Category Archives: Security

OpenText CEO Predictions For The Enterprise In 2016

OpenText CEO Predictions For The Enterprise In 2016

Predictions For The Enterprise


  1. The IoT will be reality

In 2016, we’ll work smarter, not harder. Human beings, appliances, homes, factories, cars, businesses, and cities will become more interconnected. If these items aren’t already, they’ll soon be “talking” to the Internet of Things (IoT). In a few short years, there will be more than 25 billion devices generating data about every topic imaginable. We’ll see broader enterprise adoption of the IoT due to its economic impact (which analysts estimate to be between $4 trillion to $11 trillion in the next few years), as well as in terms of opportunities to improve productivity and gain better business insight.

The IoT will cause massive disruption through better automation, integration, and communication. Insurance companies are deploying sensors and software to monitor how drivers behave and generate risk profiles using big data analytics that accurately align to or construct on-demand products to suit individual behavior. Thermostats communicate with residents and accumulate behavioral data to formulate the most energy efficient and comfortable schedules and settings. Software agents move money, stocks, goods, and people around the world, routing, optimizing, and transacting innumerable times a year—and these are just three examples already in enterprise use today. They will quickly evolve and proliferate into 2016.


As we move forward through 2016 and beyond, more devices, agents, sensors, and people will join the IoT. Perhaps we will even progress as a society to a post-scarcity economy and information itself will become our commodity of trade. Monetizing the exchange of information, micro-licensing, and transactions become prominent tasks as our automation and machine-to-machine networks take care of daily needs. Imagine algorithms as apps for applying big data analysis over the connected masses of information generated by the IoT and its billions upon billions of connected devices in every aspect of our lives. Owning the data, analyzing the data, and improving and innovating become the keys to corporate success—all empowered by a connected digital society.

Though this may have some Orwellian overtones, the IoT is really about the Zen of Things—our application of software and technology to help customers consume products and to help businesses build better products and deliver better services. In 2016, the IoT will continue to combine Big data, Analytics, The Cloud, Artificial Intelligence (AI), Robotics, and Automation to propel industries forward and create the next industrial revolution.

  1. Millennials enter the management ranks and reshape the world 

In 2016, we will see Millennials enter management-level roles. These young leaders will radically restructure all aspects of business—from productivity tools to HR policies (like working from home and remote offices), and organizational structure to corporate cultural—essentially reinventing the workplace as we know it.


As managers, Millennials will be in a position to transform corporate culture, accommodating expectations like social media freedom, device flexibility, and a high tolerance for risk taking. Innovation will be a key competitive differentiator and its application will be based on new ways to collaborate that include crowdsourcing and co-creation with customers. Communication will be open, two-way, and always “on.” The office of the future will take root in 2016. Holographic images, interactive surfaces, and video conferencing will begin to replace the boardroom in earnest. The mobile office will replace the cubicle and work and life will reach an equilibrium and intermixing we haven’t seen before in this digital age.

As Millennials undergo a professional “coming of age,” the enterprise will follow suit. Culture will be a determining factor for failure or success in the digital world. Millennial managers will pull from a global pool of talent, hiring the best employees from around the world to create highly skilled, dispersed teams. Organizations with cultures that can attract (and keep) top talent will emerge as winners, changing the game and disrupting traditional business models—and even entire industries.

  1. Fast-growing, no-profit SaaS companies will collapse

The rise of Internet-based, Software-as-a-Service (SaaS) companies over the years has been tied to a new model: cash over time, rather than the traditional cash upfront model. But, the aim of profitability remains the same: no more waiting. Cash is still king and businesses need profit.

Many of these so-called multi-billion dollar businesses have no revenue, no asset value, no employees and no chance of survival, as long-standing, cash, asset, idea, and employee-rich companies reorganize to compete. Nimble, fast, and flexible is great—and the startups have done a great job in cornering that market. Enterprises might learn slowly, but they learn. And the further along they are on their journey towards digitalization, the more market share they can win back. So, as quickly as the fast-growing, no-profit SaaS companies have appeared, they will now begin to collapse.

