According to a recent report from IDC, by 2020, almost half of IT infrastructure spend will be on cloud IT infrastructure.
In World War II, the Allies had a significant advantage because they were able to compromise the encryption protocols that the Japanese and Germans used to send sensitive messages. They were able to intercept and decode messages to gain intelligence concerning sensitive military operations.
Businesses need to protect their assets when they are within their protective infrastructure AND when they are actively exposed or placed within the unprotected external world. The tools and procedures needed to protect the internal assets are different from the ones that protect the assets when they leave the confines of the secured network.
One of the responsibilities of the Key Master is to provide access to the sensitive and secure information hidden within the locked facilities. In my last post, I explained why the application delivery controller (ADC) is the Key Master for SSL/TLS communications on the internet. It is the responsibility of the ADC to manage and distribute the access to the different essential security services.
Just as cloud computing means different things to different people, so does the term Service Provider (SP). For the purpose of this blog, I include Cloud Service Providers (CSP), Hosting providers (colocation and managed) as well as Telcos in the SP category.
In the movies (and real life) one often needs to go through the Key Master to get to the destination. The job of the Key Master is to keep control of the access to the locks and barriers that protect important or sensitive material. Sometimes there is one key to get to the hidden rewards while other times, there is a long string of keys that must be maintained and managed. In other situations, the Key Master is more of a Key Maker, generating keys upon request.
Many organizations have a guidance to cut IT spending while rolling out secure application services in a continuous delivery model. Many R&D teams in these organizations have adopted Agile and DevOps practices to enable faster delivery. The goal of Agile and DevOps practices is to deliver applications quicker and to deploy them with a lower failure rate than traditional approaches.
Driving a car is like riding a bike, if one refers to the old expression. It is fairly easy to recall how to do it if there has been some time since the last time one has been behind the steering wheel. Of course, this old adage does not apply if the way cars are driven has changed. It can be disconcerting going from automatic to manual transmissions or driving on the right side of the road instead of the left.
It has been a while since Cisco announced end-of-life for its Application Control Engine (ACE) products. The last date of support, January 31, 2019, is fast approaching. If you rely on ACE for load balancing in your environment, it is time to migrate and look to the future.
How do we build a truly resilient security framework directly incorporating micro segmentation into the SCADA systems and our network in order to protect it, when we can’t add security controls for fear of the business consequences?
I think the solution is quite obvious on the surface: change the dynamic that has existed within our communication-centric IT world since the inception of ARPANET. What do I mean?