Category Archives: Contributors

The Next Wave of Cloud Computing: Artificial Intelligence?

The Next Wave of Cloud Computing: Artificial Intelligence?

Cloud Computing and Artificial Intelligence

Over the past few years, cloud computing has been evolving at a rapid rate. It is becoming the norm in today’s software solutions. Forrester believes that that cloud computing will be a $191 billion market by 2020. According to the 2016 State of Cloud Survey conducted by RightScale, 96% of its respondents are using the cloud, with more enterprise workloads shifting towards public and private clouds. Adoption in both hybrid cloud and DevOps have gone up as well.


The AI-Cloud Landscape

So where could the cloud computing market be headed next? Could the next wave of cloud computing involve artificial intelligence? It certainly appears that way. In a market that is primarily dominated by four major companies – Google, Microsoft, Amazon, and IBM – AI could possibly disrupt the current dynamic.

In the past few years, there has been a surge of investment in AI capabilities in cloud platforms. The big four (Google, Microsoft, Amazon and IBM) are making huge strides in the AI world. Microsoft is currently offering more than twenty cognitive services such as language comprehension and analyzing images. Last year, Amazon’s cloud division added an AI service which lets people add analytical and predictive capabilities to their applications.

The current AI-cloud landscape can essentially be categorized into two groups: AI cloud services and cloud machine learning platforms.

AI Cloud Services

Example of AI cloud services involve technologies such as Microsoft Cognitive Services, Google Cloud Vision, and IBM Watson. In this type of model, organizations incorporate AI capabilities in applications without having to invest in expensive AI infrastructures.

Cloud Machine Learning Platforms

On the flip slide, there are cloud machine learning platforms. Machine learning is a method of data analysis which automates analytical model building. It enables for computers to find patterns automatically as well as areas of importance. Azure Machine Learning and AWS Machine Learning are examples of cloud machine learning platforms.

IBM and Google Making Waves


Recently IBM and Google having been making news in the AI realm and it reflects a shift within the tech industry towards deep learning. Just last month, IBM unveiled Project DataWorks, which is supposedly an industry first. It is a cloud-based data and analytics platform which can integrate different types of data and enable AI-powered decision making. The platform provides an environment for collaboration between business users and data professionals. Using technologies like Pixiedust and Brunel, users can create data visualizations with very minimal coding, allowing everyone in the business to gain insights at first look.

Earlier this month at an event in San Francisco, Google unveiled a family of cloud computing services which would allow any developer or business to use machine learning technologies that fuel some of Google’s most powerful services. This move is an attempt by Google to get a bigger foothold in the cloud computing market.

AI-First Cloud

According to Sundar Pichai, chief executive of Google, computing is evolving from a mobile-first to an AI-first world. So what would a next-generation AI-first cloud like? Simply put, it would be one built around AI capabilities. In the upcoming years, we could possibly see AI being key in improving cloud services such as computing and storage. The next wave of cloud computing platforms could also see integrations between AI and the existing catalog of cloud services, such as Paas or SaaS.

It remains to be seen whether AI can disrupt the current cloud computing market, but it will definitely influence and inspire a new wave of cloud computing platforms.

By Joya Scarlata

Where Are Your Users Learning About The Birds And The Bees Of Cloud?

Where Are Your Users Learning About The Birds And The Bees Of Cloud?

Clouding Around

Where did you learn about the birds and bees – from your adolescent peers? How did that work out for accuracy? Today it’s from peers and the Internet. The same is true for your users and the cloud with the same sometimes disastrous consequences. You’re the CIO, shouldn’t they be learning cloud from you? Stop lamenting like Rodney Dangerfield how IT gets no respect. Step up and reach out.

Cloud use is spreading rapidly but most of your users have a vague or misguided concept of what cloud really is and its promises and pitfalls. Want proof? Often quoted are Gartner’s Top Ten Cloud Myths. But that is just scratching the service. A little digging reveals lots of misconceptions about SaaS, like here and here. Even your peers on the management committee hold foggy notions of how it works but are reluctant to admit it. Instead, they echo some of the buzzwords, quote an article they read in the WSJ, etc. Let’s face it. Your firm is already pregnant with cloud. Why not take a page from what your peers do and get ahead of the curve.

Your head of HR works hard at building and executing an education program for the company’s staff. It’s designed to encompass the many different facets of management and leadership to facilitate employees’ progress. It also points out all the policies and laws that need compliance. Attendance and regular testing is mandatory and for good reason. To grow, your firm needs knowledgeable leadership and a strong culture. To stay out of trouble, employees need to understand the firm’s and society’s norms and boundaries.


