Category Archives: Security

21st Century Cybercrime – The Evolution Of Protecting Your Data

“21st Century Cybercrime – The Evolution of Protecting Your Data”


The relentless development of technology has facilitated an increase in cybercrime, affecting individuals and businesses in different ways and to differing degrees. Since the advent of the internet the protection of data has been of paramount importance, however, the development of various technologies has made the protection of data more and more difficult to ensure. In the UK alone, cybercrime was found to cost organisations on average £2.1million per year with an average of 41 cyber-attacks per week.

Back when the internet age was still young, cybercrime was hacker led, largely committed by individuals hoping to prove the existence of glitches in operating system. An example of such was Moonlight Maze when hackers targeted military information held by the Pentagon. Proving the glitch was an end in itself.

As technology has advanced, however, cybercrime has become the domain of organised gangs seeking financial gain from their crimes. The cybercrime network is today a legitimate and sophisticated business with technical innovators at the top.

Information Theft

Information theft is increasingly common, with gangs infiltrating computer systems in order to extract the personal data of users. One headline grabbing infiltration occurred in 2011 when marketing giant Epsilon had their email lists hacked; those lists comprised customers of large firms such as Citibank and JP Morgan. The criminals used these email addresses for phishing.

The development of third party cloud storage technology has assisted cyber criminals as large batches of data are now so often stored within one cloud. It is essential that companies separate out their data across multiple storage options. Experts have indeed highlighted that cloud data is especially prone to crime due to a lack of security measures. For personal cloud storage it is essential to protect your data by using two-step verification if it is available.

Smart Phones

The continued technological advancement of smart phones also poses an opportunity for cyber criminals. Criminals employ those techniques used on PCs alongside new smart phone specific approaches. In particular, social networking apps which hold a wealth of personal information which are often exploited by cyber criminals. The best protection against this both on smart phones and computers is to remove all personal details from your account and lock down your security settings. Worryingly, anyone can develop and retail an app, even criminals. Some users may ‘root’ or ‘jailbreak’ their smart phones. This is the ability to tamper with a phone’s operating system.

A recent study found that the industry most susceptible to cybercrime is the travel industry. This is largely down to a change in consumer behaviour, with more and more people booking their travel online. Social attitudes today mean that people are far more willing to input bank details online and do not recognise that their details are data easily accessible by criminals. There are simple ways in which consumers can protect themselves such as researching the holiday company to ensure it is reputable and pay for holidays using a credit card.

By Akash Valand

Cloud Computing Round-Up Week 19th-26th Of Jan, 2014

Cloud Computing Round-Up Week 19th-26th Of Jan, 2014

Cloud Computing Round-Up Week 19th-26th of Jan, 2014


Here’s a round-up of the 3 top cloud stories making the headlines this week.

Microsoft To Store Foreign Users’ Data Overseas – As the NSA gets grabby with users’ data, when those users happen to be using US based computing services, Microsoft have made a controversial move to begin storing their data overseas, keeping their information out of the reach of the long arm of the American law. Brad Smith, Microsoft’s general counsel, has told the Financial Times that “People should have the ability … to make an informed choice of where their data resides.” The decision, does not, however, keep American users’ data safe, as their information will still lawfully be within the NSA’s jurisdiction and some users may still choose to move their info away from the Redwood, Calif. computer company.

(Image Source: Shutterstock)

Verizon Reveal Figures of NSA’s Data Requests – Thanks to Edward Snowden’s now infamous work to shed light on the NSA’s data dealings, we now know that more than a handful of companies have been subject to data trading with the American group, as a result of the NSA’s counter-terrorism operations. However, despite being required to in many cases, the reputations of many of these companies has taken a hit, with Verizon being one of them. As a result, they’ve revealed that they have received over 300,000 requests (approximately) to aid US law enforcement, including subpoenas, warrants and even NSLs (National Security Letters) from the FBI. While some have said that there needs to be more transparency, it is also important to note that some information (specifically Foreign Intelligence Surveillance Act orders, or FISAs) is required to be kept from the public by Verizon due to the law.

Yahoo Search Gets Automatic Encryption – Also in a move to save face with the tech-using public, Yahoo have now chosen to encrypt the searches that their users conduct via their popular Yahoo search engine. The move by Yahoo comes after it was revealed that there are more than a few ways that hackers can and have made their way into Yahoo’s servers, even leading the company to offer monetary rewards to users who could identify flaws and issues in their security in an effort to discover security problems that Yahoo themselves may have missed. It has also been suggested that this is another way to keep the NSA out of their users’ data. However, the search encryption does not seem to be available in the UK or Japan just yet, with only US users’ searches being encrypted.

