Does your approach to application and data center security change when adopting cloud services? To learn more about this topic, InfoQ reached out to Pete Cheslock, head of operations and support teams at Threat Stack.
There is a lot of information about DevOps, the technology, the culture, the behaviour. There is not a lot of information about tackling DevOps in large enterprises and there is certainly very little about tackling DevOps in large financial organisations. This article presents lessons learnt rolling out DevOps in a large insurance organisation.
Boyan Mihaylov covers his experience when working with both traditional waterfall software architectures and agile ones. He depicts the similarities and differences between these with a focus on three areas: the specifics of the software architect role, the timespan of the software architecture, and the output of the software architecture.
Faced with the lack of solutions for secure distribution of AWS access keys to developers, AdRoll decided to build their own open source Hologram. Adair details the process, design and main features.
Security audits are an important part of IT security programs. In this article, authors highlight the challenges in cloud computing business models, based on interviews with cloud security auditors. 1
Security. Cloud. Two words that are almost always together but rarely happily. Learn why that isn’t the case and what you need to known about securing your critical infrastructure in the cloud. 3
What’s the best way to protect servers in the cloud? To find out, InfoQ spoke with Mark Nunnikhoven, a Principal Engineer in the Cloud & Emerging Technologies division at Trend Micro.
This article defines a Data Encryption Infrastructure (DEI) which encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise. 1
This opinion piece discusses limitations in the SCIM data model specification as perceived by the author. He provides three specific suggestions which were also posted to the SCIM mailing list. 5
Orlando Scott-Cowley discusses security in the cloud and the need for industry standards to lower the barriers to entry while ensuring that customer data is safe.
In this article, authors discuss a distributed architecture based on principles from security management and software engineering to address cloud computing’s security challenges.
Managing security requirements from early phases of software development is critical. In this article, author Rohit Sethi discusses how to map security requirements to user stories in Agile projects. 2