Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

Moving to the Cloud as a Service or as a Machine

CloudComputingOne of the decisions faced by anyone that wishes to have a cloud presence is what will be moved to the cloud, why, and whether or not there is a service that can be used instead of using virtual machines.  Give The Virtualization Practice’s case, we plan on moving our customer facing VMs to the cloud, but what are those machines? The most important are a Web Server with a split LAMP stack, a Mail Server, and DNS. Continue reading Moving to the Cloud as a Service or as a Machine

Cloud Security Alliance: STAR and other Initiatives

csa_logo_190_60The 5/17 Virtualization Security Podcast was an open forum on the Cloud Security Alliance initiatives, specifically the Security, Trust, & Assurance Registry (STAR). Which is “a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.” The CSA has grown from a grass roots organization to a major player and producer or guidance for security and compliance for clouds. Continue reading Cloud Security Alliance: STAR and other Initiatives

Teenager’s View of Cloud Security: Expectations of Privacy

VirtualizationSecurityThe 5/3 Virtualization Security Podcast had a very special guest, a teenager. This surprise guest told us about how she and her friends use their smartphones and cloud services such as FaceBook, Twitter, SMS, etc. For the panelist, it gave us a new look at our existing problems; expanding our viewpoint for end-user computing security, cloud security, and expectations of privacy. Continue reading Teenager’s View of Cloud Security: Expectations of Privacy

End User Computing: Protecting Data From the Device

siriSome of us have multiple cloud endpoints in the form of mobile end user computing devices all trying to access our personal and corporate data to do our daily jobs. These incredibly useful enduser computing devices (smartphones, tablets, etc.) are now a part of our organizations life. So how do we protect our data from them. IBM recently took a draconian measure of banning Siri from their employees iPhones. Yet, how can they enforce such a measure? Continue reading End User Computing: Protecting Data From the Device

Filling the Gaps: Focus on Application Security

VirtualizationSecuritySymantec and others are providing more products that fill the gaps in current End-to-End Hybrid Cloud and Application Security. These solutions range to improved log analysis through multi-layer security for critical systems. If these solutions are rolled out would we finally have secure environments? But first what are the products that have come to light? Should we be focusing on the App more? Continue reading Filling the Gaps: Focus on Application Security

Multi-Tenancy: Who is the Tenant?

VirtualizationSecurityThere seems to be a myriad of definitions of who is a tenant when it comes to secure multi-tenancy. This debate has occurred not only within The Virtualization Practice as well as at recent Interop and Symantec Vision conferences I attended. So who really is the tenant within a multi-tenant environment? It appears multiple definitions exist and if we cannot define Tenant, then how do you build secure applications that claim to be multi-tenant? Continue reading Multi-Tenancy: Who is the Tenant?