Category Archives: Cloud Computing

Why An Inside-Out Approach to Cloud Security Is Your Safest Bet

Why An Inside-Out Approach to Cloud Security Is Your Safest Bet

Cloud Security

In September, McKinsey released what might be looked back upon as a seminal survey. It opened the report with a simple, powerful declaration: “The cloud debate is over.” The data told a story that the pace of IT workloads moving to cloud is now at a “material” level and the impact would ripple across the industry. The survey reaffirmed the view of CIO’s and IT executives that security and compliance continue to be the top concerns of cloud adoption.

Now that the cloud is just accepted as a safe and viable growth path, it’s important that decision makers think about budgeting for cloud security differently. They are no longer buying hardware appliances and enterprise software. They need agile SaaS tools that can can scale and adapt to their cloud-based infrastructures to grow confidently and allow them to move even faster.

The Current State of Cloud Security

The growth of cloud adoption brings with it a serious need for more disciplined security practices. Between the MICROS/Oracle breach, the SWIFT Network attacks and a rash of healthcare industry data breaches, it seems every week there’s another major story about vulnerable data getting into the wrong hands. In today’s cloud-based business landscape, it’s no longer a question of if your organization will be targeted; it’s when.

complience-cloud-risks

While major cybersecurity breaches continue to dominate the news, the reality is only 3% of companies experience catastrophic losses worth more than $1 million. Smaller, internal threats are far more common for most organizations, and they can still cost companies significant capital. In fact, the Ponemon Institute found that insider activity is the most expensive ongoing cybersecurity threat to date, costing companies an average of $144,542 annually.

To combat cybercrime and proactively protect your organization, a more evolved approach to cloud security is necessary. Many organizations implement an outside-in approach, working to protect their infrastructure perimeter and company assets from malicious intruders who may be trying to gain access. However, this approach doesn’t take into account the possibility of internal threats, or hackers who have already gained access. Organizations and cloud security professionals need to focus on thwarting the advanced threats within cloud environments themselves, all while maintaining total compliance, of course.

This inside-out approach to cloud security isn’t always easy, however, and it can be made more difficult by the fact that cloud security professionals capable of handling the cloud’s advanced threats and compliance issues are becoming increasingly rare. Case in point? Cybersecurity Ventures found that the cybersecurity workforce shortage is expected to reach 1.5 million by 2019. This is creating a need for better tools to help operations teams level-up on security, thus improving operational efficiency. The big benefit: empowering those closest to the infrastructure to make the rapid changes necessary to improve security and continuously manage their security state over time.

Inside-Out Cloud Security Monitoring Considerations

Monitoring needs to occur at the workload layer, because here, activity can be monitored across multiple areas deep within the environment to accurately identify and stop inappropriate internal behavior before it causes damage.

security watch

It’s equally important for organizations to consider their Operations team when evaluating cloud security monitoring services or tools. Given the increasing overlap between Operations and security, monitoring tools should be able to integrate security alerts directly into “DevOps” workflows so teams can respond quickly and with context about what occurred. In other words, security information needs to move to where your teams are working every day and you need to choose platforms that can integrate easily and surface alerts and context in situations that matter.

One example of an inside-out approach to cloud security monitoring includes vulnerability management, which is used for scanning three key areas particularly prone to attacks: web applications, operating systems and everyday packages. With access to production, for example, a misguided or malicious employee could easily install an unauthorized package in your base AMI, or worse yet, install a package directly on production environments. With vulnerability management implemented as an inside-out strategy, however, DevOps teams can verify the attack surface of every installed package before it goes live and wreaks havoc.

By continuously monitoring for suspicious or unauthorized behaviors, organizations can identify internal threats before they spiral out of control. Real-time cloud security monitoring can aid organizations in their efforts to combat cybercrime and thankfully, such technology doesn’t require designated, in-house security professionals. However, it’s important to ensure monitoring is conducted from within the cloud workload itself and that it provides immediate and actionable alerts so DevOps teams can rapidly plan and carry out effective remediation. Lastly, to effectively protect your organization’s data, systems, customers and brand reputation, it’s critical to implement monitoring technology that can analyze normal system behavior as well as anomalous trends, so that any new or suspicious activities can be swiftly identified and contained before a breach occurs.