  1. Digital becomes top priority for CEOs 

cloud-connectedIt’s clear that in 2016 digital disruption will impact all markets. Earlier this year, I predicted that 50% of all market leaders will be obsolete in the coming decade because of digital disruption. Competition will come fast and furious from unforeseen sources. In a 2015 CEO survey, 58% of CEOs surveyed consider the rapid-fire rate of digital disruption a challenge to their business. But where there is risk there is also opportunity: 80% believe that disruptive technologies (Mobile, the Cloud, Analytics) will bring tremendous value to their business. That’s a heartening statistic.

To capitalize on opportunity, CEOs will need to understand how disruption impacts all functions of their organization. In 2016, CEOs will become the drivers of digital transformation initiatives, incorporating them in their corporate strategies and all parts of the business. Adaptive and creative leadership will succeed. Across the C-Suite, transformational leadership will overcome outmoded structures and old management styles to empower Millennials to self-direct, make decisions, experiment, innovate, and take risks; while providing the systems, structure and governance to protect the company, its assets and information from this ‘digital sandbox’ style cultural transformation. CEOs will have to obsess even more about the customer and rethink customer value and experiences. They will extend their ecosystems with a new willingness to partner to discover new consumers and markets.

Over the next five years, CEOs will lead by example, adopting a Digital Mindset. The Digital Mindset is driven by disruption, immediacy, and scale with centricity on journeys, experience, and a real-time-ness. Just like we have an IQ and EQ, organizations need to develop a DQ, a digital quotient, where strategy, culture, people, and capabilities converge. The CEO will lead this charge.


mark-barrenecheaBy Mark Barrenechea , CEO / OpenText

As CEO of Canada’s largest software company, Mr. Barrenechea oversees the strategic direction of the organization and upholds the company’s position at the forefront of the industry. Under his direction, the company has grown both organically and through strategic acquisitions, into a $1.85 billion technology company.

Before joining OpenText, Mr. Barrenechea was President and Chief Executive Officer of Silicon Graphics International Corporation (SGI), where he also served as a member of the Board.

Avoiding Downtime With Disaster Recovery Services

Avoiding Downtime With Disaster Recovery Services

Disaster Recovery Services

Disaster Recovery as a Service (DRaaS) differs from traditional disaster recovery solutions in that it replicates and hosts physical and virtual servers off-site, typically in the cloud. Businesses avoid downtime because DRaaS is able to bring computing environments back online without first needing to restore computing. DRaaS additionally offers the typical cloud benefits of being more affordable, scalable, and easier to implement.

The flexibility the cloud provides for IT infrastructure, applications, and software isn’t possible with traditional server and data center configurations, and disaster recovery solutions built into the cloud utilize this flexibility for fast implementation and rapid scaling. DRaaS strategies also minimize effects of disasters due to almost instantaneous continuity in operations should primary servers go down, and the high speed with which solutions can be put into effect allows for improved service level agreements with far superior recovery time objectives and recovery point objectives than seen in the past.


Reducing Business Risk

According to Gartner, a major loss of data resulted in 43% of companies immediately going out of business, while another 51% were able to last no more than two years. This means that only 6% of enterprises survive these losses, and makes it clear that every company needs disaster recovery, scaling a range of potential threats including natural disasters, human error, and cyber-attacks. Disruption circles are calculated to determine effective data center placement, taking as many of these factors into account as feasible, with the definition of these circles varying between different users and service providers.

David-TrossellRecovery data centers are typically placed outside of geographic circles of disruption, meaning that recovery from natural disasters is quick and efficient – data-wise anyway. Bridgeworks CEO, David Trossell, notes, “Many CIOs are faced with a dilemma of how to balance the need of having two data centers located within the same Metro area to ensure synchronization for failover capability, yet in their hearts they know that both sites will probably be within the circle of disruption.” Typically a lack of technology and resources results in data centers being placed too close to one another within a circle of disruption, and so utilizing cloud data centers in places such as Scandinavia and Iceland offer not only a more green approach to data management but greater protection.

The Necessity of Regular Testing

Unfortunately, disaster recovery plans aren’t being regularly tested. A recent study surveying UK and German businesses found that 62% of respondents tested their disaster recovery plans either less than once a year or not at all. Says Paul Le Messurier, Program and Operations Manager at Kroll Ontrack, “These findings are a clear indication that many companies still face significant risks in terms of data security, data loss, and data recovery. They also lack a thought-out disaster recovery plan that is tested regularly and is bullet-proof when a real disaster strikes the company and it is faced with system failure and data loss. Without an effective plan in place, companies face the prospect of a loss of business continuity plus reputational and financial damage. It’s important that disaster recovery plans are in place, but it’s just as important to ensure that they are tested regularly and updated accordingly.

