Connect with us


How to address cybersecurity when migrating to the cloud



Moxtra’s chief technology officer discusses cloud security and some of the main pitfalls that businesses should avoid.

Click here to view the full Cloud Week series.

Migrating to the cloud is far from a new concept. However, the last year has accelerated digital transformation across virtually every industry, dispersing much of the global workforce and decentralising much of the on-premise infrastructure we had been used to.

This has invigorated discussions around creating proper cloud strategies and solutions. However, it also comes at a time when cyberattacks are on the rise, taking advantage of the systems that were forced to go remote overnight, as well as much larger attacks. Most recently there was the major attacks on a major gas pipeline in the US and the massive cyberattack on Ireland’s Heath Service Executive (HSE).

With the adoption of cloud and the discussion of cybersecurity both reaching new levels, what do businesses need to think about in terms of protecting the information they move into the cloud?

“Businesses assume that every asset can be or should be protected against every possible threat. It is not realistic for businesses to cover every single asset with ultimate security,” said Stanley Huang, co-founder and CTO of cloud-based software company, Moxtra.

“The question that should be asked is ‘what do we want to protect?’ rather than ‘how can we protect everything?’ Companies need to prioritise their most essential assets and determine a strategy to protect them, by defining not only what needs protection, but also what level of protection each asset will need.”

‘You cannot just buy security from a vendor’

Huang said when it comes to cloud security, there is often a disconnect between a business recognising security needs and receiving strategic, well-planned security coverage.

“This stems from the issue of many businesses only focusing on the technical aspects when implementing cloud security,” he said.

“For example, what kind of cloud computing service are we using, what is good about it, what is not good, what technology does it use, how well does it work for users? While this is all important to understand, these considerations should come after you determine how security fits into the bigger picture.”

He said that many businesses often bypass the step of scoping a security strategy before implementing cloud technology, but this step is vital when it comes to mitigating risk while migrating to the cloud.

Advice for ensuring good cloud security

Huang suggested that businesses identify or hire a security task force owner internally, who is responsible for defining the security strategy at the company level.

“This person must be a good organiser with a technical background but does not necessarily need to be a security expert. In addition, a third-party consulting service with security expertise can work with the internal organiser to define a specific security strategy for your business,” he said.

Support Silicon Republic

“You must be realistic about whether the execution is doable and cost-efficient. Going through this in the early stage and then defining the scope is best for small businesses, as they do not have expertise to do everything. As a business owner, you must understand how your business operates, and then collaborate with the help of other parties to discuss what asset and how secure it is to create an overall map about how your business should use the cloud service.”

A man with glasses wearing a light blue shirt smiles at the camera.

Stanley Huang. Image: Moxtra

Aside from thinking they can protect everything to the highest possible level, Huang said another common mistake companies make is thinking that they can buy company-level cloud computing security from each of their cloud service vendors.

“You cannot just buy security from a vendor. While the vendor can provide the security solution, as a business owner, you need to think differently about how to leverage that solution and make the best decision for your business.”

In practice, this means a cloud vendor can provide a certain security solution such as multifactor authentication, ensuring that the people who are logging in are who they claim to be through various verification methods.

However, it is up to the company itself to ensure that employees who leave no longer have access to these data repositories.

“The vendor has done its job by making sure the employee’s email and password matches and requiring sign-on, but the business owner needs to ensure that employees verify employment status through a centralised system, and that only current employees have access to company data,” he said.

Another misconception Huang warned against is the idea that a businesses can simply leverage a third-party security consultant company to provide them with a secure cloud computing environment.

“As I discussed earlier, a business cannot just purchase a technical solution and expect it to protect its data. Businesses need to define the scope of their security plan and prioritise levels of security. Only after this is done should businesses be investing in third-party consulting and purchasing security solutions.”

Education is key

When it comes to cybersecurity, cloud-based or otherwise, CIOs and CTOs alike cite education of staff as a key component of protecting data.

Time and time again, infosec experts and IT surveys have highlighted human error as a major risk when it comes to cyberattacks. But it’s one thing to simply say workers need to be better educated about cybersecurity and another to suggest how to go about it.

“I believe that collaborating with experts is the most effective way to advance the education of your staff. By splitting up responsibilities and educating people with a different focus based on their role, employees are able to build a whole vision of a security map when they collaborate,” said Huang.