Your CFO does the same. Folks are regularly exposed and held accountable to the business metrics and methodologies used to manage and steer the enterprise. The how and why you do what you do is critical for staff to understand, if the firm is going to reach its goals. Likewise, there are a lot of regulations where compliance is essential. They range from those covering all businesses, like SOX or FCPA, to those that are industry specific, like HIPAA or Dodd-Frank.

It’s a good bet that your operations, marketing, and other functions in the company do the same: provide development and tools for success while also pointing out the guard-rails between which actions can be taken in accord with company culture and society norms.

What are you doing for IT leadership? Let’s guess. Odds are you focus on the guardrails. You teach them good passwords, how to avoid phishing emails, perform safe browsing, use corporate data on their mobile devices, etc. All worthy topics but that’s not the half of it. As the fundamentals of your business become increasingly digital they are spending buckets of money on cloud computing. Who is teaching them about cloud? Who is helping the company’s staff make good decisions and avoid bear traps in cloud?

Safe bet it is not you. SaaS vendors go right around you directly to them. Their peers and buddies during meetings and conferences buzz about the latest cloud-based tool – and it’s even free to try! You turn around and surprise, everyone is on and they are asking you to link it to your old Oracle order management system.

Why not get ahead of the curve and emulate your peers. Teach your users about cloud. Give them the basics, dispel the myths and paint relevant case studies to your industry and environment. Give them the big picture, too. Cloud is pretty prominent in the press these days: all the way from how everyone can use it to how it is transforming whole industries.

NetSuite is bought by Oracle. elects to use AWS. Workday announces they will use IBM’s cloud for development. Is any of this relevant for your enterprise? Why not write a short note to all users or a post on your internal social media giving your point of view? Are you too busy to write something? Send a link to an article of blog post you particularly liked.

Make yourself the “go to” guy when different parts of the company contemplate using cloud. Do it for the company and do it for you. The CIO and IT’s role are changing and you need to negotiate a difficult path. Some even predict the CIO position will disappear. Nothing is certain but wouldn’t it be better if your users viewed you as a valuable and essential member of the team?

(Originally published Oct 13th, 2016. You can periodically read John’s syndicated articles here on CloudTweaks. Contact us for more information on these programs)

By John Pientka

Effective Security Management In A Software Defined World

Effective Security Management In A Software Defined World

Effective Security Management

Software defined infrastructure (SDx) along with use of private and public cloud technology is completely changing the way IT departments manage enterprise data centers and application workloads. Automation is a key component of software defined networking (SDN), bringing network, server, storage, security management and other IT functional teams together to transform the data center from a hardware-focused to an application-focused environment.

In the past when organizations deployed new applications, the application owner needed to collaborate with several disparate teams. For example: one team was responsible for installing the required server hardware and operating systems, another team was responsible for connecting the new servers to the network, and yet another team was responsible for provisioning the security and firewall rules.


It was as if the stars, planets and moons (or in this case all the functional teams) had to align in order for all of the necessary components to be provisioned. Then, and only then, could the application owners’ start using the new infrastructure. The result of all these tasks was it would take weeks or even months before the infrastructure was ready and the new application could start to be rolled out.

Today, private and public cloud infrastructures allow IT to automate these manually intensive operations; virtual machines are dynamically created and deployed, operating systems are quickly and easily provisioned, and connecting new services to the network is streamlined and automatic. As a result, pre-configured templates of commonly used and well defined services are available to the application owner. With a single click on a self-service portal, applications can now be quickly provisioned across multiple data centers, within or among private and public clouds.

In this software defined world where new apps are instantly created or moved to a different location as the infrastructure gets provisioned, changed and elastically scaled based on demand, security officers are challenged to enforce security policies and retain full visibility of security incidents. In fact, security often lags far behind the application developer’s ability to provision new infrastructure since traditional security controls remain fixed at protecting the network perimeter and don’t easily extend into the highly dynamic and automated software defined infrastructure. As such, security remains a key challenge for organizations looking to get full visibility and control of their threat landscape and plug any vulnerabilities in their cloud-based environments.

It turns out the keys to getting control back are creating dynamic security policies, API scoping and security management consolidation.

Creating Dynamic Security Policies

Dynamic security policies in modern networks are achieved by close integration with network virtualization and public IaaS solutions like VMware NSX, Cisco ACI, OpenStack, AWS or Microsoft Azure. By tightly integrating with these solutions, objects defined by those systems such as groups and tags can be learned and utilized in network security policies. This allows for the creation of dynamic security policies where changes in the software-defined environment are immediately translated and instantly reflected into an effective and active security policy that is applied to all traffic automatically – without human intervention.


Exposed or published APIs in popular SDN or cloud services controllers provides the logical integration point for creating dynamic security policies. Data defined by the controller – such security groups, VM or host names, tags, and more – can be exchanged with network security tools to create meaningful context for both security personnel and network administrators. Now, instead of arbitrary or meaningless IP addresses, the security in a software-defined network can leverage meaningful information about the network to ensure the right policies always follow application data and workloads – wherever they go.

Additionally, leveraging and populating this contextual information in log files gives security admins the ability to better understand and investigate any security incident. Security solutions for cloud-based networks must be able to integrate with leading cloud and network virtualization tools to not only provide advanced threat protection for both east-west and north-south traffic but also make use of dynamic cloud and other SDN objects in the security policy and logs for effective security management.

API scoping

In order to completely automate the deployment of new applications, organizations need to grant developer’s access to APIs that in many cases involve modification of security policies. It is vital to ensure this access is scoped or limited appropriately; otherwise, a mistake by a developer could potentially alter the security policy of the entire organization making it vulnerable to threats.

Scoping access to APIs example:

The printer admin use an app to add printers to the network. In doing so, this involves modifying firewall rules using an API. The security policy must ensure that the printer application can only add new printers – nothing else – and is only permitted within relevant network segments.

Incorporating sub policies in the security management solution is the best way to allow scoping API access down to a rule level, thus eliminating the possibility of inadvertently modifying the security posture and exposing the entire organization to new threats. This also ensures delegation of administrative duties down to specific use cases to streamline security management while maintaining oversight of all activities.

Security Management Consolidation

Consolidation of management functions is necessary to gain complete and holistic visibility of security policies and incidents across the entire organization’s infrastructure. Without management consolidation incidents are difficult to identify, correlate and analyze across the various cloud networks, making it operationally impossible to secure these environments.

The new software-defined infrastructure is complex, constantly changing and being driven by functional teams who don’t always understand the security implications that come from defining new infrastructure. In addition, organizations still have physical or legacy networks to maintain. It is now more difficult than ever to get a handle on not only where data center traffic goes – north-south, east-west, virtual and physical, private and public cloud – but how exposed an organization’s infrastructure is to vulnerabilities and threats.

Cloud-based security solutions must be able to provide customers with a unified solution that consolidates policy management, visibility and reporting across private and public clouds – all from a single pane of glass. It should be intuitive and scalable enough to handle security deployments wherever customer data goes while providing detailed analysis and correlation of security events across the entire enterprise network.

By Yoav Shay Daniely

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption

No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the adoption of new technologies such as the cloud. Keeping data on-premise has long-been considered to be the more secure option; however, ever-increasing incidents of hacking, data breaches and even cyber terrorism within government entities from the IRS to most recently, the Office of Personnel Management (OPM), indicate that change is needed, and fast.

Slowly, but surely, a technology revolution is taking place within the public sector. Due in large part to the introduction of the Obama administration’s “Cloud First” policy in late 2010, the establishment of the Federal Risk and Authorization Management Program (FedRAMP), a standardized approach for conducting security assessments, authorizations and monitoring for cloud technologies, as well as innovations in cloud offerings themselves, cloud adoption among federal agencies is taking off. The General Services Administration (GSA), Department of the Interior (DOI), the Department of Agriculture (USDA), NASA, and even the Central Intelligence Agency (CIA) and NSA are just a few of the many agencies who have embraced cloud solutions in recent months and years. Further, with IDC’s recent Federal Cloud Forecast projecting sustained growth through 2018, the public sector is nearing its tipping point in cloud adoption.

Should this trend continue as expected, below are three reasons that cloud adoption can be the answer to close the federal government’s technology gap.

Availability of Clear Guidelines for Cloud Adoption

In the past, government agencies lacked a clear roadmap for evaluating and selecting authorized cloud providers, making it difficult for the technology to break through in the federal sector. According to the FedRAMP website, this resulted in, “a redundant, inconsistent, time-consuming, costly and inefficient risk management approach to cloud adoption.”

The introduction of FedRAMP has provided agencies with much-needed guidelines and structure to accelerate the use of cloud technology in all facets of the government. Today, cloud systems are authorized in a defined (and repeatable) three-step process: security assessment, leveraging & authorization, and ongoing assessment & authorization. Among its benefits, the federal program estimates that its framework will decrease costs by 30-40 percent and will reduce both time and staff resources associated with redundant cloud assessments across agencies.

Incentives to Focus on Cyber-Security

In October 2015, U.S. federal government CIO Tony Scott professed his support for the cloud during a Google at Work webcast, saying:

I see the big cloud providers in the same way I see a bank. They have the incentive, they have skills and abilities, and they have the motivation to do a much better job of security than any one company or any one organization can probably do.”

He’s right, and his comments represent a stark departure from the general consensus in the public sector just a few short years ago. Applying the same security measures and best practices to legacy, on-premise solutions requires both time and significant spend—both of which the government lacks. The competitive nature of the cloud business in recent years has challenged providers to adopt agile security practices, resulting in solutions that are secure, reliable and execute seamlessly. From email management systems to data storage services, continued cloud adoption at the federal-level will enable agencies to achieve long-term benefits that will eventually be impossible to achieve with on-premise systems, including advanced cybersecurity capabilities, guaranteed business continuity, as well as enhanced performance management functionality.


Bring Greater Efficiency in IT Spending

In February 2015, the International Association of Information Technology Asset Managers (IAITAM) released a report criticizing the U.S. government on its IT spending. The report suggested that while the federal government spends over six times more on IT per employee than its private sector counterpart, it also wastes 50 percent of its more than $70 billion IT budget due to a lack of standardization and controls. Combined, these factors have created a breeding ground for IT failures and exploits from threats inside and outside government walls. This is further indication that the existing status quo is inefficient and is putting the government (and U.S. citizens) at risk.

Over time, leveraging the “pay-as-you-go” model of the cloud, federal sector can decrease its IT spending, creating new efficiencies. Software and application management for example, which requires abundant resources to oversee in on-premise deployments, is virtually eliminated with a cloud-based solution. From business continuity and software maintenance to eventually, compliance and IT risk-related activities, the onus, falls on the cloud provider, not the customer. Thus, federal IT workers are freed up to focus on more mission-critical initiatives, rather than spinning wheels on inefficient technology, programs and processes.

While it will take some time before the cloud truly takes off in the federal sector, it’s hard to ignore the benefits that both the private sector and forward-thinking government agencies have seen with the technology to date. The time is now to make a change for good. If the U.S. wants to be viewed as one of the most technologically advanced nations in the world, it’s prudent that the government itself practice what it preaches, doing what’s needed to establish the country as a leader, rather than a follower, in this rapidly-evolving digital age.

By Vibhav Agarwal

The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance 

With technology at the heart of businesses today, IT systems and data are being targeted by criminals, competitors and even foreign governments. Every day, we hear about how another retailer, bank or Internet company has been hacked and private information of customers or employees stolen. Governments and oversight organizations are responding to these attacks with calls for tighter control and regulations, from the Society for Worldwide Interbank Financial Telecommunication (SWIFT) beefing up its requirements for members to new proposed regulations targeting financial institutions in the State of New York. It is no wonder that as enterprises embrace the public cloud to run their critical applications, (See image) compliance remains one of the top concerns.

Biggest Barriers Holding You Back


Enterprises used to regard IT compliance audits and certifications, e.g., HIPAA for hospital IT systems or PCI DSS for banks and e-commerce companies, primarily from the perspective of staying on the right side of the law. But this is changing – companies across all industries are now willing to spend on IT security and compliance, not only to deal with legal requirements but also to win customer trust and ensure that they don’t make headlines for the wrong reasons.

Security and compliance in public-cloud environments are fundamentally different from private datacenter security. Old techniques and controls (e.g., connecting to physical switch TAP/SPAN ports and sniffing traffic, installing gateway firewalls at perimeters) do not work in the cloud any more. With compliance playing a key role in IT security and governance, it is important to keep a few guidelines in mind when it comes to managing public-cloud environments.

1. Start with a dose of security common sense: Common data and information security best practices lie at the heart of compliance standards such as HIPAA and PCI DSS as well as of security frameworks such as the CIS Benchmarks for Amazon Web Services (AWS). For example, compliance rulesets for cloud environments typically stipulate password policies, encryption of sensitive data and configuration of security groups. Enterprise IT and security teams would do well to incorporate these rules into their security management, irrespective of compliance requirements.

2. Remember the shared-responsibility model: Public cloud providers such as AWS follow a shared-responsibility model; they manage the security of the cloud and leave security in the cloud (environment) to the customer. These clouds have invested heavily to build security into their products and develop customer confidence. AWS has robust controls in place to maintain security and compliance with industry standards such as PCI and ISO 27001. In going from datacenters to public cloud environments, security administrators need to understand what aspects of security compliance they are responsible for in the cloud. This requires cross-functional collaboration between the operations and security teams to map the security controls in the datacenter to those in public-cloud environments.

