Category Archives: Security

Why Haven’t Many Enterprises Deployed Hybrid Clouds Aggressively?

Why Haven’t Many Enterprises Deployed Hybrid Clouds Aggressively?

Cloud computing is progressing very rapidly all around the world, especially in the developed countries – private cloud, public cloud, and hybrid clouds are the major domains of cloud structures presently in commercial use. The public cloud and the private clouds have their own pros and cons in terms of their application in the field of information technology. The hybrid cloud solution has been developed out of these two technologies to provide the most desirable technical and business results.

There are many companies that still stick to either on-site data centers or to private clouds in spite of the fact that the hybrid cloud has developed a lot. The solutions based on hybrid cloud format have attained many great features and capabilities for the development of this platform – high level of scalability in a short period, demands of resources for application development and quality assurance procedures, high level network and data security, easy and procedural migration, disaster recovery, and the capabilities of handling the ever increasing data storage demands.

In spite of above mentioned features and capabilities, why the enterprises have not gone aggressively to deploy such an exciting platform in their IT networks is a typical question. There are three basic typical challenges in the hybrid cloud platform that are delaying the enterprises to go all out in this domain of technology:

  • Complexity in operation and migration
  • Inconsistency between public and private formats
  • Restricted visibility and management

The above mentioned issues are really the big ones to tackle before attracting the enterprises to this appealing platform. There are many IT vendors that have recently developed very suitable solutions to these challenges, and many others are trying hard to get the most suitable solutions so that the enterprises can be helped out to migrate to cloud computing.

The hybrid cloud platform brings enterprise users several important benefits – rapid provisioning of resources, simplified network operations, and accelerated time to market, just to name a few. At present, there are some big enterprises and applications that have already migrated to this amazing platform taking advantage of certain highly competitive service level agreements (or SLAs) in the marketplace.

By Walter Bailey

Whitepaper: Big Security For Big Data

Whitepaper: Big Security For Big Data

Whitepaper: Big Security For Big Data

We are children of the information generation. No longer tied to large mainframe computers, we now access information via applications, mobile devices, and laptops to make decisions based on real-time data. It is because information is so pervasive that businesses want to capture this data and analyze it for intelligence.


Data explosion

The multitude of devices, users, and generated traffic all combine to create a proliferation of data that is being created with incredible volume, velocity, and variety. As a result, organizations need a way to protect, utilize, and gain real-time insight from “big data.”

This intelligence is not only valuable to businesses and consumers, but also to hackers. Robust information marketplaces have arisen for hackers to sell credit card information, account usernames, passwords, national secrets (WikiLeaks), as well as intellectual property. How does anyone keep secrets anymore? How does anyone keep secrets protected from hackers?

In the past when the network infrastructure was straightforward and perimeters used to exist, controlling access to data was much simpler. If your secrets rested within the company network, all you had to do to keep the data safe was to make sure you had a strong firewall in place. However, as data became available through the Internet, mobile devices, and the cloud having a firewall was not enough. Companies tried to solve each security problem in a piecemeal manner, tacking on more security devices like patching a hole in the wall. But, because these products did not interoperate, you could not coordinate a defense against hackers.

In order to meet the current security problems faced by organizations, a new paradigm shift needs to occur. Businesses need the ability to secure data, collect it, and aggregate into an intelligent format, so that real-time alerting and reporting can take place. The first step is to establish complete visibility so that your data and who accesses the data can be monitored. Next, you need to understand the context, so that you can focus on the valued assets, which are critical to your business. Finally, utilize the intelligence gathered so that you can harden your attack surface and stop attacks before the data is exfiltrated. So, how do we get started?


Register To Read The Full Report

Cloud And Mobile Adoption Increases IT Security Risks

Cloud And Mobile Adoption Increases IT Security Risks

Mobile Adoption Increases IT Security Risks

As more businesses transition their mission-critical operations to cloud and mobile-ready applications, the direct consequence is increased security vulnerability.

Last year, more than 30% of all mission-critical business applications were already in the cloud. That number is expected to rise to 50% as early as 2015. And as more business processes continue to expose themselves, the need for more stringent security measures becomes even more apparent.

An obvious solution would be to restrict the inclusion of sensitive data on cloud-driven applications. Unfortunately, as many as 15% of business leaders admit to not knowing how much sensitive data (if any) are on the cloud. In fact, close to half of business leaders aren’t fully up-to-date on their own internal policies on user access privileges.

The heart of this problem could lie in the system itself. Over 30% of IT leaders are unable to properly record user access privileges. And even after employment termination, 50% of employees feel that their employers do not revise user privileges quick enough.

In effect, the speed of cloud and mobile adoption is vastly outpacing the ability to properly secure them. If this concern is left unaddressed, businesses could be facing wide-scale security risks in only a couple of years’ time, if not sooner.

SAI301_Infographic - Market Pulse Survey_V11

Infographic Source: Sailpoint

By Zig Roberts

Putting The Service Back In “as-a-Service”

Putting the Service Back in “as-a-Service”

The future of cloud computing has often been framed as being a debate between private vs. public clouds, with each model having its own strengths and weaknesses in terms of cost-effectiveness, control and security. The debate should instead focus on what each model can borrow from the other to deliver the most efficient, scalable and flexible service possible.

When deploying a private cloud, system administrators should take a page from public clouds by focusing on the overall services their private cloud is providing. When designing and implementing a private cloud, enterprises need to focus on meeting the needs of the line of business. By utilizing a service-oriented approach that ensures the business can easily access and rapidly deploy the services it needs, enterprises can maximize the benefits of their private cloud deployment.

Making a service-oriented philosophy work

A service-oriented approach to a private cloud deployment can be defined as falling somewhere between pure Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). In IaaS, a developer or operations manager has to create and manage every image. For PaaS, you don’t control any of these machines; the cloud takes care of it all. In a service-oriented model, you predefine and have running in the cloud a service like a database or load balancer, so developers don’t have to recreate those every time they want to roll out a new application.

The advantage of this approach is that it simplifies the solution deployment task for IT and for the lines of business that are interacting more closely than ever through the deployment of private clouds. A service oriented approach increases reliability because you’re using standardized services and not maintaining multiple different virtual machines. It potentially lowers cost in the long run because developers spend less time setting up virtual machines and more time defining applications to take advantage of the services you’ve already deployed.

There are no real downsides to adopting a service-oriented approach. What you’re trying to do is provide some of the pre-canned capabilities you get with Platform as a Service while still giving your developers full flexibility to define the applications they want to define. For example, IT and the line of business could agree to maintain a standard PostgreSQL database image, but the line of business may have an exception where an application it really needs requires an Oracle machine. The line of business could deploy its own Oracle database server for this specific application. They have all the flexibility in the world, but they’d be responsible for maintaining that image.

Deploying a service-oriented approach doesn’t lock you into anything. It just allows you to predefine certain capabilities which will make it easier in the long run to deploy and maintain new solutions. There might be additional work for the IT staff to define the interfaces, but if you choose, you can turn to a vendor the delivers preconfigured services in the cloud.

Potential downsides

If you don’t adopt a service-oriented approach, you’re not taking advantage of measures that could improve the agility and responsiveness of the line of business. You’d be running cloud, but you would not be taking full advantage of the private cloud model.

To turn the model into a reality, you need to start by working with the line of business to analyze what services make sense to standardize across the set of services that will run in the cloud. The analysis should focus on the services that are common across all the various solutions you’re bringing to your user base. You identify the services used the most and are most similar to each other, and those that offer no advantage to being customized. IT then takes responsibility for maintaining the frequently used services and publishing APIs to let people know how to get access to them. It’s similar to what Amazon does around its relational database service. IT defines a set of services that ultimately get instantiated as cloud images, but you also define what APIs developers can take advantage of to get access to those solutions.

When does an organization know it has successfully deployed a service-oriented deployment? The short answer is, you know you’re successful when your development groups use pre-defined services instead of creating their own. This is the Amazon model: customers start off using Amazon EC2 to stand up their own application server and database server but migrate over time to using other Amazon services. If you’re taking full advantage of the cloud, it will be easier to use the newly created model, and your customers will switch as well.

The future

In the future, it’ll be easier to gear services to specific business lines because we’ll see more private cloud providers offering these services prepackaged as part of their cloud solutions. You’ll be able to deploy a set of services in your cloud – with a set of APIs and documentation that allows you to take advantage of that. The aim is to take advantage of all the value that private cloud computing has to offer, and adopting a service-oriented approach is the most direct way to accomplish this goal.

By Peter Chadwick

Pete Chadwick is senior cloud solutions manager with SUSE, a provider of interoperable Linux and cloud infrastructure.

Cloud-surfing Can Pay Big Dividends For Your Business

Cloud-surfing can pay big dividends for your business through lower costs and enhanced service

In the never-ending search for competitive advantage, Cloud-based services like a Hosted PBX business telephone system can offer business owners and managers new opportunities for cost savings and service improvements that can help strengthen their market position.  A Hosted PBX allows businesses of nearly any size to have a state-of-the-art telephone service with minimal or no investment in equipment. Much like web-based email, the technology is well established and well-known to the business community.

Moving Your Phone Service to the Cloud Can Free Up Working Capital – and Your Employees

With a Hosted PBX solution, the service provider “hosts” the equipment and manages the network, freeing your  business from the need to purchase and maintain an on-premise PBX system.  A Hosted PBX system also provides significant, long-term savings, with an impressive set of features and greatly simplified management and configuration.

