Weekly Industry Round-up: Week of 12/14
Posted by hyperguard on December 18, 2009
IT Business Edge…
Look Before Taking Cloud Computing Leap
In this post by Michael Vizard, he says one of the assumptions about cloud computing is that it’s a simple matter of choosing an application workload and finding the best place to host it from a pricing perspective. With pricing dropping, organizations are quickly turning to cloud computing, but Michel says an IT organization will be better off in the long run if it takes a few months to seriously consider it before making a decision. Although the idea of cloud computing is attractive, organizations will need to do a significant amount of work on their applications before they are ready to run as a service in the cloud.
How to Avoid the Stormier Implications of the Cloud
This article by Adrian Seccombe offers some advice on how to ensure protection from the stormier implications of clouds. He suggests that major cloud services providers should work with infrastructure suppliers and other relevant groups such as the Jericho Forum and the Cloud Security Alliance to develop the services, solutions and open standards-based interfaces that customers need for secure, open cloud computing. The cloud represents an opportunity for incredible scalability and cost savings and if the industry works together, they can build trust into cloud computing so that everyone benefits from it.
RockYou Hack Exposes Names, Passwords of 30M Accounts
Jaikumar Vijayan discusses how hackers breached a database at social networking application maker RockYou Inc. They accessed username and password information on more than 30 million individuals with accounts at the company and an SQL injection flaw is being blamed. The breach was discovered after database security vendor Imperva Inc. informed RockYou of a major SQL injection error it had uncovered on a page of their website. It was also discovered that RockYou stored its password data in plain text form instead of hashing it, a common security practice.
2010 Security Predictions
In this post, Zscaler shares their security predictions for 2010. They say that attackers will turn to the cloud and attempt to poke holes in the APIs of cloud providers. They also predict that browser vendors will start to take cross-site scripting (XSS) seriously. Additionally, enterprises will look to consolidate data storage and continue to build massive data centers and develop ever larger data stores thanks to cloud computing. The volume of data that can be stolen when adequate security controls are not implemented will be truly incredible.