Cloud security: Four customers' approaches

Computerworld Security: Issues and Trends: August 01, 2012
===============================================================

INSIDER: Cloud security: Four customers' approaches

From implementing single sign-on to including social media in the lineup, shops
are doing what they need to make the cloud work for them. (Insider -
free registration required.)
http://cwonline.computerworld.com/t/8142908/823929840/573223/0/

~~~~~~~~~~~~~~~~~~~WHITE PAPER: Framehawk~~~~~~~~~~~~~~~~~~~~~

An Interactive eGuide: Bring Your Own Device

BYOD brings some concerns, blurring the line between personal and corporate use
raises security, compliance, and ownership issues. Does the BYOD trend actually
make workers more productive, or is IT simply caving in to employee demand?

http://cwonline.computerworld.com/t/8142908/823929840/573224/0/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=ef881ba0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


IN THIS ISSUE

1. Kenneth van Wyk: Digital duct tape for SSL
http://cwonline.computerworld.com/t/8142908/823929840/573225/0/

2. Why you shouldn't train employees for security awareness
http://cwonline.computerworld.com/t/8142908/823929840/573226/0/

3. Mobile malware cases nearly triple in first half of 2012, says NetQin
http://cwonline.computerworld.com/t/8142908/823929840/573227/0/

4. Darlene Storm: Def Con: How to hack all the transport networks of a country
http://cwonline.computerworld.com/t/8142908/823929840/573228/0/

5. Richi Jennings: DEF CON 20 roundup: Critical lessons for all
http://cwonline.computerworld.com/t/8142908/823929840/573229/0/

6. Persistent router botnets on the horizon, researcher says at Defcon
http://cwonline.computerworld.com/t/8142908/823929840/573230/0/

7. INSIDER: Getting the most out of IPS
http://cwonline.computerworld.com/t/8142908/823929840/573231/0/

8. New tool gives 150 ways to bypass web app firewalls
http://cwonline.computerworld.com/t/8142908/823929840/573232/0/

9. Apple agrees to pay $356M for security firm
http://cwonline.computerworld.com/t/8142908/823929840/573233/0/

10. Global Payments: data breach cost a whopping $84.4 million
http://cwonline.computerworld.com/t/8142908/823929840/573234/0/

11. Obama administration supports new cybersecurity bill
http://cwonline.computerworld.com/t/8142908/823929840/573235/0/

12. Black Hat panel: Which do you trust less with your data, the U.S. government or Google?
http://cwonline.computerworld.com/t/8142908/823929840/573236/0/

13. Black Hat: Cyber-espionage operations vast yet highly focused, researcher claims
http://cwonline.computerworld.com/t/8142908/823929840/573237/0/

14. Medical-device security isn't tracked well, research shows
http://cwonline.computerworld.com/t/8142908/823929840/573238/0/

15. California to get tough on online privacy
http://cwonline.computerworld.com/t/8142908/823929840/573239/0/

16. Dangerous assumptions about clouds
http://cwonline.computerworld.com/t/8142908/823929840/573240/0/


~~~~~~~~~~~~~~~~~~~WHITE PAPER: Symantec~~~~~~~~~~~~~~~~~~~~~

Backing Up to the Cloud

Powerful backup and flexible deployment options, including enhanced software,
backup appliances, and backup solutions in the cloud, offer flexibility and
choice in how you manage backup, allowing you to deploy a modern infrastructure
that best suits your IT requirements, business needs, and environment.

http://cwonline.computerworld.com/t/8142908/823929840/573241/0/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=4e91517b

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kenneth van Wyk: Digital duct tape for SSL

Secure Sockets Layer has been implicated in several security problems of late.
Certificate pinning might patch it up for a bit longer.
http://cwonline.computerworld.com/t/8142908/823929840/573225/0/

Why you shouldn't train employees for security awareness

If there's one myth in the information security field that just won't die, it's
that an organization's security posture can be substantially improved by
regularly training employees in how not to infect the company.
http://cwonline.computerworld.com/t/8142908/823929840/573226/0/

