Kubernetes and Container Security
Our clients frequently ask us for advice on securing Kubernetes, the popular container orchestration engine.
Mining Technical Debt for Fun and Profit
That old tech debt gets a hard crust of “don’t go there” and after a while only a few people understand how it actually works. Those few people know the system well enough to develop workarounds to meet new requirements, so you don’t get a mandate to replace it.
Temporary Workarounds Shouldn’t Last Longer Than Permanent Solutions
You’ve got frustrated users, availability and confidentiality issues. All from a temporary workaround that wasn’t fixed when it was relatively easier. Welcome to technical debt and the interest is accruing. Where non-kludged systems can be patched and upgraded within regular service windows without the entire IT department on call, fixing this monster will require serious planning.
WannaCry as the Regulatory Brown M&M
If you were under a rock for the last few weeks, WannaCry is one of those cyber-security events that made it into regular news. If it hits NPR, that means everyone who knows me or at least strikes up a conversation at the bar will ask me my opinion.
Compliance as a Cost of Customer Acquisition
If you're like many of our clients, you're in customer acquisition mode. You've spent a bunch of money to build your product or service, and the marginal cost to support a new customer is relatively small. They're buying the same thing everyone else is, so there's some additional load you need to meet.
U.S. Regulatory Outlook for 2017
I don't want to bring up politics but this is the first U.S. election where cybersecurity had sustained, serious attention by the press and the candidates.