Data is at its greatest risk of being compromised when it is being used, when moving from a secure database around the servers or apps in memory. So, Microsoft is launching a new technology for Windows Server and Azure that protects the data while it’s being processed. 

Microsoft claims the service, called Azure confidential computing, makes it the first public cloud provider to offer encryption of data while in use. Encrypting data while it is being manipulated is pretty CPU-intensive, and there is no word on the performance impact of this service. 

“Despite advanced cybersecurity controls and mitigations, some customers are reluctant to move their most sensitive data to the cloud for fear of attacks against their data when it is in use,” Mark Russinovich, Microsoft Azure CTO, wrote in a company blog post. “With confidential computing, they can move the data to Azure knowing that it is safe not only at rest, but also in use from [various] threats.” 

To read this article in full or to leave a comment, please click here

Aruba, a Hewlett Packard Enterprise Company, is best known for its outstanding business-grade Wi-Fi products. What’s less well known about Aruba is that it has always had excellent security products. In fact, I’ve often described the company as a security vendor dressed up as a Wi-Fi vendor, as Aruba and security have gone hand in hand like the New England Patriots and winning. 

However, Aruba’s security positioning has always been tactical rather than strategic because its products were used for specific purposes, such as end point protection or wireless security. That shifted this week at APAC Atmosphere in Macau when the company introduced its 360 Security Fabric, which enables it to provide end-to-end security to address the needs of a world that is becoming increasingly digitized. 

To read this article in full or to leave a comment, please click here

Wi-Fi is one entry-point hackers can use to get into your network without setting foot inside your building because wireless is much more open to eavesdroppers than wired networks, which means you have to be more diligent about security.

But there’s a lot more to Wi-Fi security than just setting a simple password. Investing time in learning about and applying enhanced security measures can go a long way toward better protecting your network. Here are six tips to betters secure your Wi-Fi network.

Use an inconspicuous network name (SSID)

The service set identifier (SSID) is one of the most basic Wi-Fi network settings. Though it doesn’t seem like the network name could compromise security, it certainly can. Using a too common of a SSID, like “wireless” or the vendor’s default name, can make it easier for someone to crack the personal mode of WPA or WPA2 security. This is because the encryption algorithm incorporates the SSID, and password cracking dictionaries used by hackers are preloaded with common and default SSIDs. Using one of those just makes the hacker’s job easier.

To read this article in full or to leave a comment, please click here

Property and ownership are among the most basic concepts of a modern society. Our ability to clarify who owns what separates us from savages because property and ownership help us maintain our independence and identity.

The rules of property and ownership have evolved over centuries. There are clear transfer procedures for all types of property, including real estate, cars and even books. The problem is these age-old concepts are not holding up in our connected and digital world.

Cambridge University Press

“Property ownership as we know it is under attack and fading fast,” writes Joshua Fairfield in his book Owned: Property, Privacy, and the New Digital Serfdom. “The Internet of Things and digital property ownership systems are being built on the old feudal model.”

To read this article in full or to leave a comment, please click here

If Akamai, Cisco and Google’s post-platform security and privacy machine learning security systems protecting the web and mobile platforms are indicative of the future, IoT device makers will only be part of a larger security ecosystem. That’s because they will not have the data to train the AI machine learning models.  

As a result, IoT post-platform security and privacy will become a layer on top of IoT device security. These five factors are why that will happen.

1. Product developers underestimated IoT security

In their race to market, product developers building for new platforms will underestimate the security and privacy features that should be built into their products. In some cases, this will be an act of commission, but most will be an act of omission because it is difficult to anticipate the vulnerabilities until the products reach the market at scale. Windows and mobile devices experienced something similar. They have been hardened, but earlier in their evolution they were an easy target for cyber criminals.

To read this article in full or to leave a comment, please click here

Five years ago, IT was decentralized at the University of New Mexico. “Every school or college had their own IT, and in most cases they were completely under-resourced – a one-person shop having to do phones, apps, email, desktop, servers, storage, disaster recovery, all of that,” said Brian Pietrewicz, deputy CIO at University of New Mexico.

The university transitioned to a self-service model that enables each of its more than 100 departments to deploy infrastructure and application services itself and have them managed by the now-centralized IT team.

Adopting VMware’s vCloud Automation Center enabled departments to consume cloud resources, but also give the management team the ability to curtail that consumption if necessary.

To read this article in full or to leave a comment, please click here

Overlooked in the hoopla around the VMworld conference was an announcement of the availability of AppDefense, a new product that lets companies restrict the types of operations applications are allowed to run on virtualized servers. 