“I believe the most critical part of education is working in collaboration with other parties to determine the target of the desired cloud computing security, and then defining the strategy and executing it properly. This is more of a high-level sort of education, but without this, not much else matters.”

Source link


Bitcoin price back above $40,000 after Elon Musk comments | Bitcoin



The price of bitcoin hit a three-week high on Monday, climbing back above $40,000 after Elon Musk said that Tesla would resume allowing transactions made in the digital currency once crypto mining becomes greener.

The electric car company’s latest change of direction on its acceptance of bitcoin once again highlighted the continuing ability of Tesla’s billionaire chief executive to influence the price of bitcoin and other cryptocurrencies.

“When there’s confirmation of reasonable (~50%) clean energy usage by miners with positive future trend, Tesla will resume allowing bitcoin transactions,” Musk said in a tweet on Sunday.

The price of one bitcoin climbed to a high of $41,033 (£29,063) on Monday before slipping back to $40,580, still up more than 12% from its price before Musk’s tweet.

Musk, one of the most high-profile proponents of cryptocurrencies, also said that Tesla sold about 10% of its holdings to confirm bitcoin could be liquidated easily without moving the market.

He announced in May that Tesla would no longer accept bitcoin for car purchases, citing long-brewing environmental concerns for a swift reversal in the company’s position on the cryptocurrency. In February, Tesla revealed it had bought $1.5bn of bitcoin and would accept it as a form of payment for cars. But the cryptocurrency’s production is at odds with the company’s mission toward a “zero-emission future”.

Bitcoin fell more than 10% after Musk’s tweet in May. He said that he believed cryptocurrency had a promising future but it could not be at great cost to the environment.

The energy used to produce bitcoin alone is equivalent to the annual carbon footprint of Argentina, according to the Cambridge Bitcoin Electricity Consumption Index, a tool from researchers at Cambridge University that measures the currency’s energy use.

Bitcoin mining – the process in which a bitcoin is awarded to a computer that solves a complex series of algorithms – is deeply energy-intensive. Because there is a finite number of bitcoins that can be mined – 21m – computers have to solve harder and harder algorithms in order to get bitcoin. The special equipment and intense processing power use a lot of electricity – as much as some entire countries.

The concerns over energy use aside, cryptocurrencies have split opinion among investors and financial regulators for other reasons, including the rollercoaster ride sparked by their frequent swings in price.

Despite bitcoin’s recent rise, it is still trading about a third lower than the record high of $63,000, which it reached in April. A year ago, bitcoin’s value was under $9,500.

Earlier in June, the Central American country of El Salvador became the first in the world to adopt bitcoin as legal tender, as part of its technology-loving president’s proposals to use the cryptocurrency to promote “financial inclusion”, investment and economic development.

However, others remain unconvinced, and cryptocurrencies remain controversial. Global regulators are sceptical, on account of their volatility and vulnerability to theft or hacking.

The Bank of England has previously warned that the rise of digital currencies could set off a flood of withdrawals from high-street banks, risking financial stability and the wider economy, and cautioned that investors risk losing their money.

Guardian business email sign-up

According to various measures, bitcoin is undervalued at current prices, said Alexandra Clark, a sales trader at the digital asset broker GlobalBlock, although she added: “Many analysts are still on the fence when it comes to determining whether the digital asset is ready to continue its uptrend.”

Tesla’s decision to sell 10% of its bitcoin holding “has brought about fresh accusations of pumping and dumping by Musk and reiterated the need for an investigation by the SEC [US Securities and Exchange Commission],” Clark said.

The US securities watchdog warned Tesla last year that Musk had twice violated a settlement requiring his tweets and material public communications to be preapproved by company lawyers, the Wall Street Journal reported at the start of June.

Source link

Continue Reading


Price-capped broadband on hold for New York State after judge rules telcos would ‘suffer unrecoverable losses’ • The Register



A new law due to come into force tomorrow that would force broadband providers in New York State to provide net access to low-income households for $15 a month has been put on hold.

A preliminary injunction [PDF] was granted by United States District Judge Denis R Hurley on Friday after a string of trade bodies – including the New York State Telecommunications Association and The Broadband Association – launched the action on behalf of their members.

