Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

Data Protection: Implement before you Need It

Data Protection techniques should be implemented and tested long before they are needed. This is a necessary component of any IT organization. However, the most recent VMware communities podcast brought to light several implementation aspects of Data Protection, specifically about Disaster Recovery: organizations still do not test their DR plans and organizations are waiting for a hardware refresh to implement a DR plan.

The first issue is about services that are too important to fail, and the other is about planning. However, what they both boil down to is dollars and the Fear that either loss of money, or that data protection is too expensive to implement properly without the latest hardware. In both cases, it is a political debate. Continue reading Data Protection: Implement before you Need It

Cloud and Virtualization Security Resolutions for 2012

Christmas is over and New Years is on its way. A time to make resolutions and see the year complete.  A time to review what is old and plan for the future. This is a perfect time to review your defense in depth and look to see if there are security additions needed in 2012. So what cloud and virtualization security New Years resolutions should I make for 2012? Continue reading Cloud and Virtualization Security Resolutions for 2012

2012: The Beginning of the End for Virtualization Management?

In the APM Digest, Andi Mann VP of Strategic Solutions for CA, predicted that “in 3-5 years Virtual System Management vendors will no longer survive, as virtualization becomes a core part of the enterprise compute fabric. Three years later this trend has definitely started, and will accelerate in 2012 as IT turns instead to hybrid IT management, recognizing that silos of standalone virtualization management is a costly and inefficient burden. Maybe 2012 is not the end of Virtualization Management, but it is going to be the start of the demise“. Continue reading 2012: The Beginning of the End for Virtualization Management?

“U There” End User Computing Security

There needs to be better Data Loss Prevention applied to Social Media than there exists today. How such security will be applied to the plethora of devices is a hefty concern. The abuse of social media growing trend. I see on twitter from those I know many things that should not appear: from the discussion of internal only intellectual property to locations sent to Four Square. Add into this, the myriad forms of ‘U There’ requests. It is so easy to tell people anything on twitter, that it also becomes a problem with telling people too much even in 146 characters. Yet, I also see the same when using text messages, chat, and other technologies. So what is the solution? Continue reading “U There” End User Computing Security

Year in Review – Virtualization Security

2011 saw a shift in how virtualization security was viewed and it showed in the way companies teamed up to address those needs. Even so, the most basic of issues still exist: The thought that once you virtualize you are more secure, and the lack of general protection for the management constructs of a virtual or hybrid cloud environments. These two concepts have hindered adoption of virtualization security in 2011. Even so, there has been a steady shift through out the year as more and more companies talk about virtualization security. VMware has definitely lead the pack with its vShield Product line and its unified view of virtualization security. Other hypervisor vendors are also discussing virtualization security through their ecosystem, if not directly.  2011 saw many companies forging their own partnerships to augment and compete in this space. Will the hindrance continue? Will these partnerships continue into 2012? Or will we see more consolidation of the virtualization security market? Continue reading Year in Review – Virtualization Security