By Chris Gervais

AI: The Dark Side – Part 1

AI: The Dark Side – Part 1

The Future of A.I

On Friday 21st October, the world witnessed the largest cyber-attack in history. The attack set a new precedent for the size, scale, and potential threat of cyber-attacks; it used the Mirai botnet to corrupt IoT (Internet of Things) devices and repurpose them to conduct a massive coordinated DDoS attack. The attack was registered at a massive 1.2Tbps, and, rather worryingly, there has been speculation that the hackers could have used up 5 times as many devices. Many people have been quick to declare this as the beginning of a new era in cyber-crime, and Elon Musk has speculated that it is “only a matter of time before AI is used to do this”. But how at risk are we?

Musk has also postulated that as A.I. gets better and smarter, that we could see it used to optimise attacks on the internet infrastructure, attacks like the one we saw last month. He has brought light that (in his eyes) the internet is “particularly susceptible” to something called a “gradient descent algorithm”. A gradient descent algorithm, is a mathematical process that examines a complex function and finds the optimum solution – something that A.I.s are already incredibly good at, since it is integral to machine learning. The consequence of this is ultimately that this process of optimization could be used to launch devastating IoT attacks as a result of the fine-tuned digital weaponry. Ultimately, it could lead to A.I. vs A.I. cyber-warfare on a scale that we can only imagine at the moment.

fail-safe_security_low_res

All this comes as we are on the cusp of an A.I. revolution, the idea of A.I. no longer seems to be some far off concept; it is within our grasp. Yet, there are many parties warning of the vast dangers of A.I., including some of the greatest minds on earth. Bill Gates, Elon Musk, and Stephen Hawking all fear what A.I. could mean for the human race as a whole. Hawking has warned that the moment robots gain the ability to build and redesign themselves, that they will continue to do so faster and faster. Thus spelling the end for the human race as the dominant species on the planet,

Once humans develop artificial intelligence, it will take off on its own and redesign itself at an ever-increasing rate….. Humans, who are limited by slow biological evolution, couldn’t compete and would be superseded.” Similarly, Elon Musk made headlines speaking at the MIT Aeronautics and Astronautics department’s Centennial Symposium in October, when he compared creating artificial intelligence to summoning a demon.

I think we should be very careful about artificial intelligence. If I were to guess like what our biggest existential threat is, it’s probably that. So we need to be very careful with the artificial intelligence…. With artificial intelligence we are summoning the demon. In all those stories where there’s the guy with the pentagram and the holy water, it’s like yeah he’s sure he can control the demon. Didn’t work out.

Bill Gates, although noting what A.I. and automation can do for us, has also called for great caution to be taken. In a recent AMA on Reddit he questioned why some people aren’t as worried as he is!

First the machines will do a lot of jobs for us and not be super intelligent. That should be positive if we manage it well. A few decades after that though the intelligence is strong enough to be a concern. I agree with Elon Musk and some others on this and don’t understand why some people are not concerned.”

Those of you who watch Westworld (HBO) will have seen this fear in its earliest form, where one of the A.I. robots is able to understand that it is controlled by a computer, and blackmails two engineers into making it much smarter than it “should be” – a terrifying and chilling moment, perhaps due to the fact that this could soon be reality. The technology is already coming into mainstream culture; Ross the A.I. lawyer has just been hired by a US law firm, Google’s A.I. has already pushed the limits of A.I. creativity, by creating abstract works of art, and that same A.I. has now created it’s very own form of encryption.

With all of these technologies becoming more and more prevalent in our society, it is key that we understand the risks of what we are doing, and take proper precautions. When the people who have led the tech revolution are warning of its risks, you know it is time to listen.

By Josh Hamilton

The Skill & Training Mandates of Big Data

The Skill & Training Mandates of Big Data

Big Data Mandates

For some years a dearth of data scientists and analysts has caused concern, with McKinsey expecting a demand for analytical expertise 60% greater than available supply by 2017. Additionally, Gartner predicts a shortage of 100,000 data scientists in the US by 2020. In more recent findings, Accenture reported the vast majority of its clients intended to hire employees with data science capabilities but over a third cited lack of talent an impediment. It should come as no surprise that this relatively new, but booming, arena is undergoing significant shifts; big data has suddenly been recognized as a valuable commodity, organizations are investing in big data analytics to improve strategies and operations, and universities and colleges are creating and streamlining data analytics training programs to meet these new skill requirements.

Big Data Analytics

In businesses around the world, the role of big data analytics has grown. Though big data is readily identified as a golden ticket to business success, most organizations are only just coming to terms with the need for suitable data science skills to turn this barrage of information into valuable and constructive insight. Some of the benefits gleaned from analyzed data and predictive analytics include targeted marketing campaigns that provide well-timed offers to the right people, exceptional customer service through better anticipation of needs, and progressive business models able to leverage connectivity for greater success.

As valuable as the data science tools we currently utilize are, industry experts believe the future holds much more. The International Institute for Analytics expects automated data curation and management to free up data scientists and analysts to do more of the work that interests them in future years while the IDC predicts that through 2020 spending on data preparation and self-service visual discovery tools will grow two and a half times faster than traditional IT-controlled tools for comparable functions. Unfortunately, the skills shortage is likely to persist, and Forrester believes the demand won’t be met in the short term, “even as more degree programs launch globally.”

Big Data Training

data-big

No matter the pessimism of some of our top analysts, educational programs aimed at bridging the big data skills gap are increasing and advancing. For those commencing training, a shortage of skills is a distinct advantage as they prepare for a market in which they have the upper hand. At the end of last year, RJMetrics reported that only 11,400 professionals classified themselves as data scientists and 52% of all data scientists had achieved their titles in the last four years. Many companies simply can’t wait for the next batch of graduates to meet their needs and some of the more progressive are implementing their own training schemes which encourage skill development within the organization. Along with STEM schools, online training platforms, and university partnerships, in-house training may help enlarge our skills pool.

It’s interesting also to note that Gartner expects an increase of citizen data scientists in the coming years; states Rita Sallam, VP of Research at Gartner, “Through 2017, the number of citizen data scientists will grow five times faster than the number of highly skilled data scientists.” As businesses and educational institutions provide their own investments into big data skills, it’s important to remember the opportunities technology has offered and continues to offer the self-made individual; opportunities abound too for the unconventionally trained but astute data scientist and as we navigate the current skills gap many have as much sway as their graduate colleagues.

Taking Advantage of the Talent Gap

According to SAS, a provider of industry-leading analytics software and solutions, it’s possible to turn the “analytical talent gap into an analytical talent dividend.” Developing key insights from MIT Sloan Management Review Research Report, “The Talent Dividend,” SAS highlights the value of finding talent that already exists in the business, integrating new hires with existing specialists, and pairing data scientists with business domain experts for better results. Practical business leaders are quickly learning that an innovative approach to talent cultivation often affords greater rewards.

Article sponsored by SAS Software and Big Data Forum

By Jennifer Klostermann

Lessons for Corporate Board Members from the Colin Powell E-mail Hack

Lessons for Corporate Board Members from the Colin Powell E-mail Hack

Corporate Board Member Security

It’s every company’s worst nightmare: waking up to find your confidential company information plastered across The Wall Street Journal. Salesforce was a victim of just that when Colin Powell, a corporate board member, had his emails hacked and posted on DCleaks. One email contained a confidential slide deck detailing acquisition targets being considered by Salesforce. Although this information likely wasn’t what the hackers were looking for when they gained access to Powell’s private emails, Salesforce became the latest victim of this type of cybercrime.

