2010 IBM X-Force Report

IBM have released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organisations around the world faced increasingly sophisticated, customised IT security threats in 2010.

Based on the intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, key observations from the IBM X-Force Research team included:

  • More than 8,000 new vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.
  • The historically high growth in spam volume leveled off by the end of 2010. This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focused on making sure it is bypassing filters.
  • While overall there were significantly fewer phishing attacks relative to previous years, “spear phishing,” a more targeted attack technique, grew in importance in 2010. This further indicates that cyber criminals have become more focused on quality of attacks, rather than quantity.
  • As end user adoption of smartphones and other mobile devices increased, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, IBM X-Force data showed a rise in vulnerability disclosures and exploits that target these devices.

Vulnerability Disclosures Growth by Year

IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

“From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day,” said Tom Cross, threat intelligence manager, IBM X-Force. “The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical.”

In conjunction with this year’s report, IBM is launching the IBM Institute for Advanced Security in Europe to combat growing security threats in the region. The IBM X-Force report stated that in 2010, nearly a quarter of all financial phishing emails targeted banks located in Europe. It also identified the UK, Germany, Ukraine and Romania among the top 10 countries sending spam in 2010. This Institute joins its predecessor in Washington, D.C., focused on U.S. clients.

A new section in the IBM X-Force Trend and Risk Report is dedicated to the security trends and best practices for the emerging technologies of mobile devices and cloud computing.

Total Mobile Operating System Vulnerabilities

As end user adoption of smart phones and other mobile devices increases, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, X-Force data shows a rise in vulnerability disclosures and exploits that target these devices.

Cloud Computing — The report highlighted a shift in perception about cloud security as adoption continued to evolve and knowledge around this emerging technology increased. Since security is still considered an inhibitor to cloud adoption, cloud providers must earn their customers’ trust. This is achieved by providing an infrastructure that is secure by design with purpose-built security capabilities that meet the needs of the specific applications moving into the cloud. As more sensitive workloads move into the cloud, the security capabilities will become more sophisticated. Over time, IBM predicts the market will drive the cloud to provide access to security capabilities and expertise that is more cost effective than in-house implementations. This may turn questions about cloud security on their head by making an interest in better security a driver for cloud adoption, rather than an inhibitor.

Mobile Devices — Organisations are increasingly concerned about the security implications of personal mobile devices used by employees. Organisations must ensure control of their data regardless of where it is, including employee-owned or business-issued smartphones. In 2010, IBM X-Force documented increases in the volume of vulnerabilities disclosed in mobile devices as well as the disclosure of exploits that target them. The desire to “jailbreak” or “root” mobile devices has motivated the distribution of mature exploit code that has been reused in malicious attacks. Nevertheless, malware is not yet common on the latest generation of mobile devices and most IT professionals view the data stored on them and how that can be misused or lost as the main security threats associated with these devices. According to the IBM X-Force Report, best practices for mobile security are evolving with enhanced password management and data encryption capabilities.

Additional trends highlighted in the report included:

The new, sophisticated face of cyber crime — From a security standpoint, 2010 is most remembered as a year marked by some of the most high profile, targeted attacks that the industry has ever witnessed. For example, the Stuxnet worm demonstrated that the risk of attacks against highly specialised industrial control systems is not just theoretical. These types of attacks are indicative of the high level of organisation and funding behind computer espionage and sabotage that continues to threaten a widening variety of public and private networks.

A significant decline in phishing — If the IT security world is looking for a victory to chalk up in 2010, they should consider the relative decline in phishing attacks. Although phishing attacks still occurred, the peak volume of phishing emails in 2010 was less than a quarter of the peak volumes in the previous two years. This may indicate a shift toward other, more profitable, attack methodologies such as botnets and ATM skimming. Despite this decline, spear phishing, a more targeted attack technique, grew in importance in 2010, as meticulously crafted emails with malicious attachments or links became one of the hallmarks of sophisticated attacks launched against enterprise networks.

Spam volumes peaked, and then leveled off — In 2010, spam volumes increased dramatically, reaching their highest levels in history. However, the growth in volume leveled off by the end of the year. In fact, by year’s end, spammers seemed to go on vacation, with a 70 percent decline in traffic volumes occurring just before Christmas and returning early in the new year. Has the market for spam become saturated? It is possible that there are diminishing returns associated with increasing the total volume of spam, and spammers are starting to focus more on bypassing spam filters.

