Three Main Considerations For Cloud Network Testing

Cloud computing – it’s everywhere these days. Based on the hype of this computing system, it would make sense to assume you should move to the cloud as well, no? Not before you understand the pros and cons of cloud computing first!

There are many benefits of cloud computing for businesses. Moving servers and storage to the cloud proves us with simplified management and administration, ever-present access, and even enables more efficient business operations while cutting costs!

Yes, it certainly sounds idealistic. However, moving to the cloud has one pitfall that should be considered fully when moving servers or storage.

Why Should You Think Before You Leap with Cloud Computing?

Storing data on the internet (which is done in cloud computing) increases risk of exposure. Cloud computing also requires businesses to trust third party managed service vendors when it comes to providing security and privacy of data over the cloud. Yes, you can hire a dedicated penetration testing service provider to carry out all vulnerability assessment and testing as well.

If you think switching to the cloud is one-step forward to success of your business and increased productivity, take care of these considerations:

1.     Performance

You might not have any control over the applications running on the cloud, as they in turn run on hardware. Ensuring performance and required scalability is therefore extremely important!

This can be done by testing performance of applications that you will be using in production, in a cloud environment first. Running load tests on applications that share the same resources (under your control) is another way to see if applications affect each other or not.

Doing the above can prove costly, hence identify under load breakpoint and monitor to see how close you are. This will help make up the budget for your infrastructure needs. 

2.     Security

You will have to address access control issues and data privacy when allocating resources and infrastructure to your cloud network. Ask these questions:

o   Is sensitive data being encrypted at the time of storage?

o   Are access control mechanisms embedded for all possible situations (at at all levels)?

The same questions need to be considered when moving your applications to a private cloud network.

3.      Third-Party Dependencies

Cloud applications provide most of their functionality by consuming external APIs and services. Proper cloud networking testing and monitoring should be conducted before any kind of implementation.

Want to know why your cloud network and applications aren’t working as they should? Contact Lean Security for cloud infrastructure and web application penetration testing today.


Cyber-scammers Confess: Every Trick in the Book That Hurts Our Internet Security (Part 2)

Cyber-scammers and hackers are the ones equipped with the ability to bring about a downfall to online shopping as we have come to know it. Retailers and other businesses that depend on secure internet network battle it out by bringing in help from Lean Security, the number one professional managed security service provider in Australia. This blog is a follow-up of our  Cyber-scammers Confess: Every Trick in the Book That Hurts Our Internet Security (Part 1). Take a look at what these cyber scammers have up their sleeves, and how you can outsmart them at their own game! 

Trick #1: We Lure You with “Shocking” Videos on Facebook

Interesting videos and other content tends to circulate on social media, posted and shared by millions of people. You may have come across videos posted by friends on Facebook with words like ‘shocking’, ‘incredible’, and ‘must see’ etc, strategically titled so as to grab your attention. Such video links, when clicked, ask you to take a survey or download a media player that, in reality, will install malware on the computer.

How to Outsmart Them: To see whether the video is legitimate and on YouTube, type the title (of the video) on Google. It’ll be already reported if the video is actually a scam.

Trick #2: We Can Break Into Routers That Use WEP Encryption

In fact, scammers and computer hackers do this very easily! How do they do this? There’re many old modelled routers that still rely on Wired Equivalent Privacy (WEP) encryption which, when compared to the newer routers, is much easier to crack. This is done with the help of a software program that’s widely available and can be downloaded by anyone.  

How to Outsmart Them: Make sure to use the most secure type of encryption for your router, which is WPA2 (WIFI Protected Access 2) or WPA. If your router doesn’t provide either one of the encryptions, give a call to its manufacturer or managed security service provider and see what needs to be done. Always remember to change the Wi-Fi password of a new router from its preset settings. 

Trick #3: We Impersonate Trustworthy Companies

Cyber-scammers and hackers are often masters of disguise, fooling users into believing something that isn’t true. They may send a fake financial warning your way from the bank or credit card company you have your accounts in; or may send an order confirmation from a well known retailer; or perhaps a social networking invitation from someone in your network etc.  

How to Outsmart Them: Internet users forget that most companies will never ask you outright for account or other financial information. This type of scam can almost always be spotted if you hover the mouse over address in the ‘From’ field or simply by clicking on the ‘Reply All’ button. If the message is indeed a scam, you’ll notice a lot of misspellings or strange email addresses. Another helpful tip is to call the company (not on the number given in the email!) when in doubt.

The security experts at Lean Security always emphasize on taking caution when surfing the net, conducting an online transaction from the bank, or making a purchase from an online store. The same goes for businesses that must also employ security measures like web application testing and scanning, amongst others from Lean Security.