4 Tips for Cloud Compliance

               Moving to the cloud is easy, but remaining compliant in the cloud is another matter. When you move to the cloud you're handing over control of your data to a third party. When data is not under your direct control, it can be tough to ensure that the way it is handled meets regulatory requirements.

Which regulatory requirements do you have to worry about in the cloud? The simple answer is the same ones that apply to you already. That's most likely to be one or more of:

• Sarbanes Oxley Act (SOX)
• Health Insurance Portability and Accountability Act (HIPAA)
• Payment Card Industry Data Security Standard (PCI- DSS)
• Federal Information Security Management Act (FISMA)
• Gramm-Leach-Bliley Act
• SB-1386
• European Union Data Protection Directive

The PCI Security Standards Council suggests three ways of avoiding scoping issues that nay be found in shared cloud environments:

• Traditional Application Service Provider (ASP) model where physically separate servers are provided for each client's environment
• Virtualized servers that are individually dedicated to a particular client, including any virtualized disks such as SAN, NAS or virtual database servers
• Environments where clients run their applications in separate logical partitions using separate database management system images and do not share disk storage or other resources

Nail Down Where Data Will Be Stored

Regulations such as the European Union Data Protection Directive place restrictions on where certain types of data can be stored and processed geographically. For example, it requires personal data to remain within the borders of the EU or a third-party country which offers adequate protection.

That can obviously be a big problem if a cloud provider operates data centers around the world and stores your data in multiple locations. The good news is that all reputable cloud service providers are aware of the problem and offer geographical nodes that customers can select for their data to reside in.

The key thing, then, is to read the fine print to ensure that all your data stays in those geographical areas. Secondary copies, archive copies or other copies made by the service provider for redundancy, speed or other purposes, or to be stored with subcontractors, should never leave those areas.

Realize a Compliant Provider Won't Make You Compliant

Regulations may require that any cloud service provider you use is certified to be compliant with those regulations. But that doesn't mean using one also makes you compliant automatically. You still have to use the service in a compliant manner; it is your responsibility to ensure the provider maintains regulatory controls on an ongoing basis. And you still have to maintain compliance for your own IT operations which connect to the cloud service provider.

Where a cloud service is certified or validated for a given set of regulations, that doesn't mean that your environment in that cloud service will be compliant. As an example of how this can happen, the PCI Security Standards Council points out that validation may have included use of up-to-date anti-virus software on the cloud service provider's systems. However, this validation might not extend to the individual client operating systems or virtual machines.

Windows 8 Boosts Security with 5 New Features

               The Windows OS has never been known for its security features. Microsoft hopes to change that with Windows 8.

When it comes to platform security, Microsoft is still trying to earn back the trust it so badly lost during the Windows XP era. At its worst, an unpatched Windows XP machine connected to the Internet could become infected by malware in an average time of four minutes.

Subsequent Windows releases have certainly improved on this rock-bottom situation. Windows Vista saw infection rates drop by about half compared to XP. And with Windows 7, infections dropped on average by half again compared to Vista.

Without a doubt, Windows security has been improving. But Windows still possesses the lion's share of the desktop OS market – particularly in the enterprise – and as such still remains a favored target of malware distributors.

The newly released Windows 8 features major interface changes, which have drawn the bulk of attention. But the differences between Windows 7 and 8 aren't only on the surface. A short list of new security features promise to significantly decrease the Windows 8 infection rate, even as compared to the improvements seen in Windows 7.

Here are some of the most significant security features, all of which will be available in Windows 8.1, the upcoming update of Microsoft's latest operating system, which a growing number of sources are reporting will be released in October.

Early Malware Detection

As anti-malware scanners have become the standard on many machines, malware distributors have increasingly looked for new attack vectors. One such strategy is to target malware further up the chain in the OS. Typical anti-malware software employs runtime scanners – meaning that they detect malware after the OS is already up and running.

But malware like rootkits and bootkits install themselves earlier in the OS sequence, meaning their hooks are in place before conventional anti-malware scanners are launched. Windows 8 introduces two new defenses to combat this problem; secure boot and ELAM, or "Early Launch Anti-Malware."

Secure Boot

Windows 8 support for secure boot is one of the more controversial new security features. In brief, secure boot requires that code launched at boot possess a secure certificate verifiable by a hardware module.

