GreaterHeat

SINGAPORE/HONG KONG, June 25, 2023 (GLOBE NEWSWIRE) -- (Singapore/Hong Kong (June 24, 2023) The decentralized storage network Filecoin receives a welcome boost as Protocol Labs and Singapore-based Web3 technology company GreaterHeat announce that Decentralized Storage Providers Accelerator Asia (DSPA-Asia), of which GreaterHeat is a founding member and a Leading Storage Provider (LSP), will officially kick-start its first Filecoin Plus BootCamp at a gala dinner at Regent Hong Kong on June 25, 2003. GreaterHeats CEO David Li will officiate this launch event.

The highly anticipated Asian BootCamp will be hosted at The Conrad Hong Kong, spanning two days from June 26 to 27. This event aims to gather esteemed Storage Providers (SPs) from China, South Korea, Japan, India, and other Asian regions, providing them with invaluable knowledge on successfully transitioning from being a Filecoin (FIL) to a Filecoin Plus (FIL+) Storage Provider.

The event will include over 30 top international speakers from the field of Web 3.0 and Filecoin, as well as Leading Storage Providers including GreaterHeat, ND Labs, NewwebGroup, IPFS-Force, SXX, Origin Storage, Tiger VC, etc.

DSPA-Asias BootCamp program promotes deep engagement in the Filecoin Plus ecosystem, provides a range of systematic Web 3.0 storage BootCamp courses as well as rich technical resources and opportunities to network with top Web 3.0 business professionals. The BootCamp is an incubator and business training program created to accelerate the Asian Web 3.0 Storage business and aims to provide professional support to Web 3.0 storage providers, helping them to learn, grow and thrive.

DSPA-Asias BootCamp offers learning modules in both business and technical subjects and covers such areas as FIL+ Development History and FIL+ Financial Analysis, Dive deep into LDN, E-FIL Module, Supporting FIL+, Tooling, Deals Sending, Importing Data, and Sealing. The BootCamp program consists of two cohorts lasting 6 to 8 months. The timeframe includes program preparation and follow-up evaluation for each cohort.

Story continues

The genesis of this BootCamp program lies in the rapid development of the original Filecoin network. In the past, when Filecoin focused chiefly on storing cold data, over 70% of the cold data storage capacity resided in Asia. As the Filecoin network transitioned towards Filecoin Plus, some large-scale Asian Filecoin SPs faced challenges converting into fully-fledged Filecoin Plus SPs and they reached out for assistance with this transformation. In response, Protocol Labs and GreaterHeat jointly launched the DSPA-Asia initiative in April 2023 to help SPs with a program of professional support and training designed to help complete their business transformation and stimulate Filecoin Plus storage growth.

GreaterHeat's Chairman and CEO David Li, said, As an Asian storage provider who have ourselves been deeply involved for four years with the Filecoin ecosystem, and having already successfully transitioned to becoming a Filecoin Plus Storage Provider in mid-2022, we have encountered the exact same challenges as other Asian SPs during their own transition. This might include, by way of example, language barriers or difficulties in interpreting information. Therefore, we already understand the pain points of Asian SPs during the transition process and so we created this BootCamp initiative to share our transition experiences and knowledge within the Filecoin Plus ecosystem and provide useful courses, consulting services, solutions, and technical support to those who need it.

"We are delighted to collaborate with Web 3.0 storage experts, GreaterHeat, for the Filecoin Plus training BootCamp," said Stefaan Vervaet, Head of Network Growth at Protocol Labs, the organization behind the decentralized storage network Filecoin. "The BootCamp will provide a rapid introduction to the Filecoin Plus ecosystem, equipping participants with the knowledge needed to join our thriving community. Although it will be demanding, we have confidence in the ability of our participants to excel and succeed by the end of the program."

Since 2022, GreaterHeat has successfully delivered decentralized Web 3.0 cloud storage solutions to US, Canadian, and European companies using Filecoin, the worlds largest decentralized storage network. The 760 PiB of data hosted on the Filecoin network includes 26M active data transactions and organizations including UC Berkeley, The USC Shoah Foundation, University of Utah, and many more. More than 1,500 unique clients have already uploaded their data to the Filecoin network, with 15% uploading more than 100 TiB.