3. Stay compliant all the time: In the software-defined world of public clouds, where a simple configuration change can expose a private database or application server to the world, there are no second chances. Enterprises are going from periodic security checks to continuous enforcement and compliance. Businesses that develop and deploy applications in clouds need to bake security and compliance checks into the development and release process. A software build that causes a security regression or does not meet the bar for compliance should not be released to a product environment. Enterprise IT needs to ensure that the tools they use for compliance monitoring and enforcement allow them to check applications for compliance before they are deployed.

4. Automate or die: Manual security and compliance processes don’t work in the dynamic, scalable world of the public cloud. When a business’ cloud environment spans hundreds or thousands of instances across accounts, regions and virtual private clouds, just the process of gathering the data required to run a compliance audit can take days or weeks, driving up the time to compliance and increasing the risk of errors. Even a team of qualified security personnel may not be able to detect vulnerabilities and respond in a timely manner. Automation is key to survival in the public cloud. It is no wonder that Michael Coates, the trust and infosec officer of Twitter, said “Automate or die. This is the biggest thing I stick by in this day and age.” In selecting the tools to manage compliance in cloud environments, enterprise IT must regard automated data aggregation, compliance checking and enforcement of security gold standards as table stakes.

5. Don’t just find it, fix it: There is an abundance of security-monitoring products in the market today that allow administrators to find security misconfigurations and vulnerabilities but do not offer the control to fix these issues. These tools are limited in scope and utility and force enterprise IT to use a patchwork of tools to manage the security and compliance lifecycle. Businesses should pick comprehensive “find it, fix it, stay fixed” platforms that do not stop at identifying issues with the environment but offer the tools required to fix them and put safeguards and controls in place to ensure that security best practices are enforced.

Public clouds are transforming the world of enterprise IT by offering unprecedented agility and a pay-as-you-grow operational model. Clouds are also changing the rules of the game for IT security and compliance management by offering new controls and capabilities. The tools and processes that served IT well in datacenter environments will not work in the public cloud. It is time for security and compliance to be transformed as well.

By Suda Srinivasan, Vice President of Growth at Dome9

suda_dome9Suda is the Vice President of Growth at Dome9, where he oversees marketing and customer growth. Prior to Dome9, Suda held a senior marketing role at Nutanix where he was responsible for defining, communicating and driving the execution of the go-to-market strategy for the company’s enterprise cloud platform. Suda is a seasoned leader with extensive experience in technology, having worked in engineering, strategy consulting and marketing roles at Nutanix, Microsoft, Coraid and Deloitte

5 Ways Cloud-based Tools Can Help Accountants Escape The IT Treadmill

5 Ways Cloud-based Tools Can Help Accountants Escape The IT Treadmill

Accountant Cloud Tools

Digital tools and software have become an inseparable part of any accountant’s profession. There are software for almost every need of accountants. From managing payrolls to filing taxes, technology is able to automate them and offer a great simplicity to the accountants. Now to maintain the best of productivity and remain competent in the market, it is important for the accountants to find a solution that avails the optimum utilization of the available accounting tools. This is where cloud solutions come in handy for the accountants.

Cloud accounting or online accounting allows you to run the applications and store the accounting data on a remote server for better accessibility, agility, features and more. Here are some detailed benefits that accounting professionals can gain by switching to cloud-bases software:

  1. Streamlined Integration

The software market has a number of options to offer that need to be integrated together to deliver a reliable accounting automation. For example, a fine amalgamation of ship tracking, inventory management, CRM, ERP, and accounting software is required automate the all-end accounting of a manufacturing business. Considering that you are using the desktop version of these software, there are inevitable challenges you would be facing. Limitations of the local server resources (memory, storage, processing speed, etc.) to first of those challenges. Then on, specification necessities with Operating System and cross-compatibility factors are further hassles one needs to deal.


Going with the cloud-based accounting software allows an ease of scalability for resources as required. So, you can choose resources and upscale or downscale them as you add or remove any accounting tool. Moreover, the integration between different tools is easier as the specification requirements of the local machine don’t hold significance anymore. Self-governed version upgrades add more convenience to the integration capabilities of the cloud.

  1. Enhanced Automation

Offline software may be able to process the information and commands, once provided. However, information update is mostly a manual task with offline software, which limits the ability to pace up the processing and chances of error with the information are higher. Also, with the growth in online transaction and payment mediums, the necessity for the instant, remote, and automated update has also grown. Think about it – a sales order is received and updated on CRM, now your accounting software, banking applications, and inventory management software will have dependent actions to take. So, you will have to update them all separately.

