When you read many blogs and articles on cloud security, writers such as myself often mention jurisdictional issues as a big problem. Nor is the ability to Audit clouds the only problem. Yet both of these are huge issues for clouds today, but fundamentally, is the cloud flawed from a security point of view or are there plenty of security mechanisms available? Continue reading Cloud Security: Is it all Jurisdictional and Audit Issues?
One of the questions I get from time to time is, can I store my data in the cloud? At the NEVMUG, this came up once more. There is currently a lot of uncertainty about cloud storage, specifically when it comes to critical and highly regulated data. Where should I store my data, dovetails nicely with discussions of going to the cloud as well as data protection is a key component of such a migration. Continue reading Data Protection In the Cloud
I was discussing yesterday how to use virtualization and cloud performance management tools as an early warning system for security issues. I have touched on use of New Relic, VMware vFabric APM, Quest vFoglight, and other tools that can make up such a early warning system before, but without the proper process in place, the tools will not be good enough. Continue reading Virtualization & Cloud Security: More Process Than Tools?
At the end of last year and the beginning of this year the Virtualization Security Podcast featured two very different guest panelists to discuss cloud security, policy, and compliance: Phil Cox, Director of Security and Compliance at RightScale, joined us for the last podcast in 2011 and the George Gerchow of VMware’s Policy and Compliance Group, joined us for the first podcast of 2012. We asked is the public cloud ready for mission critical applications. The answer was surprising. Have a listen and let us know your thoughts. Continue reading Cloud: More Secure Than You Think?
Data Protection techniques should be implemented and tested long before they are needed. This is a necessary component of any IT organization. However, the most recent VMware communities podcast brought to light several implementation aspects of Data Protection, specifically about Disaster Recovery: organizations still do not test their DR plans and organizations are waiting for a hardware refresh to implement a DR plan.
The first issue is about services that are too important to fail, and the other is about planning. However, what they both boil down to is dollars and the Fear that either loss of money, or that data protection is too expensive to implement properly without the latest hardware. In both cases, it is a political debate. Continue reading Data Protection: Implement before you Need It
Christmas is over and New Years is on its way. A time to make resolutions and see the year complete. A time to review what is old and plan for the future. This is a perfect time to review your defense in depth and look to see if there are security additions needed in 2012. So what cloud and virtualization security New Years resolutions should I make for 2012? Continue reading Cloud and Virtualization Security Resolutions for 2012
Join my Circle on Google+
Plugin by Social Author Bio