vSphere 6.5 Introduces New VM Encryption Features

Written by Joe Kozlowicz on Thursday, December 15th 2016

Encrypting virtual machines within the VMware hypervisor platform has been possible for some time, but can be tricky and it often impacts performance. Often the best solution is to encrypt at the storage level, as VMware does not always support OS-level encryption, either.

That may be changing as the latest version of vSphere includes VM encryption that is simple to implement as a policy. Read on to learn what’s new with this method, how it simplifies administration, and how you can implement it within vSphere 6.5.

Continue Reading...

Organizations Aren’t Worried About Data Security — Only Their Reputations

Written by Joe Kozlowicz on Tuesday, December 13th 2016 — Categories: Security

Many cloud discussions center around data security. When infrastructure is out of corporate control, it’s natural to be concerned about the precautions taken to protect vital information assets. Ultimately, cloud security is not any weaker than on-premise data centers, but it turns out that corporate IT departments aren’t really concerned about losing data, anyway.

They’re worried about what everyone else will think if they lose that data.

With only 25% of companies are equipped to handle data breaches, corporations still cite damage to reputation as the biggest risk of being hacked. A recent study from the International Association of Privacy Professionals found that 83% of public companies in the United States cite the impact to corporate reputation as the number one risk of a data breach.

Continue Reading...

Is it Time for the Password to Go the Way of the Dodo?

Written by Joe Kozlowicz on Tuesday, December 6th 2016 — Categories: Security

Passwords – we love to hate them. Despite scribbled pages of notes and password keepers, we always forget them at the most inconvenient time. (By the way, written notes are a very insecure way to remember your password). They expire before we remember to reset them, as the IT department sets required password change rules. These days it feels like they have to be one hundred letters long, including hieroglyphics, roman numerals, and emojis.

And despite all that, they still aren’t very secure. Every few months we hear about another massive breach. One of the biggest, and most recent, was Yahoo. The company only just reported a 2014 breach that compromised 500 million users’ names, e-mail address, and other personally identifying information. If the password information could be decrypted and used along with this other PII, user accounts across other services – even bank logins – could be accessed. According the 2016 Verizon Data Breach Investigations Report, compromised passwords were used as a means of access for many attacks as well.

Is it time to ditch passwords all together? What might replace them? The technology, it turns out, is just around the corner.

Continue Reading...

Get Proactive: Cloud Management vs. Monitoring

Written by Joe Kozlowicz on Thursday, December 1st 2016

Cloud is scalable, it’s flexible, it’s a whole host of cool-sounding adjectives. But what does that all mean in practice? While it’s nice for the IT budget to be able to adjust infrastructure resources on the fly, cloud servers are also facilitating a subtle shift in the way your department should be managing infrastructure.

It’s time to quit relying on monitoring solutions and simply reacting to problems as they arise. Proactive cloud management involves digging in across every department in your organization to more closely align IT resources with business objectives.

Here’s how the new paradigm of proactive cloud management differs from simple monitoring, patching, updates, and other firefighting.

Continue Reading...

A Clean Active Directory Saves Money and Improves Security

Written by Joe Kozlowicz on Tuesday, November 29th 2016 — Categories: Cloud Hosting, Microsoft

You know what they say: a clean Active Directory keeps the attackers at bay. Or they should say it, anyway. Active Directory is a piece of Windows Server in charge of authentication and authorization for any “object” connected to the network. That includes users, systems, resources, and services.

As you might imagine, enterprises often manage sprawling Active Directories with thousands or even hundreds of thousands of objects, from laptops to printers. When a user leaves the company, their login may still reside in Active Directory. Groups used to organize different pieces of the directory may now lie empty.

Cleaning up your Active Directory not only improves database and server performance, but can plug holes in your security left from old accounts. A regularly scheduled Active Directory cleanup should be included with maintenance activities and performed at least annually.

Assuming your Active Directory server is hosted in the cloud, decluttering can also save you storage costs, while improving performance also lowers your monthly bills as bandwidth charges and compute resources can both drop.

Continue Reading...