Tag Archives: cloud security

Securing the Cloud and Driving Digital Transformation with BT

Guest blog by Ian Humphreys

Increasing numbers of UK firms are looking to harness the power of Infrastructure-as-a-Service (IaaS) cloud providers and integrators to improve agility, cut hardware expenditure and take advantage of improved scalability. The same is happening all over the world. In fact, an IDC survey of over 6,000 IT organisations last year revealed that nearly two-thirds are already using or planning to use public cloud IaaS by the end of 2016. Security has always been a major barrier to such adoption plans, with many organisations unaware of just how much responsibility for this they must take in an IaaS set-up.

That’s why Trend Micro last week announced a major new partnership with BT which will see our flagship Deep Security platform offered to all BT Cloud Compute customers. It will help organisations meet their share cloud responsibilities with one of the most comprehensive security solutions around.

Pros and cons
The benefits of cloud IaaS are undeniable. It’s being seen in an increasing range of use cases including website hosting; proof-of-concept testing; adding extra capacity at peak times; batch computing and much more. But there are risks. Cybercriminals are becoming increasingly adept at exploiting any gaps organisations might leave in their cloud infrastructure to go after sensitive customer data and IP. The shared resources of a multi-tenant environment may raise fears of inter-VM attacks, for example. And unpatched systems continue to represent a major risk.

Yet many struggle because they’re running IaaS in a hybrid cloud environment, but aren’t able to consolidate their security across physical, virtual and cloud. This can create management headaches for IT and even lead to further security gaps for the black hats to exploit. Performance issues may also occur if their security hasn’t been designed with cloud infrastructure in mind.

Protecting the ecosystem
Cloud IaaS may be owned built and managed by the provider, but as a rough rule of thumb everything above the hypervisor is the responsibility of the customer. Fortunately for BT Cloud Compute customers, our award-winning Deep Security platform is now available to secure their cloud workloads.

Deep Security is one of the most comprehensive cloud security products on the market, including:

Anti-malware: protects cloud servers
Web reputation: blocks access to malicious URLs
Intrusion prevention: vulnerability shielding protects servers and apps from any known and zero-day threats
Stateful firewall: decreases attack surface by ensuring only pre-approved ports, protocols and IP addresses access VMs
File and system integrity monitoring: Helps spot covert targeted attacks by detecting suspicious changes to files, directories, registry keys etc.
Log inspection: collects OS and app logs to detect suspicious behaviour and support compliance efforts

What’s more, Deep Security runs across physical, virtual and cloud servers, minimising operational costs and ensuring all policies are centrally managed. It’s also been designed in close co-operation with some of the world’s biggest cloud providers for tight integration and high performance.

The major DDoS outage at DNS firm Dyn last year reminded us of the potential disruption to the cloud ‘ecosystem’ that can occur when a provider high up the stack is compromised. This new partnership will therefore benefit BT’s direct customers, helping them to drive digital transformation and profits while staying secure. But it will also have the knock-on effect of ensuring maximum uptime and security for any customers of theirs accessing their services via the cloud: a win-win all round.

 

Trend Micro a Double Winner at V3 Technology Awards as Deep Security and Deep Discovery Impress

by Bharat Mistry

The UK’s IT decision makers have it pretty tough. On the one hand the sheer range, volume and persistence of threats today make it virtually impossible to keep digital corporate assets 100% safe. But on the other, the outrageous hyperbole spread by security vendors in what is an increasingly crowded market makes finding the right tools more challenging than it’s ever been. In these situations, the opinions of journalists, independent reviewers and customers themselves become incredibly important. Continue reading

Ransomware Server Threat Demands a Virtual Patching Response

by Bharat Mistry

We all know that ransomware is one of the biggest threats facing UK organisations today. You only have to take a look at the headlines to see the havoc it’s wreaking all over the country, and the world. But although the broad message seems to be getting through, Trend Micro research has revealed a troubling lack of awareness when it comes to the details.

As we head towards VMworld Europe in a fortnight it’s worth remembering that only a layered approach to protection offers the best chance of success. That’s because corporate servers are increasingly being singled out by the black hats as vulnerable targets. Continue reading

CLOUDSEC takeaway – Cyber security is not just an IT issue

Guest blog by Andrew Tang, Service Security Director at MTI Technology

With a fantastic turnout at CLOUDSEC 2016, attendees comprised of security and IT practitioners from numerous industries. Despite these varying sectors, one thing became abundantly clear: the same issues are keeping IT security professionals awake at night – securing cloud environments, securing privileged access accounts and user education. Continue reading