All posts by Edward Haletky

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.[All Papers/Publications...]

“U There” End User Computing Security

There needs to be better Data Loss Prevention applied to Social Media than there exists today. How such security will be applied to the plethora of devices is a hefty concern. The abuse of social media growing trend. I see on twitter from those I know many things that should not appear: from the discussion of internal only intellectual property to locations sent to Four Square. Add into this, the myriad forms of ‘U There’ requests. It is so easy to tell people anything on twitter, that it also becomes a problem with telling people too much even in 146 characters. Yet, I also see the same when using text messages, chat, and other technologies. So what is the solution? Continue reading “U There” End User Computing Security

2011 Year in Review – Data Protection

2011 saw an increase in virtualized and cloud data protection solution partnerships and advancements. One of the biggest advancements is the growing support for Microsoft Hyper-V from long-time VMware specific backup solutions. Included in the new partnerships are team ups between performance management and data protection solutions, as well as an increase in the methods for replication and other forms of data protection. 2011 was a very big year in the Data Protection arena of cloud and virtualization. This is the 2011 Year in Review for data protection. Continue reading 2011 Year in Review – Data Protection

Year in Review – Virtualization Security

2011 saw a shift in how virtualization security was viewed and it showed in the way companies teamed up to address those needs. Even so, the most basic of issues still exist: The thought that once you virtualize you are more secure, and the lack of general protection for the management constructs of a virtual or hybrid cloud environments. These two concepts have hindered adoption of virtualization security in 2011. Even so, there has been a steady shift through out the year as more and more companies talk about virtualization security. VMware has definitely lead the pack with its vShield Product line and its unified view of virtualization security. Other hypervisor vendors are also discussing virtualization security through their ecosystem, if not directly.  2011 saw many companies forging their own partnerships to augment and compete in this space. Will the hindrance continue? Will these partnerships continue into 2012? Or will we see more consolidation of the virtualization security market? Continue reading Year in Review – Virtualization Security

A VDI desktop is no More Secure than a Standard Desktop

Our very own Texiwill hosts a weekly Virtualization Security Round Table podcast. This round table provides an open forum to discuss all things related to Virtualization, Virtual Environment and cloud computing security.  We’ve questioned before the benefits of a virtual desktop infrastructure with respect to security. Is VDI secure? Is VDI inherently more secure than “traditional desktops”? The article Virtual Desktop Security? Are They Secure? considered the VDI vendor claims that there are several big virtual desktop security wins such as

  • Centralized Management
  • Centralized Patching
  • Improved Availability
  • and importantly, data never leaves the data center

The article and the associated Bright talk presentation generated a good deal of interweb discussion, which in turn led to #73 in the Virtualization Security Round Table VDI desktops – are they really secure? The regular podcast team were joined by Simon Crosby (CTO @ Bromium), Tal Klein (Director Technical Marketing @ Citrix ) and Andrew Wood (Analyst @ TVP).

The discussion meandered in a lively fashion to answer the question – can VDI make your environment more secure than standard desktops?

Continue reading A VDI desktop is no More Secure than a Standard Desktop

On Going Conversation: PCI Compliance, Are virtual environments always Mixed-Mode?

On 10/6 was held the Virtualization Security Podcast featuring Davi Ottenheimer in his role as a QSA. Davi holds down many roles working with companies such as VMware, yet he maintains his QSA credentials and applies his knowledge of PCI Compliance. In this podcast we ask the question, is a virtual environment always mixed-mode and what to do if your QSA does not have the knowledge required to do the job? Continue reading On Going Conversation: PCI Compliance, Are virtual environments always Mixed-Mode?

Data Protection is NOT just about Backup

Data Protection is not just about backup these days, but instead concentrates on two all important concepts for a business: disaster recovery and business continuity. While backup is a part of Disaster Recovery, restoration is all important. If it is not possible to restore your data in a timely fashion the backup has failed. So technologies that allow us to access our data immediately provides a level of business continuity. But how is this achieved? Continue reading Data Protection is NOT just about Backup

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio