|By Kevin Nikkhoo||
|February 19, 2013 10:15 AM EST||
While trawling the blogs, feeds and news I came across an analyst’s article about best security practices in which he kept referring to “the stack.” And by this, he meant a multitude of various solutions that address certain security needs and capabilities; everything from email filtering, firewalling, authenticating, credentialing, logging and intrusion detection, etc...
And, if you read my blogs often enough, you know I am a big proponent of unified security. However, unified security is not a stack. It is easy to be confused as both look to utilize best of breed tools to prevent negative impact on IP assets. A stack references a number of technologies where each operates independently from one another. Single sign on by itself is a sufficient tool, but when operating alone in its own silo, important contextual information is lost.
The unified approach, as I describe in REACT, is a collaborative practice whereby each tools’ capabilities are cooperatively leveraged. It is a tightly integrated system where everything is correlated in real time in order to provide an accurate and up-to-the-moment view of who is doing what and how to your online and network resources. For example all the data collected from identity or access management is shared with SIEM and Log Management. Unification is about better visibility. It marries the features and functionality into a central understanding of what is truly going on in your network.
As 451 Group analyst and research director Rachel Chalmers said, “It takes more than a firewall to secure virtual infrastructure.”
Let’s look at unified security collaboration (UniSec) from a more practical standpoint. Your company has invested in several cloud-based database/CRM and other useful (legacy) applications. In some cases sensitive data exists somewhere in these apps—passwords, customer numbers, invoices, even personal/personnel information. Now single sign on makes it easier for authorized users to log into these resources. Identity management provisions (based on roles/rules) what specific assets they can see. If it ends there, you have partial visibility. You have controlled information and get the necessary reports. They only cover certain applications, but not the entire expanded network.
However, you also use a log management tool. So every log on is noted in some machine code and filed away for further review. But, your security designee is now reviewing similar data in multiple places. And, it’s often without context and days or weeks after any particular incident.
Now assume your company also has SIEM or some version of intrusion detection. Is it looking at Active Directory log ons? Is it looking at application usage? Is it notating unusual activity? Is it doing so in real time?
If stacked, you potentially have all the tools but, like a thoroughbred with blinders, it doesn’t see to the left or right. These tools do their job, but if they are performing in parallel, your visibility is limited. When unified through a REACT (real time event and access correlation technology) platform, a very different picture may emerge. Because an active SIEM correlates data from multiple silos of information, what looked like a simple log in, now is suspect (or vice versa). Who is accessing the database and making modifications at 3 in the morning? Who is using an unsecured device? Why does R&D need access to payroll records? Why is a retired password being used to log on…from an IP address in Bulgaria? Mr. Jones is no longer an employee, but has logged in 3 times this week and accessed our customer list.
And most importantly, what can be done with enhanced visibility? Faster, better decisions; quicker response to potential harmful situations; smarter deployment of personnel and computing resources. And that the reporting and the capabilities are all controlled centrally removes the time and effort to compile and analyze all the silos independently.
The unified approach addresses the broader threat landscape. Threats aren’t always large brute force attacks by some army of hackers trying to knock down the castle door with a battering ram. In most cases they’re considerably more subtle, but just as destructive. So if you can intelligently correlate information from a variety of sources, the greyer, more problematic issues can be addressed, alerted and remediated.
Now bundle it up as a cloud-based security initiative and there emerges other tangible and budgetary benefits. Companies who were certain they could only afford firewall and malware protection can now deploy an enterprise-grade security program complete with live security-as-a-service analysts monitoring 24/7. The scalability and agility make this option very attractive and very affordable for most modest or budget restrictive companies.
It is a great first step if an organization makes the investment in such tools as SIEM, Log Management, Single Sign On, Identity and Access Management. If you can afford it and have the manpower the proactively manage it, great. However, not to belabor the point, having all these tools can be like having lumber, nails, appliances, carpeting, concrete, etc…but if it doesn't “work” together, it is not a house, it is simply a stack of useful parts. . Unification makes it a house…and the cloud makes it a home!
Just last week a senior Hybris consultant shared the story of a customer engagement on which he was working. This customer had problems, serious problems. We’re talking about response times far beyond the most liberal acceptable standard. They were unable to solve the issue in their eCommerce platform – specifically Hybris. Although the eCommerce project was delivered by a system integrator / implementation partner, the vendor still gets involved when things go really wrong. After all, the vendo...
May. 26, 2016 10:15 AM EDT Reads: 1,381
SYS-CON Events announced today that AppNeta, the leader in performance insight for business-critical web applications, will exhibit and present at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. AppNeta is the only application performance monitoring (APM) company to provide solutions for all applications – applications you develop internally, business-critical SaaS applications you use and the networks that deli...
May. 26, 2016 10:15 AM EDT Reads: 2,220
SoftLayer operates a global cloud infrastructure platform built for Internet scale. With a global footprint of data centers and network points of presence, SoftLayer provides infrastructure as a service to leading-edge customers ranging from Web startups to global enterprises. SoftLayer's modular architecture, full-featured API, and sophisticated automation provide unparalleled performance and control. Its flexible unified platform seamlessly spans physical and virtual devices linked via a world...
May. 26, 2016 10:15 AM EDT Reads: 1,870
SYS-CON Events announced today that EastBanc Technologies will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. EastBanc Technologies has been working at the frontier of technology since 1999. Today, the firm provides full-lifecycle software development delivering flexible technology solutions that seamlessly integrate with existing systems – whether on premise or cloud. EastBanc Technologies partners with p...
