SAML repository for authentication so that we can treat it as much as possible like an extension of our general security stance with password attempt monitoring, rate throttling and attack blocking, user lockout, etc.

You sir, sound like you know what you are doing.

Do you ever have attempts coming back from any of your vendors?

Or is the vendor simply passing data back to you about when accounts from your site are used in failed logon attempts to the cloud apps, via whatever their presentation layer is?

A typical SaaS vendor has numerous clients, all with varying levels of sophistication in their password and identity management procedures.

As if the need to ensure tenant isolation does not put enough pressure on the architects, they also have to worry about how well their customers are securing their own staff. The smart ones are doing Federation for predictable data transfers, and two-factor to secure the application layer. Even then, the legal people still make them sign disclaimers that ultimately, data breaches due to compromised credentials are the responsibility of the authorized bearer of the credentials.

It sucks to have to secure a slew of web servers, especially for those who have to run LOB apps on Windows platforms. VDI is being used pretty heavily on that front prevent information leakages. It's cheaper to spin up a session for them via a webpage, than it is to trust that their client is secure. Not to mention easier to maintain and troubleshoot. Staff can shunt the user to a clean session, shadow it, hold the user's hand through whatever.

On the plus side, with a good cloud provider, when your datas get pwnt, it is replicated somewhere else. Maybe even on tape in some cold, humidity controlled warehouse. Because no matter how good security is, sooner or later, it will get compromised.

At that point though, it is all about RTO/RPO which is outside the scope of security. BTW even with LTO6, restore rates from cold storage still blow.

Step out from behind your fear, AC. It is easy to sling mud when nobody knows who you are.

I see the geo-engineering deniers are out in force today with their mod points.

Go ahead and ignore what is hanging above your heads. I have made my peace with it already.

I am not sure why people get so defensive whens someone points out that they are trying to make it rain over California, a state that is experiencing its worst drought in decades.

One would think that I was touting conspiracy theories about the Illuminati trying to poison the masses with aerial bombardments of bacteriological agents.

Some data where desalinization projects did not go through due to greed on the part of the incumbent water utility.

I am curious because I used to live in a city that used desalinization. I always wondered why it was not more widely adopted. Everything that I found led me to believe that the root cause was due to the cost of energy required to make the process work.

Do you have any data to back up those assertions?

How old are you?

How long have you been looking at contrails?

I am not sure desalinization is not viable due to the cost of the technology, or due to the infrastructure required to get the water from the coast, up over the mountains and into the Central Valley where all of the farmland is.

I call bullshit on "the first". I do not know what is going on in the rest of the world, or even the rest of the United States, but geo-engineering is happening nearly every day in California. Jets are creating clouds on a daily basis. Just search Google image for "Chemtrails" and you can see plenty of evidence, from the clouds themselves, to the interior shots of the planes with all of the tanks and pipes and systems for creating the clouds.

The results are real. Just last week we had tropical storm level winds and snow at less than 1000 feet. That is in Southern California, which is a desert climate.

I believe that they are doing everything that they can to keep the state's agricultural economy from cratering. Too much of the Western United States is dependent on California's agriculture. The drought has the powers that be more worried than they are letting on to.

And all of this relates to the patent-free open sourcing that MS is doing right now, being the topic of discussion here? You do know that all patents related to this stuff is also covered in this push towards FOSS, right?

Here let me google something for you: Hanlon's razor

My niece asked me once, how can you sit in front of a computer and a keyboard all day? My answer: They pay me well, but I'd do it even if they didn't pay.

Microsoft hurt B&N? And here was me thinking it was a comination of Amazon and people not buying books anymore that was the problem. What was it specifically that Microsoft did? Cripple that horrible Nook thing?