Securely Building Clouds: Thoughts and Concerns

Edward Haletky, Cloud Analyst, The Virtualization Practice
Edward Haletky provides Virtualization, Virtualization Security, Network Security, Secure Coding Consulting and Courseware as well as Linux Security and Application Development.

* Author of "VMware Virtual Infrastructure Security: Securing the Virtual Environment" and "VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers", published December 2007, Copyright 2008 Pearson Education.

* Guru and moderator for and participant in the VMware Community Forums.

* Moderator for the Virtualization Security Podcast held every other week on thursday.

* Analyst and Managing Director for The Virtualization Practice, LLC.

* Participant in the VMware VMTN Communities Roundtable Podcast held every wednesday.

* Blogs about Virtualization on his own Blog, Blue Gears, as well as for the Virtualization Practice and TechTarget.

* Writer for various online and physical magazines.

Specialties
* Virtualization Security
* VMware Virtual Infrastructure
* Network Security
* Secure Coding
* Linux Security
* Linux Application Development
May 16 2012
48 mins
Securely Building Clouds: Thoughts and Concerns
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5239)
  • Upcoming (116)
  • Date
  • Rating
  • Views
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • In this webinar we will examine what information security and threat analysts can expect in 2015. Topics will include using threat intelligence before and after data breaches, information sharing, the Internet of Things, and the role of the CISO.
  • Attack Intelligence to Power Tomorrow’s Cyber Response.

    Preparing to combat every threat and vulnerability is a war that no cybersecurity professional can win today. Speed, accuracy and visibility of threats and active attacks is critical to defending against APTs and other sophisticated attacks responsible for today’s headline-grabbing data breaches. The next generation of advanced threat prevention solutions will require a significant shift in how we incorporate threat and attack visibility into everyday security operations, enabling incident responders to identify and stop campaigns as they happen.

    Join us as IDC’s Research Vice President for Security Products Services Charles Kolodgy shares his view of the threat landscape, including how threats are evolving, how cybercriminals are becoming more sophisticated and what new solutions are necessary to combat APTs.
  • Attack Intelligence to Power Tomorrow’s Cyber Response.

    Preparing to combat every threat and vulnerability is a war that no cybersecurity professional can win today. Speed, accuracy and visibility of threats and active attacks is critical to defending against APTs and other sophisticated attacks responsible for today’s headline-grabbing data breaches. The next generation of advanced threat prevention solutions will require a significant shift in how we incorporate threat and attack visibility into everyday security operations, enabling incident responders to identify and stop campaigns as they happen.

    Join us as IDC’s Research Vice President for Security Products Services Charles Kolodgy shares his view of the threat landscape, including how threats are evolving, how cybercriminals are becoming more sophisticated and what new solutions are necessary to combat APTs.
  • Mobile is no longer a supplementary channel for the enterprise; It is quickly becoming the primary channel to deliver business critical information and experiences to partners, customers and employees. Join Sarvesh Jagannivas, VP of Product Marketing at MuleSoft, and Uri Sarid, CTO at MuleSoft, as they discuss the mobile enterprise opportunity, and the biggest challenges preventing successful mobile delivery.

    Join this webinar to learn:
    - Why mobile applications are the new imperative for the enterprise
    - The top challenges preventing rapid, scalable and secure mobile application development
    - Three case studies of industry leaders who are building mobile enterprises
  • Pass-the-hash and similar credential theft and reuse attacks are among the greatest security threats facing organizations today. With an impact that extends well beyond Microsoft Windows and Active Directory environments — and with no definitive means of remediation — it should come as no surprise that these types of attacks have been an underlying component of just about every targeted attack disclosed in the past several years, including those perpetrated against Saudi Aramco, Target, and The Wall Street Journal — just to name few.

