what were reading, week of 2/9

Posted: February 12, 2009 in Highlights

From PC Mag…
Is Windows 7 Ready for Prime Time?
Michael Miller highlights his thoughts on Windows 7 and gives us an update on where it stands. Of note, the VPN client issues he experienced with Cisco: “the Cisco VPN client wouldn’t work. But following some steps I found on the indispensable sevenforums.com, I was able to get it working on the 32-bit version. (Warning: This is complicated and not recommended for most users.).”

From Rational Survivability…
Incomplete Thought: Support of IPv6 in Cloud Providers…
Windows 7 supports IPSec, and Microsoft is actively pursuing this route. This is destined to force changes to cloud vendors, as Christopher Hoff suggests.

From Ping WiFi…
American Airlines Gogo — Mixed Review in The Journal
American Airlines is now offering WiFi service to its passengers on longer, non-stop flights. Do network administrators have yet another new concern with security & VPN?

From Emergent Chaos…
“A Scientific R&D Approach to Cyber Security”
Argonne National Labs released a report on “A Scientific R&D Approach to Cyber Security”. Adam Shostack raises two issues with the report– it places mathematics on a pedestal, and goes so far as to refer to economic analysis as a ‘metaphor’, and there’s no mention of the data acquisition problem. Do you agree with the issues Adam raises?

Comments
  1. Curtis Doty says:

    Re: Incomplete Thought: Support of IPv6 in Cloud Providers …

    I cannot speak to all the SaaS providers. But running dual-stack on a VPS host is easy enough. Some are even already on net with existing IPv6 tunnel brokers such as HE!

    Check out:
    http://www.linode.com/wiki/index.php/IPv6

  2. Shashidhar says:

    Cloud Networking/Computing (CC) has many business drivers propelling it forward – IT / Business Strategy linked to availability & scaling up, Financial linked to driving down costs & reducing Capex on IT Infrastructure.

    Managing IT Sec in a Cloud Computing environment complicates things further.

    1. Do a thorough Due Diligence of the CC vendor. Similar to any IT Infra outsourcing. Ask the right questions. Understand the vendor’s data security policies – minimum of 2 factor authentication with VPN. Understand the backup policy, Data encryption & privacy policies & standards (encryption at rest & move), check the nature of venture capital funding in case of SME CC provider, assess continuity of operations etc.,

    2. CC contract should have right to audit the data & IT environment of CC vendor at any point of time. Certified results of PT should be provided at regular intervals as per contract, Confidentiality agreements added in, Penalties for data breaches included, data archives available in case of M&A with another CC Vendor to ensure continuity of ops. Build in internal risk assessment, legal, regulatory & audit compliance into the contract.

    Remember- End of the day, the customer owns the data and the CC Vendor has fiduciary responsibility in protecting the data.

  3. […] Writer and blogger for PC Magazine, Michael J. Miller, revisits an earlier article he wrote in February—“Is Windows 7 Ready for Prime Time?” In a post published today, Michael further explores W7 […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s