Analysts estimate 30% of today’s data center workloads are being virtualized and this number continues grow. As such, the need to provide the same intrusion protection system or IPS security for applications in virtualized and non-virtualized data centers is a must. In short applications on virtualized servers need the same protections as applications running on non-virtualized servers. To meet that end 3Com has launched its Secure Network Fabric and TippingPoint’s Secure Virtualization Framework.

Yesterday RSA announced new controls for virtual infrastructure security in cloud environments. Concerns regarding security and compliance have been primary factors preventing large enterprises from placing production workloads on shared virtual infrastructure in the cloud. Yesterday?s announcement and proof-of-concept didn't solve all of public cloud?s security woes, but it brought us closer to a practical solution....

The speaker lineup at this year's annual RSA Security Conference and Expo, underway this week in San Francisco, is packing some serious federal heat.

Bad pun, but true. I originally talked about this in this post. Actually, the encryption itself is straightforward. It’s the management of keys that has to be done correctly. Hard ? Yes. Impossible? No. Will market forces provide workable solutions? Yes. The dollars in play are too great.

by Chris Hoff

I saw a very interesting post on LinkedIn with the title PwC/TSB Debate: The cloud/thin computing will fundamentally change the nature of cyber security…

Is moving to virtualization and cloud computing making network security easier or harder? When some 2,100 top IT and security managers in 27 countries were asked, the response revealed a profound lack of consensus, showing how divided attitudes are within the enterprise.

Cisco, NetApp, and VMware Tuesday announced a project to improve the security of virtualization deployments, with a focus on isolating applications that use the same physical network, server, and storage resources in multi-tenant systems.

By Chris Hoff

In the Information Security community, many of us have long come to the conclusion that we are caught in what I call my “Security Hamster Sine Wave Of Pain.”  Those of us who have been doing this awhile recognize that InfoSec is a zero-sum game; it’s about staving off the inevitable and trying to ensure we can deal with the residual impact in the face of being “survivable” versus being “secure. [..]”

The storage and computing cloud services, S3 and EC2, respectively, were briefly affected Wednesday.

MIT Technogy review recently published a great article titled: Security in the Ether addressing security, privacy and reliability issues resulting from cloud computing.  Some of the interesting points in this article include the cloud security threat is across two related dimensions.read more