    Join us Thursday, February 26th at 1 pm to learn:

    - How this highly popular and devastatingly effective class of attacks works
    - The basics of the pass-the-hash kill chain
    - An approach, based on design and administrative best practices, for mitigating attacks
    - The role privileged identity management solutions, like Xsuite, can play in implementing these practices

    Presenters:

    - Mark Bouchard, Co-Founder and VP of Research, CyberEdge Group, LLC
    - Dale Gardner, Senior Director, Product Marketing, Xceedium, Inc.
  • What sets high-functioning IT organizations apart from the rest? That’s something every IT leader wants to know. After all, we live in a highly competitive business climate and IT performance can be the difference between success and failure. To conquer the challenge, we need to be informed and collaborative and we need to do this in a cost-effective manner.

    In this webcast, you will hear from two experts on some of the technology that’s driving today’s high-functioning IT organizations. Find out how your company can be aligned, agile and ready to respond to ever-changing business requirements and competitive pressures.
  • Channel
  • Channel profile
  • Is Cloud the Answer For a Growing Business? Mar 11 2015 4:00 pm UTC 15 mins
    What advantages does cloud provide to a growing business?

    Regardless of the organization’s size, industry or geographic location, decision makers and IT staff always look to ensure reliability, flexibility and adaptability of their network infrastructure.

    As businesses expand to multiple locations, instant and reliable communication between remote workers becomes a necessity. Find out what advantages a cloud-based communication system provides over an on-premise legacy solution.
  • Why CEOs Expect IT to Bring Cloud Collaboration to the Strategy Table Mar 10 2015 3:00 pm UTC 60 mins
    Do Your Workers Meet in the Cloud?

    Enterprises are only realizing 43% of technology's business potential according to Gartner. At the same time, most CEOs see IT’s role evolving over the next several years to become more involved in business strategy. Do you have a plan to drive innovation with new technologies such as cloud voice and video conferencing?

    Sign up for this live eSeminar to hear Clint Edwards, Polycom VP Global Cloud & Service, describe why 2014 is the Year of the Cloud. As a leader in cloud-based collaboration, Polycom understands the dramatic ways that mature cloud communications are disrupting old models by enabling mobile and distributed workforces. Vi Chau, Director, Product Management at RingCentral will also give a glimpse of how cloud technologies uniquely integrate mobile workers into the core business. Finally, RingCentral customer Paul Clowser, Director of IT, Coldwell Banker Mid-America Group will describe the tangible benefits his company has gained from cloud collaboration.

    Join this eSeminar and discover how:

    •VoIP cloud has evolved and the mobile and collaboration capabilities you can leverage today

    •Better phone system integration can eliminate lost deals through delays in communication

    •To achieve economic benefits from integrating mobile and remote workers through voice and video conferencing
  • Texting. Smartphones. Tablets. Oh my! Business Communications in a Mobile World Mar 4 2015 8:00 pm UTC 59 mins
    A lot has changed in the way we communicate for business. A decade ago, most organizations had employees who came to the office every day, used desktop computers and desk phones, and stopped communicating for work when they went home.

    Today, people communicate for work anywhere, anytime, and on any device. Per Forrester, sixty-six percent of employees use two or more mobile devices for work. And according to Frost & Sullivan, nearly 25 percent of employees work from home or the road. What’s more, the desk phone is not the only business device. Based on a RingCentral survey, 35 percent of employees are using their mobile phones for work even when they are in the office. And nearly 80 percent of employees text for business, with 32 percent reporting that they’ve even closed a business deal via text.

    Even with these undeniable business behavior changes, the vast majority of companies haven’t optimized their communications infrastructure for mobile workforces or BYOD.

    Join this webinar to get ahead of the pack and learn the benefits of a cloud communications solution that supports the new world of work.

