The i-Technology Media!
Register | Log in
   
 
.NET  ·  AJAX  ·  CLOUD  ·  ECLIPSE  ·  FLEX  ·  OPEN WEB  ·  iPHONE  ·  JAVA  ·  LINUX  ·  OPEN SOURCE  ·  ORACLE  ·  PBDJ  ·  SEARCH  ·  SILVERLIGHT  ·  SOA  ·  VIRTUALIZATION  ·  WEB 2.0  ·  WIRELESS  ·  XML
Comments
Drool, Britannia? Is the UK Failing the Cloud?
By Roger Strukhoff
Richard Davies wrote: The UK has a good crop of technology pioneers in cloud computing - for example ElasticHosts, FlexiScale, Flexiant, OnApp - and also some strong government initiatives such as G-Cloud. We will have to see whether this kind of technical leadership converts into swift mass-market adoption or not.
Jan. 8, 2012 11:38 AM EST
read more & respond »
Cloud Expo on Google News
Did you read today's front page stories & breaking news?

Cloud Expo & Virtualization 2011 West
Keynotes
Oracle
Opening Keynote | An Enterprise Cloud for Business-Critical Applications
Abiquo
Day 2 Keynote | The Enterprise Cloud Tightrope - Balancing for Success
Akamai
Day 3 Keynote | The DNA of an Enterprise Cloud
DIAMOND SPONSOR:
Oracle
Many Clouds, Many Choices'Cloud
PLATINUM PLUS SPONSORS:
Abiquo
Enterprise Cloud Best Practices - Town Hall - Join the discussion…
PLATINUM SPONSORS:
Intel
Progressing Toward the Federated, Automated and Client-Aware Cloud
New Relic
How to build an app with Twitter-like throughput
Rackspace
Computing in the Cloud Era
GOLD SPONSORS:
Gale Technologies
Practical Cloud Migration
IBM
Re-think IT. Re-inventing Business.
Intel/McAfee
Identity Driven Security in the Cloud
PerspecSys
Hackers Hackers Everywhere, Is My Public Cloud That Safe?
Red Hat
Unlock the Value of the Cloud
SHI
Mission Critical Applications and the Cloud - Myth or Reality?
SoftLayer
Not Your Grandpa's Cloud
Terremark
Integrating Enterprise Clouds
VMware
Upgrade to a vCloud
POWER PANELS:
Cloud Expo Silicon Valley: CTO Power Panel
Cloud Expo Silicon Valley: CEO Power Panel
Cloud Expo Silicon Valley: Cloud SuperStars Panel
Cloud Expo Silicon Valley: CloudNOW Panel
Click For 2010 West
Event Webcasts
Cloud Expo & Virtualization 2011 East
DIAMOND SPONSOR:
Dell
Dell & VMware Deliver the Enterprise Hybrid Cloud
PLATINUM PLUS SPONSORS:
Abiquo
Are Financial Services Organizations Risking Security by Avoiding Cloud Computing?
Oracle
From Consolidation to Enterprise Private PaaS
PLATINUM SPONSORS:
Intel
Driving the Transformation to Next Generation Cloud Data Centers
Rackspace
The Inevitability of an Open Cloud
GOLD SPONSORS:
CA Technologies
Follow YOUR path to Cloud Computing
Interxion
Who Keeps the Cloud in the Air?
Microsoft
Patterns for Cloud Computing
PerspecSys
War in the Clouds: Are you ready?
ServiceMesh
The Big Win: Stop Playing Small-Ball with Your Cloud Strategy
Terremark
Evaluating Enterprise Clouds
Xiotech
Cloud Storage: Myths and Realities
POWER PANELS:
Cloud Expo New York: CTO Power Panel
Cloud Expo New York: CEO Power Panel
Cloud Expo New York: CMO Power Panel
Cloud Expo New York: Wrap-Up Power Panel
Click For 2010 West
Event Webcasts
Live Google News by SYS-CON!
Top Three Links You Must Click On


Industry News Desk
Cloud Security: The Need for Two-Factor Authentication in Cloud Computing
All Internet services that have personal or business information should offer strong 2-factor authentication

By: David Jevans
Aug. 15, 2008 03:30 PM

Think about all of the critical data and IT systems that are moving into the cloud these days. Consumer credit reporting, enterprise CRM and sales force automation, customer support systems, banking and stock trading, foreign exchange, DNS management, email security… the list goes on and on, and it is only going to accelerate. Imagine if any one of the above services that you or your company uses were accessed by a hacker or competitor.

Greg Conti, an Assistant Professor of Computer Science at the US Military Academy in West Point, gave a talk at Defcon last week about the dangers of cloud computing. “The information we are all giving to online companies is massive and dangerous and [security's] going to get worse before it gets better.” This has spurred renewed debate in the security industry about strong authentication on the Internet as more and more critical services move into the cloud.

One example was a blog posting of mine earlier this week where where Wells Fargo passwords for using a credit reporting server were somehow stolen, and identity thieves used those access codes to get onto the MicroBilt credit reporting site and mine the personal data, social security numbers, etc of over 7,000 people.

Had this cloud service required the use of authentication tokens or digital certificates in addition to a username and password, this type of breach would not have been possible.

Think about all of the critical data and IT systems that are moving into the cloud these days. Consumer credit reporting, enterprise CRM and sales force automation, customer support systems, banking and stock trading, foreign exchange, DNS management, email security… the list goes on and on, and it is only going to accelerate. Imagine if any one of the above services that you or your company uses were accessed by a hacker or competitor.