There were 14 potential targets on the list that included Adobe, LinkedIn, Pegasystems, Box and Hubspot. Although several of these companies, such as LinkedIn and NetSuite, were already acquired this year, many others are still available and potentially in play. Powell has accidentally leaked some of Salesforce’s growth and innovation strategy, which Salesforce’s competitors are now privy to. It’s conceivable that a competitor could use the leaked information for their own benefit and swoop in to make a deal.

Many companies have strict internal information-sharing policies, but board members often are not required to follow the same rules, even though they have access to extremely sensitive information such as earnings reports, C-suite level communications and M&A target lists. Using email or consumer-grade file sharing apps to share sensitive corporate files exposes companies to a wide range of risks, and the consequences can be dire. Public embarrassment and damaged reputation aside, board members have been named in shareholder lawsuits as a result of data breaches, and activist investors have successfully removed board members after a breach.

board-business

Board members should be taking proactive steps to better protect their sensitive information and improve online security. However, it is important to remember that the ultimate responsibility for securing the board data lies with the company. The following tips aren’t groundbreaking, but they work, and are too often overlooked and forgotten:

  • Create strong, unique passwords for any site you access. Don’t reuse passwords, especially for important applications like online banking or file storage.
  • Only use file sharing services with two-factor authentication. This means, for example, that, when you log in from a new computer and enter your password, you’ll have to enter a code before you can access the account. This will rule out consumer-grade apps with a potentially lower security threshold than enterprise-level apps.
  • Separate business and personal files. It’s never a good idea to share personal information and business data through the same file sharing service or account. Many employers have rules against storing business information in consumer-grade file sharing tools, which is why they blacklist these types of applications.
  • Monitor your accounts regularly to catch theft or suspicious activity early on and reduce potential damage. In this case, Powell was a victim of a spear-phishing attack, where hackers target individuals with personally relevant information. Always assume you could be at risk.
  • Remember that email has been proven, time and again, unsafe for sharing confidential information. If a document needs to be shared externally, ensure you are using a secure file sharing system, not email, so that if the document falls into the wrong hands nobody else can open the file.
  • Consider applying expiration dates to files to time-bound documents.
  • Be extremely prudent about where you store your data.

Corporate board members ignore cybersecurity best practices at their own peril. This goes double for board members with a high profile like Colin Powell, who can be targeted by ‘hacktivists’ for a variety of reasons unrelated to their board positions. Don’t let you or your company become the next casualty in our cyber-insecure world.

By Daren Glenister

Fintech Report: Financial Services Sector Growth

Fintech Report: Financial Services Sector Growth

Financial Services Sector

Fintech, a term typically describing the small financial start-ups competing with established financial institutions, is increasingly playing a role in our business and private lives, making use of analytics, mobile platforms, digital technology and more. With increased consumer expectations and heightened security concerns, interest in the fintech sector is at an all-time high.

Fintech vs. Traditional Banking

Though there’s much hype around financial technology firms, and they’re certainly shaking up the financial services sector as a whole, many experts don’t believe they pose an immediate risk to the systems already in place. Including services such as peer-to-peer lending, crowdfunding, and app-based payment tools, fintech developers are forcing financial services to evolve into a more customer-centric sphere than previously experienced, and many customers are more than happy to bypass the haughty attitudes of financial institutions of old and deal instead with innovative and vibrant fintech services.

The fintech sector is, however, still tiny and though perhaps encouraging traditional institutions to change more quickly than they might have otherwise, fintech alone won’t be dominating the financial services sector anytime soon. Of course, there are a few progressive financial institutions that aren’t waiting for the future competition but instead are merging their brands with fintech firms and helping them go mainstream. This combined effort provides a unique benefit to both old and new as the disrupting fintech firms foster better customer engagement and original products while the conventional financial powerhouses support the union with their resources and networks and provide responsible and trustworthy foundations.

Rules & Governance for Fintech Organizations

But just because fintech isn’t yet competing directly with many of the larger traditional financial institutions doesn’t mean it won’t in the future. For this reason, some countries are being cautious with their fintech regulations, concerned that they might repress a promising sector but equally aware of the necessity for proper controls and security. In the US federal regulators are considering a new regulatory framework for fintech organizations, while various states have already implemented their own guidelines. Since digital currencies and blockchain form a fundamental part of many fintech products and services, regulating the fintech industry as a whole becomes an intricate web.

