Blog

We've been tracking the shift to cloud for a long time now, both the precipitous and the halting. Precipitous, as with SaaS, which went from an oddball kind of solution few companies used 10 years ago to a ubiquitous solution in use at more than 95%...

Nemertes's latest UCC TCO study reveal agility and the ability to refocus IT on strategic initiatives beat cost savings as cloud drivers. When it comes to cloud, you'd think you're either a fool or living under a rock if you're not embracing it. So whenever a...

Many companies are moving towards a DevOps model for developing and deploying software and infrastructure. DevOps is also a bellwether technology for organizations: Companies that have the most mature cloud and data center strategies are three times as likely to use DevOps as are companies...

The past few weeks have seen a spate of infrastructure-related cybersecurity vulnerabilities. On March 8th,  Apache released a critical vulnerability alert (CVE) regarding a significant vulnerability in its Struts 2.0 opensource enterprise Java framework, which is widely used in enterprise deployments.  The vulnerability permits remote code execution (RCE) in the framework; recommended mitigation strategies include upgrading the framework or changing implementations.

Infosec professionals are well familiar with the phenomenon of Transport Layer Security (TLS) interception. For everyone else, some background: TLS is the successor to SSL, once the default encryption protocol. TSL provides the underpinnings for many common security protocols, including secure HTTP (HTTPS). Protocols like TLS...

Moving more work into the cloud makes IT revisit the question: Leverage vendor-specific platform services or give up leverage for control and portability. Haven't We Been Here Before We are just about to launch our latest round of benchmarking the enterprise's use of emerging technology in cloud and data...

Everybody Automates Whether it's Perl or Python or PowerShell,  bash or Ruby or Salt, scripts and recipes are everywhere. And, they are layered: scripts run other scripts, sometimes many layers deep (and sometimes recursively!), or runbook automation tools from the likes of IBM or BMC run...

People have been claiming to have a private cloud for six or seven years, even though (as we discussed recently here) they didn't and don't, really. Why don't they have a private cloud yet? Private Cloud is Hard To be their own Amazon Web Services (or Microsoft Azure, or...

[vc_row][vc_column][vc_column_text]Does security awareness training really matter, or is it a frill? Consider this: Last week, DefensePoint Security, a Virginia-based government cybersecurity contractor, announced its employees’ W-2 tax data had been compromised. But the company wasn’t hacked. It turns out that someone inside the company fell...