Author Archives: Steve Prentice

When The Cloud Comes To The Black Friday Table

When The Cloud Comes To The Black Friday Table

Black Friday

table-black-friday

Black Friday, as most people know, is the busiest shopping day of the year, occurring immediately after U.S. Thanksgiving, and ushering in the “official” beginning of the Christmas/Holiday shopping season. Its name has come to represent the time of the year at which most retailers start to turn a profit (operating in the black), as opposed to running at a loss (in the red) as they have been doing since January 1. Although this dire financial situation does not apply to all retailers everywhere, it is no surprise that the onslaught of aggressive, deal-hungry shoppers delivers a fresh wave of commerce and cash, much like a coastal ocean swell replenishing a tide pool.

Cloud technology has a major role to play in supporting the activities of the Black Friday weekend of course, first by managing the spike in commercial transactions that happens on the Friday and the weekend, and then secondly in coordinating the online sales that occur on the following “Cyber Monday,” a relatively more recent tradition in which shoppers turn to online retailers to complete the shopping they could not finish over the weekend. Retailers the world over now rely on the cloud to fulfill every element of the retail process from the pre-season wholesale ordering of goods through to post-sale delivery and customer service, and everything in between.

Though, Black Friday still seems to be a retail-oriented phenomenon, aimed squarely at consumers – the public – the B2C arena. Seasonal deals in the business-to-business (B2B) sphere are few and far between, and seem relegated to the primary levels of the industry, such as the occasional cloud hosting or web page-hosting provider offering up extra space for any new customers that sign up on this special weekend.

Cloud Black Friday

How long might it be before the world sees “Black Friday” sales on a higher-level? A cloud industry level? For a start, the increased awareness of the need for high-performance cloud technology in support of this busy retail season can easily translate into a plethora of conversations about robust cloud technology in areas such as analytics, security, application development and migration.

If one were to accept the notion that Black Friday was thus named for the arrival of profits, rather than losses in a storekeeper’s books, then today’s retail madness was actually born out of an accounting term. If the world can translate an event from “accounting” to “shopping”, then it might be just as easy to reconfigure the Black Friday concept from “retail” to “industry”.

Selling cloud technology is a big and very tangible business, as can be seen by the number of major trade shows and events that occur around the world, hosted in huge convention centers and attracting thousands of delegates. Although virtualization may be a central theme of cloud, there are still many solid parts to the machines behind it, and these need to be seen, touched and experienced by business buyers.

Although cloud has no season, techniques for selling cloud technology follow the same traditions as selling cars, phones and video games: newer equals better, cheaper, sexier, with more features and greater reliability. Cloud technology has made great strides in separating itself from old-school mainframe ideologies, through its current marketing approaches and its open-source attitude. Very soon, as in a couple of years soon, it is highly likely that the new generation of business-to-business will take a page from its retail sibling and start to sell its wares seasonally.

(Updated and edited: November 24th, 2016)

By Steve Prentice

Security Audits, Cyberattacks and other Potential Front Line Issues

Security Audits, Cyberattacks and other Potential Front Line Issues

Defending the Organization

When people talk about security audits in an organization, thoughts immediately go to malware, cyberattacks and other front line issues. These appear as the most obvious types of threats and are consequently given the greatest attention. As essential as these responses are, companies need additional layers of audit and defence further up the hierarchy if they are to build a culture of perpetual and successful self-governance. The problem is, internal compliance and control – the key elements of self-governance – are falling woefully behind the times thanks to traditions that have not yet received a full overhaul. This is bad news for business in the private and public sectors, since the enemies they face have already stepped up to the speed of “now.”

Traditionally, businesses have relied upon three lines of defence for standing up against risk. Called the “Combined Assurance Model,” it relies first on line managers to watch over the business processes. The second line belongs to internal risk managers and assurance providers, and then thirdly comes the internal and external auditors.

Security Audits

Such a structure has not always proven to be reliable. In 2013, Financial Times journalist Howard Davies quoted British lawmakers as suggesting the model “promoted a wholly misplaced sense of security.” He added, “Far from complementing each other as happy teammates, they think the second and third lines are in the chocolate teapot category of uselessness, with “the front line, remunerated for revenue generation, dominant over the compliance risk and audit apparatus.” 

