Security providers bring cloud into focus

1 Mar 2012

Recent announcements from security vendors – including encrypted data sharing, mobile app scanning and website protection – show the industry moving to address customers’ cloud concerns, while also using the infrastructure to enhance their own offerings.

The latest version of Sophos’ SafeGuard Enterprise data protection tool is designed to encrypt critical data stored in public, private and hybrid cloud environments. The tool automatically encrypts files uploaded to the cloud from any managed endpoint, such as a laptop or smartphone.

Central keys give access to files for authorised users or groups, while keeping these files encrypted for everyone else, and all files remain encrypted even if copied or moved to another drive, network or device.

Qualys has announced a cloud-based website protection service, QualysGuard Web Application Firewall (WAF), which is aimed at protecting sites from threats including SQL injection (the attack vector that was used to bring down the PlayStation Network last year) and distributed denial of service attacks (prominent recent victims include the CIA, Nintendo, and the UK Serious Organised Crime Agency). The WAF market is becoming a crowded space, doubtless due to the high profile of attacks particularly in the past year.

This week saw CA launch its disaster recovery as a service, ARCserve D2D on Demand, that melds on-site data protection with cloud technology.

HP has also stepped into the fray with a new partner programme which it says is intended to help businesses move to secure cloud computing. The scheme lets cloud providers integrate a customer’s cloud-based applications and infrastructure using HP’s Security Intelligence and Risk Management platform.

Trend Micro is combining cloud with the other trend du jour, namely, mobile. Its Mobile App Reputation uses the cloud to identify, analyse and rate mobile apps for issues ranging from malware threats to risk of data theft and checks them out to see whether they gobble system resources, such as battery life, memory or bandwidth.

Google already provides a Bouncer Service which detects malware in the Android Market; Trend Micro claims its Mobile App Reputation differs by analysing additional mobile app attributes – not only malware but privacy – and also by working with third-party Android app stores.

“Google Bouncer Service is a great first step toward getting additional security control over the Google App Store so we applaud Google. But we still need to see security measures for all the other Android App stores,” commented Raimund Genes, CTO with Trend Micro.

The company, which has its EMEA headquarters in Cork, also announced that the service will be available to app store providers so they can scan and rate apps before posting them, and block any they suspect of being malicious.

Staying with mobile, Symantec will shortly release Norton 360 Everywhere. Based on the premise that the average household has multiple devices ranging from laptop PCs, Macs, Android phones and tablets, the tool is intended to secure all of that hardware from a single source.

Norton 360 Everywhere is due for launch in the spring, but no pricing details are available yet.

Gordon Smith was a contributor to Silicon Republic