Friday, 24 September 2010

Security and Client-Side Virtualization

A good article by J. Peter Bruzzese over at Biztech Magazine on the increasing importance of virtualization to provide secure and reliable desktop OSes.

It’s quite common when thinking about virtualization technology to focus on the server side. But moving forward, it’s the client side that will take on a greater role in deploying new operating systems, maintaining those systems, and ensuring their stable and secure use.

Tuesday, 21 September 2010

IT downtime costs UK £2bn a year, study finds

Ever wondered how much IT downtime actually costs? Take a look at this Computer Weekly summary of a report by CA Technologies.

The time taken to fix failed IT systems costs the average UK business £208,000 a year in lost revenue, the research revealed.

France tops the league of average losses at £424,000 a year, followed by Germany (£330,000) and Norway (£271,000).

Forrester’s Zero Trust model for security

Forrester is currently pushing their Zero Trust model for network security, where they state that hosts on the corporate intranet should be untrusted in the same way as Internet devices. This makes a lot of sense, and can be implemented to various degrees according to the risk to your business. For instance, Windows clients should be isolated from one another using IPSec domain isolation. In most cases, there’s no reason why Windows clients should be talking to anything other than Windows servers.

The Zero Trust model can also be applied on the desktop. In other words Least Privilege Security assumes that the user will eventually do something bad, often by accident and less commonly, maliciously. Using virtualization technologies we can work with the Zero Trust model but still give users the flexibility they need to install applications and experiment with different configurations.

A rational look at By Your Own PC (BYOPC)

Matthew Clark writes a rational overview of BYOPC on his Confessions of an IT Manager blog, addressing the benefits and concerns of such schemes. One of his concerns is naturally security:

To be clear, there are many possible security issues and implications with BYOPC.  These include virus and malware issues, installation of unknown software packages, secure access to business data, and so on.  However, I believe all of these issues can ultimately be resolved or mitigated with a well constructed security model.

In conclusion however, Mark writes that the concerns he addresses in the article can be managed and if properly managed, BYOPC could bring advantages in some environments, but is not convinced that BYOPC will necessary reduce costs.

Also in a recent report, Gartner suggests that BYOPC can increase the threat of botnets.

Monday, 20 September 2010

AppSense to include User Rights Management in user virtualization solution

Monday 20th September, AppSense announce the integration of User Rights Management into their user virtualization solution. For more information on URM and the development of User Installed Applications, check out Can You Give Power to Users Responsibly?