Dec2013

Scope: It Is All about Scope

When to implement security and data protection practices, or even change existing ones, is all about timing, knowledge, and scope. Deciding what to implement at any particular time requires knowledge of what needs to be fixed, and also of what …
Read More “Scope: It Is All about Scope”

Oct2012

Gaining Visibility into The Cloud: Migration and Security

On many a Virtualization Security Podcast I tend to mention that we need greater visibility into the cloud to judge whether Cloud Service Provider security measures are good enough. But why should we bother? I am not saying we should not be concerned about a cloud’s security but that we should as tenants be concerned with clouds meeting our security, compliance, and data protection policies and requirements. Will a cloud service provider ever be able to meet a specific organizations requirements as well as the cloud service providers policies and compliance?