Welcome!

Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Jon Shende

One major concern with the adoption of cloud computing is the lack of a defined standard or standards that are specific to operations impacting security, interoperability & mobility within the Cloud ecosystem. As most managers of security departments will attest to, there is a fine line between security and operations. While we as business managers want to ensure that we maximize the ROI on our operational investments and ensure that availability is paramount  for our users, we do not want to do so at the expense of our security measures, policies and protocols. On the other hand we do not want to lock down a system providing maximum security, but to such an extent that there is a degradation in availability - thus negatively impacting operations and our revenue stream by extension. In the traditional IT Security/Operational world we balance tools and metrics from I... (more)

So You Want to Build a Private Cloud?

As the cacophony of cloud evangelism expands into several areas of industry, one much talked about aspect is that of the private cloud. But what really is a private cloud, and once within an organization's security perimeter is such a system a pure cloud computing ecosystem? (Of course within the security perimeter - IT Security teams again have the advantage of control in lieu of that in a public cloud.) Bear in mind though once you start thinking of access from outside your "private cloud" the whole security dynamic will change. At this point your cloud security perimeter beco... (more)

Identity Management in Cloud Computing

Web-services research and protocol applications have been around and in use for quite some time now. With the potential Capex and Opex savings enterprises can potentially realise from utilizing a cloud computing service model, there should also be added focus on ensuring that security is properly implemented either in authentication or authorization. Cloud Computing, with its foundation in the world of virtualization, can take advantage of key aspects of web service implementations and security practice; but only to a point. Web service policies are based on a static model that ... (more)

Service-Oriented Architecture and the Cloud

What is SOA?  One can say that the synthesis of Enterprise Application Integration (EAI) platforms with middleware tools and concepts evolved into what we know today as Service Oriented Architecture. SOA then represents a standards based architectural blueprint with an emphasis on business centric services and transactions rather than that of technology oriented objectives: In other words an architectural style which businesses can use to execute and align services with their business model to achieve their business strategy, goals and objectives. For instance, an end-user reques... (more)

Live Forensics and the Cloud - Part 1

Within the realms of digital forensics analysts traditionally performed analysis on static data, either from a core dump, bit to bit imaging etc. Recently we have seen an increased focus directed at the live forensics environment. As users rely more on mobile and other remote devices to access data on demand; data possibly held in some manner of cloud environment, investigators will have to adapt their mode of investigations to suit. I recall reading a marketing pitch a while aback where some vendor claimed that an advantage of Cloud Computing is, an ability to conduct live forens... (more)