Web applications accounted for nearly half of vulnerabilities disclosed in 2010 — Web applications continued to be the category of software affected by the largest number of vulnerability disclosures, representing 49 percent in 2010. The majority represented cross site scripting and SQL injection issues, and the IBM X-Force data showed that these vulnerabilities are being targeted by attackers. According to the report results, every summer for the past three years there has been a globally scaled SQL injection attack some time during the months of May through August. The anatomy of these attacks has been similar across the board, targeting .asp pages that are vulnerable to SQL injection.

A secure by design approach can improve security — IBM X-Force has determined that taking proactive steps to evaluate web application security and improve development and quality assurance processes can result in a significant improvement in the security of web application software. The report included data showing that web applications scanned for vulnerabilities often showed significant improvements upon being retested – exhibiting less than half of the number of particular classes of vulnerabilities, on average, the second time they are assessed. This encouraging information points the way toward sustained improvements in Internet security.

Nearly half of vulnerabilities remain unpatched — To help prevent attackers from exploiting vulnerabilities, organisations must focus on shortening the window of time between vulnerability disclosure and patch installation. Forty-four percent of all security vulnerabilities had no vendor-supplied patch at the end of 2010. However, even in cases where patches are made available on the same day that a vulnerability is publicly disclosed, there may be a significant gap in time before those patches are installed on vulnerable systems. Computer criminals often privately develop exploits that target publicly disclosed security vulnerabilities, and use those exploits to launch attacks. Later, when these private exploits have ceased to be valuable as attack tools, they are publicly disclosed. The IBM X-Force report data showed that exploits are often publicly disclosed tens or hundreds of days after the vulnerabilities they target. If it is taking a long time for these exploits to surface, it may be taking a long time for networks to patch.

Continued growth of Internet botnets — IBM X-Force saw an upward trend in Trojan botnet activity during 2010. This growth is significant because despite increasing coordinated efforts to shut down botnet activity, this threat appeared to be gaining momentum. However, IBM X-Force’s data did illustrate the dramatic impact of a successful effort in early 2010 to shutdown the Waledac botnet, which resulted in an instantaneous drop off in observed command and control traffic. On the other hand, the Zeus botnet continued to evolve and constituted a significant portion of the botnet activity detected by IBM X-Force in 2010. Due to its extreme popularity with attackers, there are hundreds, or even thousands, of separate Zeus botnets active at any given time. The Zeus botnet malware is commonly used by attackers to steal banking information from infected computers.

About the IBM X-Force Trend and Risk Report

The IBM X-Force Trend and Risk Report is an annual assessment of the security landscape, designed to help clients better understand the latest security risks, and stay ahead of these threats. The report gathers facts from numerous intelligence sources, including its database of over 50,000 computer security vulnerabilities, its global Web crawler and its international spam collectors, and the real-time monitoring of 13-billion security events every day for nearly 4,000 clients in more than 130 countries. These 13-billion events monitored each day – more than 150,000 per second – are a result of the work done in IBM’s nine, global Security Operations Centers (SOC), which is provided as a Managed Security Service to clients.

With more than 40 years of security development and innovation, IBM is the only company with the breadth and depth of research, products, services, consulting and global business partners to deliver end-to-end security. IBM has nine worldwide research labs innovating security technology and nine security operations centers around the world to help global clients maintain the appropriate security posture.

Webhosting.uk.com launches Cloud Based SharePoint VPS Plans

Webhosting.uk.com, a UK-based managed web hosting provider, have launched Cloud-based SharePoint VPS Plans with a 100% uptime guarantee. The company states that all of these servers are based on Hyper-v virtualization system and use cloud hosting environment. It explains that all of their cloud clusters are hosted in a TIER IV facility which eliminates any possibility of downtime due to a power or network outage.

They further explain that in the event of hardware failure, Cloud VM’s automatically migrate away from the failing hardware to another member of the cloud ensuring there is no downtime relating to power outages, network failures, failure of servers or storage devices.

The company currently offers three different plans to choose from. Some of the key features of SharePoint VPS Hosting plans include MsSQL 2008 Standard Edition, IIS7, Administrator RDP Login, Dedicated RAM and CPU, Dedicated IP’s, FrontPage Extensions, ODBC Support and more. Furthermore, each server has its own Active Directory and SharePoint instance giving the user complete control on their SharePoint environment. These servers not only offer greater reliability in the form of 100% uptime and scalability in the form of easy upgrades, but also guarantee higher level of security.

James Anderson, Sales & Marketing Manager, Webhosting.uk.com states, “We are excited with the launch of our Managed SharePoint Hosting Services. SharePoint can revolutionise the way a company operates. Our SharePoint VPS products are perfect for companies looking to outsource their existing SharePoint services to a fault tolerant infrastructure while keeping costs low. As our services are fully managed, our SharePoint VPS products are also ideal for companies looking for a new SharePoint deployment.”

More information is available at: http://www.webhosting.uk.com/sharepoint-vps-hosting.php

Network Box USA teams up with 6fusion

In a move to offer the ultimate in cloud-based Internet security, Network Box USA, the American arm of worldwide MSSP (Managed Security Service Provider) Network Box Corp., has joined forces with 6fusion, an infrastructure-as-a-service (IaaS) company whose customers are mainly information technology and telecommunications service providers.

Network Box USA’s managed security services, in conjunction with 6fusion’s UC6 IaaS platform, will provide cloud-based firewall, intrusion detection and prevention (IDPS), and virtual private networking (VPN) services – without customers having to invest in data-centre hardware or security management.

Among cloud-computing security solutions, Network Box’s is the only one that is managed, which means that customers do not have to spend time and resources configuring, managing and monitoring their security. Network Box managed services and award-winning unified threat management (UTM) appliance – which includes anti-virus, anti-spam, anti-phishing, anti-spyware and content filtering, in addition to firewall, IDPS and VPN – provide cloud-computing gateway security with greater efficiency, simplicity and price/performance compared to traditional solutions.

“This is a true virtual solution,” said Pierluigi Stella, CTO of Network Box USA. “Essentially, Network Box software runs on a virtual server in the cloud, and our network operation centre can monitor and manage it, just as we do with our actual UTM boxes; all traffic runs through it so we can filter it and protect our customers’ cloud servers.”

The Network Box HQ Security Operations Center is ISO 27001 certified, and the Network Box USA operation is SAS 70 certified. Moreover, all client systems are covered by a separate, secure in-the-cloud real-time management system, which also includes a free Apple iPhone and iPad HD application for monitoring and managing protected systems from almost anywhere.

The Network Box solution has been tested and granted 6fusion Certified status. This means that the software has been tested for cloud compatibility, that the 6fusion technical team has been trained to support and deploy it, and that it has been packaged and is available from within the UC6 cloud management platform. This ensures that 6fusion solution providers can now, simply and easily, take advantage of the Network Box solution to protect their customers’ data in the 6fusion cloud.

“In today’s Internet-connected world, every organisation needs extra protection,” said Rob Bissett, 6fusion’s vice president of product management. “Attacks and intrusions are ongoing, 24 hours a day, all year round. As they move their customers to the cloud, service providers need to ensure they give them the same, or higher, levels of protection they give their physical networks. The certification of the Network Box solution makes them more efficient and effective, while reducing deployment time, management effort, and expenditure for the customer.”

About Network Box USA
Network Box USA, Inc., the American arm of Network Box Corp., was formed in response to the escalating danger posed by security breaches, virus attacks and similar threats arising from widespread use of the Internet. Network Box’s managed security services use a global network of state-of-the-art security operations centres to monitor, update, and manage protected client gateways in real time. Every Network Box system around the world also utilises Network Box’s multi-award-winning PUSH update technology, which offers the fastest security update service available. Updates are pushed out within an average of just 45 seconds from the time any new malware signature, software update, or security patch becomes available. By providing monitoring, updates, and management around the clock, Network Box gives its clients – many of the world’s leading companies, organisations, and government departments – the technological and logistical edge they need to stay one step ahead.

About 6fusion
6fusion’s UC6 infrastructure-as-a-service (IaaS) platform is designed to allow service providers to offer cloud computing risk free. 6fusion makes it possible for its customers to instantly provision and deploy a cloud-based computing infrastructure as part of their service offerings. UC6 provides an end-to-end cloud-management platform for public, private and hybrid clouds. Users can choose the data centre that houses their workloads, overcoming many of the concerns about using the cloud. That means customers can deploy any number of applications in any way they or their own customers choose. The biggest differentiator is 6fusion’s unique metering algorithm – the Workload Allocation Cube (WAC) – which turns the cloud into a pay-per-use billable utility. Similar to paying for electricity by the kilowatt, the WAC ensures customers pay only for what they actually use and provides valuable insight into consumption and cost performance.

