RightScale Blog

Cloud Management Blog
Cloud Management Blog

Phil Cox

Phil Cox's picture
Phil Cox
Director of Security and Compliance at RightScale
Phil Cox is the director of security and compliance for RightScale where he focuses on security as both a consumer of a variety of cloud services as well as a provider of a cloud management solution. Prior to that he was a director at SystemExperts, a security and compliance consulting firm. He is a well-known authority in the areas of systems integration and security, and is an active contributor to multiple Cloud Security Alliance initiatives, as well as to Payment Card Industry (PCI) cloud and risk groups. He frequently writes and lectures on information security and compliance issues faced by organizations. He has written several books in the area of Windows and network security, and was technical editor of two "Hacking Exposed" editions and "Building Internet Firewalls."

Articles by Phil Cox

Cloud Strategists See Enterprises Gaining Confidence with Security

Posted by Phil Cox   Ι   August 19, 2013 0 comments
Early adopters of the cloud computing model had to fight the perception that no Infrastructure-as-a-Service (IaaS) provider could be as security-conscious as their own organizations. Over the last several years, as public cloud providers have gotten better about communicating their security features, that view has changed, according to the cloud strategists we talked with. For most organizations...Read more

Achieving Code Compliance in an Agile Environment

Posted by Phil Cox   Ι   July 17, 2013 1 comment
Cloud computing, DevOps, and agile methodologies often go hand-in-hand to help developers create applications quickly to meet business demands. As organizations move critical business applications to the cloud, compliance with security policies, regulations, and internal engineering standards becomes more important. How can you maintain the benefits that come with cloud, DevOps, and agile...Read more

HIPAA in Public Cloud: The Rules Have Been Set

Posted by Phil Cox   Ι   July 03, 2013 1 comment
The U.S. Department of Health and Human Services' (HHS) Omnibus Rule finalizes all the former interim rules for Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) compliance. There are a number of changes and exceptions that organizations need to consider before enforcement begins on September 23, so we've broken...Read more

RightScale Compute: PCI-Compliant Apps in the Public Cloud

Posted by Phil Cox   Ι   April 11, 2013 0 comments
PCI compliance in the public cloud is a growing topic of concern and interest. Some people claim one can be a PCI-compliant merchant using a public IaaS cloud, while others say that's impossible. I am a former Qualified Security Assessor (QSA) and have participated in multiple PCI working groups, and I'm firmly in the former camp. PCI compliance in the cloud is possible, but the hardest part is...Read more

AWS CloudHSM: Why You’ll Want It and What to Watch Out For

Posted by Phil Cox   Ι   March 28, 2013 0 comments
Security has been one of the top challenges in every survey on cloud computing in the last five years. Yet public cloud providers have continued to beef up their security offerings, and not everyone realizes how far providers have come in providing tools that enable customers to follow security best practices . This week AWS took a giant step forward to address a major cloud security challenge...Read more

Security Monitoring In Public IaaS: How We Do It at RightScale

Posted by Phil Cox   Ι   January 24, 2013 2 comments
In my experience helping RightScale customers who are at varying points in the cloud adoption spectrum from investigating IaaS to launching a POC to already using IaaS for production applications, I see quite a bit of confusion about how to actually “do” security in the cloud, particularly in IaaS. And the sheer volume of vendor cloud washing and sales FUD that is being perpetuated makes it even...Read more

RightScale Enterprise Security Features Unleashed

Posted by Phil Cox   Ι   August 08, 2012 0 comments
We have been busy this summer working on a number of security- and governance-related features for our Enterprise Edition customers, who are typically large organizations that have well-defined internal user identity and compliance structures. With the latest RightScale release , we have improved or added on to the following features: Managed SSH Login Single Sign-On with SAML API-Based...Read more

PCI Compliance in the Public IaaS Cloud: How I Did It

Posted by Phil Cox   Ι   July 24, 2012 12 comments
Over the past few years, I have heard many folks assert that one can be a PCI-compliant merchant using public IaaS cloud, and I have heard just as many state that it's not possible. In retrospect, I have found most of them - including myself - to be misinformed. After gaining more firsthand experience, I feel confident telling you where I sit at this state in the game on the question: “Can I be...Read more

RightLink Agent Security Features & Upgrading from V4 RightImages

Posted by Phil Cox   Ι   January 24, 2012 12 comments
A fundamental problem in cloud management is "how do I get the remote instance to do what I want it to?" Taking this task on for a few systems is doable with a number of techniques, making it scale for many thousands is not quite as simple. At RightScale, we have been on the bleeding edge of this issue since the early days of cloud computing, and we have learned a lot along the way. One of those...Read more

Applying Security Workarounds in the RightScale Universe

Posted by Phil Cox   Ι   September 29, 2011 1 comment
In a recent post I discussed some of the options for patch management in the RightScale platform . This time I will talk about what happens when a patch is not available through traditional patch channels from the vendor. This typically happens in one of two cases: A workaround or configuration fix is made available from the vendor of a package The vendor of a package applies a security patch to...Read more