These are the types of issues that worry Shrikant Deshpande, senior banking technology, risk and assurance professional and (ISC)2 Certified Cloud Security Professional. He suggests there seems to be a gap between Internal Audit, GRC (Governance, Risk management, and Compliance) and Cyber Security in terms of formalized methods of defining risks, monitoring and assurance. “There is certainly a meeting of minds and policy level agreement on objectives,” he states, “however a formal process of risk mapping and traceability of assurance outcomes to agreed high level risk needs to improve.

What this means in the most straightforward terms is that audit and GRC education must keep up with the times, and with the new technologies now impacting business globally, like cloud, big data and IoT. There needs to be greater investment in security monitoring technologies and in internal education, and this requires getting through to executive decision makers in a way that effectively conveys both urgency and importance.

Shrikant highlights the recommendations of a 2010 research paper published by the Institute of Chartered Accountants in Australia, outlining a process of continuous assurance for the digital world. Central to its thesis was the notion of “better matching internal and external auditing practices to the reality of the IT-enabled world, to provide stakeholders with more timely assurance.” The authors advocate “audit automation,” to move the audit process away from a “manual, periodic paradigm” to something more real-time.

Shrikant points out that a variety of cloud technology neutral assurance methods and processes already exist, such as COBIT, ISO 27k , ISO 30k, and NIST. The challenge is that audit and GRC professionals need to mature their skills and knowledge to apply these in specific technology environments like the cloud.

This is where a combination of techniques like assurance mapping, combined assurance and continuous auditing can coexist and assist.

He adds, “the gap between risk management stakeholders and those who are actually monitoring risk and creating assurance continues to exist. There is a legacy of division that must be overcome if businesses and organizations hope to thrive in the extremely fast-paced world of cyber-connected business.” His advice: formally engage. Organizations need formal programs, formal assurance mapping and an up-to-speed monitoring program. The luxury of waiting no longer exists.

For more on the CCSP certification from (ISC)2, please visit their website. Sponsored by (ISC)2.

By Steve Prentice

The DDoS That Came Through IoT: A New Era For Cyber Crime

The DDoS That Came Through IoT: A New Era For Cyber Crime

A New Era for Cyber Crime

Last September, the website of a well-known security journalist was hit by a massive DDoS attack. The site’s host stated it was the largest attack of that type they had ever seen. Rather than originating at an identifiable location, the attack seemed to come from everywhere, and it seemed to have been driven through a botnet that included IoT-connected devices like digital cameras. This was something special and unusual, and a stark warning about the future of cyber warfare.

The attack was so large and relentless that the journalist’s site had to be taken down temporarily. The exercise of fending off the attack and then repairing and rebuilding was extremely expensive. Given that the target was a writer and expert on online security and cybercrime, the attack was not only highly destructive but also symbolic: a warning to security specialists everywhere that the war has changed.

Chris Sellards, a Texas-based Certified Cloud Security Professional (CCSP) agrees. He points to the sheer volume of IoT connected devices – a number that is growing exponentially, with Gartner forecasting 6.4 billion devices to be connected this year.

PC users have become a little more sophisticated with regard to security in recent years,” Sellards says. “They used to be the prime target when creating a botnet and launching DDoS attacks because they rarely patched their systems and browser configuration settings were lax by default. However, with automatic upgrades and an increased use of personal firewalls and security apps, PCs have become a little more of a challenge to penetrate. Attackers almost always take the path of least resistance.”

Consequently, IoT devices have become the new playground. They are the new generation of connected machines that use default passwords, hard coded passwords, and inadequate patching. The rush to make everything IoT compatible and affordable leaves little time or incentive for manufacturers to build in sophisticated security layers. In addition, there is an innocence factor at play. Who would ever suspect their digital camera, fitness tracker or smart thermostat of being an accomplice to cybercrime?

future-iot

Sellards points out that one of the most interesting aspects of the attack was that GRE (Generic Routing Encapsulation protocol) was used instead of the normal amplification techniques used in most DDoS attacks. This represents a change in tactic specifically designed to take advantage of the high bandwidth internet connections that IP based video cameras use.

These developments have experts like Sellards worried, given the huge – and growing – number of IoT devices that form part of the nation’s critical infrastructure. “If default and hardcoded passwords can be compromised to install malware that launches DDoS attacks, they can also be compromised to launch more nefarious attacks with significantly higher consequences,” he says. It shows IoT installs are insecure and not hardened. They are exposed to the Internet without firewall filtering. “All best business practices we’ve spent decades developing have gone right out the window.” 