Imperva Announces PartnerSphere Technology Alliance

Imperva, the leader in data security, today announced the new PartnerSphere Technology Alliance, a technology ecosystem dedicated to data security and compliance. The PartnerSphere Technology Alliance offers organisations an end-to-end blueprint for data security, providing best-of-breed products that complement and extend Imperva SecureSphere Web Application, Database, and File Security Solutions.

“Our partner ecosystem is growing rapidly as the demand for a data security strategy increases,” said Imperva VP of Business Development, Farzad Tari. “Our program recognises the reality of today’s IT security landscape by partnering with leading technology providers in a formal, cohesive fashion, creating a partner ecosystem to protect structured and unstructured data.”

Imperva has partnered with industry-leading vendors in several categories including Vulnerability Assessment, SIEM, Business Software, Platform, Application Delivery, Identity Management, and Masking and Encryption. Together, Imperva and its technology partners offer fully complete solutions that address organisations’ top data security challenges.

With the creation of the PartnerSphere Technology Alliance, Imperva also announces two new partnerships with WhiteHat Security and NetOptics:

Imperva WAF Quick Start Program including WhiteHat Sentinel Website Vulnerability Management:

Imperva and WhiteHat Security have joined forces to offer a closed-loop process to identify and mitigate website vulnerabilities. Beginning today, Imperva’s Web Application Firewall Quick Start Program, a packaged professional services engagement for initial product installation and configuration, will include one WhiteHat Sentinel vulnerability assessment. As part of the Quick Start Program, WhiteHat Sentinel will conduct a website vulnerability assessment. All results are verified for accuracy, eliminating false positives. Then an Imperva professional services consultant will import the verified WhiteHat assessment results into SecureSphere Web Application Firewalls to instantly remediate discovered vulnerabilities.

The Quick Start Program now allows customers to leverage the full benefits of the Imperva SecureSphere and WhiteHat Sentinel integration. Customers can immediately mitigate Web application vulnerabilities, eliminating the window of exposure inherent with manual remediation. Virtual patching also allows customers to design and implement code fixes on their schedule, avoiding emergency fix and test cycles.

“The combined Imperva and WhiteHat solution effectively detects vulnerabilities and protects against website attacks. This integration provides a complete and automated way for organisations to simplify the management of the Web application security lifecycle,” said Bill Pennington, Chief Strategy Officer, WhiteHat Security. “WhiteHat Sentinel delivers ongoing accurate website vulnerability data that enables Imperva SecureSphere customers to deploy virtual patching with confidence. Organisations can design and implement application code fixes on their schedule, without rushing to fix and test patches, eliminating disruption in their development cycle. This allows businesses to freedom to decide how and when to mitigate web application security vulnerabilities in production.”

Partnership with Net Optics provides unparalleled performance, visibility, and scalability to protect network and web applications in the demanding 10G environment:

Net Optics brings to the partnership a record of proven leadership in intelligent monitoring access by providing a fault tolerant architecture with high-speed intelligent load balancing. The company’s growing suite of innovative solutions enables customers to meet the challenge of monitoring, troubleshooting, and securing high volumes of network traffic, bandwidth-intensive applications, and cloud deployments. SecureSphere Stack, powered by Net Optics, provides a scalable, high-performance data security solution for up to 10Gbps of network traffic.

The new offering will employ the unique capabilities of Net Optics Director Pro Data Monitoring Platform to control, filter, and dynamically load balance traffic sent to monitoring appliances. Engineered for extremely high, business-critical traffic levels, Director Pro enables deep packet exploration at full 10Gbps wire speed and provides 24/7 passive network access without introducing a point of failure. The robust Director Pro works in conjunction with up to five SecureSphere X6500 appliances to maximise Web, Database, and File Security for the most demanding applications without affecting performance and availability. Director Pro not only reduces the complexity of managing an integrated network fabric, it streamlines scaling within the customer deployment and contributes the key capability of connecting inline to a 10G network.

“Imperva’s selection of Net Optics will help customers overcome their toughest monitoring challenges in an ultra-high performance environment where security is critical,” said Bob Shaw, CEO, Net Optics. “The Imperva-Net Optics 10G solution will enable high availability, cost-effectiveness, and the enhanced security that’s vital to any organisation and cloud service provider.”

