The Hybrid Cloud has 100s if not 1000s of APIs in use at any time. API security therefore becomes a crucial part of any hybrid cloud environment. There are only so many ways to secure an API, we can limit its access, check the commands, encrypt the data transfer, employ API level role based access controls, ensure we use strong authentication, etc. However, it mostly boils down to depending on the API itself to be secure because while we can do many things on the front end, there is a chance that once the commands and actions reach the other end (cloud or datacenter) that the security could be suspect. So how do we implement API security within the hybrid cloud today?
TVP Strategy Archives
Antifragile Systems: Designing for Agility vs. Stability
For many years, the focus in IT has been on building robust systems that invested heavily in avoiding failures. To accomplish this goal, methodical processes were implemented to guide IT through a list of known use cases so that systems could try to avoid failing and have a plan for recovery if a failure did …
Continue reading “Antifragile Systems: Designing for Agility vs. Stability”
Rethinking Thin Clients from a Security Perspective
The recent events surrounding the treacherous activities of Edward Snowden should make most of us think long and hard about the measures we are taking to secure our corporate data. Are we giving our administrators too much access? Do we fail to audit and report on how the data is being accessed and used? Is our data just too mobile? Unfortunately the answer to all three of these is yes.
Testing within the Virtual Environment
There has long been a debate about testing products within a virtual environment. Not just on how, but the why as well as the what to test. There are limits in some EULA’s as well on the reporting of such testing. This was the subject of the 7/25 Virtualization Security Podcast (#112 – Virtualization Security Roundtable) held Live from NSS Labs in Austin, TX. Where we delved into the issues of testing within a virtual environment. While the discussion was about security products, it is fairly straight forward to apply the concepts to other products within the virtual environment.
Checking Out The Possibilities Of A Storage Cloud Platform With Atmos and Panzura
Checking out the possibilities of a storage cloud platform with Atmos and Panzura: The advancement, acceptance and continued growing use of the public cloud storage and backup services gives us, the end users, options and capabilities that we just did not have available to us before the birth of the cloud. How many times have we used services like Drop Box to move, share or store some form a data that we might been working on. Having this kind of capability really helps to make our lives easier but is also a nightmare of corporate security folks whose job is to protect and secure the corporate data.
Three Things To Consider About Virtual Storage Appliances
Virtual storage appliances offer great features, flexibility, and pricing, but like most new technology they need us to ask our vendors different questions.