About GreaterHeat Pte Ltd.

GreaterHeat Pte Ltd (GreaterHeat) is a Singapore-headquartered Web3 infrastructure provider, integrating blockchain distributed storage, application software development, cloud computing and edge computing. Founded in Singapore in 2021 by David Li, GreaterHeat provides customers with compliant, stable, and low-cost mining technology services. The companys mission is to drive and lead technological innovation, which creates huge incremental resources to enhance the overall welfare of humanity. GreaterHeat boasts an international team in globally distributed offices. This includes a technical team of over 100 blockchain technologists and cryptographers. For more information, please visit http://www.greaterheat.com

About Filecoin

Filecoin, the world's largest decentralized storage network, enables users to store, request, and transfer data via a verifiable marketplace. Filecoin's advanced technology provides a robust foundation to store the world's most valuable datasets. An alternative to costly cloud storage, the Filecoin network offers efficiently priced and geographically decentralized storage, minimizing financial barriers and allowing users to take advantage of its unmatched network capabilities. Filecoin is completely open source, enabling people from all over the world to participate. For more information about Filecoin, please visit https://filecoin.io/

See original here:
GreaterHeat, Founding Member and A Leading Storage Provider of Decentralized Storage Providers Accelerator Asia (DSPA-Asia), Announces Participation...

In its latest annual security report, Check Point Software reflects on what has been a volatile twelve months in the cybersecurity sector. The threat landscape is more complex than ever before, and risks remain at an all-time high.

In this article, Eli Smadja, security research group manager at Check Point, discusses the need for a new approach to cloud security in 2023 and why simply offering training courses is not enough.

There is a constant need for vigilance when it comes to cybersecurity within the cloud environment and, while the shift to hybrid working was an unavoidable pivot after the pandemic, it also made it easier for cybercriminals to exploit businesses through their supply chain network. When comparing the past two years, we have seen a significant increase in the number of attacks per organization on cloud-based networks, which went up by 48% in 2022 compared with 2021.

In addition to vulnerability exploitation attempts, cloud environments have become both the source and target of security incidents and breaches that involve improper access management, sometimes combined with the use of compromised credentials.

In March 2022, the ransomware gang Lapsus$ announced in a statement on its Telegram group that it had gained access to Okta, an identity management platform. Lapsus$ has a history of publishing sensitive information, often source code, stolen from high-profile tech companies such as Microsoft, NVIDIA, and Samsung. However, this time, the actors claim their target was not Okta itself, but rather its customers.

Following the breach, Okta released an official statement revealing that approximately 2.5% of their customers were affected by the Lapsus$ breach around 375 companies, according to independent estimates. Okta, a cloud-based software, is used by thousands of companies to manage and secure user authentication processes, as well as by developers to build identity controls.

This effectively means that hundreds of thousands of users worldwide could potentially be compromised by the company responsible for their security.

Whats the reason for the increase in supply chain attacks?

An agile, limitless storage space, the cloud allows users to store sensitive data and undertake complex tasks that cannot be done on traditional servers, which makes them an attractive proposition for cybercriminals.

According to Gartner, 60% of organisations now work with over 1,000 third-party suppliers, all of which are critical to their success but will leave users vulnerable to an unprecedented level of risk. Gartner also predicts that by 2025, 45% of organisations worldwide will have experienced cyberattacks on their software supply chains, three times as many in 2021.

Organisations are also still struggling to sufficiently secure new cloud environments implemented during the pandemic, and simultaneously securing legacy assets which were added during the lockdowns, with no real means to ensure that all of them are secured.

Added to that complexity, this accelerated cloud adoption has exponentially increased the use of third-party applications and the connections between systems and services, unleashing an entirely new cybersecurity challenge.

Cloud security is complicated further by many enterprises using multiple cloud-based solutions, each with specific security settings. With multiple platforms and multiple users, theres only one outcome chaos. It is difficult to have visibility into all the integrations between an organisations cloud applications, as the average enterprise uses 1 400 cloud services.