Imperva is a global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva’s customers include leading enterprises, government organisations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. For more information, visit www.imperva.com.

Imperva Reveals Enhanced Data Security Strategy

Imperva, a leader in data security, yesterday unveiled a comprehensive strategy to help cloud providers, enterprises and small to medium sized businesses (SMBs) protect sensitive data against external and internal threats and comply with regulations such as PCI, SOX and HIPAA. Additionally, Imperva spinoff ‘Incapsula’ will help web hosters give SMBs affordable web application protection. The Incapsula web application firewall service gives small businesses an easy and affordable way to manage website security and performance for any domain that they own even if it is hosted by a third party. For hosters and other service providers, Incapsula enables website security to be extended to an entire customer base. Imperva will resell this service to complement Incapsula’s own sales efforts.

“Cloud computing has created a paradigm shift in the way organisations view their data center architecture,” explained Imperva CTO Amichai Shulman. “Imperva is stepping up to the challenge of protecting cloud-based data from hackers and cloud insiders with a comprehensive data security solution.”

“Incapsula’s service helps web hosting companies provide SMBs with an easy, affordable way to defend their web applications against external hackers,” explained Gur Shatz, CEO of Incapsula. “Given the nature of today’s indiscriminate, bot-based attack methods, small businesses are subject to significant cyber attacks and require enterprise-class protection.”

Subscribing to Incapsula’s web protection service is a simple five-minute process that does not require installation of hardware or software, just a simple DNS change. Incapsula inspects all incoming traffic to any subscriber’s website, keeping hackers out while accelerating outgoing traffic. The Incapsula service is suitable for the SMB and cloud market, requiring minimal setup with service beginning in the first quarter 2011. The list price for this service is expected to start at $50 per month.

Incapsula complements Imperva SecureSphere’s cloud capabilities, such as those leveraged by web hosting company, FireHost. “SecureSphere gives FireHost a scalable web application security platform that can handle our rapid customer growth. As part of our core service, all customers are protected from web attacks using the SecureSphere Web Application Firewall. We’re also excited to offer premium data security services for HIPAA and PCI compliance based on SecureSphere Database Activity Monitoring and File Activity Monitoring products,” explained Chris Drake, CEO of FireHost.

Imperva’s high-level cloud capabilities include:

Attack Protection and Access Control for the Cloud: SecureSphere Web Application Firewall (WAF) provides market-leading protection for cloud-based web applications against complex and sophisticated attacks. SecureSphere WAF enables a quick and easy route to PCI 6.6 compliance and the ability to instantly mitigate known application vulnerabilities.

Data Access Auditing for the Cloud: SecureSphere Database Activity Monitoring (DAM) and File Activity Monitoring (FAM) provide sensitive data access auditing for cloud-based databases and file-sharing systems.

SecureSphere supports all major cloud deployment models and is available by deploying physical or virtual SecureSphere appliances within a cloud data center:

  • Infrastructure as a Service (IaaS) providers:
    IaaS providers offer state-of-the-art flexible and secure cloud data centers. SecureSphere enables IaaS providers to offer web attack protection and regulatory compliance readiness to their customers and generate incremental business. Imperva customers include Savvis and FireHost.
  • Platform as a Service (PaaS) providers:
    PaaS providers offer application development and delivery platforms that accelerate time-to-market of new applications and services. SecureSphere enables PaaS providers to give their customers web attack protection as part of the underlying platform.
  • Software as a Service (SaaS) providers:
    SaaS providers deliver cloud-based business applications for sales, financial, HR and other functional areas. These applications host large amounts of sensitive data across many organisations. As organisations adopt cloud applications to streamline their IT operations, SaaS providers are expected to ensure data security and address regulatory compliance — as would be the case for on-premise data.
  • Enterprise Private Clouds:
    Private clouds are a replacement or an extension of the traditional data center and must address the security of publicly facing web applications. SecureSphere Web Application Firewall (WAF) provides the industry-leading protection against Internet attacks targeting web applications and enables rapid mitigation of web application vulnerabilities.

For more information visit www.incapsula.com or www.imperva.com.

About Imperva
Imperva is the global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva’s customers include leading enterprises, government organisations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com.

About Incapsula
Incapsula is a cloud-based service that makes websites safer, faster and more reliable. Incapsula provides websites of all sizes with capabilities that so far, have only been consumable by the very large Internet websites. Founded by a group of industry veterans with rich backgrounds in web application security, online safety and identity theft, the company’s mission is to provide every website, regardless of its size, with enterprise-grade website security and availability.

