Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
In my last article on operating system infection rates I discussed the malware infection rate trends for operating systems and service packs. Many customers ask me about this data because it helps them understand how specific platforms are performing with regard to mitigating attacks over time. The long term trend indicates that newer operating systems and service packs have lower malware infection rates than older software.
The security professionals I talk to are also interested in learning about the specific families of threats that are detected most often on the platform(s) they operate in their environment. This data helps customers defend against the most common attacks on the specific platform(s) they use in their environment. This is especially true given that exploit activity has been so high over the past year.
For many years attackers have used rogue security software, also known as fake antivirus software or “scareware”, to fool computer users into installing malware and/or divulge confidential information. These programs typically mimic the general look and feel of legitimate security software programs and claim to detect a large number of nonexistent threats while urging users to pay for the “full version” of the software to remove the threats. Attackers typically install rogue security software programs through exploits or other malware, or use social engineering to trick users into believing the programs are legitimate and useful. Some versions emulate the appearance of the Windows Security Center or unlawfully use trademarks and icons to misrepresent themselves (some examples of this below).
As I’ve written previously, three key objectives of information security are to maintain the confidentiality, integrity and availability of an organization’s information. With many organizations adopting cloud services, more and more of the security professionals I have been talking to lately have been interested in topics related to reliability and availability.
Reliability is ultimately about customer satisfaction, which means that managing reliability is a more nuanced challenge than simply measuring uptime. For example, customer satisfaction will be low for a service that never goes down, but that is really slow or difficult to use.At a high level, each cloud session consists of a cloud consumer using a computing device to connect to a cloud-based service that is hosted by an internal or external cloud provider. When planning for a highly available cloud service, it’s important to consider the expectations and responsibilities of each of these parties. In planning, organizations need to acknowledge the real-world limitations of technology, and recognize that failures can and will occur. They can then use good design to isolate and repair service failures quickly to avoid or minimize impact of the service’s availability to users.