Cloud Security is as HOT as Cloud it self. Many people are concern with Cloud Security and Privacy offered by Cloud providers like they have when they co-locate their servers to another data center.

On 26/04/2010, at IBM‘s Develothon Seminar at The Grand Bhagawti at Ahmedabad. I spoke to couple of persons and they have same concern about Cloud Security and Privacy.

Though, there are many ways to protect security over the Cloud computing and following are name few:

1) Private Cloud

2) To optimize use of your own infrastructure. Deploy Cloud in your data center only

3) SLAs with Vendors providing Cloud Services

4) VPN between your infrastructure and Cloud Providers

Above are name a few security solution on cloud. I know there are many more solution available and which one can use to make sure that Cloud deployment is secure.

There are many Cloud security providers available in market today. They provide solution from Anti Virus to compliance to end user data protection.

There are many consultancy firms are around which would help you to Securely Deploy your Application in Public or Private Cloud.

Following are the name of Cloud Security providers which I got from cloud Security alliance website:

1) Forum Systems

2) HCL

3) Iron Mountain

4) Novell

5) NetWitness Corporation

6) NSFOCUS

7) PGP

8) Ping Identity

9) Qualys

10) RackSpace Cloud

11) RSA

12) Sonoa Systems

13) Trend Micro

14) VeriZon Business

Above are Some of Cloud Security Provider. Cloud Security is gaining concern with many providers and also lake of knowable and awareness about it.

Please check this space for more information about Cloud Security. Thanks, TheTechnologyblog.net for image.

Author: Gaurav Maniar – MCITP – Windows Server Specialist
Window Hosting Security, Exchange Messaging System, Server Security Audit, Domain (ADS) Infrastructure, ISA Security,  IIS Security, Web Hosting Security, Hosted Email Security

PR: wait… I: wait… L: wait… LD: wait… I: wait… wait… Rank: wait… Traffic: wait… Price: wait… I: wait… Top: wait… I: wait… L: wait… C: wait…

Hosted Security Solution is great field to enhance and dig further. It is good to see that there are many providers in this field. Major names like Google, Trend Micro, Websense are name a few.

As, I have already mentioned couple of provider name in my last post which provides Anti Spam, Anti Virus and Anti Phishing services as a  Hosted Security Solution.  I am here with providing couple of more provide list.

Microsoft :- World’s leading Operating System selling company. Hold many crown in it head. MS Exchange is in market for Enterprise Class users. It works great in many environment. MS has acquired Exchange Security company couple of  years back and now enhance their present in security as well. Though, I am not happy how Hotmail Spam Filter works  { Most of my important emails goes to spam 🙂 } but still MS is good player in this line of segment. You can get more information for Microsoft ForeFront at following URL:

http://bit.ly/ForeFront

Symante MessageLabs :-  Symantec one of the known name in Desktop and Enterprise Security market.  Symantec is providing Hosted Security Solution under Brand name MessageLabs which they acquired in Symantec in 2008 by Symantec.  You can get more information for Symantec MessageLabs Hosted Email Security Solution at following URL:

http://bit.ly/MessageLabs

McAfee Hosted :- McAfee is providing  hosted Email Security for enterprises. They are providing Anti Spam, Anti Virus and Anti phishing solution using security  as a services. You can get more information for McAfee  Hosted Email Security Solution at following URL:

http://bit.ly/McAfeeEmailSec

I have provided list of all Hosted Email Security Solution providers for Enterprise only. I will bring list of hosted email security solution provider for small and medium business. Which suits small business and medium business owners.

Author: Gaurav Maniar – MCITP – Windows Server Specialist
Window Hosting Security, Exchange Messaging System, Server Security Audit, Domain (ADS) Infrastructure

PR: wait… I: wait… L: wait… LD: wait… I: wait… wait… Rank: wait… Traffic: wait… Price: wait… I: wait… Top: wait… I: wait… L: wait… C: wait…

Hosted Email Security Solution, Spam and Virus are nowadays common words for person using internet. There are many kind of spam as well as viruses To understand Hosted Email Security Solution lets understand what is Spam?

I have gone through many articles as well as blog to get depth idea about spam. Wikipedia has following definition of general spam:

“Spam is the abuse of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social networking spam, television advertising and file sharing network spam.

Spamming remains economically viable because advertisers have no operating costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for their mass mailings. Because the barrier to entry is so low, spammers are numerous, and the volume of unsolicited mail has become very high. The costs, such as lost productivity and fraud, are borne by the public and by Internet service providers, which have been forced to add extra capacity to cope with the deluge. Spamming is universally reviled, and has been the subject of legislation in many jurisdictions.

People who create electronic spam are called spammers.”

For me spam is anything information which is unwanted, unreliable and keep me busy. Most obvious method of spamming is Email spamming. I used to get tones of email in my Inbox while I started using Email (Now, I am using Gmail which is one of finest spam filter I know).

Another Kind of Spamming is IM Spamming. Yahoo still dealing with this. I used to get tons of spam messages in yahoo messenger as I used to go to Yahoo chat room a lot and people get your ID and start sending you weird X Rated messages and many more, some time it has viruses as well.

