Today’s applications are either virtualized in our own data center or being hosted by any number of providers. But is our security built around our current security reality or is it living in the past? During one of my Gartner Security & Risk Management Summit presentations, I shared best practices in a rapidly changing environment, where cloud vendor hype isn’t matching our security reality. Now that everything is in the cloud, we need a strategic approach to cloud security.
Here’s how to make it happen:
Ensure safe data handling when working with cloud provider. Considering cloud providers are an extension of your business, it is vital to ensure how your provider handles security for storing and transmitting your data. What provisions are in place to make sure data is secure once it has been transmitted? Determine if your provider has firewalls, data encryption, and user authentication to keep your data safe.
Combat growing threats. As cloud-based technologies grow more sophisticated over time, so do the possibilities of threats. A proactive approach to security means that we enable technology like cloud-based threat intelligence to detect a threat as they happen – or in some cases before they happen. Other anti-threat measures such as deep packet inspection and proactive monitoring can also help combat viruses, spam and other intrusions. Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.
Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.
Cisco’s One Platform Kit (onePK) is a fantastic toolkit for building custom applications that interact with your Cisco routers and switches. Using onePK, you can build automation directly into the network and extend all sorts of functionality using Cisco devices. The first in a three-part blog series, this article will introduce onePK to the reader, explain what it is, how it can be useful, and will show how to configure onePK on a router. The second and third installments will walk the reader through a simple security-relevant application using the C API. Important to note is that we’ll be covering the 0.6.0 version of onePK features and service sets. At the time of this writing, the toolkit is still in Controlled Availability and as such, is still in active development, and the API could change before it is released into General Availability. However, even in the face of API evolutionism, this article will provide you with a solid jumping-off point for your plunge into the wondrous world of onePK.
OK, Just What is onePK?
OnePK is a Cisco IOS Software feature and a set of programming libraries enabling an application programmer to build powerful applications that tightly integrate and interact with Cisco devices. onePK is available to you via a well-documented and unified API, currently offered in C and Java with Python in active development. It is currently in pre-release and is available only on request. Details on how to obtain onePK are provided below. Read More »
When you think of the Caribbean, you may think vacation. But for Curaçao Technology Exchange (CTEX), business thrives in paradise.
Curaçao is growing in importance in the international finance and commerce industry, which is why the island needed the ability to support booming business. Built in a carefully planned location, CTEX chose the island of Curaçao to house the Caribbean’s first—and only—tier IV data center.
The lack of technology in the area has been a hindrance to business. Building this new, top-of-the-line data center will enable world-class collocation, security management, archival, disaster recovery, and managed services—allowing customers to rely on CTEX for high-end IT services in ways previously unattainable in the region.
“The location, connectivity, and laws make Curaçao one of the safest locations in the world to house critical information assets.”
According the recent report by Cisco’s IBSG Group, the Financial Impact of BYOD, letting employees bring their own devices saves companies money and helps them become more productive. 53 percent of survey participants have raised work productivity through innovative work practices—powered by their devices. Nearly half of all participants preferred BYOD over corporate devices.
The freedom and productivity gains of BYOD are great for employees, but it also creates new priorities for IT—especially for security. According to the BYOD and Mobility Security Report, security was a top concern for 70 percent of companies surveyed.
Just because employees are working on different devices doesn’t mean IT has to sacrifice security. The first step is in looking beyond the devices and putting together a mobility strategy. Cisco’s own mobility strategy is built around the network, not individual devices. It’s about viewing security as a way to allow individuals to work their way. Read More »
We’re seeing reports of exploitation of this vulnerability. We can confirm Global Correlation – Network Participation telemetry is seeing multiple exploitation attempts across many customers. Customers who participate in Global Correlation – Inspection have a higher chance of this signature blocking in the default configuration since the sensor will take the reputation of an attacker into account during the risk rating evaluation. One of the reports mentioned the use of an IRC-based botnet as a payload for a large number of compromised machines. Since this report is similar to one I previously blogged about, I examined the IRC payloads in depth. Many of the variable names and functions are identical, with the new bot’s source code indicating that it is a later revision of the one we saw previously. Additional features have been added in this revision, which can allow the bots to transfer files directly to other bots via the command and control channel. Given the nature of this vulnerability and the ease of exploitation, it is very likely that unpatched machines will continue to be compromised if not remediated.
A 0-day vulnerability has been publicly posted which affects older versions of the Parallels Plesk software. The author of the exploit included an informational text file, which appears to indicate public servers have already been exploited. This vulnerability does not affect the latest major version of the software; nevertheless we expect to see widespread exploitation, due to the age of the affected versions — sites still running these versions of Plesk, which should enter End of Life of June 9, are unlikely to be regularly maintained.