IoT in general represents a fascinating new chapter in convenience and communication for businesses and consumers alike. But as all security experts already know, the bad guys never rest. The way in which they discovered and exploited both the weaknesses and the built-in features of IoT shows a creativity and dedication that must never be ignored. Thus the value of a CCSP having a seat at the executive table has just increased exponentially.

For more on the CCSP certification from (ISC)2, please visit their website. Sponsored by (ISC)2.

By Steve Prentice

Ransomware’s Great Lessons

Ransomware’s Great Lessons

Ransomware

The vision is chilling. It’s another busy day. An employee arrives and logs on to the network only to be confronted by a locked screen displaying a simple message: “Your files have been captured and encrypted. To release them, you must pay.

Ransomware has grown recently to become one of the primary threats to companies, governments and institutions worldwide. The physical nightmare of inaccessible files pairs up with the more human nightmare of deciding whether to pay the extortionists or tough it out.

Security experts are used to seeing attacks of all types, and it comes as no surprise that ransomware attacks are becoming more frequent and more sophisticated.

cloud-infosec-ics2

(See full (ISC)2 Infographic)

Security Experts Take Note

Chris Sellards, a Certified Cloud Security Professional (CCSP) working in the southwestern U.S. as a senior security architect points out that cyber threats change by the day, and that ransomware is becoming the biggest risk of 2016. Companies might start out with adequate provisions against infiltration, but as they grow, their defenses sometimes do not grow with them. He points out the example of a corporate merger or acquisition. As two companies become one, the focus may be on the day-to-day challenges of the transition. But in the background, the data that the new company now owns may be of significantly higher value than it was before. This can set the company up as a larger potential target, possibly even disproportionate to its new size.

The problem with ransomware as a security threat is that its impact can be significantly reduced through adequate backup and storage protocols. As Michael Lyman, a Boston-area CCSP states, when companies are diligent about disaster recovery, they can turn ransomware from a crisis to merely a nuisance. He says that organizations must pay attention to their disaster recovery plans. It’s a classic case of the ounce of prevention being worth more than the pound of cure. However, he points out that such diligence is not happening as frequently as it should.

As an independent consultant, Michael has been called into companies either to implement a plan or to help fix the problem once it has happened. He points out that with many young companies still in their first years of aggressive growth, the obligation to stop and make sure that all the strategic safeguards are in place is often pushed aside. “These companies,” he says, “tend to accept the risk and focus instead on performance.” He is usually called in only after the Board of Directors has asked management for a detailed risk assessment for the second time.

Neutralizing The Danger

Adequate disaster preparations and redundancy can neutralize the danger of having unique files held hostage. It is vital that companies practice a philosophy of “untrust,” meaning that everything on the inside must remain locked up. It is not enough to simply have a strong wall around the company and its data; it must be assumed that the bad people will find their way in somehow, which means all the data on the inside must be adequately and constantly encrypted.

tech-news

It is essential to also bear in mind that ransomware damage does not exist solely inside the organization. There will also be costs and damage to the company-client relationship. At the worst is the specter of leaked confidential files – the data that clients entrusted to a company – and the recrimination and litigation that will follow. But even when a ransom event is resolved, meaning files are retained and no data is stolen, there is still the damage to a company’s reputation when the questions start to fly: “How could this have happened?” and “How do we know it won’t happen again?”

As cloud and IOT technologies continue to connect with each other, businesses and business leaders must understand that they own their risk. It is appropriate for security experts to focus on the fear factor, especially when conversing with the members of the Executive, for whom the cost of adequate security often flies in the face of profitability. Eugene Grant, a CCSP based in Ontario, Canada, suggests that the best way to adequately convey the significance of a proactive security plan is to use facts to back up your presentation; facts that reveal a quantitative risk assessment as opposed to solely qualitative. In other words, bring it down to cost versus benefit.

No company is too small to be immune or invisible to the black hats. It is up to the security specialists to convey that message.

For more on the CCSP certification from (ISC)2, please visit their website. Sponsored by (ISC)2.

By Steve Prentice

IoT: Connected Manufacturing Leads To Service as a Product

IoT: Connected Manufacturing Leads To Service as a Product

Connected Manufacturing

A car is driven back to its home garage for the night, and its data port is plugged in. Then, some exciting things happen. First off, the car sends diagnostic information back to the manufacturer to cross-check against any systems that require repair, maintenance, or replacement. The manufacturer then downloads a selection of new driver experiences, including a different acceleration style (choice of sporty or smooth), improved navigation and mapping software, and new stay-in-lane safety features.

