Articles Tagged with integrity

VirtualizationSecurity

Virtualizing Business Critical Applications – Integrity & Confidentiality

VirtualizationSecurity

Recently I discussed Virtualizing Business Critical Applications and security, which includes availability, confidentiality, and integrity. However, that discussion was more about visibility into the environment for security operations. I purposely left off the discussion of gaining integrity and confidentiality of the data housed within those business critical applications.   Security encompasses a great number of technologies, and those that provide integrity and confidentiality often differ from those that provide visibility into an environment which differ from those that provide availability.

Read More

Multiple Hybrid Clouds Kludged Together? — Cloud Architecture

With the diversity of cloud’s available today, data being sent from one to another could appear to be a hodge-podge of security. As one colleague put it recently when I asked what he was expecting to maintain integrity of data in motion between clouds:

… what kind of kludge can things end up being when you have multiple connections to multiple hybrid clouds all doing different things” — Steve Beaver

So how does data transfer between the clouds? Is it a kludge? or can it be done using a uniform security policy, procedures, and protocols while maintaining Integrity and Confidentiality and auditability?

Read More

Latest SMT design requires Complete Visibility by Admin! Yikes!

I just finished reading, yet another Multi-Tenancy Design/Overview that claims to be secure or trusted. While I will agree that this particular design does cover Availability and some GRC  (Governance, Regulatory, and Compliance) it is severely lacking in Integrity and Confidentiality. The design even went as far as saying the cloud/virtual administrator requires “COMPLETE VISIBILITY.” I was really taken aback by those words. Why does an administrator need ‘COMPLETE VISIBILITY?’ Which leads me to the question is Integrity and Confidentiality possible within any cloud or virtual environment? Or is it purely based on TRUST?

If so this is an appalling state of virtual and cloud environment security.

Read More