With the recent hacking of Tesco Bank in the UK, however, it’s become apparent that regulations must be put in place, and quickly. After 20,000 customers had money fraudulently taken from their accounts, the UK’s largest grocer saw its stock dropping by 3.3%, but aside from the action required to repair the damage for this particular attack we’re left worrying which other fintech services that we rely on may be threatened. Top regulators for the financial industry are already promising stringent rules and governance measures for the fintech sector, and it’s likely, if not necessary, that the full spread of financial laws will be applied to fintech organizations before long.

Where to Next?

Financial Services Sector

(Infographic Source: Capgemini)

The future of the fintech industry isn’t yet clear, though most are confident that fintech will have a substantial role in years to come. As traditional financial services organizations explore strategic advances to ensure they remain competitive, fintech solutions continue to blaze the trail, sometimes providing inspiration, and yet other times serving as a cautionary tale. The World Fintech Report 2017 finds that already 50.2% of global banking customers are using fintech products or services, and in fact, many are using solutions from a range of fintech providers suggesting a threat to traditional banking loyalty. It’s unsurprising too that the technology is more popular with younger, affluent, tech-savvy users looking for value for money over a one stop shop. Further, it appears that emerging markets typically show the highest adoption rates, with China at 84.4% and India at 76.9%.

As the overall financial services sector undergoes a dramatic shift, the consumers often come up trumps as they’re provided with a range of services both old and new to suit differing risk appetites and product requirements. There is indeed much work still to be done by those in the industry and those who manage and govern it, but for a while yet we’ll see a burgeoning market.

By Jennifer Klostermann

IBM to Double Workloads on SAP HANA® on a Single Server

IBM to Double Workloads on SAP HANA® on a Single Server

Enabling Up to 8 Databases on a Single IBM Power Systems Server, IBM Helps Companies Break the Barriers of Platform Virtualization for SAP HANA

ARMONK, N.Y., Nov. 7, 2016 /PRNewswire/ — Today IBM (NYSE: IBM) announces that IBM has expanded the infrastructure choices for companies considering using the SAP HANA® platform to transform their business. Available immediately, companies can deploy up to eight SAP HANA production databases on a single server using the virtualization capabilities of IBM Power. This will help clients to more easily break down barriers of platform virtualization and deploy more SAP HANA workloads on a single server, offering greater flexibility to match a client’s specific needs, ranging from cloud models to balancing critical workloads.

SAP HANA provides enterprise application customers the ability to run their transactions in real-time, combined with real-time analytics to gain insight into their businesses. This includes workloads such as recording a sales transaction, notifying the warehouse to ship from inventory instantly after receiving payment for the order, while sharing real-time insights across all such transactions with decision makers through-out the organization. IBM Power Systems help make it easier to consolidate multiple SAP HANA instances in combination with other applications. This feature offers many benefits to companies, including:

  • Simplifying the integration and management of multiple SAP® systems, including planning for coordinated failover/failback scenarios
  • Increased savings through a smaller footprint and accelerated speed to production
  • Streamlining and consolidation of workloads, enabling test, development and production systems to run simultaneously on the same server.

In addition, Power Systems include the necessary resiliency to run SAP HANA in the most mission-critical environments. This is important as clients migrate their business-critical workloads to SAP S/4HANA®. The Power Systems predictive failure alerts and smart memory resolve potential problems before they occur and provide system administrators with early notification that an automatic resolution has occurred, avoiding system downtime.

Power Systems leadership in flexibility and RAS offers:

  • Live Partition Mobility, which enables clients to move live applications from server to server
  • Elastic Capacity on Demand, enabling system administrators to grow or shrink capacity based on business need
  • High-Availability components designed to deliver more than 99.997% uptime.

