Kishan Chakravarthy

Profile views
Kishan Chakravarthy asked a question: — 9 months ago
The computing world just keeps on progressing but as we all know with  progress comes additional challenges. This is especially true of  challenges around security. Every advance in computing has given rise to  the same question: “how do we secure this new toy?”When client/server architecture was all the rage in the late 1990s  there was great excitement about the advantages it brought about but  also a concern for the security implications of distributed clients and  centralised servers. When server consolidation came of age in the early  2000s the concern was how to keep applications secure when running on  the same server.In the age of cloud computing,  we seem to have introduced more security impacts than ever before.  Cloud computing has been the basis for many tremendous benefits in the  computing industry and has positively impacted many businesses around  the world. While we can celebrate all the advances we need to be very  aware of all the new threats that have come with the steps forward. The  following are some of the areas that concern security professionals in  the 2017:CloudAs I have stated in a past article, security concerns are still the number one impediment to cloud adoption in the computing world today. With that said, more and more  organisations are moving production workloads to the cloud every day and  how to secure those workloads is a question with no single answer.  Whether cloud workloads are treated as if they are in one's own data  centre or secured through as-a-service tools, placing workloads into the  cloud comes with some measure of uncertainty that requires research,  planning, and execution to mitigate.Edge/fog networksThe concept behind fog computing isn’t really all that new. I  remember moving web servers to the outer edge of the network, outside  the firewall, so that they can be closer to the users. The difference  now is that fog computing supports larger numbers of devices either at  the edge of the managed network or, in the case of IoT, placed  physically very far from the control plane.The somewhat obvious threat vector is the vulnerability of these  fog/edge to attack and the continuation of that attack to the control  plane, aggregation layer or even all the way to the virtual private  network or data centre. This needs to be dealt with in much the same way  as this type of problem was handled in past. The fog/edge devices need  to be hardened and the communications path between those devices and the  aggregation layer and the data centre (cloud or other) need to be  secured.Mobile usersIt was so much easier to secure an environment when we knew who our  user base was. Well, not anymore. The preponderance of mobile devices  that the service developers can have no control over, leaves the service  network open to attack via those devices. A user who utilises your  provided tested and secured app could easily have installed another app  which is just a front for malware of some kind. Beyond just writing apps  that are secure the systems as the front end of the data centre or  cloud environment that support these apps have to be strongly secured.  Additionally, communications between app and service layer need to be  secured and monitored.  MalwareOn June 26 the largest container shipping company in the world Maersk  Lines, Russian oil producer Rosneft, and pharmaceutical giant Merck,  along with hundreds of other institutions around the world, were all but  shut down by a global malware/ransomware attack.That the perpetrators used various public cloud-based resources to launch the attack is a very real possibility. Security professionals  around the globe are concerned about the form the next big malware,  virus, or ransomware attack will take. Practical and logical steps,  including planning for recovery, training, and maintenance, need to be  taken to prevent organisations from falling prey to these attacks.Global data expansionMany years ago, I wrote an article on how server consolidation can  positively impact data centre security by reducing the number of  operating system instance to maintain and by reducing the number of  possible targets for hackers. In today's ever expanding global data  environment we have to ask ourselves: have we provided too many targets  for the bad guys?The answer is maybe. Each individual and organisation have to be  engaged in preventing data loss and data theft by utilising the many  means of securing data that exist today. Data at rest encryption,  automated and versioned replication or version backup, are just some of  the ways an enterprise can protect themselves. These security concepts  apply equally to preventing and/or recovering from malware attacks.The only way to survive the many security threats that exist is  to: recognise the threats, learn about them and how to fight them; build  a comprehensive plan for protecting your organisation and for reaction  to and recovery from an attack; whether it is basic security maintenance  or implementation of major security efforts, take action. Don’t just  sit back and wait for an attack to happen.For Salesforce and cloud computing Updates Follows Us  @KishancvArticle Source is From :