Category Archives: Top Lists

10 Useful Cloud Security Tools: Part 1

10 Useful Cloud Security Tools: Part 1

10 Useful Cloud Security Tools: Part 1

Cloud computing has become a business solution for many organizational problems. But there are security risks involved with using cloud servers: service providers generally only take responsibility of keeping systems up, and they neglect security at many ends. Therefore, it is important that clouds are properly penetration (pen) tested and secured to ensure proper security of user data.

There are many tools available that can be used to automate the process of pen testing. Most of them can be found with pen testing distributions like Backtrack or Blackbox. Here is a list of recommended tools for pen testing cloud security:

Acunetix – Web Vulnerability Scanner

acunetix 

This information gathering tool scans web applications on the cloud and lists possible vulnerabilities that might be present in the given web application. Most of the scanning is focused on finding SQL injection and cross site scripting vulnerabilities. It has both free and paid versions, with paid versions including added functionalities. After scanning, it generates a detailed report describing vulnerabilities along with the suitable action that can be taken to remedy the loophole.

This tool can be used for scanning cloud applications. Beware: there is always a chance of false positives. Any security flaw, if discovered through scanning, should be verified. The latest version of this software, Acunetix WVS version 8, has a report template for checking compliance with ISO 27001, and can also scan for HTTP denial of service attacks.

Aircrack-ng – A Tool for Wi-Fi Pen Testers

This is a comprehensive suite of tools designed specifically for network pen testing and security. This tool is useful for scanning Infrastructure as a Service (IaaS) models. Having no firewall, or a weak firewall, makes it very easy for malicious users to exploit your network on the cloud through virtual machines. This suite consists of many tools with different functionalities, which can be used for monitoring the network for any kind of malicious activity over the cloud.

Its main functions include:

  • Aircrack-ng – Cracks WEP or WPA encryption keys with dictionary attacks
  • Airdecap-ng – Decrypts captured packet files of WEP and WPA keys
  • Airmon-ng – Puts your network interface card, like Alfa card, into monitoring mode
  • Aireplay-ng – This is packet injector tool
  • Airodump-ng – Acts as a packet sniffer on networks
  • Airtun-ng – Can be used for virtual tunnel interfaces
  • Airolib-ng – Acts as a library for storing captured passwords and ESSID
  • Packetforge-ng – Creates forged packets, which are used for packet injection
  • Airbase-ng – Used for attacking clients through various techniques.
  • Airdecloak-ng – Capable of removing WEP clocking.

Several others tools are also available in this suite, including esside-ng, wesside-ng and tkiptun-ng. Aircrack-ng can be used on both command line interfaces and on graphical interfaces. In GUI, it is named Gerix Wi-Fi Cracker, which is a freely available network security tool licensed to GNU.

Cain & Abel

This is a password recovery tool. Cain is used by penetration testers for recovering passwords by sniffing networks, brute forcing and decrypting passwords. This also allows pen testers to intercept VoIP conversations that might be occurring through cloud. This multi functionality tool can decode Wi-Fi network keys, unscramble passwords, discover cached passwords, etc. An expert pen tester can analyze routing protocols as well, thereby detecting any flaws in protocols governing cloud security. The feature that separates Cain from similar tools is that it identifies security flaws in protocol standards rather than exploiting software vulnerabilities. This tool is very helpful for recovering lost passwords.

In the latest version of Cain, the ‘sniffer’ feature allows for analyzing encrypted protocols such as SSH-1 and HTTPS. This tool can be utilized for ARP cache poisoning, enabling sniffing of switched LAN devices, thereby performing Man in the Middle (MITM) attacks. Further functionalities have been added in the latest version, including authentication monitors for routing protocols, brute-force for most of the popular algorithms and cryptanalysis attacks.

Ettercap

Ettercap is a free and open source tool for network security, designed for analyzing computer network protocols and detecting MITM attacks. It is usually accompanied with Cain. This tool can be used for pen testing cloud networks and verifying leakage of information to an unauthorized third party. It has four methods of functionality:

  • IP-based Scanning – Network security is scanned by filtering IP based packets.
  • Mac-based Scanning – Here packets are filtered based on MAC addresses. This is used for sniffing connections through channels.
  • ARP-based functionality – ARP poisoning is used for sniffing into switched LAN through an MITM attack operating between two hosts (full duplex).
  • Public-ARP based functionality – In this functionality mode, ettercap uses one victim host to sniff all other hosts on a switched LAN network (half duplex).