Perhaps it’s time for a check-up? Take a look at OneCloud Insight’s video discussing the costs of leveraging AWS as a disaster recovery site for more benefits of DRaaS as well as some implementation approaches.

By Jennifer Klosterman

Arctic Chain Hackathon: KnC Builds New Data Center In The Node Pole

Arctic Chain Hackathon: KnC Builds New Data Center In The Node Pole

Arctic Chain Hackathon

Blockchain infrastructure provider KnC today announced plans to build another data center in Boden – the Blockchain computing community within The Node Pole. This was unveiled by CEO Sam Cole during the opening ceremony of the Arctic Chain Hackathon today.

The new data center, which will be KnC’s fourth data center in The Node Pole, is a direct response to a growing market demand, where not only cryptocurrency functions but also a growing number of other blockchain technology applications drives an increasing global market demand for smart and efficient computing capacity – an area where KnC’s combination of smart computing hardware, software models and attractive business applications has led to them dominating in the global market.

The new data center will be located in Boden – the blockchain community within The Node Pole where also Hydro66 is located, and this will be the second mega data center built on the 8000 m2 site where KnC built another center earlier this year – and KnC’s fourth data center in The Node Pole.

With a total capacity of 30 MW, the new center will be utilized mainly for Blockchain security applications utilizing 16 nanometer technology – a sort of unique ‘turbo engine’ for Blockchain computing, vastly more efficient and powerful than other technologies currently available in this market. KnC already today has customers from across the world lined up for taking part in the new services offered using the new data center, and KnC is exclusively relying on locally sprung talent for both building and setting up the new center.

Arctic Chain Hackathon


The new data center plans was unveiled during the opening ceremony of Scandinavia’s first ever blockchain hackathon event – Arctic Chain Hackathon – an event where talent from all around the world are invited and challenged to come up with the best business ideas and coding solutions using blockchain technology.

The new center is another milestone for us going forward, and what better way to unveil this news than in front of these bright minds present here in Boden at the first ever Scandinavian Hackathon. I’m actually hoping to find some people here today to help us in running the new center and coming up with new innovations going forward!” comments Sam Cole – CEO and Co- founder of KnC.

Anne Graf, Investment Director of Sweden’s largest data center cluster The Node Pole – where KnC as well as global cloud computing players such as Facebook and Hydro66 are already embedded – sees today’s news as absolute proof of KnC success, as well as of the bright future of both KnC and the entire cloud computing cluster within The Node Pole.

This is of course great news for KnC, The Node Pole as well as both the Boden municipality and the entire Swedish cloud computing market. KnC continues to prove that they are an integral part of the new digital and intellectual infrastructure that will drive innovation and development over the next decades”, comments Anne.

The new data center news also correlates with a surge in the prospective cloud capacity market, forecasted to double in number of European mega data centers over the next four years. KnC’s new mega data center is scheduled to be operational by early spring 2016.

About KnC

Founded in 2013, KnC is a global technology leader in the Blockchain space, providing efficient, secure and green blockchain power to the world. KnC also has an exceptional track record of delivering next generation ASIC chips to the market. Based in Stockholm, Sweden, KnC develops state-of-the-art chip design and cloud services for blockchain-based applications incl. cryptocurrency mining. KnC also runs industrial-scale operations in other locations globally, with the main focus within the Arctic Circle. Read more at

About The Node Pole

The Node Pole region encompasses four municipalities in the very north of Sweden, just by the Arctic Circle. The cluster is as of today home to ten datacenter (run by Facebook, KnC, Hydro66 and Fortlax among others).The Node Pole also encompasses The Node Pole Alliance: +80 data and datacenter management companies (Schneider Electrics, Cisco, Flextronics, among others) and has numerous global data service clients – as well as joint market and university cloud computing R&D datacenter initiative SICS ICE.

