Click here to close now.




















Welcome!

Microservices Expo Authors: Pat Romanski, Ruxit Blog, VictorOps Blog, Jason Bloomberg, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Microsoft Cloud, Containers Expo Blog, Release Management , Cloud Security

@CloudExpo: Article

REACT to the Cloud: A Tale of Horror and Unified Security

Breaking down the independent security silos through better correlated intelligence

Today's is a cautionary tale. One that you've probably heard before, but I promise a new spin on making sure it won't happen again.

It's a true story. It recently happened to a colleague's friend's business. But it is not an isolated incident. Because the information is sensitive and the wounds still raw, I have changed the names to protect the innocent and the not-so-innocent.

It was a dark and stormy night...

Dan is the  CEO and CTO of a privately owned business that develops software tools to manage lease lifecycles and other financial information. His primary customer is commercial real estate agencies across the country. For the past 12 years, it has been highly successful despite some of the economic battering the housing market took over the past several years. The company clears somewhere in the neighborhood of 30-50 million per year. He employs about 150 people. And it is the story of one of those employees where the story takes a dark turn.

Recently Dan parted ways with his VP of Sales. Dan thought the split was amicable, but according to my colleague, in less than a month, Dan was confronted with the reality that the veep actually felt slighted, and allegedly took steps to hobble the company.

It seems  several days after this employee left the company, he was able to access the network and allegedly remove client databases from the CRM, all his work files and even sent an "anonymous" message from the company's info@ email account to every customer decrying how Dan was personally trying to cheat them. And as a last "get stuffed" act was able to access several other applications and erased a good deal of data. Apparently he was able to clean his trail or else I would be talking about how this guy is currently being sued or in jail for theft. It is also why I cautiously use the word allegedly. Nonetheless, there was some serious damage done.

Now in terms of security, Dan had a decent firewall and anti-virus protection. He also had a log management solution for his financial compliance issue. Now the log didn't pick up any machine code of the veep's alleged visit because all the financial data required by the regulatory agency is on another server.

Now Dan is faced with several business issues and related costs of having to recreate the wheel, replace lost information and shore up security. Aside from the tribal knowledge and the recovery of the data, Dan's biggest mountain to climb is making sure something like this never happens again. If Dan relies on existing paradigms (buying new servers, workstations and 4 different software packages, finding a knowledgeable consultant to develop the processes, and development/deployment time) it is going to cost him a pocket load of front-ended capital expenditures, hundreds of man hours and other assets that will siphon resources from his core competencies.

Or not.

If Dan REACTs and looks to the cloud, many of those headaches fade without the crushing blow to time, money and resources. REACT or Realtime Event and Access Correlation Technology is part of a game-changing holistic paradigm called UniSec (unified security) which delivers a comprehensive suite of solutions deployed and managed from the cloud. It comprises all the security elements that would've prevented Dan's breach and data theft and leverages all the various silos information into a centralized real time contextual analysis. In other words it provides 360o enterprise visibility to see who is doing what , when and where for any part of the IT landscape.  It takes the historical backbone of Log Management, the intelligence of SIEM, the authenticating of Identity Management and the control of Access Management  and provides a Single Source of analysis, alert and action in real time

Without the benefit of cloud computing, this solution would be well beyond the budget means of Dan's company. Even one doing as well as his. REACT puts enterprise power in the hands of smaller companies in a very affordable, scalable and flexible manner. Just deploying a single sign on initiative can be pricy. Then you add all these layers, all these endpoints... It used to make very little sense for modest organizations to invest in such protection. However bundled , deployed and managed from the cloud (for less than what it would cost support & maintenance for an on premise equivalent) Dan is able to better protect his assets and has a clearer vision of business needs; what department needs which application and providing access only to them.

Four solutions...does Dan really need all that? Yes. Is it overkill? Absolutely not. If Dan had each element deployed (realizing it is just a single solution underneath the REACT umbrella): 1) an identity management solution would have immediately  prevented an ex-employee from coming in through automatic deprovisioning and password retirement, 2) access management would have blocked his way from reaching SaaS apps and downloading CRM databases and other proprietary files 3)SIEM would have noted his attempts to touch any part of the network and create an intrusion alert and Log Management would have recorded it all for compliance audits. That this solution is scalable to the exacting need and business requirements (today and tomorrow) of Dan's company make it a perfect fit. That the solution is zero-day deployment ready means no waiting on ROI and the important functionality it brings. That the solution is pay-as-you-go he's spending no CapEx money. That the solution includes security-as-a-service means he has an expert analyst working on his behalf that isn't on his payroll. The financial and administrative benefits make Dan the CEO sleep better at night. The enterprise power allows Dan the CTO to have more pleasant dreams.

