Time-based access tools are a great way to give someone temporary access to your code or service. It’s like going on vacation and giving your neighbor the keys to your house; the only difference is the keys automatically stop working when you get back from your trip. There are several tools that developers can use if they want to grant access based on a time restriction.
In May, we began offering limited availability of the Brocade Vyatta vRouter. This network appliance allows us to provide you software-based networking and securityfeatures, such as virtual private network (VPN), firewall, network address translation (NAT) and routing capabilities in the next generation open cloud. Until today, all Cloud Account customers who were interested in using the vRouter had to apply for access to this software appliance. Today, we are removing this limitation and offering unlimited availability of the vRouter to all of our Cloud Account customers.
Meeting Payment Card Industry Data Security Standards (PCI-DSS) can be a complex and costly exercise for the average ecommerce merchant. What’s challenging is that there’s no one-size-fits-all approach to achieving and maintaining PCI compliance.
No one sees the need for insurance when life is going well. In fact, we often complain about paying monthly premiums on something that we’ll “never need anyway.” But once that car wreck, house fire or flood happens, we’re thankful we have the policy. Many startups view security in the same light as flood or fire insurance; it doesn’t get the same love that building an application or growing the company gets. But every day that startup founders neglect security is another day they’re exposing themselves to serious risk.
What can safe crackers and hamburgers teach us about preventing password security breaches? And what’s the difference between encryption and hashing anyway? Salting? Bcrypt? We all know that password security is very important; the fear of a password security breach keeps developers up at night, and if it happens at the wrong time it can shatter users’ confidence in your software or stunt your application’s growth. There are a lot of different ways to protect passwords, so how do we know which one to choose?
There are many options when trying to assess the security posture of your application and its hosting environment. Some choose to start from the top of the stack down and look at the application directly, while others might look at the supporting infrastructure first, including the network itself, the firewall rules, running services, and web server configurations. Regardless of the approach, enterprises must protect the integrity of their application and data by proactively identifying potential attack vectors or vulnerabilities. Certain regulation and standards even require periodic vulnerability assessments.
One of the common questions we hear from customers who are moving to the cloud is about security. Many times customers believe that security is something they have to take on by themselves or something that is automatically taken care of by a cloud provider.
This is a guest post written and contributed by Elad Yoran, CEO of Vaultive, a Rackspace Cloud Tools partner. Vaultive provides cloud data encryption solutions designed to maintain the control, security and compliance of data processed by cloud-based services.
We know that the public internet can be a scary place for servers. Log files of servers attached to public addresses show regular port scans and URL snooping and are a constant reminder that your hosts are one misconfiguration away from catastrophe.