The region has earned the epithet The Node Pole due to its northern position and emergence as a global hub for data traffic and data management innovations. Sweden enjoys one of the lowest electricity pricings in Europe and one of the world’s premiere digital infrastructures and high tech labor forces. The region is one of the most geologically, politically and socially stable areas in the world. Read more at


Competing Cloud Security Demands Call For Credentialed Professionals

Competing Cloud Security Demands Call For Credentialed Professionals

Cloud Security Demands Call For Credentialed Professionals

It is not possible to stare with absolute clarity into the future. None of us has a crystal ball. But there is certainty in knowing that the path to progress on which our future lies curves steeply upwards. Gordon Moore originated a concept, now called Moore’s Law, in 1965. It was intended to describe the constant doubling of processing power in semiconductor chips every two years in an exponential fashion. Although this law was originally designed to describe the progress of computer components, it has subsequently been adapted by numerous futurists to reflect the pace of human technological change in general.


Technologies such as the cloud, mobile devices, and the Internet of Things have not only increased collective processing power, but have also distributed it worldwide so that human beings from every corner of the planet can access and use the technologies. This is good news when efforts are applied to innovation and progress, but not so good news in terms of threats to network security.

Following the upward progression of Moore’s Law, security specialists face an ever-increasing variety and sophistication of attack vectors, happening 24 hours a day and mutating constantly. It becomes increasingly difficult to guard a castle when the attackers are so numerous, agile and versatile, but such is the life of the cloud security professional.

Cat And Mouse With Attackers


For many organizations, IT-related security professionals play a game of cat and mouse with attackers, and this is usually performed in reactive, firefighting mode. At a senior management level, a lack of true understanding of the severity and frequency of attacks, combined with perpetual concerns over costs, have left many organizations understaffed in this area. The problem with this scenario, much like it is in any war, is that strategies cannot be deployed without a higher level vision and a long-range plan. Security specialists who exist purely in firefighting mode represent common foot soldiers, marching or running toward battle but with little overarching strategy of how to outflank the enemies in a more decisive fashion.

Cloud security is a profession that, possibly more than most, cries out for effective time management. Deficiency in this skill is generally not because of any ignorance of its importance, but simply a result of the workload at hand. Most security specialists readily state that given their choice they would prefer to invest a portion of their working time to research, education, and preparedness planning. This, they feel, would lead to far more effective security protocols, both in terms of technological barriers and also in teaching employees the correct techniques and habits for safe computing, password management and general network security hygiene.

Assignment of time in this fashion is an ideal implementation of the Pareto principle, otherwise known as the 80/20 rule, in this case, pointing to the fact that more could be achieved by dividing the workload into two camps: planning and preparedness (20%), and then action and deployment (80%). Only by allowing time for research, review and strategy, can a security professional and the employer gain the upper hand in the constant battle with cloud-based enemies.

Malware Fridays

A simple example of the strategic clarity that the 80/20 principle can deliver is the Friday effect. Network security company Cyren pointed out recently that Fridays are the most dangerous days for the delivery of malware.


(Image Source: Shutterstock)

This is predicated on the fact that employees prefer to take their devices home with them for the weekend, and consequently turn to less-than-secure Wi-Fi connections for doing work and returning emails. When employees work outside a secure firewall, cyber criminals can exploit this weakness, leading people to unwittingly download malware, which is then reinserted into a company’s network upon their return to work on Monday. This type of strategy, which may appear fiendishly straightforward, has a pattern that can best be perceived through a higher level view, and is not available to be picked up by security specialists already overwhelmed by immediate crises.

Seeking Certified Professionals

As companies invest in cloud security, they should be seeking certified professionals, such as the Certified Cloud Security Professional (CCSP℠) from (ISC)2®, a global leader in information, cyber, software and infrastructure security certifications, who have the demonstrated experience, knowledge and skills to competently address the many challenges of this role – from reacting to threats to ongoing maintenance of secure cloud infrastructure to communicating effectively with business leaders. This is a lot to ask of any individual and, similarly, it is a lot to ask of a company: allowing time for the expert to prepare for the future while battling the present. It requires resources, and senior-level commitment.

The one constant, however, is that this will not change. In fact, it will only increase. A certified cloud security professional is there to establish and maintain appropriate defenses so organizations can benefit from the full power of cloud computing to grow their business.

For more on the CCSP certification from (ISC)2 please visit their website. Sponsored by (ISC)2.