AppDefense works with the VMware hypervisor and can also connect to third-party provisioning, configuration management and workflow automation platforms. It can send out alerts, quarantine apps, shut them down and even restore a VM from an image. All of this is based on AppDefense catching unusual behavior, such as trying to modify the kernel or communicate with an unrecognized remote server. 

VMware already has some security features built into its NSX and VSAN products, but those are around networking and storage. AppDefense secures the core virtual machines in vSphere itself. It does this by using behavior-based whitelisting, which is not easy to do on desktops because they run a lot of apps. But on a server, especially a virtual server, it’s a much easier proposition. In some cases, virtual servers run only one or two apps, so shutting out everything else is simple.

To read this article in full or to leave a comment, please click here

Ensuring cybersecurity for computers and mobile phones is a huge, complex business. The ever-widening scope and unbelievable variety of threats makes keeping these devices safe from cyber criminals and malware a full-time challenge for companies, governments and individuals around the world.

But at least the vast majority of those devices are easily accessible, safe in the pockets or sitting on the desktops of the very people who want to protect them. The Internet of Things (IoT) devices that need protection, on the other hand, could be almost anywhere: sitting in a remote desert, buried deep in coal mine, built into a giant truck. Or, even implanted inside the human body.

To read this article in full or to leave a comment, please click here

Reporters Fahmida Rashid and Steve Ragan talk about the latest ransomware threats, the holes in IT security and the burdens on enterprises.

Reporters Steve Ragan and Fahmida Rashid discuss the implications of the U.S. Cyber Command's recent elevation in status, putting it on the same level as the military’s other functional combatant commands.

Reporters Steve Ragan and Fahmida Rashid unpack the hottest topics in the security realm: Kaspersky Lab's Russia connection, the new status for the U.S. Cyber Command, Hollywood's hacking woes and ransomware.

Reporters Fahmida Rashid and Steve Ragan talk about hacks of Sony and more recently, HBO, and what lessons enterprises can learn from the entertainment industry's mistakes.

Reporters Fahmida Rashid and Steve Ragan talk about antivirus vendor Kaspersky Lab, a Russian-based company that various U.S. agencies have flagged as untrustworthy. Should you use it?

Our panel looks at whether smartwatch makers blew it by not focusing on the enterprise, why intent-based networking is the next big thing, whether GPS spoofing is real, and how high is too high when it comes to iPhone prices.

Ahead of the latest Apple smartwatch rollout, the panelists debate whether vendors made a mistake introducing smartwatches to consumers first, rather than pursuing the enterprise market.

The panelists talk about their pricing predictions for the newest iPhone. Will this be the Apple device that gives consumers sticker shock?

The panelists break down Cisco's intent-based networking strategy, which brings machine learning to the networking realm. Plus, they hash out the ramifications for the security industry.

The panelists talk about GPS spoofing, and rumors about hacking as a factor in recent ship collisions. Plus, they sort out the difference between GPS spoofing and GPS jamming.

Juniper today announced intentions to acquire Cyphort, a Santa Clara-based startup that offers an advanced threat detection, analytics and mitigation platform. Juniper says it will integrate Cyphort’s technology with its Sky Advanced Threat Protection (ATP) product line.

+MORE AT NETWORK WORLD: DEEP-DIVE REVIEW: How Cyphort makes advanced threat protection easier than ever +

Cyphort’s software platform detects advanced threats, evasion techniques and zero-day vulnerabilities using a combination of behavioral analytics, machine-learning and long-data security analysis, the company says. The platform can work across virtual infrastructure, cloud environments and edge devices. In addition to identifying threats, Cyphort creates real-time timelines of incidents and can integrate with network tools to update security postures.

To read this article in full or to leave a comment, please click here

Much work still must be done before the industrial and municipal Internet of Things (IoT) becomes widely adopted outside of the circle of innovators. One field, privacy, well understood by the public and private sector in the context of the cloud, PCs and mobile, is in the early stage of adaptation for the IoT.

The sheer volume of data that will be collected and the new more granular architecture of the IoT present new privacy concerns that need to be resolved on an equal scale as the platform’s forecasted growth.

A demonstration of this new aspect of privacy and compliance is the Privacy Guidelines for Internet of Things: Cheat Sheet, Technical Report (pdf) by Charith Perera, researcher at the Newcastle University in the U.K. The nine-page report details 30 points about implementing strong privacy protections. This report is summarized below.

To read this article in full or to leave a comment, please click here