Welcome!

Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Jon Shende

Cloud Computing offers a sense of "vastness" in terms of storage and remote processing. According to Simpson Garfinkil, a major challenge to any digital forensics investigator investigating data within the cloud; can be an inability to locate or identify data or code that is lost when single data structures are split into elements. This in effect directly impacts forensic visibility. Within this ecosystem a major concern can be access to and the preservation of data within an on-going digital forensic investigation. Of consideration as mentioned in Part 1 - is that in a live and dynamic system such as the cloud, it is virtually impossible to go back to an original state of data after obtaining a "snapshot" for investigation. Also of importance will be jurisdictional and legal ramifications pertaining to the physical location of the cloud systems holding data under ... (more)

The Impact of the Cloud on Digital Forensics - Part 1

Digital Forensics is not an elephant, it is a process and not just one process, but a group of tasks and processes in investigation. Examiners now perform targeted examinations using forensic tools and databases of known files, selecting specific files and data types for review while ignoring files of irrelevant type and content. Despite the application of sophisticated tools, the forensic process still relies on the examiner's knowledge of the technical aspects of the specimen and understanding of the case and the law - Mark Pollitt. As has been established from articles by var... (more)

Software as a Service (SaaS), Security and Risk Management: Part 1

As cloud computing technologies and offerings mature and evolve in its services to customers, one common consumer use will be that of the Software as a Service (SaaS) model. My earlier articles have touched on the various models, risks, security and forensics at several levels. There is also a plethora of resources available now that end users can educate themselves with that are freely available online. This article will focus on aspects of security that impact the SaaS environment as developed, presented or augmented by me for several Cloud Computing projects. Before we proc... (more)

Choosing Your Cloud Vendor

Expanding on the " introduction to cloud computing" article, here are some additional suggestions for choosing  a cloud service model  provider. In a typical Cloud Computing data centre, an application set will generally be hosted over Virtual Machines running on a large number of Physical Machines. Total Cost of Ownership (TCO) is a definite factor when considering a move for some enterprise services into the cloud. There are certainly arguments both for and against the merits, especially when considering the impact of risk on an enterprise that choses to transfer risk with the a... (more)

To Cloud or Not to Cloud

I've been asked quite a few times, "when will it be a good time to get into cloud computing?" by potential clients. My answer is typically it depends... I know, I know.... not much direction there, but really it all depends. Why ? Well, some may state, "we all know of the much beaten security concerns, and we will ensure that systems on our end are secured and synced to work in tandem with the vendors' security." Can one ensure some degree of monitoring by the implementation of an Intrusion Detection System (IDS) residing within the system hosting the gateway into the cloud? The... (more)