REACT and UniSec are paradigm changing concepts in the security and cloud computing sphere that I predict will soon become the norm.

Of course, in the  interest of full disclosure, I called Dan last week and I am optimistic he will be subscribing at the end of the month.

Kevin Nikkhoo
Cloud REACTor

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@MicroservicesExpo Stories
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
What does “big enough” mean? It’s sometimes useful to argue by reductio ad absurdum. Hello, world doesn’t need to be broken down into smaller services. At the other extreme, building a monolithic enterprise resource planning (ERP) system is just asking for trouble: it’s too big, and it needs to be decomposed.
Early in my DevOps Journey, I was introduced to a book of great significance circulating within the Web Operations industry titled The Phoenix Project. (You can read our review of Gene’s book, if interested.) Written as a novel and loosely based on many of the same principles explored in The Goal, this book has been read and referenced by many who have adopted DevOps into their continuous improvement and software delivery processes around the world. As I began planning my travel schedule last...
Docker containerization is increasingly being used in production environments. How can these environments best be monitored? Monitoring Docker containers as if they are lightweight virtual machines (i.e., monitoring the host from within the container), with all the common metrics that can be captured from an operating system, is an insufficient approach. Docker containers can’t be treated as lightweight virtual machines; they must be treated as what they are: isolated processes running on hosts....
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
SYS-CON Events announced today that G2G3 will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based on a collective appreciation for user experience, design, and technology, G2G3 is uniquely qualified and motivated to redefine how organizations and people engage in an increasingly digital world.
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
The pricing of tools or licenses for log aggregation can have a significant effect on organizational culture and the collaboration between Dev and Ops teams. Modern tools for log aggregation (of which Logentries is one example) can be hugely enabling for DevOps approaches to building and operating business-critical software systems. However, the pricing of an aggregated logging solution can affect the adoption of modern logging techniques, as well as organizational capabilities and cross-team ...
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for visualizing infrastructure code, a new unified agent and broader infrastructure support.
DevOps has traditionally played important roles in development and IT operations, but the practice is quickly becoming core to other business functions such as customer success, business intelligence, and marketing analytics. Modern marketers today are driven by data and rely on many different analytics tools. They need DevOps engineers in general and server log data specifically to do their jobs well. Here’s why: Server log files contain the only data that is completely full and accurate in th...
It’s been proven time and time again that in tech, diversity drives greater innovation, better team productivity and greater profits and market share. So what can we do in our DevOps teams to embrace diversity and help transform the culture of development and operations into a true “DevOps” team? In her session at DevOps Summit, Stefana Muller, Director, Product Management – Continuous Delivery at CA Technologies, answered that question citing examples, showing how to create opportunities for ...
Several years ago, I was a developer in a travel reservation aggregator. Our mission was to pull flight and hotel data from a bunch of cryptic reservation platforms, and provide it to other companies via an API library - for a fee. That was before companies like Expedia standardized such things. We started with simple methods like getFlightLeg() or addPassengerName(), each performing a small, well-understood function. But our customers wanted bigger, more encompassing services that would "do ...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, will discuss how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a prac...
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
In his session at 17th Cloud Expo, Ernest Mueller, Product Manager at Idera, will explain the best practices and lessons learned for tracking and optimizing costs while delivering a cloud-hosted service. He will describe a DevOps approach where the applications and systems work together to track usage, model costs in a granular fashion, and make smart decisions at runtime to minimize costs. The trickier parts covered include triggering off the right metrics; balancing resilience and redundancy ...
The Microservices architectural pattern promises increased DevOps agility and can help enable continuous delivery of software. This session is for developers who are transforming existing applications to cloud-native applications, or creating new microservices style applications. In his session at DevOps Summit, Jim Bugwadia, CEO of Nirmata, will introduce best practices, patterns, challenges, and solutions for the development and operations of microservices style applications. He will discuss ...