Archive for April, 2016

Cloud securityAs enterprises move forward with Identity and Security, eventually they will come to the Crossroads (nod to all the blues fans out there).  They will have to face moving some or all of their applications into hosted cloud services. And that will bring up the issue of how safe is the cloud and how does identity play into the mix.

Most of my clients have already some assets in the cloud and are moving more and more resources off prem.  So they already have had to wrestle with this issue.   The biggest fear is identity and security of these previously secured and locked down applications from the private data center now riding in a shared tenant data center. How can that be safe?

Well it is. My Eureka moment was about 2 years ago when I was listening to a discussion of database security in the cloud.  I also cover database security in my job and customers were having concerns of putting PII, PHI, PCI, and SOX controlled data into a shared data base service.

To physically migrate is simple.  Download a small utility that goes into the Oracle Database and encrypts the database contents and exports it to a file. That file is uploaded to the database cloud and put in its own pluggable database (which shares a common parent database with other clients) where it is stored in encrypted format.

Just by moving that data from the cloud, security measures are imposed.  The data is encrypted where it may not have been before.  It is in a secured pluggable container.  The cloud database administrators manage not only this database, but all databases for all customers, so they are focused on implementing and adhering to secure practices.

The cloud hosting company has to have its security act together. They are hosting not only your assets, but possibly your competitors.  The hosting company has already invested in background checks for its employees, installed man traps, actively updates it perimeter firewalls.  They have proven provisioning and deployment techniques that keep everything secure.

So just by moving to the off prem cloud, the security imposed on the database data may have been improved. You and your team can now go focus on building better apps and providing better services to the business units.

Same goes for identity in the cloud.  It has to be safer, because it has to be.  Why try and keep up with all the latest security issues on premises when your cloud hosting provider does it for a living?

It will take a while to convince yourself that the identity and security is actually better with a cloud hosting service than trying to do it all in-house.  Then you can step over the crossroads onto the other side.



Read Full Post »

Keep Calm hes backTime flies when you are having fun.  Or extremely busy. Or a legendary procrastinator.

Noticed that this blog, which  I keep putting on my to do list to update, is going on 3 years stagnant. Its not just because I am lazy, but things just got busier and busier.  Sell the house and move to Florida, take on new coverage territories, new products to learn and expanding coverage of identity and security in mobile and the cloud.

Not lazy, just busy. Very busy.  Since the breaches with Home Depot, Target, Sony, etc., security and identity have now earned a seat at the big boy/girl table in the enterprise.  Now have Platinum status with several travel services now.

But now is the time to blow the dust off this blog and put it back in motion.   Customers are migrating to generation 2 mobile applications and considering moving identity and security functions to the cloud.  Lots to talk about.  This time I promise to keep this updated regularly.

Good to have you back.


Read Full Post »