Welcome!

Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Jon Shende

[Adopted from my BLOG December 2009] Lately in the IT community all the hype is on Cloud Computing. We have small start-ups offering several variations of Cloud services as well as some of the established big players (Google, Amazon, IBM, Novell (aimed at cloud service providers),Sun) stepping up their offerings of cloud services. But what exactly is Cloud Computing? Is it Virtualization? Is it services that we accessed via a web browser over the years, something totally new, or is it all of these,but  just rebranded? The term Cloud Computing started gaining traction when Google and IBM launched a university initiative to address internet scale computing back in 2007. These services has been evolving since the 90s and its previous incarnations can be said to be Grid and Utility computing and the Software as a Service offerings we saw around a decade ago. Cloud Compu... (more)

Standards Acceleration to Jump-Start Adoption of Cloud Computing (SAJAAC)

One major concern with the adoption of cloud computing is the lack of a defined standard or standards that are specific to operations impacting security, interoperability & mobility within the Cloud ecosystem. As most managers of security departments will attest to, there is a fine line between security and operations. While we as business managers want to ensure that we maximize the ROI on our operational investments and ensure that availability is paramount for our users, we do not want to do so at the expense of our security measures, policies and protocols. On the other hand we... (more)

Malware and Cloud Jacking

Malicious software or malware is a security nightmare. One can agree with the statement that malware in the internet is a growing epidemic and is costing industry billions of dollars each year. According to Microsoft Malware "is short for malicious software and is typically used as a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network, whether it's a virus, spyware, et al." Although the growth of malware may be flattening, its design sophistication is not. Per Kaspersky labs approximately 300,000 new malware programs ... (more)

Live Forensics and the Cloud - Part 1

Within the realms of digital forensics analysts traditionally performed analysis on static data, either from a core dump, bit to bit imaging etc. Recently we have seen an increased focus directed at the live forensics environment. As users rely more on mobile and other remote devices to access data on demand; data possibly held in some manner of cloud environment, investigators will have to adapt their mode of investigations to suit. I recall reading a marketing pitch a while aback where some vendor claimed that an advantage of Cloud Computing is, an ability to conduct live forens... (more)

GRC and the Cloud - Governance, Risk Management & Compliance

As we become more technology dependent, more so in today's "cloud"-driven environment, IT security needs to evolve from the traditional sense of digital security. We should see the advent and acceptance of a more holistic, flexible and adaptive model of security that focuses more on managing information security, people and processes in a natural evolution from the traditional model of implementation, monitoring and updating. According to Teubner and Feller [1] "Governance is understood as securing a responsible corporate management, having its roots in value-based management."... (more)