Access "Challenges with data protection in the cloud"
This article is part of the June 2012 issue of Five actions to prepare for today’s external security threats
In December 2010, Honda experienced a data breach that affected 2.2 million customers. Names, email addresses, vehicle identification numbers (VINs), and credentials for a Honda portal were stolen from a database. The database, however, was not accessed within Honda’s infrastructure. This sensitive information was stolen from a cloud-based marketing service provider that Honda did business with. A year ago, cloud storage provider Dropbox pushed a code change that eliminated the password authentication system required to access users’ stored data, rendering any data from any account accessible to anyone who wanted to access it. In addition, Dropbox drew criticism for maintaining control of users’ encryption keys, potentially making accounts and data susceptible to compromise should those keys fall into the wrong hands. Also, last year, Amazon’s Simple Storage Service (S3) was found to be susceptible to a basic HTTP-focused brute-force attack that could expose customer’s data storage accounts. As more systems, applications and data are moved into cloud ... Access >>>
Premium Content for Free.
Cybersecurity information sharing initiatives on the rise
by Robert Lemos, Contributor
Businesses and government agencies work to improve sharing of cyberthreat information.
Security information management systems and application monitoring
by Joel Snyder, Contributor
SIMs aren’t just for network monitoring anymore.
- Cybersecurity information sharing initiatives on the rise by Robert Lemos, Contributor
Challenges with data protection in the cloud
by Dave Shackleford
Capabilities such as encryption and DLP can be complicated in the cloud.
CISPA cybersecurity legislation wins industry support
by Robert Westervelt
Legislation designed to provide the federal government with threat data from the private sector gains steam.
- Challenges with data protection in the cloud by Dave Shackleford
Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer
by Michael S. Mimoso, Editorial Director
Reflections on the ICS CERT alert, Oracle’s handling of a zero-day and more.
Marcus Ranum chat: Software development practices and security
by Marcus J. Ranum, Contributor
Security expert Marcus Ranum talks with Brian Chess, formerly of HP, about coding practices and security.
Information security threats: Building risk resilience
by Steve Durbin, Contributor
Enterprises need an agile risk management strategy to deal with today’s evolving threats.
- Reporter notebook: SCADA security, Oracle vulnerability, SQL Slammer by Michael S. Mimoso, Editorial Director
More Premium Content Accessible For Free
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...