This is a good time to be a managed security services provider—if you believe industry reports about the robust growth of the market. Even if you don’t believe the research, there is plenty of evidence that many organizations are looking for expert help when it comes to strengthening their security posture against a host of potential threats. And service providers can provide that needed assistance.
All about Virtualization and Cloud Security | Recent Articles:
While rare, every now and then, major cloud providers such as Amazon must ponder interrupting service to reboot parts of their environments. It is a curious thing, and leads to asking, “Why?”
As cloud initiatives shift from cost savings efforts to strategic transformations of IT and the business, CISOs are finding that in many ways they need to completely reimagine their security controls to keep up.
A short while ago, Amazon announced a new offering called Aurora. In a nutshell, Aurora is a MySQL database engine wrapped as a service. It’s relatively cheap, and Amazon handles the nitty-gritty of the thing.
It begs the question, why does it matter? As Amazon declares, it’s the fifth SQL database engine that they have made available. So, why the big deal? It is a big deal because it says quite a bit about how Amazon operates.
First, let’s have a look at the product page:
“Amazon Aurora provides up to five times better performance than MySQL at a price point one tenth that of a commercial database while delivering similar performance and availability.”
In my previous post I raised a flag around the importance of identity and access management (IAM), and how this should be embedded in your overall security planning.
What does identity and access governance stand for?
According to Gartner, it represents "a combination of administration and account provisioning, authentication and authorization, and reporting functions" which is either served from the cloud (IDaaS) as a utility, or implemented internally in a more silo’d approach.
Companies may choose to run a combination of the two in their hybrid environment, where they bring up a secondary IAM system to handle their hosted apps, while continuing to rely on standard IAM for internal applications.
There are many questions about cloud; what is it, where is it, and who’s using it?
The answer to the last one is: “most everyone”. Analysts are a bit short on data because they too are still trying to figure-out this cloud stuff. The straightforward answer is that you are likely already using it.
Does your organization use a service provider for software-as-a-service, platform-as-a-service, or infrastructure-as-a-service? If your first answer is an absolute, “No”, you’re probably wrong.
If you’re a start-up, you’re likely using a Google or Microsoft service, perhaps a hosted customer relationship management system (Salesforce.com, for example), and myriad other cloud-based services.
Distributed Denial of Service (DDoS) attacks have started to grow in intensity and sophistication as more companies rely on web-based applications for their daily business operations. In the past few months, such attacks have become the weapon-of-choice for cyber criminals in every corner of the world because they hardly ever miss their target(s). Taking the analogy further, I would say that these insidious attacks are as precise and merciless as a DSR-50 riffle is for a trained sniper.
What makes DDoS attacks a bad dream for even the most experienced of IT admins is their distributed nature, as the very name suggests. This means that not only one, but a multitude of compromised systems (also known as botnets or bots) seize the target host with simultaneous requests through a breach in the system, which thereby becomes saturated and unavailable to user access.
As an AWS customer, chances are you made a great business decision to move to that model for some or all the following reasons:
- Ease of use
- Continuous Delivery
Whether you’re a startup or a DevOp in a large enterprise, some of the most compelling reasons to move a business model or develop a business process on AWS is that incredible and versatile infrastructure.
The power and productivity is second to none (well except in the case of the odd outage here and there – but that’s another story). When all is running smoothly, so is your business or your project. The ability to scale and spend according to your delivery model, timelines and needs, while delivering world-class applications and business processes is like no other time in history.
In the most recent post, I described both the challenges and the opportunities that are facing Managed Services Providers (MSPs) looking to expand their portfolios to include information security offerings.
To quickly summarize: It’s a whole new world for MSPs, many of whom are seeing their entire business model being turned upside-down by the fast growth of cloud computing and the “as-a-service” trend.
While offering cloud-based information security technology and services presents a big opportunity for revenue growth and competitive advantage, MSPs face a host of challenges and potential revenue risks, not the least of which is managing the way licensing models are presented.
When dealing with greatness and great companies one should try to find out what it is that they are doing so outstandingly well, and what lessons are to be learned from them? What do Google, Amazon, Facebook, LinkedIn, Netflix, Intuit, Bank of America, GAP or Macy’s - just to name a few - have in common?
Apart from being very big enterprises and highly successful, they also share an IT-related approach that has become a cultural trait: they all embraced DevOps as a way of delivering their products/ services to the clients. As security practitioners, we have the duty to ask ourselves – where does security fit into this DevOps philosophy?
For the most part, corporate press releases are boring. It’s an exercise in patting oneself on the back while saying next-to-nothing of significance that IT companies are especially guilty of performing as a rote exercise. Then again, every now and then an announcement produces a reaction that stirs things up. To me, the significant parts that go unsaid in an announcement are, in exceptional cases, revealed by the reaction of others (or the lack thereof). Last week, Amazon was good enough to create an interesting example of a PR-by-reaction.
It began with an announcement from Amazon, which can be found here. The post was part of announcing the release of AWS Management Portal for vCenter. Basically, it’s a vCenter plug-in that makes it easy to lift VMs to AWS. It has some additional features, but overall, is compelling only in that it lives with vCenter. To flip that around, it’s really exciting because it’s in vCenter. It’s all in the interpretation…
Desktop-as-a-service (DaaS), yet another “as-a-service” offering made possible by the cloud, continues to gain momentum in the market. As a VAR or managed services provider, you can tap into this opportunity, not only by providing DaaS offerings to your customers, but by ensuring that these platforms are as secure as possible.
As with most buzzwords in the IT industry, DaaS can mean different things to different people. But basically this type of service involves providing remote desktop virtualization to devices via cloud computing, much like applications are delivered through software-as-a-service (SaaS) offerings.