Tempted to “Skimp” on IT Security?

FACT: According to a study presented at last week’s annual RSA Conference on cyber security, by Palo Alto Networks CTO Nir Zuk, “Users are routinely, and fairly easily, circumventing corporate security controls. And that is because traditional firewall technology was not meant to grapple with the diversity of Internet applications of recent years.”

ANALYSIS: Security has been an even hotter topic than usual for the past month, what with new national-level attention to cyber security and, for Microsoft, a culmination of sorts of various strands of effort into our new “End to End Trust” initiative.  My boss, Jim Simon, attended the RSA Conference in San Francisco, with his boss, Craig Mundie, Microsoft’s Chief Research and Strategy Officer.  Craig laid out Microsoft’s “End-to-End Trust” vision, designed to provide users more control over online and enterprise systems.  His keynote was widely covered (even by offbeat security blogs, like RiskBloggers.com) so I don’t need to rehash it.

Nir Zuk’s presentation was interesting – and not just because he’s one of the true pioneers of firewall technology.  He really understands secure enterprise environments, something I’m talking about increasingly with government organizations, who are learning the hard way the need to protect their data, apps, and computing platforms.  

Continue reading

Google’s Argument to Enterprise IT: “Trust Us”

FACT:  Yesterday, Google’s Dave Girouard, VP of enterprise sales, gave a keynote speech on “The Evolution of Cloud Computing” at FOSE, a Washington trade-show focusing on federal government and military IT customers.  According to a Washington Post reporter’s blog account afterwards:

[Girouard said] “Google will have to do things differently” to work with defense and intelligence agencies, where data security and privacy are held to the tightest standards. But he argued that having information spread across hundreds of different servers is actually more secure than housing data on a few servers at a specific location. “Security is now more virtual than physical,” he said.

ANALYSIS:  The Google salesman (Girouard is VP of enterprise sales) was speaking at FOSE on the same day I made an April Fools blogpost featuring a lame “Cloud Computing” joke (see it here, come back when you stop laughing).  

This year I’m at FOSE as neither buyer nor speaker; the past couple of years I spoke at FOSE, as a DIA official, and I always enjoy walking the exhibit floor, plus I was curious about Girouard’s take on Google’s current move into the federal space.

To be honest I’ve met him before when he was with Virage and he’s a fine fellow, a good salesman.

The rhetoric of his main pitch, though, seems to be battling uphill, and I’m not sure he gets a nuanced distinction.

Continue reading

Using Web 2.0 in a top-secret environment

Network World magazine has just posted a podcast interview which I recorded with editor Paul Desmond about a month ago, just after speaking at their “IT Roadmap” conference in December. The interview topic is “Using Web 2.0 tech in a top secret world,” and we discuss the DIA and Intelligence Community experience with social networks, wikis, and blogs.  We also discuss cloud computing, enterprise IT, SOA, IARPA, and the challenges of deploying secure software. Representative quote: “Intelligence analysts are much like ‘knowledge workers’ on Wall Street or in the media, they know what’s going on on the Internet, they know what they want, they know what they need, and it’s in the IT side’s interest to try and service them.”

At the end Paul was gracious enough to ask about my new role with Microsoft’s Institute for Advanced Technology in Governments. If your daily life has a 17-minute hole which you need to fill, then dim the lights, crank up the speakers, and mellow out to the Quiet Storm (I was using my NPR voice)….

Email this post to a friend


AddThis Social Bookmark Button

%d bloggers like this: