As we continue into the holiday season, it is worth listening to the Virtualization and Cloud Security Podcast from last December on consumer and holiday security. Consumer security is not the antithesis of IT security, but it is something every consumer should be concerned about. Here is our short list of annual education items. In …
TVP Tag Archives
Beyond Virtualization: Security within the Guest
The October 12, 2017 virtualization and cloud security podcast moved up the stack. In it, we discussed security within the guest operating system. This approach to security applies to clouds, virtualization, and physical systems. Unlike Software as a Service (SaaS), all other forms of infrastructure or platform involve an operating system you can control. That is …
Continue reading “Beyond Virtualization: Security within the Guest”
Virtualization and Cloud Security: Back to Basics
Every time I talk virtualization and cloud security, I am surprised by the number of people who do not follow the basics. The basics have been around since 2004. The funny thing is, I also see the basics misquoted all the time. People try to interject their language into something already simple, yet by doing …
Continue reading “Virtualization and Cloud Security: Back to Basics”
Finding your Sensitive Data to Protect
A bane of having data is the need to know: the need to know where all your sensitive data resides, what that data is, who has accessed it, and how it was accessed. Managing the who, what, where, why, and how of data is a struggle that’s as old as time. Scale changes this struggle. …
Security Disaster Recovery Plan
In the last three virtualization and cloud security podcasts, Mike Foley, Sr Technical Marketing Architect for vSphere Security, mentioned security disaster recovery plans. There is a growing need for such plans. The 174th podcast covered this need, as well as the why and the how of putting such plans together. Unlike traditional disaster recovery, security disaster …
Container Security Podcast
There is a recent CVE (CVE-2016-9962) that directly affects container security. A patch was quickly forthcoming. This raised some interesting concerns. Specifically, how do you patch a container infrastructure? What needs to be patched? The “what” is easy; the “how” is more difficult. As we move to cloud-native applications, where we tear down apps rapidly …