I recently had a number of consulting conversations about IT transformation and adding new Security as a Service products to companies’ existing clouds and tenancies. This is the beginning of IT transformation in many cases. A company has realized it needs to provide security to its tenants while using clouds more securely at the same time. This is a hybrid cloud. The company provides a cloud, yet uses tools from Box, Salesforce, Google, Microsoft, and the like. So, where do we start with IT transformation? With architecture that includes security. Continue reading IT Transformation: Architecture Includes Security
I have written many times about hybrid cloud security, but there’s a fundamental security requirement that happens as you access the hybrid cloud. In our previous back to basics article we wrote about the need for situational awareness. We’re going to expand on that topic some more. The real success to hybrid cloud security is understanding how the users access the hybrid cloud: where they access it from, why they access it, and what is accessed or used. From a security standpoint, it starts with one organizational item: people.
We are curious about which cloud or clouds everyone uses, as the market is rather diverse, ranging from Amazon Web Services to clouds based on OpenStack, VMware vCloud, and community clouds that meet specific needs. Are you using multiple clouds, just one cloud, or no clouds? We’d like to hear your answers to these questions. We have our heads in the clouds, as we not only write about them here but also use clouds in our daily business. This will be the first in a series of polls in which we invite you to share your opinions by voting. We’ll share the results of these polls with you in return.
I have written many times about the need for application-centric data protection and data-centric security. But what these both require is that our data protection, security, management, and networking are data-aware. We use applications, but we thrive on data. The more data we have, the more chance we can make use of it, which has resulted in big data tools and big data extensions, even to hypervisors. We talk constantly about moving data closer to processing, with flash and other techniques at the storage layer. But we have not grown other aspects of our systems to be data-aware. It is time this changed. Continue reading Data-Aware Services: Oh, the Places We Could Go!
My response to Stephen Foskett’s tweet of a post about the Software-Defined Data Center (SDDC) Symposium led to an interesting conversation about the nature of the SDDC—what it is, what it is not, and why we should care. The software-defined data center is considered by some to be an instrument of vendor lock-in, vaporware, or in many ways just marketing hype. “SDDC” has many different definitions, but I do not believe it reflects any of those commonly used. Instead, I hold that it is a way of thinking, a way of looking at the new world of IT in which we live. This has sparked a quite an interesting Twitter conversation between many interested parties. Continue reading Is SDDC a Product or a Mindset?
User experience drives virtual desktop deployments and can either make or break them. If the user experience is awful, users will find other, often less secure methods for doing their jobs. VDI sits at an interesting crossroads where storage, memory, networking, CPUs, and GPUs must be properly tuned. Any adverse impact from any one of these resources could spell the doom of a virtual desktop user experience. The ProjectVRC team and others have taken a comprehensive look at potential adverse impacts, but they have only examined security from the viewpoint of those who implement antivirus and anti-malware solutions. While this is valuable, they do not cover the grander picture of security around virtual desktops. Even today, many years and versions after virtual desktops were first implemented, there are still fundamental functions missing in the realm of security. Continue reading State of the Art: Virtual Desktop Security