The very nature of virtualization makes it unique in that it adds a barrier between the traditional hardware and operating system layers. By very definition, virtualization creates an operating environment on the host hardware that allows for complete customization and allocation of resources, regardless of which operating system is installed. It is not uncommon to have several different operating systems reside side by side. In fact, recently even Microsoft opened their proprietary Azure cloud platform to support Linux builds.
As VM automation becomes more and more predominant in cloud environments, the issue of abstraction becomes more important. Consider if you will, an infrastructure in which the creation and management of VMs is fully automated. Now put all those applications and information and VMs in one big cloud that is all self-sufficient and constantly moving around due to load balancing and other automated processes. Then, add in cloud applications, plugins, security and anything else that could possibly run in that environment. Then, connect it all up so that every part of the infrastructure is inter-dependent and connects through a broker. And for fun’s sake, let’s assume there is a memory leak on one of the servers and your start losing VMs. Continue reading
With the latest announcement of Google Chrome’s remote desktop application, it’s a great time to look at when and where virtual desktop infrastructure (VDI) makes sense. While there are significant benefits to leveraging VDI, there are still some security risks associated with these implementations.
As we see more and more organizations starting to outsource their data to services such as Amazon and Telco-based cloud environments, there is an increased importance around the security of the actual data that resides in these environments. In some cases, organizations are moving business-critical and privacy sensitive data off-site to take advantage of reduced infrastructure costs, but in some cases, to leverage the security postures of the cloud providers themselves.
It’s been awhile since I’ve had the time to look at this site, so I wanted to give a quick update on where I went for those followers who have wondered where it is that I’ve been hiding. Continue reading
This morning while absorbing large amounts of caffeine in a vain attempt to wake from a turkey induced coma, I came across an interesting article over on Tech News World on the Internet of Things. As some of you know, prior to joining the connected world of telecom, I actually spent awhile in the security space. Just long enough to adopt the constant state between paranoia and acceptance of the fact that everything is a security risk, much like my fellow security brethren.
So when I came across this article on the Internet of Things and the wonderful world of security as it relates to this new(ish) trend, it couldn’t help but intrigue me. Because well, whenever society gets a new toy to play with, you know there is a beautiful dark cloud of exploitation just around the corner. The internet of Things is wonderful, and it’s going to be a huge headache for security folks. Welcome to the (Unsecured) Internet of Things. Continue reading
I tend to feel guilty when I don’t get to post as much as I would like on this blog. It’s one of those things where after writing daily for 5 months last year, and now that my book is finally out (which is in a way a second life of those posts), I feel like “hey, you could possibly be even more productive!”. Then I look at my secret project list and am reminded that I can’t talk about some of the more large-scale stuff that goes on behind the scenes. Continue reading
It’s funny how sometimes the most random conversations lead to to new ways of approaching things. Case in point, last night while sitting in a coffee shop on a ship floating somewhere in the Caribbean (yes, it’s true) I ended up chatting with a fellow I met who works in finance for a pharmaceutical company in the US. I was a funny conversation because if you work in marketing, finance is one of those departments that while we rely on heavily, cause us a lot of grief. Well, grief might be a harsh word, but let’s say we have a funny relationship. Continue reading
It seems like every day half the twitter feeds around cloud are about the great advancements we have seen such as in OpenStack and Big Data, and the new technologies we are seeing to help drive adoption of cloud computing.
Unfortunately, the other half talks to encryption issues, data leaks, vendor uncertainty…doom and gloom. Most notably, the increased chatter around data privacy (both from an international government perspective, and the traditional risks associated with improper data loss protection controls) continues to impact one of the biggest trends trying to move forward: mobile device management. Continue reading
One of my favorite side projects in the cloud industry is meeting with technical leaders, mostly CIOs, and talking to them about the huge change that is coming with Cloud.
CIOs have already been faced with several major challenges. We’ve seen huge cuts to IT budgets, the increased pressure to tighten security and compliance, and ofcourse, the rise in social media and mobile devices. It’s not easy being a CIO these days. Now cloud has come along and there is increased pressure for them to leverage these new methodologies to make the organizations lean, mean and innovative. No pressure. Continue reading