Integrate on the same platform, and all the actions (update the sale on CRM, the books on accounting software, status on inventory tool and payment verification in banking app) can be processed automatically. This automation takes off the chances of delay and errors significantly.

  1. Better Workforce Distribution

Managing the entire accounting operations for a business or a number of clients is a herculean job and therefore, various tasks are distributed for timely and smoother actions. To and fro of the email exchange, multiple copies of the same files, limited control and tracking of the changes made by different users – these are some of the hassles that traditional accounting setups face.

Cloud-based applications have a great advantage in managing a large number of users working together. Firstly, admin holds the right to create and restrict the access of different users. Then, it also allows different users to work on the same file at the same time, even from different locations. So, the chances of file redundancy, storage limitation, and sharing hassles are nullified. At the same time, user tracking remains enabled to track which user made what changes and you can even recover changes if required. So, the task assigned to the workforce is immensely simplified and to enhance the productivity.

  1. More Secure and Reliable

As mentioned in the above section, cloud-based tools are centralized under the surveillance and control of the admin. It allows a reliable control on all users and the automated integration of different tools reduces the chances of errors and delays. But that is not all that cloud has to offer for the accounting solutions. Cloud technology rides on the automated backup and data protection advantages.

Most of the cloud-based tools enable multiple backups of the latest data to keep it available in case of any data loss – be it a manual mistake or a natural disaster. Further secured with the encryption, firewall, and other security features, it offers an impeccable environment for running accounting applications and storage of the data.

  1. There’s More Saving

The first and biggest saving that cloud introduces is that it does not require any dedicated local machines and servers to run applications. Since hardware makes one of the biggest expenses, cloud saves the significant amount. But the savings do not end with it. Cloud computing solutions save plenty on the maintenance, upgrading and other IT expenses. As most of the hardware remain with the hosting provider, its maintenance is their task. Serving a larger group of the hardware for a number of clients, the overall charges are much lower at the hosting provider’s end.

Other factors that contribute to the cost-cutting with cloud are because of reduced local infrastructure and on-the-go accessibility, which enables the modern work cultures, such as – BYOD and Work from Home. With so many of the ways available to save money, no accounting professional would like to miss on them.

Wrapping Up

Technology gifts simplicity of use even with the most complex operation. Cloud has been doing that to a number of industries. Accounting is one of the industries that adopted it quite late, but its potential is immense. Citing which the shift to cloud solutions is noticeable and still growing. If you are still not sure if the cloud is a fine choice, you are probably going to miss out on a lot of opportunities.

By Kirti Khanna

If Not Managed Correctly, The Cloud Can Cost An Organization

If Not Managed Correctly, The Cloud Can Cost An Organization

Cloud Application Management

When organizations implement cloud applications, they do so as a means to be more efficient and in the hopes of saving a great deal of money. What many organizational leaders often don’t realize is that they need some type of solution to help them manage these applications in the background for them to be successful. Without some way to properly manage cloud applications, organizations can actually spend a great deal of time and money to have someone manually managing these processes, rather than saving them time and resources.

While the management of cloud applications doesn’t sound difficult, it is very time consuming. Think about an organization that has frequent movement of employees or has temporary employees working there. To create accounts for each of these employees and make changes when needed, often requires a full-time admin. For the admin, they can quickly become overwhelmed with work and calls for changes to accounts, which can leave them no time to handle other more technical or important projects.


The management of these applications not only effects admins, but also has an effect on other groups. The organization as a whole — the helpdesk or admin and the end users — are all affected. For example, the organization and its managers are concerned with how much the overall cost and ROI is of the technology that they use and how efficiently everything works. If the cloud is not managed correctly it can end up costing more time and money for the organization.

And, of course, what about the end user? They want to be able to access what they need quickly and efficiently and have any changes to their accounts or access made in a timely manner so that they can complete their work and any projects. Who wants to wait around for additional access to work on a project that has a deadline. For example, often an employee needs to contact a manager or admin if they need access to an application or to make a change to their account. If this request is time sensitive, they may continually contact the manager to check up on the progress and see if the change is being implemented.

Why Organizations Are Hesitant

Why are organizations hesitant about a solution, such as identity and access management, to help manage their cloud applications then if they can benefit many different people and groups in the organization? One of the reasons for the resistance is that many of the solutions that were available to help with account management when they first came out were often large scale solutions, which cost a lot, took a long time to implement, and were for larger organizations.

