Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Jon Shende

Over the last few weeks I've been hearing a lot of discussion around HIPAA. When we speak about HIPAA, invariably the two components of data security and data privacy arises. In the traditional data centers, database managers and data owners know where their data resides and implement the necessary processes to preserve privacy and audit access. However, when we move to the cloud, the cloud being all about data, we are looking at servers, network, and storage that are abstracted. This raises concern that data owners may not necessarily know where their data sets physically reside and we are looking at Cloud Service Provider (CSP) employees who will be handling confidential patient data or Personally Identifiable Information (PII). Of importance here is that when it comes to leveraging the cloud ecosystem for healthcare segments, the foremost concerns are around HI... (more)

Service-Oriented Architecture and the Cloud

What is SOA?  One can say that the synthesis of Enterprise Application Integration (EAI) platforms with middleware tools and concepts evolved into what we know today as Service Oriented Architecture. SOA then represents a standards based architectural blueprint with an emphasis on business centric services and transactions rather than that of technology oriented objectives: In other words an architectural style which businesses can use to execute and align services with their business model to achieve their business strategy, goals and objectives. For instance, an end-user reques... (more)

Identity and Access Management - An Introduction

With the advent of Web 2.0 and onward, the rise of the terminology and concept we call Cloud Computing, coupled with an increase in the manner technologies are being used, not only by corporations but by individuals as well, comes an increased drive to ensure that risk is managed, effective security measures to protect identities are implemented, and efforts are expended to ensure privacy is maintained. A few years ago, in their quest to implement and maximize on the benefits of Service-Oriented Architecture (SOA), researchers at Microsoft separated SOA into four areas (1) viz. ... (more)

Digital Forensic Challenges within Cloud Computing

Proponents of the cloud ecosystem touts its "vastness, flexibility and scalability as advantages for the implementation of cloud services. However, from a digital point of view this can be a veritable forensic challenge as we view the cloud in terms of its scope and diversity. According to Dr. Stephen Wolthusen[1] "Digital forensics (also referred to at times as computer forensics) encompasses approaches and techniques for gathering and analyzing traces of human and computer-generated activity in such a way that it is suitable in a court of law." A key challenge to a digital inve... (more)

GRC and the Cloud - Governance, Risk Management & Compliance

As we become more technology dependent, more so in today's "cloud"-driven environment, IT security needs to evolve from the traditional sense of digital security. We should see the advent and acceptance of a more holistic, flexible and adaptive model of security that focuses more on managing information security, people and processes in a natural evolution from the traditional model of implementation, monitoring and updating. According to Teubner and Feller [1] "Governance is understood as securing a responsible corporate management, having its roots in value-based management."... (more)