Kennametal very much values the reliability, flexibility, scalability and consolidation capabilities of the IBM Power Systems platform, which enables us to plan landscape growth and environment management flexibility as our operational requirements change,” said Steve Parker, Director of Application Development at Kennametal. “If we decide to pursue a strategy of infrastructure consolidation and simplification, it’s good to know that we have a ready-made platform to support that.

Our clients are consistently searching for ways to reduce their overall IT footprint and associated costs without sacrificing capability or performance,” said Kathy Bennett, Vice President for IBM Systems. “With IBM Power Systems we’re enabling companies with the means to use virtualization to match their deployment to their business, and bring processing and data closer together to reduce latency and speed decision making.”

SAP, SAP HANA, SAP S/4HANA and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP SE (or an SAP affiliate company) in Germany and other countries. See http://www.sap.com/corporate-en/legal/copyright/index.epx for additional trademark information and notices.

All other product and service names mentioned are the trademarks of their respective companies.

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs

Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for years to follow.

The role of Chief Marketing Officer (CMO) has evolved significantly in the past several years. Previously, the job was predominantly about establishing an identity — advertising, brand management and thinking creatively — but today it’s a lot more complex. CMOs are now charged with a variety of responsibilities that span technology, analytics and growth strategy, and because they’re often held accountable for contribution to company revenue, today’s CMOs are also responsible for optimizing operational processes and demonstrating measurable impact.

My personal roles in marketing have evolved over the years, as well. Before leading worldwide marketing strategy and execution as ThreatMetrix CMO, I directed the go-to-market strategy for IBM’s portfolio of Software-as-a-Service solutions. Prior to IBM, I served as a Vice President of Corporate Marketing at DemandTec and focused my role around building a modern demand generation engine and repositioning my company’s business to drastically increase our revenue.

In all of my years as a marketing leader, I’ve learned a few key lessons about what it takes to stay effective and deliver a positive return on investment for my department. Below are five tips for CMOs working to navigate today’s ever-evolving digital and mobile-focused business landscape:

1. Think like a CFO

To succeed as CMO, it’s crucial to embrace financial metrics and look beyond top-line spending numbers. Get comfortable speaking with your finance department about topics such as return on capital, budget variance, accrual accounting and revenue recognition as it applies to your marketing operations. Not only will this help build your credibility amongst other company executives, but it will also help streamline your decision-making process. Furthermore, being well-versed in the responsibilities of your CFO will broaden your business acumen and can also help refine your marketing strategy.

2. Align with sales

In addition to embracing financial metrics, it’s important to establish a close relationship with your sales department, because by deeply understanding the customer journey you’ll be able to strengthen marketing alignment to revenue and ultimately yield a stronger marketing-generated sales pipeline. To build a stronger empathy for your sales team, I’ve found it helpful to start by moving outbound sales development representatives out of the sales team and into marketing. Also, make sure you’re comfortable giving detailed product demonstrations (as sales reps development reps do) and work to ensure you’re prepared to step in and lead the sales department should there ever be a leadership transition.

3. Hire creatively

comic-facebook-friends

It may seem obvious, but it’s important to fully understand that the people you hire will drastically impact your productivity and efficacy as CMO. Build a marketing department of leaders who complement one another. Hire people with extensive business and marketing experience and also hire recent college graduates who can offer digital fluency and an aptitude for lifetime learning. Different perspectives from different generations of workers can offer enormous value, often leading to more creative solutions and better business outcomes. Additionally, by bringing together employees with different backgrounds, you as the CMO can unify your department’s strengths to benefit your individual employees and the business as a whole.

4. Embrace ABM

The school of Account Based Marketing (ABM) may just be gaining traction today, but I predict will be a strategic pillar for all CMOs in the near future. Implementing ABM can result in a variety of benefits, including a more focused sales and marketing strategy, a more closely aligned sales and marketing team, an improved buyer journey and additional revenue.

5. Prioritize content

It’s easy to get caught up in the slew of marketing-specific technologies, analytics solutions and metrics, however to achieve long-term success, it’s important to not lose sight of one of the marketing basics: content. Prioritize writing excellence amongst your team, and orient your department around content publishing. Maintain an editorial calendar to ensure your content marketing themes are upheld, and make sure the content you’re creating is forward-looking and centers around what the market cares about (rather than just what you know or sell).

