15.4 C
London
Thursday, August 24, 2017
Home Events Information Security Europe

Information Security Europe

Infosecurity Europe provides free access to an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise Master complexity and gain the foresight you need to safeguard your business at Infosecurity Europe 2014. Demonstrate clear thought leadership to ensure security is high on the corporate agenda Achieve visibility of your mobile workers, cloud providers and web of third party suppliers Clearly navigate and understand increasingly complex legislation Deliver security to drive and enable clear business growth

VASCO Data Security at Infosec Europe 2014

Jan Valcke, President & COO, Vasco Data Security tells us why authentication is important in today's marketplace and how Thales benefits his business.

Infosec 2014: EU cybercrime head blames TOR for making it difficult...

Troels Oerting, the head of the European Cybercrime Centre (EC3), has blamed the "darknet" for making it difficult to catch cyber-criminals in his keynote speech to Infosecurity Europe in London. Furthermore, he added, the revelations of former US Nat...

Infosecurity Europe 2014: Businesses should prepare for Google Glass, say security...

Enterprises should prepare for the introduction of Google Glass within the business, according to the heads of security at insurance firm AXA and the Home Retail Group. Lee Barney, head of information security at the Home Retail Group, the parent comp...

Verisec at Infosecurity Europe 2014

Anders Henrikson, SVP Global Sales, Verisec stopped by the Thales stand to talk to us about cloud requirement trends.

Day 1 Highlights from Infosecurity Europe 2014

Day 1 from #infosec14 - Security as a Business Enabler

Thales at InfoSecurity 2014

A quick look at the Thales stand and the wider exhibition at Earl's Court.

Infosec 2014: Datacentre security key to cloud security, says Google

The security challenges of the cloud are fundamentally the same as those of any in-house datacentre, says Peter Dickman, engineering manager at Google. This means securing data in both can be tackled in the same way, he told attendees of Infosecurity Europe 2014 in London.  “It is a question of adding as many layers of controls as possible without impairing usability,” said Dickman, which is the approach Google uses to continually evolve and improve security. Although cloud computing is at an unprecedented scale, he said there are really no new security challenges in the cloud. “Security is still about balancing controls with usability and, while it is not necessarily easy, it is also not impossible to achieve,” said Dickman. Security professionals know there is no such thing as perfect security, but he said there are many things that can be done to ensure data in the cloud is as secure as possible. Google, like most other cloud service providers, has had the advantage of building infrastructure with scalability and security in mind from the start. “We recognised that devices could be compromised, some applications could be malicious and that we could not assume that users were security savvy, so we planned accordingly,” said Dickman. First, this means that the computers in cloud datacentres are largely homogenous, making it quick and easy for service providers to update application software and security controls whenever needed. “This homogeneity enables us to treat each datacentre like a single computer, which makes it easier to do security and get it right,” said Dickman. Google uses a single, custom-built and security-hardened Linux-based software stack for all its servers in a single datacentre. The servers are designed so they do not include unnecessary hardware or software to reduce the number of potential vulnerabilities. This is important for cloud service providers, he said, as their business relies on preserving the trust placed in them as stewards of data belonging to hundreds of millions of users. Although cloud computing tends to raise concerns about data security, Dickman said this approach was developed in response to the demand for access to data everywhere. “People attempted to achieve this by making copies of data on portable media and mobile devices, but that was a security risk, and cloud computing essentially meets the need without the risk,” he said. The next step, said Dickman, is to ensure physical security at the cloud datacentres, using multiple layers of access control technologies and processes. “It is also important to build devices against possible malicious insiders, which is why our security teams build systems to check each other,” he said. Also within the datacentre, Dickman said it is important to follow the principles of isolation, segregation and sandboxing, and deploy encryption wherever, and whenever possible. “Encryption is no panacea, but it is worth the cost and Google is continually working to ensure our encryption algorithms are as fast and as secure as possible,” he said. Unfortunately, many organisations still fail to keep things separate, said Dickman. “This is not rocket science, just tricky engineering,” he said. Availability is another important component of security he said, but because cloud service providers take security seriously, they tend to build their datacentres to be fault tolerant. “We test our fault tolerance by turning things off, which should work if systems have been designed and implemented correctly,” said Dickman. Google has robust disaster recovery measures in place due to its ability to shift data access to other datacentres in various parts of the world, selected for their relatively high political stability. Google does not store each user's data on a single machine or set of machines. Instead, the company distributes all data, including its own, across many computers in different locations. The data is then split into chunks and replicated over multiple systems to avoid a single point of failure, and the data chunks are given random computer-readable only names as an extra measure of security. Google also rigorously tracks the location and status of each hard disk in its datacentres, and it destroys hard disks that have reached the end of their lives in a thorough, multi-step process. “No one knows yet how to build perfect security, but Google is continually working to make it better,” said Dickman. All companies are faced with the security challenge of finding the correct balance between what is needed and what can be afforded, he said. But Google, like most other cloud service providers, argues that because of the economies of scale, it is able to build and maintain security to a higher level than most companies could achieve on-premise. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK

Interview with Peter Gibbons, Head of Information Security, Network Rail

Interview with Peter Gibbons, Head of Information Security, Network Rail, panellist in the Keynote Theatre at Infosecurity Europe 2013. Peter shares some of the...

Eleanor Dallaway of Infosecurity Magazine discusses Day 1 of Infosecurity Europe...

Eleanor Dallaway, Editor & Associate Publisher Infosecurity Magazine discusses her highlights & thoughts from Day 1 at Infosecurity Europe

Infosec 2014: Europe has “completely failed” at producing web companies so...

Europe has "completely failed in producing alternatives or competing services" to large US web firms, and so cannot complain about US government snooping on European business data stored in US clouds, F-Secure's chief research officer, Mikko Hypponen,...

Infosec 2014 welcomes Moscow

Various companies from Moscow are here again this year. This is one really great aspect of Infosec, in that there are companies from all over...