New security in the cloud

Joyent, a leading global provider of cloud computing solutions, and GuardTime, creator of the patented Keyless Signature technology used to validate the world’s data, today announced a partnership that delivers unprecedented security enabling enterprises to safeguard some of their most valuable assets in the cloud: code, logs and data.

GuardTime’s Keyless Signatures (http://www.guardtime.com/) provide proof of signing authority, time of the signature, and integrity of all data located in the cloud. The signature never expires and its verification is based solely on mathematics, eliminating the need for secrets, keys, or human intervention.

As part of this partnership, Joyent customers will be able to purchase GuardTime SmartMachines, which will allow organisations to:

  • Secure an application by signing its gold master code, preventing compromised applications from executing
  • Safeguard the SmartMachine’s logs (eg administrative, policy, configuration, or events), making accidental changes or malicious tampering impossible to conceal
  • Protect data backups, turning private and public cloud storage into safe, tamper-evident archives

“This partnership delivers unparalleled security and authenticity in a massively-scaled cloud environment,” said Jason Hoffman, Founder and Chief Scientist of Joyent. “Organisations can now access a mathematically driven solution that cannot be compromised by human error or breached by cyber miscreants.”

“The integration of our unique Keyless Signature technology within the Joyent SmartMachine gives organisations the unprecedented opportunity to trust their applications, logs, and data in the cloud,” said Mike Gault, CEO of GuardTime. “We are thrilled to be joining forces with Joyent to provide independently verifiable proof of operating integrity in the cloud for both cloud-based service providers and cloud-consuming institutions around the world.”

The partnership was made possible by Singapore’s Infocomm Investments Pte Ltd (IIPL), which brought the two companies together. IIPL is also an investor in GuardTime. Dr Kuo-Yi Lim, CEO of IIPL, said, “The GuardTime-Joyent solution addresses a key security concern on the public, private or hybrid cloud. We believe that this collaboration will bring security in cloud computing to a new level and in turn spur the development of the cloud computing industry in Singapore.”

The GuardTime SmartMachine will be available from December, 2010.

About Joyent:
Joyent is the premier Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) provider, offering cloud computing solutions worldwide since 2004. Delivering billions of page views per month, Joyent’s Smart Technologies improve performance, scalability, manageability and security for thousands of web and mobile applications. Serving a network of service providers and thousands of customers, Joyent is the only company that runs a major public cloud infrastructure, builds the technologies that power that infrastructure, and uses those technologies to enable multiple third-party public, private, and hybrid clouds. For more information, visit: http://www.joyent.com.

About GuardTime:
Founded in 2006 by cryptography experts Dr. Märt Saarepera and Dr. Ahto Buldas along with Internet visionary Joi Ito, GuardTime provides an infinitely-scalable and completely-available Keyless Signature engine designed to deliver authenticity and integrity for the data that the world relies upon: as it sits on disk, moves throughout the network, and is used in the Cloud. Visit http://www.guardtime.com for more information about delivering operating integrity for your public and private clouds.

IBM Takes Action to Improve Cloud Security

According to IBM’s Institute for Business Value 2010 Global IT Risk Study, cloud computing raised serious concerns among respondents about the use, access and control of data: 77 percent of respondents believe that adopting cloud computing makes protecting privacy more difficult; 50 percent are concerned about a data breach or loss; and 23 percent indicate that weakening of corporate network security is a concern.  As the study illustrates, businesses see the promise of the cloud model, but security remains an inhibitor to adoption.

While an information technology (IT) foundation pertains to all cloud computing, providers and users do not generally rely on one generic model for data security. Both cloud providers and users should consider a variety of factors, including the kind of work a client wants to do in the cloud and the mechanisms and controls used. For example, clients who have collaboration tools and email work in the cloud should think about access and policy controls, while clients focused on healthcare in the cloud should be concerned with data isolation and encryption.

To help meet these specific needs, IBM’s cloud security experts work closely with clients to address their individual concerns and provide the appropriate services and offerings. This process includes evaluations of the security positioning of planned or existing cloud implementations as well as recommendations for various security strategies.

