Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Jon Shende

Within the realms of digital forensics analysts traditionally performed analysis on static data, either from a core dump, bit to bit imaging etc. Recently we have seen an increased focus directed at the live forensics environment. As users rely more on mobile and other remote devices to access data on demand; data possibly held in some manner of cloud environment, investigators will have to adapt their mode of investigations to suit. I recall reading a marketing pitch a while aback where some vendor claimed that an advantage of Cloud Computing is, an ability to conduct live forensics without disrupting mission critical systems. How effective this claim may be, is subject to examination. According to Brian Carrier - "The only difference between a live and a dead analysis is the reliability of the results; a live analysis techniques use software that existed on the sys... (more)

Virtualization and the Cloud Computing Ecosystem

Last week at the 7th International Cloud Expo in Santa Clara, I sat on a panel discussing virtualization and the cloud. As a follow on to my contribution, it is my intention to expand on the position of virtualization and the cloud ecosystem. It is generally accepted that the concept of cloud computing or, at least the amalgamation of services that infer the cloud ecosystem, lends to the premise of improvements in managing deployed services. This due to an assumed increase in efficiencies resulting from the sharing of hardware resources at one end of the spectrum. According to ... (more)

Standards Acceleration to Jump-Start Adoption of Cloud Computing (SAJAAC)

One major concern with the adoption of cloud computing is the lack of a defined standard or standards that are specific to operations impacting security, interoperability & mobility within the Cloud ecosystem. As most managers of security departments will attest to, there is a fine line between security and operations. While we as business managers want to ensure that we maximize the ROI on our operational investments and ensure that availability is paramount for our users, we do not want to do so at the expense of our security measures, policies and protocols. On the other hand we... (more)

The Impact of Airport X-Ray Technologies - Part 1

Over the last three weeks due to the nature of my IT security job, I have traveled through major airports at least eight times. With all the commotion recently regarding the airports new back-scatter X-ray machines (privacy, health, etc.) I wanted a firsthand look/feel at this experience. While I am sensitive to and an advocate for issues of privacy regarding persons with medical conditions and children, at 15 pounds overweight I don't think any airport security personnel will take pleasure in looking at a scanned image of me. Far from it, I hope I don't give them any nightmares... (more)

So You Want to Build a Private Cloud?

As the cacophony of cloud evangelism expands into several areas of industry, one much talked about aspect is that of the private cloud. But what really is a private cloud, and once within an organization's security perimeter is such a system a pure cloud computing ecosystem? (Of course within the security perimeter - IT Security teams again have the advantage of control in lieu of that in a public cloud.) Bear in mind though once you start thinking of access from outside your "private cloud" the whole security dynamic will change. At this point your cloud security perimeter beco... (more)