By Jennifer Livingstone

Cloud Infographic: Going To The Cloud

Cloud Infographic: Going To The Cloud

Cloud Infographic: Going To The Cloud

Over the past few years, we’ve covered the importance of cloud computing in the classroom and its defining nature as something to adopt and accept moving forward. Some of our coverage has been flippant while other discussions have been more serious in nature. Nevertheless we can all agree that cloud based education will be universal and the accepted method of teachings by many in the next little while. Massive cloud based classrooms will exist, and it will be just a matter of time before older generations start sharing stories of the good old days when classrooms were built with chalkboards and desks. In the meantime, cloud based educational services will be a hot topic for many years to come…

Attached is an excellent infographic provided courtesy of .


Infographic Source:

Why Reliability Is The Buzz Word For Cloud In 2014

Why Reliability Is The Buzz Word For Cloud In 2014

Why Reliability Is The Buzz Word For Cloud In 2014

Any discussion of cloud adoption primarily boils down to two important concerns – data security and cloud reliability. A study conducted by Tata Consultancy Services sometime back revealed some interesting insights – while customers in Europe and Asia-Pacific saw data security as the most important parameter while picking a cloud vendor, their counterparts in the US and Latin America wanted reliability more than security. It is very likely that this scenario may have changed quite drastically over the past year after the NSA revelations.

While concerns about data security have definitely made businesses jittery about migrating to the cloud, it is reliability where the concerns just wouldn’t go away. With respect to security, it is relatively easier for a cloud vendor to showcase their infrastructural capabilities – has your provider deployed the necessary standards to make data hack-proof and tamper-proof? Are proper firewalls and intrusion detection mechanisms in place? If the answer to these questions is a ‘yes’, then you could be rest assured that your data is safe and secure in the servers of your cloud provider.


The same however cannot be said of reliability. Can your vendor promise a 100% or even 99.5% uptime guarantee for the next year? Are you absolutely sure your services would not go down tomorrow? Contracts often tie downtimes with financial compensation. So while you may get monetary credits for unforeseen downtimes, none of this will ensure your customers shall be able to access your service with 100% reliability. Cloud technology will continue to face questions till these concerns are put to rest.

This is exactly why I believe 2014 could be the year of cloud reliability. We are already seeing signs for this happening. Late last year, IBM unveiled the wraps on their ‘cloud of clouds’ toolkit based service called InterCloud Storage that could go a long way in ensuring service reliability. Put simply, InterCloud Storage makes it possible for customers to store their data in a multi-vendor setup so that their data can be made available from an alternate server even if their primary vendor is facing a downtime. In essence, IBM’s patent pending technology makes the vendor’s performance-guarantee independent of their server availability. With this, a 100% uptime assurance could actually be a reality!

Another interesting process is being built by Microsoft. A recent patent application from the company has revealed their work on a new performance-based pricing system for cloud. Today, customers pay for cloud services without any assurance of how reliable the network could be. Consequently, customers pay the same price for an hour of service regardless of how much downtime their services could face in that period. Microsoft’s technology makes it possible for vendors to charge customers based on performance metrics like uptime, I/O rate, etc. instead of merely paying for the duration of consumption.

The technologies announced by IBM and Microsoft could go a long way in securing the future of the cloud. Cloud is already seeing terrific growth rates in industries that have traditionally served on-premise solutions. According to Mary Ellen Power, the Vice President of Marketing at Silanis; a company that offers electronic signature technology to the US Army among other organizations, the cloud based solutions in their sector are seeing a 50% annual growth rate of late.

For such businesses that serve solutions to customers in regulated industries (banking, insurance, military, etc.), reliability and security are of utmost importance. Technologies like InterCloud and performance based pricing would ensure the reliability of their solutions. In turn, this is likely to help in furthering the proliferation of cloud through the next few years. What are your thoughts?

By Anand Srinivasan,

Anand is a writer and technology consultant based out of Bangalore, India. He may be reached at

New Year, New Cloud? Managing “Extreme Data”

New Year, New Cloud? Managing “Extreme Data”

Managing “Extreme Data”

Companies are familiar with the concept of “big data”; every piece of information they generate from day-to-day business processes or when interacting with customers is considered valuable, so long as these pieces are quickly analyzed and converted into actionable results. But according to predictions from the Institute of Electrical and Electronics Engineers (IEEE), big data is just the beginning—2014 marks the start of a race to establish leaders in the “extreme data” market.

Going to Extremes

Most IT professionals recognize the “three Vs” of big data: Volume, Variety and Velocity. To make the most of constant data flows, companies need a high volume of information for analysis, a wide variety of data to examine and a high rate of data transfer. One other V gaining ground is Veracity, which speaks to any inherent bias in collected data along with its relevance to the problem at hand. In other words, the three Vs are a good starting point but won’t point a company in the right direction if the data collected contains a massive bias or intersects only tangentially with the question being asked.

Making this market more complex is the increasing amount of data coming from previously untapped sources. This is an extension of a concept called the Internet of Things, which focuses on bringing objects and products outside the technology spectrum into the online community using the cloud. Wireless sensors and radio frequency identification (RFID) chips are commonly used to track products as they move from assembly to production to quality control and are finally shipped to the customer, or to report “unstructured” data in real time, for example how consumers use appliances and technology in their homes. The result is an rapid increase in the amount of data available to companies, enough to justify the shift in market wording from merely big to extreme.

Tools and Training

Companies face two challenges when it comes to managing extreme data: Tools and training. Technology giants and startup companies alike are able to compete in this emerging market, since it’s not the hardware they sell that matters but rather the kind of analysis they can deliver through an accessible cloud portal. Where prescriptive analytics once ruled as a way to correct inefficient businesses processes, predictive algorithms have emerged able to intelligently consider data and deliver predictions about the future rather than mere confirmations about the present.

This leads to the second challenge: Training. While these tools are deceptively simple, they will never reach maximum efficiency without skilled hands guiding the wheel. Strides are being made in cognitive computing—the science of teaching computers to think like human beings—but there’s still no replacement for the human capacity to examine the “bigger picture” and put data sets in context. Analysis tools for extreme data have evolved at a steady pace and can now handle massive information volumes with virtually no hardware lag, but trained data scientists are needed to ask the right questions; even the best data means nothing without interpretation.

Finding the Time

If hiring data scientists and paying for analytics tools sounds costly, it can be, especially if companies want to get it right the first time. As a recent Forbes article notes, however, analytics half-measures aren’t effective and can cripple efforts to make best use of extreme data.

Companies, therefore, have several choices. If this is their first foray into extreme data, it’s worth considering strategic consultation for a single analysis project. Using a trusted, experienced IT service provider lets businesses skip the step of finding and vetting analytics providers in a suddenly crowded market. If more robust analysis tools are required, there are two options: Outsource the task entirely, or supplement existing IT staff with professionals from a reputable third party. In many cases, this kind of shared responsibility offers the best mix of flexibility and security; in-house IT administrators retain control of all mission-critical data while outsourced IT handles the day-to-day details. With IT staffers already hard pressed to keep up with cloud deployments and mobile advancement, there’s nothing wrong with getting a little help for extreme data analysis.

The flow of data isn’t slowing—in fact, its pace continues to increase. Companies can’t ignore this data, nor can they blindly analyze portions hoping for actionable results. The right tools, the right training and the right help make all the difference in the transition from big to extreme.

By David Eisner

David is the President & CEO of Dataprise Cloud Services, an IT Services company based in Maryland. Visit Dataprise’s site today to learn more about available services.

Keeping Your Business Data Secure In An Insecure World

Keeping Your Business Data Secure In An Insecure World

Keeping Your Business Data Secure

If you’re a small or medium-sized business (SMB), you might be hoping keeping your head down and staying off the Cloud will keep your data safe from interlopers — hackers and government agencies alike. Yet Verizon Communications’ 2013 Data Breach Investigations Report found 72 percent of data breaches occurred in companies with fewer than 100 employees. As long as your business is above board, malware and phishers might be a bigger concern for you than the National Security Agency. Still, the privacy of your data is related to two C words: choice and control.


Depending on the needs of your business, public or private Cloud, on-premises, or a hybrid model might work best for you. Setting up a server room might be cost-prohibitive for a small business, while a healthcare company might have concerns about keeping their data security HIPAA-compliant. (Trends suggest many companies see the Cloud in their future. A 2012 survey from Vanson Bourne found 38 percent of businesses have already adapted Cloud computing, while another 29 percent have plans to do so.)


When choosing between Cloud, on-premises, and hybrid options, it’s important to keep the data security pyramid in mind. At the bottom, or least secure, would be running everything from your non-password-protected mobile device, while a tier-one cloud provider or on-premises severs could be at the top, or most secure. But simply because a public Cloud might be a few layers up from the base, it doesn’t mean you and the vendor can’t work together to encrypt and protect your data.


