It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you . . . → Read More: The Directory in the Cloud?
|
||||||
Will the user define security policies in the future?I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the user will buy their own and use it for business. Additionally, different people have different ... 
Get off XP or Risk your Business?One of the highest hit rates I ever had on my blog was one I wrote right before Conficker broke out. I called it Playing Russian Roulette with your Network. The background was, that we released an out of band security update and our customers came back and asked us, whether they really shall deploy it – this situation then led to Conficker. About 12 months from today, Windows XP will ... 
Security in 2013 – the way forward?Typically January is the month where we are asked to make predictions on the trends for the New Year. I do not like this as I am an engineer and not a fortune tellerJ. But there are things we know and things we definitely need to drive this year. I would actually put it into the context of typical hygiene of any IT environment. Let's try to understand, where we stand ... 
The Directory in the Cloud?It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you look at the Cloud, there are five areas of Considerations: Compliance and Risk Management: Organizations shifting ... 
Sorry, I did not blog for quite a while. When looking at the Cloud, one of the key challenges to address – in my opinion – is how to manage the identity of the different users. If you have to add an additional identity to all the logons you already have, the Cloud will . . . → Read More: Office 365 Single Sign-On with AD FS 2.0 whitepaper A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. . . . → Read More: Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security This is a very interesting development. Encryption generally would solve a lot of problems around data sovereignty. So, encrypting the data, keeping the key and moving the data to the public cloud could basically address a lot of the risks. Today, it comes with a high price as the data which resides encrypted in the . . . → Read More: Searchable Encryption for the Cloud–soon? A very good overview over the way we run Microsoft’s Cloud. The interesting thing is – if you look at the video – that most customers are still running their datacenters on generation 1-2, which means that the efficiency (labor as well as energy) we can deliver is significantly higher – not talking of our . . . → Read More: Video on Microsoft’s Datacenter You heard about the launch of Office365 recently and I hope you read the blog post on the application of the Cloud Computing Security Considerations to the private. cloud. If not, here it is: Security Considerations in a Private Cloud To complete the series now, we released an additional paper on how these considerations can . . . → Read More: Cloud Security in Office365 I am talking a lot about Cloud Security. There are a few observations I made: Even though a lot of people are talking about the Cloud, there is still not too much knowledge about it. What is a private Cloud versus a public Cloud? What is Infrastructure as a Service, Platform as a Service, Application . . . → Read More: Security Considerations in a Private Cloud To me, one of the benefits of moving to the Cloud is security – obviously besides availability and costs. Recent incidents made me doubt: Amazon not only having significant downtime but in the same time losing customer data. Sony’s game network being significantly compromised. This is definitely not to blame them but I was heavily . . . → Read More: Cloud computing providers: Clueless about security? Great progress on our Cloud: Our BPOF-Federal solution has received FISMA certification and accreditation: BPOS-Federal & FISMA Yes, we really have it for BPOS-F Roger The longer the more I see articles and posts that claim that security could actually improve if you migrate to the Cloud. And the longer the more I am a firm believer of these statements. It is not about forgetting best practices and just handing over everything to the Cloud provider. It is about adapting your practices to the new reality. . . . → Read More: Quit Worrying About Cloud Security? |
|
|||||
|
Copyright © 2013 Roger Halbheer on Security - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
