Subscribe to Email Updates

Subscribe

Author: Shaun Donaldson

Shaun Donaldson is Editor-at-large at Bitdefender Enterprise. Shaun is also responsible for supporting relationships with strategic alliance partners and large enterprise customers, and analyst relations. Before joining Bitdefender, Mr. Donaldson was involved in various technology alliances, enterprise sales and marketing positions within the IT security industry, including Trend Micro, Entrust, Bell Security Solutions and Third Brigade.

All about Virtualization and Cloud Security | Recent Articles:

Home Depot, Target, and the business of being owned

Sep 10 by Shaun Donaldson

There has recently been some interesting news. It seems that The Home Depot, both in the US and Canada, has experienced a breach. Recall that Target also suffered a breach not long ago

This begs the question; from a security perspective, does being compliant matter?

There are reports that the malware discovered on Home Depot systems is similar to that discovered on systems at Target. What is striking is that, according to Krebs on Security (who broke the Home Depot story), “On Tuesday, KrebsOnSecurity broke the news that Home Depot was working with law enforcement to investigate “unusual activity” after multiple banks said they’d traced a pattern of card fraud back to debit and credit cards that had all been used at Home Depot locations since May of this year.”

Read More

Retail Industry Ramps Up Efforts to Boost Security - and How the Channel Can Play a Role

Sep 10 by Shaun Donaldson

As we mentioned in the last post, over the coming months we’ll be looking at the unique security and compliance challenges for a variety of industries. For the first entry in this series we’re examining the retail sector.

It’s no secret that the retail industry has endured some high-profile information security breaches in recent months. In December 2013, Target was hit with a data breach that resulted in the theft of millions of customers’ credit card data, including payment information, names, phone numbers and email addresses. The incident has had a huge financial impact on the retailer, with Target announcing in August 2014 that its second quarter financial results were expected to include gross expenses of $148 million, partially offset by a $38 million insurance receivable, related to the data breach.

Read More

Sex, Photos, and the Shared Security Model

Sep 05 by Shaun Donaldson

Recently, there has been quite a bit of media coverage about some sensitive, private pictures of celebrities stolen and published. While we have seen similar incidents in the past (from celebrities to British royals’ mobiles being compromised), this incident is focused around consumer-centric cloud offerings from heavyweight companies.

When incidents like this happen, the popular knee-jerk reaction tends to be to find someone to blame. In this case, the candidates are:

   1. The attackers

   2. Consumer-centric cloud services providers (used on iOS, Android, Windows Mobile, for example)

   3. The celebrities themselves

Of course, the attackers are ultimately responsible, but it is interesting to see the service provider and the end-users sharing a piece of blame assigned by some (the Internet provides a forum for everyone who wishes to share their opinion, for better or worse).

Read More

Who is Getting Cloudy?

Aug 13 by Shaun Donaldson

There are many questions about cloud; what is it, where is it, and who’s using it?

The answer to the last one is: “most everyone”. Analysts are a bit short on data because they too are still trying to figure-out this cloud stuff. The straightforward answer is that you are likely already using it.

Does your organization use a service provider for software-as-a-service, platform-as-a-service, or infrastructure-as-a-service? If your first answer is an absolute, “No”, you’re probably wrong.

If you’re a start-up, you’re likely using a Google or Microsoft service, perhaps a hosted customer relationship management system (Salesforce.com, for example), and myriad other cloud-based services.

Read More

“AV is dead”: declarations and language

Jul 25 by Shaun Donaldson

There has been quite a bit of marketing effort put into declaring that AV is dead. It is difficult to make sense of it because the term ‘Anti-Virus’ means so many different things. Much of what it means depends on who you ask.

What is AV? It’s a short-cut. It’s not a short-cut from a technology perspective, but rather, in language. Just as a single-use facial tissue is a “Kleenex”, so does ‘AV’ mean ‘endpoint security’ to many folks, while ‘AV’ is scoffed-at by others.

To generalize, there are two audiences; those who work in IT, and those who do other things. To a person outside of IT, ‘AV’ equals security.

When a family member asks me about ‘AV for smartphone’, I don’t go into depth about it being less an AV than about application reputation, as determined by running applications in emulated environments to assess the quality (from a security perspective), and on and on. That’s because I’m being asked about security for a phone.

Read More

When, where, and why do I need different endpoint security when going virtual?

Jul 16 by Shaun Donaldson

In the endpoint security world, specifically antimalware (or antivirus, depending on your definition, but more on that in another post) vendors are offering different features and architectures to address performance in virtualized datacenters. A simple question that organizations have is, “When, where, and why do I need this stuff?” Of course, as a vendor, the tempting answer is, “Always, everywhere, and just because”. However, reality is always more nuanced than the average PowerPoint presentation.

