Dec2017

I’m Not in Europe: What Has GDPR Got to Do with Me?

Companies that do not do business in Europe or in any jurisdiction that works with the EU don’t need to comply with the EU General Data Protection Regulation (GDPR). If your company, or any company you provide services for, works …
Read More “I’m Not in Europe: What Has GDPR Got to Do with Me?”

Sep2016

VMworld 2016: Tufin Orchestration Suite

The VMworld 2016 conference in Las Vegas, Nevada, gave a great deal of attention to both NSX and security this year. While walking around the Solution Exchange floor, I had the opportunity to stop and talk with Tufin about its Tufin Orchestration Suite, which orchestrates security polices across complex, hybrid cloud, and physical environments.

Jul2016

Serverless: Business Plan or an Approach to Technology?

In a recent Twitter conversation, I asked if serverless is anything new, and if so, where are the documents expressing what is new about it. I was asked in reply if I needed a document to understand the difference between Uber …
Read More “Serverless: Business Plan or an Approach to Technology?”

Jul2013

Analytics within the Secure Hybrid Cloud

A big part of the secure hybrid cloud is the need for multi-tenant analytics to determine when security events and compliance issues happen. However, analytics cover many different aspects of security within the hybrid cloud from being a control point for compliance to handling vulnerability scanning. What are the requirements for multi-tenant analytics?

Apr2013

Cloud Tenant PCI-DSS Dilemma

There is a dilemma for all tenants of a public or private cloud: Scope. For the tenant, they want everything to be in scope. For the Cloud Service Provider (CSP) they want to limit scope to the bare minimum. What does it mean for a Cloud to be ‘PCI Compliant’ and why is this a requirement for some tenants. The real issue, is what is in scope for PCI-DSS while your data is in the cloud and how can you as the tenant meet those requirements.