Focusing on Data and Fact with less Hype

Jon Shende

Subscribe to Jon Shende: eMailAlertsEmail Alerts
Get Jon Shende: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Jon Shende

One major concern with the adoption of cloud computing is the lack of a defined standard or standards that are specific to operations impacting security, interoperability & mobility within the Cloud ecosystem. As most managers of security departments will attest to, there is a fine line between security and operations. While we as business managers want to ensure that we maximize the ROI on our operational investments and ensure that availability is paramount for our users, we do not want to do so at the expense of our security measures, policies and protocols. On the other hand we do not want to lock down a system providing maximum security, but to such an extent that there is a degradation in availability - thus negatively impacting operations and our revenue stream by extension. In the traditional IT Security/Operational world we balance tools and metrics from ITIL a... (more)

Introducing Cloud Computing: A Gentle Overview

[Adopted from my BLOG December 2009] Lately in the IT community all the hype is on Cloud Computing. We have small start-ups offering several variations of Cloud services as well as some of the established big players (Google, Amazon, IBM, Novell (aimed at cloud service providers),Sun) stepping up their offerings of cloud services. But what exactly is Cloud Computing? Is it Virtualization? Is it services that we accessed via a web browser over the years, something totally new, or is it all of these,but  just rebranded? The term Cloud Computing started gaining traction when Google a... (more)

Live Forensics and the Cloud

Cloud Computing offers a sense of "vastness" in terms of storage and remote processing. According to Simpson Garfinkil, a major challenge to any digital forensics investigator investigating data within the cloud; can be an inability to locate or identify data or code that is lost when single data structures are split into elements. This in effect directly impacts forensic visibility. Within this ecosystem a major concern can be access to and the preservation of data within an on-going digital forensic investigation. Of consideration as mentioned in Part 1 - is that in a live and ... (more)

The Impact of Airport X-Ray Technologies - Part 1

Over the last three weeks due to the nature of my IT security job, I have traveled through major airports at least eight times. With all the commotion recently regarding the airports new back-scatter X-ray machines (privacy, health, etc.) I wanted a firsthand look/feel at this experience. While I am sensitive to and an advocate for issues of privacy regarding persons with medical conditions and children, at 15 pounds overweight I don't think any airport security personnel will take pleasure in looking at a scanned image of me. Far from it, I hope I don't give them any nightmares... (more)

Identity Management in Cloud Computing

Web-services research and protocol applications have been around and in use for quite some time now. With the potential Capex and Opex savings enterprises can potentially realise from utilizing a cloud computing service model, there should also be added focus on ensuring that security is properly implemented either in authentication or authorization. Cloud Computing, with its foundation in the world of virtualization, can take advantage of key aspects of web service implementations and security practice; but only to a point. Web service policies are based on a static model that ... (more)