Yonas Tibebu

Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating computer applications. It's the most widely-deployed security protocol used today and is used for web browsers and other applications that require data to be securely exchanged over a network, such as web browsing sessions, file transfers, VPN connections, remote desktop sessions, and voice over IP (VoIP). TLS evolved from Netscape's Secure Sockets Layer (SSL) protocol and has largely superseded it, although the terms SSL or SSL/TLS are still sometimes used. Key differences between SSL and TLS that make TLS a more secure and efficient protocol are message authentication, key material generation and the supported cipher suites, with TLS supporting newer and more secure algorithms. TLS and SSL are not interoperable, though TLS currently provides some backward compatibility in order to work with legacy systems. History and development The In...

An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. While anomaly detection and reporting are the primary function, some intrusion detection systems are capable of taking actions when malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious IP addresses. Although intrusion detection systems monitor networks for potentially malicious activity, they are also prone to false alarms (false positives). Consequently, organizations need to fine-tune their IDS products when they first install them. That means properly configuring their intrusion detection systems to recognize what normal traffic on their network looks like compared to potentially malicious activity. An intrusion prevention system (IPS) also monitors network packets for potentially damaging network traffic. But where an intrusion detection system responds to potentially ma...

A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices that are infected and controlled by a common type of malware. Users are often unaware of a botnet infecting their system. Infected devices are controlled remotely by threat actors, often cybercriminals, and are used for specific functions, so the malicious operations stay hidden to the user. Botnets are commonly used to send  email spam, engage in click fraud campaigns and generate malicious traffic for distributed denial-of-service (DDoS) attacks. How botnets work The term botnet is derived from the word’s robot and network. A bot in this case is a device infected by malicious code, which then becomes part of a network, or net, of infected devices controlled by a single attacker or attack group. A bot is sometimes called a zombie, and a botnet is sometimes referred to a...

Storage as a service (STaaS) is a managed service in which the provider supplies the customer with access to a data storage platform. The service can be delivered on premises from infrastructure that is dedicated to a single customer, or it can be delivered from the public cloud as a shared service that's purchased by subscription and is billed according to one or more usage metrics. STaaS customers access individual storage services through standard system interface protocols or application program interfaces (APIs). Typical offerings include bare-metal storage capacity; raw storage volumes; network file systems; storage objects; and storage applications that support file sharing and backup lifecycle management. Storage as a service was originally seen as a cost-effective way for small and mid-size businesses that lacked the technical personnel and capital budget to implement and maintain their own storage infrastructure. Today, companies of all sizes use storage as a se...

A multi-cloud strategy is the use of two or more cloud computing services. While a multi-cloud deployment can refer to any implementation of multiple software as a service (SaaS) or platform as a service (PaaS) cloud offerings, today, it generally refers to a mix of public infrastructure as a service (IaaS) environments, such as Amazon Web Services and Microsoft Azure. Common uses for multi-cloud computing Initially, many organizations pursued a multi-cloud strategy because they were uncertain about cloud reliability. Multi-cloud was, and still is, seen as a way to prevent data loss or downtime due to a localized component failure in the cloud. The ability to avoid vendor lock-in was also an early driver of multi-cloud adoption. While redundancy and vendor lock-in concerns still drive some multi-cloud deployments today, they are also driven largely by enterprises' broader business or technical goals. Those goals can include the use of more price-competitive cloud se...

Blockchain is a type of  distributed ledger for maintaining a permanent and tamper-proof record of transactional data. A blockchain functions as a decentralized database that is managed by computers belonging to a peer-to-peer (P2P) network. Each of the computers in the distributed network maintains a copy of the ledger to prevent a single point of failure (SPOF) and all copies are updated and validated simultaneously. In the past, blockchains were commonly associated with digital currencies such as Bitcoin, or alternate versions of Bitcoin like Bitcoin Cash. Today, blockchain applications are being explored in many industries as a secure and cost-effective way to create and manage a distributed database and maintain records for digital transactions of all types. How blockchain works A blockchain ledger consists of two types of records, individual transactions and blocks. The first block consists of a header and data t...

In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication. In the past, network devices were placed behind a firewall, and security efforts were focused on protecting company data at the perimeter and keeping intruders out. With the advent of ubiquitous connectivity and a mobile workforce, however, administrators began to question whether the traditional border model of IT security was practical. The concept of deperimeterization was recognized early on by Paul Simmonds of the Jericho Forum, a non-profit group dedicated to "the development of open standards to enable secure, boundaryless information flows across organizations." As early as 2004, Simmonds foresaw that a hardened perimeter security strategy would be impossible to sustain and was fundamentally at odds with an agile business model. He pointed out that in the early days of the internet, i...

Business impact analysis (BIA) is a systematic process for determining and evaluating the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency. A BIA is an essential component of an organization's business continuance plan . It includes an exploratory component to reveal vulnerabilities as well as a planning component to develop strategies for minimizing risk. The end result is a business impact analysis report, which describes the potential risks specific to the organization studied. One of the basic assumptions behind conducting a BIA is that while every component of an organization is reliant upon the continued functioning of every other component, some components are more crucial than others and require a greater allocation of funds in the wake of a disaster. For example, a business may be able to continue more or less normally if the cafeteria had to close, but would stumble if the information syst...