If you’ve been on any cloud or virtualization site lately, you’ve probably seen the picture of a bright yellow elephant staring you down. The Hadoop elephant to be precise. Apache’s Hadoop is considered to be one of the most important technologies in the transition to large scale cloud environments. In fact, Yahoo! has been the largest contributor to Hadoop and uses it across their entire organization, as does Facebook. So here is a brief introduction to this large-scale software framework. Continue reading
One of the most difficult challenges for security professionals when it comes to moving to a cloud environment centres around the increased complexity of domain ownership as it relates to penetration testing. The key reason for this is that in a private cloud environment, meaning the entire infrastructure is physically located in domains where the organization has full control over every aspect, security teams generally maintain control of the infrastructure from a policy standpoint, and can perform various security processes without requiring the intervention of outside resources. Once the infrastructure is moved off-site to a hosted model such as IaaS, PaaS or SaaS, suddenly the provider becomes an extension of your IT team and part of the security equation. This is just the beginning of the effect cloud has on vulnerability and penetration testing. Continue reading
With more and more organizations starting to move internal services to cloud and web based portals, the complexity of managing employee login credentials (from both the IT administrators and end users point of view) increases. The natural reflex for users is to start creating simplified passwords for all the different systems or save them in easily accessible places. Unfortunately, this ends up causing more work for administrators as the resources required to manage requests for password resets and maintain the individual credential systems. This is why if you Google “Single Sign-On” every single security and IT manufacturer suddenly seems to have a solution. Continue reading
When looking at how virtualization and cloud have changed traditional security, a lot of it has to do with visibility. Until recently, security was focused on physical controls and visibility into the network, and so solutions were designed to sit on the perimeter or in-line with the network. Intrusion detection and prevention is delivered through in-line IPS and next generation firewalls that feed Security Information Event Managers (SIEMs or SEMs) which logs the traffic and notes any discrepancies based on the policies and controls that the SIEM device was tuned to watch for. This is standard practice in all IT shops, but what changes with virtualization? Continue reading
It’s almost impossible to avoid the conversation of whether corporations should allow tablets and other mobile devices on the corporate network. Managers tout the benefits of a mobile workforce and the flexibility of connecting to resources from anywhere. Security engineers are worried about the security risks and increased number of unsecured hot spots generated by mobile devices. Not to mention the HR implications of bypassing acceptable-use policies that traditional network restrictions put in place.
I was hoping to get through a few weeks of not highlighting specific products, as it’s really not my intention to promote one solution over another. The reason I wanted to highlight this particular solution is that I think it is one of those ideas that really changes the way organizations operate, while allowing the rest of the company to take some of the cost off the IT department. And what is this game-changing solution? VMware’s vCenter Chargeback Manager. So what is it exactly? Continue reading
As more and more infrastructure becomes virtualized, the migration to endpoint solutions that are optimized for virtual environments will become increasingly important. Any security professional will absolutely agree that endpoint is one of the most effective ways to keep corporate assets clean of malware and other fun stuff that is trying to take down your network and retrieve your mission critical data. However, traditional endpoint really doesn’t work in virtual environments as-is. Why? Oh, let me explain this favorite topic of mine. Continue reading
While attending VMWorld this past summer, I found myself sitting outside a restaurant waiting for a colleague when a fellow attendee sat down beside me. After about 5 minutes had passed, he pointed to my attendee badge and asked me which company I was with. I explained to him that I was attending to get some more insight into how virtualization has affected traditional security, and that I was learning how to bridge the knowledge gap between virtualization specialists and security specialists. It turns out that he was a virtualization administrator, working for a significant US company that had strict security policies.
This is the first time I found myself starting a dialogue that would repeat many times over during the next few months. It starts like this: Continue reading