Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Gorka Sadowski

Cloud Portability. (In the context of Logs of course!!) So the honeymoon is over. The Cloud Provider that you so carefully selected is not performing like you expected and you are eying the competition.  You might even be considering re-insourcing back some of your IT services. So what happens to all the logs? As a customer, can you Trust that your Provider(s) will not let you down and mess with your logs? Well, first off, whose logs are they?  Are they the Provider's logs because they are logs generated by their physical equipment, or are these your logs because they trace your applications and your virtual systems? Actually they're both at the same time. Let's see why both parties would need access to the logs and reports. From a Customer perspective, logs are important because they are an indication of my business processes and I need visibility in those. I need ... (more)

60% of EMEA still NOT using Cloud Services

ISACA, the Information Systems Audit and Control Association just surveyed 1 529 of its members across 50 countries in EMEA. It turns out that UK businesses are leading Europe on Cloud Adoption 40% to 33%. But a whopping 35% of respondents do not plan to use Cloud for any IT services (actually 35.6% in Europe and 31.8% in the UK). This is a huge impediment to the growth of ItaaS – IT as a Service, such as SaaS, IaaS and PaaS respectively Software as a Service, Infrastructure as a Service and Platform as a Service. Let’s spin this another way: 60% of respondents are not using Clou... (more)

Logs for Better Clouds - Part 7: Log Integrity

Not all Log Management solutions are created equal... Trusting your logs. Log Integrity is at the core of using logs for such purpose as building Trust, providing non-repudiation and indisputable proof in business relationships between Customers and Providers, but also to provide for evidence admissible in a court of law. We saw that not all Log Management solutions are created equal, and we saw some high-level requirements in terms of log collection and log reporting. We need a solution that is simple to deploy - we want an enabler, not a disabler - and a solution that allows a ... (more)

Fraud Detection, Financial Industry and E-Commerce | Part 1

Banks and Insurance companies lose billions of dollars every year to fraud. Traditional methods of fraud detection play an important role in minimizing these losses. However increasingly sophisticated fraudsters have developed a variety of ways to elude discovery, both by working together and by leveraging various other means of constructing false identities. Graph databases offer new methods of uncovering fraud rings and other sophisticated scams with a high-level of accuracy, and are capable of stopping advanced fraud scenarios in real-time. While no fraud prevention measures c... (more)

Logs for Better Clouds - Part 5: Daisy Chaining Clouds

Daisy Chaining Clouds, how transitive is Trust? So we talked about some of the challenges - and hence opportunities - faced by Cloud Providers.  Last time we talked about Trust, and how important Trust is for business relationships. Trust is already difficult in pretty straightforward environments, but in the context of Clouds, it can become very fuzzy...   Read on. Clouds: Providers, Clients, Partners and Competitors... all at the same time! We could imagine a world where there are so many cloud providers, so many interconnections between them and so many trust relationships that ... (more)