John the Ripper

The name for this tool was inspired by the infamous serial killer Jack the Ripper. This tool was written by Black Hat Pwnie winner Alexander Peslyak. Usually abbreviated to just “John”, this is freeware which has very powerful password cracking capabilities; it is highly popular among information security researchers as a password testing and breaking program tool. This tool has the capability of brute forcing cloud panels. If any security breach is found, then a security patch can be applied to secure enterprise data.

Originally created for UNIX platforms, John now has supported versions for all major operating systems. Numerous password cracking techniques are embedded into this pen testing tool to create a concise package that is capable of identifying hashes through its own cracker algorithm.

Cloud providing vendors need to embed security within their infrastructure. They should not emphasize keeping high uptime at the expense of security.

By Chetan Soni

10 Innovative Cloud-Based Start-ups

10 Innovative Cloud-Based Start-ups

10 Innovative Cloud-Based Start-ups

The growth of cloud computing over the last five years has seen a rapid increase in the number of start-up companies in the sector. Many of these start-ups are doing unique things that are changing the landscape of the cloud industry itself and establishing themselves as new market leaders in the process.

The list of interesting companies is endless, but here we take a look at ten which grabbed our attention…

start-up-image

1. SkyKick

The launch of Microsoft’s Office 365 heralded a new era for the ubiquitous productivity suite, as the company unified its various apps into an always-up-to-date cloud service – but migration to the system could be tedious and problematic. SkyKick was launched in 2013 with the aim of helping SMEs quickly move from legacy systems to Office 365. The app can migrate everything from the legacy email system and architecture to the data and settings.

2. VigyanLabs

VigyanLabs is an Indian start-up that was founded in 2010 by a team of specialists in high-performance computing. The company provide solutions aimed at reducing the massive power consumption of global data centres. By using intelligent power management VigyanLabs can now reduce usage by up to 40 percent.

3. Nebula

With the aim of accommodating the physical scale of big data and web and mobile applications, Nebula has developed a cloud computing hardware appliance that can turn customers’ racks of standard servers into a private cloud. Built on OpenStack framework, the open source architecture is designed to help prevent vendor lock-in.

4. Piston OpenStack

After being founded in 2011, Piston OpenStack has received funding from industry leaders such as CISCO Systems and Swisscom Ventures to help develop their private cloud operating system. The system is highly scalable and focuses on ease of use and advanced security features for highly regulated environments.

5. AtomOrbit

AtomOrbit is an innovator BYOD solutions. Their flagship software – TeamFusion – has been designed around Microsoft SharePoint and provides an agnostic feature-rich user experience on a device of any size. The HTML5 web-app pulls SharePoint data like announcements, lists, calendars, blogs and events and presents it on a single dashboard.

6. CloudVelocity

CloudVelocity offers the only fully automated solution for deploying Windows and Linux multi-tier apps and services into the cloud without the need for modification or virtualization. After being founded in late 2012 the company have already raised more than $18 million in Series A and B funding.

7. Classle

Classle is an entirely cloud-based education provider. The company was founded with the idea of providing post-secondary education to people living in rural areas of third-world countries. Built using open source technologies, students can access content, attend live online classes, review audio and video recordings, ask questions and consult experts on topics they choose.

8. Codename One

Since launching in 2012, Codename One already powers 25 million devices. Operating in the rapid application development market, the platform allows developers make their apps work across iOS, Android, Windows, and RIM while only having to write the code once using Java.

9. Revolve Robotics

Working in the cloud-based teleconferencing industry, Revolve Robotics enables users to look around the room they are conferencing with, including on the opposite side of the connection. The web app allows users to design their own meeting room including personalised saved positions and titles for each team member. The camera can be controlled through any web-capable device.

10. Airpost

With the increase of BYOD it is becoming ever more important for companies to effectively monitor the various security levels of the multitude of apps being used. Airpost allows IT administrators understand all the cloud services being used in their organisation and implement advanced controls to manage and enforce security policies.

What do you are think are some of the most interesting start-ups in the cloud-based sector? Have we missed off your favourite? Let us know in the comments below.

By Daniel Price

(Image Source: Shutterstock)

10 Green Cloud Computing Hosts To Consider

10 Green Cloud Computing Hosts To Consider

10 Green Cloud Computing Hosts To Consider

With the IT industry now accounting for more than ten percent of global electricity consumption, and data centres alone accounting for almost two percent, the pressure is on businesses to use the greenest possible cloud computing providers.  Here we look the green credentials of ten of the most environmentally friendly hosts available in no particular order:

210x150-green-mountain

1. EVRY

This Norwegian hosting company is one of the largest in Scandinavia. It is also arguably the most environmentally friendly thanks to its use of the Green Mountain Data Centre. The data centre is the self-styled greenest data centre in the world, using hydropower to produce the required electricity and icy fjord water to cool the servers.

2. GreenQloud

Headquartered in Iceland, GreenQloud offers cloud computing services from data centres that are powered by 100 percent renewable energy sources – specifically hydropower and geothermal energy. Iceland’s geographic location also aids the company’s green credentials, with a year-round cold climate offering a natural coolant, and its mid-Atlantic position removing the need for multiple data mirrors. After being founded in 2010 the company has expanded to offer server hosting, online storage, backup, and cloud computing.

3. Google Compute Engine

Google’s data centres already use fifty percent less energy than a typical data centre by reducing their overhead energy (cooling, power conversion, etc.) usage to just twelve percent. Not only has the company made their own processes environmentally friendly, they also share information and best practices in a bid to improve the entire IT industry.

4. CloudSigma

Based out of Zurich in Switzerland, CloudSigma is plugged into one of the greenest electricity grids in the world – over 95 percent of Swiss energy is generated from nuclear and renewable sources. The company only uses certified carbon neutral cloud servers and has been recognised by Greenpeace for its dedication to environmental responsibility within the IT industry.

5. Dediserve

This Irish company has been pushing the green agenda since their founding in 2009. With seven data centres around the world they primarily offer hosting solutions to the European and North American markets. Their virtual servers consume less than 5 per cent of the power of a physical server, meaning just one Dediserve server rack is currently the same as 25 conventional server racks.

6. Windows Azure

Windows Azure is the Microsoft-powered cloud service. The company has been recognized as the second-largest green power purchaser on the United States Environmental Protection Agency’s Green Power Partnership list, and clients who use their data centres will see a 30 percent drop in their carbon footprint.

7. Apple iCloud

Perfect for individuals and small businesses, Apple’s iCloud uses some of the greenest data centres on the planet. The company uses 100 percent renewable energy across all its data locations, plus 75 percent at its corporate facilities. Its new North Carolina data centre is powered by a huge solar panel farm and even occasionally becomes a net power producer for a local utility company.

8. IBM SmartCloud

IBM Smartcloud offers a fully managed, highly secure IaaS cloud which is optimized for critical enterprise workloads. In 2012 27 IBM data centres were awarded ‘Participants in Data Centre Efficiency’ by the European Commission – the largest portfolio of data centres from a single company to receive the recognition.

9. Akamai

The US-based content delivery network is one of the greenest companies in its sector. For more than ten years Akamai have taken a leading role in minimizing the environmental impact of IT systems. With several initiatives in place that are continually improving efficiency, the company now boast a grade ‘A’ for Energy Transparency from Greenpeace.

10. Rackspace

Rackspace is one of the leading names in cloud hosting, yet they also have an excellent sustainability program. In 2014 their USA-based operations were named as ‘Green Power Partners’ by the Environmental Protection Agency for the second consecutive year, while their UK data centres and offices run on 100 percent renewable energy.

What do you think? Are there any green hosting companies we missed? Let us know in the comments below.

By Daniel Price

10 Excellent Cloud Applications For SMEs

10 Excellent Cloud Applications For SMEs

Cloud Applications For SMEs

Cloud applications and services are rapidly replacing traditional desktop apps in the workplace. To new users the number of apps available can be overwhelming, with hundreds of choices on everything from CRM software to Budget Management. As part of a new series here at CloudTweaks, we take a look at ten ‘must-have’ apps for SMEs. We will review each in detail over the coming weeks.

Asana 

Good project management software is typically very expensive, but SMEs can eliminate that cost with Asana. The free app styles itself as a ‘collaborative information manager’ and allows users to manage work projects, personal projects, and events in a well-design and easy to navigate interface.

MailChimp

Mailchimp is a cloud-based service that manages e-mail marketing campaigns and newsletter production. The app is supported by Google Analytics to aid performance measurement, and it also integrates with other popular SME apps such as Batchbook CRM, Zendesk and Shopify.

Evernote

No list about useful apps for SMEs would be complete without the ubiquitous Evernote. The app is widely considered to be the best the best organisational program available, allowing users to store and sort their notes and files whilst indexing them for easy search and retrieval. The app syncs across all your devices, meaning your information will always be close to hand.

Mozy

With six million users, Moxy is one of the best-known alternatives for cloud backup. Although not free, the service continuously backs up the files on your computer or server, meaning SMEs will always be protected from potential data loss. Files are also encrypted using military-grade 256-bit AES key security, making then one of the most trusted names in cloud backup.

Capsule CRM

While it may lack so of the features of Salesforce, Capsule CRM is also considerably cheaper. The full version of this app is only $12 pcm/per user, compared with $75 pcm/per user for its better-known cousin. Features include the ability to store 50,000 contacts, categorise data, track activities, and manage ‘sales pipelines’. Capsule CRM is also fully integrateable with Google Apps.

Skype

Again, no list about apps for SMEs is complete without the industry-leading VOIP service. Skype users can call other Skype subscribers for free, and for a small cost can also call external phones, conduct video conferences, and receive in-bound telephone calls.

FlashPanel

Flashpanel is a cloud management and security tool for Google Apps. Administrators have access to a range of security settings, including the ability to manage passwords, control user access, set and enforce email settings, and control users’ sharing of Google Drive files.

Expensify

Expensify helps users track and categorise their expenses, and after launching in 2008 now processes over $2 million of expenses every day. You can attach receipts to costs, fill-out expense reports for company reimbursements, and manage business mileage, all while meeting IRS regulations for record keeping.

FreshBooks

FreshBooks is a cloud-based invoicing and financial-tracking app. Users can create invoices, track expenses, produce billing reports and charts, and process payments. Although the app lacks a payroll feature, it is perfect for individual entrepreneurs or small businesses with a handful of clients.

Zendesk

For businesses that require a strong focus on customer service, Zendesk is a must-have.  Widely considered to be the fastest and easiest cloud tool for providing excellent customer service, Zendesk is used by more than 40,000 businesses worldwide. The app has many features, including measuring customer satisfaction, streamlined ticket-views and performance benchmarking.

What do you think? What apps does your SME rely on? Let us know in the comments below…

By Daniel Price

3 Missing Cloud Implementations In Mobile Technology

3 Missing Cloud Implementations In Mobile Technology

3 Missing Cloud Implementations In Mobile Technology

I like the mobile technology that surrounds us. I’ve gotten to the point where I wouldn’t function to the same level without my phone, and I don’t even think that’s a bad thing – hey, if a couple of years ago we could have carried our desktop PCs around with us, I bet everybody would’ve jumped at the opportunity. In previous articles, I have talked about how much the mobile industry has advanced by implementing cloud computing. While this is definitely true, it’s still quite a long way from being perfect. Here’s what is left to be introduced, in my opinion:

Backing up app data. In the past few months I went through a couple of Android phones. Unlike the older iPhones, where you had to manually install every app on your phone after going through a software update or switching your phone, this time it was a lot easier: I just had to sign in with my Google account and the apps I had on the previous installation started to pour in from the cloud. The only way I would improve on this would be if all of my app data synced as well – and apps have started to do this by syncing your account with the cloud. However, we’re not there yet, and for a ton of apps you simply lose all of your data.

A proper file management system. And I’m not talking about the files on your phone. I want the stuff from Minority Report, a system where you just “throw” files from one screen to the other. This point is beginning to be true, though, as there are some apps that are already available which kind of do this. But I’d like a more in-depth implementation into the software!

Sci-fi

(Image Source: Shutterstock)

Better yet, better PC integration. And I don’t mean just file management. I’m waiting for a time when your phone will become an extension of your computer, a unified solution which makes your mobile gadget a small extension of your display. This would be easily achievable with cloud computing, and it would make life so easy – got to go somewhere? Grab your phone and don’t even stop what you’re doing on your computer.

