Have you ever wondered what was going on within a cloud regardless of type? SaaS? PaaS? IaaS? Do you need to audit these environments to ensure compliance with your security policy (not to mention the subset of your security policy that contains regulatory compliance)? To provide solutions for these issues, a number companies both new…
• • 2 Comments
What is the first step of application security? What is this step regardless of whether the process involved is DevOps or traditional silos? We have heard many answers before, such as architecture, code analysis, hardening, risk analysis, etc. But we have not really talked about the intersection of the user, application, data, and system. Perhaps…
• • 0 Comments
On the 5/30 Virtualization Security Podcast, Shaun Donaldson, Director of Alliances at Bitdefender Enterprise, joined us to discuss end user computing (EUC) security and how their new Gravity Zone product ties their enterprise products together under one scalable management umbrella. This was a very interesting conversation on the subject of EUC security, Bring Your Own Device (BYOD) security, and the all aspects of the the EUC stack. There are quite a few moving pieces in the EUC stack that is greater than your mobile device and the system it is accessing. There is a complete networking and political stack between the two and perhaps many systems you have to jump through to access your data.
• • 0 Comments
There was recently a rather heated twitter discussion between @Guisebule, @VirtualTal, and @Texiwill (myself) about using virtual desktops as a part of cyber defense. While this could be true, there is a need to ensure you know where your virtual desktop(s) start and end, not only within the network, but your applications in use. In addition, it is very important to fully understand the scope of a virtual desktop architecture as well as use.
• • 1 Comment
Data Protection and patch management of virtual desktops, while not a sexy topic, is one that should happen on a regular basis within any organization implementing or working to implement virtual desktops. Recently, we have been testing virtual desktop software and there is a huge difference between patching and protecting data in a small number of instances and 1000s of instances. There are scale considerations as well as ease of use for file level and system recovery as well as issues with patching virtual desktops (not to mention other security issues).