Paravirtualization: A Trick in the Cloud

The very nature of virtualization makes it unique in that it adds a barrier between the traditional hardware and operating system layers.  By very definition, virtualization creates an operating environment on the host hardware that allows for complete customization and allocation of resources, regardless of which operating system is installed.  It is not uncommon to have several different operating systems reside side by side.  In fact, recently even Microsoft opened their proprietary Azure cloud platform to support Linux builds.

Continue reading

Fun with FUD: Business Continuity in the Cloud

As VM automation becomes more and more predominant in cloud environments, the issue of abstraction becomes more important. Consider if you will, an infrastructure in which the creation and management of VMs is fully automated.  Now put all those applications and information and VMs in one big cloud that is all self-sufficient and constantly moving around due to load balancing and other automated processes. Then, add in cloud applications, plugins, security and anything else that could possibly run in that environment.  Then, connect it all up so that every part of the infrastructure is inter-dependent and connects through a broker.  And for fun’s sake, let’s assume there is a memory leak on one of the servers and your start losing VMs.  Continue reading

Virtual Desktop Infrastructure: (Remote) Workers of the World Unite!

With the latest announcement of Google Chrome’s remote desktop application, it’s a great time to look at when and where virtual desktop infrastructure (VDI) makes sense.  While there are significant benefits to leveraging VDI, there are still some security risks associated with these implementations.

Continue reading

Why Encryption is Still a Cloud Standard

As we see more and more organizations starting to outsource their data to services such as Amazon and Telco-based cloud environments, there is an increased importance around the security of the actual data that resides in these environments. In some cases, organizations are moving business-critical and privacy sensitive data off-site to take advantage of reduced infrastructure costs, but in some cases, to leverage the security postures of the cloud providers themselves.

Continue reading

We have just gotten a wake-up call from the Nintendo Generation.

This morning while absorbing large amounts of caffeine in a vain attempt to wake from a turkey induced coma, I came across an interesting article over on Tech News World on the Internet of Things.  As some of you know, prior to joining the connected world of telecom, I actually spent awhile in the security space.  Just long enough to adopt the constant state between paranoia and acceptance of the fact that everything is a security risk, much like my fellow security brethren.

So when I came across this article on the Internet of Things and the wonderful world of security as it relates to this new(ish) trend, it couldn’t help but intrigue me.  Because well, whenever society gets a new toy to play with, you know there is a beautiful dark cloud of exploitation just around the corner.  The internet of Things is wonderful, and it’s going to be a huge headache for security folks.  Welcome to the (Unsecured) Internet of Things. Continue reading

Greatest deed Luke Skywalker ever did was take down the Death Star, right? As far as I’m concerned, that’s what everybody needs. You need that one bad-ass thing that lets you live on forever, you know.

I tend to feel guilty when I don’t get to post as much as I would like on this blog. It’s one of those things where after writing daily for 5 months last year, and now that my book is finally out (which is in a way a second life of those posts), I feel like “hey, you could possibly be even more productive!”.  Then I look at my secret project list and am reminded that I can’t talk about some of the more large-scale stuff that goes on behind the scenes. Continue reading