Yes, the question is “Are you really secure?” Now that I’ve asked a loaded question, let me get to the point.
The term “secure” sure has a lot of different meanings depending on the context in which it is used. If we take it from a corporate security perspective, your options are somewhat limited to physical security, as in video surveillance or physical access, or logical security, as in your laptop or data access. But, when you ask a security professional if they are secure, they will most certainly take that in the context of what they can control, and will most likely answer “yes”.
Well, what about the things you cannot control? You can control which products you buy to provide security, you control how they are installed and configured, and you control the processes and procedures that identify how they are managed and updated. But, can you control how they are manufactured?
Read More »
Tags: cloud security, cyber security, cybercrime, data center, information security, network security, privacy, RSA, secure information, secure-id, security, virtualization
There is a new Whitepaper out on the Next-Generation Cryptography called “Suite B” for Government that will enable a new level of secure communications and collaboration.
The Suite B set of cryptographic algorithms has become the preferred global standard for ensuring the security and integrity of information shared over non-trusted networks. This white paper, intended for public sector IT professionals, explains that:
- Suite B combines four well established public domain cryptographic algorithms
- The Internet Engineering TaskForce (IETF) has established open standards for commercial products using Suite B, helping organizations adopt it with confidence
- Cisco has introduced an IPsec-based implementation of Suite B cryptography in its VPN products
There is a nice quote from David McGrew – Cisco Fellow
“Open and freely implementable cryptography standards are indispensable to global information security. By not asserting patent rights with the Galois/Counter Mode of operation, Cisco has taken an active role in helping Suite B standards remain open.”
For an understanding of Suite B, you may download the Whitepaper here.
Tags: Cisco, cryptography, security, suite b
Many people wonder what it takes to be PCI compliant. More importantly, people want to know the difference between PCI, FISMA, DIACAP and STIG. With so much alphabet soup, one has to wonder what it all means, and what is the best way to navigate these waters.
I’m not here to provide you with all the answers, but I can certainly help you to understand where PCI fits into the picture.
Read More »
Tags: compliance, cyber crime, government, pci, privacy, security
I recently reviewed a presentation by McKinsey around urban informatics and how it helps cities improve planning and management, as well as engage and empower citizens. The premise of the work was to determine what progress is being made in the deployment and usage of urban informatics by cities around the world. There were some very interesting findings.
The Queensland University of Technology defines urban informatics as
…the study, design, and practice of urban experiences across different urban contexts that are created by new opportunities of real-time, ubiquitous technology and the augmentation that mediates the physical and digital layers of people networks and urban infrastructures. Read More »
Today, as I watched the Cisco Data Center webcast “Evolutionary Fabric, Revolutionary Scale: A Nondisruptive Way to Handle Dynamic Data Center and Cloud Environments” I thought about how data centers can provide an advantage for government agencies seeking ways to increase operational efficiency and reduce costs.
In many ways, data centers today have similar characteristics when compared to government organizations with:
- isolated silos of information
- labor-intensive manual processes
- rising costs of service
- limited flexibility
- mandates to provide open access to information
- changing workplace with mobile applications, video, …
- requirements to ensure security
In the data center, silos include servers, storage, applications, and network devices. In many government organizations, different agencies often operate independently in separate silos.
The strategic advantage for both government IT organizations and government agencies is to develop holistic strategies that unify the separate parts into a system to deliver better efficiency with higher resource utilization that is easier to manage and costs less.
Read More »
Tags: citizen services, cloud, data center, government, operational efficiency, reduce costs, scale, secure information, transparency