Basically, what I’m trying to say is this: we’ve come very far until now in terms of mobile computing, and most of that progress has been due to the cloud. In my opinion, we’re just three steps away from living the way ‘80s and ‘90s Sci-Fi envisioned us, and I think we only need a bit more time to get there.

By Andrei Maguleanu

Moving Beyond Cloud Management To Cloud Portfolio Management

Moving Beyond Cloud Management To Cloud Portfolio Management

Moving Beyond Cloud Management to Cloud Portfolio Management

Virtually every enterprise will be leveraging a portfolio of public and private clouds – whether by strategy or circumstance. In the 2013 – State of the Cloud survey, RightScale found that larger organizations are choosing multi–cloud (77 percent) with the majority of those (47 percent) choosing hybrid cloud strategies.

The ability to successfully manage and optimize your portfolio of applications across your portfolio of clouds will make the difference in how much business value IT can deliver to your organization. Cloud Management is an important piece of the puzzle, but companies are looking for more.

Workloads

In order to deliver the significant business value
 that a cloud portfolio can provide while ensuring the necessary level of governance, enterprises require new approaches. Cloud Portfolio Management (CPM) is a new type of solution — designed to help companies capitalize on this growing array of cloud technologies.

Cloud Portfolio Management solutions provide a comprehensive set of management capabilities
 that span all aspects of cloud usage across a broad variety of cloud options, going well beyond what vendor-specific public or private cloud management features provide. CPM solutions are designed to provide the enterprise with a single pane of glass to manage a portfolio of applications and optimize usage across a portfolio of clouds. They enable companies to choose the right cloud — public
 or private — for each application and to move applications between clouds as circumstances change. And they prevent lock-in and provide investment flexibility.

Here are six key characteristics of a Cloud Portfolio Management (CPM) solution. 

1) Abstracting Multiple Clouds

For the greatest efficiency and control, large companies abstract the significant differences between public and private clouds – and use a consistent management solution across these disparate environments. A Cloud Portfolio Management (CPM) solution allows you to operate seamlessly across varied cloud services and private cloud environments. Each cloud will differ in a wide variety of characteristics, including APIs, behaviors (for example how clouds provision storage differently), resource sizes and types, and security capabilities.

2) Delivering Self-Service IT

A critical requirement of enterprise cloud initiatives is to provide developers and application teams with self-service access to cloud services. Enterprise developers often face 4-8 week delays for the approval, purchasing, and provisioning of servers. Shadow IT has emerged as a reaction by developers and the business units they serve to these significant delays. Self-service access to cloud decreases the time it takes to access infrastructure from months to minutes, unleashing innovation and helping to speed new products to market. In order to deliver self-service capabilities and bring shadow IT into the fold, central IT organizations need to provide the same easy access to infrastructure that developers have come to expect from public cloud services. Internal users are unlikely to be satisfied with modest improvements to lengthy waits when they can take advantage of ever-increasing public cloud options.

3) Providing Governance and Controls

Many CIOs have little or no visibility into existing shadow use of cloud resources. As enterprises embrace self-service access to cloud infrastructure, IT organizations also need to ensure that they have visibility and governance across their portfolio of public and private clouds. The first challenge is to gain visibility across all cloud usage. Enterprises need a comprehensive view of which applications have been deployed in which clouds. In addition, they want to easily see how each application is architected, which technology components were used, and what security configurations are in place. To comply with regulations and internal policies, companies also need access to detailed audit trails that track every change.

The second challenge is putting in place appropriate governance controls. This includes identity and access controls that define what each user can do as well as budget controls that ensure costs stay within approved budgets.

4) Automating Lifecycle Management

Cloud Portfolio Management (CPM) provides a platform to manage cloud-based applications across their entire lifecycle — from development and test to staging and production – with full visibility and version control. CPM also supports modern practices including agile development, continuous deployment, dynamic configuration, and DevOps. As organizations seek to gain control over VM sprawl, best practices for application deployment have evolved to dynamic configuration of servers using such tools as Chef, Puppet, and Salt. These tools enable the creation of consistent, repeatable, and clone-able servers and deployments. CPM solutions will support a choice of configuration management tools while providing support for the unique requirements of multiple clouds. CPM solutions should offer out-of-the-box configuration templates with the ability to customize or create new templates that meet the specific requirements of the organization. Version control helps companies to manage changes over time and ensure consistency from development through production.

