TrendMicro last year introduced its cloud computing strategy to deliver security to desktop PCs. Now the security software vendor, according to CEO Eva Chen, is taking cloud security a step further by protecting the cloud itself.
An update to its Deep Security product, introduced Monday, offers protection for the "entire server," including the operating system, network, and applications layers, according to the company.
So is why there a need for yet another layer of server protection. Don't servers already have an enormous amount of protection?
She acknowledged that servers are typically protected by a firewall, an intrusion detection system (IDS), and an intrusion prevention system (IPS). "But now people are doing virtualization," Chen said. "And once you do virtualization, the server can move from one network center to another network center or move from your own data center to a public data center, and therefore the server is not just behind the firewall all the time. It needs to protect itself."
Another issue is the changing nature of servers. In the past, they mostly were used to serve up data. But with cloud computing, applications run on the server and that makes them vulnerable to hackers. "In last two years an enormous amount of Web servers were attacked by cybercriminals. They just insert SQL injections or a malicious link in your site or serve up malicious content from your site," Chen said.
Initially, TrendMicro's product is aimed at the enterprise but, long term the company plans to develop services to support small Web sites and blogs.
As a small site owner, I understand the need. SafeKids.com, which is a WordPress blog I maintain, was attacked a couple of years ago due to a security flaw in a template I was using. The attacker embedded hidden links to sites that offered male enhancement products. I discovered the problem when I was embarrassed by Google Viagra ads appearing on my site. I don't have anything against Viagra, but the ads weren't appropriate for a site that focuses on Internet safety for children. Google, which places ads that are related to the site's content, was fooled into thinking that my site covered male enhancement rather than children's safety. Chen said that TrendMicro is exploring technology that could protect sites like mine by alerting owners to potential problems as soon as they occur.
In a partnership with RSA, the company is also working to protect financial sites against phishing attacks. It has software that looks for phishing sites that mimic legitimate ones and warn the legitimate site owners who can then take action against the impostors.
Listen to Larry's interview with TrendMicro CEO Eva Chen.