I recently asked a CIO of a large Fortune 100 company how hard would it be
for a person to pull the plug on a backbone switch in his datacenter. His
answer was "Very difficult. We have lots of controls in place to ensure that
level of access is protected." I then probed further and asked what type of
controls he was referring to - card key access, locks on the racks, video
cameras? He nodded at each one. I pulled up the virtual infrastructure
management client on my computer and demonstrated how easy it is to power off
the distributed virtual switch that he was planning to run across his
datacenter - essentially, I right-mouse-clicked on the virtual machine (VM)
and selected "Power Off." I then asked, simply, "How many people within your
organization have access to virtual infrastructure?" He didn't know. This
scenario is more common that you might think.
VIrtualization Magazine on Ulitzer
Like technology, everything in life tends to repeat, although in newer,
fresher and more useful applications. The fashion trend toward slim fit
clothes shifts to baggy, then back again; suits go from three to two button
and back to three; pastels and bright colors to earth tones as it shifts
anew. Car design is similar: Mercedes, for example, regularly goes back and
forth between rounded and square styles, and the re-birth of the Chevrolet
Camaro revisits the shape of one of my favorite classics - the '68 SS. Only
this time, newer, faster, slee... (more)
Cloud Security Journal on Ulitzer
The company I work for, HyTrust, recently worked with Intel and VMware on a
very cool project.
Essentially, it was about demonstrating the ability to establish trust in the
cloud, and then enforce policy based on trust.
Trust is an important word in the world of security, and in cloud computing
it's an even bigger deal.
Cloud computing offers up the promise that an organizations will be able to
run any application from anywhere at any time. But in a multi-tenant
environment, a cloud application running in a virtual machine might be
Virtualization has brought us another step closer to the world of Star Trek.
Think back to episodes of The Next Generation where Geordi was able to
control the functions of the entire ship through a single touch-screen
interface. He was able to reconfigure electrical, mechanical and propulsion
systems without needing anyone else or additional authorization. The only
thing to prevent him from doing something risky or damaging was the computer
This picture is exciting in its similarities with virtualization. Here, the
hypervisor essentially becomes a datacenter in a... (more)
The Payment Card Industry Security Standards Council (PCI SSC) is expected to
release a new version of the PCI Data Security Standard (DSS) in October of
this year. In this new version, the PCI DSS will address virtualization and
cloud computing. This new guidance will be a huge win for virtualization
adoption, as well as the organizations that are subject to PCI and under
pressure to better manage costs.
The Council, founded by American Express, Discover Financial Services, JCB
International, MasterCard Worldwide, and Visa, developed the PCI DSS to
specify how to best protect p... (more)