Roy Firestein

Security Feeds

Archive for February, 2011

Google Cloud Connect for Microsoft Office available to all

February 24th, 2011. Published under My Recent Reads. No Comments.

pulled from Google Reader (click on title for original post)
Many of you already use Google Docs for editing your documents, but there are still many people that are tied to desktop applications and haven’t experienced the numerous benefits cloud applications to bring. To help bring more people to the cloud and take advantage of features that result, we’re happy to announce that Google Cloud Connect for Microsoft Office is now available to everyone. Google Cloud Connect is a free plugin that improves Microsoft Office 2003, 2007 and 2010 on Windows PCs. It adds simultaneous collaboration, revision history, cloud sync, unique URLs and simple sharing to the Microsoft Word, Excel and Powerpoint applications:

Take it for a spin on your Windows PC by downloading the plugin.

To learn more about how Google Cloud Connect can help businesses, check out the more detailed post on the Google Enterprise Blog.

Posted by: Shan Sinha, Google Apps Product Manager

Update: Many of you have also asked about availability for Macs. Unfortunately due to the lack of support for open APIs on Microsoft Office for Mac, we are unable to make Google Cloud Connect available on Macs at this time. We look forward to when that time comes so we can provide this feature to our Mac customers as well.

NIST Publishes Its Virtualization Security Guidelines

February 11th, 2011. Published under My Recent Reads. No Comments.

pulled from Google Reader (click on title for original post)

Last week, the US National Institute of Standards and Technology (NIST) published its final virtualization security guidelines.

There are already guidelines available from the Center for Internet Security, VMware, Microsoft, and Citrix as well as guidelines from the Defense Information Security Agency in the form of STIGs.

NIST adds to this collective knowledge and expands it with some interesting reading on desktop virtualization.

The most important things you can do to improve the security of your virtualization infrastructure are:

1.  Treat this layer like your most critical x86-based OS

2. Establish your own configuration guidelines (using sources like NIST and CIS as a starting point), apply these and measure for drift over time.

3. Extend your existing patch and vulnerability management processes to this new layer of software.

Gartner research shows that 90% of successful attacks occur against previously known vulnerabilities for which a patch or secure configuration standard was already available. If you haven’t already, make sure you’ve secured your virtualization platform layer.