Security Is the Biggest Barrier To Cloud Adoption; Unisys Has a Solutions Portfolio

Secure Cloud Computing

Subscribe to Secure Cloud Computing: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Secure Cloud Computing: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

The time of year when crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Copying off since 2012, rather than thinking up my own, I figured I’d regurgitate what many others expect to happen. Top 10 Cyber Security Predictions for 2018 – Infosec Institute kicks off this year’s Top 10, Top 10 list with a look back at their 2017 predictions (AI, IoT, etc.) and dives head first into 2018 noting that Ransomware will be the most dangerous threat to organizations worldwide; cryptocurrency will attract fraudsters looking to mine; cloud security will (again) be a top priority; cyber insurance will explode and cyber-bullying, especially for teenagers, is at the emergency stage. Cyber security predictions for 2018 – Information Age taps Mike McKee, CEO of insider threat management company ObserveIT, to offer his insight. Lack of ... (more)

[video] Superencipherment with @SecureChannels | @CloudExpo #ML #Cloud #Security

"We work around really protecting the confidentiality of information, and by doing so we've developed implementations of encryption through a patented process that is known as superencipherment," explained Richard Blech, CEO of Secure Channels Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CloudExpo | DXWorldEXPO have announced the conference tracks for Cloud Expo 2018, introducing DXWorldEXPO. DXWordEXPO, colocated with Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DXWorld Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools ... (more)

Infoblox to Exhibit at @CloudExpo | @Infoblox #DataCenter #DNS #DDI #DX

SYS-CON Events announced today that Infoblox, the industry leader in DNS, DHCP, and IP address management, the category known as DDI, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Empower the Security Ecosystem Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. They are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core-enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements. Contact Infoblox at https://www.infoblox.com. 21st International Cloud Expo, taking place October 31 - November 2, 2017, at... (more)

Securing Key Management | @CloudExpo #AI #DX #API #CloudNative #Security

Cloud migration of modern enterprise infrastructure has been a defining trait of recent times. The cloud brings increased efficiency, streamlined operations, an increased shared knowledge base, and scale that was simply not possible earlier. Enterprise IT executives expect that 60 percent of workloads will run in various clouds by 2018 according to survey data of 1,200 buyers by 451 Research. However, according to the NorthBridge Future of Cloud Computing survey, the largest survey of its kind, security remains the number one inhibitor of enterprise migration to the cloud. One of the key reasons for this is that enterprises relinquish control of their infrastructure in the process, and suffer a lack of privacy and protection from the cloud provider while running in a public cloud. According to the NorthBridge survey, enterprises' biggest concerns include dependenc... (more)

Post of the Week: SSL on a Virtual Server

In this Lightboard Post of the Week, I answer a few questions about SSL/https on Virtual Servers. BIG-IP being a default deny, full proxy device, it’s important to configure specific ports, like 443, to accept https traffic along with client and server side profiles and include your SSL certificates. We cover things like SAN/SNI certificates but I failed to mention that self-signed certificates are bad anywhere except for testing or on the server side of the connection. Thanks to DevCentral members, testimony, Only1masterblaster, Faruk AYDIN, MrPlastic, Tyler G, Prince, and dward for their Q/A engagement. Posted Questions on DevCentral: https on virtual server LINKING SSL CERTIFICATE TO A VIRTUAL SERVER SSL CERTIFICATE KEY Maximum number of client SSL profiles per virtual server? Need to support thousands of unique SSL certificates on a single VIP ps ... (more)

The OWASP Top 10 – 2017 vs. BIG-IP ASM

With the release of the new 2017 Edition of the OWASP Top 10, we wanted to give a quick rundown of how BIG-IP ASM can mitigate these vulnerabilities. First, here’s how the 2013 edition compares to 2017. And how BIG-IP ASM mitigates the vulnerabilities. Vulnerability BIG-IP ASM Controls A1 Injection Flaws Attack signatures Meta character restrictions Parameter value length restrictions A2 Broken Authentication and Session Management Brute Force protection Session tracking HTTP cookie protection A3 Sensitive Data Exposure Data Guard A4 XML External Entities (XXE) Attack signatures (see below) A5 Broken Access Control File types URL URL flows Session tracking URL flows Attack signatures (Directory traversal) A6 Security Misconfiguration Attack Signatures A7 Cross-site Scripting (XSS) Attack signatures Parameter meta characters Parameter value length restrictions Par... (more)