As we are enhancing our information sharing level to next like Twitter, Facebook, Orkut and many more we used to get unwanted and sometimes harmful information from many.

Hosted Email Security Solution which includes Anti Virus and Anti Spam engines which prevent you to any virus or spyware attack as well as keep your inbox clean from spammers. There are many Hosted Email Security Solution providers. Couple of them are as following:

Google Postini :- One of the Finest Hosted Email Security Solution. Gmail use this. Google is providing this solution with their Google Apps Solution. If you want your own server to handle your emails you can ask Google to handle your email Security which included Anti Spam and Anti Virus security. You can get more information for Postini at following URL:

http://j.mp/gpostini

WebSense :- This is Hosted Email Security Solution provider I heard a lot about. They are one of the finest Web Security product company I have gone through. Though, unfortunately I never got chance to work on their product. They are one of finest Anti Spam and Anti Virus solution provider. You can get more information for WebSense Hosted Email Security Solution at following URL:

http://j.mp/websensehes

Trend Micro :- This is one of the good computer and internet security company. I used to work on their products for MS Exchange and Other Microsoft Product Solution we provided in Past and I was happy with their Anti Spam and Anti Virus solution.  Hosted Email Solution Provided by Trend Micro has good potential. You can get more information for Trend Micro Hosted Email Security Solution at following URL:

http://j.mp/TMHESecurity

I will cover more Hosted Email Security Solution Providers and their features in up coming blog. Till then you may directly ask me for server security tips.

Author: Gaurav Maniar – MCITP – Windows Server Specialist
Window Hosting Security, Exchange Messaging System, Server Security Audit, Domain (ADS) Infrastructure

PR: wait… I: wait… L: wait… LD: wait… I: wait… wait… Rank: wait… Traffic: wait… Price: wait… I: wait… Top: wait… I: wait… L: wait… C: wait…

Hosted Security Solution is next step solution for many industries moving fast towards cloud computing environment.

Let’s learn how this move started and who started this. I will provide brief information about the same in next couple of days.

What is Hosted Security Solution?

Hosted Security Solution is Security Solution provided by Security solution provider companies like Trend Micro, Check point, Symantec etc. They provide solution at own hardware and own location out of your premises and managed by them. Cost of Ownership has significantly reduce due to no hardware or software maintenance required at client end.

Started by Check Point company Software Security Ltd. in 2007. Though, hosted Spam Filters and Virus scanners are very old and provided by many solution providers since long time. MessageLabs are one of the good example for the same.

Hosted Security Solution is great move which is later joined by Security Industry leaders like, Trend-Micro, Symantec,  Check point, McAffee and many more.

What Includes in Hosted Security Solution?

1. Spam and Anti Virus Security for emails
2. Business Security Hosted for Desktops, laptops and mobile users
3. Secure Site solution to manage security of your website.

Thanks to Trend Micro Solution for image. There will be more about Hosted Security Solution.

Author: Gaurav Maniar – MCITP – Windows Server Specialist
Window Hosting Security, Exchange Messaging System, Server Security Audit, Domain (ADS) Infrastructure

What is PCI Compliance and why it matters for online merchants?

Visa, Master Card, JCB, Amex and other major CC (Credit Card) issuers introduced security standard called PCI (Payment Card Industry) standards to secure personal information and ensure security when online payments are processed using payment cards. If you are accepting credit cards payments online, you must comply with these PCI standards. If you electronically store card holder data post authorization or if your processing systems have any internet connectivity, then a quarterly scan by a PCI SSC Approved Scanning Vendor (ASV) is required. You may gain competitive advantage by reassuring customers that you are authorized to accept credit cards by placing a high visibility trust indicator on your website

It’s a set of 12 specific requirements that cover six different goals. It’s very prescriptive. It says not only that you need to be secure but it tells you how to become secure. It’s more about security than compliance. The goals are things like build and maintain a secure network, protect card holder data and regularly monitor and test the networks. That’s the main standard. We manage three different standards. The first one covers everything from the physical security to logical security.

Failure to meet compliance standards can result in fines from credit card companies and banks. The payment brands may, at their discretion, fine an acquiring bank $5,000 to $100,000 per month for PCI compliance violations. The banks will most likely pass this fine on downstream till it eventually hits the merchant. Furthermore, the bank will also most likely either terminate your relationship or increase transaction fees. Penalties are not openly discussed nor widely publicized, but they can catastrophic to a small business. It is important to be familiar with your merchant account agreement, which should outline your exposure.

I have already installed SSL certificate. Am I PCI compliant if I have an SSL certificate?

No. SSL certificates do not secure a Web server from malicious attacks or intrusions. High assurance SSL certificates provide the first tier of customer security and reassurance such as the below, but there are other steps to achieve PCI Compliance.

• A secure connection between the customer’s browser and the web server
• Validation that the Website operators are a legitimate, legally accountable organization

Soon I ‘ll let you know detailed information about PCI standards. Till then you may directly ask me for server security tips.

Author: Gaurav Maniar – MCITP – Windows Server Specialist
Window Hosting Security, Exchange Messaging System, Server Security Audit, Domain (ADS) Infrastructure