5) Deliver Application SLAs

Cloud environments require new and innovative approaches to ensure that applications meet required SLAs. A CPM solution helps organizations to architect and automate applications to deliver both scalability and reliability. Cloud-based applications can be scaled horizontally by adding more instances to an application tier and scaled vertically by upsizing instances. Cloudbursting among cloud resource pools can help to provide additional flexibility as application demands grow. CPM solutions can act as a key foundation by enabling all three scaling options. In addition, cloud experts know that it is critical to plan for failure. Outages are inevitable – whether you are using a public cloud, your data center, or an outsourced provider. Spreading risk across vendors is a critical requirement for your CPM solution. In addition, to ensure that you can automate failover and DR strategies in the event of a cloud outage, a SaaS-based CPM solution will ensure that your management plane is operating even if your private or public cloud is experiencing problems. As a result, you can increase reliability and deliver SLAs.

6) Managing and Optimizing Costs

Cost management is an essential component of managing the financial options and impacts of a cloud portfolio strategy. As business units embrace the value that cloud delivers, usage and costs can easily spiral if not carefully managed and continuously optimized. The variable cost model of cloud computing introduces significant opportunities for savings, but also requires new approaches to minimize waste and optimize your spend. Users can often overprovision capacity or forget to de-provision temporary resources. A cloud cost analytics solution provides visibility into past, present, and future cloud usage and provides the critical information needed to manage spend. A cost management solution enables enterprises to do “what if” analysis on different deployments, clouds, and purchase options (on-demand cost vs. pre-purchased cost scenarios, for example).

Cloud Portfolio Management is a critical technology foundation that will support enterprise multi-cloud strategies and help drive innovation, growth, and efficiency. By implementing a CPM solution, IT teams can deliver self-service access to cloud services while maintaining the necessary governance, control, and cloud cost optimization. Understanding the role of CPM will help you deliver on your multi-cloud strategy and help your organization innovate and grow.

By Bret Clement,

Bret Clement manages global communications at RightScale. With RightScale Cloud Management, IT organizations can deliver instant access to a portfolio of private, public, and hybrid cloud services across business units and development teams while maintaining enterprise control.

Eight Interesting Facts About Google Glass

Eight Interesting Facts About Google Glass

Eight Interesting Facts About Google Glass

Google Glass is rapidly becoming the most desirable, trendy, and ‘must-have’ wearable technology on the market.

With the device set to go on general sale later this year, we take the opportunity to look at eight interesting facts about this revolutionary new gadget.

1. Features

The design might be super-slick, lightweight and robust, but this doesn’t mean the device lacks features. The model includes Bluetooth, Wi-Fi, GPS, speakers, a camera, microphone and touchpad – giving wearers the ability to stay connected and up-to-date regardless of where they are or what they’re doing.

2. Right Eye Only

At present the device only has a screen visible in the right eye. For those who are partially-sighted or have one eye that is significantly stronger than the other, this could be problematic. Google has no plans to release either a left eye or dual-eye version.

3. Voice Activated

Several apps can be activated using the built-in microphone. Google Now allows users to ask the device to quickly check the latest flight details or traffic congestion, and commands such as ‘Take a Photo’ and ‘Call Richard’ will upload photos to the cloud via Google Plus or stream your view to friends respectively.

4. Going Abroad?

Have you have gone on a vacation or business trip and been unsure of what that word on the menu is? Google Glass helps users negotiate foreign lands by not only instantaneously translating words, but also converting measurements, weights and currencies in real time.

5. No Speaker

Google Glass does not have a speaker or headphone included. Instead, when speaking on a conference call or doing some activity which requires sound, the device uses a ‘Bone Conducting Headphone’ (BCH). The BCH uses vibrations to send sound through your skull directly to the receptors in your ear. At present, stereo sound is not supported.

6. Blurring the boundaries of art and technology

David Datuna has become the first artist in the world to integrate artwork with Google Glass. His ‘Portrait of America’ uses GPS locators beneath the canvas so that when viewed through Google Glass it begins to play more than fifty video or audio clips about famous American icons.

