- The 10 dumbest mistakes network managers make
- Six Windows 7 features admins will actually care about
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- More porn sneaks onto the iPhone
As enterprises seek out ways to reduce IT costs, optimize resources and improve operational efficiencies, three technology trends have started to dominate: virtualization, service-oriented architecture and mobility (see "Exploits on all fronts," below). More promising yet is the intertwining of these unique technologies.
Some examples: Mercy Medical Center, in Baltimore, is piloting virtual desktops rolled out on encrypted USB devices to its mobile doctors and residents. RedRoller, an online-shopping comparison service in Stamford, Conn., created an SOA to connect its small-and-midsize business (SMB) customers to best pricing at shipping carriers -- a system that's likely to go virtual down the road. Delaware Electric, in Greenwood, gives field workers with tablet PCs access to an SOA infrastructure.
What does this mean from a security perspective? It means myriad new layers of risk being created along the stack -- all of which must be securely deployed and managed. "We're talking layers and layers you need to pay attention to, both in isolation and also where they're mixing up with unexpected interactions," says Dennis Moreau, CTO of Configuresoft, a configuration management company.
Take the virtual machine environment. This environment comprises a virtual machine manager (VMM) or hypervisor that's shimmed between the kernel and the host operating system to create a layer of layers, or as some call it, a "virtual stack." In that stack are the hypervisor and guest layers that call among themselves and cannot be monitored by most of today's tools.
"There's a whole series of security dilemmas IT professionals are facing with these new technologies," says M. Victor Janulaitis, CEO of Janco Associates, an IT and business analysis firm. "The most prevalent problems are change management and version control, all the way to the cellular phones," he says.
Best practices, standards and tools are emerging, but they're mostly piecemeal, open to interpretation and incomplete in their coverage. Today that makes comprehensive management of any of these technologies problematic.
Partner Content
Explore the Ultrium Edge
The powerful tape technology can address data security with tape encryption as well as long term data protection.
Find Out More
Disk and Tape Square Off
Discover what disk and tape really cost and which solution provides lower total cost of ownership and optimizes energy use for your organization
Download this White Paper
Don't Fall for the Myths
The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.
Review this information
information examination
An examination of information security issues, methods and securing data with LTO-4 tape drive encryption
Read this analysis
Comment