Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

Cloud Security: Different Approaches and Points of View

VirtualizationSecurityThere are two distinct points of view when discussing cloud security: the tenant’s point of view, and the cloud service provider’s point of view. Both of these points of view are legitimate, but often one is confused for the other, as we discuss our points of view without really clarifying. However, within each of these points of view are two distinctly different approaches to cloud security.

Continue reading Cloud Security: Different Approaches and Points of View

Supply Chain Security

VirtualizationSecurityThe recent spate of news out of Home Depot and, further back, Target point to the need for better supply chain security. But really, how can we address the issue? There are several answers, but none of them seem feasible in today’s IT environments. Why? They all require open communication, constructive criticism, and willingness to work toward a solution. However, what we find is that many IT organizations feel that anyone outside their immediate organization is suspect, security is the enemy, audit is also their enemy, and developers know all.  Continue reading Supply Chain Security

EUC Use Cases: What Do We Need?

VirtualizationSecurityIn my last article, EUC Use Cases: Secure Hybrid Cloud, we looked at how the user could be getting to our data. By doing this, we can place security at the union of data and the user, wherever the data resides and however the user gets there. Yet, we cannot forget where the data is presented. In order to present data, data is copied from its repository to some other device. Now, in the case of virtual desktops, that data is copied as graphical constructs derived from the data; for file servers, the data presented is a raw form of the data. So, to secure everything from end to end, what do we really need? Continue reading EUC Use Cases: What Do We Need?

EUC Use Cases: Secure Hybrid Cloud

VirtualizationSecurityWhenever I talk to security vendors and others about where security is going, or more to the point, should go, I draw out a use case I have developed over the years. It has grown and changed as the concept of the secure hybrid cloud has developed and expanded. The example I use demonstrates the need for policy not only to cover the data and systems, but also to follow the user as they access the data. The entry point to any secure hybrid cloud is the user. Where that user goes tells us how they touch and access data. We may want a security context around the data, but how that context should react depends on how, from where, with what, when, and hopefully why the data is accessed. Continue reading EUC Use Cases: Secure Hybrid Cloud

One OpenStack to Rule Them All: Bare Metal to Clouds


At VMworld 2014, VMware announced its easy-to-install OpenStack distribution, VMware Integrated OpenStack. This got me thinking, as normally OpenStack refers not just to the OpenStack distribution but to a specific underlying hypervisor as well, usually KVM. However, we know that OpenStack works equally well on KVM, vSphere, Hyper-V, and Xen, as it is more of a cloud management layer than a hypervisor. We should probably never lose sight of that little aspect of OpenStack: it is not a hypervisor. As an open-source management stack, it is possible for it to manage cross-hypervisor with a few modifications to its components.

Continue reading One OpenStack to Rule Them All: Bare Metal to Clouds

Why Virtualized Email Is Safer than ActiveSync Email on Your Personal Devices

ApplicationVirtualizationIf you’re reading this article, there’s a good chance that you own a smartphone and maybe a tablet or two and that you use ActiveSync to retrieve your corporate email through your personal devices. But did you know that both you and your Exchange administrator have the ability to remote wipe not only your email but your entire device? Continue reading Why Virtualized Email Is Safer than ActiveSync Email on Your Personal Devices