Regardless of where your business decides to keep its data, it’s essential to opt for technology that lets you keep a measure of control. If you’re putting information on the Cloud, do you know where it’s physically stored? Can you pull it off whenever you want? Will you be holding the encryption keys to your data, or will they live in the provider’s Cloud? You’ll want to address these issues with your vendor. The Cloud is everywhere. You’re already in the Cloud.

Even if you’re not on the Cloud, strictly speaking, it doesn’t mean your data isn’t. Your own employees may be storing sensitive files in Dropbox or emailing them to their Google e-mail address so they can work from home. Perhaps their company e-mail is synced to their personal mobile devices. A recent poll from McAfee showed 45 percent of SMBs don’t secure data on employees’ personal devices.

It’s easy to feel insecure when some of the biggest companies in the world find themselves vulnerable to snooping. After a recent breach by the NSA, Google’s working to encrypt the traffic between its data centers. But the revelation serves as an important reminder to review or update your own security policies — and remind your employees why they’re so important. A survey from data security firm SafeNet, Inc. found that 59 percent of respondents would be unsurprised if their boss was violating company policy by using a file-sharing service such as Dropbox. Instead of shunning these convenient tools, Chief Information Officers (CIOs) or Chief Information Security Officers (CISOs) need to take a more realistic approach to protecting data by making sure these Cloud-based apps are used securely.

Ok, now what? Unless you’re planning on unplugging the router and going entirely on paper, it’s imperative to protect your data wherever it lives. The Cloud Security Alliance’s best practices is a useful guide. Its recommendations include evaluating which assets you feel comfortable transferring to the Cloud, identifying threats and how they would impact your business, and developing risk treatment plans.

But perhaps the best place to start is a refresher course for employees. Forrester research shows 36 percent of security breaches are caused by employees’ inadvertent misuse of data. Last year, businesses lost $1.5 billion in phishing attacks, according to a report by EMC Corp. Employees at all levels — online-rsa-fraud-report-012013 — are tricked into opening e-mails that appear to be from a colleague. From there, the recipient is asked to reset a password, click a harmful link, or even wire $100,000 into an account. Falling for such a scam can happen to just about anyone. (Just ask Coca-Cola exec Paul Etchells.)

Finally, in line with the desire for control and choice, make sure to grill your cloud software provider with questions like these.

You should have the power to control where your information ends up and choose who has access to it. The threat of spies or hackers shouldn’t send you screaming for the WiFi-less hills, but hopefully it will inspire you to tighten your security belt, no matter where it lies.


By Stijn Hendrikse

Sijin is the Chief Marketing Officer at Acumatica. He has over 20 years of experience in the software business.

20 Million Credit Cards Compromised In South Korea

20 Million Credit Cards Compromised In South Korea

According to BBC, 20 million South Korean credit card details have been stolen in one of the biggest security robberies the country has faced, affecting almost half of the population. A contractor for the Korea Credit Bureau managed to gain access and copy 20 million unencrypted names, social security numbers and credit card details onto a USB stick.

The contractor, who has since been identified and put in custody, managed to take the information due to lack of encryption and no blockade between the contractor and the sensitive information, according to the Financial Services Commission, the financial regulator for South Korea.

Once the information had been copied, the contractor sold it to various marketing firms for unknown amounts, managers of these firms have also been arrested. The Korea Credit Bureau did not know information had been stolen until an investigation was carried out into the claims.

It is unknown where the information has got to at this point – since it involves credit card details and names, the price of this information will have skyrocketed, although security teams are now working with the bank to make sure no money is lost.

Affected users are being told to change their password and other sensitive information, to make it harder for any hackers or fraudulent criminals to gain access to their bank account.

KB Kookmin Card, Lotte Card, and NH Nonghyup Card are the three credit card groups involved with the Korea Credit Bureau, a company that produces credit scores for the three major banks. All three managers have apologized and said their bank will cover any losses. This is not the first time South Korea has been hit by cyber crime trouble, in the past two years KT Mobile has had 8.7 million subscribers’ details leaked and social-network Cyworld had a 35 million user information breach.

This is just the latest outbreak in technology security – just last week Target was hit by a major hack, compromising users data and affecting millions of customers and showing the vulnerabilities of old systems and lack of encryption.

