Sep2014

Data-Aware Services: Oh, the Places We Could Go!

I have written many times about the need for application-centric data protection and data-centric security. But what these both require is that our data protection, security, management, and networking are data-aware. We use applications, but we thrive on data. The …
Read More “Data-Aware Services: Oh, the Places We Could Go!”

Jan2014

Application Security: What Is the First Step?

What is the first step of application security? What is this step regardless of whether the process involved is DevOps or traditional silos? We have heard many answers before, such as architecture, code analysis, hardening, risk analysis, etc. But we …
Read More “Application Security: What Is the First Step?”

Dec2013

Scope: It Is All about Scope

When to implement security and data protection practices, or even change existing ones, is all about timing, knowledge, and scope. Deciding what to implement at any particular time requires knowledge of what needs to be fixed, and also of what …
Read More “Scope: It Is All about Scope”