Mobile malware cases nearly triple in first half of 2012, says NetQin

Mobile malware is rising fast, infecting nearly 13 million phones in the world
during the first half of 2012, up 177% from the same period a year ago,
according to Beijing-based security vendor NetQin.
http://cwonline.computerworld.com/t/8142908/823929840/573227/0/

Darlene Storm: Def Con: How to hack all the transport networks of a country

At Def Con, 24-year-old Alberto García Illera gave an amazing presentation
called "How to hack all the transport networks of a country." The critical
vulnerabilities that allowed such an intense hack were mindblowing and like one
epic exploit after another. Security FAIL!
http://cwonline.computerworld.com/t/8142908/823929840/573228/0/

Richi Jennings: DEF CON 20 roundup: Critical lessons for all

So that was DEF CON 20. The infamous security convention has wound up, leaving
hackers of all hat colors bemused, befuddled and bewildered. This year saw an
official NSA appearance, which posed more questions than it answered. It also
brought worrying threats to enterprise VPN and Wi-Fi networks. In IT Blogwatch,
bloggers count their Lost Wages.
http://cwonline.computerworld.com/t/8142908/823929840/573229/0/

Persistent router botnets on the horizon, researcher says at Defcon

Security researcher Michael Coppola demonstrated how small and home office
(SOHO) routers can be compromised and turned into botnet clients by updating
them with backdoored versions of vendor-supplied firmware.
http://cwonline.computerworld.com/t/8142908/823929840/573230/0/

INSIDER: Getting the most out of IPS

Intrusion prevention systems -- security tools designed to stop problems even
before they crop up -- have emerged as indispensable components of
defense-in-depth security strategies.
http://cwonline.computerworld.com/t/8142908/823929840/573231/0/