The Information Systems Audit and Control Association has released a statement that two-factor authentication systems connected to encrypted communications can secure Internet connections to cloud computing-based services.

“our belief is that, with the right technology, the new generation of cloud computing system can be made as secure — if not more secure — than existing server-based office systems” said Sarb Sembhi, president of the ISACA London Chapter.

My personal belief is that all Internet services that have personal or business information should offer strong 2-factor authentication to their users and customers.

 

Published Aug. 15, 2008— Reads 13,914
Copyright © 2008 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
Related Stories
▪ What's the Difference Between Cloud Computing and SaaS?
▪ Cloud Computing Expo: Introducing the Cloud Pyramid
▪ Cloud Computing - The Jargon is Back!
▪ Marketing the Cloud Computing Paradigm Shift
▪ Cloud Computing Expo - Deploying Into the Clouds: Concepts, Benefits and Experiences
▪ Cloud Computing Expo - The World Wide Cloud: Bridging the Data Center and The Cloud
▪ "Cloud Computing Expo" Call for Papers Now Open
▪ Trusting the Cloud: Timing and Adoption of Cloud Technologies
▪ SYS-CON's Cloud Computing Expo Will Be Larger Than Any Recent Gartner Event
▪ Cloud Computing - Morgan Stanley is Banking on the Cloud
▪ Merrill Lynch Estimates "Cloud Computing" To Be $100 Billion Market
▪ A Brief History of Cloud Computing: Is the Cloud There Yet?
▪ Joyent CEO to Present on "The Open Cloud" at SYS-CON's Cloud Computing Expo
▪ Blog-City.com Founder Alan Williamson to Present at SYS-CON's Cloud Computing Expo
▪ Cloud Computing & Privacy: Would You Trust Amazon?
About David Jevans
David Jevans is the Chief Executive Officer of IronKey, based in Los Altos, California. He is also the Chairman and Founder of the Anti-Phishing Working Group, the leading non-profit organization dedicated to eradicating identity theft and fraud on the Internet. The APWG has over 1,500 member companies and agencies worldwide. Membership is limited to banks and other financial institutions, ISPs, law enforcement agencies and security technology vendors.
Jevans has over 10 years of business experience in the Internet security industry, and has founded two high-tech startups, been through IPO, mergers and acquisitions.


Add Your Feedback

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

SYS-CON Featured Whitepapers

ADS BY GOOGLE

Breaking Java News
Search Optimization Innovator Bob Heyman Joins YouInWeb as CMO
Siliconware Precision Industries Reports a 3.8% Quarter-over-Quarter Decline in Revenues Resulting in Earnings per Share of NT$ 0.38 or Earnings per ADS of US$ 0.06 for Fourth Quarter 2011
Norwest Venture Partners Invests $15M in Manthan Systems
Norwest Venture Partners Invests $15M in Manthan Systems
Cotendo Receives Prestigious Frost & Sullivan New Product Innovation Award
U.S. Census Bureau Daily Feature for February 15
U.S. Census Bureau Black History Month Feature for February 15
IEEE Announces No-Cost Public Access to Select IEEE C95TM Standards for Exposure to Electromagnetic Fields
ADVERTISE   |   MAGAZINE SUBSCRIPTIONS   |   FREE BREAKING-NEWSLETTERS!   |   SYS-CON.TV   |   BLOG-N-PLAY!   |   WEBCAST   |   EDUCATION   |   RESEARCH
.NET Developer's Journal - .NETDJ   |   ColdFusion Developer's Journal - CFDJ   |   Eclipse Developer's Journal - EDJ   |   Enterprise Open Source Magazine - EOS
Open Web Developer's Journal - OPENWEB   |   iPhone Developer's Journal - iPHONE   |   Virtualization - Virtualization   |   Java Developer's Journal - JDJ   |   Linux.SYS-CON.com
PowerBuilder Developer's Journal - PBDJ   |   SEO / SEM Journal - SJ   |   SOAWorld Magazine - SOAWM   |   IT Solutions Guide - ITSG   |   Symbian Developer's Journal - SDJ
WebLogic Developer's Journal - WLDJ   |   WebSphere Journal - WJ   |   Wireless Business & Technology - WBT   |   XML-Journal - XMLJ   |   Internet Video - iTV
Flex Developer's Journal - Flex   |   AJAXWorld Magazine - AWM   |   Silverlight Developer's Journal - SLDJ   |   PHP.SYS-CON.com   |   Web 2.0 Journal - WEB2
Apache   |   CMS   |   CRM   |   HP   |   Oracle Journal   |   Perl   |   Python   |   Red Hat   |   Ruby on Rails   |   SAP   |   SaaS
SYS-CON MEDIA:   ABOUT US   |   CONTACT US   |   COMPANY NEWS   |   CAREERS   |   SITE MAP
SYS-CON EVENTS:   |  AJAXWorld Conference & Expo  |  iPhone Developer Summit  |  Cloud Computing Conference & Expo  |  SOA World Conference & Expo  |  Virtualization Conference & Expo
INTERNATIONAL SITES:   India  |  U.K.  |  Canada  |  Germany  |  France  |  Australia  |  Italy  |  Spain  |  Netherlands  |  Brazil  |  Belgium
 Terms of Use & Our Privacy Statement     About Newsfeeds / Video Feeds
Copyright ©1994-2008 SYS-CON Publications, Inc. All Rights Reserved. All marks are trademarks of SYS-CON Media.
Reproduction in whole or in part in any form or medium without express written permission of SYS-CON Publications, Inc. is prohibited.
 
close this window