Monthly Archives: November 2011

November 22, 2011

Policies Are (some) Man’s Best Friend

By erinkbanks

I recently got into a discussion (not an argument… a discussion) with a fellow electrical engineer. We were discussing the impact of Steve Jobs and his recent passing. To be completely honest, I am a true Apple believer through and through. To the 6 iPods, 3 Mac laptops, iPad, iPhone, AirPort, and my personal favorite, Apple TV that I own… wait lets not forget the Apple stock… I believe in Apple but most importantly, I trust them. If you look at a couple of blog posts back, you will see my triangle of trust. Part of that triangle is TRUST… another part is POLICY. Apple has policies. In order to get an application into their App Store, you need to meet their policies. I love the fact that because I purchase items from the App Store my risk level is reduced. Not just any app can go in to the store. Clearly I do not jail break my iPhone, I find no reason to. Why? I use my phone for personal use (and a blackberry for work), I don’t need an unstable, unsecure environment, I don’t need to put myself into any more risk.

You see, my fellow EE wanted to submit some apps and he was upset because his apps didn’t meet Apple’s policies. He didn’t like this fact at all but he seemed to forget who he was writing the app for. As I tried to explain to him, not everyone that accesses the app store is an EE. This is a smart phone but that doesn’t necessarily mean that everyone that uses it is smart. Policies are in place to protect those that don’t quite understand the ramifications of their actions. The policy for password configuration is there so that people don’t use “password” for their password. When people use this word, they clearly are not thinking about security. So what do we have to do? Put a policy in place that says you must special characters, capitals, etc. At least make it harder to get hacked and make it “P@$$w0rd”… let’s make them work for it. If you don’t have policies like this, people will do anything. This isn’t just needed for security, we have policies for everything both for personal and authoritative reasons. Policies such as locking the door at night, turning the alarm on, turning the lights off when you leave the room, wearing a helmet when I snowboard, speed limits, wearing seat belts, or wearing a helmet when I ride a motorcycle. Policies are everywhere and they create stability, why would you not use them in your data center and your corporate environments. The kids need to be home by 11:00 pm, why wouldn’t you ensure virtual machines are deleted?

It would be great if we lived in a world where policies did not need to be implemented, I would love that and I am not saying that we need to have rules for everything. I understand his frustration and I understand this is why he does not have an iPhone but if you forget who your audience is, if you forget the level of security knowledge that is out there, then maybe your app should not be available in the store. I am not saying that the App Store is perfect and that all Apps are 100% safe but when I am still explaining to my nephews and nieces about the information they are posting on facebook and youtube, then I will take the policies. It gives us all one less thing to worry about… I will take that any day.

2 comments | posted in policies, security

November 15, 2011

EMC and RSA… Enabling Virtual Administrators

By erinkbanks

Every day as I work with virtualization and the components that surround it, I am reminded why I love working at EMC and RSA. Yes, I have the privilege to work with the mother ship, EMC as well as the security division, RSA because both virtualization and security are my passion. One of the many reasons why I feel that EMC and RSA are the correct choices when developing your virtual environment is because EVERY… and I mean EVERY product manager of the EMC and RSA products tells me that their role is to “enable the virtual administrators”. Every product that EMC and RSA rolls out their doors at the core has two things in mind, security and virtualization. EMC and RSA build their products with security at step one. As a person who preaches about security, how can I not love the fact that the company that I work for chooses to build security into the fabric of their products. More importantly how can I not love the fact that the products are being developed specifically with the virtual administrator in mind

Simplification of the technology is the easiest way to ensure adoption. Outside of that, the users are just looking for excuses. If you simplify the technology, why wouldn’t someone implement the capabilities. If you break down the silos and give users the things they need to get their job done, why wouldn’t you implement the capabilities. If you enable the virtual administrators, why wouldn’t you implement the technologies that are there to simplify and break down your daily tasks. Are these not the tools that we have been asking for… the tools that we needed?

This blog post isn’t to go through the entire list of integration points or to cover the capabilities, this blog post is to clearly state the obvious… (my stake in the ground)… when you think virtualization you must think EMC and RSA. I have discussions with customers daily about their frustrations with wanting to move further down their journey to a virtual data center, customers want to be enabled and I am here to tell you that EMC and RSA understands that. We understand the pains mainly because we are our own best and worst customer but built in to us, built into our culture is virtualization and simplification. We work with these technologies daily just like you and we beg to have the capabilities that make sense. All our solutions, across the board, from the management suite, to backup, to recovery, to storage, to security are on the journey with you to the virtual data center.

Leave a comment   |  tags: , , | posted in EMC, RSA, security

Follow

Get every new post delivered to your Inbox.