security

More Secure In The Cloud

Jeff Gallimore Uncategorized , ,
gauges from Jeanne Masar
“morlocks” by Chilanga Cement is licensed under CC BY 2.0

I have talked to organizations that haven’t yet moved into the cloud because of security concerns. They stay locked in their own data centers because they have a fear of exposing their systems and information to the outside world. This may sound counterintuitive to those that haven’t moved to the cloud yet, but you’re more secure in the cloud than you are in your own data center.

I’ll give you three reasons why this is true — and one big caveat to make sure it’s true for you. Read on or watch the short video I did on this topic.
Continue reading

Top 4 IT Fails of All Time

Jeff Gallimore Uncategorized , , ,

smilies bank sit rest

I’m a big believer in the old adage, “Those who do not learn from history are doomed to repeat it.” You need to examine your mistakes, figure out why and how you made them, and then use those lessons so you can do better the next time. In addition, I would prefer to learn from other people’s mistakes rather than committing them myself — it’s gain without the pain. So I asked myself the question, “What are the biggest IT fails in history?” And then the more important follow-up, “What can I learn from them?”

I wanted to find the failures that were significant and spectacular. They had to be impactful and memorable. There are plenty of stories about failed IT projects that “just” wasted a lot of money like this one from the Air Force (there’s a lot to be learned from them, too). But I wanted the projects that culminated in a momentous, go-out-in-a-blaze-of-glory, end-up-on-the-evening-news kind of failure.

Here’s my short list along with the lessons I took away from each.
Continue reading

We’re Better Together: DevOps, Security, Audit, and Compliance

Jeff Gallimore Uncategorized , ,
nomnomnom from Katheirne Hitt
“nomnomnom” by Katheirne Hitt is licensed under CC BY 2.0

I’ve been on a kick recently about how DevOps, security, audit, and compliance all fit together. Spoiler alert: they all do fit together. In fact, we’re better off individually and collectively when we bring security, audit, and compliance into the DevOps tent and treat them like we would any other function that has valuable expertise to contribute to help our organizations win. We’d all benefit from what we can learn from each other.

I wrote about a few ways to do that on Excella’s blog. You can also get more information from a talk I gave a couple months ago on this same topic.