Welcome!

Cloud Security Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Ed Featherston, Pat Romanski

Related Topics: Cloud Security, Agile Computing

Cloud Security: Press Release

Is Your Internet Security Architecture Ready for Today's Internet?

Secure Web Gateway Company Cites Key Areas of Concern for Securing Today's Organizations

Web 2.0 applications, hosted services and social networks are examples of how today's Internet is redefining the way people interact with one another and how businesses and organizations use and manage critical applications. The rapid expansion of choices and the high number of users has exposed inefficiencies in tools that the industry has traditionally used to secure and control Internet connections. Many organizations have replaced outdated security methods with forward-thinking solutions that can secure the Web gateway.

The rise in Web 2.0 activity has created a well-defined need for better visibility and protection at the Internet gateway. According to Gartner Group, less than 30 percent of organizations have secured their Internet gateway, while the remaining companies rely on traditional techniques such as firewalls, URL filtering or traditional 'block/allow' technologies. Cymphonix® believes these outdated security tools cannot provide the detailed identity aware reporting and flexible policy controls to be effective in an 'always on' world.

"Even casual users of the Internet can clearly see the benefits and advantages of Web 2.0 applications. Using Facebook and other social media sites or media portals like Hulu allows us to access content when and where we want it. In using these tools, we've become accustomed to accepting and downloading plug-ins and other browser enhancing software, which is a prime target for malware. As we adapt and expand the usage of Web 2.0 technologies, malware will be a constant challenge and its effects will be more damaging than ever before," said Brent Nixon, president and CEO of Cymphonix. "Simply blocking pages no longer makes sense in a Web 2.0 world. Companies must regain control of the content at the gateway while allowing appropriate access to those who need it."

To address what's really happening in the technical trenches, Cymphonix assembled a list of five key items that IT management needs to understand about Web 2.0 security:

A majority of Web 2.0 applications are vulnerable to malware attacks: Malware is more damaging than ever before. Not only can it take down entire business segments, the time and resources required to remedy a malware infection could cost a company millions of dollars. As more companies leverage Web 2.0, the potential for disaster increases exponentially. While most organizations agree that network security is a critical piece of infrastructure, they remain tied to conventional methods because change requires an investment.

Most users cannot determine the good sites from the bad sites: As we've become accustomed to Web 2.0 technologies we begin to automatically trust, accept and download items when a Web page requests the user to install a plug-in. This presents a prime opportunity for malware offenders. In recent years there have been malware issues with popular websites like Facebook, MySpace and Yahoo!. Mashups pose another risk, as URLs are made to look as though they are coming from trusted sources, when in fact it is malware.

Traditional block/allow security technologies have created a legitimate business need for avoidance technologies: As an online generation, we are accustomed to accessing the Internet anywhere -- work, school, hotel room, etc. Many organizations have used their traditional security solutions to block questionable content or websites running on HTTP and port 80. Users still want access to content, which has caused an explosion in the number of filter avoidance technologies available to access content using ports, protocols and applications that traditional security solutions cannot detect.

There are legitimate advantages to allowing Web 2.0 applications: Wikis, user groups, blogs, sales networking and marketing platforms all provide tools that increase productivity while saving time and money. For many companies, blocking these tools is not an option. Additionally, many of today's employees expect access to these applications and services, which have become an important part of our everyday lives.

Existing Tools Don't Have the Level of Control that is Needed: The new measure of content management is the ability to shape and control. It is not enough to say 'this website is allowed and this one is not.' Rather, there has to be the ability to create "greater among equals" and that can only happen when all Web content can be shaped and prioritized. In addition, we know that an application or website shaping rule that applies to the entire organization will not work. There needs to be multiple levels of priority and access across all areas of network management including Internet content management as well.

More Stories By Security News Desk

SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

@ThingsExpo Stories
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
DXWorldEXPO LLC, the producer of the world's most influential technology conferences and trade shows has announced the 22nd International CloudEXPO | DXWorldEXPO "Early Bird Registration" is now open. Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
I think DevOps is now a rambunctious teenager - it's starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
In his session at @ThingsExpo, Dr. Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, presented the findings of a series of six detailed case studies of how large corporations are implementing IoT. The session explored how IoT has improved their economic performance, had major impacts on business models and resulted in impressive ROIs. The companies covered span manufacturing and services firms. He also explored servicification, how manufacturing firms shift from se...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...