Results tagged “security”

One of the trickiest issues that's dogging cloud computing is security. For businesses, this is a huge deal because they are being asked to entrust another entity with the confidentiality of their data, like customer records replete with private information. Encryption solves this, obviously, but it adds another barrier to modern business processes that require data analysis. Cloud providers, too, need some visibility for management and analysis on behalf of their clients.

Tricky, right?

This is where breakthrough, called "privacy homomorphism" or "fully homomorphic encryption" comes in. While earning his PhD at at Stanford and pulling double duty as a summer student at IBM Research, Craig Gentry cooked up the "ideal lattice," a mathematical object that loosens the bonds of encrypted data for the above purposes but doesn't expose the underlying encrypted data.

IBM explains:

With the breakthrough, computer vendors storing the confidential, electronic data of others will be able to fully analyze data on their clients' behalf without expensive interaction with the client, and without seeing any of the private data. With Gentry's technique, the analysis of encrypted information can yield the same detailed results as if the original data was fully visible to all.

Using the solution could help strengthen the business model of "cloud computing," where a computer vendor is entrusted to host the confidential data of others in a ubiquitous Internet presence. It might better enable a cloud computing vendor to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data.

Soon (hopefully) corporations and individuals will enjoy secure, encrypted cloud computing without compromising on functionality. The roadblocks to widespread cloud computing seem to be falling away, don't they?

[Source via @IBMResearch]

The greening of Apple OS X - Mother Nature Network

OS X 1.6 solves that by allowing developers to create multithread software -- software that can unlock the power of new multicore processors by letting one chip serve many tasks. When a thread for one program is not needed, that energy is diverted for use by another program.

HP Repackages Cooling Management Tools - Web Host Industry Review

The new solution will increase the visibility of customers' data centers by using small sensors to offer 24-hour monitoring of power and cooling distribution, helping customers to reduce inefficiencies and energy consumption, and increase data center capacity.

The sensors then take these results and sends them back to HP's Environmental Observer visualization software.

VMware Virtual Desktops Find Homes in Hospitals - eWeek

With VMware View, we are able to move to a 'zero footprint' device, reduce power consumption and provide our emergency staff department an always on and available desktop," Kane Edupuganti, director of IT operations and communications for the hospital, said in a statement. "We plan on continuing desktop virtualization across nearly 5,000 endpoints in order to maximize ROI in areas outside of IT."

Flaw In Virtualization App Causes Data Loss On Thousands Of Websites - Dark Reading

Root access enabled the attackers to wipe out large portions of the data on all of VAServ's hosted U.K. and U.S. Websites, the reports say. About half of VAServer's customers had not signed up for the provider's backup service, and in some cases their data might never be recovered, the reports say.

Rackspace lays out its cloud computing roadmap: Think hybrid - Between the Lines - ZDNet Blogs

When finished, Moorman sees customers mixing and matching technologies with the cloud. For instance, VMware and a company's database may live on a dedicated server, but Web apps and archiving might be offloaded to the cloud. The key is to make these platforms operate seamlessly. "When finished it (this hybrid approach) will automatically link your private network to cloud securely so it looks like one seamless network," said Moorman. Simply put, some applications like enterprise resource planning software, are likely to stay on dedicated computing resources.

As businesses adopt cloud-based services, there's a danger that security may not be getting the attention it deserves, according to a study conducted by IDG Research for RSA Security.

Sixteen percent of those polled are planning to start migrating some aspects of their operations, be it enterprise apps or business processes, to the cloud within the next 12 months. Alarmingly, two -thirds of those admit to lacking a cloud computing security strategy.

Word of advice: There's still time, do it! You'll see why in the next paragraph...

Over 70 percent of the 100 security execs at so-called these hyper-extended enterprises (or so to be) with revenues of $1 billion surveyed said they had a "security incident" in the last 18 months. Even more troubling is that economic factors might be a contributing factor. Citing "pressure to cut costs and drive revenue," over 80 percent are concerned that their exposure to security risks has increased.

The report, "As Hyper-extended Enterprises Grow, So Do Security Risks" (PDF) is available for download at the RSA website.

Security and regulatory concerns slow some server virtualization efforts - Network World

There's awe in the instantaneous speed that VMware offers in set up and tear down of VMs but worry about potential abuse of that power, too, deliberate or unintentional.

