Article Options
Archie Reed’s Secure Observations Blog
A look at security - in the cloud, in the enterprise, in ... trouble?

Instant On: Security and Innovation Can Coexist

ArchieReed| December 2, 2010
Post a Comment
0

There is a new approach that HP is promoting to business services: The Instant-On Enterprise. The key pillars to this are:

Application Transformation

Converged Infrastructure

Enterprise Security

Information Optimization

and yes, even... Cloud

 

My focus is cloud security, and I wanted to touch on a common fear that providing adequate security means locking down and environment tightly, to the detriment of innovation.

 

You have likely heard the concept of building security in rather than bolting it on. My colleague Charlie Bess recently posed on the idea of "Security, Cloud and Tooling Support", noting "recent HP research which reveals that in the past year, one out of every two senior business, government and technology executives have experienced impediments to innovation, technology agility, or customer service due to security constraints."

 

* But as noted, it can be done. Raymond James, a global financial services company, with 5,300 financial advisors offer personal investing, institutional, and corporate financial management services through the company’s three broker/dealer subsidiaries. Its numbers are impressive: 1.9 million accounts served from 2,300 locations, with total client assets of $233 billion.

* What did the development team at Raymond James do? It created a dedicated production control group responsible for ensuring application security. It deployed HP WebInspect software and HP Assessment Management Platform software to reduce potential risk to customer data to achieved targeted compliance levels -- while still continuing to innovate with new applications.

 

Moving beyond that, I've been closely involved with key tooling for HP services over the last year in terms of cloud security assessments. There we have incorporated atop a comprehensive ISO27k security assesment, the Cloud Security Alliance guidelines and controls with the same from the European Network and information Security Agency (ENISA) Cloud Computing Risk Assessment.

 

Pretty compelling stuff whether your looking to assess your entire security program, or a specific implementation of cloud service usage. Either way, a comprehensive approach that is still effiecient and effective was our goal, because unless you understand your risk, and how you secure your environment, you cannot assess a public cloud solutions ability to do better, worse, or equal to you.

Tags: Cloud| cloudadvisor| Innovation| Instant-On Enterprise| instanton| View All (6)
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
 
Search
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About the Author
Follow Us