{"id":2625,"date":"2013-06-18T12:30:56","date_gmt":"2013-06-18T16:30:56","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=2625"},"modified":"2013-06-18T12:30:56","modified_gmt":"2013-06-18T16:30:56","slug":"businesses-urged-to-take-control-of-public-cloud-security","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/06\/18\/businesses-urged-to-take-control-of-public-cloud-security\/","title":{"rendered":"Businesses urged to take control of public cloud security"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.pcworld.com\/article\/2042091\/businesses-urged-to-take-control-of-public-cloud-security.html\"><img data-recalc-dims=\"1\" decoding=\"async\" alt=\"\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/06\/cloud-security-100042361-large.jpg\" \/><\/a><\/p>\n<p>Security monitoring\u2014the type involving traditional security information and event management (SIEM)\u2014can be done in some public cloud environments, according to Gartner. And businesses using public cloud services, it&#8217;s time to think about doing it.<br \/>\nSecurity monitoring of assets that the enterprise has placed in cloud is still not a common practice, but it really should be, said Gartner analyst Anton Chuvakin during his presentation last week at the Gartner Security and Risk Management Summit in National Harbor, Maryland. There is always a &#8220;loss of control&#8221; when turning corporate data assets over to the cloud, Chuvakin says, but &#8220;you can compensate by increasing the visibility that comes with collection of logs and network traffic.&#8221;<br \/>\nMost security monitoring today is done on-premises within the enterprise network using SIEM, intrusion-prevention systems (IPS) and data-loss prevention tools. In Amazon Web Services, he said, it&#8217;s possible to collect logs and copy them back to the on-premises SIEM.The benefits are that familiar tools are in use and you can obtain a unified view of both the cloud and the traditional environment, he said. On the other hand, there might be bandwidth restraints that make this hard or that the SIEM tools present &#8220;conflicts and incompatibilities&#8221; in the cloud environment. Chuvakin said enterprise security managers have to ask the question whether their SIEM tool is &#8220;cloud-ready&#8221; to collect data, which may be presented in unfamiliar form as instances and dynamic provisioning.<br \/>\nSome SIEM tools are able to make use of specific software-as-a-service APIs as well to collect logs from public cloud services. Tools from IBM and HP ArcSight, for example, can now monitor Salesforce, Chuvakin noted.<br \/>\nA second approach to security monitoring of cloud assets is to load a SIEM tool directly into an IaaS to have &#8220;on-IaaS monitoring,&#8221; Chuvakin said. The advantages here are that the tools are familiar and there&#8217;s no high bandwidth requirement. However, there could possibly be high storage costs in the cloud, and in the end, there&#8217;s a lack of a unified view on on-premises and on-IaaS monitoring.<br \/>\nA third possibility is to obtain the data from the cloud service, if it&#8217;s available, and hand it to a managed security service provider such as Splunk Storm.<br \/>\nHe said it makes sense to ask why the cloud service providers are not contributing more to the security monitoring process and making SIEM data more available since it&#8217;s obvious their customers have a need for this. Some, such as FireHost, which offer a way for their customers to use their SIEM in their cloud hosting service, said Chuvakin.<br \/>\nvia <a href=\"http:\/\/www.pcworld.com\/article\/2042091\/businesses-urged-to-take-control-of-public-cloud-security.html\" target=\"_blank\">Businesses urged to take control of public cloud security | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security monitoring\u2014the type involving traditional security information and event management (SIEM)\u2014can be done in some public cloud environments, according to [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7],"tags":[201,950],"class_list":["post-2625","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","tag-cloud","tag-security-2"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-Gl","jetpack-related-posts":[{"id":3106,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/08\/05\/attackers-reported-seeding-cloud-services-with-malware\/","url_meta":{"origin":2625,"position":0},"title":"Attackers reported seeding cloud services with malware","author":"NCCT","date":"August 5, 2013","format":false,"excerpt":"LAS VEGAS -- Malware writers are ramping up their use of commercial file hosting sites and cloud services to distribute malware programs, security researchers said at this week's Black Hat conference here. Traditionally, malware writers had distributed their malicious code from their own sites. But as security vendors get better\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6341,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/09\/02\/why-hackers-may-be-stealing-your-credit-card-numbers-for-years\/","url_meta":{"origin":2625,"position":1},"title":"Why hackers may be stealing your credit card numbers for years","author":"NCCT","date":"September 2, 2014","format":false,"excerpt":"While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry. The retailer, which has hundreds of stores across Canada, otherwise had rock-solid security and was compliant with the\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6184,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/13\/hacker-coalition-sets-out-to-improve-critical-device-security-challenges-car-makers\/","url_meta":{"origin":2625,"position":2},"title":"Hacker coalition sets out to improve critical device security, challenges car makers","author":"NCCT","date":"August 13, 2014","format":false,"excerpt":"A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in vehicles. The group is operating under the name I Am the Cavalary and includes researchers and others concerned about\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9324,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/04\/27\/this-week-in-tech-663-reasonably-miserable\/","url_meta":{"origin":2625,"position":3},"title":"This Week in Tech 663: Reasonably Miserable","author":"NCCT","date":"April 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/OMOcmJ-Yal0 Security conference season in full swing. iPhone X takes over a third of ALL smartphone profits. Google tries to fix messaging again. Who do you trust with your data? IRS servers down on Tax Day. SCOTUS dismisses DOJ vs Microsoft: CLOUD Act makes it moot. Twitter bans ads from\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/OMOcmJ-Yal0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":6319,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/27\/microsoft-roughly-25000-win8-x-users-see-blue-screens-after-botched-patch\/","url_meta":{"origin":2625,"position":4},"title":"Microsoft: Roughly 25,000 Win8.x Users See Blue Screens After Botched Patch","author":"NCCT","date":"August 27, 2014","format":false,"excerpt":"Microsoft says it's aware of the problem, but insists it appears to be relatively rare The second Tuesday of August -- Aug. 12 -- brought Microsoft Corp.'s (MSFT) monthly day of patching. \u00a0But the security patch rolled out has caused an infamous Windows crash -- the dreaded blue screen of\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2907,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/12\/windows-server-2012-r2-preview-your-cloud-on-ramp-is-under-construction\/","url_meta":{"origin":2625,"position":5},"title":"Windows Server 2012 R2 Preview: Your cloud on-ramp is under construction","author":"NCCT","date":"July 12, 2013","format":false,"excerpt":"It's been just under a year since Microsoft released Windows Server 2012. Touted as an operating system built for the cloud, Server 2012 promised some significant improvements to storage, networking, and virtualization services. It tried to strike a balance between the complex and varied needs of its data center customers\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"Windows Server 2012 R2 Preview: Your cloud on-ramp is under construction | Ars Technica","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/07\/dynamic-memory-980x632.png?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/07\/dynamic-memory-980x632.png?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/07\/dynamic-memory-980x632.png?resize=525%2C300 1.5x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2013\/07\/dynamic-memory-980x632.png?resize=700%2C400 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/2625","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=2625"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/2625\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=2625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=2625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=2625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}