IPv6 is here. How does this affect email?
Part 1 of 2 parts IPv6 will change how we use the internet, again. To the typical user, there is no difference; web sites work the same. But email is a different story. When using IPv6, addresses are...
View ArticleThe State of Cloud and Virtualization Security
For the last few months, we’ve been conducting a cloud, virtualization, and VDI security survey of 1200 IT professionals from larger companies in 6 countries around the world. Not only did I get to...
View Article“Hey, You, Get Off of iCloud!”
For all its hype iCloud does not represent a fundamentally new problem. Employees are already bringing personal devices to work and wanting to use them in their jobs, and these unmanaged devices are...
View ArticleEncryption is Not Enough for Cloud Security
By saying that encryption is not enough for cloud security, I don’t mean that you also need other types of protection like server security, identity management, etc. I think most people deploying...
View ArticleCloud and the merits of host based security
At cloudexpo yesterday, I chatted with Allan Allison, after his session on cloud security. Subsequently, I read his blog post which advises organizations considering the cloud, how they can leverage...
View ArticleGovernment Data Seizures is Only One Type of Data Loss
Dave Asprey and Jonathan Gershater bring up good points in their blog posts about the USA PATRIOT Act (“The USA PATRIOT Act is Bad for Business” and “Patriot Act is not the first (nor likely) last law...
View ArticleDo You Encrypt Your Data? A Plea to Businesses from an Identity Theft Victim
Recently I became a victim of identity theft. Criminals gained access to my name, address, date of birth, driver’s license number, social security number, and bank account number. I’ve spent the last...
View ArticleWhere to store cloud encryption keys? Adhere to compliance guidance.
I recently read a blog post outlining how a customer should evaluate where they should store their encryption keys when encrypting data in the cloud. The post outlines the various options for storing...
View ArticleHIPAA hiccups
Not a month goes by when there isn’t an announcement of a breach of electronic health records thereby disclosing personal and financial data; and that excludes breaches that are not publicly...
View ArticleThe Hidden 3rd Party “Vulnerability” in Google Drive
In 1998 I helped to create one of the first modern cloud services at Exodus Communications, and since then there has been a nagging concern in the back of my mind that legacy government interpretations...
View Article