7. Never Get Lost Again

Google Glass makes fantastic use of its cloud-based map service. In practice, this means you can receive in-vision directions to a destination, whilst receiving updates about distance travelled, time of arrival and in-journey conditions as you move.

google-glass

8. It’s Not Really a Pair of Glasses

They might look and feel like glasses, but they are many ways Google Glass differs from a normal pair of specs. For example, the glass cannot be folded and requires an (expensive) special case for transportation, it only comes in one size and cannot be adjusted to fit the wearer, and there is no way to clip on a visor to protect your eyes from the sun.

By Daniel Price

3 Ways To Protect Your Financial Data

3 Ways To Protect Your Financial Data

3 Ways To Protect Your Financial Data

Cybersecurity

Recent retail foibles have us all a bit on edge about our personal data. High-profile security breaches at Target and on SnapChat remind us it can happen anywhere, to anyone. It leaves us marveling a bit (not in a good way) at how a simple transaction can cause a great deal of angst in the weeks after it.

I never go to Target,” one friend said at a post-holiday party to me. “But I did just before Christmas. Not even for gifts, but for shampoo. And I used my debit card.

“So now, I’m checking my statement every day, calling about the balance, hoping the bank is also keeping an eye out for me …”

Retailers and social-media administrators work hard to protect your data, and breaches like the ones Snapchat and Target recently experienced are nightmares for those entities. The problem is, hackers and scammers work just as hard to beat the system and get to your data.

There’s no such thing as “hacker proof,” it turns out.

Here’s what happened

1. Target

Hackers accessed data for as many as 40 million credit and debit cards used at Target locations in December, including encrypted data that contained personal identification numbers. Target claims the PIN data is not at risk, but cybercrime experts still warn against potential of risk.

Action: Target offers free credit monitoring for those who might have been affected by the breach. If you were affected, that’s not much help now, but at least you’re protected from another attack.

2. SnapChat

This photo-messaging app predicated on privacy – messages disappear after they’re seen – was breached with a “find friends” feature that revealed data for 4.6 million users. Although this breach had no financial implications, the compromise was of concern to many SnapChat customers.

Action: Site administrators issued a new version of the app that allowed users to opt out of the “find friends” feature.

Here’s what you can do to protect yourself

Here are three things you can do today to help keep yourself a step ahead of the bad guys.

1. Register for free credit monitoring

Companies such as Credit Karma will protect against identity theft and unauthorized purchases. It monitors your credit nightly, and sends an email if anything unusual appears, including new accounts opened in your name. Credit Karma also safeguards against inaccurate credit reports.

Bonus: In the market for financial services? Credit Karma also offers consumer reviews for credit cards, mortgages and insurance purchases too.

2. Protect your data—physically and online

Your social security card should never live in your wallet. Also, your passwords and usernames shouldn’t be kept on a piece of paper, in your wallet, car or home. Never give out your social security number to anyone who calls you and claims they’re from your financial institution.

Banks, credit card providers, and utility companies will never do that. In the wake of the Target breach, companies like Verizon and Wells Fargo have even proactively notified their customers that they never solicit information via email or phone call.

Bonus: Multi-platform app LastPass manages and encrypts passwords across all your services.

3. Set up mobile alerts

Some financial institutions, such as Citizens Bank, offer mobile alerts of any account activity. These services will send you a message if your account balance dips below a specified amount, signal a check clearance, and even send your five most recent transactions on a schedule you set.

Most national banks and large credit card companies offer similar services, so take advantage of them.

Bonus: Consider changing your debit card’s PIN number on biannually or annually, or if you suspect your information was released in a breach like Target’s. Although PIN information is encrypted once you enter it on the keypad, it’s good peace of mind to actively change the first wall of defense from someone withdrawing money in your name from an ATM.

4. Protect your network

Keep your electronic data safe from prying eyes at home by securing your WiFi network. Many Internet providers include wireless routers with their service. Setting a protected network is easy, and worth the five minutes spent.

Data stored on the cloud is vulnerable to hackers. Massachusetts Institution of Technology researchers have developed protection against hacks to memory-access pattern analysis (the means by which computers store and access data) by broadcasting false information to remote server data requests.

Bonus: When you don’t have other people jumping on your wireless service, you could experience faster speeds. Lock up that wireless signal!

