[Adopted from my BLOG December 2009]
Lately in the IT community all the hype is on Cloud Computing. We have small
start-ups offering several variations of Cloud services as well as some of
the established big players (Google, Amazon, IBM, Novell (aimed at cloud
service providers),Sun) stepping up their offerings of cloud services.
But what exactly is Cloud Computing? Is it Virtualization? Is it services
that we accessed via a web browser over the years, something totally new, or
is it all of these,but just rebranded?
The term Cloud Computing started gaining traction when Google and IBM
launched a university initiative to address internet scale computing back in
These services has been evolving since the 90s and its previous incarnations
can be said to be Grid and Utility computing and the Software as a Service
offerings we saw around a decade ago.
Cloud Compu... (more)
I've been asked quite a few times, "when will it be a good time to get into
cloud computing?" by potential clients. My answer is typically it depends...
I know, I know.... not much direction there, but really it all depends. Why ?
Well, some may state, "we all know of the much beaten security concerns, and
we will ensure that systems on our end are secured and synced to work in
tandem with the vendors' security."
Can one ensure some degree of monitoring by the implementation of an
Intrusion Detection System (IDS) residing within the system hosting the
gateway into the cloud?
One major concern with the adoption of cloud computing is the lack of a
defined standard or standards that are specific to operations impacting
security, interoperability & mobility within the Cloud ecosystem.
As most managers of security departments will attest to, there is a fine line
between security and operations. While we as business managers want to
ensure that we maximize the ROI on our operational investments and ensure
that availability is paramount for our users, we do not want to do so at
the expense of our security measures, policies and protocols.
On the other hand... (more)
Last Wednesday I had the distinct honor of being part of one of Jeremy
Geelan's Panel of Expert segments at the 7th International Cloud Expo in
Santa Clara. To be honest, when I got the email, despite the pleasure of
being considered to present my trade, I was not too excited about visiting
another series of booths and presentations that was more of the same.
It's been two years since my last visit to a technology trade show, I
know... I know...what was I thinking ?!
Imagine my loss from not participating in the deluge of suave marketing and
sales pitches that comes around severa... (more)
Digital Forensics is not an elephant, it is a process and not just one
process, but a group of tasks and processes in investigation. Examiners now
perform targeted examinations using forensic tools and databases of known
files, selecting specific files and data types for review while ignoring
files of irrelevant type and content. Despite the application of
sophisticated tools, the forensic process still relies on the examiner's
knowledge of the technical aspects of the specimen and understanding of the
case and the law - Mark Pollitt.
As has been established from articles by var... (more)