There have been quite a few new products announced in the last few months. Some I have received as briefings, others I have researched. These security and data protection products show the changing face of virtualizaiton and cloud.
TVP Category Archives
News: Citrix to get Zenier in 2013: Acquires MDM Specialist Zenprise
Citrix yesterday announced it has entered into a definitive agreement to acquire Zenprise, a leading innovator in mobile device management (MDM).
12 Step Program to Enter the Cloud
On the 11/29 Virtualization Security Podcast Omar Khawaja the global managing principle at Verizon Terremark Security Solutions joined us to discuss Verizon’s 12 step program for entering the cloud. This 12 step program concentrates on the IT and Security admins working together with the business to identify all types of data that could be placed into the cloud, and to classify that data. Once this is complete, the next steps are to understand the compliance and security required to protect the data and to access the data. It is a Data Centric approach to moving to the cloud.
Information Superhighway
I can remember back in the day when we connected to the Internet via a modem and were charged by the minute while accessing the “Information Superhighway”. Now, the Internet and really, the network it runs on, has pretty much become invisible to the naked eye. Just as we expect the lights to turn on when we flick a switch, we also pretty much expect the internet to always beon and always available without thinking twice about it. Internet service providers have gotten past the point of only wanting Wi-Fi in your house to now working on providing connectivity to the entire city, giving the metro user internet access from inside and outside of your home or office.
Threats and Risks in the Cloud
There are threats to the cloud and there are risks within the cloud. A recent article from Tech Target Search Security blog spurred several thoughts. The main claim here is that there are not enough people who can differentiate threats and risks enough to talk to business leaders who may know very little about security, but do know the business. I have been known to state that there are prominent threats to my data once stored in the cloud and that we should plan to alleviate those threats to reduce our overall risk. But what is the risk?
SAML to the Rescue: vCenter Single Sign On
VMware vCenter 5.1 implemented a new security feature, Single Sign-On (SSO), that uses the Security Assertion Markup Language (SAML) to exchange security tokens. This combats an extremely well known and prevalent attack within the virtualization management trust zones: SSL Man in the Middle (MiTM) attacks. However, vCenter still supports the old SSL methods as well for backwards compatibility and to allow management when SSO is not in use. However does this change how we look at virtualization and cloud management security best practices? Is this a launch point for implementing other authentication techniques?