Key Management in the Cloud

July 23, 2015 Vince Lo Faso Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

In my previous cloud security blogs, I mentioned the need to use key-based encryption for protecting data. Whether the data is in flight (i.e., being transmitted) or at rest (i.e., stored), it must be encrypted to ensure confidentiality, integrity and availability. Managing encryption keys can be challenging. There are different key types (symmetric vs. asymmetric), key strengths (128-bit through 2048-bit and greater), key usage (privacy, key exchange, authentication and digital signature) and key encryption algorithms (AES, 3DES, SHA-1, SHA-2, MD5, etc). Furthermore, each data end point, like storage or server, requires an integration point that also needs to be managed. For example, for storage we need an encryption integration point for each storage medium (disk, SAN, NAS or tape).

Multi-Factor Authentication: When Usernames and Passwords Just Aren’t Enough

July 2, 2015 Vince Lo Faso Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

Using a username and password combination is a common, modern everyday activity. We use it to log into a desktop or laptop at work, we log into various application systems to perform business tasks or we log into Software-as-a-Service (SaaS) applications remotely. For personal endeavors we use username/password combinations for Facebook, Flickr or other social media websites. The username and password authentication is generally “good enough” for these scenarios.

Logfile Management’s Important Role in Cloud Security

June 30, 2015 Vince Lo Faso Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

How do you know if your cloud security controls are adequate? How would you know if you have a security breach in progress right now? You may have diligently planned and implemented strict security policies and mechanisms to prevent an intruder from accessing your servers and data in your cloud environment — but how can you be sure that these are sufficient, and that no security breach has occurred?

Network Perimeter: Who Goes There?

June 19, 2015 Vince Lo Faso Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

Remember as a kid (or perhaps now as a parent) your mom would tell you, “When you go to Johnny’s house to play, go straight to his home, don’t stop anywhere in between, don’t take short cuts, and call me when you get there”? Your mom was managing what path to travel and other details to ensure safe arrival.

Protecting Data at Rest

May 28, 2015 Vince Lo Faso Cisco, Cloudera, Featured, Professional Development, Project Management, Routing & Switching, Technology, Training in Business

Imagine if you had a way to make all of the valuable possessions in your home become worthless (or of little value) if they left the perimeter of your home? There would be no incentive for a thief to steal from you. Why bother with the risk, time and effort to burglarize your home if there is no meaningful payoff? Now imagine if you could do the same with your data in your data center, or in a cloud environment such as cloud storage or cloud servers. If any data or piece of information left the cloud perimeter it would be rendered useless.