The role of CMO can be challenging at times, and while it’s unclear how the job may evolve in the future, it’s certain to grow even more complex and all-encompassing as technology and data continue to permeate our world. However, by practicing greater interdepartmental empathy and combining new industry techniques with effective, traditional methods, success can be realized today. Perhaps most importantly, in moving beyond the Chief ‘Marketer’ title and embracing the comprehensive business influence they’re capable of, today’s CMOs can seize the opportunity to serve as dynamic leaders and key, corporate decision-makers along with their CEO and other C-suite colleagues.

By Armen Najarian, CMO, ThreatMetrix

armen-najarianArmen leads worldwide marketing strategy and execution for ThreatMetrix. Previously, he directed the go-to-market strategy for IBM’s $1B portfolio of 100+ SaaS solutions. Armen joined IBM through the $440M acquisition of DemandTec, where as VP of Corporate Marketing he built a modern demand generation engine and repositioned the business supporting a 3x increase in revenue over a 5 year span.

Transparency in the Cloud and the Lack Thereof

Transparency in the Cloud and the Lack Thereof

Cloud Transparency

The enterprise cloud is changing the way we do things from our day jobs, to social media, entertainment, and everyday interactions. While many of today’s enterprises are leading the way to complete digital transformation, one concern they often have is the lack of transparency of cloud computing.

It’s a fact that many cloud service providers do not offer customers visibility into their operating environments. Customers have no idea where their data resides physically or virtually, and are not given access to information about specific services or when those services will be upgraded. While this is generally accepted in the consumer world, the enterprise cannot tolerate this lack of visibility, access, and lack of control of their own data or the services that run the business.

The absence of transparency has led some enterprises to consider building private clouds in their own data centers. While this gives them the control and visibility they want, it also comes with a big price tag, not to mention security and operational issues. In the end, it’s not worth the time and resources, and it doesn’t allow the enterprise to take full advantage of the positive features of public cloud services.

On the flip side, public clouds provide many benefits for the enterprise including the ability to quickly launch services that change the way work gets done.

Some of these services include: 1) virtual machines for developers and quality engineers, 2) storage for backups, 3) desktop productivity applications such as email and calendaring and 4) IT, security, legal and customer service workflow applications. Of course, every enterprise wants all these services but unfortunately, the transparency and control that enterprises want is not there today in most public clouds.

In order to make the enterprise cloud the platform that drives all enterprise workflow, a compromise has to be made. Cloud service providers need to give their customers greater visibility and the control they are used to having in their own data centers. Customers should expect the following from their cloud service provider:

  • Choose where your data goes – One primary factor in achieving true visibility and control of data in a cloud service is that customers should be able to request and know where their service and data physically resides (i.e. datacenter locations). This knowledge will help customers overcome some of the fear and lack of confidence that can at times occur with the seemingly ominous idea of data floating around somewhere in “the cloud.”
  • Real availability – An additional element of customers achieving increased visibility of their data in the cloud is the level at which data availability and metrics are available. Instead of customers all being grouped together in large sets of data without the ability to distinguish one from another, availability should be achieved at the customer instance level. With availability at this granular level, customers can be presented with customized metrics specific to each of their instances, instead of a more generic set of metrics applying to a group of customers. This is real availability, and combined with knowledge of the physical location of data and services, customers can achieve true visibility into their data and have a significantly higher level of confidence and trust in the cloud service provider.
  • Deal with the issues – If there is an availability issue then customers should have access to the root cause incident with all the details. If the incident results in a problem that needs to be fixed in the service provider’s software or a change that needs to happen on the infrastructure, then this should remain transparent to the customer. Customers entrust their data to the cloud service provider, and in return they should expect an honest and realistic view into the service provider’s management of that data. When problems arise, they should not be invisible to the customer, the customer should be given information about the issues and insight into how the issues are being resolved.

