Forrester Blogs » Category: security

Security and Operations Have More In Common Than You Think

Posted by Glenn O'Donnell on the Infrastructure & Operations Professionals Blog on October 19, 2011

Blog post info and actions

Blog post body

Glenn O'Donnell

There is growing evidence of a harmonic convergence of Infrastructure and Operations (I&O) with Security and it is hardly an accident. We often view them as separate worlds, but it’s obvious that they have more in common than they have differences. I live in the I&O team here at Forrester, but I get pulled into many discussions that would be classified as “security” topics. Examples include compliance analysis of configuration data and process discipline to prevent mistakes. Similarly, our Security analysts get pulled into process discussions and other topics that encroach into Operations territory. This is as it should be.

Some examples of where common DNA between I&O and Security can benefit you and your organization are:

  • Gain economic benefit by cross-pollinating skills, tools, and organizational entities
  • Improve service quality AND security with the same actions and strategies
  • Learn where the two SHOULD remain separate
  • Combine operational NOC and security SOC monitoring into a unified command center
  • Develop a plan and the economic and political justifications for intelligent combinations
Read more

Categories:

Are You Ready For A World Of Consumer-Managed Data?

Posted by Fatemeh Khatibloo on the Customer Intelligence Professionals Blog on October 1, 2011

Blog post info and actions

Blog post body

Fatemeh Khatibloo

It has been a few years since Forrester delved deeply into the issues surrounding consumer privacy, and in that time, an awful lot has changed:

  • Facebook Connect, Google ID, Yahoo Identity, and Sign In With Twitter have emerged as a whole new way of being recognized across a myriad of websites across the Net. As little as a decade ago, most adults online couldn’t have imagined the convenience of single sign-on.
  • At the same time, data capture methods have not only proliferated, they’ve become exceptionally sophisticated. Tactics like Flash-based cookies and deep packet sniffing surreptitiously collect behavioral data about online consumers, while loyalty and membership cards provide more insight into consumers’ purchasing habits at the line item level than ever before.
  • All that extra data is hard to protect without big changes to governance policies and technology stacks, and when data breaches happen, they're public and ugly.
  • Finally, legislators have forged ahead with regulations to protect consumer data. Europe's answer is the Data Protection Directive – a regulatory framework that governs the capture, management and use of consumer data, while in the US, congressional leaders, egged on by consumer advocacy groups, are introducing bills designed to limit data capture and to provide remediation in cases of data and security breach.
Read more

Categories:

An Early Look at Windows Server 8 – Can You Say Cloud?

Posted by Richard Fichera on the Infrastructure & Operations Professionals Blog on September 15, 2011

Blog post info and actions

  • 1 Recommendation

Blog post body

Richard Fichera

Well, maybe everybody is saying “cloud” these days, but my first impression of Microsoft Windows Server 8 (not the final name) is that Microsoft has been listening very closely to what customers want from an OS that can support both public and private enterprise cloud implementations. And most importantly, the things that they have built into WS8 for “clouds” also look like they make life easier for plain old enterprise IT.

Microsoft appears to have focused its efforts on several key themes, all of which benefit legacy IT architectures as well as emerging clouds:

  • Management, migration and recovery of VMs in a multi-system domain – Major improvements in Hyper-V and management capabilities mean that I&O groups can easily build multi-system clusters of WS8 servers, and easily migrate VMs across system boundaries. Muplitle systems can be clustered with Fibre Channel, making it easier to implement high-performance clusters.
  • Multi-tenancy – A host of features, primarily around management and role-based delegation that make it easier and more secure to implement multi-tenant VM clouds.
  • Recovery and resiliency – Microsoft claims that they can failover VMs from one machine to another in 25 seconds, a very impressive number indeed. While vendor performance claims are always like EPA mileage – you are guaranteed never to exceed this number – this is an impressive claim and a major capability, with major implications for HA architecture in any data center.
Read more

Categories:

I see you, you see me...

Posted by Tom Grant on the Application Development & Delivery Professionals Blog on March 11, 2010

Blog post info and actions

Blog post body

Tom Grant

In an earlier post, I argued that product managers in social media companies need to start sharpening their understanding of privacy and security issues. Here's another reason why:

Until now, geolocation has been one of those quaint, semi-useful buzzwords: '... now with geolocation!!!' Twitter, Buzz and Foursquare -- the main exponents of exposing your location -- might not be small, but they pale in comparison to Facebook. With the announcement that Facebook will be enabling geolocation next month, Pandora's Box has been torn open; whether you like it or not, geolocation is about to become a huge part of your life.

Read more

Categories: