Virtualizing Business Critical Applications is often stopped either by the sudden involvement of security and compliance, a need to better understand, or a need to gain visibility into the underlying security of the virtual environment in order to build new security and compliance models. As we have commented on the Virtualization Security podcast many times, security and compliance teams need to be involved from the beginning. However, this is not a discussion about involvement but about the tools that will help security and compliance to gain the necessary visibility into the security of their virtual environments and therefore allow for the virtualizing of business critical applications. Continue reading Virtualizing Business Critical Applications – Security and Compliance
After a recent snowstorm, and due to pending work on our generator, I had to dig out paths to the generator, the propane tank, etc. We normally dig out a few paths for moving wood around our yard, access to oil, the driveway, etc. But when we finished, we dug a moat around our entire house. This got me thinking about cloud security. The ongoing desire to put moats between us and the attackers. But what is us, in the cloud? Can we prevent the attacks? What are the current moat style technologies in play today? Continue reading Cloud Security: On Moats
Herewith we fearlessly predict some important events and trends for the virtualization and cloud computing industry. May we also wish everyone had a Happy Holiday Season and a prosperous 2013. Continue reading 2013 Virtualization and Cloud Computing Predictions
Recently I have been trying to lighten my conference going load. To do that, I have been thinking about ways to do without my laptop and all the accessories for it, which got me thinking about what it takes to completely use such a device; to fully embrace the next generation of end-user computing using gesture computing and smaller devices. Other than the technical hurdles, there are also training hurdles as full tablet computing, today, has some serious limitations with respect to security, functionality, and in some ways capability. So how does one embrace tablet computing as their next-gen end user computing?
The 12/13 Virtualization Security Podcast featured George Reese, CTO on enStratus, as our guest panelist. We discussed Cloud API security or more to the point the lack of real cloud API security. To paraphrase George: Some got it, others do not. So what makes up a good cloud API? how can we fix broken cloud APIs? Continue reading Cloud API: In-Security?
Bromium have released vSentry 1.1 which will brings Bromium’s benefits of micro-virtualization and hardware based security to a far wider range of enterprise desktops. This is the release you’ve been waiting for: and if you’ve not been waiting, this is definitely the release to consider.
We’ve spoken before about Bromium when they unveiled their micro-virtualization trustworthy security vision. Bromium’s message and focus was simple “standard workspace security is reactive, not proactive“. Whatever you have in terms of anti-virus or malware detection is only good once a new threat is found, understood, a patch created and deployed. This poses the very important question “what is the impact of the time delay between threat found and threat contained?”. Bromium’s goal was to dramatically reduce that “and”.
You may contest, “ah, but I can solve this workspace threat issue by making physical desktops, virtual desktops”. This is not the case. We evidenced this in Virtual desktops (VDI) are different, but not hugely better in terms of security, than physical desktops. You do not deliver better security by simply virtualizing the desktop.
So what does vSentry v1.1 bring? How is it better than v1? What can this mean for your organisation?