    •Understand the trends driving mobility and behavior changes in the work place, with Melanie Turek, VP of Research for Enterprise Communication & Collaboration, Frost & Sullivan.
    •Get the real story from a business that has addressed their mobility needs first hand from Adam Fishman, director of growth and operations for Lyft, a community ride-sharing service.
    •Hear how a cloud communications solution is addressing several challenges businesses face in the new work world from Nisha Ahluwalia, VP of product marketing at RingCentral.
  • Maintaining Security in a Mobile World Mar 4 2015 6:00 pm UTC 45 mins
    The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • 5 Tips: How to Enable a Comprehensive BYOD Strategy Recorded: Feb 26 2015 48 mins
    The BYOD trend is a symptom of consumerization in the mobile/cloud era that presents an opportunity for IT to be more relevant to the business. Recent studies show more interest than ever in BYO “anything” programs, however this transformation is hindered by concerns over security and complexity. From MacBooks and laptops to smartphones and tablets, a BYO “Anything” strategy must start with the user, not the device. By attending this webinar and discussion, you will learn:
    - How to take a people-centric approach to BYOD programs
    - Simple tips for navigating through the policy nightmares associated with BYOD
    - Key infrastructure requirement for a successful BYOD program
    - How a successful BYOD program can lead to even greater value for business mobility
  • Is it Time to Embrace Cloud for Remote Office Server Backup? Recorded: Feb 26 2015 51 mins
    As a business, concerns over RTO, RPO, costs, security, and data privacy have historically made the decision for cloud backup a complicated one. However, cloud technologies continue to evolve, and can now provide substantial cost benefits while overcoming the most stringent security, data privacy, storage and performance hurdles. This makes it a perfect fit for many backup needs — especially remote office server backup.

    In this session we’ll cover:

    * The state of the cloud and the latest advancements for D2C server backup
    * How security and data storage advancements are addressing key enterprise data privacy concerns
    * How to leverage the cloud for remote office server backup and archiving, while significantly lowering storage and administration expenses
  • Cost-effective Disaster Recovery Without a DR Site Recorded: Feb 25 2015 58 mins
    Achieving cost-effective disaster recovery (DR) services without a physical DR site — or having to extend your DR footprint — is possible. In this live webcast with Microsoft, see how you can use AppAssure software in combination with Microsoft® Azure® and disaster recovery as a service (DRaaS) from Dell partner, eFolder.

    The first half of the webcast will showcase how you can store AppAssure backup archives directly on Azure and perform item-level recovery from the archive without having to download the archive from the cloud. Then we’ll showcase ways to replicate AppAssure backup images to the eFolder® Storage Cloud® and enable multiple disaster recovery options.

    Join our webcast partnered with Microsoft® and see how easy it is to:
    • Manage the growth of your backup archives
    • Establish cost-effective disaster recovery without a DR site
    • Avoid extending your DR footprint

    What you will learn:
    • How to leverage Azure to directly store AppAssure backup archives
    • How to perform item-level recovery from the archive without downloading the archive from the cloud
    • How to replicate AppAssure backup images to the eFolder Storage Cloud
    • How to enable multiple disaster recovery options, including image download, overnight drive shipment or recovery in the eFolder® Continuity Cloud®
  • SAP and Google Glass Challenge: Midpoint Status Update for Partners Recorded: Feb 25 2015 33 mins
    A 60 minute broadcast on February 17, providing a status update by SAP and the Glass at Work team.
  • Mobile Architecture Deathmatch: Native vs Web vs Hybrid Recorded: Feb 24 2015 48 mins
    Selecting the right mobile application architecture for your app can be a daunting decision - and it should be. Going down the wrong road can be extraordinarily painful and fraught with costly overruns, project delays, and throwaway code. Our mobile app development experts share lessons learned from developing their own mobile architecture and from helping hundreds companies pick the right mobile path.

    In this session, you will learn how to navigate the mobile architecture decision process to select the right mix of native and HTML5 in order to achieve the perfect balance of richness of use, development productivity, and apps built for the long haul.
  • OpenStack Orchestration: What You Don't Know Can Kill Your Career Recorded: Feb 24 2015 52 mins
    Designing a fully orchestrated OpenStack cloud can be complex, time-consuming, and downright scary, making you feel as if you're standing on a precarious professional cliff. In this webinar, you'll find lampposts of knowledge and wisdom to light your way. StackVelocity and SUSE have teamed up to help you understand how to develop solutions that allow you to accelerate your time to value while maintaining the economics required for success in the marketplace.

