Blog by Rob Newby

Blog
Top Risks of IAM Programmes
by Rob Newby
IAM risks fit into 4 programme areas, Executive Support, Business Involvement, Strategy and Technology; and one area of the organisation, People. Each of these areas holds a number of risks which must be managed and controlled. 1. Executive Support Risk 1 – Without executive buy-in to an IAM programme, navigating the business is an uphill task which eats into valuable planning time. Issue – The identification of responsibilities in the business organization is often the most complex challenge. Mitigation – This is made much easier if the business value...
Read More
Blog
Why SDCI needs organizational change in IT
by Rob Newby
My last post focused on the challenges and the potential of SDN (Software Defined Networking) and SDCI (Software Defined Computing Infrastructures) for improving Information Security. APIs are being used to control more devices from a central point, bringing agility to networks, virtual systems, storage, and other elements of the computing infrastructure that meet the demands of the business. If businesses are becoming more agile, IT also must become more agile however. SDCI is mandatory to support the changes in business.  However, that is not only a technical challenge and it is...
Read More
Blog
Software Defined Networking Security Implications
by Rob Newby
Due to their natural coupling, SDN and virtual networking are often confused, but are not the same thing. Virtual networking is the ability for networks to exist in a virtual state – removing hardware, as with SDN. This already happens in the majority of networks, VLANs being used as a logical separation control. Virtual networking still combines the control and management planes and doesn’t change the implementation however. SDN splits out the control plane and makes it simpler to manipulate the underlying traffic, enabling control of the data without access to it. SDN and virtual...
Read More
Blog
Software Defined Networking Market Implications
by Rob Newby
As part of a series of blogs concentrating on the market of Software-defined infrastructures such as SDN (Software Defined Networking) or SDCI , I am currently looking into SDN, and the implications that it is will have for the network market in general over the coming months. It helps to understand the context of SDN, a little bit about how it works, and how that shapes the market. In traditional networking equipment, the management plane manages the control plane which directs traffic in the data plane. Software Defined Networking (SDN) aims to provide more control without physical...
Read More
Blog
The World is your Datacentre
by Rob Newby
I’ve worked in Security for many years, specialising in Network and Data Security, largely by chance, following my interests and the market in equal measure. I started with authentication tokens and SSL acceleration devices back in the early 2000s, the latter market mutated into key and certificate management, encryption of various types hanging off these monolithic management devices. Some of the SSL accelerators turned into load balancers and proxies, even SSL VPNs. It was a technology that spawned a number of others. In 2009, I prophesised that encryption was finally going to make a...
Read More
Blog
Security is not enough
by Rob Newby
Since I have worked in this industry, one trend has always been evident – most IT departments can’t, don’t or won’t pay for the very cutting edge developments in security technology. It’s not that they struggle to keep up with these developments, on the contrary, they are the very people who are demanding them, it is that they have different priorities. Technology budget is traditionally focused on performance and delivery rather than security, as that is where the obvious business benefits lie. Security rarely gives a return on investment, it is there to prevent loss; so at best security...
Read More