Posts Tagged ‘ Auditing ’

SaaS Auditing: Knowing who did what

January 11, 2013
By
CloudComputing

Rightscale has been running into a problem with the simplest of auditing requirements: how to know when someone has logged in. This problem spans nearly all their 100s of SaaS providers used to run their business. Where is the ability to do SaaS Auditing?

Read more »

Cloud: More Secure Than You Think?

January 13, 2012
By

At the end of last year and the beginning of this year the Virtualization Security Podcast featured two very different guest panelists to discuss cloud security, policy, and compliance: Phil Cox, Director of Security and Compliance at RightScale, joined us for the last podcast in 2011 and the George Gerchow of VMware's Policy and Compliance…

Read more »

Centralized RBAC Missing from Virtualization Management Tools

June 14, 2011
By
Centralized RBAC Missing from Virtualization Management Tools

As a delegate for Tech Field Day 6 in Boston, I was introduced to several virtualization and performance management tools from vKernel, NetApp, Solarwinds, Embotics, and a company still in stealth mode. With all these tools and products I noticed that each were not integrated into the roles and permissions of the underlying hypervisor management…

Read more »

Private Cloud Security Nice to Have!?

June 24, 2010
By
Private Cloud Security Nice to Have!?

In a recent document written by virtualization.info and Secure Network of Italy entitled Securing the Private Cloud several issues come to mind. While this is a good document on the availability front of virtualization security, I did not read anything that affected integrity or confidentiality. You cannot be secure if you ignore 2 of the…

Read more »

Virtualization and Cloud Security Projects to Watch

January 26, 2010
By

The future of Virtualization and Cloud Security is being worked on today and there are several projects worth watching. Early guidance from these projects will aid your current virtualization and cloud security policies, procedures, plans, and architectures. (A6, DMTF, CSA, PCI, FDIC, etc.)

Read more »

Security and Compliance only when Auditor is at the door

January 22, 2010
By

I was privileged to speak at the 3rd Annual South Florida ISACA WoW! Event with Robert Stroud, Alan Shimel, and other great speakers. What I discovered from this conference is something I have feared for quite a number of years. Compliance actions are not continuous but often only enacted when the auditor shows up at…

Read more »

Featured Solutions