Welcome!

Every Cloud Needs a Silver Lining

Gilad Parann-Nissany

Subscribe to Gilad Parann-Nissany: eMailAlertsEmail Alerts
Get Gilad Parann-Nissany via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Gilad Parann-Nissany

We often get requests for best practices related to relational database security in the context of cloud computing. People want to install their database of choice, whether it be Oracle, MySQL, MS SQL, or IBM DB2… This is a complex question but it can be broken down by asking “what’s new in the cloud?” Many techniques that have existed for ages remain important, so let’s briefly review database security in general. Database Security in Context A database usually does not stand alone; it needs to be regarded in the light of the environment it inhabits. From the security perspective, it pays to stop and think about: Application security. The application which uses the database (“sits atop” the DB) is itself open to various attacks. Securing the application will close major attack vectors to the data, such as SQL injection Physical security. In the cloud context, it mea... (more)

Cloud Computing Sells Itself: the View from Netflix

The CloudScaling blog scores something of a coup with its interview of Netflix’ Cloud Architect, Adrian Cockcroft. As everyone should know, NetFlix moved its core business application to Amazon Web Services, including “encoding movies for streaming, log analysis, production web site and API, most everything that scales with customers and streaming usage”. This Porticor blog has always avoided the debate about public vs. private clouds. Our attitude is simple: we don’t sell cloud, Cloud Computing sells itself. Netflix’ story is a case in point. The numbers quoted mean that a lot o... (more)

Encrypted Database in the Cloud: Practical Considerations

Recently, in our post on Database security in the cloud, we reviewed the threats against database installations in the cloud and best practices for protecting your data. A number of customers have asked us follow-on questions: Which database brands are open and tested with these techniques? What are the most significant gotchas? What performance, scalability and fail-safe characteristics can they expect when securing their database in the cloud? We have found that all the major relational database brands (MySQL, Oracle, Microsoft SQL Server, and IBM DB2, among others) can work wel... (more)

Encrypting Data Held in the Cloud

More and more enterprises now rent space or servers on the cloud to store data. However, the fact that such data remains outside the ambit of the enterprise’s security system and invisible to the enterprise poses a serious security headache. Porticor Virtual Private Data, an Israeli based start-up now offers technology that allows organizations to encrypt data held in the cloud. The service, which includes a Virtual Appliance and an agent software, offers standard AES 256 or Blowfish encryption that has a maximum key length of 2048 bits. A unique “split-key” method adds to the sec... (more)

Seven Hot Security Companies to Watch

There’s a rush in security startups looking to tackle everything from identity management to encrypting cloud data. Here are some of the latest companies worth keeping an eye on. OneID Headquarters: San Jose, Calif. Founded: March 2011 Funding: Not disclosed Leader: Steve Kirsch, co-founder and CEO Fun fact: Kirsch is a wealthy serial entrepreneur whose lineup of startups have included Mouse Systems, Frame Technology, Infoseek and other firms. Why we’re following it: This week Kirsch is launching OneID for what he calls the “next-generation PayPal” for digital identities. Kirsch ... (more)