY PRACTITIONER'S COLUMN | | Web Security SaaS Helps Streamline Security for Health Care Provider |  | | The URL filtering product HCR ManorCare Inc. used in-house never worked right. It misapplied business rules and caused problems for users. At the suggestion of CentraComm, HCR ManorCare's security operations center, HCR began considering Zscaler's Web Security Software as a Service. HCR now forwards traffic from its corporate headquarters via a GRE tunnel to Zscaler, which applies rule sets. Thomas Vines, director of information security, estimates that Zscaler saved HCR more than $150,000 in hardware and software costs. Learn More | "[Before Zscaler] we had never considered building a Web filtering system with four 9s. That was economically unrealistic for us. We depend heavily on Zscaler's capabilities to protect us from malware."
- Thomas Vines, director of information security, HCR | | | | | | | | | If you or your colleagues would like to receive this newsletter, please sign up.
| | | | | | Copyright 2011 Zscaler, Inc.
392 Potrero Avenue, Sunnyvale, CA 94085 | 1.866.902.7811 | webcast@zscaler.com. |  | | |
 |
Note: Your e-mail is in our mailing list as security.world@gmail.com, if you wish to be removed from our mailing list please use the link below to unsubscribe from any future mailings. We will respect all unsubscribe requests Unsubscribe
No comments:
Post a Comment