Close close
Close close
Featured Insights
19 January 2018
Homeland Cloud security advisory: Spectre and Meltdown vulnerabilities
06 December 2017
Revera partners Nyriad to deliver blockchain pilot programme
30 October 2017
Revera helps DHB take first steps to digital transformation
30 October 2017
Revera launches digital health practice
30 October 2017
Nelson Marlborough onboards Revera IaaS
26 October 2017
Revera takes top honours at Hitachi Vantara Awards
24 October 2017
"e-Patient Dave" deBronkart and the age of empowered patients
12 June 2017
Revera sets the pace as leading regional HPE service provider
16 February 2017
Adapting to thrive
29 November 2016
IRD, Revera to modernise NZ tax system
28 November 2016
FishServe goes local for global cloud backup capability
Homeland Cloud security advisory: Spectre and Meltdown vulnerabilities
Homeland Cloud IaaS platform patched in real-time; system vendors confirm updates
Revera has launched a programme of preventative remediation to protect its Homeland Cloud IaaS platform from Spectre and Meltdown vulnerabilities.
The cloud provider’s technical operations teams have completed testing and rollout of currently available vendor updates (patches) to affected systems.
Vendor patches address flaws arising from features built into chips that help them run faster, which theoretically open up possibilities for dangerous attacks. For example, Spectre could exploit JavaScript code to trick a web browser into revealing user and password information.
“Patches typically take the form of an update to the hardware firmware, or a patch to a hypervisor or virtual guest operating system,” said Jason Porter, Revera Chief Information Security Officer (CISO).
He said there was no evidence indicating that any attacks or flaws exploited on the back of Spectre and Meltdown vulnerabilities.
Porter said preventative remediation was part of a broad-based security review involving multiple layers of security used to defend Revera’s Homeland Cloud platform, including internet, routers, firewalls, networks, operating systems and servers, to ensure its cloud environments remained secure.
He said patching potentially slowed some services, though in the majority of cases impacts wouldn’t be noticeable.
Porter said he expects vendors to release additional updates over the coming weeks, and recommended a range of measures for businesses and home users to keep themselves protected.
These included applying the latest software patches to computers (including home and mobile devices), web browsers, email systems, firewalls, and other security systems; conducting regular backups; and maintaining offline and offsite backup volumes wherever possible.
“Clients should also stay alert to potential phishing emails – never open attachments from an unknown source,” he said.
Revera will notify clients as systems are updated.
For the latest developments contact your Revera client engagement manager, or email Securitymanagement@revera.co.nz
date_range 19 January 2018
19 January 2018
Homeland Cloud security advisory: Spectre and Meltdown vulnerabilities
Homeland Cloud IaaS platform patched in real-time; system vendors confirm updates
06 December 2017
Revera partners Nyriad to deliver blockchain pilot programme
Pilot programme provides access to Nyriad’s real-time blockchain software platform delivered from Revera’s AoG-certified Homeland Cloud.
01 November 2017
Revera adds second direct route to global clouds
Megaport PoP offers Wellington launch-pad for elastic connectivity to global clouds