Security+ Journey – Functional Types of Controls

Security controls are put in place ultimately to mitigate and minimize risk for an organization. As covered in a previous post, there are three main categories of security contols. To recap, these categories are technical (logical), operational (physical), and managerial (administrative). While these categories give us an idea of the high level characteristics of theContinue reading “Security+ Journey – Functional Types of Controls”

Cloud Essentials+ Journey – Try Before You Buy

Wouldn’t it be great if everything we wanted to purchase and integrate into our technology stacks would just work the way we wanted without needing to worry about it or even test things out? Well, anyone who has been around technology knows that is not the case. There is not always a ‘one size fitsContinue reading “Cloud Essentials+ Journey – Try Before You Buy”

Security+ Journey – Control Categories

Large concepts within information security are understanding what protections/controls we should have in place and then the actual processes of implementing those controls. The reason we have security controls can point back to the concept of the CIA Triad. To keep our organizations safe and healthy from an information security perspective, we should ensure thatContinue reading “Security+ Journey – Control Categories”

Cloud Essentials+ Journey – Statement of Work

In a previous post in this series, we covered different request documents that are sent to vendors/partners/service providers such as the request for information (RFI), request for proposal (RFP), and request for quote (RFQ). These request documents all deal with different phases of the pre-procurement process of a technology, system, or application. There is anotherContinue reading “Cloud Essentials+ Journey – Statement of Work”

Security+ Journey – Five Info Sec Functions

Something that I really appreciate when learning something new or working with a new technology is a clearly defined concept. When learning basic cloud concepts as part of my Cloud Essentials+ journey, I relied on the definitions from NIST to set the groundwork of my understanding of cloud computing characteristics. Well, NIST was there forContinue reading “Security+ Journey – Five Info Sec Functions”

Cloud Essentials+ Journey – Licensing Models

One major shift to migrating to cloud services was the move from capital expenses to operating expenses. With capital expenditures, we typically pay for assets up front, and own and maintain those assets. On the other hand, with operating expenditures, we are paying for a service, or furthermore, the right to use that service/application/system. ServicesContinue reading “Cloud Essentials+ Journey – Licensing Models”

Security+ Journey – CIA Triad

As with dealing with practically any task, project, or initiative, having a set of guidelines to assist us toward our goals can be very important and beneficial. Information security is no different. Just looking at and thinking about the words information security can be a bit daunting and overwhelming. Where do we even start whenContinue reading “Security+ Journey – CIA Triad”

Cloud Essentials+ Journey – Request for What?

Purchasing and implementing new solutions is a big part of the game for IT departments. Any time we deal with purchasing new gear or solutions, we are working with vendors, partners, and resellers. When working with these outside entities, there are different requests that we can draft to send to our partners/resellers/service providers. These areContinue reading “Cloud Essentials+ Journey – Request for What?”

Security+ Journey – The Beginning

From a learning an growth perspective, I have decided (at least for now) to lean more toward “going wide” than “going deep/narrow” in facets of information technology. I have enjoyed changing things up and broadening my knowledge and skillsets. Especially for the role that I am in currently, it makes sense to gain at leastContinue reading “Security+ Journey – The Beginning”

Cloud Essentials+ Journey – Cloud Migration Phases

Writing from experience, without knowing much about it, “moving to the cloud” can be a nebulous concept. It seems easy to just think that, “hey, we have applications hosted in our data center today, then tomorrow they will be in the cloud.” However, a cloud migration is much more than that. A fair amount ofContinue reading “Cloud Essentials+ Journey – Cloud Migration Phases”