Posted by: Dmitry Sotnikov on: October 21, 2010
Cloud can make your environment *more* secure. A new cloud service alerts IT pros when specific events happen in their environment. For example, you might want to receive an email when a sensitive resource gets accessed, certain permissions get granted, membership for a privileged group gets changed and so on. This all is now part of the [...]
Posted by: Dmitry Sotnikov on: October 15, 2010
It bugs me that for some irrational reason there is still a common-sense believe that data is more protected when kept in someone’s own datacenter and not with a trusted cloud provider. US Department of Health and Human Services (HHS) has just published data on past year data breaches in the medical industry. These only [...]
Posted by: Dmitry Sotnikov on: September 30, 2010
Ruggero Contu has published a case study which he created after studying Quest Software‘s transition from being a pure software vendor to also a SaaS cloud-based IT management company: “Case Study: Quest Leverages Cloud Services to Introduce SaaS-Based Log Management Product” (registration required to access the page): Although new business opportunities can justify a SaaS [...]
Posted by: Dmitry Sotnikov on: September 21, 2010
One of the leading providers of IT management SaaS – Quest OnDemand – has decided to stop using federation with Live ID as its main user authentication method and switched to simple email address/password way. In the age of everyone trying to federate with everyone else this move seems to be going into the opposite [...]
Posted by: Dmitry Sotnikov on: March 18, 2010
Microsoft’s TechNet EDGE posted a video with quite detailed discussion of Systems Management as a Service concept, example of such a service (Quest OnDemand), how it uses Windows Azure as the underlying technology, the security model behind it, and so on. Obviously a demo is in there as well. Check out the video here.
Posted by: Dmitry Sotnikov on: January 15, 2010
Security and data protection are key concerns for any cloud solution. I truly believe that this is also one aspect that you cannot just improve over time. No matter how agile you are security needs to be there by design. Unfortunately most cloud vendors/SaaS-providers still don’t tell enough about the way they protect customer data [...]
Posted by: Dmitry Sotnikov on: April 6, 2009
The common word out there about cloud computing/SaaS and security/regulatory compliance are that these don’t go well together. However, things don’t have to be that way. Doing security right can cost a lot of money and public cloud services could carry some of these costs. Thus, there probably will be a point in time when [...]
Posted by: Dmitry Sotnikov on: February 18, 2009
Jay Heiser and David Gootzit from Gartner have just published an excellent report on “Trusted SaaS Offerings for Secure Collaboration“. The report is really valuable for anyone either building clouds or cloud-related products, or considering to move sensitive data to a SaaS application. The key areas they look into are: List of typical SaaS applications [...]
Can I insure my Google Apps, please?
Posted by: Dmitry Sotnikov on: March 11, 2009
Are online services ever going to be 100% secure? If not should the insurance industry kick in? A few days ago Google Apps had an issue with some Google Docs became accessible to other Google users beyond the security set on the docs. To quote from Google: As we noted in the Google Docs Help [...]