paul.nowak wrote: Matt, thanks for the comments. I made an error on the version of Plone. It's 2.5 Plone running on Zope 2.9x.
In regards to the additional products, we have a skin installed and we have a product that we had custom developed for us that connects to a PostgreSQL database. We've looked at slow PostgreSQL queries causing problems and have not been able to find an issue. We've also tested for the case where the PostgreSQL server is down and have not been able to create an issue. We therefor...
Think about all of the critical data and IT systems that are moving into the cloud these days. Consumer credit reporting, enterprise CRM and sales force automation, customer support systems, banking and stock trading, foreign exchange, DNS management, email security… the list goes on and on, and it is only going to accelerate. Imagine if any one of the above services that you or your company uses were accessed by a hacker or competitor.
Greg Conti, an Assistant Professor of Computer Science at the US Military Academy in West Point, gave a talk at Defcon last week about the dangers of cloud computing. “The information we are all giving to online companies is massive and dangerous and [security's] going to get worse before it gets better.” This has spurred renewed debate in the security industry about strong authentication on the Internet as more and more critical services move into the cloud.
One example was a blog posting of mine earlier this weekwhere where Wells Fargo passwords for using a credit reporting server were somehow stolen, and identity thieves used those access codes to get onto the MicroBilt credit reporting site and mine the personal data, social security numbers, etc of over 7,000 people.
Had this cloud service required the use of authentication tokens or digital certificates in addition to a username and password, this type of breach would not have been possible.
Think about all of the critical data and IT systems that are moving into the cloud these days. Consumer credit reporting, enterprise CRM and sales force automation, customer support systems, banking and stock trading, foreign exchange, DNS management, email security… the list goes on and on, and it is only going to accelerate. Imagine if any one of the above services that you or your company uses were accessed by a hacker or competitor.
“our belief is that, with the right technology, the new generation of cloud computing system can be made as secure — if not more secure — than existing server-based office systems” said Sarb Sembhi, president of the ISACA London Chapter.
My personal belief is that all Internet services that have personal or business information should offer strong 2-factor authentication to their users and customers.
About David Jevans David Jevans is the Chief Executive Officer of IronKey, based in Los Altos, California. He is also the Chairman and Founder of the Anti-Phishing Working Group, the leading non-profit organization dedicated to eradicating identity theft and fraud on the Internet. The APWG has over 1,500 member companies and agencies worldwide. Membership is limited to banks and other financial institutions, ISPs, law enforcement agencies and security technology vendors. Jevans has over 10 years of business experience in the Internet security industry, and has founded two high-tech startups, been through IPO, mergers and acquisitions.
Reader Feedback: Page 1 of 1
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice: