Author Archives: CloudTweaks

Cloud Infographic – The Major Vulnerabilities of 2014

Cloud Infographic – The Major Vulnerabilities of 2014

The Major Vulnerabilities of 2014

There have been 3 major vulnerabilities over the past year.

Heartbleed (Dubbed Heartbleed, this dangerous OpenSSL bug allows an attacker to access information from a client or server’s memory.), Shellshock (Once exploited, this vulnerability allows attackers to completely take over the server, enabling them to steal files, delete information, download malware and execute DDoS attacks.)and most recently POODLE (An exploit design flaw in SSL 3.0, attackers convince the browser to downgrade to SSL 3.0 (i.e., fallback option).They then exploit SSL 3.0 weaknesses to decrypt and extract sensitive data from the stream (e.g., email addresses, passwords, credit card data from an e-commerce site).

These vulnerabilities are enough to instill a fair bit of trepidation and have the ability to make your hairs stand on end. These concerns are unfortunately not going away in 2015 as there will be more major vulnerabilities. How many and how much damage are a couple of key questions.

Provided is an infographic by Incapsula which illustrates some of the differences between the 3 vulnerabilities.

2014-mega-vulnerabilities

Cloud Infographic – Cyber Monday Security

Cloud Infographic – Cyber Monday Security

Cyber Monday Security

This is a time when cybercriminals become opportunists due to the explosive nature of Cyber Monday online shopping. The incredible number of online transactions taking place each second makes it a very lucrative time for these groups.

We have provided a timely infographic by zerofox which gives you some ideas of what to like for and how criminals are carrying out these attacks.

Cyber-Monday-Crime

Cloud Infographic – Six Online Retailer Trends To Expect

Cloud Infographic – Six Online Retailer Trends To Expect

Six Online Retailer Trends To Expect

Online shopping has continued to grow over the years as more and more people are connected via a huge array of innovative devices. Much of this is also attributed to the fact that businesses of all sizes have been able to find ways to quickly and cheaply streamline their brick and mortar inventory into a flourishing cloud based online shopping experience.

Provided is an excellent infographic by econsultancy.com which highlights the continued growth of online shopping versus in-store purchases.

Click To View Full Infographic

black_friday_infographic

Cloud Infographic – Cloud Currency

Cloud Infographic – Cloud Currency

Cloud Currency Opportunities

We’ve written a bit along the lines of cryptocurrency and crowdfunding in the past, and anticipate that we’ll be writing more about these subjects in the near future. Take a look at Six Things You Didn’t Know about Cloud-Currency surrounding cryptocurrency as well as another useful infographic by Entrepreneur.com which takes a closer look at the industry growth of Crowdfunding in 2014.

Included is an infographic provided by currencyfair.com which consolidates both cryptocurrency and crowdfunding into one extensive piece titled: “The World Of Alternative Finance” .

The World of Alternative Finance-currency

Cloud Infographic – Cloud Investment Spending

Cloud Infographic – Cloud Investment Spending

Cloud Investment Spending

Cloud acceptance and adoption continues to grow at a brisk pace. IDC (International Data Corporation ) predicts that, the worldwide Internet of Things (IoT) market will grow from $1.3 trillion in 2013 to $3.04 trillion in 2020 and contain nearly 30 billion connected “things.” This certainly bodes well for the Cloud computing industry as thousands of new IOT devices will be connecting to the cloud via API where company developers and engineers will be producing, analysing and storing great levels of data. With the lower costs of cloud based services, it will be more and more difficult for companies to not consider adopting a service.

Attached is an excellent infographic provided by IDG which takes a closer look at the current state of the cloud.

infographic-cloud-idg

Cloud Pinup: Cloudifile – Beyond Encryption

Cloud Pinup: Cloudifile – Beyond Encryption

Beyond Encryption: Solving the Problem of Cloud Security

CloudifileWhen you store your data on the cloud, you’re entrusting it to a company that may be located hundreds of miles away. You’ll probably never see their servers in person, nor will you ever shake hands with the engineers responsible for protecting them. And there’s no mistaking the risks: hackers could find electronic back doors to access your data; a corrupt employee could compromise the system maliciously; an intermediary could intercept the data while it’s being transmitted to or from the cloud server; or the physical servers themselves could even be stolen or damaged. Even widely-trusted services like Dropbox are being hacked on a regular basis, rendering millions of users vulnerable. How can you trust that your sensitive data is safe in the cloud when so much of the process is out of your control?