    In this webinar, you will learn:
    -The challenges in orchestrating OpenStack that all enterprises should consider
    -How to think about the challenges in terms of the features your cloud is expected to deliver (e.g., DBaaS; LBaaS; federation to other cloud infrastructures, OpenStack or otherwise)
    -The best practices for designing, building, pre-validating, installing, managing, monitoring and optimizing an OpenStack cloud
    -How to plan your orchestration strategy in light of the ongoing maturation of OpenStack
    -How the StackVelocity/SUSE solution for cloud orchestration gets you from "sowing" to "reaping" as quickly as possible

    This session will provide practical, actionable strategies you can put to use immediately, regardless of the OpenStack distro or cloud orchestration solution you choose to implement. Join us!

    Speakers: Russ Lindsay, Director of Solutions Architecture, StackVelocity; David Byte, Senior Technology Strategist, SUSE; and Pete Chadwick, Senior Product Manager, Cloud Infrastructure Solutions, SUSE
  • Unleashing the Power of VDI in Banking & Insurance Recorded: Feb 19 2015 32 mins
    Desktop computers have been in existence for over 30 years, but the innovation in the last 10 years has fundamentally transformed the way we use them. The desktop is now increasingly found in the cloud, thanks to the technological advancements leading to the Virtual Desktop Infrastructure (VDI). While VDI has been in existence for the past 8 years or so, it has become more relevant in the banking and insurance industries in recent years. Insurance agents and Wealth Managers work in a heavily regulated industry. While adhering to heavy regulations, the Insurance Agents and Wealth Managers have a critical need to access important information in real time to better serve their clients.

    Now with VDI they’re able to break free from the limitations of the traditional infrastructure, being able to access real time information any time anywhere, enabling them to focus on their clients’ needs. Join us in this session to learn from Craig Beattie from Celent and Muthu Somasundaram from VMware, how VDI has helped accelerate the pace of innovation in the Insurance and Wealth management industry, while maintaining compliance with all regulations.
  • VDI Workshop: Image Creation, Optimization and Troubleshooting Recorded: Feb 19 2015 47 mins
    Configuring a VDI image is a complex task for the systems engineer. This session will help prepare the engineer for creating an image as well as vetting and troubleshooting it before it gets to production. Topics include:

    - Image Creation Best Practices (Scripts, What-to-dos, What not-to-dos)
    - Image Testing (Tools free and not)
    - Troubleshooting (How to find out what’s wrong when it goes wrong)
    - VDI Deployments (Why?)
    - User Experience Monitoring (You need it, but how?)
  • 5 Best Practices for Backing up Salesforce Data Recorded: Feb 19 2015 34 mins
    Your organization's Salesforce data is one of its most important resources. Are you doing what you can to keep it safe?

    While Salesforce is unlikely to lose data on its own, nearly 75% of all data lost in the cloud is attributed to humans - most of those instances being user error. In this BrightTALK exclusive webinar for Salesforce Administrators, you'll learn the best ways to backup and restore your organization's most important data.
  • The Evolution of OpenStack - From Infancy to Enterprise Recorded: Feb 19 2015 59 mins
    As OpenStack enters its 5th year, we are taking a look back at where it all started. We'll start at the beginning and why OpenStack started, how has it has evolved and wrap it up with a discussion about where it is today and why it is ready for the Enterprise.
    Join us for this insightful look back and to celebrate how far OpenStack has come in just 5 years.
  • Achieving Elite Data Management: Virtual Storage and You! Recorded: Feb 19 2015 26 mins
    As data becomes more precious and valuable, but at the same time more difficult to contain and manage effectively, there are new levels of demand for highly skilled, all data managers.

    Join Matthew Fordham and learn how to become an elite data manager as he shows you how to manage data virtually and effectively and how a virtual storage center can be the fastest track!
  • Meet Your Recovery SLA’s with Automation & Array Snapshots Recorded: Feb 19 2015 40 mins
    As your virtual estate grows and you add critical applications to the environment, a ‘one size fits all’ approach to vm protection is no longer an option. Core applications need to be treated differently to tier 2 or 3 systems, and simple manual tasks in a modest environment become impossible to manage in a growing virtual estate. Automation is also a key component if you are planning to move to a private cloud model.

    This session will show you how to:
    · Meet Protection/Recovery SLA’s with Automation

    · Leverage automation to control vm sprawl

    · Improve RPO/RTO with VM & App aware snapshots

    · Effectively protect high workload VM’s
  • Optimising your Virtualization Investment Recorded: Feb 19 2015 36 mins
    Virtualization has come a long way since just being able to offer more efficient resources and improved HA. You’ve already invested heavily in VMware technology, but are you really getting the most from what they have to offer? Naturally you can’t be experts in everything, so join this session with Rackspace, the VMware specialists, as Lindsay shows you how to fully benefit from the latest developments and enable you to offer IT as a more cloud-like experience, without having to re-write any of your applications.

    o Understand the benefits of an Outsource model v’s On-Premise

    o Critical Success Factors to consider when outsourcing IT to managed hosting or the cloud

    o How to start your journey to the Managed Infrastructure Services

    o DR-to the-Cloud: Best Practices

    o VMware Dedicated vCenter, Server Virtualization and Dedicated VMware vCloud offerings
  • Hot Tips for Choosing a Business Phone System Recorded: Feb 18 2015 62 mins
    Where do you start when choosing a business phone system? You need to choose a product that works right from the start so you can stay focused on your business.

    In this live presentation, Forrester Research Analyst Henry Dewing talks about issues concerning business owners and IT departments, including: BYOD, improved customer service, and collaboration You'll also hear a real-world experience from Finfit's Director of IT, Vernon Giroud who successfully rolled out a new system to his highly dispersed work force.

    Join this eSeminar and learn:

    -How FinFit saved 65% on their phone bill
    -How they quickly brought 60 remote offices into the cloud
    -Who the market leaders in cloud communications are
  • How to Assure Your Service Catalog Can Survive the Cloud Recorded: Feb 18 2015 42 mins
    Service catalogs have traditionally been focused on delivering internal resources but with the growth of cloud usage, IT must now extend this process to external cloud services. Yet, current service catalog functionality does not match the dynamic nature of cloud or have the fast and easy buying experience users expect, causing a lack in visibility and control for IT.

    Join Gravitant as we talk about a new concept emerging called the service store, which provides users the experience of an app store while being powered by a dynamic service catalog. Learn how using this approach can set the foundation for your cloud strategy in the key areas of multi-provider management, governance, cost visibility, and more.
  • Enterprise Class Storage: the new rule of three Recorded: Feb 18 2015 37 mins
    Today’s modern storage solutions follow the old fashioned rule of three. Dominated by three words: Software-Defined Storage.

    Learn about the trifecta of benefits from efficiency to flexibility to financial responsibility by joining Rolf Versluis, CTO at Adcap, a leading reseller in the SouthEast and Michael Letschin, Director of Products at Nexenta as they discuss the trends and use cases for Software-Defined storage and their play with the major virtualization vendors.

    Attend to learn more about:
    - What is the rule of three?
    - Defining the world of SDx - software only, hyper-converged or traditional
    - What are the business advantages of SDS
    - How SDS can be integrated in your virtual environment
    - Deployment options
    - Examples of SDS deployment architectures
All you need to know, what it means and why it matters
Cloud computing is a general concept that incorporates software-as-a-service (SaaS), platform-as-a-service (PaaS), infrastructure-as-a-service (IaaS) and other recent well-known technology trends in which the common theme is reliance on the Internet for satisfying the computing needs of the users.

This channel features presentations by thought leaders who cover the key topic areas in this increasingly important field.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Securely Building Clouds: Thoughts and Concerns
  • Live at: May 16 2012 12:00 pm
  • Presented by: Edward Haletky, Cloud Analyst, The Virtualization Practice
  • From:
Your email has been sent.
or close
You must be logged in to email this