what we’re reading, week of 5/25

Andrew Hay…
Is Data Safer on Premise or in the Cloud? It Depends.
Andrew Hay discusses whether data is more secure on the premise or in the cloud. While Andrew makes reasonable points for the cloud, he is partial to having datacenter, because he can “see, with [his] own eyes, the network, host, physical, and operational security capabilities, policies, and procedures [his] service provider will follow”. We agree Andrew, check our post from earlier in the month.

Endpoint Security.info…
1 TB of data on the Clinton Administration gone missing
Critical data from the Clinton Administration has been lost. The data that has been lost includes logs of events, social gatherings, and political records, as well as the social security number of a daughter of former Vice President Al Gore.

CNN | Travel…
How to safeguard your data as you travel
Debra Allen gives readers some simple tips on keeping data secure when connecting wirelessly on travels.

log me out please.

A while back we wrote a post about LogMeIn—a web-based remote access utility, which has been claimed to be sufficient enough to replace VPN solutions. Recently, an article in Inc., A New Way to Access Files Remotely, puts forth a similar line of reasoning. Inc’s Mark Spoonauer, states,

“…there’s never a reason to be stuck without that critical file. With remote-access tools, you can log in through any Web browser, anywhere in the world — even on a smartphone — and work on a screen that looks exactly like your desktop at home.”

Using web-based solutions to access important information is not secure. Users run the risk of having their computers broken into and exposing their internal corporate network to Internet users. GoToMyPC, another web-based remote access utility, allows users to drag and drop files between machines and share their desktop with someone miles away—all without disclosing any log-in information. Company IT departments are then unaware of who is accessing their networks.

Although these tools are convenient and serve the purpose of quick and easy access to the network, it is not by any means secure, and certainly not secure enough to replace VPNs altogether.

Hannah Steiman, Editor, Inc., tweeted the other day:

“What remote access software do you use? Tell us what you use and why you like it. We’ll run the best comments in Inc. http://bit.ly/aN5bC”

Tweet her back, and share with her what remote access solution you use. Hopefully its something more secure than web-based remote access utilities.

what we’re reading, week of 5/18

eWeek…
10 Things you should now know about… WINDOWS 7
eWeek’s lab provides readers with the top ten features and updates to Windows 7—one to highlight, no. 5.

End-Point Security…
DoD can’t handle inside threats
Poor security was most likely the cause of this event… James Wilbur Fondren Jr., deputy director for the U.S. Pacific Command (PACOM) Washington Liaison Office, has been charged with espionage conspiracy for providing classified information to an agent of a foreign government.

The Tech Herald…
Insider might have walked off with 10,000 patient records
Over 30 data theft reports have been filed since January 2009, Steve Ragan reports. A John Hopkins Hospital employee, with internal access, is believed to have leaked over 10,000 patient records.

VPN vs. Cloud Computing

A few weeks back, Raju Vegesna, blogger at Cloud Ave, wrote a post titled, Will Cloud Apps kill the VPN Market? Raju argues that the need / usage of VPNs are declining due to the availability of cloud applications, especially with more small and medium businesses adopting such methods. Although there is some appeal with not having a firewall or investing a great deal with security solutions, there are some implications to consider before switching to cloud.

• Who is going to watch the cloud? When data is submitted to a cloud provider it means it is stored and manipulated in an environment that is shared with other customers. This puts the responsibility on the customer—and not the provider. Security and privacy may be in jeopardy if it’s not carefully looked after. Also, legal consequences with compliance and auditing may result.
• Are you sure you are up for the challenge? Data, once it is in the cloud needs to be carefully and accurately monitored—this is timely and costly.
• Do you know where your data is? Once data is stored on the cloud, it is also stored in databases. This is a best practice for cloud providers, but may not be a best practice for the customer. The customer may lose sight and control of the data.

VPN solutions provide a secure means of controlling access to information and managing the risks associated with cloud computing.

what we’re reading, week of 5/11

Tech Republic…
The challenges of supporting a client with telecommuters
Susan Harkins addresses some of the challenges employers are facing while instituting telecommuting policies for employees. VPNs are the best way for workers to connect to the network remotely, however Susan points out that VPNs are vulnerable because they lack a firewall. However, NCP Secure Entry Client has an integrated firewall, making it a great solution for employers. We discussed some of these issues a few weeks back with the scare of the Swine Flu, but thought Susan made some good pointers so we included it in this week’s highlights.

TMCnet.com…
AEP Networks Study Finds Remote Data Security Pressing Issue
David Sims reports on a recent study by AEP networks—more business are allowing their employees to work remotely, while not ensuring secure networks. According to the results 92 percent of organizations questioned allow their employees to work remotely or on the move, while only 44 percent of respondents believe that their networks are no more than ‘quite’ secure. As working remotely becomes more prevalent, 61 percent are relying on VPN security.

Network World…
Who will check the security of cloud providers?
Tim Greene reports on a recent study done by Forrester’s analyst Chenxi Wang, “How Secure is Your Cloud?”. The report looks in depth at cloud computing security issues. One issue in particular is that more companies are turning to cloud computing as a way to save money because of the recession. As a result, customers must be intently aware of cloud privacy and security to prevent any posed risks.