Clearly, simple password-protection isn’t enough. A Google Drive or Dropbox account may gain a small amount of protection this way, but any competent attacker can get around a simple password requirement. In addition, most people allow their computers to log them into these services automatically, so if a thief steals the computer the whole storage system will be easily accessible.

Encryption

cloud_99

The most basic supplement to password protection is encryption, which scrambles server data so that hackers cannot read it. However, for encryption to work the encryption key itself must be protected. That’s why the more advanced security services, such as Cloudifile from Cloud Labs, employ a multi-layered system of data protection. This begins with the data encryption: Cloudifile’s free encryption system is in line with basic industry standards, combining RSA asymmetric encryption (2048 bits) and a Blowfish algorithm (256 bits). On top of that encryption, Cloudifile does not store the encryption key on its own servers, meaning the entire data center could be compromised and it would still be impossible for an attacker to access any sensitive data. Clients store their own keys, and so any attacker would have to get into two secure systems simultaneously in order to steal the data.

Even an advanced encryption system, however, can leave data vulnerable if the client has to open a brand-new storage account and manually import all the relevant data. Not only is the data-transfer process itself vulnerable to attacks; but residual data on the original storage server may persist in unsafe locations even after the files are “deleted,” making the secure cloud storage irrelevant. Advanced security solutions have overcome this problem by integrating familiar technologies, and here again Cloud Labs’ free Cloudifile service is a good example. Cloudifile is a Dropbox tie-in rather than a stand-alone storage service. Clients can continue using their familiar cloud storage system, but have it protected from all angles. Cloudifile users simply select which files and folders they want to protect, and the service covers them – so whereas many cloud-storage security services are akin to placing files in a secure lockbox, Cloudifile is more akin to drawing a protective boundary around whatever container the files are already in.

By Gustav Steinhardt

Why seeing is believing in the world of Cloud

Why seeing is believing in the world of Cloud

Why seeing is believing in the world of Cloud

Understanding how your server workloads are performing is crucial for a sound systems management.  If you are able to look into your systems, you can deal proactively with future issues.  By monitoring your systems and servers it will tell you that you are running out of disk space on one of your volumes. With this information you can make an informed choice to order extra drives and install them before a catastrophic event would happen.

ecmanaged

Monitoring also alerts you of future outages due to hardware failure.  The cases are multiple were downtime was avoided by catching through monitoring that a disk drive or disk controller was having problems.  Each SysAdmin can recall a situation where monitoring and alerting disrupted his sleep but saved his business.

Without monitoring you would not find out about these things until they fail completely and the service is brought down hard. You´ll agree that is pure horror in an online business environment. Each minute of downtime is hard money you or your client loses.

In a virtualization scenario these risks multiply even further.

Though virtualization technology and Cloud in particular has changed our world for the better, it came with some significant challenges.  The biggest being that SysAdmins now need to use tools to understand their infrastructure.  “Seeing” or “Touching” servers has become virtually impossible. Cloud has moved workloads from data centers to, well, the Cloud.

So how should a SysAdmin deal with that new reality? The tech world always wants to learn and improve. Solving this problem is key to continue with an ever more virtualized reality. Cloud management and monitoring tools like ECmanaged are such innovative solutions.

As Cloud management tools are often SaaS-based, they are cheap and easy in usage. A good Cloud management tool will give insight into all of your on-premise machines and of your VMs and Cloud infrastructure. Regardless of the virtualization technology they use. ECmanaged is an example of such a tool. It provides this unified and technology neutral monitoring. It informs you how your servers and VMs are doing and it anticipates failures. Combine the monitoring data with an autosolver or automated management actions and SysAdmins will enjoy a better nights´rest.

Monitoring goes further than pure infrastructure monitoring. Performance, application and process checks are crucial data in an online business environment. You want to avoid scenarios where your infrastructure is up but people can´t access your webshop due to a front end failure for example. ECmanaged has combined all this monitoring data in a single tool and added the option to include customized monitor plugins. Because seeing is believing in Cloud. You can subscribe to a Free Trial to ECmanaged here.