A Hosted PBX also makes it possible for employees to work from home, remote offices, cell phones or even overseas while still being connected to the same office telephone service. The technology allows for video conferencing, which makes remote collaboration more effective than ever.  Thanks to the virtual nature of the service, companies looking to cut down on office and vehicle costs can easily de-centralize without customers ever hearing the difference.  All employees are still connected to each other as if they were in the same physical office space.

The Hosted PBX solution offers significant advantages

Traditional on-site PBX systems, despite their often prohibitive costs, cannot match the advanced feature set of a Hosted PBX solution.  In addition to standard features such as auto-attendants with professional greetings, voicemail to e-mail and North American long-distance calling, a Hosted PBX gives companies who use their phones intensively the ability to go deeper.  With hunt groups, find-me/follow-me capability and time-based behaviors, the Hosted PBX is highly flexible.

For call centers and contact centers, which handle high call volume, the advantages can be even greater.  Advanced call queuing and skill-based routing help managers ensure the right agent always gets the call.   Ongoing reporting and performance tracking is made vastly more efficient with detailed, granular reports that managers can export at any time.  These reports include mission-critical metrics, such as number of calls answered and unanswered, average time to answer, average hold time and much more.

Through a user-friendly web interface, users with administrative access can easily modify nearly any aspect of the service.  Modifying an on-site PBX, for comparison, is considerably more complex and typically requires a service visit from a technician.

Make sure you have the right ingredients in place before you get on the cloud

Business owners considering  a move to a Hosted PBX, option need to ensure they have the following to enable the transition:
•       Internet connection: with ample bandwidth for all staff using the phones.
•       Network equipment.  At a minimum you’ll need a business-grade router capable of serving multiple employees.  An unmanaged switch can expand the number of available ports, if required.  Most Hosted PBX providers sell or recommend appropriate network equipment.
•       Phones designed for Hosted PBX service.  Again, nearly all providers sell recommended models.
•       Power over Ethernet and battery backup: optional, but recommended for systems where constant phone connectivity is mission-critical.
•       Network/IT provider: optional.  Although not required for smaller and simpler systems, or deployments on which the customer is technically capable, an IT professional can be a powerful resource in a larger build-out.

With these relatively simple requirements, SMEs can quickly start enjoying the benefits of a sophisticated telephone system without the need to make costly investments in telephone equipment.

By Adam Simpson

Adam Simpson is Founder and CEO of Easy Office Phone

Established in 2005, Easy Office Phone provides Business VoIP and Hosted PBX service to companies and organizations of all sizes throughout North America.

Cloud Computing And Thin Clients

Cloud Computing and Thin Clients

When I began looking at thin client applications, I was pretty darned sure that the weight loss industry had come up with yet another way to separate overweight people from their money.

Introducing Thin Technology

Thin clients have been around for as long as there have been computers tied together in networks. The concept is pretty simple; individual users do not need full access to a computer to do their work, so rather than placing a fully functional computer on each desk, a thin client machine provides just the functionality needed to accomplish the necessary tasks.

Thin client systems are useful in some business and institutional settings. They have the advantage of keeping the major computing functions, processing and storage, in a safe, central location. There is also potential savings in software licensing, the software is licensed to the central computer but can be accessed from any of the thin client remote terminals.

From Thin Machines to Clouds

These benefits sound very similar to the claims made by cloud computing services, especially software as a service type applications. Although they are similar in many respects, there are some very important differences between thin client technology and cloud computing.

The most important difference is where the data and programming information are stored. As previously described, the data for the thin client is held on the institution’s central computer. Although it is accessible from any of the remote thin client terminals, it is relatively safe on the central machine where only a few technicians will have physical access.

Cloud Versatility

Cloud data is stored in “the cloud”, of course. The actual physical location of the cloud could be any of several large data centers around the world. The actual machinery is likely to be much simpler and more robust than an institution’s central server, and even more secure thanks to modern encryption.

The biggest attraction of the thin client model is that individual users can do their work on relatively simple, inexpensive equipment. However, all the thin client interface can do is work connected with the central computer. Cloud services can be accessed on any device that has a connection to the Internet, whether it is a laptop, desktop, netbook, tablet, or even a smartphone! When the cloud session is over, the interfacing equipment can be used for other computing tasks. Some cloud applications can even be used without the user being connected to the Internet.

