Cloud, Security and Technology

In part 2 of my recommendation I look at bring your own device (BYOD).  I'd consider my recommendation as a simple and somewhat sane method that also addresses a fair but low friction way to enable BYOD as a corporate device. In a recent Gartner  report, 80% of CIO's say they will  allow users to BYOD by end of 2016, making a individually owned devices a norm. This could be looked at as a risky proposition as these potentially unhygienic devices become welcome on your corporate network, and could cause havoc. On the other hand, BYOD maybe a way to save money, and increase your users satisfaction, and productivity. I've outline six simple steps to consider when you get ready to make the plunge to bring BYOD to your world. Step 1 -   Decide and understand your device ownership model. The two scenarios on ownership are corporate owned/managed, and user owned/managed.  Most likely if the device is owned by a corporation it will be managed by the c

Secureworld expo is coming in November (12-13), and I've have the privileged to present this year!. Come by and see my session, make sure you say 'hi' if you do.  I'll be presenting - Moving to the Cloud: How to Be Secure on the 12th at 3:00 PM Abstract - As cloud adoption skyrockets, key innovations mandate a new paradigm of security/assurance. Many organizations are required to follow compliance models such as PCI and ISO 27001. These models were created a decade ago, and they are showing their age even if they have been periodically updated. A new discussion is required. For instance - Did you know that, these regulations require network diagrams, firewalls, network monitoring, and security data aggregation (e.g. "SIMS")? Do these requirements address a cloud model? On top of that are these decade-old concepts the right way to protect your assets in the cloud? Oh and if you don't have a pass yet, I was given the following code to shar

Rapid adoption of cloud computing requires a clear understanding on what and how you will manage the move.  I had discussed that cost and trust are the key driving factors for cloud adoption in a previous blog. In this blog I'll expand on the key things companies should consider when moving to the cloud. A while ago, I had a room full of executives from a major mining organization. Our discussion was about cloud trust. In the discussion the CTO asked me a great question - "If you were working for me, what would you do to secure our environment as we adopt the cloud?"  Here's a digest of what I recommended: First I asked - Do you know what you are trying to protect? Problem most organization face is knowing what they should invest the most into protecting. In the cloud security trends report posted by Microsoft indicated that about 40% of organizations do not have a uniform classification methodology. As you see all industries that where surveyed in this

 Both infrastructure as a service (IaaS) and platform as a service (PaaS) services are ideal for third party developers to create service offerings or software as a service (SaaS) solutions ready for customers. For instance NetFlix, LinkedIn, and Salesforce are the services powered by PaaS, and IaaS core services but are delivered as a customer ready SaaS service.  As such a Netflix user does not contemplate how Amazon AWS makes their IaaS service work to ensure that they can watch a movie. Bottom line users watch their movies. This model is really the future of cloud services. However unlike the telecommunications companies that deliver our phone services end to end, cloud solutions like Netflix have a dependency model users should be aware of. Ultimately users should have the right to know who is touching, and managing their data. And providers should be required to expose the information. Let's consider this. The videos serviced by Netflix powered by Amazon AW

Cloud providers benefit statement boils down to only two variables that matters to you - COST + TRUST You may look at this and agree, say this seems obvious. Then again you might consider this model too simple and wonder what about flexibility, elasticity, feature/function and other cloud benefits that influence moving to the cloud. These are all important, but in my humble opinion, cost and trust are the most important two lynch pins for selecting a cloud provider, and you need to expect service providers to provide both effectively, be willing to provide both with equal fervor, and honestly disclose their position.  COST Moving to the cloud proposes the single best opportunity to reduce overall IT and operational costs. Today all organizations, from your gardener, hair stylist, and even big organizations like Nordstrom, Exxon, Starbucks, and even all the three letter government agencies are faced with the stark reality that cloud computing will reduce cost of their

Today I set out to do something simple….set up my outlook client software to use my outlook.com account. Simple right? Turns out this simple task was really not that simple. The reason my case was different than many, is because I use a custom domain for my email. What baffled me for several hours was that I needed a custom configuration, and like most consumer based solutions, outlook.com's documentation is quite incomplete. See the issue with my problem was that what I was doing was a result of an edge case . Def: Edge case - A condition or parameter not expected, or something that only happens rarely or occasionally. I'm a consumer, and edge case All too often you want to use tools in their simplest manner, but edge cases make them either unpredictable, or unusable. Also we want all our tech to be simple to use, but almost everyone has an edge case in their lives that software does a lousy job of addressing. Today, providers need to consider more an

Moving to the cloud is a  complicated process. In my prior career I advised fortune 500 companies on how and why you should use cloud computing. Now it's time I share my observations with you. This blog will look at cloud, technology and other tech passions I have such as compliance, BYOD, IOT, Big Data, ISRM, and other techno. that suites my fancy, and ultimately will  helps move you into the cloud. Stay tuned. Frank L:  linkedin.com/in/simorjay