VMUG for Germany west (Schwalbach am Taunus)

Just a small reminder for the people that live in my area. On Friday, June 7th, the German VMware User Group (VMUG) west will be meeting up at the EMC office in Schwalbach (click here for a PDF with the address and route). In case you don’t know what the VMUG is for, here’s a quick summary:

The VMware User Group (VMUG) is an independent, global, customer-led organization, created to maximize members’ use of VMware and partner solutions through knowledge sharing, training, collaboration, and events.

The beauty of it? It’s something set up by users for other users. That means that people come to these events to get information that is vendor neutral, and have the ability to talk freely to others without having to fear that someone is trying to only give them the marketing pitch. Or at least, that is what it should be like.

So, the Germany West VMUG Meeting is at Friday, June 7, 2013 at the following address and time:

09:30 – 16:15

EMC Deutschland GmbH
Am Kronberger Hang 2a
65824 Schwalbach/Taunus

You can use this link to register for the event, free of charge, and get to see talks on VMware Nicira, “VMware Network & Security” and other security related topics.

And one important thing to note. The VMUG is a community set up by VMware customers for VMware customers. To exchange ideas, exchange common issues or worries, learn and get to know others in the community. If you feel like you can contribute, submit a proposal for a talk, or suggest a topic for the next VMUG. The more people that participate, the better a VMUG gets!

I’ll be there, and I’m looking forward to seeing you there!


Is it really secure?

I’ve been away on vacation and was on a road trip of sorts through the USA. I’ve been to New York city and visited the west coast after that. Final stop during our trip was a visit to Las Vegas.

Now, everyone has probably heard of Vegas, and those people that haven’t actually been there probably have an image in their minds of what Vegas looks like. For me that image was what most people know from movies like Oceans Eleven or series like Las Vegas. You will think about good looking men and woman, loads of money, warm winds, large casinos and security everywhere that will probably try to tackle you for even looking the wrong way.

Those that have actually been there will probably agree with me in saying that this image is only partially true.

Sleeping security guardThe simplest explanation is probably that something is not secure by simply putting a “Security” label on it.

I mean, what good is it if your security guard is actually sleeping? Or an example I’ve seen for myself was a security guard on a Segway. Sure, it seemed quite funny, but what good will a Segway actually be when the hotel or casino is actually full of people and you can’t use the speed of a Segway any way?

This question is valid in Las Vegas, but it is also valid elsewhere, or in a different area as a matter of fact. Software engineering, solution providers, industry standards and much more is being sold as “secure” these days. And you will see a lot of people reading the headlines and not even asking a simple question. A question that is absolutely critical if you want to talk about security.

How secure is it?

Ask yourself this question each time you see someone talking about their security or the security of their product/service. Ask yourself questions like:

  • How secure is it?
  • What makes it secure?
  • What would make it inscure?
  • What scope is actually secure?
  • Would it still be secure in my environment?

Questions like this are key in trying to understand something that is being sold as “secure”. EMC’s Chuck Hollis wrote a blog post on security and multi-tenancy and shows some of these questions being asked when he’s looking at a new product that is introduced by a competitor. But this should also be done by you.

If you are looking for a new solution. If you are implementing a new internal development. If you talk to your security officers. If someone mentions it’s secure. Go ahead, ask yourself and ask the other these kind of questions.

The worst thing what you can do when it comes to security is just seeing the word and taking it for granted, or even just trusting it is actually secure just because they say so. Most people seem to have a different opinion on what security starts with, but for me security starts with asking questions. The trick is (as always) about asking the right questions, and when you do ask your questions use an old principle and keep your questions as simple as possible.