Archive for: Security
Follow us with RSSJuly 28, 2010
Cloud Storage Security Challenge: Disaster Recovery
A week ago, our first cloud storage challenge officially came to a close and we were happy, but far from surprised, to announce that nobody won the challenge. We then proved that we didn't game the system and revealed the prize file.
July 26, 2010
Cloud Storage Security Challenge: Technical Unveiling
Last Wednesday, our first cloud storage challenge officially ended with an unsurprising result: nobody won the challenge. In this post we'll provide proof that the data was actually online for the challenge and that we didn't game the system. In short, we're going to prove that this was an honest unwinnable challenge.
July 21, 2010
Cloud Storage Security Challenge: The Free Software Foundation Wins
Today our first cloud storage challenge officially comes to an end. We're thrilled - but not surprised - to say that no one cracked the Nasuni Filer and revealed the contents of the encrypted prize file, which we left out for anyone to attack. As such, this security challenge successfully demonstrated that modern encryption can protect cloud storage files.
July 20, 2010
Cloud Security Webinar Addresses the Real Security Risks of the Cloud
We hear a lot of concerns about security and the cloud. Security has been a major focus for us from the start, and the security model we chose for the Nasuni Filer mitigates the very real risks of storing data in the cloud for our customers. But for many people, there are still a number of unanswered questions. To address these concerns, our CEO, Andres Rodriguez, will be hosting our first cloud storage webinar this Wednesday at 1:30 PM EDT. Participants will come away with a far better understanding of security in cloud storage - the risks, the challenges, and the potential solutions.
July 16, 2010
Amazon S3’s Enhanced Cloud Storage Security is Nice But Not Good Enough
Amazon announced security improvements for accessing S3 buckets last week, giving customers new ways to share between and restrict access to cloud storage pools. We’re happy to see Amazon and our other cloud storage partners evolving and adding new features. Unfortunately they’re overlooking a core business requirement: user-level access control within an S3 account. Without this, there is no practical way to distribute S3 storage to the employees of an organization.
July 12, 2010
The thing about SaaS: Facebook Security Challenge
It is incumbent upon all cloud vendors to demonstrate that their services are secure. Customer data needs to be protected against malicious hacker attacks or accidental breaches caused by slack internal security protocols. Cloud storage vendors are fortunate in that they can take advantage of modern data encryption. Our security challenge demonstrates that encryption is an effective means of deterring even the most sophisticated hackers.
June 28, 2010
Brilliant, funny, lame and unmentionable: Data Security Challenge Update
Last week we announced the first in our series of Cloud Storage Challenges. We focused this first challenge on security and specifically data encryption because we have repeatedly heard from customers that they are concerned with putting sensitive data in the cloud where it may be leaked.
June 22, 2010
Cloud Storage Challenge: Security
Today we are announcing the first in a series of Cloud Storage Challenges. This first challenge centers on one of the main concerns people have with sending their data to the cloud: security. Businesses that would benefit significantly from using cloud storage are holding back due to fears of data leakage.
June 9, 2010
Top 5 Security Challenges of Cloud Storage
Amidst all the buzz surrounding the cloud, many people still have deep concerns about security. A recent survey, summarized in Searchsecurity.com, found that 72% of federal CISOs stay away from cloud computing because of security concerns.
May 17, 2010
Four Cloud Security Must-Haves
A group at Microsoft Research just released a paper describing a new storage system designed to address the security issues associated with the cloud. They point to the fact that none of the cloud providers offer security guarantees in their Service Level Agreements (SLAs) as a major obstacle to wider use of the cloud; you can read about their proposed solution, a system called CloudProof, here. What caught our attention in particular was the group’s list of the four desirable security properties for cloud storage:
May 12, 2010
Storage News
We’ve noted before that experts are forecasting 2010 as the year that cloud storage truly arrives, and the industry certainly is growing, as yet another cloud storage option recently went live - the SaaS company OpSource added a pay-as-you-go service. Last week we also picked up a benchmark of another sort: Cloud storage was mentioned in renowned Wall Street Journal writer Walter Mossberg’s Personal Technology column. Granted, it only earned a paragraph in the piece, which explains cloud computing for a general audience, but we took particular interest in his note on security.
March 22, 2010
Calling Home: Configuration Data and Key Escrow
The Filer does not stand in the path of your data, which moves directly to and from the cloud, but it does call home on occasion. We discussed the alert system in a previous post. Here are two more reasons.
March 15, 2010
Data Security and the Nasuni Filer – Just the Facts
One of the core features of the Nasuni Filer is its end-to-end encryption. We strongly believe that the cloud is the future of storage, but unfortunately, most cloud providers out there today simply don’t have built-in encryption. Yet this is a critical feature for the long-term adoption of cloud storage. With that in mind, we’ve been working to design and implement a data security system that provides strong security while remaining easy to use and manage.
March 2, 2010
Security and the Nasuni Filer: Why We Use OpenPGP
The Nasuni Filer has a long list of unique, novel features, but we will be the first to admit that our decision to build its security around OpenPGP is not exactly groundbreaking. OpenPGP is the most widely used email encryption standard in the world. As we noted earlier, this is precisely why we adopted it. OpenPGP has been endlessly discussed, vetted, and attacked. Each attack has failed. The more failed attacks, the more proven the design.
Feb. 24, 2010
Securing Data in the Cloud: Unique Customer Credentials
Last week we touched on some of the reasons we provide each Nasuni customer with unique cloud credentials. This is an important point, though, so we decided to spell out a few more details here...
Feb. 16, 2010
Security and the Nasuni Filer
We launched our public beta last week, and users have begun testing the Nasuni Filer. A few have called us with an interesting question: How do I activate the encryption? The answer is simple: You do not have to. The Filer is secure by default...