Recently I discussed Virtualizing Business Critical Applications and security, which includes availability, confidentiality, and integrity. However, that discussion was more about visibility into the environment for security operations. I purposely left off the discussion of gaining integrity and confidentiality of the data housed within those business critical applications. Security encompasses a great number of technologies, and those that provide integrity and confidentiality often differ from those that provide visibility into an environment which differ from those that provide availability. Continue reading Virtualizing Business Critical Applications – Integrity & Confidentiality
We opened this years virtualization security podcast with Phil Cox, the “Security Guy” at Rightscale, who is working through a tangled problem to meet compliance and auditing goals within the cloud. Rightscale is a 100% cloud based company delivering a solution that is also SaaS based. As such they often run directly into SaaS related issues. Rightscale has been running into a problem with the simplest of auditing requirements: how to know when someone has logged in. This problem spans nearly all their 100s of SaaS providers used to run their business. Continue reading SaaS Auditing: Knowing who did what
Virtualizing Business Critical Applications is often stopped either by the sudden involvement of security and compliance, a need to better understand, or a need to gain visibility into the underlying security of the virtual environment in order to build new security and compliance models. As we have commented on the Virtualization Security podcast many times, security and compliance teams need to be involved from the beginning. However, this is not a discussion about involvement but about the tools that will help security and compliance to gain the necessary visibility into the security of their virtual environments and therefore allow for the virtualizing of business critical applications. Continue reading Virtualizing Business Critical Applications – Security and Compliance
Is it time to plan for the virtual future in our virtual designs? Happy New Year and welcome to 2013!! What a year 2012 turned out to be for virtualization and cloud computing in general. Microsoft Hyper-V, Red Hat, and VMware have all made quite a few enhancements to the hypervisor, and we have finally reached a point where we really have some good competition between hypervisors. Also, the competition boundaries are being expanded to include much more than just the hypervisor itself as we start to focus on the ecosystem as a whole. Toward the end of 2012 the industry had really begun presenting multi-hypervisor management capabilities and solutions. I see this area as something to really watch in 2013, and I propose this question. Continue reading Virtual Future in our Virtual Designs
After a recent snowstorm, and due to pending work on our generator, I had to dig out paths to the generator, the propane tank, etc. We normally dig out a few paths for moving wood around our yard, access to oil, the driveway, etc. But when we finished, we dug a moat around our entire house. This got me thinking about cloud security. The ongoing desire to put moats between us and the attackers. But what is us, in the cloud? Can we prevent the attacks? What are the current moat style technologies in play today? Continue reading Cloud Security: On Moats
Nivio have announced a DaaS solution aimed at SME space. Offering access to Microsoft Windows on any device, rentable applications, and data storage in the cloud, it sounds as if Nivio’s service could be just the ticket for the tablet wielding, dead-PC shunning organisations with a workforce who have their own devices, and need to team collaboration with access to Windows based applications.
The thing is, this road has been trodden before: it is a rocky one. OnLive attempted to offer a solution and failed. Even Desktone had a strategy that attempted to directly appeal to this segment but found the return on effort too miserly.
Yet, Nivio have created a service offering delivering Windows applications to Windows, Mac, iOS and Android devices. A web service providing common file storage to store user and group files for that can be syncronised to devices to work offline for editing directly, or automatically made available within the public cloud hosted Windows desktop service. A desktop service that has an on-demand, rentable application interface. User management is in your own hands. While Nivio are targeting their market at the 20-50 user sized organisation space which suggests small business, Nivio are getting a number of calls from project teams in larger organisations.
What are Nivio doing that is different? Will this model be successful? What, if anything, can be learned by other DaaS providers, and what in turn could be learned by Nivio?