ITIL

Cyber Security Exposure – Who is to blame!

March 12th, 2015

On an almost semi-weekly basis, there is something printed about yet another set of photos released to the public, much to the embarrassment of the person who got exposed.  And of course, the photos always seem to contain some salacious view of the individual(s).   The articles are also usually very quick to point out the

The Phenomenon of BYOD

October 24th, 2012

Bring Your Own Device (BYOD) phenomenon started when smartphones and tablets with more convenient form factor became ubiquitous among consumers. These devices with their touch-screen interfaces and powerful processors allow employees who brought them to work to be more productive on the go.  Assuming of course they could somehow get connected to the in-house WiFi.

Is a Private Cloud Solution to PCI?

October 14th, 2010

Enterprises at the early stages of cloud adoption are deploying private clouds and internal cloudlets, which can be thought of as local access points and logical divisions of their own larger infrastructure.  Private clouds are characterized by scalability through virtualization but the actual physical infrastructure is kept local to the Enterprise.  This provides scalability and

Barriers to Cloud Adoption

September 23rd, 2010

Many businesses are reluctant to deploy cloud-based services for their core mission-critical applications.  Large and medium sized companies that have supporting IT organizations, have striven to increase vertical backward integration of core business processes.  Businesses believe that they inherently gain more certainty, control and competitive advantage by directly owning the data critical to their line

Security in the Cloud and Elsewhere

September 21st, 2010

Security, in the cloud or elsewhere, is a crucial topic that could fill many pages. There are however a smaller number of summary requirements that should be examined by IT architects. As companies move or build solutions in the cloud, having a consistent security model is vital to simplify development and to avoid vendor lock-in

Building Super Secure Security

September 7th, 2010
Tags: , ,

Can a resilient and fail-safe security system be created?  Given time and money can the ultimate secure network technology be developed?  Defense Advanced Research Projects Agency (DARPA) intends to fund an initiative to find out and in June 2010 announced the Clean‐Slate Design of Resilient, Adaptive Secure Hosts (CRASH).  It relies on human biology to

Security in the New Data Center

August 31st, 2010

Information security in data centers has historically relied on perimeter firewalls, pattern matching “after the fact” with intrusion detection, and at the server level by installing host-based intrusion detection, identity enforcement, antivirus, and other software agents.  Internal LANs can be segmented and boundary controls implemented using the same firewall technology. Virtualization adds a layer of

Ebb and Flow of Virtualization Implementations

August 27th, 2010

Gartner says that just 16% of data center loads are virtualized, and in a recent InformationWeek Analytics survey found that 35% of respondents say they expect to virtualize less than 25% of their data centers by 2011. That finding reflects either a less optimistic or more realistic assessment than survey respondents exhibited last year, when

Governance and IT

August 24th, 2010

Enterprises will continue to hold the purse strings tight to their chest and will spend only when there is near certainty that there is a positive outcome.  This fact, coupled with virtualization and cloud computing, companies can no longer afford to have their IT organizations function like outside service providers, or utilities who simply keep

Subcontracting Issues within Cloud Computing Services

August 10th, 2010

Multi-cloud relationships and subcontractors can be an issue when using some cloud providers.  For example, a Customer might start out slow with Cloud Computing and enter into a SaaS service just to get a feel for how all of this works and to satisfy an immediate need that the internal IT department cannot quickly fulfill.