By Walter Bailey

(Image Source: ShutterStock)

The Advantages Of The Private Cloud For Your Business

The Advantages Of The Private Cloud For Your Business

The Advantages Of The Private Cloud For Your Business

Reduction in email volume

Early adopters of cloud-based collaborative apps are learning quickly how much easier it is for team members to post comments in a FaceBook-style conversation thread, instead of sending and receiving hundreds of cc’d emails. Collaborative environments are opening up opportunities to communicate and to share and edit documents in a highly efficient way that aligns better with thought processes and human dynamics.

Online signing of forms replaces print-sign-scan-send

Online form-signing apps such as SignNow, Echosign by Adobe Systems, and DocuSign allow signatures, initials and comments to be appended to electronic documents, eliminating the need to print out, sign scan and send back. Fully enforceable and protected by both international law and a clear audit trail, these forms allow early adopters of cloud technology a faster and more convenient process for the creation, storage and processing of important documents.

BYOD, cloud storage and asynchronous workflow 

By allowing employees to work on their personal favourite devices rather than company-issued laptops, and by encouraging the use of secure cloud-based storage apps such as Box and EverNote, early adopters of cloud technology are building a more resilient, creative and dedicated workforce – one that can actually take advantage of fractured schedules, fitting work into smaller spaces in calendars, and working more in-line with individuals’ own personal approaches to tasks and priorities.

Better Project Management

Project Management has been dominated for years by expensive dedicated software, but new affordable cloud-based apps allow for increased communication, collaboration and document sharing, without sacrificing the essential tools of Project Management such as Gantt Charts and Work BreakDown Structure. Early adopters of cloud technology are capitalizing on a more economical and dynamic approach to the complexities and constraints of managing a project.

Metrics: knowing what the customer wants

Data about customer habits and desires comes in many forms, and one of the best comes from siding with cloud metrics companies that review a company’s site performance in seconds, not days or weeks, and can deliver real-time awareness of customers’ purchasing and browsing habits.

By Steve Prentice

CloudTweaks Comics
Security and the Potential of 2 Billion Device Failures

Security and the Potential of 2 Billion Device Failures

IoT Device Failures I have, over the past three years, posted a number of Internet of Things (and the broader NIST-defined Cyber Physical Systems) conversations and topics. I have talked about drones, wearables and many other aspects of the Internet of Things. One of the integration problems has been the number of protocols the various…

The DDoS That Came Through IoT: A New Era For Cyber Crime

The DDoS That Came Through IoT: A New Era For Cyber Crime

A New Era for Cyber Crime Last September, the website of a well-known security journalist was hit by a massive DDoS attack. The site’s host stated it was the largest attack of that type they had ever seen. Rather than originating at an identifiable location, the attack seemed to come from everywhere, and it seemed…

Cloud Infographic: Security And DDoS

Cloud Infographic: Security And DDoS

Security, Security, Security!! Get use to it as we’ll be hearing more and more of this in the coming years. Collaborative security efforts from around the world must start as sometimes it feels there is a sense of Fait Accompli, that it’s simply too late to feel safe in this digital age. We may not…

Update: Timeline of the Massive DDoS DYN Attacks

Update: Timeline of the Massive DDoS DYN Attacks

DYN DDOS Timeline This morning at 7am ET a DDoS attack was launched at Dyn (the site is still down at the minute), an Internet infrastructure company whose headquarters are in New Hampshire. So far the attack has come in 2 waves, the first at 11.10 UTC and the second at around 16.00 UTC. So…

A New CCTV Nightmare: Botnets And DDoS attacks

A New CCTV Nightmare: Botnets And DDoS attacks

Botnets and DDoS Attacks There’s just so much that seems as though it could go wrong with closed-circuit television cameras, a.k.a. video surveillance. With an ever-increasing number of digital eyes on the average person at all times, people can hardly be blamed for feeling like they’re one misfortune away from joining the ranks of Don’t…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

Ending The Great Enterprise Disconnect

Ending The Great Enterprise Disconnect

Five Requirements for Supporting a Connected Workforce It used to be that enterprises dictated how workers spent their day: stuck in a cubicle, tied to an enterprise-mandated computer, an enterprise-mandated desk phone with mysterious buttons, and perhaps an enterprise-mandated mobile phone if they traveled. All that is history. Today, a modern workforce is dictating how…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Four Keys For Telecoms Competing In A Digital World

Four Keys For Telecoms Competing In A Digital World

Competing in a Digital World Telecoms, otherwise largely known as Communications Service Providers (CSPs), have traditionally made the lion’s share of their revenue from providing pipes and infrastructure. Now CSPs face increased competition, not so much from each other, but with digital service providers (DSPs) like Netflix, Google, Amazon, Facebook, and Apple, all of whom…


Sponsored Partners