Why cloud security should be a priority in 2023

Cloud platforms represent a goldmine for malicious actors, especially when you consider the size of many organisations cloud supply chain networks. Once a hacker has gained entry, they have carte blanche to act however they choose. This could be anything from injecting malicious content to infect users or wiping all data stored within a particular platform.

Ensuring the security protocols of cloud platforms are set up correctly should be a priority for organisations and their supply chain networks, otherwise, their data and their clients data are at significant risk.

The misconfiguration of cloud platforms isnt a new issue, it currently affects millions of users and is often the result of a lack of awareness, proper policies, and security training. But how can organizations address the issue? Simply increasing employee awareness and training isnt enough.

Conducting meaningful testing alongside robust security measures is the only way to better protect organizations from the threat of cloud supply chain attacks. We practice fire drills, so why not cyberattacks?

Here are simple tips to ensure your cloud services are secure and your supply chain is protected:

* Amazon Web Services (AWS) AWS CloudGuard S3 Bucket Security. Specific rule: Ensure S3 buckets are not publicly accessible. Rule ID: D9.AWS.NET.06

* Google Cloud Platform Ensure that Cloud Storage DB is not anonymously or publicly accessible. Rule ID: D9.GCP.IAM.09

* Microsoft Azure Ensure the default network access rule for Storage Accounts is set to deny. Rule ID: D9.AZU.NET.24

Furthermore, adopting a third-party security solution that prevents attacks on web applications via fully automated services will strengthen not only your security posture but that of your supply chain network also. Using a service such as this eliminates the need to manually edit rules and write exceptions every time a software update is required. It also scans infrastructure-as-code and source code to stop threats before they become major incidents.

Cloud supply chain attacks will continue to be a feature of the cybersecurity landscape in 2023, so ensuring your organization has a robust approach to cloud security is a priority. It is important that you recognize not only the technological needs of your operations but also continue to educate your employees about the potential impact errors can have on the wider organization.

Related

See the article here:
Why you need a fresh approach to cloud security in 2023 - IT-Online

Subscribe to NewscastStudio's newsletter for the latest in broadcast design, technology and engineering delivered to your inbox.

In the rapidly evolving media and entertainment landscape, the ability to adapt and innovate is more crucial than ever. Traditional media asset management systems, while once the backbone of our industry, are struggling to keep pace with the demands of todays digital world.

Enter the cloud-native media supply chaina model that promises to revolutionize how we process and deliver media content.

Unlike legacy systems, a cloud-native media supply chain aligns supply with demand as efficiently as possible, adapting to the needs of the moment.

Its the difference between having a delivery show up at your door versus keeping a truck in a garage for your next delivery. This model offers unprecedented flexibility, allowing media operations to be processed into final products for consumption most efficiently.

Flexibility is paramount in the ever-evolving world of media production. The ability to adapt to changing demands, new technologies, and evolving market trends can be the difference between success and stagnation. This is where the cloud-native media supply chain truly shines.

Traditional systems, while robust, often lack the flexibility needed in todays fast-paced digital environment. They are typically built around fixed infrastructures, with costs tied to hardware, storage, networking, licensing, support, and upkeep of assets. These systems can be costly to maintain and difficult to adapt to changing needs, making them less than ideal for the rapidly evolving media landscape.

On the other hand, a cloud-native media supply chain offers unprecedented flexibility.

Built from within the cloud, these systems leverage the power of microservicessmall, independent processes that can be scaled up or down based on demand. This allows for a level of adaptability that traditional systems cant match.

Moreover, cloud-native systems provide full visibility into each step of the supply chain. This transparency allows for more accurate budgeting and resource allocation, as costs can be tracked on a process-specific basis rather than being tied to infrastructure. This shift in perspective can lead to significant cost savings and improved operational efficiency.

Additionally, the cloud-native approach enables seamless integration with other cloud-based tools and technologies. This interoperability allows media companies to easily adopt new technologies, experiment with innovative processes, and adapt to changing market trends.

In conclusion, the flexibility offered by cloud-native media supply chains represents a significant advantage over traditional systems. By embracing this approach, media companies can better adapt to the ever-changing digital landscape, driving innovation and ensuring their continued success in the industry.