May. 26, 2016 10:00 AM EDT Reads: 2,008
The initial debate is over: Any enterprise with a serious commitment to IT is migrating to the cloud. But things are not so simple. There is a complex mix of on-premises, colocated, and public-cloud deployments. In this power panel at 18th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists will look at the present state of cloud from the C-level view, and how great companies and rock star executives can use cloud computing to meet their most ambitious and disruptive business ...
May. 26, 2016 09:30 AM EDT Reads: 2,113
Many banks and financial institutions are experimenting with containers in development environments, but when will they move into production? Containers are seen as the key to achieving the ultimate in information technology flexibility and agility. Containers work on both public and private clouds, and make it easy to build and deploy applications. The challenge for regulated industries is the cost and complexity of container security compliance. VM security compliance is already challenging, ...
May. 26, 2016 09:00 AM EDT Reads: 1,148
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
May. 26, 2016 08:45 AM EDT Reads: 2,887
Agile teams report the lowest rate of measuring non-functional requirements. What does this mean for the evolution of quality in this era of Continuous Everything? To explore how the rise of SDLC acceleration trends such as Agile, DevOps, and Continuous Delivery are impacting software quality, Parasoft conducted a survey about measuring and monitoring non-functional requirements (NFRs). Here's a glimpse at what we discovered and what it means for the evolution of quality in this era of Continuo...
May. 26, 2016 08:30 AM EDT Reads: 1,479
Last week I had the pleasure of speaking on a panel at Sapphire Ventures Next-Gen Tech Stack Forum in San Francisco. Obviously, I was excited to join the discussion, but as a participant the event crystallized not only where the larger software development market is relative to microservices, container technologies (like Docker), continuous integration and deployment; but also provided insight into where DevOps is heading in the coming years.
May. 26, 2016 08:30 AM EDT Reads: 1,436
Join us at Cloud Expo | @ThingsExpo 2016 – June 7-9 at the Javits Center in New York City and November 1-3 at the Santa Clara Convention Center in Santa Clara, CA – and deliver your unique message in a way that is striking and unforgettable by taking advantage of SYS-CON's unmatched high-impact, result-driven event / media packages.
May. 26, 2016 08:15 AM EDT Reads: 2,102
In the rush to compete in the digital age, a successful digital transformation is essential, but many organizations are setting themselves up for failure. There’s a common misconception that the process is just about technology, but it’s not. It’s about your business. It shouldn’t be treated as an isolated IT project; it should be driven by business needs with the committed involvement of a range of stakeholders.
May. 26, 2016 08:00 AM EDT Reads: 2,193
SYS-CON Events announced today that BMC Software has been named "Siver Sponsor" of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. BMC is a global leader in innovative software solutions that help businesses transform into digital enterprises for the ultimate competitive advantage. BMC Digital Enterprise Management is a set of innovative IT solutions designed to make digital business fast, seamless, and optimized from mainframe to mo...
May. 26, 2016 08:00 AM EDT Reads: 1,932
18th Cloud Expo, taking place June 7-9, 2016, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some...
May. 26, 2016 07:45 AM EDT Reads: 2,922
SYS-CON Events announced today that Isomorphic Software will exhibit at SYS-CON's [email protected] at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, high-productivity enterprise web applications for any device. SmartClient couples the industry’s broadest, deepest UI component set with a java server framework to deliver an end-...
May. 26, 2016 07:30 AM EDT Reads: 1,963
You might already know them from theagileadmin.com, but let me introduce you to two of the leading minds in the Rugged DevOps movement: James Wickett and Ernest Mueller. Both James and Ernest are active leaders in the DevOps space, in addition to helping organize events such as DevOpsDays Austinand LASCON. Our conversation covered a lot of bases from the founding of Rugged DevOps to aligning organizational silos to lessons learned from W. Edwards Demings.
May. 26, 2016 07:15 AM EDT Reads: 1,385
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will exhibit at the 18th International CloudExpo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
May. 26, 2016 07:15 AM EDT Reads: 2,157
As AT&Ts VP of Domain 2.0 architecture writes one aspect of their Domain 2.0 strategy is a goal to embrace a Microservices Application Architecture. One page 9 they describe how these envisage them fitting into the ECOMP architecture: "The initial steps of the recipes include a homing and placement task using constraints specified in the requests. ‘Homing and Placement' are micro-services involving orchestration, inventory, and controllers responsible for infrastructure, network, and applicati...
May. 26, 2016 06:30 AM EDT Reads: 1,700
Application development and delivery methods have undergone radical changes in recent years to improve scalability and resiliency. Container images are the new build and deployment artifacts that are used to ship and run software. While startups have long been comfortable experimenting with and embracing new technologies, even large enterprises are now re-architecting their software systems so that they can benefit from container-enabled micro services architectures. With the launch of DC/OS, w...
May. 26, 2016 06:00 AM EDT Reads: 1,412
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
May. 26, 2016 05:45 AM EDT Reads: 2,658
When I talk about driving innovation with self-organizing teams, I emphasize that such self-organization includes expecting the participants to organize their own teams, give themselves their own goals, and determine for themselves how to measure their success. In contrast, the definition of skunkworks points out that members of such teams are “usually specially selected.” Good thing he added the word usually – because specially selecting such teams throws a wrench in the entire works, limiting...
May. 26, 2016 05:45 AM EDT Reads: 1,509