About ECmanaged: Founded in 2012, ECmanaged is a pioneering multi-Cloud and IT management tool enabling users to take full control of their Cloud platforms and physical servers. Its intuitive design and interface allow users to develop Cloud platforms avoiding provider imposed restrictions. ECmanaged enables users to be in control of all their platforms and applications both at the implementation phase and afterwards. www.ecmanaged.com

By Joeri Hamvas

Sponsored By ECmanaged

5 Things to Consider When Building Business Apps in a Hybrid Environment

5 Things to Consider When Building Business Apps in a Hybrid Environment

Business Apps in a Hybrid Environment

Cloud computing has hit its stride; it has become a part of IT strategies across the globe, and the benefits of turning to a hosted environment can’t be ignored. But it often seems like companies are viewing their options as “go cloud, or go home,” rather than thinking strategically about their needs as an organization. While it’s important to embrace emerging technology and strive to modernize operations, this view of cloud is simply not realistic for most organizations.

Typically, cloud offerings are simpler in structure and less feature-rich. However, they’re also much easier to use, and offer scalable and flexible environments that can be tailored for an organization’s specific needs. This seems to resonate well with business buyers, as cloud offerings provide the necessary functionality without the obligation of investing in add-ons and extra features businesses don’t need. Users get the tool they need—and can use–when they need it.

business-apps

(Image Source: Shutterstock)

But, even with the numerous benefits of the cloud, it’s not a silver bullet solution for most organizations. Today’s dynamic environment often requires a combination of on-premise platforms and cloud-based solutions to meet the complex needs of the enterprise. Often, the right answer is a hybrid environment that enables organizations to build business applications on the fly, across the enterprise, while reserving on premise solutions for areas of the business, like security for example, that may not be a fit for the benefits of a virtual infrastructure.

Turning more specifically to application development, deploying applications in the cloud is helping make solutions by end-uses and for end-users easier than ever. But when legacy systems or governance and regulatory requirements restrict business data to live in the cloud, end users can find themselves up a creek without a paddle. This is where the promise of hybrid environments that are able to connect back to the on-premise world makes an impact. In a world where users can build and bring their own apps in the cloud and, as a key driver to make that a success is the ability to securely reach back to the business IP that’s locked up in on-premise and legacy systems.

5 Things To Consider

With that in mind, here are five things to consider when building business applications for a hybrid environment:

1. Less can be more. In general, enterprise applications should be kept simple and easy to use, but this is especially true when information needs to go to and from environments. Consider a no-download, no-install, no-code required environment that is directly connected to line of business data. Eliminating the need to lobby the IT department will spell a win for everyone involved: IT, end users and ultimately the business.

2. Accessibility. Applications have become a primary way people access information across devices, both inside and outside of the office. At last count, there are more than 1.2M apps available from Apple and more than 1.3M from Google, according to the companies respectively. Bring Your Own App (BYOA) trends are changing the way we do business as employees take matters into their own hands. Businesses need to understand that this shift is inevitable, and provide guidance for the employees and management to responsibly embrace the trend, especially when a hybrid environment is at play.

3. Recycle. With all of these business applications at the users’ fingertips, leverage best practices from industry, users and trends to offer a new approach or resource that stands out and solves specific business challenges. Apps, dashboards and mashups are all disposable, but the real asset to be protected is the information behind them. To make the most of time and resources, provide secure and fluid access to a line of business systems and data with easy ways to create disposable apps comprised of forms, process modeling and reports. Repurpose functionality from previous iterations when possible and continuously learn from and improve upon those designs.

4. Leverage tech-savvy advocates. Some employees will embrace the cloud more than others, especially those who understand agility and have a desire to control technology. Leverage this to create a new and willing market, which enables users to quickly surface the features they need in a matter of hours or days with the help of, not in spite of, IT. To convince skeptical employees of the value, invest in an experienced strategist and champion who can help guide employees toward success, and minimize failed attempts that may discourage them from adopting new technologies.