Read More

When Amazon Zigs, Everyone Else Zigs and Zags

Jun 12 by Shaun Donaldson

For the most part, corporate press releases are boring. It’s an exercise in patting oneself on the back while saying next-to-nothing of significance that IT companies are especially guilty of performing as a rote exercise. Then again, every now and then an announcement produces a reaction that stirs things up. To me, the significant parts that go unsaid in an announcement are, in exceptional cases, revealed by the reaction of others (or the lack thereof). Last week, Amazon was good enough to create an interesting example of a PR-by-reaction.

It began with an announcement from Amazon, which can be found here. The post was part of announcing the release of AWS Management Portal for vCenter. Basically, it’s a vCenter plug-in that makes it easy to lift VMs to AWS. It has some additional features, but overall, is compelling only in that it lives with vCenter. To flip that around, it’s really exciting because it’s in vCenter. It’s all in the interpretation…

Read More

Antimalware and Virtual Machines: square peg, round hole problems

Jun 10 by Shaun Donaldson

As endpoints are virtualized, it is tempting to assume that everything within the endpoint is virtualized, and the job is done. Of course, performing a physical-to-virtual migration is the first step in an ongoing process of optimizing applications, the underlying infrastructure, and of course, security.

AV Storms and all the nastiness

If you have virtualized most of your servers, and are starting to optimize by raising consolidation ratios, you will have noticed that traditional antivirus software creates some nasty headaches in virtualized environments. If you have virtualized desktops, you’ll have encountered “AV storms” from the start of the project.

Read More

The Costs of a Cost, and the Opportunities Lost – Why US Retailers Need to Give Their PoS a Shake

May 23 by Shaun Donaldson

Credit cards are very convenient; swipe, sign, pay later. That is going to change in the US (More Info) and it’s about time. The change does introduce a cost for retailers, but it is also an opportunity.

The Point-of-Sale (PoS) devices at many retailers are a tool that is part of what is generally a low-margin business. The only time PoS devices are refreshed en-masse is when there is an external pressure that initiates the change. The change to credit cards with a chip (whether chip-and-sign or chip-and-PIN) is now creating an external pressure (Read More).

It begs a question from both security and operations perspectives; can retailers do better than meeting only the new immediate demand?

Simplicity rules

When boiled-down, PoS systems have hardware peripherals (magnetic stripe readers, chip readers, signature screens, printers, and so on) attached to a computer. The computer runs software, often within a Windows embedded operating system, that facilitates transactions. They are, in essence, fancy digital cash registers.

Read More

Stop the Delusion: Security Compliance isn’t Synonymous with Bullet-Proof Security

May 06 by Shaun Donaldson

The ongoing history of credit card breaches at major card processing organizations continuously begs a simple question; do organizations treat compliance as their security high-water mark?

The analogy may not be perfect, but if you have a smoke detector in your basement but the fire starts in the kitchen and you’re asleep on the second floor, what are your chances of survival? Do organizations truly believe that being ‘compliant’ is synonymous with covering all security bases? Certainly, no organization wants to be breached, but are they doing enough?

Read More

Antimalware as a Competitive Differentiator – 3 Advantages for Infrastructure-as-a-Service (IaaS) Providers

Apr 30 by Shaun Donaldson

In this post, I’ll focus on Infrastructure providers (IaaS), though these points may be relevant to platform and software providers as well.


Infrastructure providers tend to be very good at providing security inside the infrastructure. However, not all providers go beyond infrastructure security. Instead, the model is to have a shared security where responsibility for security beyond the infrastructure is in the hands of end-customers.

In the simplest example, the provider sets-up a virtual instance running, say, Windows, but everything that runs within that instance, including operating system and applications, is the responsibility of the end-customer. On the IaaS side, this is completely reasonable theoretically, but it has potentially damaging results if the end-customer isn’t taking further steps to protect the OS or the apps.

Best interests and the role of security

Read More

Virtualizing desktops – the drivers may not be what you expect

Apr 16 by Shaun Donaldson

The driver behind server virtualization is clearly cost savings, while agility and flexibility also have value. This well-known return on investment is achievable because servers have fairly predictable workloads, tend to be rather static in their workloads (an Exchange server tends to stay an Exchange server).

Also, the number of servers that can be run on each CPU across a datacenter tends to be low because, generally speaking, they need more horsepower than an end-user system.

Virtualized desktops are quite different. The number of desktops per-CPU across a Virtual Desktop Infrastructure (VDI) is much higher than with servers. The environments tend to be highly dynamic, with instance being instantiated and destroyed at a high rate.

Naturally, trying to lead with cost savings as a primary goal of a VDI deployment is problematic. Instead, agility and flexibility are key.

Read More

Cloud Security




Subscribe to Blog Updates

Latest Tweets