The recent events surrounding the treacherous activities of Edward Snowden should make most of us think long and hard about the measures we are taking to secure our corporate data. Are we giving our administrators too much access? Do we fail to audit and report on how the data is being accessed and used? Is our data just too mobile? Unfortunately the answer to all three of these is yes.
TVP Category Archives
Testing within the Virtual Environment
There has long been a debate about testing products within a virtual environment. Not just on how, but the why as well as the what to test. There are limits in some EULA’s as well on the reporting of such testing. This was the subject of the 7/25 Virtualization Security Podcast (#112 – Virtualization Security Roundtable) held Live from NSS Labs in Austin, TX. Where we delved into the issues of testing within a virtual environment. While the discussion was about security products, it is fairly straight forward to apply the concepts to other products within the virtual environment.
Checking Out The Possibilities Of A Storage Cloud Platform With Atmos and Panzura
Checking out the possibilities of a storage cloud platform with Atmos and Panzura: The advancement, acceptance and continued growing use of the public cloud storage and backup services gives us, the end users, options and capabilities that we just did not have available to us before the birth of the cloud. How many times have we used services like Drop Box to move, share or store some form a data that we might been working on. Having this kind of capability really helps to make our lives easier but is also a nightmare of corporate security folks whose job is to protect and secure the corporate data.
Three Things To Consider About Virtual Storage Appliances
Virtual storage appliances offer great features, flexibility, and pricing, but like most new technology they need us to ask our vendors different questions.
Identity in the Secure Hybrid Cloud
When it comes to the secure hybrid cloud, Identity has many different definitions from a device a user is using to the combination device, location, password, and other multi-factor authentication means. Even with all the technology there is still the question of where the identity store lives (the bits that contain the identity for all users, devices, etc.) as well as how do you prove identity once the user goes somewhere within the cloud which is outside your control?
Analytics within the Secure Hybrid Cloud
A big part of the secure hybrid cloud is the need for multi-tenant analytics to determine when security events and compliance issues happen. However, analytics cover many different aspects of security within the hybrid cloud from being a control point for compliance to handling vulnerability scanning. What are the requirements for multi-tenant analytics?