Many organizations also think that they can just do it themselves. The reality is they don’t realize that these tasks are extremely time consuming and are taking time from some of their highly technical employees who could be working on other projects. It also might be costing them more to have a full-time employee manually managing cloud applications and issues. Many IAM vendors now offer the ability to choose exactly which modules are needed so that they don’t need to purchase a large enterprise solution with modules that they don’t need. They can tell the vendor exactly what is needed and have them customize the solution. This drastically reduces both the cost and the time to implement. This allows even smaller organizations to benefit from IAM solutions.

How IAM Solutions Can Help

So now that we talked about why a solution is needed and why many organizations are hesitant to employ the solutions, let’s look at how many types of different IAM solutions can assist with the cloud applications that organizations use.

Account management of cloud applications can easily be automated along with in-house applications. An automated account management allows the organization to link their HR system to the systems and applications that the company uses so that any change that is made in the HR system is automatically reflected in all connected applications. So for example, when a new employee starts at the organization they can simply be added to the HR system and have their accounts automatically generated for them. This allows both the admin to quickly create accounts and the end user to begin work right away without needing to wait around.

Another solution that can be used is workflow management. Using a web portal, employees can request any additional access rights to their current applications or even new applications. A workflow is setup so that when a user requests a change, the request then goes through a predefined sequence of people who need to approve it before the change is implemented. The organization can set up the workflow process however they desire, so that depending on the user, and what they request, the process goes through a specific sequence. There is also no need for the employee to bother their manager to check on the request. They can easily access the web portal and see exactly where the request is and what steps still need to be completed.

These are just some of the many solutions that help with the management of cloud applications behind the scenes. There are many other ways that IAM solutions can be customized to meet the unique needs of each organization. Since we discussed how the management of the cloud has an effect on several groups within the organization lets now look at how an IAM solution can benefit these different groups.

For the admin, they can easily manage user accounts or even delegate this task to a less technical employee so that they can work on other more technical issues and projects. They no longer need to perform tedious account management tasks that are extremely time consuming. For the end user, they can easily get any access or application they need efficiently without needing to continually contact an admin. With the portal in the workflow management module, they have an easy way of requesting any changes if needed. Lastly, for the managers and overall organization they can realize the true benefits of cloud applications without needing to focus on the manual tasks of creating, disabling, and making changes to user account.

By Dean Wiech

Connecting the Power of IoT

Connecting the Power of IoT

Connection Power

I come not to bury Caesar. Nor do I come to bury his estimates. Estimates, attempts based on data filled with holes to produce a best-guess scenario. Start with how you gather data and from there how you determine what the risks are going forward. Estimation is tough, so you want to caveat your assumptions. You want to make sure you are on the low side, not on the high side.

Alternatively, you can be slightly on the high side, but not way over-estimating the change or impact. So it is my exception that in fact the estimates published so far for Internet of Things solutions are low. The question though isn’t that they are low, but rather by how much.

3D Printing

So a couple of meanderings first… A connected car would count as X number of IoT devices. I say X number here because at this point there really isn’t a standard and frankly every car has different levels of IoT connectivity. If your car has a device that connects to your cellular phone, that counts as one IoT connection. If you have a second connection in your car that is linked to a manufacturer, that represents a second IoT connection. Between those two connections however, you could have nearly 100 IoT sensors. This would include automatic braking, cruise control and lane control, just to name a few. There is also the broader concepts of crash and report sensors—when the airbags deploy, the car automatically calls 911.

Geek Connection

(Geez, he is meandering all over the place. What’s the point?) Well first, I would like to mention that I personally am a geek. I have begun the process of automating my home. I have connected TV’s and many other connected devices available today. In fact, I now have over 100 connected devices currently in my home. The reason I am bringing up this number has to do with the fact that I know there are MANY people that have more IoT devices deployed in their homes than I do.

I also happen to know you always throw out the highest end when providing an estimate. If your basis of the estimate is on the high-end, you will invariably become frustrated. This is mostly because the high-end isn’t a true overall number. Still, there are between 2.5 and 3 billion cellular phones on the planet today. If we take industrial, government and home IoT devices and add in the cellular phones, this number is greater than 12 billion worldwide. My basis for this is the logical breakdown of the numbers.

The IoT POWER Users

First off, I think analysts missed the high-end of power users when it comes to IoT devices. Even if we remove the outliers, we still have a large population, maybe as high as 500 million people with more than 12 devices per member of the household on average. Just this population and deployed cellular devices (also IoT devices) would come out to between 7.5-8 billion deployed devices. There are between 2-3 million deployed cameras for business and home security in New York City alone, so this number would likely rise to closer to 20 billion IoT devices actually deployed in the global market today.