5. Sometimes on-premise is the answer. Yes, for a lot of companies, a hybrid solution is a great idea. But not for everyone. Remember not to get caught up in “what’s hot and what’s not” when evaluating software. Every organization leverages highly valuable, and usually on premises solutions such as BPM, CRM and ERP. The trend towards cloud doesn’t’ mean you should ditch these systems or that the move has to be made at once. Instead, take responsible, progressive steps to seamlessly and securely take on-premise systems work in the cloud and on mobile, and consider ways to integrate this system via hybrid options. For software vendors with deeply entrenched interests in the existing way of doing business, it can be a painful transition to the cloud. Be prepared to have those conversations about what applications need to be in the cloud, and when an on-premise solution makes sense.

It is important to look outside of corporate confines for technology solutions that allow employees the flexibility to get their jobs done quickly and efficiently. However, many of these solutions still require access to internal systems and data, making plans for these hybrid IT scenarios critical. The outcome will provide a level of governance that keeps critical business data and systems secure, while empowering users across the organization with ways to solve their problems faster and deliver better results.

Finding a toolset or platform optimized for hybrid solutions allows IT to develop secure data connections that can be surfaced for business users to access with easy-to-use tools, allowing for rapid solution delivery while still maintaining a level of control and security.

By Koos du Preez, CTO, K2

CloudTweaks Comics
Big Data and Financial Services – Security Threat or Massive Opportunity?

Big Data and Financial Services – Security Threat or Massive Opportunity?

Big Data and Financial Services Cloud Banking Insights Series focuses on big data in the financial services industry and whether it is a security threat or actually a massive opportunity. How does big data fit into an overall cloud strategy? Most FI’s have a positive mind-set towards cloud IT consumption as it not only enables…

5 Considerations You Need To Review Before Investing In Data Analytics

5 Considerations You Need To Review Before Investing In Data Analytics

Review Before Investing In Data Analytics Big data, when handled properly, can lead to big change. Companies in a wide variety of industries are partnering with data analytics companies to increase operational efficiency and make evidence-based business decisions. From Kraft Foods using business intelligence (BI) to cut customer satisfaction analysis time in half, to a…

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation…

The Internet of Things Lifts Off To The Cloud

The Internet of Things Lifts Off To The Cloud

The Staggering Size And Potential Of The Internet of Things Here’s a quick statistic that will blow your mind and give you a glimpse into the future. When you break that down, it translates to 127 new devices online every second. In only a decade from now, every single vehicle on earth will be connected…

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring One of the hottest topics in Information and Communication Technology (ICT) is the Internet of Things (IOT). According to the report of International Telecommunication Union (2012), “the Internet of things can be perceived as a vision with technological and societal implications. It is considered as a…

The Cloud Above Our Home

The Cloud Above Our Home

Our Home – Moving All Things Into The Cloud The promise of a smart home had excited the imagination of the movie makers long ago. If you have seen any TV shows in the nineties or before, the interpretation presented itself to us as a computerized personal assistant or a robot housekeeper. It was smart,…

The Internet of Things – Redefining The Digital World As We Know It

The Internet of Things – Redefining The Digital World As We Know It

Redefining The Digital World According to Internet World Stats (June 30th, 2015), no fewer than 3.2 billion people across the world now use the internet in one way or another. This means an incredible amount of data sharing through the utilization of API’s, Cloud platforms and inevitably the world of connected Things. The Internet of Things is a…

5 Predictions For Education Technology

5 Predictions For Education Technology

Education Technology Although technology has fast influenced most sectors of our world, education is an area that’s lagged behind. Many classrooms still employ the one-to-many lecturing model wherein the average student is catered for while a few are left behind, and others bored. Recently, there’s been a drive to uncover how to use technology successfully…

Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications It’s no secret that organizations are embracing the cloud and all the benefits that it entails. Whether its cost savings, increased flexibility or enhanced productivity – businesses around the world are leveraging the cloud to scale their business and better serve their customers. They are using a variety of cloud solutions…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

5 Things To Consider About Your Next Enterprise Sharing Solution

5 Things To Consider About Your Next Enterprise Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Cloud Services Providers – Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the information and process needs of its workforce and its customers. However, data suffers from a likability crisis. It’s as essential to us as oxygen, but because we don’t see it, we take it for granted.…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…