Cloud is now mature enough that we can begin to identify anti-patterns
associated with using these services.
Keith Shaw from Network World and I spoke about worst practices in the cloud
last week, and our conversation is now available as a podcast.
Come and learn how to avoid making critical mistakes as you move into the
Cloud Security Journal on Ulitzer
Two weeks ago, I delivered a webinar about new security models in the cloud
with Anne Thomas Manes from Burton Group. Anne had one slide in particular,
borrowed from her colleague Dan Blum, which I liked so much I actually
re-structured my own material around it. Let me share it with you:
This graphic does the finest job I have seen of clearly articulating where
the boundaries of control lie under the different models of cloud computing.
Cloud, after all, is really about surrendering control: we delegate
management of infrastructure, application... (more)
This year’s VMworld conference saw the announcement of VMware’s new
vCloud Director product, a culmination of the vision for the cloud computing
the company articulated last year and a significant step forward in providing
a true enterprise-grade cloud. This is virtualization 2.0—a major rethink
about how IT should deliver infrastructure services. VMware believes that the
secure hybrid cloud is the future of enterprise IT, and given their success
of late it is hard to argue against them.
vCloud Director (vCD) is interesting because it avoids the classic
virtualization metaphors ... (more)
Sometimes I wonder if anyone, in the entire history of computing, has every
bothered to read and consider the contents of a typical End User License
Agreement (EULA). Some Product Manager, I suppose (though truthfully, I’m
not even sure of this one).
The EULA, however, is important. It’s the foundation of an important
consent ceremony that ends with only one effective choice: pressing OK. This
much-maligned step in every software installation is the only real binding
between an end user and a provider of software. Out of this agreement emerges
a contract between these two partie... (more)
I’m not sure who is more excited about the cloud these days: hackers or
venture capitalists. But certainly both groups smell opportunity. An
interesting article published by CNET a little while back nicely illustrates
the growing interest the former have with cloud computing. Fortify Software
sponsored a survey of 100 hackers at last month’s Defcon. They discovered
that 96% of the respondents think that the cloud creates new opportunities
for hacking, and 86% believe that “cloud vendors aren’t doing enough to
address cyber-security issues.”
I don’t consider myself a hacker (exce... (more)