Weekly App

For many years now, the encryption of data within the enterprise has been a standard requirement. More recently however, organizations that have begun outsourcing various IT resources to the cloud have begun to discover that the established techniques for securing data that they have relied upon for so long are inadequate in a cloud environment. In this article, I will explain why this is the case and what you can do to make data stored in the cloud more secure.

Storage Security vs. Transport Security

Regardless of whether an organization stores data locally or in the cloud, there are two main fronts in the battle to protect that data. Data must be protected when it is at rest, and when it is in motion.

Protecting data that is at rest falls into the realm of storage level security. Simply put, a mechanism such as file level encryption or volume level encryption needs to be used to prevent unauthorized access to the data.

Protecting data in motion refers to safeguarding data that is being sent across the wire. This is completely different from storage encryption. When a user attempts to access data from an encrypted volume over a network there are processes that occur to ensure that the user has the necessary rights (these processes vary widely depending on the type of encryption that is being used). Assuming that the user has the necessary permissions, the requested file is decrypted and sent to the user. Often times however, the decryption process occurs before the file is sent across the wire, leaving the data vulnerable to packet sniffing attacks.

The only way to adequately protect your data is to provide storage encryption and transport encryption. In a cloud environment, transport encryption is almost an afterthought. Pretty much all cloud service providers provide transport level encryption as a standard feature whether it be HTTPS, TLS, IPSec, or something else. However, cloud service providers often provide minimal protection for stored data, shifting the burden of storage security to cloud subscribers.

Don’t get me wrong. I’m not saying that cloud providers don’t do anything to protect stored data. However, the degree of protection that is provided depends on what type of cloud is being used (SaaS, IaaS, PaaS, etc.), and on which company is providing the service.

Software as a Service

When it comes to secure storage within the cloud, Software as a Service (SaaS) is the type of cloud that generally provides the fewest security options. As I’m sure you know, the idea behind SaaS is that you can run applications in the cloud (often through a Web browser) rather than installing the application locally.

At first it may seem as though storage would not even come into the picture for SAAS clouds, but often times SaaS providers require you to store application data with them. For example, Microsoft Office 365 includes a cloud based version of Exchange Server. Organizations who decide to use this use the hosted Exchange component have no choice but to store mailbox data within an Exchange Server database that resides in the cloud.

Some SaaS providers do allow you to store data locally, but doing so isn’t usually the default behavior for such applications. For instance, Google Docs will allow you to store document files on your own computer (or network file share), but the default behavior is for documents to be saved to the cloud.

When you subscribe to a SaaS cloud, there isn’t normally going to be any kind of settings that you can tune to make data storage more secure. You are at the cloud provider’s mercy to store your data in a secure manner. As such, the key to protecting your data is to ask the provider detailed questions about their security before you sign up for the service.

My experience has been that a SaaS provider will give you some information about their security measures, but won’t go into great detail because disclosing too much information about security practices constitutes a security risk. For example, a provider may tell you that they use file system encryption and they might even go so far as to tell you that their encryption is based on 256-bit AES, but a security conscious provider won’t tell you what kind of mechanism is being used to facilitate the encryption. Keep in mind however, that if a provider can’t (or won’t) give you enough information to assure you that your data truly is secure then nobody is forcing you to run the application in the cloud. You might be able to install the application locally instead or use a competing service.

Infrastructure as a Service

Although SaaS clouds don’t usually give you many options for protecting stored data, IaaS clouds provide organizations with a much higher degree of control. For the benefit of anyone who may not be familiar with IaaS, it is essentially an environment in which organizations are able to create infrastructure components in a manner similar to what would be done locally. IaaS clouds typically allow administrators to create, configure, and manage virtual servers through a Web interface. Aside from the fact that these servers exist in the cloud, they are practically identical to the infrastructure servers that you might deploy on premise.

Organizations that store data on a virtual server in an IaaS cloud must usually take responsibility for securing their own data. Sure, the cloud provider has firewalls in place as well as a few other basic security mechanisms, but it is important to remember that these mechanisms usually exist as a way of protecting the cloud service provider’s infrastructure rather than guaranteeing that subscribers receive top notch security.

Any organization that stores data on a server in an IaaS cloud must take measures to prevent data leakage. Simply put, you need to make sure that no one is allowed to access your data without the proper authorization. In order to achieve this goal, you need to understand a little bit about how your data is actually stored and what the risks are that could potentially result in data leakage.

Unlike a traditional enterprise datacenter, cloud service providers are multi-tenant, meaning that cloud providers are able to keep their rates low because servers are shared among multiple subscribers. Of course this doesn’t mean that each subscriber has access to every other subscriber’s data. The cloud provider puts boundaries in place to ensure that each subscriber is only able to access their own data.