New tool gives 150 ways to bypass web app firewalls

A tool for testing if Web application firewalls (WAFs) are vulnerable to around
150 protocol-level evasion techniques was released at the Black Hat USA 2010
security conference.
http://cwonline.computerworld.com/t/8142908/823929840/573232/0/

~~~~~~~~~~~~~~~~~~~WEBCAST: IBM~~~~~~~~~~~~~~~~~~~~~

Improving Governance, Risk and Compliance

In this webcast you'll learn how your organization can become more responsive to
financial market challenges while reassuring decision makers the accuracy of
execution.

http://cwonline.computerworld.com/t/8142908/823929840/573242/0/?3e076d18=am9uc2FuOThAZ21haWwuY29t&x=9d8eb677

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Apple agrees to pay $356M for security firm

In a deal that should help Apple boost its enterprise security offerings, the
iPhone maker is planning to buy mobile security company AuthenTec for $8 per
share or a little over $356 million, AuthenTec said.
http://cwonline.computerworld.com/t/8142908/823929840/573233/0/

Global Payments: data breach cost a whopping $84.4 million

Global Payments, which back in the spring reported a data breach in which
information associated with an estimated 1.4 million payment cards was stolen,
has revealed that expenses associated with investigations, fines and remediation
has hit $84.4 million.
http://cwonline.computerworld.com/t/8142908/823929840/573234/0/

Obama administration supports new cybersecurity bill

The Obama administration "strongly supports" a new cybersecurity bill scheduled
to be debated on the Senate floor soon, even though some of its provisions are
watered down from earlier legislation, the White House Office of Management and
Budget said.
http://cwonline.computerworld.com/t/8142908/823929840/573235/0/

Black Hat panel: Which do you trust less with your data, the U.S. government or Google?

To celebrate the 15th anniversary of the Black Hat Conference, a panel of
experts got together to expound on what they see as the privacy and security
mess of our times, and they had plenty to say about the U.S. government,
cyberwar and Google.
http://cwonline.computerworld.com/t/8142908/823929840/573236/0/

Black Hat: Cyber-espionage operations vast yet highly focused, researcher claims

Cyber-espionage operations across the Internet are extensive yet highly
targeted, says a malware researcher speaking at the Black Hat Conference.
http://cwonline.computerworld.com/t/8142908/823929840/573237/0/

Medical-device security isn't tracked well, research shows

Medical devices often use commercial PCs and have wireless connections that make
them vulnerable to malware, or require software updates for security, but the
U.S. may not be doing an adequate job tracking these risks, researchers
indicated in a new study.
http://cwonline.computerworld.com/t/8142908/823929840/573238/0/

California to get tough on online privacy

California's top legal official has put the tech industry on notice that she
intends to get tough on digital privacy.
http://cwonline.computerworld.com/t/8142908/823929840/573239/0/

Dangerous assumptions about clouds

No one is more vigilant about protecting the data of EU citizens than European
Commission Vice-President Viviane Reding. She worries a lot about the privacy
and security of EU citizens' data. And she can be a tough critic of the U.S.
privacy protection framework.
http://cwonline.computerworld.com/t/8142908/823929840/573240/0/



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

PREMIER 100 -- CALL FOR NOMINATIONS

Seeking the very best IT leaders! Now's your chance to nominate a worthy CIO or
other top IT executive for the 2013 Premier 100 IT Leaders awards. Computerworld
has launched its annual search for technology professionals who have
demonstrated leadership in their organizations through the use of information
technology and have the strategic vision to align IT with business goals.
Nominations are being collected now through August 29, 2012. Nominate an IT
leader today:

http://cwonline.computerworld.com/t/8142908/823929840/566534/0/

SHARK TANK OF THE DAY
______________________

But what could possibly go wrong with our way?

Consultant pilot fish gets a call from a client: Something has gone wrong with
the company's email, and it's completely stopped -- and a little research turns
up the fact that somehow the IP address is wrong.

http://cwonline.computerworld.com/t/8142908/823929840/573207/0/

CAST YOUR VOTE IN THIS WEEK'S QUICKPOLL

The latest version of Mac OS X, Mountain Lion, is now available. Will you be
upgrading to Apple's new operating system?

http://cwonline.computerworld.com/t/8142908/823929840/572420/0/

COMPUTERWORLD'S IT SALARY SURVEY 2012

A majority of IT workers say they're under pressure to increase productivity and
take on new tasks. But the vast majority are still happy they picked IT as their
career.

http://cwonline.computerworld.com/t/8142908/823929840/558670/0/

NEW COMPUTERWORLD JOB BOARD
______________________________

Search multiple listings now and get new job alerts as they are posted.

http://cwonline.computerworld.com/t/8142908/823929840/156832/0/


Get more IT peer perspective online:

LinkedIn Group: http://cwonline.computerworld.com/t/8142908/823929840/311619/0/

Facebook: http://cwonline.computerworld.com/t/8142908/823929840/311620/0/

Twitter: http://cwonline.computerworld.com/t/8142908/823929840/311621/0/

===============================================================

CONTACTS/SUBSCRIPTIONS

You are currently subscribed to computerworld_security_issues as: jonsan98@gmail.com.

To unsubscribe from this newsletter, go to:
http://cwonline.computerworld.com/t/8142908/823929840/131135/0/?90482085=aHR0cDovL2N3b25saW5lLmNvbXB1dGVyd29ybGQuY29tL3U%2faWQ9ODIzOTI5ODQwLjIzMzZmYjBlZWQ5NTcxOTgwMmJhOTZmMjZlZWI0MTllJm49VCZsPWNvbXB1dGVyd29ybGRfc2VjdXJpdHlfaXNzdWVzJm89ODE0MjkwOA%3d%3d&x=4f7e760b

To manage your subscription preferences, go to:
http://cwonline.computerworld.com/t/8142908/823929840/72510/0/

To subscribe to a newsletter, go to:
http://cwonline.computerworld.com/t/8142908/823929840/231613/0/

Computerworld's online privacy policy is at:
http://cwonline.computerworld.com/t/8142908/823929840/72509/0/

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Computerworld, please send an e-mail to online@computerworld.com.

Copyright (C) 2011 Computerworld, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly,
send an e-mail to online@computerworld.com **