Welcome!

Microsoft Cloud Authors: Pat Romanski, Jnan Dash, Andreas Grabner, Lori MacVittie, Jim Kaskade

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Cloud Security, SDN Journal

@CloudExpo: Article

When Is a Stack Not a Stack? When It's Unified in the Cloud

All the right tools do not necessarily give you the best visibility across your enterprise

While trawling the blogs, feeds and news I came across an analyst’s article about best security practices in which he kept referring to “the stack.” And by this, he meant a multitude of various solutions that address certain security needs and capabilities; everything from email filtering, firewalling, authenticating, credentialing, logging and intrusion detection, etc...

And, if you read my blogs often enough, you know I am a big proponent of unified security. However, unified security is not a stack. It is easy to be confused as both look to utilize best of breed tools to prevent negative impact on IP assets. A stack references a number of technologies where each operates independently from one another. Single sign on by itself is a sufficient tool, but when operating alone in its own silo, important contextual information is lost.

The unified approach, as I describe in REACT, is a collaborative practice whereby each tools’ capabilities are cooperatively leveraged. It is a tightly integrated system where everything is correlated in real time in order to provide an accurate and up-to-the-moment view of who is doing what and how to your online and network resources. For example all the data collected from identity or access management is shared with SIEM and Log Management. Unification is about better visibility. It marries the features and functionality into a central understanding of what is truly going on in your network.

As 451 Group analyst and research director Rachel Chalmers said, “It takes more than a firewall to secure virtual infrastructure.”

Let’s look at unified security collaboration (UniSec) from a more practical standpoint. Your company has invested in several cloud-based database/CRM and other useful (legacy) applications. In some cases sensitive data exists somewhere in these apps—passwords, customer numbers, invoices, even personal/personnel information. Now single sign on makes it easier for authorized users to log into these resources. Identity management provisions (based on roles/rules) what specific assets they can see. If it ends there, you have partial visibility. You have controlled information and get the necessary reports. They only cover certain applications, but not the entire expanded network.

However, you also use a log management tool. So every log on is noted in some machine code and filed away for further review. But, your security designee is now reviewing similar data in multiple places. And, it’s often without context and days or weeks after any particular incident.

Now assume your company also has SIEM or some version of intrusion detection. Is it looking at Active Directory log ons? Is it looking at application usage? Is it notating unusual activity? Is it doing so in real time?

If stacked, you potentially have all the tools but, like a thoroughbred with blinders, it doesn’t see to the left or right. These tools do their job, but if they are performing in parallel, your visibility is limited. When unified through a REACT (real time event and access correlation technology) platform, a very different picture may emerge. Because an active SIEM correlates data from multiple silos of information, what looked like a simple log in, now is suspect (or vice versa). Who is accessing the database and making modifications at 3 in the morning? Who is using an unsecured device? Why does R&D need access to payroll records? Why is a retired password being used to log on…from an IP address in Bulgaria? Mr. Jones is no longer an employee, but has logged in 3 times this week and accessed our customer list.

And most importantly, what can be done with enhanced visibility? Faster, better decisions; quicker response to potential harmful situations; smarter deployment of personnel and computing resources. And that the reporting and the capabilities are all controlled centrally removes the time and effort to compile and analyze all the silos independently.

The unified approach addresses the broader threat landscape. Threats aren’t always large brute force attacks by some army of hackers trying to knock down the castle door with a battering ram. In most cases they’re considerably more subtle, but just as destructive. So if you can intelligently correlate information from a variety of sources, the greyer, more problematic issues can be addressed, alerted and remediated.

Now bundle it up as a cloud-based security initiative and there emerges other tangible and budgetary benefits. Companies who were certain they could only afford firewall and malware protection can now deploy an enterprise-grade security program complete with live security-as-a-service analysts monitoring 24/7. The scalability and agility make this option very attractive and very affordable for most modest or budget restrictive companies.

It is a great first step if an organization makes the investment in such tools as SIEM, Log Management, Single Sign On, Identity and Access Management. If you can afford it and have the manpower the proactively manage it, great. However, not to belabor the point, having all these tools can be like having lumber, nails, appliances, carpeting, concrete, etc…but if it doesn't “work” together, it is not a house, it is simply a stack of  useful parts. . Unification makes it a house…and the cloud makes it a home!

Kevin Nikkhoo
Unified!
www.cloudaccess.com

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@ThingsExpo Stories
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
Discover top technologies and tools all under one roof at April 24–28, 2017, at the Westin San Diego in San Diego, CA. Explore the Mobile Dev + Test and IoT Dev + Test Expo and enjoy all of these unique opportunities: The latest solutions, technologies, and tools in mobile or IoT software development and testing. Meet one-on-one with representatives from some of today's most innovative organizations
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
"A lot of times people will come to us and have a very diverse set of requirements or very customized need and we'll help them to implement it in a fashion that you can't just buy off of the shelf," explained Nick Rose, CTO of Enzu, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web co...
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? In this Power Panel at DevOps Summit, moderated by Jason Bloomberg, the leading expert on architecting agility for the enterprise and president of Intellyx, panelists peeled away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud enviro...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Ca...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Manufacturers are embracing the Industrial Internet the same way consumers are leveraging Fitbits – to improve overall health and wellness. Both can provide consistent measurement, visibility, and suggest performance improvements customized to help reach goals. Fitbit users can view real-time data and make adjustments to increase their activity. In his session at @ThingsExpo, Mark Bernardo Professional Services Leader, Americas, at GE Digital, discussed how leveraging the Industrial Internet and...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will w...