This is not a vision of some distant future. These things are happening now with certain brands of cars, and they will expand quickly across much of the retail and industrial automotive landscape. It is a subtle example of the power and diversity of the Internet of Things – the capacity for all types of machines, not simply computers and phones, but every kind of device or tool to communicate, primarily by way of the Internet.

IoT-IDC

(Image Source: IDC)

A vital observation from a business standpoint is the fact that so much of the value of this car company now lies with the transfer of data. The car is as physical a product as ever, but the current that drives everything forward, from design to manufacturing to sales to aftermarket monetization, is data.

Connected Manufacturing

From an outside perspective, the Internet of Things offers an unlimited selection of innovations, ranging from an electric toothbrush that monitors correct brushing style, through to tire pressure sensors in truck fleets to geolocation sensors attached to livestock. The potential for their use is limitless, and this includes on the factory floor. Connected Manufacturing is the industrial application of the Internet of Things. It ushers in a revolution in manufacturing, on par with Ford’s development of mass production and the mid-20th-century development of Just-In-Time logistics.

shutterstock_331211831

(Image Source: Shutterstock)

Proactive analytics, for example, helps a device identify future needs, such as when a part might fail, when it requires service, or when supplies need to be ordered. When the machine itself can dispatch the appropriate commands to a human or another machine, it ensures smooth, safe and economical operation.

Distributed intelligence allows for greater degrees of personalization. In healthcare, medical device dashboards can reflect an individual patient’s information and requirements. At home, an intelligent refrigerator can automatically add needed items to a grocery list or grocery delivery service. In manufacturing, greater capacity opens up for customized production according to an individual customer’s requirement without extensive retooling or downtime. The machines themselves can decide how best to approach the project and self-organize to get each job done.

Intelligence Through Data 

The universal availability of data and its intelligence allows decision-makers, designers, account reps and everyone else in the supply chain to share necessary information, opening up opportunities for enhanced sales and support, improved internal management, customer service, and innovation.

brain-data

Connected manufacturing is a type of cornucopia, a perpetual source of sustenance for every business and manufacturer primarily because of the data that it makes available. But it demands a change in mindset, even for those that deal in heavy tangible goods, since the same intelligence that powers the manufacturing process now modifies the management model.

Companies are now becoming purveyors of information and providers of services. Rather than sell, or even lease a piece of heavy machinery to a customer, a business may realize greater overall revenues by providing services, such as maintenance, training, and supplies. They can attract and retain essential customer data to facilitate up-sells, and innovative aftermarket monetization opportunities. This idea of not selling a product, but retaining ownership of it and delivering services instead, requires significant flexibility on the part of corporate decision-makers, long used to a more traditional approach to commerce and business. It is the result of a chain of processes that starts with the Internet of Things, moves through connected manufacturing and winds up in the service industry.

Business leaders who are contemplating a move into the world of the Internet of Things must ensure their education travels along two streams: first is understanding the sheer diversity and versatility of IOT technologies, and how to implement them into the manufacturing and delivery stream. Second and arguably the most important is the flipped notion of “you-as-a-service.” No matter how tangible or long-standing a company’s products may be, their value now lies in the information halo that surrounds it. Machine-to-machine communication leads to data; data leads to information, and information becomes the key to every company’s future.

For more on this topic, go to http://businessvalueexchange.com, sponsored by Hewlett Packard Enterprise.

By Steve Prentice

The Lurking Threat Called Passivity

The Lurking Threat Called Passivity

The Lurking Threat

What is lurking inside your company’s systems that is making them vulnerable to attack? Hacking, phishing and other types of attacks are often considered to be externally driven, with gangs of anonymous hackers operating from halfway around the world using Internet connections to break in and wreak havoc. But surprisingly, a significant proportion of network security events happen on the inside. Depending on the particular organization or industry, this percentage can range from 35% to 90%. In addition, a significant portion of the vulnerability of any system starts passively—in other words, with features and items that are not active viruses or cracking tools, but whose mere presence eats away at the defenses.

threat-data

Consider busy employees. They have lots to do, and constant distractions pull their attention away from practicing proper computer hygiene. In their haste to get to a meeting or catch a flight, laptops are lost, phones get misplaced and USB drives are borrowed. As convenient as these devices are, much of the data and documentation stored on them is unencrypted. Few people ever choose to assign a password to a Microsoft Word file; it takes too much time. The same goes for other types of passwords, too. It is time-consuming and annoying to change them every two weeks, especially if they are difficult to remember. A proper password should be a string of 16 or more essentially unintelligible characters, but most of us just don’t like to do that.