CloudTweaks Comic

  • Granular transparency – In addition to remaining transparent when issues arise, service providers should also provide customers with a high level of transparency every day, with all transactions impacting a customer instance. Customers are used to running their own services, with the ability to monitor and see their data on a daily basis. As such, service providers should provide customers with the ability to view and download every transaction that is performed on their instance, and remove one of the main hurdles customers face in handing over data to a service provider on the cloud.
  • Full control – Whether it is for compliance, testing or user acceptance purposes, enterprises want complete control of their instances including when their service will be upgraded or when new features will be enabled. Customers should be able to have input on the date and time of upgrades as well as all aspects of the management of their instances. This moves beyond the visibility and availability of services and data and ensures that when services are being changed or updated, the customer has more than just transparency, they have control.

While it’s not a perfect system, cloud service providers are catching on that they need to build and operate a service similarly to how an enterprise runs their services, giving them full access to their data. This transparency will help enterprises have greater confidence in the cloud and will strengthen the relationship between provider and customer.

By Allan Leinwand

CloudTweaks Comics
Cloud Infographic – The Future (IoT)

Cloud Infographic – The Future (IoT)

The Future (IoT) By the year 2020, it is being predicted that 40 to 80 billion connected devices will be in use. The Internet of Things or IoT will transform your business and home in many truly unbelievable ways. The types of products and services that we can expect to see in the next decade…

The Internet of Things – Redefining The Digital World As We Know It

The Internet of Things – Redefining The Digital World As We Know It

Redefining The Digital World According to Internet World Stats (June 30th, 2015), no fewer than 3.2 billion people across the world now use the internet in one way or another. This means an incredible amount of data sharing through the utilization of API’s, Cloud platforms and inevitably the world of connected Things. The Internet of Things is a…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Cloud Infographic – Big Data Analytics Trends

Cloud Infographic – Big Data Analytics Trends

Big Data Analytics Trends As data information and cloud computing continues to work together, the need for data analytics continues to grow. Many tech firms predict that big data volume will grow steadily 40% per year and in 2020, will grow up to 50 times that. This growth will also bring a number of cost…

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Chances are if you’re working for a startup or smaller company, you don’t have a robust IT department. You’d be lucky to even have a couple IT specialists. It’s not that smaller companies are ignoring the value and importance of IT, but with limited resources, they can’t afford to focus on anything…

The CloudTweaks Archive - Posted by
Digital Marketing Hubs And The Cloud

Digital Marketing Hubs And The Cloud

Digital Market Hubs Gartner’s recently released research, Magic Quadrant for Digital Marketing Hubs, recognizes the big four marketing cloud vendors as leaders, but also points to many challengers. Adobe, Marketo, Oracle, and Salesforce inhabit the leader’s block of the Magic Quadrant, reflecting both their growing capabilities as well as marketing technology platform scopes. Gartner believes…

Do Small Businesses Need Cloud Storage Service?

Do Small Businesses Need Cloud Storage Service?

Cloud Storage Services Not using cloud storage for your business yet? Cloud storage provides small businesses like yours with several advantages. Start using one now and look forward to the following benefits: Easy back-up of files According to Practicalecommerce, it provides small businesses with a way to back up their documents and files. No need…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Cloud Compliance  Regulatory compliance is an issue that has not only weighed heavily on the minds of executives, security and audit teams, but also today, even end users. Public cloud adds more complexity when varying degrees of infrastructure (depending on the cloud model) and data fall out of the hands of the company and into…

10 Trending US Cities For Tech Jobs And Startups

10 Trending US Cities For Tech Jobs And Startups

10 Trending US Cities For Tech Jobs And Startups Traditionally actors headed for Hollywood while techies made a beeline for Silicon Valley. But times are changing, and with technological job opportunities expanding (Infographic), new hotspots are emerging that offer fantastic opportunities for tech jobs and startup companies in the industry. ZipRecruiter, an online recruitment and job…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

5 Things To Consider About Your Next Enterprise Sharing Solution

5 Things To Consider About Your Next Enterprise Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…