At the heart of the cloud-native perspective are microservicessmall, independent processes that work together to form a larger system. These microservices can be developed, deployed, and scaled independently, providing a level of flexibility and scalability that traditional monolithic architectures cant match.

In a cloud-native media supply chain, each step in the workflowfrom content ingestion to processing to distributioncan be handled by a separate microservice. This approach has several key benefits:

Pricing based on usage

One of the most significant advantages of the cloud-native perspective is the ability to price services based on usage. In traditional systems, costs are often tied to infrastructurehardware, storage, networking, licensing, support, and upkeep of assets.

In contrast, a cloud-native media supply chain allows for commoditized processing, where you only pay for a given process when it occurs. This usage-based pricing model can lead to significant cost savings, especially for operations with fluctuating demand.

Continuous innovation

The cloud-native perspective also enables continuous innovation. In traditional systems, updating software often involves bringing down the entire system, which can lead to disruptions and downtime.

However, microservices can be updated or replaced independently in a cloud-native environment, allowing for continuous improvement without disrupting the overall system. This approach also makes experimenting with new technologies or processes easier, fostering a culture of innovation.

Operating system agnostic

Cloud-native systems are independent of the operating system framework, eliminating many of the roadblocks and barriers associated with traditional systems. This OS-agnostic approach allows for greater flexibility and interoperability, making integrating with other systems and technologies easier.

In conclusion, the cloud-native perspective offers a new way of thinking about media supply chains. By building workflows from within the cloud, we can leverage the power of microservices, usage-based pricing, continuous innovation, and OS-agnostic design to create more efficient, flexible, and cost-effective media operations. As the media landscape continues to evolve, adopting a cloud-native perspective will be key to staying competitive and driving the industry forward.

The migration case becomes stronger as the industry becomes more comfortable with the clouds reliability and security. The accessibility of cloud-centric tools is blossoming, and the cost of cloud storage is now cheaper than the total cost of owning a selection of on-premise storage tiers.

The only type of media supply chain infrastructure that can adapt to a perpetually unprecedented future is a cloud-native one. The future of media and entertainment is here, and its cloud-native. Its time for us to embrace this change and harness the power of the cloud-native media supply chain to drive our industry forward.

Subscribe to NewscastStudio for the latest delivered straight to your inbox.

AboutAlex ThompsonAlex Thompson is a broadcast technology consultant with over 20 years of experience in the media and broadcasting industry. Having worked with some of the leading broadcasting networks and technology vendors, Alex brings deep industry knowledge and technical expertise to his role.

See the rest here:
Embracing the cloud-native media supply chain - NewscastStudio

Some secrets are so secret that no one knows about them. Until recently that described the secrets locked within our DNA. But a key to consumer confidence in the burgeoning genetic testing marketplace is the extent to which people can depend on a companys promise that Your secrets safe with us. In its first case focused on the privacy and security of genetic information, the FTC alleges that San Francisco-based Vitagene, Inc. now known as 1Health.io failed to live up to its promises and unfairly changed material privacy terms without customers consent. The proposed settlement and other recent actions send a loud-and-clear message that the FTC is fully committed to the protection of consumers health information.

After consumers paid between $29 and $259, sent a saliva sample to Vitagene, and answered an online questionnaire about their health history, family history, and lifestyle, the company provided them with a personalized Health Report. The Report included the customers full name and an assessment of their risks for developing a host of health problems.

Using images of locks, keys, and secure clouds, the companys website was replete with claims about the care with which it promised to handle consumers genetic information. Here are just a few of the companys pledges.

Nice privacy and security talk, but according to the FTC, Vitagene was more talk than action. Youll want to read the complaint for details, but part of the story started in the cloud. As a component of its IT infrastructure, Vitagene used a well-known cloud service provider for storing confidential information, including consumers Health Reports and DNA data. Vitagene allegedly didnt use built-in measures to secure the information and instead stored it in buckets that made it possible for anyone with internet access to see the detailed Reports of nearly 2,400 Vitagene customers. Also accessible: raw genetic data of at least 227 other customers, sometimes identified by first name. While Vitagene promised to exceed industry-standard security practices, the FTC says the company didnt encrypt that data, didnt restrict access to it, didnt monitor access, and didnt inventory it to help ensure its security. The complaint also charges that Vitagene didnt take steps to ensure that a lab that analyzed many of the DNA samples had a policy in place to destroy them.

