Welcome!

Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Jon Shende
Over the last few weeks I’ve been hearing a lot of discussion around HIPAA. When we speak about HIPAA, invariably the two components of data security and data privacy arises. In the traditional data centers database managers and data owners know where their data reside and implement ...
Digital Forensics is not an elephant, it is a process and not just one process, but a group of tasks and processes in investigation. Examiners now perform targeted examinations using forensic tools and databases of known files, selecting specific files and data types for review while i...
As cloud computing technologies and offerings mature and evolve in its services to customers, one common consumer use will be that of the Software as a Service (SaaS) model. My earlier articles have touched on the various models, risks, security and forensics at several levels. There ...
In Part 1 we discussed risk, security and cloud computing at a high level. Having been a part of design teams as a contributor as well as project manager to include security and assessment team management over the last few years, I still find the same security concerns and issues direc...
These days when we hear the term "cloud computing" there is an understanding that we are speaking about a flexible, cost-effective, and proven delivery platform that is being utilized or will be utilized to provide IT services over the Internet. As end users or researchers of all thing...
As the cacophony of cloud evangelism expands into several areas of industry, one much talked about aspect is that of the private cloud. But what really is a private cloud, and once within an organization's security perimeter is such a system a pure cloud computing ecosystem? (Of cour...
With all the commotion recently regarding the airports new back-scatter x-ray machines,(privacy, health etc.) I wanted a first hand look/feel at this experience. While I am sensitive to and an advocate for issues of privacy regarding persons with medical conditions and children, the ...
It is unclear whether backscatter or millimeter wave imaging can provide spectroscopic substance identification. Thus, X-ray and millimeter wave portals are likely to prompt frequent further searching whenever an image indicates a suspect item or area.
As those of us who are students and practitioners within the field of digital forensic know , any advance in this area tend to be primarily reactionary in nature and most likely developed to respond to a specific incident or subset of incidents. This can pose a major challenge in the ...
It is a known fact that the dynamic consolidation of application workloads through virtualization will increase server utilization. This in turn will reduce demands on power and system resources, especially within large-scale server clusters deployment that can support cloud based appl...
Proponents of the cloud ecosystem touts its “vastness, flexibility and scalability as advantages for implementation of cloud services. However from a digital point of view this can be a veritable forensic challenge as we view the cloud in terms of its scope and diversity. According to...
One major concern with the adoption of cloud computing is the lack of a defined standard or standards that are specific to operations impacting security, interoperability & mobility within the Cloud ecosystem. As most managers of security departments will attest to, there is a fine li...
With the advent of Web 2.0 and onward, the rise of the terminology and concept we call Cloud Computing, coupled with an increase in the manner technologies are being used; not only by corporations but by individuals as well; comes an increased drive to ensure risk is managed,effective ...
Within the realms of digital forensics analysts traditionally performed analysis on static data, either from a core dump, bit to bit imaging etc. Recently we have seen an increased focus directed at the live forensics environment. As users rely more on mobile and other remote devices t...
As with any effective entity within the federal realm, the DoD in its effort to ensure that mission critical information is accessible, discernible, implicitly clear for its end-users and available as demanded in an efficient manner; has implemented a technical architectural approach w...
Cloud Computing offers a sense of “vastness” in terms of storage and remote processing. According to Simpson Garfinkil, a major challenge to any digital forensics investigator investigating data within the cloud; can be an inability to locate or identify data or code that is lost when ...
I've been asked quite a few times, "when will it be a good time to get into cloud computing?" by potential clients. My answer is typically it depends... I know, I know.... not much direction there, but really it all depends. Why ? Well, some may state, "we all know of the much beaten...
Malicious software or malware is a security nightmare. One can agree with a statement that malware in the internet is a growing epidemic and is costing industry billions of dollars each year. According to Microsoft malware “is short for malicious software and is typically used as a...
Service Oriented Architecture(SOA)represents an architectural blueprint with an emphasis on business centric services and transactions rather than that of technology oriented objectives: In other words an architectural style which businesses can use to execute and align services with t...
Web-services research and protocol applications have been around and in use for quite some time now. With the potential Capex and Opex savings enterprises can potentially realise from utilizing a cloud computing service model, there should also be added focus on ensuring that security ...
Lately in the IT community all the hype is on Cloud Computing. We have small start-ups offering several variations of Cloud services as well as some of the established big players (Google, Amazon, IBM, Novell (aimed at cloud service providers),Sun) stepping up their offerings of cloud ...