Even so, the very fact that cloud data centers are multi-tenant lends itself to the possibility of data exposure. Imagine for example that you subscribe to an IaaS host and set up a cloud based file server. The server that you create is actually a virtual machine (usually running on VMware) that is linked to a SAN, which provides the actual storage. Now imagine that later on you decide that you want to bring all off your data back in house. You move the data and delete the virtual file server. What happens to your data?

Presumably when you get rid of the virtual machine its virtual hard drives are removed as well. At that point however, the space that was previously occupied by your data is available for use by any of the cloud service provider’s other subscribers. Therefore, imagine that someone with bad intent opens up an account with the cloud provider and creates their own virtual server. In an IaaS environment there is nothing stopping this person from performing a block level scan of their virtual hard drives to see if any of the previous subscriber’s data still exists.

The lesson here is that whenever you decommission a virtual machine, you should perform a secure format on all of its data volumes prior to deleting the machine. However, performing a secure format alone does not fully address this issue. After all, cloud providers routinely replace hard drives as they fail or as the provider requires additional capacity. Unless a cloud provider physically destroys their old drives there is a chance that the data on those drives could fall into the wrong hands.

One way that you can prevent the leakage of your data in these types of situations is to encrypt all of the data on the virtual hard drive. There are several options for doing so. For instance, you could use NTFS encryption if you are only interested in encrypting specific folders. Another option is to use BitLocker encryption to encrypt an entire volume. Of course there are also a number of third party encryption products, and some IaaS providers even offer hardware level encryption of virtual hard drive files.

Who Can Access Your Data?

It is easy to think of secure storage solely in terms of preventing unauthorized access to the storage medium containing your data, but believe it or not you also need to be concerned about your data being accessed by those who have the proper authorization. This might include the cloud service provider’s staff or even law enforcement.

One of the big problems with cloud services is that the cloud service provider’s data center could physically reside anywhere in the world. For example, I live in the United States, but some of my data resides on a server in the United Kingdom.

Having your data stored on a server that’s half way around the world isn’t a problem in and of itself. The problem is that different countries have very different privacy laws. Some countries may have laws that allow the authorities to inspect (or even seize) your data at will. Likewise, there are undoubtedly countries in which it is legal for the cloud service provider’s employees to access your data.

The best advice that I can give you is to avoid cloud providers who house data in third world countries with dubious privacy laws. You should also watch out for providers that are based in one country, but who operate datacenters in a different country. Situations like these can make it difficult to determine which country’s laws take precedence when it comes to protecting your data.

Regardless of where a cloud service provider’s datacenter is physically located however, it is critically important to read the service provider’s privacy policy and their service contract. These documents will tell you exactly what you can expect from the service provider and how they are allowed to use your data. You might be surprised by what is in the service contract.

When cloud computing first started to be offered, there was one provider whose service contract actually stated that any data that you store in the cloud becomes the provider’s legal property. Whenever a subscriber would try to cancel their service contract, the service provider would threaten to delete their data. Even though this provider went out of business a few years ago, there may be other providers who would attempt similar practices.

Backing Your Data Up

I have read articles and blog posts that have suggested that everyone needs to move all of their data to the cloud so that they no longer have to worry about the hassles of backing that data up. However, you can’t just assume that all of your cloud data is being backed up unless backups are guaranteed in writing as a part of the service level agreement.

As a general rule SaaS providers will back up your cloud data for you, but those operating in an IaaS cloud are usually responsible for their own backups (although some providers will back everything up for you for an additional fee). Remember, if you subscribe to an IaaS cloud then all you are really doing is leasing server resources. What you do with those resources is up to you, and it is your responsibility to come up with a plan for backing up data that is stored in an IaaS cloud. I have actually heard stories of some organizations backing up data from an IaaS cloud to a SaaS based backup service.

Final Thoughts on Cloud Models

As you can see, there are different requirements for securing data depending on which cloud model is being used. Keep in mind however, that cloud services are not an all or nothing proposition. In the real world, it is becoming increasingly more common for organizations to subscribe to multiple clouds of varying types from multiple service providers. As such, you may have to use several different methods to protect your cloud data.

About 2X

2X Software offers tailor-made, easy-to-implement and cost-effective server based and virtual computing solutions, including the award-winning 2X VirtualDesktopServer and 2X ApplicationServer, as well as the 2X ThinClientServer and 2X LoadBalancer. With their trademark affordability and simplicity, as well as the unique 2X per-server licensing model, 2X products unlock the full potential of virtualization platforms by improving desktop manageability, security and performance. For more information, please visit: http://www.2x.com/.

Source: Brien Posey, IT Expert

1. Look for Influencers

Look for online influencers in your market who have quality audiences and are likely to be interested in your products, services and business. Connect with those people and work to build relationships with them.