Mucha decided Stanford Hospital & Clinics would benefit by adding another layer of security controls for VMware's ESX servers and management console by inserting the policy-enforcement appliance from start-up HyTrust.

Opinion: The green goal of a paperless office remains elusive - San Jose Mercury News

The key to implementing a paperless office is to first provide convenient electronic access to documents from anywhere at any time and then make paper use inconvenient. It is critical to do both. If paper use is made inconvenient without offering a great alternative, there will be loud complaints. Likewise, if a firm just provides electronic access, but paper is still convenient to use, the migration away from paper is limited.

Intel X25-M 80GB SSD - InfoWorld

The Intel X25-M 80GB drive is meant to be the mainstream drive that brings SSDs to mass market. We received the model SSDSA2MH080G1GC, which has a 2.5-inch form factor similar to laptop hard disks. Enthusiasts would take to this drive right away, considering that it makes no noise at all and doesn't heat up. It helps conserve power too, with its rated usage of 60 mW (milliwatts) at idle and 150 mW during read/write operations, this is about one-hundredth of normal desktop HDDs.

VMware buys small stake in cloud hosting provider - Information Age

VMware, the virtualisation software vendor whose kit is central to many so-called cloud-computing environments, has bought a 5% stake in cloud hosting provider Terremark for $20 million.

New Cisco Switch, Router Offerings Aim at Collaboration, Security - eWeek.com

On the green IT side, the company's EthernetSwitch modules support Cisco's EnergyWise services for better LAN energy utilization, and Cisco offers its Smart Call Home and EnergyWise services for its Catalyst 4500 Series switches.

If you have lingering questions and concerns about the state of virtualization security, SANS is putting on just the conference for you.

SANS WhatWorks in Virtualization Security Summit takes place in August 17-18 at the Fairmont in Washington DC. Here's a taste of the conference overview:

The SANS Virtualization Security Summit brings together industry leaders to help enterprises realize the enormous benefits of virtualization while addressing the new security challenges that it creates. You'll discuss the latest processes and tools for securing your virtualized systems in open forums designed to bring you together with both industry experts and your peers facing the same day-to-day challenges. Since securing an enterprise doesn't have a "one size fits all" solution, you'll be able to get answers to your organization's individual requirements in detailed Q&A sessions. If you're considering deploying virtualization, or increasing your current deployment, vendor "shoot-outs" provide you with a unique opportunity to ask the hard questions to determine what tools will best fit your organization's requirements.

SANS helpfully provides a topic breakdown in the form of questions like: "What are the economic and flexibility payoffs from going virtual? How can they be validated and quantified?" and "Which of the four leading virtual platforms provides the most security today? Which has the best roadmap for continued security improvement?"

The conference costs $1,495; early bird pricing is available until July 8, 2009. Courses following the summit will set you back another $2,250.

Make your travel plans early!

A Dozen Things the Smart Grid Can Learn from the Internet - Earth2Tech

Security & Encryption: The smart grid community needs to publish detailed specifications for different levels of security and encryption standards. For secure communication purposes, the Internet leveraged data encryption standards, including variants of Digital Encryption Standard (DES) as endorsed by the National Institute of Science & Technology (NIST). To ensure secure user authentication and data integrity, techniques like digital signatures and the network authentication protocol Kerberos were also created.

Byte Me: The greening of computers - The Scene Newspaper

First, you should know that the piece of equipment that supplies power to your computer is called the power supply. Okay, that part is easy. If you're in the market for an energy efficient computer, you're going to want to be sure to get one that has an 80 Plus Certified power supply. 80 Plus Certification is an electric utility-funded program to promote energy efficient power supplies for desktop computers and servers.

Linux thin client tutorial pushes green benefits - LinuxDevices.com

Osier-Mixon, who is a technical writer for MontaVista Software, defines cloud computing as "the use of resources accessed over the Internet," typically using clients of limited capability. This is essentially the same concept as traditional client-server computing over a LAN using dumb terminals, he explains, but it has been transformed with ample bandwidth and much more compelling, multimedia rich clients and services. In short, "Terminals are no longer dumb, and clients are no longer very thin," he writes.