By Alexis Caffrey

Alexis is a freelance writer with a focus on technology, new media, and design . You can reach Alex via @AlexisCaffrey or alexiscaffrey.com.

CloudTweaks Comics
Cloud Infographic: The Explosive Growth Of The Cloud

Cloud Infographic: The Explosive Growth Of The Cloud

The Explosive Growth Of The Cloud We’ve been covering cloud computing extensively over the past number of years on CloudTweaks and have truly enjoyed watching the adoption and growth of it. Many novices are still trying to wrap their mind around what the cloud it is and what it does, while others such as thought…

Driving Success: 6 Key Metrics For Every Recurring Revenue Business

Driving Success: 6 Key Metrics For Every Recurring Revenue Business

Recurring Revenue Business Metrics Recurring revenue is the secret sauce behind the explosive growth of powerhouses like Netflix and Uber. Unsurprisingly, recurring revenue is also quickly gaining ground in more traditional industries like healthcare and the automotive business. In fact, nearly half of U.S. businesses have adopted or are planning to adopt a recurring revenue model,…

The Monstrous IoT Connected Cloud Market

The Monstrous IoT Connected Cloud Market

What’s Missing in the IoT? While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies continue to battle to decide who will be the epicenter of the smart home of the future, creating separate ecosystems (like the iOS and Android smartphone market) in their wake.…

Cloud Computing Checklist For Startups

Cloud Computing Checklist For Startups

Checklist For Startups  There are many people who aspire to do great things in this world and see new technologies such as Cloud computing and Internet of Things as a tremendous offering to help bridge and showcase their ideas. The Time Is Now This is a perfect time for highly ambitious startups to make some…

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

Ambitious Startups An oft-quoted statistic, 50% of new businesses fail within five years. And the culling of startups is even more dramatic, with an estimated nine out of ten folding. But to quote Steve Jobs, “I’m convinced that about half of what separates the successful entrepreneurs from the non-successful ones is pure perseverance.” So while…

Is The Fintech Industry The Next Tech Bubble?

Is The Fintech Industry The Next Tech Bubble?

The Fintech Industry Banks offered a wide variety of services such as payments, money transfers, wealth management, selling insurance, etc. over the years. While banks have expanded the number of services they offer, their core still remains credit and interest. Many experts believe that since banks offered such a wide multitude of services, they have…

Moving Your Enterprise Apps To The Cloud Is A Business Decision

Moving Your Enterprise Apps To The Cloud Is A Business Decision

Moving Your Enterprise Apps Whether it be enterprise apps or any other, if there is any heavy data that is going to be transacted in and through an app, then affiliating it with the Cloud becomes a must. And then an important question arises: How do you decide when to integrate your enterprise app with…

Cloud Infographic – Cloud Public, Private & Hybrid Differences

Cloud Infographic – Cloud Public, Private & Hybrid Differences

Cloud Public, Private & Hybrid Differences Many people have heard of cloud computing. There is however a tremendous number of people who still cannot differentiate between Public, Private & Hybrid cloud offerings.  Here is an excellent infographic provided by the group at iWeb which goes into greater detail on this subject. Infographic source: iWeb

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Cloud Compliance  Regulatory compliance is an issue that has not only weighed heavily on the minds of executives, security and audit teams, but also today, even end users. Public cloud adds more complexity when varying degrees of infrastructure (depending on the cloud model) and data fall out of the hands of the company and into…

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs

Cloud Computing And SMEs SMEs (Small/Medium Sized Enterprises) make up the bulk of businesses today. Most cloud based applications created today are geared toward the SME market. Accounting, Storage, Backup services are just a few of them. According to the European Commission, cloud based technology could help 80% of organisations reduce costs by 10-20%. This infographic provided…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information Officer of the United States was announcing a major Cloud First goal. That was 2011. Five years later, as both the private and public sectors continue to adopt cloud-based software services, we’re interested in this…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Four Recurring Revenue Imperatives

Four Recurring Revenue Imperatives

Revenue Imperatives “Follow the money” is always a good piece of advice, but in today’s recurring revenue-driven market, “follow the customer” may be more powerful. Two recurring revenue imperatives highlight the importance of responding to, and cherishing customer interactions. Technology and competitive advantage influence the final two. If you’re part of the movement towards recurring…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…