New York

By the way, you probably remember that I opened with the fact that I didn’t come to bury Caesar. I understand why the analysts choose to publish lower numbers. My numbers come with an inherent risk. I could be wrong. I could be off by a factor of .2 or even .3. Even with this margin of error, I still think the published numbers are on the low side. My gut in playing with and laying what I believe the real numbers to be is that the analysts are off by 50% today. I believe there are between 18 and 22 billion IoT devices deployed right now. Depending on how things move, by 2020, this number will be closer to 100 billion deployed devices.

Noise to Ratio

Frankly, I worry a bit based on the reality of these numbers, and that’s why I started evaluating this. I believe home networks are going to be the first to topple. First off, it is fairly easy to crack most home routers, and secondly because they are not made to support the load of all these new IoT devices. The noise-to-signal ratio in an overused home network will allow more and more hacks to go undetected for longer periods of time.

SO, the risk is that the home network becomes saturated and falls over. This presents significant risk for businesses, as every employee that works from home presents a new and potentially hard-to-catch security leak. When friends ask what can I do to prevent this, I always tell them this simple answer: Go and buy a new Wi-Fi router. Create an easy password for the networks on that router and plug it directly into your router. Then only connect IoT devices in your home to that network. You can still get all the data from the IoT devices that you want. But now, you have a separate network segment that will reduce total bandwidth consumed. And if something happens, you can unplug that router from the internet. The best security strategy for Internet-connected devices remains from removing the Internet connection.

I come not to bury Caesar, but I would like to know where he keeps his IoT devices!

By Scott Anderson

CloudTweaks Comics
A New CCTV Nightmare: Botnets And DDoS attacks

A New CCTV Nightmare: Botnets And DDoS attacks

Botnets and DDoS Attacks There’s just so much that seems as though it could go wrong with closed-circuit television cameras, a.k.a. video surveillance. With an ever-increasing number of digital eyes on the average person at all times, people can hardly be blamed for feeling like they’re one misfortune away from joining the ranks of Don’t…

The Conflict Of Net Neutrality And DDoS-Attacks!

The Conflict Of Net Neutrality And DDoS-Attacks!

The Conflict Of Net Neutrality And DDoS-Attacks! So we are all cheering as the FCC last week made the right choice in upholding the principle of net neutrality! For the general public it is a given that an ISP should be allowed to charge for bandwidth and Internet access but never to block or somehow…

The DDoS That Came Through IoT: A New Era For Cyber Crime

The DDoS That Came Through IoT: A New Era For Cyber Crime

A New Era for Cyber Crime Last September, the website of a well-known security journalist was hit by a massive DDoS attack. The site’s host stated it was the largest attack of that type they had ever seen. Rather than originating at an identifiable location, the attack seemed to come from everywhere, and it seemed…

Cloud Infographic: Security And DDoS

Cloud Infographic: Security And DDoS

Security, Security, Security!! Get use to it as we’ll be hearing more and more of this in the coming years. Collaborative security efforts from around the world must start as sometimes it feels there is a sense of Fait Accompli, that it’s simply too late to feel safe in this digital age. We may not…

Three Ways To Secure The Enterprise Cloud

Three Ways To Secure The Enterprise Cloud

Secure The Enterprise Cloud Data is moving to the cloud. It is moving quickly and in enormous volumes. As this trend continues, more enterprise data will reside in the cloud and organizations will be faced with the challenge of entrusting even their most sensitive and critical data to a different security environment that comes with using…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole. In 1983, the first commercially handheld mobile phone debuted and provided workers with an unprecedented amount of availability, leading to more productivity and profits. More recently, the Cloud has taken…

Security: Avoiding A Hatton Garden-Style Data Center Heist

Security: Avoiding A Hatton Garden-Style Data Center Heist

Data Center Protection In April 2015, one of the world’s biggest jewelry heists occurred at the Hatton Garden Safe Deposit Company in London. Posing as workmen, the criminals entered the building through a lift shaft and cut through a 50cm-thick concrete wall with an industrial power drill. Once inside, the criminals had free and unlimited…

Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…


Sponsored Partners

Understanding The Importance Of A Flexible Hybrid Cloud Solution
Collaboration Clouds: The Logical Next Step To Cloud Computing
Salesforce Service Cloud: Air Traffic Control For Your Customer
Watching You Shop: Stores And Mannequins “Read” Their Customers And Respond
SAP HANA® And Global Healthcare
Confused By The Cloud? A New eBook Reveals All…
Going Virtual? Keep One Eye On The Hardware And The Other On Habits
Hybrid IT Matures Just In Time To Tackle Complex Challenges
Internet Performance Management In Today’s Volatile Online Environment
The Benefits Of Having A Cloud-Bursting Partner
Cyber Security: An Ounce of Prevention