Beautiful Security by Andy Oram
Author:Andy Oram
Language: eng
Format: epub, pdf
Tags: COMPUTERS / Security / General
ISBN: 9780596802059
Publisher: O'Reilly Media
Published: 2009-04-17T04:00:00+00:00
Breakers usually represent the glass as half empty, and are often so pessimistic that you wonder, when listening to some of them, why the Internet hasn’t totally collapsed already and why any of us have money left unpilfered in our bank accounts. Their pessimism leads them to apply the current state of the art to exposing weaknesses and failures in current approaches.
Every few years the next big thing comes along and polarizes security people into these two philosophical camps. I think I hardly need to state that I consider myself a builder.
Virtual digital clouds of massive computing power, along with virtual pipes to suck it down and spit it back out (web services), trigger suspicions that breakers have built up through decades of experience. Hover around the water coolers of the security “old school,” and you will likely see smug grins and knowing winks as they utter pat phrases such as, “You can’t secure what you don’t control,” “You can’t patch a data center you don’t own,” and the ultimate in cynicism, “Why would you trust something as important as security to someone else?”
I’ve heard it all, and of course it’s all hard to argue against. These are many valid arguments against hosting and processing data in the cloud, but by applying standard arguments for older technologies, breakers forget a critical human trait that has been present throughout history: when benefits outweigh drawbacks, things almost always succeed. With the economic advantages of scalable resources on demand, the technological advantages of access to almost unlimited computing resources, and the well-documented trend of service industries, from restaurants to banking, that provide commodity goods, the benefits of cloud computing simply far outweigh the drawbacks.
One reason I deeply understand the breaker mentality springs from a section of my own career. In 2002, I joined a vulnerability management firm named Foundstone (now owned by McAfee) that sold a network vulnerability scanner. It ran as a client in the traditional model, storing all data locally on the customer’s system. Our main competitor, a company called Qualys, offered a network scanner as a service on their own systems with data stored centrally at their facilities. We won customers to our product by positioning hosted security data as an outrageous risk. Frankly, we promoted FUD (Fear, Uncertainty, and Doubt). Most customers at the time agreed, and it became a key differentiator that drove revenue and helped us sell the company to McAfee. My time at Foundstone was among the most rewarding I have had, but I also feel, looking back, that our timing was incredibly fortunate. Those inside the dust storm watched the cultural sands shift in a few short years, and we found more and more customers not only accepting an online model but demanding it.
The same is true of general consumers, of course. Over five million WordPress blog users have already voted with their virtual feet, hosting their blogs online. And an estimated 10% of the world’s end-user Internet traffic comes from hosted, web-based email, such as Yahoo! Mail, Gmail, and Live Mail.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7791)
Grails in Action by Glen Smith Peter Ledbrook(7705)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6649)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6641)
Running Windows Containers on AWS by Marcio Morales(6164)
Kotlin in Action by Dmitry Jemerov(5074)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(4961)
Combating Crime on the Dark Web by Nearchos Nearchou(4547)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4425)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4424)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4213)
The Age of Surveillance Capitalism by Shoshana Zuboff(3964)
Python for Security and Networking - Third Edition by José Manuel Ortega(3785)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3515)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3452)
Mastering Python for Networking and Security by José Manuel Ortega(3359)
Learn Wireshark by Lisa Bock(3346)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Blockchain Basics by Daniel Drescher(3308)
