yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Computing
Conference & Expo
November 2-4, 2009 NYC
Register Today and SAVE !..

2008 West
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
Red Hat
The Opening of Virtualization
User Environment Management – The Third Layer of the Desktop
Cloud Computing for Business Agility
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Return on Assests: Bringing Visibility to your SOA Strategy
Managing Hybrid Endpoint Environments
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
How Can AJAX Improve Homeland Security?
Beyond Widgets: What a RIA Platform Should Offer
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
In many cases, the end of the year gives you time to step back and take stock of the last 12 months. This is when many of us take a hard look at what worked and what did not, complete performance reviews, and formulate plans for the coming year. For me, it is all of those things plus a time when I u...
Tips on Evaluating Security in the Cloud
Treat the Cloud like an extension of your corporate or production network

I've received a lot of questions lately about security in the Cloud and what CTOs should be considering when they are evaluating it. Here's my advice, treat the Cloud like an extension of your corporate or production network, don't treat it or hold it to a lower standard assuming that your cloud provider knows more than you.

If you have requirements that you can't get in your Cloud solution make sure that not getting those requirements constitutes an acceptable risk or tradeoff. In evaluating a Cloud provider here are some critical questions to ask:

1. What is the Authentication and Authorization required for access into the Cloud account?

  • Many cloud providers will provide a way to authenticate into the Cloud but how will this integrate with the identity solution currently used?
  • For these Cloud accounts how will group based auth be used? Can you have security groups like you do today?
  • Any good security policy has the philosophy of separation of roles. Make sure roles, access, and accounts can be separated effectively when using the Cloud.

2. When you're using the Cloud ask yourself the question "where is my data?"

  • Do you know? Does your provider know?
  • If there are geo restrictions on the location of the data, is the data within these restrictions? For EU companies, is the data in the EU or in a Safe Harbor country or is it elsewhere?

3. What are some of the steps a network admin. should take to secure the Cloud and what are the reasons behind these steps?

  • Understand access controls and restrictions.
  • Understand IP restrictions and policies. Where can these policies be applied and how? Who has the ability to audit these policies?
  • Who has access to view these restrictions?
  • In the event of a security compromise how will one find out what happened? Audit logs, IP logs?
  • For Cloud APIs how are these secured? HMAC? Certificate based authentication?
  • Always evaluate where credentials are stored, can these be compromised?

It depends on the level of security your company is seeking but it's imperative that the Cloud has a layer of security to protect users and their content being stored. Cloud providers use two-factor authentication to protect data and accounts from being compromised.

About Charles McColgan
As Chief Technology Officer, Charles McColgan spearheads the technical development, operations, and long-term vision of TeleSign. He brings 20 years of industry experience including 10 years of experience creating and operating SAAS solutions used by thousands of enterprises in the security and messaging space.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

SOA World Latest Stories
"We started a Master of Science in business analytics - that's the hot topic. We serve the business community around San Francisco so we educate the working professionals and this is where they all want to be," explained Judy Lee, Associate Professor and Department Chair at Golden Gate...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability...
We call it DevOps but much of the time there’s a lot more discussion about the needs and concerns of developers than there is about other groups. There’s a focus on improved and less isolated developer workflows. There are many discussions around collaboration, continuous integration a...
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optim...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is founda...
"CA has been doing a lot of things in the area of DevOps. Now we have a complete set of tool sets in order to enable customers to go all the way from planning to development to testing down to release into the operations," explained Aruna Ravichandran, Vice President of Global Marketin...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)!

Advertise on this site! Contact advertising(at)! 201 802-3021

SYS-CON Featured Whitepapers