Tagg: PCI DSS

Last week I wrote that compliance and complacency are major challenges in the cloud. Yes, defensive technology is the same. However, the cloud poses some specific threats. Multitenancy Multitenancy scares people the most. You share cloud infrastructure with other customers. Your cloud services are running on virtual machines. Those VMs run on shared hardware. You […]

I wrote a series of blog posts a while ago about SSH authentication using cryptographic keys rather than passwords. I discussed why SSH keys provide easier authentication, how to set up an SSH key agent, and how to maintain multiple websites. There are two areas of security to consider regarding SSH. I think of them […]