Cloud security: The essential checklist

Cloud security is one of those things that everyone knows they need, but few people understand how to deal with. I

The good news is that it’s actually pretty simple, and somewhat similar to security for your enterprise systems. Here’s a checklist of what you may need and how to make these features work.

  1. Directory service. If you use identity and access management, you need a directory to keep the identities. Although Microsoft’s Active Directory works just fine, any LDAP-compliant directory will work. Note that you need to deal with security at the directory level as well, so the directory itself does not become a vulnerability.
  2. Identity and access management. IAM is needed to ensure that you can configure who is who, who is authenticated, and what devices, applications, or data they can access. This gives you complete control over who can do what, and it puts limits on what they can do. These IAM tools are either native to the public cloud platform or come from a third party.
  3. Encryption services. What specific encryption you needwill largely depend on where you are in the world and the types of things you need to encrypt, as well as if you need to encrypt data at rest, in flight, or both. I say “services” (plural) because you’ll likely ise more than one encryption service, including at the file, database, and network levels.
  4. Security ops. Often overlooked, this is the operational aspect of all of security. Security ops, aka secops, includes the ability to proactively monitor the security systems and subsystems to ensure that they are doing their jobs and that the security services are updated with the latest information they need to keep your system safe.
  5. Compliance management. Another often overlooked security feature, this is where you deal with those pesky rules and regulations that affect security. No matter if you need to be GDPR-compliant or HIPAA-compliant, this is where you have a console that alerts you to things that may be out of compliance and lets you take corrective action.

Of course, you may need more security features than these five types, based on who you are, what sector you’re in, and your own enterprise’s security requirements. However, this checklist provides a solid foundation for security success. Chances are that you’re missing one or two of them.

Related Posts:

  • No Related Posts

Facebook Moves to Limit Hate Speech as ‘Times’ Scandal Swirls

Mark Zuckerberg would like you to know that despite a scathing report in The New York Times, which depicts Facebook as a ruthless, self-concerned corporate behemoth, things are getting better—at least, the way he sees it.

In a lengthy call with reporters Thursday, and an equally lengthy “note” published on Facebook, the company’s CEO laid out a litany of changes Facebook is making, designed to curb toxic content on the platform and provide more transparency into the decisions Facebook makes on content. But perhaps the most consequential update is that the Facebook News Feed algorithm will now try to limit the spread of sensationalist content on the platform, which represents a major change from how the company has traditionally approached moderation. All of it is in service of restoring trust in a company whose public reputation—and the reputation of its leaders—have taken near constant body blows over the past two years.

“When you have setbacks like we’ve had this year that’s a big issue, and it does erode trust, and it takes time to build that back,” Zuckerberg said on the call. “Certainly our job is not only to have this stuff at a good level and to continually improve, but to be ahead of new issues. I think over the last couple of years that’s been one of the areas where we’ve been most behind, especially around the election issues.”

Zuckerberg’s words come a day after the Times published a damning report that portrays Facebook as not merely behind on issues of election interference, as Zuckerberg suggests, but actively working to downplay what it knew about that interference. It suggests that Facebook’s executives, wary of picking sides in a partisan battle over Russian interference in the 2016 election, aimed to minimize Russia’s role in spreading propaganda on the platform. The story states that Facebook’s former head of cybersecurity, Alex Stamos, was chastised by the company’s chief operating officer, Sheryl Sandberg, for investigating Russian actions without the company’s approval and berated again for divulging too much information about it to members of Facebook’s board.

In his remarks, Zuckerberg flatly denied this allegation. “We’ve certainly stumbled along the way, but to suggest that we weren’t interested in knowing the truth or that we wanted to hide what we knew or that we tried to prevent investigations is simply untrue,” he said. (Stamos, for his part, tweeted earlier on Thursday that he was “never told by Mark, Sheryl or any other executives not to investigate.”)

The Times story also alleges that Facebook waged a smear campaign against its competitors through an opposition research firm called Definers Public Relations. The firm repeatedly worked to tie Facebook’s detractors, including groups like the Open Markets Institute and Freedom from Facebook, to billionaire George Soros. Critics say that in doing so, Facebook engaged with the same anti-Semitic tropes that have been used by white nationalists and other hate groups that regularly villainize Soros.

Zuckerberg denied having any personal knowledge of Definers’ work with Facebook, and said he and Sheryl Sandberg, Facebook’s chief operating officer, only heard about the relationship yesterday. That’s despite the fact that Definers often coordinated large-scale calls with the press on behalf of Facebook and its employees and, in at least one case, sat in on meetings between Facebook and the media.

After Zuckerberg read the story in the Times, he says Facebook promptly ended its relationship with the firm. “This type of firm might be normal in Washington, but it’s not the type of thing I want Facebook associated with, which is why we’re no longer going to be working with them.”

But while Zuckerberg said he had no knowledge of Definers’ work or its messaging, he defended Facebook’s criticism of activist groups like Freedom from Facebook. He said the intention was not to attack Soros, for whom Zuckerberg said he has “tremendous respect,” but show that Freedom from Facebook “was not a spontaneous grassroots effort.”

Zuckerberg declined to assign blame for the tactics allegedly employed by Definers, or to comment on broader personnel issues within Facebook itself. He said only that Sandberg, who has been overseeing Facebook’s lobbying efforts and who is portrayed unfavorably throughout the Times story, is “doing great work for the company.” “She’s been an important partner to me and continues to be and will continue to be,” Zuckerberg said. (Sandberg was not on the call.)

