I recently read the book Project Phoenix by Gene Kim, Kevin Behr, and George Spafford. If you are in development, IT, and Security it should be #1 on your reading list. In this book the authors discuss all the horrors we hear about in IT with a clear direction on how to fix them. There is politics, shadow IT, over zealous security professionals, over worked critical employees, lots of finger pointing. But there is a clear solution, at least as far as the story goes. We also know that DevOps works, most of the time.
TVP Strategy Archives
Database as a Service: Agility vs. Control
Over the last few years there has been an increase in the number of database as a service (DBaaS) offerings that have entered the market place. IaaS providers like Amazon have released solutions such as RDS that automates database administration tasks in the area of scaling, replication, failover, backups, and more. There are a number of companies offering automation around NoSQL databases like Hadoop, MongoDB, Redis, Memcache, and numerous other database technologies.
EUC Security: Much More Than VDI
On the 5/30 Virtualization Security Podcast, Shaun Donaldson, Director of Alliances at Bitdefender Enterprise, joined us to discuss end user computing (EUC) security and how their new Gravity Zone product ties their enterprise products together under one scalable management umbrella. This was a very interesting conversation on the subject of EUC security, Bring Your Own Device (BYOD) security, and the all aspects of the the EUC stack. There are quite a few moving pieces in the EUC stack that is greater than your mobile device and the system it is accessing. There is a complete networking and political stack between the two and perhaps many systems you have to jump through to access your data.
Public Cloud Use Cases
There are different public cloud use cases. Here at The Virtualization Practice we moved our datacenter from the north to the south part of the country and utilized the cloud to host the workloads during the transition. Edward Haletky, yesterday posted about Evaluating the Cloud: Keeping your Cloud Presence and presented the question and his thoughts of is it worth staying in the cloud or bringing the data home.
Evaluating the Cloud: Keeping your Cloud Presence
As you know we have a cloud presence; we have had one for several months. Now we are evaluating the cloud to determine whether to maintain that cloud presence or move back to our local data center. We also documented some early teething problems within this cloud presence. What should be our evaluation the cloud criteria? Now that our data center is moved and fully functional, should we keep our cloud presence?
Delegate User Problem and Proxies
By far, the lowest hanging fruit of virtualization and cloud environment security is the segregation of your management control from your workloads. Separation of data and control planes have been recommended for everything from storage (EMC ViPR) up to the workloads running within virtual machines. The same holds true for cloud and virtual environment management tools, tasks, and functions. Up to now there have been very few choices in how such segregation could occur using properly placed firewalls or by using some form of proxy and the only proxy available was HyTrust. But this has changed. There are some other tools that will help with this segregation of data from control and do they give the level of auditing we require to solve the delegate user problem?