“IBM understands the ‘one size fits all’ cloud security strategy will not work for most businesses,” said Steve Robinson, general manager, IBM Security Solutions. “Our enterprise clients are looking for a trusted advisor to provide the right mix of security consulting services and offerings to match. By offering these new services and innovations, we aim to help clients create tailored solutions that will allow them to get the most out of their cloud environments.”

Additionally, IBM has a team of security professionals around the world and holds a number of security and risk management patents, which can be used to help clients solve their toughest cloud problems. As the cloud computing model evolves with the changing needs of a client’s business, IBM researchers are designing new technologies to ensure the integrity of data in the cloud regardless of the business or industry scenario.

New IBM Cloud Security Infrastructure and Services

IBM is using its expertise to outline a two-pronged approach for clients seeking to dramatically improve cloud security:

1. Plan and Assess the Security Strategy for the Cloud

  • IBM Cloud Security Strategy Roadmap – For clients who are embarking on a cloud strategy as either a provider or subscriber, the new roadmap is designed to help organizations understand, establish and outline the steps for realizing their security goals in relation to their cloud computing strategy. IBM security experts conduct an onsite working session with clients to help define the cloud computing initiative and goals, identify associated security and privacy concerns, determine appropriate vulnerability mitigation strategies and develop a high-level security strategy roadmap designed to achieve their cloud security objectives.
  • IBM Cloud Security Assessment – For clients with cloud infrastructure in place or planning their cloud environment, the new assessment is designed to help provide an in-depth understanding of the current state of a current or planned cloud solution’s security controls, mechanisms and architecture. IBM assessment professionals help compare the cloud solution’s security program against industry best practices and the client’s own cloud security objectives, then identifies steps to help improve the overall security environment.
  • IBM Application Security Services for Cloud – The new offering allows CIOs to have a clear picture of how and where sensitive data will circulate in a cloud environment. It assesses current or proposed cloud application environments to help ensure that the appropriate information, security, and privacy controls are in place for a client’s specific business requirements. By identifying and prioritizing cloud-specific security vulnerabilities, internally and within their service providers, the offering can help clients determine the right balance of internal control and service provider autonomy required to maintain efficiency and service level requirements before implementing the solution.

2. Obtain Security Services from the Cloud

  • IBM Managed Security Services Hosted Security Event and Log Management – This enhanced offering is a cloud-based solution for security incident and event management  that consolidates the security event and log data of operating systems, applications and infrastructure equipment, providing a seamless platform from which to assess and respond to real-time and historical traffic. It dramatically improves the speed of security investigations and compliance initiatives, offering the full life cycle of security information and event management, and provides options to outsource these tasks to security experts located in IBM’s worldwide Security Operation Centers.
  • IBM Managed Security Services Hosted Vulnerability Management – This enhanced cloud-based scanning service helps companies to identify vulnerabilities across network devices, servers, web applications and databases to help manage concerns and reduce the cost of security operations. This service is available to companies of all sizes who want to quickly and more easily address compliance mandates.

“We needed a remote scanning solution that can help us identify critical vulnerabilities throughout our infrastructure and assist us in meeting external audit requirements,” said Henrique Matiole, IT supervisor, ArcelorMittal Sistemas S.A. of Brazil. “The enhanced hosted vulnerability management scanning solution carries advanced scanning capabilities for complicated security challenges and provides strong reporting capabilities through a web-based portal that helps us easily satisfy our audit requirements.”

Top Security Experts Develop Next Generation of Solutions to Secure Cloud

Researchers at the IBM Watson and Zurich research labs are working on a variety of projects that examine new ways to bolster cloud security by enabling enhanced data integrity, recovery, privacy, and customer isolation in a public cloud environment.

For example, as part of the Integrated Trusted Virtual Data Center (iTVDc) project, IBM researchers have developed mechanisms that enhance cloud security by providing “infrastructure hardening,” or stronger isolation between different workloads. These mechanisms verify the integrity and correct configuration of infrastructure components such as hypervisors to help prevent low-level attacks such as spoofing, or deceiving computer systems or other computer users by hiding or imitating one’s Internet identity. IBM recently added some of these security capabilities to the IBM Smart Business Test and Development cloud. Some of these security mechanisms are also currently offered in the IBM Systems Director VMControl™.

