Das Axon 10 Pro von ZTE soll auch in Deutschland als 5G-Version in den Handel kommen und 900 Euro kosten. Die 4G-Version liegt mit 600 Euro auf einem überraschend niedrigen Preisniveau, wenn man die Hardwareausstattung betrachtet. (ZTE, Smartphone)
Quelle: Golem
Der US-Webhoster A2 hat seit etlichen Tagen ein Problem: Ransomware verbreitet sich bei Kunden. Diese sind verärgert – über den Vorfall und die fehlende Kommunikation der Entwickler. Betroffen sind anscheinend nur Windows-Server. (Ransomware, Virus)
Quelle: Golem
Hat Tesla eine Mitschuld an einem tödlichen Unfall mit einem Model X in Kalifornien? Die Familie des Unfallopfers wirft dem Elektroautohersteller vor, ein fehlerhaftes Produkt verkauft zu haben. (Tesla Model X, Technologie)
Quelle: Golem
Hybrid cloud environments give companies the best of both worlds. They offer the elasticity and operational expenditure of public clouds with the data sovereignty, security and control found in a private cloud environment. By combining the two, companies can allocate workloads to the environment that makes the most sense for them.
As organizations build these environments, hybrid cloud security is crucial. According to Cybersecurity Insiders’ “2018 Cloud Security Report”, nine out of 10 cybersecurity professionals say they are concerned about cloud security. This is up 11 points from last year’s survey.
Securing these environments can be time consuming, but luckily, you don’t have to start from scratch. Adhering to these seven key pillars for a hybrid cloud security strategy will make sure you get great results with less stress.
1. Approach hybrid cloud security as a shared responsibility.
Companies should approach hybrid cloud security as a joint endeavor with their cloud service provider. Assuming the cloud partner will take care of everything once the data leaves the on-premises systems is a recipe for oversights and errors. Even with the best-equipped hybrid cloud provider out there, maintaining security still requires a proactive mindset.
For example, administrative staff could accidentally expose sensitive records through a simple misconfiguration of a public cloud environment. According to GCN, misconfigured data buckets left the voter information of hundreds of thousands of individuals exposed in 2018.
Without proper security efforts, one misstep can jeopardize a company’s reputation and consumer trust.
2. Standardize processes.
Companies that use different processes for public and private cloud environments, or that fail to implement processes, risk introducing disparities that could lead to manual errors and potential security loopholes. These processes will likely be unique to an organization’s needs, but some general best practices apply.
For example, an organization could ensure that administrators follow the same security procedures in a public cloud environment as they do with on-premises systems and check that public cloud assets are properly password protected. For example, developers may leave database administrative accounts with default settings in an on-premises development environment, but forget to change the credential settings when they take the databases live in the cloud. This oversight can lead to some serious data breaches.
Formalizing processes to manage assets, such as databases, as they pass between on-premises and cloud-based environments will help organizations avoid problems like the large-scale exposure of sensitive customer records in cloud-based systems.
3. Configure secure tools and processes for the cloud.
Companies can reduce the likelihood of human error and inconsistent administrative approaches by codifying these secure processes into automated workflows. In the case of software development and deployment, a common use case in hybrid cloud environments, secure DevOps (DevSecOps) practices can be a game changer.
Secure DevOps enables security professionals to build automatic gating checks into software development, forcing code through a series of tests that it must pass before being deployed. Automated tools can also securely manage the provisioning and teardown of virtual development and deployment infrastructure so that stray virtual machines and storage buckets don’t become a security liability.
4. Verify everything everywhere.
Hybrid cloud computing environments tend to blast through traditional network perimeters, as companies distribute workloads across different infrastructures and locations. This means conventional, perimeter-based protections no longer work. Instead, protect access to each virtual asset and data resource. Adopt a “never trust, always verify” approach to all computing resources across both infrastructures.
5. Manage access across hybrid environments.
A uniform identity and access management (IAM) framework can help protect assets in hybrid environments. Security teams might use various approaches to extend IAM across the entire environment, depending on their public and private infrastructures, including unified directories and SAML-based identity federations.
Ensure that this framework mirrors the concept of least-privilege access across both private and public clouds so that employees, contractors and other users only have access to the resources they absolutely need.
