So, you’ve run through the application analysis and vendor engagement phases. Ideally, these two phases will have provided you with (a) pertinent information about your environment, and (b) the solution or solutions that may work best to deliver the applications in your environment. The next logical stage of the project is to move toward a PoC (proof of concept) and pilot phase.
At a recent Windows User Group meeting, I was astounded to hear the speaker talk about the Internet of Things in conjunction with Windows 10. When I asked him if that meant my fridge would reboot every Patch Tuesday, he laughed it off. But I wasn’t joking. Far from it. Is Microsoft still going down the route of “one OS to rule them all”? More importantly, if it is, then is there any sense in adopting this approach?
Today I was speaking with Mat Clothier, CTO of the application virtualization new-kid-on-the-block Cloudhouse. Cloudhouse, a UK-based enterprise, aims to shake up the application virtualization arena to the core, and at first glance, its solution seems very compelling.
In Anatomy of a Desktop Virtualization Project #1, we discussed getting to know your application estate and identifying the required delivery methods for those apps. In part #2, it’s time to engage with vendors and determine what form of solution you should deploy.
Java is currently the leading exploit vector for Windows machines, and Java vulnerabilities are packaged into many of the “exploit kits” available in the darker corners of the Internet (see http://krebsonsecurity.com/2010/10/java-a-gift-to-exploit-pack-makers/). Internet Explorer, Flash Player, and even the Windows operating system itself have done a good job of either improving the security of their products or improving their patching processes. Java, however, still lags noticeably behind in both user/media awareness and quality of code. According to some statistics, Java vulnerabilities account for up to 70% of successful exploits, making it a veritable nightmare from a security perspective.