May 22, 2014

We recently created a PCI version 3 template for our Compliance Communicator (beta) application. In the process we copied the requirements, testing procedures, and guidance to an excel spreadsheet.
The copying took some time and I bet you'd rather be doing something el...

May 8, 2014

9tips


When it comes to small business security, sometimes you don’t have to be the fastest; you just need to make sure you’re not the slowest.  In the animal world being second slowest may mean you’re not dinner for a herd of feasting animals.  In business, striving to be t...

March 17, 2014

Just like "agile," the devops concept is really what the team decides. To borrow a phrase from the scriptures, devops was made for man, not man for devops...

In most cases, developers still deliver to a devops team - the "dev" in devops means the operations team becomes...

February 19, 2014

It’s something we all talk about. It’s something we all wish we did better. It’s something that we all worry about at night: how do we “secure developers?” In this blog post, I’ll address strategies for increasing the security around your development organization, and...

February 12, 2014

We often think of security in terms of technology and compliance, either because that’s where our interest lies or because we’re mandated to do it.  It’s easy to be lulled into a sense that we’re accomplishing our objectives, or to become cynical because leadership car...

September 6, 2013

We’ve made it to the final post of the series “Will The Real CSPs Please Stand Up?” If you haven’t read the first three entries you can find them herehere, and here.

In this last post I continue where I left off with where the carriers fall short and what could

The ch...

September 5, 2013

You’ll remember from part 1 of this series that I’ve described and defined “cloud” as:

And, in part 2 of this series we made it through about half of that list.

This post, part 3 of 4, describes where I think the carriers still have a lot of work to do and what they can...

September 4, 2013

In the previous post in this series I wrote about what constitutes a cloud and began describing which of those parts can be readily provided by the traditional communications carriers (i.e. telcos).

Just as a refresher, I have defined “cloud” as being made up of the fol...

September 3, 2013

The core of this series of posts (this is part 1 of 4) comes from a talk I gave at the 2011 CSA Congress.

My contention is that the companies in the best position to truly disrupt the status quo of what we perceive as cloud today are the "traditional" Telcos. Note when...

August 16, 2013

“Best Practice is, however, often a misused term. It is frequently used to support politically correct ideals which, in reality take no account of individual need or circumstances. In this sense the ensuing practice is far from ‘best’ when the resulting effects are con...