The Business Cycle of Tech Consumption: The Need for Design Patterns and New Operating Models

In recent years, the enterprise tech sector has witnessed a unique cycle of overconsumption. This surge in technological investments and acquisitions isn’t merely a trend; it reflects the rapid digitization of business processes and the indispensable nature of tech infrastructure today. But like any cycle, there is an inevitable shift towards optimization after this period of overconsumption. Today, businesses are pivoting towards grand transformation projects that fuse the cloud’s agility with on-prem resources, integrating Network, Security, OT, and IT into seamless platforms. These transformative steps…

Looking Back

I like watching bad movies. I can’t help it really; I was born this way. Sometimes I’ll be sitting around with my older brothers, and we’ll talk about ridiculous movies, nonsensical movies, movies that are so stupid that they defy logic…and yet…they’re hilarious. “Did you see Tremors?” someone will ask. “Five times… at least!” is the reply. “OMG… really? Me too!” So you can see it’s a genetics issue. Nonetheless, no matter how bad the movie, there’s usually one or two redeeming moments. Maybe a…

Multicloud Connect, Secure, Automate and Control

The ONUG Community of Global 2000 firms spoke loud and clear at ONUG Fall 2022 in Manhattan, hosted by Raytheon. Enterprise computing is multicloud computing. The community knows multicloud delivers the widest range of options and choices for developer and infrastructure teams to address business requirements. Also, it was clear that multicloud is being required by regulators to mitigate concentration risk. The point that became crystal clear is that every IT organization needs a multicloud strategy and most importantly, an operational plan. This new thinking…

Cloud Security 101

Managing cloud permissions and configurations As organizations evolve in the cloud, you will find the number of cloud services their teams use and identity permissions that need to be managed increase significantly. These services teams used to build and deliver applications are referred to as assets or resources. Configuring cloud assets, roles, and permissions doesn’t take long to become tedious, time-consuming, and error-prone. The leading causes of security incidents are misconfigurations of assets and over-privileged identities, therefore, it essential to diligently manage these. Discovering cloud…

Your Firewall is Now Everywhere — And Nowhere

Network security has been stuck in a box for too long. Much of what we know consists of perimeter or zone-based rules that limit which network segments can talk to which other network segments over which ports. The workhorse of this world has been the firewall appliance, interconnecting network segments and enforcing these rules. In the meantime, applications have moved to the public cloud and users have left the building. Hybrid work is challenging the very notion of the enterprise WAN. So what does this…

Discover your Cloud Security Posture Maturity Level

ONUG Cloud Native Security Working Group Blog Series Introduction Cloud Security Posture Management (CSPM) is currently one of the fastest growing areas within the field of cloud security; most security vendors are now offering or developing CSPM capabilities. However, enterprises are still trying to build the most effective CSPM program to fit their environment. In many cases, it’s unclear where to start and what the end goal is for the CSPM effort.  To help simplify this process, this post will share guiding principles for implementing…

A More Secure Digital Future

A More Secure Digital Future During my long career, there has been one constant requirement I often hear, “I want to see an end-to-end view of an application.” This is the holy grail to assure great user experience, assure security and observability.  Developers, IT infrastructure and operational teams struggle every day with this lack of visibility of an application’s dependency map. Gaining end-to-end visibility is hard enough when you own every device or piece of software that supports an application as in a private data…

Zero Trust: An Overnight Sensation Decades Later

Introduction Years after the term was coined by Stephen Paul Marsh in 1994 and popularized by John Kindervag more than a decade ago, Zero Trust has become the “new” security solution that addresses the confluence of today’s three critical factors and the emergence of what amounts to a cyber-war on businesses and governments. Zero Trust switches the focus from outward-facing defense of a network perimeter to prevention of unauthorized exfiltration of data and other exploits. This short work looks at why it has become virtually…

Zero Trust: The Critical Essence – An Introduction

On January 12, 2010 Google wrote a blog revealing to the world that it had been breached by attackers sponsored by a nation state.  The attack is now known as ‘Operation Aurora’.[i] Subsequent investigations showed that many other enterprises and government organizations had also been breached by the same attackers.  Among other things, these hackers were targeting source code repositories via software configuration management systems.  Any entity that had already breached perimeter network security and had created a presence on an internal system could reach…

ONUG Collaborative Working Groups Kick Off 2022

Members of The ONUG Collaborative Working Groups are delivering solutions to the challenges faced by today’s Enterprise Multi-Cloud Community. Composed of both vendors and cloud consumers from some of the largest companies in the world, these Working Groups focus on delivering best-in-class solutions, both on-premise and off.  Here’s a quick update on the initiatives being worked on by ONUG’s Automated Cloud Governance, Network Cloud, Cloud Native Security and AIOps Working Groups.  Interested in joining the team? Contact us to find out more.  Automated Cloud Governance…