By Peter Knight

Whitepaper: The Journey To Private Cloud

Whitepaper: The Journey To Private Cloud

The Journey to Private Cloud

Based on a recent Enterprise Management Associates® (EMA™) research study, the main reasons for adopting cloud computing, mentioned by 52%-62% of respondents, were as follows:

a) Agility: Accelerating service creation and provisioning
b) Performance and resiliency: Improving the performance and resiliency of business services
c) Resource optimization: Reducing operational and capital expense

Respondents mentioned a vast variety of enterprise applications – e-mail, CRM, VDI, custom applications, ERP, accounting, HR, telephony, and even mainframe-based application services – when asked what they were planning to host in the cloud. This response illustrates the importance that most companies place in the adoption of a cloud model. Organizations are looking for faster and more agile IT delivery models that help strengthen their positions in the marketplace. In today’s relentlessly competitive markets, the ability to rapidly build and provision well-performing and resilient business services at a reasonable cost can be seen as an essential strategic differentiator for the entire enterprise.

If this agility is not offered by the company’s internal IT organization, business stakeholders and developers look for the resources they require outside of the corporate data center. Growing corporate credit card bills for Amazon EC2 and other public cloud services are unambiguous evidence of this fact.

These public cloud solutions are not appropriate for every application from a compliance, security, and cost point of view. Moreover, without corporate IT governance, this new “shadow IT” may introduce performance and resiliency-related risks to business services.

To bring back users under corporate governance, the enterprise has to offer a service delivery model that is similar in speed and convenience to the one offered by the public cloud. Over time, most enterprises plan to embrace a hybrid cloud model – where IT becomes a broker of services, whether hosted in the private cloud or sourced through external cloud providers. As a first step, the majority of IT organizations today are focused on building their own private clouds.


Virtualization, a Pre-condition for Cloud

Data center virtualization was heralded as a major step toward agility and efficiency of enterprise IT. However, progress was often been not as significant as expected. In many cases, overall resource utilization remained at the same approximately 20% as before these virtualization efforts. Provisioning speed often did not increase significantly either, as the traditional challenges of building new physical servers were replaced by a new set of management challenges. Physical server sprawl decreased, but the efficiency gains often were offset by virtual machine sprawl, as it suddenly became easy to spin up large numbers of virtual servers within short periods of time. Organizations were frequently overwhelmed with lifecycle management requirements for a rapidly increasing number of servers. And while virtual servers could be created quickly, this did not address the end-to-end provisioning process associated with new applications and business services. This management deficit frequently led to virtualization stall, where the IT department was unable to cope with the myriad of virtualization-related process management challenges.

Read The Full Whitepaper

CloudTweaks Comics
The Conflict Of Net Neutrality And DDoS-Attacks!

The Conflict Of Net Neutrality And DDoS-Attacks!

The Conflict Of Net Neutrality And DDoS-Attacks! So we are all cheering as the FCC last week made the right choice in upholding the principle of net neutrality! For the general public it is a given that an ISP should be allowed to charge for bandwidth and Internet access but never to block or somehow…

Update: Timeline of the Massive DDoS DYN Attacks

Update: Timeline of the Massive DDoS DYN Attacks

DYN DDOS Timeline This morning at 7am ET a DDoS attack was launched at Dyn (the site is still down at the minute), an Internet infrastructure company whose headquarters are in New Hampshire. So far the attack has come in 2 waves, the first at 11.10 UTC and the second at around 16.00 UTC. So…

Cloud Infographic: Security And DDoS

Cloud Infographic: Security And DDoS

Security, Security, Security!! Get use to it as we’ll be hearing more and more of this in the coming years. Collaborative security efforts from around the world must start as sometimes it feels there is a sense of Fait Accompli, that it’s simply too late to feel safe in this digital age. We may not…

Security and the Potential of 2 Billion Device Failures

Security and the Potential of 2 Billion Device Failures

IoT Device Failures I have, over the past three years, posted a number of Internet of Things (and the broader NIST-defined Cyber Physical Systems) conversations and topics. I have talked about drones, wearables and many other aspects of the Internet of Things. One of the integration problems has been the number of protocols the various…

Cloud Infographic – DDoS attacks, unauthorized access and false alarms

Cloud Infographic – DDoS attacks, unauthorized access and false alarms

DDoS attacks, unauthorized access and false alarms Above DDoS attacks, unauthorized access and false alarms, malware is the most common incident that security teams reported responding to in 2014, according to a recent survey from SANS Institute and late-stage security startup AlienVault. The average cost of a data breach? $3.5 million, or $145 per sensitive…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Three Ways To Secure The Enterprise Cloud

Three Ways To Secure The Enterprise Cloud

Secure The Enterprise Cloud Data is moving to the cloud. It is moving quickly and in enormous volumes. As this trend continues, more enterprise data will reside in the cloud and organizations will be faced with the challenge of entrusting even their most sensitive and critical data to a different security environment that comes with using…

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and opportunities of digital technologies. The concept is not new; we’ve been talking about it in one way or another for decades: paperless office, BYOD, user experience, consumerization of IT – all of these were stepping…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the information and process needs of its workforce and its customers. However, data suffers from a likability crisis. It’s as essential to us as oxygen, but because we don’t see it, we take it for granted.…

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…


Sponsored Partners