For the umpteenth time this year, Zuckerberg found himself working overtime to clean up Facebook’s mess, even as he wanted desperately to tout the progress the company’s been making. And it has made important progress. In Myanmar, where fake news on Facebook has animated a brutal ethnic cleansing campaign against the Rohingya people, the company has hired 100 Burmese speakers to moderate content there and is now automatically identifying 63 percent of the hate speech it takes down, up from just 13 percent at the end of last year. Facebook has expanded its safety and security team to 30,000 people globally, more than the 20,000 people the company initially set out to hire this year. It’s also changed its content takedown process, allowing people to appeal the company’s decisions about content they post or report. On Thursday, Facebook announced that within the next year, it will create an independent oversight body to handle content appeals.

But by far the biggest news to come out of Thursday’s announcements is the change coming to Facebook’s News Feed algorithm. Zuckerberg acknowledged what most observers already know to be one of Facebook’s most fundamental problems: That sensationalist, provocative content, even content that doesn’t explicitly violate Facebook’s policies, tends to get the most engagement on the platform. “As content gets closer to the line of what is prohibited by our community standards, we see people tend to engage with it more,” he said. “This seems to be true regardless of where we set our policy lines.”

This issue is arguably what undergirds most of Facebook’s problems the past few years. It’s why divisive political propaganda was so successful during the 2016 campaign and why fake news has been able to flourish. Until now, Facebook has operated in a black-and-white environment, where content either violates the rules or it doesn’t, and if it doesn’t, it’s free to amass millions of clicks, even if the poster’s intention is to mislead and stoke outrage. Now Facebook is saying that even content that doesn’t explicitly violate Facebook’s rules might see its reach reduced. According to Zuckerberg’s post, that includes, among other things, “photos close to the line of nudity” and “posts that don’t come within our definition of hate speech but are still offensive.”

Zuckerberg called the shift “a big part of the solution for making sure polarizing or sensational content isn’t spreading in the system, and we’re having a positive effect on the world.”

With this move, Facebook is taking a risk. Curbing engagement on the most popular content will likely cost the company money. And such a dramatic change no doubt opens Facebook up to even more accusations of censorship, at a time when the company is fending off constant criticism from all angles.

But Facebook is betting big on the upside. If outrage is no longer rewarded with ever more clicks, the thinking goes, maybe people will be better behaved. That Facebook is prepared to take such a chance says a lot about the public pressure that’s been placed on the company these last two years. After all of that, what does Facebook have to lose?


More Great WIRED Stories

Related Posts:

  • No Related Posts

Cisco beats as network gear demand rises, new bets pay off

(Reuters) – Cisco Systems Inc beat analysts’ estimates for quarterly revenue and profit on Wednesday, as the network gear maker benefited from demand for its routers and switches and growth in its newer focus areas such as software.

FILE PHOTO: A logo of Cisco is seen during the Mobile World Congress in Barcelona, Spain February 27, 2018. REUTERS/Yves Herman/File Photo

Shares of the company, which also forecast second-quarter revenue largely above expectations, rose 4 percent in extended trading, putting them on track to add to the nearly 16 percent gain for the year.

Cisco pivoted to software and cyber security to cushion the impact from slowing demand for its routers and switches from companies increasingly shifting to cloud services offered by Amazon.com Inc, Microsoft Corp and Alphabet Inc instead of building their own networks.

Revenue in its application software businesses rose 18 percent to $1.42 billion, beating analysts’ average estimate of $1.37 billion, according to IBES data from Refinitiv.

Sales in its security business, which offers firewall protection and breach detection systems, rose 11 percent to $651 million. That fell short of IBES estimate of $656.4 million, but beat research firm FactSet’s estimate of $648.1 million.

Deals such as the $2.35 billion purchase of cyber security provider Duo Security in August have played an important part in driving growth in Cisco’s newer business.

Acquisitions provided an 80 basis point boost to the company’s first-quarter results year-over-year, Chief Financial Officer Kelly Kramer said on a post-earnings call with analysts.

Revenue in its infrastructure platform unit, which houses the switches and routers business, rose about 9 percent to $7.64 billion, topping expectation of $7.39 billion.

Subscriptions, which provide a more steady revenue flow, accounted for 57 percent of total software revenue in the first quarter, the company said. The share was 56 percent in the preceding quarter.

“Cisco is executing on its plan to move its business model to software and subscriptions while benefiting from a strong IT spending environment,” said Mark Cash, an analyst with Morningstar.

Cisco said tariffs were immaterial for the reported quarter, but added that the impending 25 percent duties could weigh on third-quarter results.

The company said it expects second-quarter revenue growth of between 5 percent and 7 percent from a year earlier. This implies a range of between $12.48 billion and $12.72 billion, while analysts were expecting $12.53 billion.

For its first quarter ended Oct. 27, the company reported an adjusted profit of 75 cents per share, above the average estimate of 72 cents.

Total revenue rose 7.7 percent to $13.07 billion, topping estimate of $12.87 billion. However, the company said deferred revenue fell 9.4 percent to $16.81 billion.

Reporting by Akanksha Rana in Bengaluru; Editing by Sriraj Kalluvila

Related Posts:

  • No Related Posts