Doyenz Unravels Mysteries of Cloud Computing - Emerging Vendors Blog - ChannelWeb

The company's Automated Virtual IT platform was designed to help small businesses take advantage of cloud computing. Tiwary called it a hybrid solution that uses virtualization and cloud services to automate the delivery and management of IT infrastructure.

Recycled laptop bag from RedCamper - Great Green Goods

Government Computer News explores the topic of virtualization and security, and depending on whom you believe, we're either "halfway there" or well behind the curve. But there's some encouraging news as the technology takes hold in the datacenter, IT workers are starting to take safeguarding it seriously.

That popularity is reflected at this week's RSA security conference, where Shackleford and Farrow gave a presentation on virtual security for the second year in a row. If there is one topic as hot as how to save money through virtualization, it is how to secure your new virtual environment. Two years ago, there was one presentation scheduled on virtual security at the conference. That increased to three last year and nine this year.

Source: Government Computer News

Yesterday, McAfee and ICF shocked us with data that exposed spam's environmental impact. Jeremy Kaplan at Good Clean Tech isn't buying it...

Business users leave their PCs on all day regardless of whether they've finished sorting their inboxes, so in my eyes you can't count any of the energy exhausted by their PCs. Besides, many email users don't have to deal with (much) spam anyhow, with filters on the job. (Well, my old Hotmail account gets hundreds of spam mails a day, but really, I only have to deal with them when the computer is supposed to be on anyway).

In my eyes, you could really substitute "Bejeweled" or email in general or any other computing activity for spam and reach a similar computing, if all we're doing is quantifying uptime. Bottom line: PCs waste energy, and humans leave them on too long, wasting energy. But spam? It's kind of meaningless here.

Yes, but I enjoy Bejeweled.

The fight's not over, though. An interesting post in the comments section reveals that the consumption figures were calculated using measures of "incremental energy" to negate the effect of an already running PC.

Either way, I think we can all agree that spam is no good, period.

Source: Good Clean Tech [via PC Mag]

Having a hard time finding a someone to handle your company's old equipment?

Processor has put together a profile of four IT recyclers you may want to check out. And if data security is a priority--and it should be--then PA-based Reclamere is worth checking out.

The company offers no one-size-fits-all recycling solution, instead delivering a customized approach that is based on client needs. Further, the company subcontracts none of its services and uses only bonded, insured, background-checked, and drug-tested Reclamere employees for all projects, including the transportation of equipment.

"Our digital data destruction is a trade-secret process developed in-house that exceeds government standards for destruction and quality control," explains Angie Singer Keating, vice president of compliance and security at Reclamere. "Because we are experts in data recovery--not just self-proclaimed, but actual experts at the federal court level for litigation involving data recovery--we can guarantee to our clients the very best in data destruction services."

Other companies doing their part to starve landfills include Classic Computer Recovery, Recycle Your Media and DMD Systems Recovery.

Source: Processor

Spam. We all hate it for obvious reasons, but here's a new one that really draws an eco-geek's ire.

According to research conducted by McAfee and ICF, every year 33 terawatt hours (TWh) are wasted transmitting, smiting and otherwise dealing with the estimated 62 trillion spam e-mails sent during that time frame. That's enough to power 2.4 million homes, folks!

Combating spam was actually found to lessen the environmental impact of all that spam. According to the study, "spam filtering saves 135 TWh of electricity per year." However, if McColo's take down last year is any indication, taking spam out at the source -- or close to it -- may be the best way to stop spam's polluting ways. During that time last year when the infamous web host went dark, spam volume dropped 70 percent, the equivalent of taking taking 2.2 million cars off the road, to use a popular enviro-metric.

Here are some other interesting findings:

Much of the energy consumption associated with spam (nearly 80 percent) comes from end-users deleting spam and searching for legitimate e-mail (false positives). Spam filtering accounts for just 16 percent of spam-related energy use.

The average GHG emission associated with a single spam message is 0.3 grams of CO2. That's like driving three feet (one meter); but when multiplied by the yearly volume of spam, it is equivalent to driving around the earth 1.6 million times.

If every inbox were protected by a state-of-the-art spam filter, organizations and individuals could reduce today's spam energy by 75 percent or 25 TWh per year, the equivalent of taking 2.3 million cars off the road.

You can grab a copy of the full report here (registration required).

Source: Press Release