All about Virtualization and Cloud Security | Recent Articles:

We see, day after day, real and so-called security experts announcing the newest security apocalypse we face. Claiming that antivirus is a dead technology, they invite you to uninstall it and buy new next-generation technologies that will automatically collect, analyze and detect malicious intentions of attacks or data compromise from the moment they are born in the minds of the bad guys.

Sometimes they come from people more or less familiar with the topic - Is Anti-Virus Scanning/Detection Obsolete?  - and you can see that most of the opinions there are not so negative, apart from the classic advertising for some AV brands. Other times they come from specialists in the field, trying to give an opinion or just sell their “stuff”. 

Credit cards are very convenient; swipe, sign, pay later. That is going to change in the US (More Info) and it’s about time. The change does introduce a cost for retailers, but it is also an opportunity.

The Point-of-Sale (PoS) devices at many retailers are a tool that is part of what is generally a low-margin business. The only time PoS devices are refreshed en-masse is when there is an external pressure that initiates the change. The change to credit cards with a chip (whether chip-and-sign or chip-and-PIN) is now creating an external pressure (Read More).

It begs a question from both security and operations perspectives; can retailers do better than meeting only the new immediate demand?

Simplicity rules

When boiled-down, PoS systems have hardware peripherals (magnetic stripe readers, chip readers, signature screens, printers, and so on) attached to a computer. The computer runs software, often within a Windows embedded operating system, that facilitates transactions. They are, in essence, fancy digital cash registers.

Destkop-as-a-Service (DaaS) is on the rise in terms of adoption and maturation. You just have to look at some of the media articles flying around to see that this movement is gathering steam. Cloud computing is eliminating the entire on-premise conundrums – cost, maintenance, etc. Choose a platform vendor, anyone… VMware, Citrix, Amazon, Google, or Microsoft, and you’ll find the expansion of elasticity is happening fast.  

In early May 2014, Amazon launched its Workspaces DaaS in Europe. Microsoft recently debuted its upcoming offering, RemoteApp At Citrix Synergy 2014, announcements about Workspace Services got a lot of people excited. The challenge is now keeping up with who is getting into the DaaS business. In the past few weeks alone the following companies announced their DaaS services: RapidScale, IndependenceIT, NComputing, Proxios, and the list goes on. 

With this post dedicated to the series of newer IT infrastructure models and options available to CIO’s (previous posts available here) we have reached the milestone of Virtual Desktop Infrastructures. They are key component of the new computing paradigm and probably the most challenging option that faces IT management today.

Virtualization came as a consequence of the third wave of IT acquisitions: first we had the golden age of IT Expansion (a lot of new dedicated hardware, software, servers, platforms, business applications to be implemented for the modern enterprise), then we had the Constriction period due to the crisis (that has left many organizations without upgrades, software subscriptions and services), and now we have entered in the wave of Optimized Development where all that is acquired must add a considerable value to the business, otherwise it is discarded.

Anyone who thinks the bring-your-own-device (BYOD) phenomenon will quietly go away is not being realistic. As many senior technology executives are learning, this trend is continuing to grow—whether IT likes it or not.

The rising popularity of smartphones and tablets among the general population in recent years has translated to a “consumer IT” environment in which employees use their own devices for work purposes.

What the analysts say

The ongoing history of credit card breaches at major card processing organizations continuously begs a simple question; do organizations treat compliance as their security high-water mark?

The analogy may not be perfect, but if you have a smoke detector in your basement but the fire starts in the kitchen and you’re asleep on the second floor, what are your chances of survival? Do organizations truly believe that being ‘compliant’ is synonymous with covering all security bases? Certainly, no organization wants to be breached, but are they doing enough?