Another example of IBM’s ability to rapidly take advantage of new cloud security techniques pioneered by its researchers is the integration of “introspection monitoring” in the IBM Virtual Protection System. This capability enables a kind of “virtual doorman,” in the cloud environment, which detects potential malware attacks from outside the virtual machine and scans the operating systems inside to confirm they are running properly. The capability will then determine whether or not they contain malicious code, such as root-kits, which are software programs designed to provide a user with administrator access to a computer without being detected. This level of security isn’t available from conventional introspection solutions that can only communicate and check inside the virtual machine. The rootkit-detection system is currently offered as part of IBM Virtual Server Protection system.

IBM’s Institute for Business Value 2010 Global IT Risk Study

IBM’s Institute for Business Value 2010 Global IT Risk Study was commissioned to understand how information technology (IT) managers are working to mitigate risk.  Core objectives of the study included evaluating the manner in which innovations like cloud and mobile computing are influencing overall IT risk strategies and exploring how the role of the IT Manager is changing in relation to these innovations.  The survey included 556 respondents from all geographies, representing companies with revenues of less than $500M to more than $10B.  Respondents worked across a diverse set of industries and sectors including finance, healthcare, biotechnology, manufacturing, government and information technology services.

For more information on the IBM 2010 Global IT Risk Study please see: www.ibm.com/services/riskstudy

IBM Security Solutions include an extensive portfolio of hardware, software solutions, professional and managed services offerings covering the spectrum of IT and business security risks, including: people and identity, data and information, application and process, network, server and endpoint and physical infrastructure. IBM Security Solutions empowers clients to innovate and operate their businesses on highly secure infrastructure platforms.

For more information on IBM Security Solutions, visit: www.ibm.com/security.

Interoute Provides Europe’s Enterprises Secure Cloud Hosting

With 74.6% of businesses rating the biggest challenge to cloud computing as security, organisations are looking for assurances that the right levels of data security are in place to protect critical data held in the cloud. As owner and protector of Europe’s largest private cloud, Interoute provides enterprises with the confidence that data trusted to its managed hosting and outsourcing solutions is secure.

“As more businesses look to outsource critical data to managed cloud computing solutions, it is imperative that we ensure the best standards of data security,” said Joe Stevens, Operations Security Director at Interoute. “In operating Europe’s largest private cloud, we understand the importance of data protection in this environment. The ISO 27001 certification demonstrates our commitment to protecting data entrusted to our managed hosting solutions.’

Interoute offers a full portfolio of managed hosting and security solutions for enterprises, providing dedicated capacity and protected transmission products, MPLS VPN, DDoS protection, firewalls, Intrusion Detection and Protection Services, as well as secure managed hosting solutions.

The integration and adoption of ITIL and ISO 27001 best practices into Interoute’s operations management provides the necessary quality and security assurances for enterprises looking to outsource their critical data. Interoute’s accredited security management system now encompasses its Operations Centres in Prague and Geneva, as well as five Data Centres in four European countries.

Interoute is committed to providing solutions that will protect enterprises from security risks and support compliance requirements. Interoute provides valuable insight into malicious activity on the internet through the Interoute Internet Barometer. The security barometer collects data from 22 high performance sensors built into the core of the European Internet, logging the source, destination and type of malicious activity, to provide organisations with valuable insight to help them defend against attacks on their network.

Microsoft: Cloud Computing Security Considerations

This white paper provides a high-level discussion of the fundamental challenges and benefits of cloud computing security, and raises some of the questions that cloud service providers and organisations using cloud services need to consider when evaluating a new move, or expansion of existing services, to the cloud. This document presumes that the reader is familiar with the core concepts of cloud computing and basic principles of cloud security. It is not the goal of this paper to provide all the answers to the questions of security in the cloud or to provide an exhaustive framework for cloud security.

How Safe is the Cloud?

In a recent article for Baseline, Steve Tillery, Chief Technology Officer and Senior Vice President of Engineering for Fischer International, replies to customers’ whose perceptions of cloud security are that the risks may now be beginning to outweigh the benefits.

Steve writes: “Is cloud computing right for every organisation? Absolutely not. Deploying IT systems and applications in the cloud or on premises is a decision every enterprise must make based on several considerations, including the company’s culture for outsourcing, internal cost versus expected ROI, regulatory requirements and IT needs.”

Steve goes on to talk about understanding requirements, educating staff and managers, summing up with: “Once managers realise the relevance and origin of prominent IT security threats, they can begin to understand that most are independent of the delivery model. Organisations that build a strong security framework backed by continuous education will discover that the cloud is not as dark and threatening as many fear.”

To read the article in full, click here.