Question of the day: Will technology end up being our ultimate downfall? In the not-so-distant past, I wrote a series of blog posts on the expectation of privacy with user device tracking. If you are interested, you can check them out here. Lately, there have been a few things in the news that make it worth writing another post in that series.
What is the first step of application security? What is this step regardless of whether the process involved is DevOps or traditional silos? We have heard many answers before, such as architecture, code analysis, hardening, risk analysis, etc. But we have not really talked about the intersection of the user, application, data, and system. Perhaps this is part of architecture, but I see this as a need for all applications. Security must be able to protect the data and, simultaneously, the user. Security is about the traditional availability, confidentiality, and integrity as well as privacy these days. Continue reading Application Security: What Is the First Step?
It is the day after Thanksgiving in the United States, and as technologists, we have quite a bit for which to be thankful, as we live in interesting times. We live between the computing that was (mainframes, PCs, etc.) and the computing of tomorrow (fully functioning cloud). We live within a hybrid world. We are no longer chained to our desks with their big and clunky terminals or computers, but instead we can roam freely around the world (and even into the atmosphere), accessing anything we want, including pictures, files, data, documents, and more (even those pesky cats that inhabit the Internet). With such access comes great power, and with great power comes responsibility. Continue reading The Cloud: Looking Forward
On the May 30th Virtualization Security Podcast, Shaun Donaldson, Director of Alliances at Bitdefender Enterprise, joined us to discuss end user computing (EUC) security and how their new Gravity Zone product ties their enterprise products together under one scalable management umbrella. We had a very interesting conversation on the subject of EUC security, Bring Your Own Device (BYOD) security, and all aspects of the the EUC stack. There are quite a few moving pieces in the EUC stack. It is greater than your mobile device and the system it is accessing; there is a complete networking and political stack between the two, and perhaps many systems you have to jump through to access your data. Continue reading EUC Security: Much More Than VDI