Soon the backup power will be available for our new datacenter and the redesign to make use of VMware vCloud Suite is nearing completion. Soon, our full private cloud will be ready for our existing workloads. These workloads however now run within a XenServer based public cloud. So the question is, do we stay in a poorly performing public cloud (mentioned in our Public Cloud Reality series) or move back to our own private cloud? As the Clash put it “Should I Stay or Should I Go Now.” Continue reading Public Cloud Reality: Do we Stay or Do We Go?
The 3/7 Virtualization Security Podcast featured Andi Mann, VP of Strategic Solutions at CA Technologies, and RSA Conference. The conversation was lively and I invited Andi Mann due to a previous day tweet chat about cloud security. Lately, I have had several serendipitous conversations on cloud security from TweetChat, to in face discussions with @Qthrul, and meeting @MrsYisWhy in person. Each conversation has been about Cloud or Virtualization security in some form. Let me delve into them a bit more. Continue reading Cloud Conversations: Tweetchat and Serendipity
I was going to write about how building a cloud is similar to moving, but the more I think about it, the more I think people are confusing an automated virtual environment with a cloud: IT as a Service is not just about cloud. Having automation does not imply your virtual environment is a cloud or visa versa. Granted, using IT as a Service is important for a cloud if you look at the NIST definition of a cloud, but it is not necessary for a cloud. Perhaps IT as a Service is just a stepping stone towards a cloud, perhaps it should start as a data center play? As company’s and vendors cloud wash all aspects of IT, as IT decision makers we need to step back and look at our data center and decide how we want to get to the cloud (if we want to get there at all). Continue reading IT as a Service: Not Just for a Cloud
I have written about the Public Cloud Reality and the need to bring your own security, monitoring, support. This was reinforced by Dave Asprey of Trend Micro at the last Cloud Security Alliance Summit held at this years RSA Conference. The gist of Dave Asprey’s talk was that YOU are responsible for the security of your data, not the cloud service provider. Unfortunately, this sort of discussion often devolves into one of shared vs tenant responsibility, the type of data, etc. It will also devolve into a legal discussion just as quickly. Unfortunately, all this does is point fingers. The long and the short of this discussion is about two items often mixed as one. Continue reading Public Cloud Reality: Reinforced at CSA Summit
As I met with people at RSA Conference last week, the common question was: What was interesting and new? My view was from the world of virtualization and cloud security, which often differs from general or mobile security. This show was more about general and mobile security than it was about virtualization and cloud security due to the confluence of VMware Partner Exchange (PEX) and RSA Conference. There were quite a few things that were new from the show floor, RSA Innovation Sandbox, and other conversations. Continue reading RSA Conference: What was Interesting
There has been a dearth of intelligence reporting on cloud services and up until now we had to rely upon the Verizon Breach Report, Alert Logic’s State of the Cloud report, the Enisa and other reports, but even so there was nothing specifically about a given cloud service outside the lightly used Cloud Security Alliances STAR self-certification. Instead you must imply something about a given service. This has changed. Meeting this need is Sky High Networks. Continue reading News: Sky High Networks provides Cloud Service Security Ratings
Join my Circle on Google+
Plugin by Social Author Bio