Yes, the question is “Are you really secure?” Now that I’ve asked a loaded question, let me get to the point.
The term “secure” sure has a lot of different meanings depending on the context in which it is used. If we take it from a corporate security perspective, your options are somewhat limited to physical security, as in video surveillance or physical access, or logical security, as in your laptop or data access. But, when you ask a security professional if they are secure, they will most certainly take that in the context of what they can control, and will most likely answer “yes”.
Well, what about the things you cannot control? You can control which products you buy to provide security, you control how they are installed and configured, and you control the processes and procedures that identify how they are managed and updated. But, can you control how they are manufactured?
Read More »
Tags: cloud security, cyber security, cybercrime, data center, information security, network security, privacy, RSA, secure information, secure-id, security, virtualization
While the IT industry is in many ways moving toward an outsourced model, with the widespread adoption of the cloud and XaaS, marketing has been moving in a similar direction as well. And while PR agencies have been around for quite some time and it has been normal to look to outside agencies for help with creatives, over the past several years a new kind of service provider, the Email Service Provider, or ESP, has emerged from the shadows. Not to be mistaken for cloud-based email security services, ESPs are in the business of sending mass email (typically opt-in), not blocking it. Unfortunately, for many, their first exposure to these companies (outside of an inbox full of enticing offers) has been via news around data breaches, first, in 2010 with Silverpop and now Epsilon.
Read More »
Tags: cloud, cloud security, email, phishing, security, spear phishing
In my previous post on virtualization, I discussed the potential to make greater use of this technology beyond just better server utilization. If you have already done a lot of virtualization projects, you would likely agree that eventually virtualization alone is not enough. Read this interesting story to see how a tech company reached this conclusion based on their multi-year experience with virtualization. The next stage, from an IT architectural perspective, is to incorporate automation, elasticity and governing to deliver on-demand and pay-per-use computing services. As you guessed it, we are talking about cloud computing here.
Much has been written to describe the business advantages, various service types (SaaS, PaaS and IaaS, to name a few common ones) and deployment models (public, private and hybrid) about cloud computing. But, where do you start to plan for cloud?
Read More »
Tags: cloud security, virtualization