Entries Categorized as 'Cloud'
by Neil MacDonald | May 23, 2011 | 2 Comments
There’s been a bunch of highly publicized attacks recently. Each one has a major lesson for information security. 1) Barracuda’s breach Major lesson: Test all of your web-enabled applications for vulnerabilities as a part of the ongoing application development and change process. This was the root cause of the breach. Minor lesson: Web application firewalls [...]
Category: Application Security Cloud Cloud Security Information Security Tags: application security testing tools, Best Practices, Cloud Security, Defense-in-Depth, Information Security, Security-Summit-NA
by Neil MacDonald | May 12, 2011 | Comments Off
I was a part of a discussion among Gartner analysts recently debating the implications of a Cloud SaaS provider that had moved their legacy application to the Cloud and was now offering it as a service. Because the application wasn’t “cloud-native” and was designed to be deployed on-premises, the vendor stated that there was a [...]
Category: Cloud Cloud Security Tags: Cloud Security, Security-Summit-NA
by Neil MacDonald | March 22, 2011 | Comments Off
I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a change in licensing related to Forefront. Some history — in 2010, Microsoft reorganized the Server and Tools Business Unit placing the Forefront Endpoint [...]
Category: Cloud Cloud Security Endpoint Protection Platform Microsoft Microsoft Security Next-generation Data Center Virtualization Virtualization Security Tags: Cloud Security, Endpoint Protection Platform, Hyper-V, Microsoft, Microsoft Security, Next-generation Data Center, Virtualization, Virtualization Security, Windows
by Neil MacDonald | March 9, 2011 | 3 Comments
The cloud isn’t one thing, so securing the Cloud won’t be one thing either. The industry has settled on a layered framework for understanding, comparing and selecting cloud-based services. Gartner’s model has these high-level layers (with subcategories in each layer): Infrastructure as a Service (compute, storage, etc) Platform as a Service (middleware-like services such as [...]
Category: Cloud Cloud Security Virtualization Virtualization Security Tags: Cloud Security, Defense-in-Depth, Next-generation Data Center, Virtual Appliances, Virtualization Security
by Neil MacDonald | January 14, 2011 | 2 Comments
One of the reasons that security tops the list of inhibitors for the adoption of public cloud computing is the concern around the use of multi-tenant infrastructure and applications. However, I believe the concerns are often overblown. Everything is multi-tenant at some level. For example, we all share the same planet and the same air. [...]
Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Application Security, Best Practices, Cloud Security
by Neil MacDonald | December 16, 2010 | 2 Comments
Survey after survey shows that the top issue that organizations have when considering the adoption of public cloud-based computing services is “security and privacy”. Gartner’s own surveys show this: The survey data above is from December 2009, we’ll be publishing the December 2010 survey data for clients over the next several weeks. You all have [...]
Category: Cloud Cloud Security Information Security Vendor Contracts Virtualization Security Tags: Cloud Security, GartnerDC, Information Security
by Neil MacDonald | December 6, 2010 | Comments Off
I saw that Juniper had acquired Altor Networks in this announcement. I had written up Altor Networks as a Gartner “Cool Vendor” earlier this year in this research note for clients. In this research note, I observed: Because Altor’s offerings were created from the beginning for use in a virtual environment, they also directly integrate with [...]
Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Security Tags: Cloud Security, GartnerDC, Next-generation Security Infrastructure, Virtualization Security
by Neil MacDonald | December 2, 2010 | 2 Comments
I’ve just completed work with a team of analysts on a Gartner Research Spotlight focused on private cloud computing. Whether your like or hate the term “private cloud”, the trend is real. These are the types of questions you are asking us: How can we make our own enterprise data centers act more like what [...]
Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Cloud Security, Next-generation Security Infrastructure, Virtualization Security
by Neil MacDonald | December 1, 2010 | 4 Comments
As organizations virtualize their data centers, information security has had to evolve to support this. The same will be true as data centers evolve to private clouds – security must evolve to support the needs of private cloud infrastructure. For most organizations, virtualization will provide the foundation and the stepping stone for the evolution to [...]
Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Cloud Security, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMware
by Neil MacDonald | November 9, 2010 | 5 Comments
I presented a session exploring this provocative point of view at Gartner’s US Fall Symposium titled “Why Cloud Computing Will be More Secure Than What You Have Today”. This Wednesday afternoon presentation was a part of Gartner’s “Maverick Track” where presentations that challenge conventional wisdom are provided for clients. If you attended Symposium and weren’t [...]
Category: Cloud Cloud Security Virtualization Security Tags: Cloud Security, Information Security, Microsoft Security, Next-generation Security Infrastructure, symposium, Virtualization Security, Windows
