Welcome to Collaborative Strategy Guild Where insights are transformed into actions at the intersection of collaboration, information management, security, and business strategy.
|
As the second law of thermodynamics tells us, all things trend toward chaos and this is no less true with a virtual environment. Sprawl can have a real security impact, and it takes discipline and planning to control sprawl — discipline and planning that won’t occur without someone from the security team actively monitoring the problem and formulating strategies for how to address the issue.
VVirtualization has been one of the most rapidly and widely adopted technologies in recent memory. It’s huge, and it’s here to stay.
And as security professionals know, setting up a virtual environment securely isn’t easy. Significant effort goes into tasks like evaluating off-premise service providers, ensuring regulatory… Continue reading: Post Virtualization Security
Excerpts from a timely NoSQL reality check
"We think the lack of security around NoSQL is going to take a toll on organizations," says Amichai Shulman, co-founder and CTO of Imperva. "We’ll see a lot more organizations starting or going into deployment of NoSQL in the next year and we believe what they are going to find out after they put the data there is that there are some security issues they should have considered."
[…]
But this biggest benefit of NoSQL is also one of the biggest cause of concerns for security experts.
"One of the things about NoSQL is that the data model… Continue reading: Does NoSQL Mean No Security? – Dark Reading
From the 2nd page of the article
At last week’s MIT workshop, David Clark, an MIT computer scientist who was the Internet’s chief protocol architect in the 1980s, said that the Internet will need to be engineered to both resist attack and to make it difficult for individual regimes to shape it to their liking.
"Did we design it to be resilient to attack and control? The answer is no," Clark said. "We thought about it being resilient to failure, and that’s different. We need now to think about a discipline of designs relevant to control."
Clark added: "The future is not centered on performance, but centered… Continue reading: Should We Fire the First Shot in a Cyberwar? – Technology Review
A stark security reality check
A claim by Wikileaks that documents it released last week provide evidence of a "secret new industry" of mass surveillance was as breathless as previous pronouncements from Julian Assange’s organization. But the material does provide a stark reminder that our online activities are easily snooped upon, and suggests that governments or police around the world can easily go shopping for tools to capture whatever information they want from us.
The take-home for ordinary computer users is that the privacy and security safeguards they use—including passwords and even encryption tools—present only minor obstacles to what one researcher calls the "cyber security industrial complex."
The Cyber… Continue reading: The Cyber Security Industrial Complex – Technology Review
The Ponemon healthcare study, the Second Annual Benchmark Study on Patient Privacy and Data Security (sponsored by ID Experts), has been gaining quite a bit of attention in the press and in the blogosphere over the past few days.
Overall, it’s an interesting report (as most Ponemon reports are). And I for one am pleased that folks out there are interested enough in the intersection of HIT and security to go out and read it… even more pleased that so many people find the topic interesting and valuable enough to write about it.
But all that being… Continue reading: HIT security: conclusions in a “contradictory report”-sandwich?
|
|
