Home / Taxonomy term

security

Deliver digital faster with Drupal – Part 2

In Deliver digital faster with Drupal Part 1, I showed you some of the many examples of successful sites built rapidly thanks to Drupal’s modularity. To stay ahead of your competition, you need to be nimble and agile; Drupal helps you do this with reusable, transferable digital experiences that can be customised to suit various niches even within a single business enterprise. All, of course, without paying additional license fees or mandated limits on developers, environments, or copies.

Rapidly Responding to Security Vulnerabilities

It’s an unfortunate fact of life on the web that security threats and vulnerabilities are exposed on a regular basis. We have to be ready for them at all times and at any cadence. Just two weeks ago, both the OpenSSL TLS MITM and Ubuntu Kernel vulnerabilities became public within hours of one another. At Acquia, our stance is that we’re ever vigilant and always ready for these situations.

Locking Down the Cloud: Countering Automated Attacks

At last year’s Cloud Security Alliance Congress, Philip Lieberman raised an issue that brought home to me why automation is now a must-have when it comes to security. Not just for cloud security, for all computer security.

Locking Down the Cloud: Dealing with Complexity

I love this illustration from a recent Netskope Cloud Report.

photo

The IT guy, standing in his dinghy, is estimating that he has 40-50 cloud apps running in his enterprise.

But check out that submerged iceberg: it’s more like 397! That’s nearly 10x the IT estimate.

Secure Acquia accounts with two-step verification and strong passwords

Today I’m proud to announce the general availability of three new authentication and access control security features for the Acquia Network. The following features will help ensure the security of your account and sites on Acquia Cloud by securing the sign-in process and enabling subscription-based access controls on the Acquia Network:

Locking Down the Cloud: Freeing the Cloud

When I started talking to cloud experts about automation and security, I thought that we’d spend most of our time discussing how automation reduces human error (and deliberate malfeasance). And how it frees up IT time for higher value activities.

It does both of those things, of course. But I also discovered a sub-theme that kept bubbling up in my conversations: by automating security, you give a power boost to one of the most appealing features of cloud hosting: rapid elasticity and scalability.

Protecting Enterprise Drupal Users Against Heartbleed

On the afternoon of Monday, April 7 2014, the Heartbleed bug was made public and demonstrated that the majority of encrypted traffic on the Internet was vulnerable to eavesdropping.

In this post we wanted to provide insight into the steps Acquia took to handle this event. First, though, we want to state:

  • Acquia’s infrastructure is now safe and hardened
  • Acquia has been working to ensure our customers’ Drupal sites are secure no matter how or where they use Drupal
  • Mitigating Heartbleed involves more than just software updates or server patching
  • We are working with our customers to ensure that their sites are as secure as possible

Locking Down the Cloud

Over the last few years, IT departments have gotten increasingly comfortable with cloud technology, by which I mean cloud security. Because as one IT analyst put it recently, “When it comes to the cloud, security is the number one concern. And number two isn’t even close.”

2013 Greatest Hits – "PHP is as secure as any other major language" – Anthony Ferrara

I met Anthony, aka @ircmaxell, for the first time at the PHP BeNeLux conference in early 2013. He was among the first people I spoke with on mic about PHP. Our conversation about PHP being secure was one of the seeds that grew into the "Power of PHP" series on Acquia.com, though you'll notice we were still calling it "PHP Myths" at the time. The series will be continuing in 2014, stay tuned to the Acquia podcast and the Acquia blog for more!

Kill the password - privacy on the web - Dan Callahan from Mozilla Persona

Dan Callahan is part of the Identity Team at Mozilla who are trying to solve some of the problems of privacy and security on the Internet that have been hitting the headlines recently. Dan works on the Mozilla Persona project, a system to both replace passwords with verified identities and put that verification under user control, rather than the control of large corporate entities.

Pages