Dormant Data

Then there are those who are simply not around anymore. People leave, some get fired and others simply get promoted or move elsewhere. This results in many dormant user accounts lurking in the depths of the system. Still more accounts may never have been activated. They sit there, with their default passwords invisible due to inactivity, a fertile place for sophisticated thieves to set up shop and establish a back door.

dormant-data

(Image Source: Shutterstock.com)

Some employees access files, directories or other areas by accident, assigning documents to the wrong drives, clicking on the wrong link or simply not knowing what they are doing. Such mistakes are not the fault of the individual. Many people have never been able to bring their degree of computer literacy up to an adequate level. Even those who are familiar with password changing regimens, and who do not use a stranger’s USB drives, may be unaware of sinister activities such as Wi-Fi website spoofing, for example. This happens when the free Wi-Fi login for an honest-to-goodness coffee shop is replaced or overshadowed by a sophisticated reproduction working in the same hotspot, inviting workers to share everything on their mobile devices with them.

These actions may fly under the radar, especially when security does not or cannot maintain sufficient definitions of “correct” or “normal” activity on a network. Security specialists themselves often do not have the resources to adequately police internal activities, even when a budget has been established.

Malignant Operators

It is evident that none of these human-sourced weaknesses are the result of a specific virus or action. They are generally passive in nature, relying on the fact that people are both goodhearted and under great pressure. However, these activities are the types that offer safe harbor to malignant operators, who either hack in and sniff out these soft spaces or already work within the organization and are intent on sabotage or espionage.

Network security will always be an ongoing battle. The enemy is relentless. That’s why a strategy must come from the top. It should focus not solely on technical solutions, but also on human elements such as time management, planning and communication, backed up with adequate and ongoing training. For as distanced as these soft skills seem to be from the digital world of computers, they are the levers by which the bad guys force open a crack and move inside.

For more on this topic, go to businessvalueexchange.com, sponsored by Hewlett Packard Enterprise.

By Steve Prentice

Security: The Goodwill Virus That Keeps On Giving

Security: The Goodwill Virus That Keeps On Giving

The Goodwill Virus

When Caitlyn Jenner officially introduced herself to the world by way of a Vanity Fair cover story in June 2015, the event was unique not only for the groundbreaking content but in the way it was produced. It delivered a very powerful lesson about computer security for corporate decision-makers in all industries. Given that the story was so exclusive, it was written and produced on a single laptop computer that was kept off-line, and separated from networks and the Internet. The finished product was hand delivered, essentially turning the computer back to the type of standalone PC that has become virtually unheard of in the Wi-Fi era.

unplugged-connected

The extremes to which the Vanity Fair team had to go to ensure secrecy are not, of course, practical in day-to-day business, but they illustrate the gaping holes that exist in network security generally, despite the efforts of a global army of highly trained and knowledgeable security specialists. Whether it is access to an exclusive story or a company’s client list or confidential data, the enemy is not only at the door; it is also relentlessly seeking to break it down, dissolve it, remove it or skirt it. The enemy is always trying to get in.

One of the most significant threats to an organization’s data security comes in the form of human goodwill. Put another way, it is a natural tendency for most people to act in an honest, trusting manner, focused on just getting their work done. This human weakness essentially lurks inside the networks and databases of organizations, passive and innocent, waiting to be preyed upon.

BYOD Security Concerns

BYOD is a perfect example of this. Employees the world over rejoice at the concept of being able to use their own devices to keep up with the tasks, documents and emails of daily life. To access company files from a centralized folder system, or to check calendars and email from a mobile phone, or from a free public Wi-Fi space at a coffee shop or airport, seems to make life a little easier.

Yet these are precisely the types of activities that make IT security specialists cringe. Personal mobile phones seldom have the up-to-date security features required to prevent a hacker from making the leap from that device into the arteries of a company’s central network. A personal smartphone can spend half its time as a business tool, with the other half as a device of leisure. As a result, individual apps and games rub shoulders with sensitive corporate information, and such contact is a fertile breeding ground for infection.