The argument behind secure boot is that it will prevent infections from bootkits, which weasel their way into the boot code of the machine. Bootkits can be very difficult to remove. However, they also make up a relatively small proportion of malware infections. The secure boot feature can make it more complicated to install alternative operating systems on a machine, such as Linux. Windows 8 installed on non-certified hardware (e.g. machines which are not brand new) will likely not support secure boot anyway.

Some critics say that secure boot will make Windows machines into "closed" systems by more closely tying the hardware to the OS, while preventing a limited vector of attack. Although true, this fact is not likely to present a real practical problem for enterprise deployments where control and uniformity of workstations is generally desirable.
As with just about any security feature, though, determined hackers can find a way around it. Security researchers demonstrated two exploits of Secure Boot at the recent Black Hat security conference. It is worth noting, however, that the attacks are possible because of shortcomings in how some PC vendors implement the Unified Extensible Firmware Interface (UEFI) specification on their machines rather than weaknesses in the secure boot feature itself.

Early Detection: ELAM

With ELAM, Windows 8 essentially possesses a built-in scanner for operating system drivers. When the OS boots ELAM is launched before other drivers, so that they can be checked against a blacklist of known infection signatures.

Enterprises can use the group policy editor to configure exactly how ELAM behaves. For example, administrators can decide whether the system should be allowed to boot only when known good drivers are present or whether to also allow unknown drivers – which may be infected or may simply be installed by useful third-party products.

Runtime Security

When the Windows 8 OS is up and running, several more security defenses have been introduced to further limit the attack surface area.

Windows Defender, which was originally included with Windows 7 as an anti-malware scanner, now runs by default and its job scope has been expanded to look for suspicious network activity as well as malware executable signatures. Note, though, that PC vendors may opt to replace Defender with third-party anti-malware solutions of their choosing, which may be limited-time trial editions.

Sandboxing with AppContainer

The biggest new security feature introduced to runtime Windows 8 is the new AppContainer. When an application runs inside a "sandbox," it is limited in how it can interact with the underlying OS. Depending on the sandbox, apps may be restricted from reading or writing files outside prescribed locations, accessing location awareness, modifying operating system files and so on.

If you've installed apps on an Android phone, you've seen the screen where it describes which privileges the app requests access to. If an app requests overly broad privileges relative to its functionality, you may decide to abandon the install. Microsoft's AppContainer roughly applies this concept to Windows 8 Metro apps. Wait – what?

A key new and/or confusing aspect of Windows 8 is that it now supports two types of applications. There are the traditional desktop applications that look and operate just like applications on Windows 7, and then there are Metro apps which are more like mobile applications. You discover and install Metro apps from a central app store, you launch them from a grid display, and each app runs full screen. In short, Metro apps are the part of Windows 8 where it behaves like a mobile OS.

AppContainer is designed to apply to these Metro apps. But wait – there's more. Microsoft extends the AppContainer feature to also apply to browser tabs inside Internet Explorer 11. Therefore, potentially malicious apps that could run inside a Web page will be isolated inside an AppContainer sandbox.

Portable Enterprise Security

Organizations that use the Windows 8 Enterprise edition can deploy an interesting new twist on platform security called Windows To Go. With WTG, a pre-configured installation of Windows 8 can be installed to and launched from an approved USB stick.

In this context, an enterprise can be assured that an employee or contractor is using a securely configured Windows 8, which for example might be set up to access the corporate VPN. Separating business and personal silos addresses the increasing trend toward BYOD, ensuring that personal devices are securely used for business work.

To further secure WTG, the USB drives can be encrypted either at creation time or after the fact using Microsoft’s Bitlocker.

Four Ways Cyber Criminals Target You

Cyber security isn’t just an issue for laptops and desktops. We get online on everything from smartphones to tablets to gaming consoles. And we’re often more lax about security on our mobile devices, putting them at greater risk for cyber crime.

             You know the basics – create unique passwords, stick to secure websites, et cetera, et cetera. But how much do you really know about cyber crime?

Online security is improving, but cyber criminals are getting smarter, too. Here are  four new methods that cyber criminals are using to attack – and what you can do to keep yourself from becoming a target.

Mobile Devices

We do a lot on our phones and tablets, from banking to shopping to social networking. And to get online on mobile devices, we often use unsecure wireless networks and third-party apps – perfect targets for cyber criminals, who can easily hack in and steal your personal information.