The ruling notes that telcos and ISPs forced to impose the price caps would “suffer unrecoverable losses increasing with time” and that the “bulk of these losses will stem from lost income.”

“While a telecommunications giant like Verizon may be able to absorb such a loss, others may not: the Champlain Telephone Company, for example, estimates that nearly half [approximately 48 per cent] of [its] existing broadband customers will qualify for discounted rates,’ with each such customer ‘caus[ing] a monetary loss’,” it states.

The legal action also highlighted that not only would telcos lose revenue by offering cut-price access, they would also incur additional costs associated with increased spending on advertising.

In April, New York Governor Andrew Cuomo put his name to legislation that would force operators in the state to offer $15 a month high-speed internet to low-income families across the state.

The legislation also made it a legal requirement for operators to inform the authorities about their broadband products and prices, and how many had taken up the offers.

In all, it was estimated this change would impact seven million New Yorkers and some 2.7 million households.

At the time, Governor Cuomo said the need for remote access to work, education, and healthcare – which had been brought into sharp focus by the pandemic – had underlined the “need to make sure every household has access to affordable internet.”

“This program – the first of its kind in the nation – will ensure that no New Yorker will have to forego having reliable home internet service and no child’s education will have to suffer due to their economic situation,” he said.

US telcos in the crosshairs of the enforced price cap were quick to challenge the legislation, pointing out, among other things, a temporary $50-a-month discount being offered to households as part of a federal benefit.

In a 19-page lawsuit filed on 30 April, the industry lined up to say that they’re already doing their bit to help close the digital divide including offering cut-price tariffs to people on low incomes.

They also claim that New York is acting beyond its jurisdiction.

“In short, New York has overstepped its regulatory authority,” lawyers acting on behalf of the telcos said in their lawsuit.

Governor Cuomo hit back almost immediately and in a statement on the same day as the 30 April lawsuit said: “I knew giant telecom companies would be upset by our efforts to level the playing field, and right on cue, they’re pushing back. This is nothing more than a transparent attempt by billion-dollar corporations putting profit ahead of creating a more fair and just society.”

Fast-forward to this week and the decision to grant a temporary injunction halting the introduction of the $15-a-month broadband cap has left many wondering what happens next.

In a statement, US Telecom said: “The broadband industry is committed to working with state and federal policymakers on sustainable solutions that will serve the needs of all low-income Americans. While well-intended, the state’s law ignored the $50 monthly broadband discount Congress enacted, as well as the many commitments, programs and offerings that broadband providers have made for low-income consumers.” ®

Source link

Continue Reading


Sweden’s Vässla raises $11m for its e-bike rental service



The company is building a subscription service for its micromobility vehicle, which is a cross between a moped and a traditional e-bike.

Vässla, a Swedish micromobility start-up, has raised $11m in fresh funds to expand during the increasing demand for e-bikes.

The Stockholm-based company initially launched with e-mopeds and is now launching an e-bike with a club-like subscription model.

Vässla Club will target individuals, delivery drivers and businesses like hotels and holiday resorts with a subscription model to access its e-bikes with fleet management features built in for businesses.

The round of funding was led by Swedish investment firm Skabholmen Invest with eEquity contributing to the round.

The company is running trials in the Scandinavian market with further trials pencilled in for Berlin, Vienna, Hamburg and Madrid. It is also planning a UK launch once legislation around e-scooter and other electric micromobility vehicles has been introduced beyond the current trial stages across the country.

Support Silicon Republic

Vässla designed its bikes in-house and describes it as a midway point between a moped and an electric scooter. It has a maximum speed of 25km/hr and battery range of 40km.

The company was founded by chief executive Rickard Bröms over his frustration with commuting and a mission to reduce dependency on privately owned cars.

“The problem with electric pedal bikes is that your morning commute becomes a workout session – you arrive at work or at your important meeting sweaty and tired. It’s really no better than using packed trains or buses,” Bröms said.

The new iteration of its bike is lighter but capable of multiple trips a day, he added.

“The investment, which will help us launch Vässla Club, and expand into other territories, comes at a very exciting time and we are very much looking forward to seeing how the attitudes of the general public towards micromobility will change over the next few years.”

Wilhelm Pettersson, CEO of lead investor Skabholmen Invest, said that it invested in the company as it believes the “future of urban planning will exclude personal cars”.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!