http://www.networkworld.com/columnists/antonopoulos.html Network World columns by Andreas Antonopoulos. Network World, Inc. Copyright(C) 1994 - 2008 Network World, Inc. http://www.networkworld.com/columnists/2008/092908-andreas.html?fsrc=rss-antonopoulos Shadow IT is all the IT that was neither planned nor approved by anyone but gets chosen, deployed and used by end users. Some see this as grass-roots deployment of cool technologies; some see it as weeds growing from any crack in the IT plan. If you don't build it, they will go find it elsewhere. And even if you build it, if it isn't adequate, comprehensive, flexible and easy to use, they will go find it elsewhere. Andreas M. Antonopoulos 2008-09-30T00:00:00Z http://www.networkworld.com/columnists/2008/091608-andreas.html?fsrc=rss-antonopoulos Enterprises are increasingly interested in cloud computing as a potential solution to capacity challenges. The idea is that if you have a virtualized data center, the cloud could potentially be an “overflow” data center where you expand capacity during periods of high demand. If the cloud can extend your data center, then you don’t need to build another one or increase the capacity of the one you have just to handle intermitted spikes in computing demand. Andreas M. Antonopoulos 2008-09-16T00:00:00Z http://www.networkworld.com/columnists/2008/090208-andreas.html?fsrc=rss-antonopoulos I have been very interested in virtualization security since early 2004 and it now seems like it has become a mainstream topic. Most of the focus however is on securing the technology of virtualization (the hypervisor) and providing virtualized security (usually as virtual appliances). My focus nowadays is more on the operational impact of virtualized infrastructure and by extension the impact on security operations. After all, security controls (technology) are essential but without operational controls (people) they are not sufficient. So what is the operational impact of virtualization?<p><A href="http://ad.doubleclick.net/jump/idg.us.nwf.rss/security;sz=468x60;ord=99415?"> <IMG src="http://ad.doubleclick.net/ad/idg.us.nwf.rss/security;sz=468x60;ord=99415?" border="0" width="468" height="60"></A> </p> Andreas M. Antonopoulos 2008-09-02T00:00:00Z http://www.networkworld.com/columnists/2008/081908-andreas.html?fsrc=rss-antonopoulos Last week Russian tanks rolled into South Ossetia while Russian bombers were taking out critical communications infrastructure. But even before the first tank rolled across the disputed borders, another war was brewing in cyberspace. Andreas M. Antonopoulos 2008-08-19T00:00:00Z http://www.networkworld.com/columnists/2008/080508antonopoulos.html?fsrc=rss-antonopoulos In reading an early release of an information-security survey conducted by the RSA Conference, two findings caught my attention. Andreas M. Antonopoulos 2008-08-05T00:00:00Z http://www.networkworld.com/columnists/2008/072208antonopoulos.html?fsrc=rss-antonopoulos No more excuses: If you're not encrypting laptops, you are not applying due diligence. Andreas M. Antonopoulos 2008-07-22T00:00:00Z http://www.networkworld.com/columnists/2008/070808-risk-reward.html?fsrc=rss-antonopoulos The headline read “Google loses employee data.” It caught my attention as I thought of all the implications this has for all the other data Google stores. A headline like that hits a nerve, I take it personally, because like most of us I immediately think of my search history from the last 10 years. Andreas M. Antonopoulos 2008-07-08T00:00:00Z http://www.networkworld.com/columnists/2008/062408-antonopoulos.html?fsrc=rss-antonopoulos I’ve visited quite a few countries in Asia over the last two years. In the various airports I passed through I often saw people wearing surgical masks. I also saw “fever checkpoints” in most major airports. These checkpoints have infrared cameras that show a thermal false color picture of passengers as they are funneled through immigration. The signs surrounding the checkpoints indicated that the purpose was to identify people with a fever so as to screen for various types of flu (avian or other). This is classic perimeter control, network access control even, applied in the real world.<p><A href="http://ad.doubleclick.net/jump/idg.us.nwf.rss/security;sz=468x60;ord=80782?"> <IMG src="http://ad.doubleclick.net/ad/idg.us.nwf.rss/security;sz=468x60;ord=80782?" border="0" width="468" height="60"></A> </p> Andreas M. Antonopoulos 2008-06-24T00:00:00Z http://www.networkworld.com/columnists/2008/061008-andreas.html?fsrc=rss-antonopoulos What is the right balance between security and privacy? This is a common starting point in many policy discussions, especially in government. It’s a trick question because it presets the conversation as a balancing act between two values as if they are antithetical – they are not. In practical terms, privacy is security. Andreas M. Antonopoulos 2008-06-10T00:00:00Z http://www.networkworld.com/columnists/2008/052808-andreas.html?fsrc=rss-antonopoulos Complexity is the enemy of security. Simple systems are inherently more secure than complex solutions. Andreas M. Antonopoulos 2008-05-27T00:00:00Z