In my previous post I highlighted a number of patterns that lead to failures of agile initiatives. The post generated a lot of conversation and a few comments, so instead of responding to everyone individually I will address all of the questions and comments in this post. Let’s look at each fail pattern and discuss strategies to prevent agile from failing. Continue reading How to Prevent Agile Initiatives from Failing
At the recent Misti Big Data Security conference many forms of securing big data were discussed from encrypting the entire big data pool to just encrypting the critical bits of data within the pool. On several of the talks there was general discussion on securing Hadoop as well as access to the pool of data. These security measures include RBAC, encryption of data in motion between hadoop nodes as well as tokenization or encryption on ingest of data. What was missing was greater control of who can access specific data once that data was in the pool. How could role based access controls by datum be put into effect? Is such protection too expensive given the time critical nature of analytics or are there other ways to implement datum security? Continue reading Big Data Security
Legacy solutions from IBM, BMC, HP and CA are not going to be the foundations upon which the management stacks for virtualized data centers, the SDDC, private clouds, hybrid clouds and public clouds will be built. Rather a new ecosystem of management vendors is going to emerge with a new set of leaders providing the core platforms around which the SDDC and clouds are managed. Continue reading The New Management Platforms for the SDDC Management Stack and the Cloud
When it comes to the secure hybrid cloud, Identity has many different definitions from a device a user is using to the combination device, location, password, and other multi-factor authentication means. Even with all the technology there is still the question of where the identity store lives (the bits that contain the identity for all users, devices, etc.) as well as how do you prove identity once the user goes somewhere within the cloud which is outside your control?
In our series of posts about the reference architecture for the software defined data center and the cloud, we make the case that the requirements for managing a SDDC and the cloud are so different from the requirements for managing dedicated physical hardware that these requirements will be met by new vendors instead of legacy management vendors. Continue reading Shopping for Solutions to Manage the SDDC and the Cloud
A big part of the secure hybrid cloud is the need for multi-tenant analytics to determine when security events and compliance issues happen. However, analytics cover many different aspects of security within the hybrid cloud, from being a control point for compliance to handling vulnerability scanning. What are the requirements for multi-tenant analytics? Continue reading Analytics within the Secure Hybrid Cloud