Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Gorka Sadowski

Trust is the fundamental business enabler. It is absolutely necessary for clients to trust their Cloud Providers. Without trust, business relationships cannot exist.  Without trust, existing relationships cannot blossom. Trust becomes an issue as soon as there are potential conflicts of interest. As a client, do you think it's unfair that your Cloud Provider is also the entity generating reports on actual usage for Pay-per-Use billing calculations? Do you think it represents a conflict of interest? How about when your Cloud provider also generates reports on his level of compliance to the agreed-upon SLA? Are you now thinking conflict of interest?  Is this affecting your trust level? Maybe? However, if your Cloud Provider can demonstrate that he's got the right tools to measure usage, and he provides you with ways to validate SLA reports, can you now trust your pro... (more)

Why Rule-Based Log Correlation Is Almost a Good Idea (Part 8)

You bought a static rule-based correlation and you want to get the most out of it, or are you planning on getting and deploying one? There are some simple steps you can take to maximize its efficiency. Ask Yourself If You Can Really Afford In-house Real-Time Incident Management The main use case for correlation is real-time incident management, so you need a 24x7x365 team of forensics experts to validate and follow-up on alerts - in real time. No need to have real-time correlation if you only have a 9-5 operation... If an alarm goes on at 3.a.m., do you have the skilled staff to act... (more)

Logs for Better Clouds - Part 3: On-Demand Rightsizing

Cloud Computing on Ulitzer Last time we saw the difficulty in Predictive Rightsizing, a frustrating exercize based on "guesstimation" aimed at predicting future SLA in an everchanging business environment... So what's the answer? The solution is a truly dynamic, elastic, real-time on-demand SLA with a provisioning that is transparent to the users. Provided that you stay within some reasonable boundaries, you can use as many resources as you need, or as few as required, ramping up and slowing down resource usage, without having to provision SLA in advance of usage. This is the ul... (more)

Unleashing The Power of Logs

This article discusses some of the main defensive security solutions used today and explains the reasons why employing a Log Management and Intelligence solution is critical to complement these protection methods. Let's first look at the most common defensive security solutions that have been popular these past few years. This is not an exhaustive list of all existing technologies, but rather a high-level view of some of the prevalent ones. 1.       Anti-virus 2.       Firewalls/VPN 3.       IDS/IPS 4.       Anti-Trojan/worms 5.       Anti-Spyware 6.       SIEMs These corresp... (more)

60% of EMEA still NOT using Cloud Services

ISACA, the Information Systems Audit and Control Association just surveyed 1 529 of its members across 50 countries in EMEA. It turns out that UK businesses are leading Europe on Cloud Adoption 40% to 33%. But a whopping 35% of respondents do not plan to use Cloud for any IT services (actually 35.6% in Europe and 31.8% in the UK). This is a huge impediment to the growth of ItaaS – IT as a Service, such as SaaS, IaaS and PaaS respectively Software as a Service, Infrastructure as a Service and Platform as a Service. Let’s spin this another way: 60% of respondents are not using Clou... (more)