Post of the Week: BIG-IP APM Policy Sync

In this Lightboard Post of the Week, I light up the answer to a question about BIG-IP APM Policy Sync. Posted Question on DevCentral: https://devcentral.f5.com/questions/apm-policy-sync-56330 Thanks to DevCentral user Murali (@MuraliGopalaRao) for the question and special thanks to Leonardo Souza for the answer! ps Related: DevCentral’s Featured Member for May – NTT Security’s Leonardo Souza ... (more)

VDI Gateway Federation with BIG-IP

Today let’s look at how F5 BIGIP APM can consolidate, secure and federate all the core VDI gateways technology. For instance, if an organization decides move from one VDI technology to another or if you’re consolidating VDI technologies, BIG-IP can help. On the BIG-IP we’ve set up three VDI environments. Microsoft RDS/RDP with a broker authentication server, VMware Horizon and Citrix ZenApp. With only a corporate account, a user can authenticate to all of them as needed and access all available desktop content. In this example, we connect to the BIG-IP APM. This is the default view. And here we’ve put some advanced security fields like OTP or multifactor authentication for instance. So here we’d use our username and password and for additional security we’ll choose a secondary grid. By default, a grid is not generally available from any of the VDI vendors. When we... (more)

9th International Cloud Expo | Cloud Expo Silicon Valley – Photo Album

Cloud Computing Expo on Ulitzer 9th International Cloud Expo, held on November 7 - 10, 2011, in Santa Clara, CA, attracted more than 120 sponsors and exhibitors with over 7,500 registered delegates and four content-packed days with a rich array of sessions about the business and technical value of cloud computing led by exceptional speakers from every sector of the cloud computing ecosystem. The Cloud Expo series is the fastest-growing Enterprise IT event in the past 10 years, devoted to every aspect of delivering massively scalable enterprise IT as a service. We invite you to enjoy here our photo album of the show...we'll be adding new images all week.   \ ... (more)

Legacy Application SSO with BIG-IP and Okta

IT organizations have a simple goal: make it easy for workers to access all their work applications from any device. But that simple goal becomes complicated when new apps and old, legacy applications do not authenticate in the same way. Today we’ll take you through BIG-IP APM’s integration with Okta, a cloud-based identity-as-a-service provider. The primary use case for this scenario is providing the user authentication through Okta and then Okta providing BIG-IP APM a SAML assertion so that BIG-IP can perform legacy SSO using either Kerberos Constrained Delegation (KCD) or Header Authentication. BIG-IP is the Service Provider (SP) in this SAML transaction. As we log on to a BIG-IP, you’ll see that we have two policies/application examples. Let’s click on the Edit button under Access Policy for app1-saml-sp-okta. This takes us to the Visual Policy Editor (VPE) f... (more)

[Update 2] WikiLeaks & Web 3.0 - A Commentary

[Further updated to include advance word of Jay Rosen/Dave Winer "Rebooting the Media" podcast - #75 coming Monday Dec 6] [Updated to include PayPal announcement of the closure of WikiLeaks' PayPal account.] Is Web 3.0 maybe going to be less the utopia we've been envisaging and more like the real, physical world, with all the real-world limitations that follow along with it...? The latest WikiLeaks ("Cablegate") affair, coming as it does at the very end of the first decade of the 21st Century, comes at an appropriate moment. An undoubted political and diplomatic hornet's nest, the swirling discussions surrounding the organization's drip-drip release of (so far) 612 of the quarter of a million or so diplomatic cables in its possession are all grist to the mill of an "awakening" that in my view is likely going to mark the difference between the Web of 2000-1010 and that... (more)