Posts Tagged ‘vmware cloud security’

Stealing your data while you watch

December 20th, 2014 Comments off
Reading Time: 4 minutes

medium_4612834833 In IT and IT Security there is a constant complaint about the risks of shadow IT, and the adoption of consumer collaboration and sharing tools. Over the last couple of years we also saw the emergence of novel exfiltration techniques including the persistent ultrasonic technique, where the infected devices  communicates with other compromised hosts via high frequency; or the Twitter based technique, where malware sends out data 140 characters at a time for anyone to read;  and the more recent Video technique, encrypting data in video files and putting corporate secrets onto video sites or later retrieval.

Read more…

vForum 2010

October 27th, 2010 Comments off
Reading Time: 3 minutes

After spending two days at VMware’s vForum I have to say one thing. There are a lot of people out there who still don’t know, or understand, what cloud computing is. What makes it worse is the culprits are the vendors and the System Integrators, possibly confused by the cloud washing of their portfolio.

On more than one occasion there was the comment “everyone has their own definition” which is OK as a starting point but did anyone try sit-down and educate the great unwashed? Virtualisation != Cloud Computing.

Please, just to get you started have a read of the NIST definition. Whilst it may be considered lacking in parts, it is certainly better than the veritable blank slate of today.

The two things that did seem to be common with most of the speakers were: Management, at the highest level, needs to be driving this; and have a solid, functional security policy. What is funny is that it sounds like both of these are new ideas in the IT world. Those with half a clue know this not to be the case. Hopefully what events like today have done is remind everyone that these technological masterpieces we create are a means unto an end. They deliver a function for the business, or at the very best are the business enablers.

The other topic that lay just under the surface was that any migration, be it to an internal, private cloud through to an external, public cloud (and all variants within) is an extremely complex task, navigating technological and potentially regulatory pitfalls along the way; I found interesting  the sheer volume of “experts” available to help you along your journey, despite the sheer lack of services available domestically (notice yours truly in the pic).

Silly rants aside. It was great to get out and see the bits of the market I’ve been too busy to pay attention to, like the fact that VMsafe has now morphed into vShield endpoint or that vShield zones is now becoming more of a reality through vShield App and vShield Edge. We’re slowly starting to see feature parity with the physical world. The other nice piece of news was vMware’s “Project Horizon”, and accompanying demo. I’ve always said, give your staff the tools the want, else they will go out and get them themselves, whilst playing catchup to other players in the market, it is still a great sign. Having more than one player in the space will drive innovation further.

All in all I’m glad that I was able to attend this year and looking forward to all those vendor followups 😉