Aggregated enterprise architecture wisdom
If you have ever had a debate about whether your organisation should use cloud computing then a discussion of the risks of cloud computing will have been a significant part of it. In doing so, we often fall into a simple logical trap. Cloud computing is just one of the options that we have. The […]
In case you haven’t heard Microsoft is ending support for Windows XP and Office 2003 in April of 2014. What this means is that Microsoft will no longer patch security vulnerabilities discovered in XP or Office 2003, and therefore there will be security holes discovered that can be exploited by hackers which will never be […]
By Sally Long, Director of The Open Group Trusted Technology Forum (OTTF)™ In a world where tainted and counterfeit products pose significant risks to organizations, we see an increasing need for a standard that protects both organizations and consumers. Altered or non-genuine products introduce the possibility of untracked malicious behavior or poor performance. These risks can damage … … Continue reading →
This is the fifteenth post in my series on BYOD. I have mostly avoided talking about technology, as in many ways that is the least important, and the most straightforward aspect of dealing with BYOD. Most people automatically think of Mobile Device Management (MDM) when they think of mobile or BYOD technology, but that is far from […]
Security concerns around Big Data continue to the extent that it has become a Board-level concern that must be addressed. To do so, enterprises must provide the business justification for such proactive steps needed to address such board-level concerns. … Continue reading →
One of the responsibilities (and benefits) of my job is getting to go to great conferences like the RSA Security Conference which just wrapped last week. This year I was honored to be selected by the Program Committee to speak twice at the event. Both talks fit well to the Policy and Government track at the show. … Continue reading →
The big bang that started The Open Group Conference in Newport Beach was, appropriately, a presentation related to astronomy. Chris Gerty gave a keynote on Big Data at NASA, where he is Deputy Program Manager of the Open Innovation Program. And that exploration – as is often the case with successful space missions – left us wondering what lies beyond. … Continue reading →
This is a transcript of a sponsored podcast discussion on the threats from and promise of Big Data in securing enterprise information assets. Continue reading →
I’m currently looking at international identity standards and thought that I might post some thoughts about them as I look at them. The first that I have looked at is ISO/IEC FDIS 24760-1:2011(E) “A framework for identity management – Part 1: Terminology and concepts”. This standard is supposed to define key terms for identity management […]
This was the key message that came out of The Open Group® Big Data Security Tweet Jam on Jan 22 at 9:00 a.m. PT, which addressed several key questions centered on Big Data and security. Here is my summary of the observations made in the context of these questions. Continue reading →
One of the most important responsibilities of the information security professional (or any IT professional, for that matter) is to help management make well-informed decisions. Unfortunately, this has been an illusive objective when it comes to risk. Continue reading →
The Open Group hosted a tweet jam (#ogChat) to discuss Big Data security. In case you missed the conversation, here is a recap of the event. Continue reading →