Auditing Security in New Virtualized IT Environments
In the old days, there was a physical cable running from A to B. One server ran just one application. Auditors could see the boundaries and could assess IT security accordingly. But today, matters have changed considerably. The virtualisation of X applications over Y servers, and the use of the cloud make it impossible to […]
Disaster Recovery Forecast: Cloudy with Scattered Virtual Machines
First there was the dedicated, physical server. Then came virtualisation to help organisations mix and match over different servers on their sites. After that came cloud computing with more virtualisation (and multi-tenancy thrown in). However, organisations typically still did their virtualisation between machines in close physical proximity, even if they were using cloud services. Now […]
Five Aspects of Usability to Integrate into Your Disaster Recovery Planning
Disaster recovery planning for your IT installations may use automated procedures for a number of situations. Virtual machines can often be switched or re-started in case of server failure, and network communications can be rerouted without human intervention. For other requirements, people will be involved in getting IT systems up and running properly after an […]
What is Virtual Machine Side Channel Analysis and Why Should You Care?
Here’s the quick version. Hackers operating in the same cloud server hardware as you can steal your encryption keys and run off with your data/bank codes/customers/company (strike out items that do not apply – if any). Yes, behind that mouthful of a title is a scary prospect indeed. Until recently, this kind of cloud-side hacking […]
IT Security is Essential in the Cloud – But Which Cloud Do We Mean?
Clouds by definition are nebulous and vague. Their use in IT models and discussions goes back decades, long before the current cloud computing models. A ‘cloud’ was convenient shorthand for showing a link between a system on one side and a terminal or another system on the other. Today however, the concept has evolved. Not […]
Virtualisation Needs More Than Just a Physical Security Approach
As you bring virtualisation into your IT infrastructure, you may have noticed a few security-related aspects that weren’t present in a purely physical ‘one-app-one-server’ environment.