Whats more, the complaint alleges that over a two-year period, Vitagene received three separate warnings that it was storing customers health and genetic information in a way that made it publicly accessible. Warning #1: a July 2017 message from the cloud service provider that Vitagene had configured its data to allow read access from anyone on the Internet. The email included links to an account console and information about how to restrict access. The response from Vitagene: Crickets.

Warning #2 came from a security company that conducted a web app penetration test in November 2018 and found that uploaded DNA data was being stored . . . without any access controls. The complaint alleges that Vitagene again failed to rectify the situation.

Warning #3 was a June 2019 email from a security researcher sent to Vitagenes support inbox. After the researcher contacted the media, the FTC says the company finally investigated its public exposure of customers health information. However, because Vitagene hadnt monitored who had accessed or downloaded the data, it couldnt determine who else might have seen the information.

Vitagenes alleged missteps didnt end there. In 2020, the company changed its privacy policy by retroactively expanding the types of third parties with which it may share consumers data to include grocery chains, dietary supplement manufacturers, and the like. And it did that without notifying customers who provided their data under the former, more restrictive privacy policy and getting their consent.

The complaint charges that the companys promises that it exceeded industry security standards, stored DNA results without identifying information, deleted data at consumers request, and saw to it that physical DNA samples were destroyed were false or misleading. Whats more, the FTC alleges that the companys after-the-fact privacy policy changes about sharing sensitive personal information with third parties was an unfair practice, in violation of the FTC Act.While Vitagenes original privacy policy stated that a customers access or use of the companys services after the company posted a revised privacy policy meant that the consumer had accepted the revised terms, that language didntexcuse Vitagene from its obligation to give notice and get consumers consent before making material retroactive changes to its privacy practices. Furthermore, the complaint alleges that Vitagenes conduct was unfair even though the company has not yet implemented the broader information sharing practices set forth in its revised privacy policies.

To settle the case, 1health.io has agreed to implement a comprehensive information security program, including every-other-year third-party assessments. In addition, a senior executive must certify annually that the company is complying with the terms of the settlement. The proposed settlement also includes a $75,000 financial remedy. Once the settlement appears in the Federal Register, youll have 30 days to file a public comment.

What can other companies take from the FTCs action?

Sensitive health information including genetic data requires intensive care. If your company collects or maintains consumer health information, youve raised the bar on the privacy and security standards you must implement. Take particular care to substantiate the promises you make about your data practices. (By the way, if you havent read the FTCs May 2023 Policy Statement on Biometric Information, set aside time now.)

Just because data is in your possession doesnt mean its yours. Collecting consumers data doesnt mean youre free to do with it as you please. Consumers have a right to know in advance how you intend to use their information and you have the legal obligation to live up to your representations. That means if you want to change your practices down the road, a bait-and-switch modification to your privacy policy wont suffice. Youll need consumers affirmative express consent for any new uses of their data.

When it comes to security, keeping your data in the cloud doesnt mean you can keep your head in the clouds. The FTC has long said that storing data in the cloud doesnt give a company a free pass on security. Its still your responsibility to take reasonable steps to secure your data for example, by properly configuring cloud security settings and by inventorying and auditing your cloud storage. As the FTCs Request for Information about cloud computing makes clear, sellers of cloud technology and the companies that use their services share the responsibility to secure consumers personal information.

Respond to credible warnings about potential security lapses. The complaint against Vitagene alleges multiple instances in which the company failed to heed alarms others including the provider of its cloud storage had sounded about the security of its cloud-based information. Do you have systems in place to make sure those alerts get to the right people and get the immediate attention they deserve?

See the original post here:
Privacy and security of genetic information: Putting DNA companies ... - Federal Trade Commission News