One major concern with the adoption of cloud computing is the lack of a
defined standard or standards that are specific to operations impacting
security, interoperability & mobility within the Cloud ecosystem.
As most managers of security departments will attest to, there is a fine line
between security and operations. While we as business managers want to ensure
that we maximize the ROI on our operational investments and ensure that
availability is paramount for our users, we do not want to do so at the
expense of our security measures, policies and protocols.
On the other hand we do not want to lock down a system providing maximum
security, but to such an extent that there is a degradation in availability -
thus negatively impacting operations and our revenue stream by extension.
In the traditional IT Security/Operational world we balance tools and metrics
from ITIL a... (more)
Expanding on the " introduction to cloud computing" article, here are some
additional suggestions for choosing a cloud service model provider.
In a typical Cloud Computing data centre, an application set will generally
be hosted over Virtual Machines running on a large number of Physical
Total Cost of Ownership (TCO) is a definite factor when considering a move
for some enterprise services into the cloud. There are certainly arguments
both for and against the merits, especially when considering the impact of
risk on an enterprise that choses to transfer risk with the a... (more)
I've been asked quite a few times, "when will it be a good time to get into
cloud computing?" by potential clients. My answer is typically it depends...
I know, I know.... not much direction there, but really it all depends. Why ?
Well, some may state, "we all know of the much beaten security concerns, and
we will ensure that systems on our end are secured and synced to work in
tandem with the vendors' security."
Can one ensure some degree of monitoring by the implementation of an
Intrusion Detection System (IDS) residing within the system hosting the
gateway into the cloud?
Last week at the 7th International Cloud Expo in Santa Clara, I sat on a
panel discussing virtualization and the cloud. As a follow on to my
contribution, it is my intention to expand on the position of virtualization
and the cloud ecosystem.
It is generally accepted that the concept of cloud computing or, at least the
amalgamation of services that infer the cloud ecosystem, lends to the premise
of improvements in managing deployed services. This due to an assumed
increase in efficiencies resulting from the sharing of hardware resources at
one end of the spectrum.
According to ... (more)
Over the last three weeks due to the nature of my IT security job, I have
traveled through major airports at least eight times.
With all the commotion recently regarding the airports new back-scatter X-ray
machines (privacy, health, etc.) I wanted a firsthand look/feel at this
experience. While I am sensitive to and an advocate for issues of privacy
regarding persons with medical conditions and children, at 15 pounds
overweight I don't think any airport security personnel will take
pleasure in looking at a scanned image of me. Far from it, I hope I don't
give them any nightmares... (more)