2. Focus

Focus is key! It’s better to specialize than to be a jack-of-all-trades. A highly-focused social media and content marketing strategy intended to build a strong brand has a better chance for success than a wider strategy. Don’t attempt to do all things to all people.

3. Quality

It’s good to have 100 online connections who read, share and talk about your content with their peers than 1,000 connections who disappear after connecting with you the first time. That means Quality trumps quantity. You must add value to the conversation. Focus less on conversions and more on creating amazing content and developing relationships with online influencers

4. Be Patient

You need to commit to the long haul to achieve results in social media and content marketing.  Success doesn’t happen overnight.

5. Finding new entry points

This sharing and discussing of your content opens new entry points for search engines like Google to find it in keyword searches. Those entry points could grow to hundreds or thousands of more potential ways for people to find you and your business online.

If you publish amazing, quality content and work to build your online audience of quality followers, they’ll share it with their own audiences on Twitter, Facebook, LinkedIn, their own blogs and more. Do the same for others also.

Source: Innodeas

Singapore government has established a standard that puts in place the necessary policies, systems and processes to improve data centre energy efficiency and mitigate environmental impact. With Singapore set to become the data centre hub for the Asia-Pacific region, this is a very solid step to ‘Green Data Centres’.

The standard is named as the Singapore Standard for Green Data Centres – Energy and Environmental Management Systems (SS564:2010), it is a certifiable management system developed by the IT Standards Committee together with the Infocomm Development Authority of Singapore (IDA) and SPRING Singapore. It provides data centres with a framework and methodology to achieve energy efficiency. This was announced at the Green Data Centre Forum on 31 March 2011

Modelled after established international system standards, the Singapore Standard is based on a continual improvement framework which includes recommended metrics for data centres to measure and track their performance in energy efficiency, and identify the potential areas for improvement. These standards will help data centres manage their mechanical and electrical systems, IT equipment and data centre design.

The first seven organisations to adopt the Singapore Standard are 1-Net, National Library Board, Singapore Telecommunications, Resorts World Sentosa, IBM, Keppel Datahub, and the Nanyang Technological University High Performance Computing Centre.

Innodeas strive to be part of this ‘Green’ drive and will always follow and support ‘Green’ initiatives.

Source: Innodeas

Even though the financial system has gotten much more tough, there are even now plenty of jobs for university graduates available. You just have to maintain in your toes, retain a wholesome and positive outlook, and work as hard while you can to get them. Graduate employment you should not grow on trees anymore. There was a time in which everyone that has a graduate diploma in something could obtain a work quickly. Those times are gone. These days, particularly for those who have a liberal arts key, you really should hustle for that employment. After all, with much more men and women going to schools along with the economy not doing quite properly, there’s intensive opposition for your graduate work that exist.

The very first graduate task that I got was not very remarkable. Fundamentally, I was working part-time as being a tutor. It had been at certainly one of those big tutor mills with offices throughout the country. I used to be teaching SAT check prep to high college youngsters and never generating plenty of income. I realized that, with a college education, I could do a lot more. It was only a make any difference of finding every thing as a way.

For starters, I tweaked my resume. I cannot overestimate the importance of doing this to acquire very good graduate employment. Soon after all, you’ll find lots of men and women who can do the work. What separates the contenders through the has-beens is possessing a slick, expert presentation, and this starts together with your resume. Following that, I signed up for some task search engines. Career search internet sites are fantastic. Rather of sending your resume out to a dozen employers, you are able to allow it to be accessible to hundreds of them. This is the perfect way to open up new opportunities for graduate work.

It took some time till I discovered a graduate task that I genuinely liked. Some of the graduate careers that I worked for right after the tutoring center were not a lot greater, but I knew I used to be shifting within the right route. Eventually, I found the right task. I got work in a very newspaper, carrying out local reporting. It didn’t pay properly, and it wasn’t exactly exactly where I wished to be, but I realized it could consider me there. Within several decades using my expertise using the English language, I may be a genuine reporter in a very national periodical. Considering that then, I’ve genuinely begun going places. I refused to present up in my search for graduate employment, and I last but not least found some good possibilities.

creative web design Your choice of either professional letterhead artwork or Word templates supplied on a disc.

Write my essay Need unique essay? Our professionals are at your service.

Economic Homework Help Tutorskingdom.com provides assignment help and homework help for Math assignment and Statistics homework help. We are your homework helper for college assignment and high school homework help.

Website DesignsBusinessPro Designs develops websites which add substantial values to your venture. Adapting the SEO and SMO marketing tools, we increase your revenues. Explicitly designed Ecommerce sites ensure a positive growth.

Intrusion Detection Software Firewalls protect networks from the outside-in. However, over 80% of successful cybercrime and hacker attacks happen behind firewalls, on the inside of networks. NACwalls protects networks from the inside-out. Designed for SMBs to protect their internal, headquarters, branch and remote office networks with 25 network devices up to 100,000 included wired and wireless, NACwalls provide enterprise-class functions that are easy to deploy, cost effective and help SMBs secure their internal networks at a fraction of the cost of competition.

Magento Nottingham Web design and development of bespoke eCommerce online shopping websites by Absolute Design, a combined brand consultancy and web design agency in Nottingham, East Midlands

Language Translations Axis Translations offers professional language translation services by expert translators for all languages. Get an Accurate, On-time and Cost-Effective Translation Service on demand.

The formal release of IntelliJ IDEA 10.5 came out this month, and the new Groovy features are all part of the free and open source Community Edition, and the Grails features are part of the Ultimate Edition. IDEA X (or 10 to you non-Romans) was a larger release of the product, and I already blogged about IDEA X for Groovy and IDEA X for Grails. There’s still plenty of nice features in 10.5 though. The prices for IDEA recently dropped between $100 and $50, and anyone purchasing IDEA since last November gets 10.5 as a free upgrade.

Here’s what 10.5 is all about (or skip straight to the release notes).

Groovy 1.8 Support

A big push in IDEA 10.5 was Groovy 1.8 support. Groovy 1.8 contains many compile time AST transformations that do things like write out new methods and fields into the Groovy .class files. Normal IDEs will show in-IDE compile errors when using these annotations yet still allow you to compile and execute the script. This has been fixed in IDEA, so the IDE should give you proper code completion and support when you use @Field, @TupleConstructor, and @Log. This is especially helpful when invoking these synthetic members from Java code.

Introduce Parameter and Introduce Field Refactorings

Introduce Parameter is one of my favorite refactorings. Select a local variable within a method, press Ctrl+Alt+P, and the local variable is extracted into a method parameter. It doesn’t yet work for closures, but you can vote for that feature. Introduce Field is also handy: select a local variable in either a method or a closure, press Ctrl+Alt+F, and the local variable is extracted into a field on the enclosing class. IDEA is not capable of extracting a field in a script yet, which would logically create an @Field script field, but feel free to upvote the issue.

Go To Test (and vice versa) Support

Tests and production source follows a naming convention, for example MyClass and MyClassTest. You can now press Ctrl+Shift+T to jump to the test (if you’re in production code) or jump to the production code (if you’re in the test). And if there is no test, then it will prompt you to create a new one. This works great in most cases. Of course, with Groovy it is not so rare to have several top-level classes in a single source file. In these cases the feature can sometimes get confused. Upvote the fix here if you want it to be just that much smarter in the future.

More Code Completion and Intentions

The “add static import” intention is nice for those who use a lot of static imports. Just set your cursor in a constant referenced from your code, press Alt+Enter, and viola… the constant is statically imported. Also, code completion is now available when creating an object using named parameters, which makes them a little easier to use. A whole bunch of other code completion issues were fixed as well, but these were technically marked as bugs not features. You can always peruse the release notes to see the whole story.

Performance

JetBrains claims that file indexing (typically at IDE startup) is now faster and that working with large Groovy files is more performant. It is hard for me to see a difference since I use the EAP versions and don’t currently work on any massive projects currently.

Grails Code Generation & Completion (Ultimate Edition)

Some small but nice things here. If you reference a controller action from a GSP, and that action does not exist, then pressing Alt+Enter creates an empty action for you. Also, the type inference for values on the GrailsPlugins has been improved, such as the closure parameters for doWithApplicationContext, doWithDynamicMethods, etc, and code completion for controllers and action in custom plugins are now discovered automatically. Finally, the code inside <r:script> tags from the Grails Resource plugin is now parsed as JavaScript, so full IDE JavaScript is available within them. This is supposed to become a standard for Grails 1.4, so it should continue to work with that release.

Improved Grails Resource Bundle and i18n Support

With 10.5, if you reference a property using the <g:message> tag in a GSP, and that property does not exist, then the property will be underlined in red and you’ll be given an Alt+Enter Intention to create it for you. Nifty. Also, the existing i18n intentions should now work better when you have GString syntax in your text. For instance, the string “Hello, ${user}” should now be properly handled when extracting to a resource bundle.

Various Usability Improvements

Last on the list are a few odds and ends around usability. Closures can now have the separator line between them in the IDE, the way methods show a line between them. GSP stacktraces have correct (and clickable) hyperlinks. The scripts folder is visible in the Grails view. And code navigation and formatting has been improved for several Grails Artefacts.

That’s it. Enjoy the upgrade, may your solid state disk never fail, and may your caches always be valid. Caio!

If you like this sort of thing, then there is also a whole bunch of other IDEA related content on my own blog and on the Canoo blog. Enjoy.

Source: Hamlet

Project Management Templates