There seems to be a myriad of definitions of who is a tenant when it comes to secure multi-tenancy. This debate has occurred not only within The Virtualization Practice as well as at recent Interop and Symantec Vision conferences I attended. So who really is the tenant within a multi-tenant environment? It appears multiple definitions exist and if we cannot define Tenant, then how do you build secure applications that claim to be multi-tenant?
Cloud Computing ...
• • 2 Comments
Much of the recent buzz around AppSense from AppSense Labs,the research division at AppSense that is responsible for StrataApps, DataLocker and DataNow, its hot new tools to support user installed applications and provide increased security in consumer cloud services. Nevertheless, AppSense has not forgotten its roots and has recently released a major update to its core user persona management platform UV Suite.
There are many SaaS and Security SaaS cloud services out there, but they all lack one thing: full visibility. Why do these cloud offerings limit the ability to perform compliance auditing, forensics, and basic auditing against an organizations data retention, protection, and other necessary policies? Why not just grant the “right to audit”, or better yet, build a way for each tenant to perform their own audit down to the hardware? Why limit this by leaving it out of contracts as well as the technology? It is all feasible.
Business Agility ...
• • 0 Comments
Desktone have architected a platform to allow resellers and service providers to deliver and support heterogeneous end user-environments. With a Desktone v5.0 platform, it is possible to deliver a hybrid desktop environment, manage multiple datacentres and utilise a set of APIs. For service providers and resellers alike, Desktone is offering a platform that can be managed and maintained with Linux based appliances and a single view of services that will be compelling.
Cloud Computing ...
• • 1 Comment
Many of the virtualization security people I have talked to are waiting patiently for the next drop of leaked VMware hypervisor code. But the real question in many a mind is whether or not this changes the the threat landscape and raises the risk unacceptably. So let’s look at the current hypervisor threat landscape within the virtual environment to determine if this is the case, and where such source code will impact. Are there any steps one can take now before the code drop is complete to better secure your environment?