Thursday, December 1, 2011

The Cloudcast - Eps.24 - "CloudPassage - Security in the Cloud" + Show Notes

Date: December 1, 2011
Guest: Rand Wacker - VP of Products, CloudPassage (@randwacker; blog - http://info.cloudpassage.com/)






Topic 1: Before we jump into CloudPassage, I’d like to talk about the state of the industry for just a few minutes. Almost everytime I talk to companies, or read survey data, “security” is almost always listed as the #1 or #2 concern when the topic is “Cloud Computing”. How much of that do you attribute to new technology and how much is human concern because these are new ownership models, new operational models, etc..?


Topic 2: We reached out to Rand about being a guest on the show because we knew of his work at IronPort previously (considered excellent security technology), but also because CloudPassage appears to have a different model for “securing the cloud”, more holistic and delivered as a service (SaaS).  Can you tell us about Cloud Halo, why it’s unique and why it’s winning awards (5 Security Vendors to Watch)?


Topic 3: The world has been a very interconnected place for quite a while, but the way services are interconnected these days is rapidly changing (APIs, distributed applications, public/private clouds, etc.) How does CloudPassage deal with this evolving environment, and how do you explain this interconnectedness to your customers?


Topic 4: I read a quote once that “most companies spend more on coffee than they do for IT security”. We live in a 24x7x365 world where reputations get crushed (eg. Sony) in hours/days. Is there a way to put a budget % on security spending? What’s the right way to think about security costs vs. risks?


Topic 5: There are obviously many ways to provide some level of security. Other parts of technology are going through some potentially radical changes (mobile devices, networking, storage media). Does Cloud make security radically change, or do you see it as more of an opportunity to change the way people think about how security + their systems need to be interconnected, purchased, operated, etc..