Recharging Stations

recharging-stations

(Image Source: Shutterstock)

Shopping malls, airports and hotels offer charging stations for smartphones. Busy people gravitate to them with relief once they see their battery power start to drain. These same people would never think of taking a drink from someone else’s bottled water. They would never double-dip their tortilla chip at the office party. Yet they do not think twice about plugging their phone into a free, public charging station or hotel docking station. These charging jacks can potentially deliver far more than an electrical charge, though. Like many other points of connection in the world, the task we expect it to do is the only one we think about. In most cases, though, there is far more that it can and will deliver.

Passwords

Innumerable case studies exist of inadequate password maintenance, including passwords not modified after a security sweep and upgrade. People do not see past the immediate task to realize that actions, messages and keystrokes last forever. A bad guy can easily connect a mislaid password to an email, and then to a Facebook posting, building a profile with which they can impersonate someone, or send a distracting or troubling message that opens the door.

Most people are, by nature, trusting and good. This is an exploitable weakness. As a society we have trained our children to be aware of strangers, to be aware of allergy-inducing foods, and to be sensitive to harmful language and behavior in the classroom. Yet the busy-ness of the workplace has suppressed this vigilance among adults in general. Consequently, we use technological conveniences such as USB drives, insecure phones, and file-sharing technologies to counter the never-ending pressure of time and deadlines.

Corporations must look extremely closely at implementing a separation of personal and corporate devices and information. It may be important, even essential, to respect a BYOD policy as an employee’s right, but the price for such convenience comes in the form of doubled, or even tripled, vigilance and hygiene, paired with regular updates and physical training.

A great deal of the bad stuff that happens to our network systems and our companies is human-made, as opposed to a malignant technical failure. As such, it is up to humans to bolster their immunity not only physically, but intellectually. This demands a higher standard of mistrust and precaution, from the simplest text message, upwards to every activity that follows.

For more on this topic, go to businessvalueexchange.com, sponsored by Hewlett Packard Enterprise.

By Steve Prentice

Hybridization: A Mindset Approach

Hybridization: A Mindset Approach

The Social Data Cloud

One of the most amazing attributes of the cloud and its related technologies is its sheer openness. New companies and ventures spring up daily, fueled, in some cases, by one single good idea. They launch first and then seek out operating capital through angels or crowdfunding afterward.

This is a whole new ballgame. In a similar vein, employees of established companies seek more flexible work hours, ask to use their own technologies, and turn to the cloud as the central place for meetings, communication and access to data. This too, is a whole new ballgame.

King Data

shutterstock_250632115

(Image Source: Shutterstock)

Organizations worldwide are learning that the hierarchies and silos of yesteryear are very quickly becoming redundant and obsolete. Data is king, and agility is essential. Such statements aren’t mere prognostications of a distant future; they are observations of an existing global marketplace, in which customers in both retail and industrial markets expect a complete and consistent experience across any channel they wish to use, from the desktop through to smartphone.

IT has always been in the middle of every corporate venture, but in this new age, it has become time to make a fundamental shift from focusing on IT to focusing on what can be done with IT. This is an amazing catharsis. It moves from physical, tangible elements to “ideas and potential.” Slowly, more and more organizations are recognizing that they must, and can, meet their strategic business objectives as well as provide better service to customers through an open concept approach, both inside and outside their walls.

Cloud Hybridization

The hybridization of the cloud is both timely and essential. Decision-makers must let go of the mindset of singularity, and the notion that they must constrain all data, all ideas, and all power inside a single building or department. Hybridization refers to a division of processing power, data storage, mission-critical applications and customer interaction between internal, private, and externally managed clouds.

merging

Many analysts point to success stories like Uber and AirBnB, as companies who essentially own no hard assets, but who have changed the face of business permanently. But many other organizations also exist as case studies, who have slowly and carefully embraced cloud-based applications for their field agents, and for their suppliers, while developing collaborative workspaces internally. These organizations exist in every single market sector, from construction and manufacturing through to retail and professional services.

