Feed on
Posts
Comments

Category Archive for 'Security Architecture'

What does it mean to use identity as the control plane? First: this is nothing new. Identity has been used for many years in conjunction with physical and network control plane. The difference is what emphasis that has been put on the different control planes. With physical control plane, the emphasis lies on the security […]

Read Full Post »

One of the buzzwords you commonly encounter is ‘Identity is the new control plane’ but what does it mean? The term refers to where you manage access to a resource. In the case of identity it is where you manage identities and their access, in our case Active Directory. But to make it more understandable […]

Read Full Post »

I love doing presentations and I had the opportunity in southern Europe to present for a few customers my view on how to administer on-prem services. What I presented was Microsoft Secure Privilege Access Roadmap. If you havn´t read it please do. It gives to quite some details how you should manage the administration tasks […]

Read Full Post »

SOC for clouds

During a workshop at a customer we started to discuss their SOC. Today it fully manages their onprem servers and clients but when asking about their cloud data center (Azure) it turned out that it was not managed at all beside that the security functions was activated but not used. Getting the security functions in […]

Read Full Post »

A new datacenter

Azure is a very extensive cloud service that provides several functions and a very short ramp up-time. This is all well and good and it is possible to get a very extensive security in place quickly if you get the right licenses and services. What many companies forget is that Azure is not a fabulous […]

Read Full Post »

IAM is a very strong tool to get in control of your accounts. With an IAM system for all standard users you will quickly protect all standard access and manage all access control. On top of that comes the protection of your privileged accounts and that means more advanced solutions like PAW or ESAE. In […]

Read Full Post »

You have all heard about the layered security approach and probably understood it. Sometimes it just becomes very visible how it works. I recently visited a client in southern Europe where we are delivering a high security project and as part of that project we are working in a secure room, a locked and secured […]

Read Full Post »

I had a chat with a friend of mine, who is an enterprise architect and a damn good one as well, regarding integration architecture vs security architecture and where the cross section. While his stand point is that integration architecture is imperative to understand how business unites should work together my viewpoint is that from […]

Read Full Post »

The number is five

I received a mail recently regarding how many domain admins a company should aim for to have. Of course, this is always dependent on the structure of your company etc. but as a rule of thumb I aim for five domain administrators. So, why five? It is actually quite easy to calculate. First of all: […]

Read Full Post »

Processors are vulnerable. Who knew? Most interesting is that this is a flaw in the architecture in itself. Those types of errors tend to be harder to fix because it is part of the overall solution. Tis specific case will be interesting to follow. I don’t expect it to that much of a problem in […]

Read Full Post »

« Prev - Next »