To combat mobile cyber crime, the Department of Homeland Security suggests taking the same precautions that you would on your computer. Password-protect your wireless network. Disable auto-login on your apps. Download and update mobile anti-virus software.  And use caution when downloading files or clicking on links.

Phishing

Cyber criminals use phishing scams to trick unsuspecting Internet users into sharing sensitive information – like addresses, phone numbers, ID numbers and even banking information. Phishing scams can come in the form of websites, phone calls and, most commonly, email messages.

Phishing emails may appear to be from legitimate sources – like your Internet provider, an anti-virus software company or a social media site. The email may ask for your information to correct an account issue, warn you that you have a virus, or inform you that you’ve won a prize.

There are a few telltale signs of phishing scams, including poor grammar and spelling, suspicious links and downloads, and pop-up windows. If you receive an email containing any of these signs, delete it immediately – and don’t click any links or download files. If you think the email may be legitimate, contact the organization directly, through their official website or phone number.

Social Media

You probably think of social media as a fun way to pass the time or stay in touch with friends and family.  But whether you’re on Facebook, Twitter, Instagram or any other social media site, it’s also an easy way for cyber criminals to gain access to your information.

Social media sites encourage users to provide as much personal information as possible. They use it to target ads to individual users – but cyber criminals can use that same information to make you a target of their crimes.

Information commonly published on social media sites – like your name, birthdate, home town, address, and workplace – can be used to find out your passwords and even steal your identity. To stay protected, keep the personal information on your social media pages to a minimum – and only grant access to people you know and trust. Be sure to read the privacy policies on the sites you use regularly, so that you are aware of what information is visible.

Trojans

You might know the term “Trojan horse” from Greek mythology. As the story goes, the Greeks presented the Trojans with a peace offering of a giant wooden horse. But inside the horse were Greek soldiers, who promptly defeated the Trojans and captured the city of Troy.

A Trojan horse in cyber-crime terms works the same way. A Trojan horse is malware that presents itself as a useful computer program in an email or on a website. You download the program, which then stays hidden in your computer to track your activities, download other malware, and launch attacks.

You can protect yourself against Trojan horses and other malware programs by avoiding suspicious websites and emails from unknown sources. Don’t click on links or download files you don’t trust 100%. You can also install anti-virus software that will scan the files you download and protect against viruses.

Computer Security Threats Can Be Easily Avoided Through VPN and Proxy Services

       Idcloak has published a new article addressing computer security threats and the ways which netizens can keep themselves safe while browsing the web.

The article, titled 'Computer Security Protection - Avoiding Electronic Identity Theft', aims to expose some of the methods used to carry out identity theft and internet fraud.

Connor Mills, web researcher at idcloak, said of identity theft and cyber crime, “Cyber crime is adapting and changing, and the list of vulnerabilities that make these attacks possible is long.

Hackers have more methods and tools at their disposal than ever before, and that is not something that is soon to change. The good news is that there are a number of countermeasures to hackers available, but people must first become aware of how easily their financial and personal information can be compromised.

“There are a few widespread forms of cyber attack which are worth mentioning; the first being phishing. Essentially, hackers will infect legitimate sites with malicious software in order to 'phish' out information about those who access it. Another method is sidejacking; hackers will invade an active web session in order to gain access to someone's personal data. Sidejacking is the result of network sniffing more widely, which is very dangerous itself, as the average user relays much of their data in an unencrypted form; lastly, we have Remote Keyloggers: insidious spyware used to capture victims' data as they type it into their keyboard.”

Several of these hacking threats rely on the interception of data coming to and from the target's computer over their wifi connection. SSL proxies will give the user a degree of online protection, but they can be inconsistent in terms of performance. Some proxy sites themselves are also set up as phishing scams. The best defense for user data is a quality VPN service, which will send the data through an encrypted tunnel to a secure inhouse server, hiding sensitive information from potential data thieves.

Mills had this to say about the future of internet crime, “The larger the role that the internet and technology begin to play in our lives, which is increasing exponentially, the more threats we are beginning to see. Within numerous aspects of our existence, we are growing more dependent on the web. The more dependent we become the more of a feeding frenzy the online world will be for tech savvy criminals seeking monetary or personal gain.”