6. Ensure visibility and ownership.
One danger in dealing with two different environments is that it can be difficult to get a comprehensive view of what’s happening across the entire infrastructure. Explore using a management system that can aggregate monitoring and asset management across both private and public clouds.
Ideally, administrators should be able to see both from a single dashboard. Security teams should also ensure that all assets and data across both environments have defined ownership. An individual or team should be responsible for them so that nothing falls through the cracks.
7. Protect data.
Data protection includes not only encryption, which should be standard in any hybrid IT environment, but also other techniques as well. These might be pseudo-normalization or tokens stored in public cloud databases that refer to sensitive data stored in on-premises systems.
Before beginning your organization’s hybrid cloud journey, think carefully about your long-term approach and what you will expect from your hybrid cloud environment in the years to come. By considering these seven pillars of hybrid cloud security, you can help your organization transition smoothly between on-premises and cloud environments.
Learn more by signing up to receive The IT leaders guide to the next generation cloud operating model, where you can learn how to perfect your journey to cloud.
The post 7 pillars of a strong hybrid cloud security strategy appeared first on Cloud computing news.
Quelle: Thoughts on Cloud
Dresden wird über die Deutsche Funkturm allen Mobilfunkanbietern städtische Flächen als 5G-Standorte zur Verfügung stellen. Dabei geht es hauptsächlich um Small Cells. (5G, Telekom)
Quelle: Golem
Das für Linux-Laptops und sein Linux-Smartphone-Projekt bekannte Unternehmen Purism startet Librem One, ein Bündel sicherer Bezahldienste bestehend aus Chats, Social Media, Mail und VPN, und muss gleich am ersten Tag eine Sicherheitslücke im Chat beheben. (Purism, XMPP)
Quelle: Golem
Das lang erwartete Schieß- und-Plünderspiel Borderlands 3 erscheint im September. Jetzt hat Entwickler Gearbox eine knappe Stunde aus dem Spiel präsentiert. Zu sehen waren neue Fertigkeiten, Waffen und Welten. (Borderlands, Gearbox)
Quelle: Golem
Wenn sich Deutschland nicht beeilt, erhöht Südkorea bei 5G weiter den Abstand in der Führung. Alle drei Netzbetreiber dort haben schon eine große Anzahl von Sites aufgestellt. (5G, Huawei)
Quelle: Golem
Amazon wird oft kritisiert wegen seiner Bemühungen, den Versand zu automatisieren. Bis die Technik so weit sei, dass alle Arbeiten von Robotern übernommen werden könnten, dauere es aber noch mindestens ein Jahrzehnt, sagt Amazon. (Amazon, Roboter)
Quelle: Golem
Zync Render, part of Google Cloud Platform (GCP), is our cloud-hosted rendering platform that helps visual effects and animation studios realize their creative vision. Zync Render has helped render everything from major Hollywood feature films and TV advertising to brand design.As it’s our mission to continue to enable the users behind these projects to create visually stunning content, we’ve spent the last several months optimizing our core engineering infrastructure. We’re excited to launch Zync version 2.0 on GCP. This consists of a complete Google-native rewrite of the application, providing benefits such as faster job start-up time, increased compute scalability, and several other new features that users have identified as critical to workflows.Zync also now offers up to 48,000 CPU rendering cores, allowing even the largest jobs to compute quickly and efficiently. Additionally, we’ve implemented the ability to set usage quotas on a per-site, per-project and per-user basis, giving more control to larger organizations with multiple locations and artists. Here’s a look at Zync user quotas:Zync has taken advantage of the multitude of GPU offerings available on GCP. These offerings work with some of the leading software vendors of GPU rendering technology so users can render using more high-performing cloud resources for better performance than what they could typically achieve on-premises.Additional Zync updates include supporting Chaos Group’s V-Ray for Maxon Cinema 4D, one of the most popular renderers on the Maxon platform, and reducing the price for all our V-Ray supported offerings by up to 37 percent for more cost-effective project rendering on GCP.Learn more about Zync Render here. To try cloud rendering on GCP, sign up for a free trial.
Quelle: Google Cloud Platform
