VMware vSphere 6.5 introduced policy-based encryption, which simplifies the security management of VMs across large scale infrastructure, as each object no longer requires individual key management.
vSphere VM encryption offers quite a few advantages compared to other encryption methods, but it might not be a great fit for every workload. When weighing whether to encrypt or not, you’ll want to consider a few limitations, caveats, and performance issues first.
You’ve probably heard about cryptocurrency — the most famous being Bitcoin — as it soared and crashed in value in the past few months. We have a quick explanation about cryptomining and its associated environmental costs here on the blog. Many are looking to cash in on “free money” by dedicated expensive hardware setups to mining new coins and processing crypto transactions.
So many, in fact, that a new variety of malware has emerged, infecting PCs, servers, and even smartphones with cryptomining software. Unbeknownst to users, cryptojacking software is using valuable computing power to enrich hackers while dramatically slowing down the infected device.
Will 2018 be the year of cryptojacking? How can you fight or avoid these new flavors of malware?
As we’ve mentioned before on the blog, the location of your cloud data matters. Latency, accessibility, and security are all top of mind, but legal concerns should also be considered. Case in point: a new law working its way through the Senate could have major implications for your data storage.
The CLOUD Act (Clarifying Lawful Overseas Use of Data) has recently garnered the support of major tech companies like Apple, Microsoft, and Google, among others. Its stated goal is to clarify a web of different laws relating to data disclosure and privacy so enforcement officers and government officials have well-defined guidelines when it comes to accessing remotely stored data, including information that resides overseas, which is otherwise governed by the host country’s own laws.
So how might the CLOUD Act affect cloud storage and data sovereignty?
Virtualization revolutionized the delivery of IT services by abstracting the computing resources of a server and allowing many “virtual machines” to run on a single box. It is now commonplace and a foundational piece of cloud computing.
One outgrowth of virtualization was virtual desktops, which use a virtualization platform to run instances of desktop operating systems, complete with applications, that are accessed remotely. This means that the end client accessing those virtual desktops doesn’t need to be very powerful, because all the processing happens in the data center. It also means there is less hardware for IT staff to manage and updates are simple to process.
Virtualizing applications — and to an even greater extent, virtualizing desktops — has another hidden benefit, however: stronger data security. But how does remote access and processing add security? Shouldn’t there be more chances for an attacker to intercept data when it is traversing from office or remote work locations to a central data center?
You’ve shored up your cloud security defenses with round-the-clock monitoring, IPS/IDS, all the latest patches (even for Spectre and Meltdown). You feel pretty secure.
But what about your employees? Especially those outside of the IT department? Have they been trained in security measures beyond how to create a strong password?
A holistic approach to security goes beyond the usual attack vectors. You might actually be less likely to suffer a breach from an external hack coming in via OS or network vulnerabilities. In fact, insider threats, whether intentionally malicious or simply due to lack of training and awareness, make up a significant portion of security breaches.
Here are the departments most likely to cause an internal breach, why insider threats are so serious, and how you can help mitigate them.
Unless you’ve been living under a rock or aren’t in the IT field at all, by now you’ve likely heard about the widespread Spectre and Meltdown vulnerabilities affecting an enormous swath of processors manufactured by Intel and AMD, the industry leaders, leading to security vulnerabilities and performance problems.
Green House Data staff have been hard at work patching systems as fixes have come available this week. Here’s a quick summary of the vulnerabilities, their effects on cloud and general computing performance, and what we’ve done to fix them so far. We also provide a few links for users who need to patch their own operating systems or investigate further.
You did it — you passed your PCI (or SOX, HIPAA, GLB, etc) audit! But the work isn’t over. A recent Verizon study found that most companies fall out of PCI compliance after just nine months. And it doesn’t stop with PCI, either. Many companies work hard around audit time to ensure they can report compliance for the audit period and advertise their security, only to falter once the audit is complete.
For PCI, that also means being able to continue doing business with credit card companies. For other standards like HIPAA and SOX, it means avoiding hefty fines and legal consequences.
Unfortunately, simply checking the compliance boxes doesn’t mean you’re safe for the foreseeable future. You need to maintain compliance at all times throughout the year, not just when the auditors are knocking on your door.
With proliferating security tools, in addition to more systems and users taking advantage of cloud resources, IT perimeter security is feels more difficult to enforce with each passing day.
Use this checklist to quickly cover your IT perimeter and network security protocols and make sure nothing is slipping through the cracks.
Well, maybe not quite everything.
You still need a strong — and long — password. And you still want unique passwords for each of your credentials.
But you don’t need to add any special characters or numbers, at least if you don’t want to. And you don’t need to change your password every month, or every week, or every day (even if it feels like the IT department is making you change it that often).
Here’s why experts are no longer recommending passwords like k1TTyc@7z or @ppl3Be3s — and what they say you should be using instead.
Last year Microsoft announced support for DomainKeys Identified Mail (DKIM) signing for outbound emails in Office 365. If you are wondering what DKIM is, below is an excerpt from Microsoft blog describing what DKIM is in its simplest form.