One byte at a time.
Now before you roll your eyes at my stupid pun, consider the deeper wisdom to
this IT twist on an very old adage.
Security is big. It encompasses a great many definitions, confronts a great
many issues and is addressed through a great many solutions using a great
many formats. For many organizations, it can be an overwhelming proposition.
Beyond the issues of data defense, regulatory compliance, traffic management,
identity regulation, archiving, reporting, access control, intrusion
detection, encryption, app administration, help desk assistance, there is the
job the IT pro was hired to do…ensure the smooth technical operation of
their organization. Securing the disappearing network perimeter and beyond
has become more than a full-time job in itself.
This is a Gordian Knot conundrum for smaller enterprises and SMBs. In many
cases, they are under... (more)
Last month the Federal Financial Institutions Examination Council (FFIEC)
shared an opinion on the viability and security of cloud computing. In the
four-page statement, the interagency body empowered to prescribe uniform
principles, standards, stated that cloud computing is “another form of
outsourcing with the same basic risk characteristics and risk management
requirements as traditional forms of outsourcing.”
What they are offering is a back-handed endorsement of cloud computing with
the caveat that if you perform your due diligence and the solution passes the
security smell... (more)
Just like the Boston Red Sox and lo-cal deserts and hybrid cars, everybody
loves a bandwagon. We get caught up in the hype. Business concepts are not
immune. Cloud and cloud-centric computing have been getting a great deal of
play in business media and the blogosphere, and most companies are quickly
moving to adopt various cloud platforms. So much so that that many solutions
that claim to be cloud, really are nothing but server-based enterprise
applications wrapped in a browser experience.
Just because you access an application from the Internet, does NOT make it a
cloud solutio... (more)
No, this isn't 7th grade English...I promise.
With all the important decisions IT departments make, what’s the big deal
whether cloud security means from the cloud, in the cloud, of the cloud or
for the cloud. Well, a lot. Among the various media, blogs, professional
chatter, webinars, conferences and the like, the concept of cloud security is
getting a significant amount of airplay. However, the difference in the
application of a simple preposition completely alters the scope and meaning
of these conversations to that of a problem or a solution.
Security IN the cloud frames the... (more)
In my experience there are two types of enterprise IT departments: those that
maintain the status quo and those looking to continuously explore and
It is truly unfortunate how many fall into the former category. But the
problem with IT security is that it's an ever-evolving and moving target. So
the decision to not dip your toe in the water and understand all available
options could mean the difference between a panicked 3am call regarding a
breach alert or a good night’s sleep.
I realize this is an over generalization, and oftentimes the decision to
“stay the course”... (more)