On the 11/29 Virtualization Security Podcast Omar Khawaja the global managing principle at Verizon Terremark Security Solutions joined us to discuss Verizon’s 12 step program for entering the cloud. This 12 step program concentrates on the IT and Security admins working together with the business to identify all types of data that could be placed into the cloud, and to classify that data. Once this is complete, the next steps are to understand the compliance and security required to protect the data and to access the data. It is a Data Centric approach to moving to the cloud.
TVP Strategy Archives
Cloud Foundry and the Pivotal Initiative
VMware’s Cloud Foundry has been festering for the best part of a year now. It smells a little bit of lack of courage, and a lot of lack of focus. The body is still warm, but I fear EMC/VMware may have already snatched defeat from the jaws of victory.
Windows 2012 Hyper-V – the hypervisor for your Cloud? Part III
Windows Server 2012 Hyper-V in your private cloud, specifically in a Microsoft Windows VM environment, can be delivered for cost effectively. With 2012 Hyper-V, any Microsoft edition has the exact same virtualization and fail-over clustering features & scalability. The key market play here is in the increased functionality that Microsoft has introduced however, Microsoft not only have to convince embedded and seasonsed VMware houses to move to a new release, but to convince those who saw Hyper-V in 2008 and 2008R2 that the product has a viable business maturity.
Information Superhighway
I can remember back in the day when we connected to the Internet via a modem and were charged by the minute while accessing the “Information Superhighway”. Now, the Internet and really, the network it runs on, has pretty much become invisible to the naked eye. Just as we expect the lights to turn on when we flick a switch, we also pretty much expect the internet to always beon and always available without thinking twice about it. Internet service providers have gotten past the point of only wanting Wi-Fi in your house to now working on providing connectivity to the entire city, giving the metro user internet access from inside and outside of your home or office.
Threats and Risks in the Cloud
There are threats to the cloud and there are risks within the cloud. A recent article from Tech Target Search Security blog spurred several thoughts. The main claim here is that there are not enough people who can differentiate threats and risks enough to talk to business leaders who may know very little about security, but do know the business. I have been known to state that there are prominent threats to my data once stored in the cloud and that we should plan to alleviate those threats to reduce our overall risk. But what is the risk?
SAML to the Rescue: vCenter Single Sign On
VMware vCenter 5.1 implemented a new security feature, Single Sign-On (SSO), that uses the Security Assertion Markup Language (SAML) to exchange security tokens. This combats an extremely well known and prevalent attack within the virtualization management trust zones: SSL Man in the Middle (MiTM) attacks. However, vCenter still supports the old SSL methods as well for backwards compatibility and to allow management when SSO is not in use. However does this change how we look at virtualization and cloud management security best practices? Is this a launch point for implementing other authentication techniques?