Turning Your Back On Social Media

It is all a matter of mindset, and this springs in part from trust. For example, many decision-makers still distrust social media as an irrelevant and frivolous waste of employee time. They fail to observe its ability to reinforce one of the oldest and most stable concepts of business development: a direct connection to, and understanding of the customer. This same trust-challenge extends into enterprise-level problems such as determining the choice of cloud systems. It is very human to resist change, especially when the speed of change has increased from decades to months or even weeks. How can any executive group hope to create a five-year plan when the sands shift so frequently?

cloud_78

Although many companies are now working on their transition to hybrid cloud and virtual technologies as core business applications, many others still struggle with the decision. There is much to learn, much to test, and many miles yet to travel.

Those that have succeeded, even if that path to success include some stumbling and some failure, have recognized that in addition to breaking down the walls and silos of technology, one must also break down the silos and walls of human interaction. This means allowing representatives from every department, not only IT, to work together to identify challenges, discuss solutions and implement change.

The hybridization of business points not only to the choice of technology, but to a hybridization of mindset and attitude. That should be seen as a very exciting concept.

For more on this topic, go to businessvalueexchange.com, sponsored by Hewlett Packard Enterprise.

By Steve Prentice

CloudTweaks Comics
Cloud Computing – The Game Changer

Cloud Computing – The Game Changer

Global Cloud Index In October, Cisco released its Global Cloud Index (GCI) report for 2014-2019, projecting a near 3-fold growth of global data center traffic, with predictions that this traffic will reach 8.6 zettabytes (cloud data center traffic) and 10.4 zettabytes (total data center traffic) per year in 2019 and 80% of it will come…

Five Cloud Questions Every CIO Needs To Know How To Answer

Five Cloud Questions Every CIO Needs To Know How To Answer

The Hot Seat Five cloud questions every CIO needs to know how to answer The cloud is a powerful thing, but here in the CloudTweaks community, we already know that. The challenge we have is validating the value it brings to today’s enterprise. Below, let’s review five questions we need to be ready to address…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

The Monstrous IoT Connected Cloud Market

The Monstrous IoT Connected Cloud Market

What’s Missing in the IoT? While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies continue to battle to decide who will be the epicenter of the smart home of the future, creating separate ecosystems (like the iOS and Android smartphone market) in their wake.…

Five Signs The Internet of Things Is About To Explode

Five Signs The Internet of Things Is About To Explode

The Internet of Things Is About To Explode By 2020, Gartner estimates that the Internet of Things (IoT) will generate incremental revenue exceeding $300 billion worldwide. It’s an astoundingly large figure given that the sector barely existed three years ago. We are now rapidly evolving toward a world in which just about everything will become…

Cloud Infographic – The Future (IoT)

Cloud Infographic – The Future (IoT)

The Future (IoT) By the year 2020, it is being predicted that 40 to 80 billion connected devices will be in use. The Internet of Things or IoT will transform your business and home in many truly unbelievable ways. The types of products and services that we can expect to see in the next decade…

5 Surprising Ways Cloud Computing Is Changing Education

5 Surprising Ways Cloud Computing Is Changing Education

Cloud Computing Education The benefits of cloud computing are being recognized in businesses and institutions across the board, with almost 90 percent of organizations currently using some kind of cloud-based application. The immediate benefits of cloud computing are obvious: cloud-based applications reduce infrastructure and IT costs, increase accessibility, enable collaboration, and allow organizations more flexibility…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

The Industries That The Cloud Will Change The Most

The Industries That The Cloud Will Change The Most

The Industries That The Cloud Will Change The Most Cloud computing is rapidly revolutionizing the way we do business. Instead of being a blurry buzzword, it has become a facet of everyday life. Most people may not quite understand how the cloud works, but electricity is quite difficult to fathom as well. Anyway, regardless of…

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology Profiling 600 companies and including 553 supporting tables and figures, recent reports into the M2M, IoT and Wearable Technology ecosystems forecast opportunities, challenges, strategies, and industry verticals for the sectors from 2015 to 2030. With many service providers looking for new ways to fit wearable technology with their M2M offerings…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…

Beacons Flopped, But They’re About to Flourish in the Future

Beacons Flopped, But They’re About to Flourish in the Future

Cloud Beacons Flying High When Apple debuted cloud beacons in 2013, analysts predicted 250 million devices capable of serving as iBeacons would be found in the wild within weeks. A few months later, estimates put the figure at just 64,000, with 15 percent confined to Apple stores. Beacons didn’t proliferate as expected, but a few…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…

How To Overcome Data Insecurity In The Cloud

How To Overcome Data Insecurity In The Cloud

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…