By Steve Prentice

‘Tis The Season To Be Deploying Sensors

‘Tis The Season To Be Deploying Sensors

Deploying Sensors

Overhead the Christmas Drones are buzzing, delivering packages to the good girls and boys. Back at the main location people are analyzing the good and bad data collected over the year about each person. Data analytics that is creating a list, gathering all the data and then checking the data on that list (Twice). In the end to produce two lists. The good list of kids. The bad list of kids. I am pretty sure I am on the bad list, again.


Cyber Physical Systems Wishlist

It is the season of giving. So far this year I’ve gotten two colds and a wooden Jaguar. Needless to say I kept the Jaguar (it is actually quite nice) and have done my best to get rid of the colds. I decided to share my wish list for Cyber Physical Systems for the next year to help spread the Christmas cheer!

1. Other than my two front teeth I also want Cyber Physical System device security. Replaceable security modules that can be quickly replaced without requiring the organization replace the entire CPS device.

2. A bicycle and Cyber Physical System data management. Perhaps a standard for and support of on device data, cached data, data in transit and also data on that cell phone in your pocket.

3. Please don’t bring me ghosts again Santa, five years in a row is enough. Beyond no ghosts I would also like to see a Cyber Physical Systems integration standard. The growing number of CPS devices deployed make it really hard to integrate everything. Going forward the value of integration for the devices will be critical.

It’s a short list and frankly I hope to get all of them by the end of the year. The concept of replaceable security modules within CPS devices is a great opportunity. That way you won’t have to replace your CPS devices as security standards change. You just replace the security hardware.


CPS or the more consumer Internet of Things (IoT) represents a growing number of systems. As more and more of these devices are deployed the opportunity for a single unified management standard will be of significant value. A unified management protocol and standard would allow organizations to implement devices knowing they can quickly connect and manage them!

The next concept is that of integration is critical for CPS. Today there are 10 billion devices in the world. They offer services, data and connection in any number of ways. A standardized approach to integrating all these devices will be a great present.

Santa knows the value of CPS and supply chain management. I suspect if you asked him what his holiday list was about it would be just that. Taking the integration framework and management framework and applying that to the entire supply chain. Know where your parts are at all times. Create a JIT (Just-in-Time) supply chain that doesn’t have parts paid for and waiting for parts that are delayed or still in transit. Have a system where the parts arrive and are paid for at the same time. Reduce the time from ordering parts to selling your system by managing where parts are in the system and when they will be in your facility. I think Santa would like such a system. I might even get off the naughty list.

(Image Source: Shutterstock)

By Scott Andersen

Cloud Pinup: Jukedeck – A.I. Based Music Creator

Cloud Pinup: Jukedeck – A.I. Based Music Creator

Cloud Pinup: Jukedeck

Think of that beautiful piece of video you shot over the weekend. Wouldn’t it sound better with a piece of music to go with it? Of course it would. How long is the video? What style do you want it to be and how do you want it to make you feel? Uplifting folk music that finishes in 1 minute and 5 seconds? No problem. Click here and.…hang on…there’s your track. Original, made-to-order music delivered via the cloud and ready to be added to any platform you want.

Rights-free, original music at just the touch of a button.

That’s exactly what the folks at Jukedeck, a London-based startup, have just released, and if they’ve read the market correctly then they’re about to solve the problem of struggling to get music rights to a song or spending hours sifting through stock music folders to find the right kind of aural accompaniment. This is software as a service for the millennial, content-creating generation.


It’s an intriguing notion and one that could find a receptive market for people who don’t have the time, energy or expertise to source a great soundtrack that can be uploaded with all its rights intact onto YouTube. Already Jukedeck claims that over 100 000 tracks have been recorded in 85 countries and it’s music has featured on clips with over 16 million views on YouTube.

You can try the software right here and right now with this link.

The company is the brainchild of Ed Rex and Patrick Stobbs, two Cambridge students who loved music and machine learning. The startup just launched its first product Jukedeck MAKE at TechCrunch Disrupt in London to solid acclaim and has closed a £2 Million round of funding ($3 Million USD), led by Cambridge Innovation Capital. At the heart of the system is machine learning, the effective use of artificial intelligence to create tailored, original music.

Producing On The Fly

The company has set its sights on the growing world of online video and its a huge market where anyone with a smartphone can produce and upload a broadcast-quality piece of video. YouTube is the industry leader and a 21st Century juggernaut but Facebook, Instagram and every other online site is increasingly moving towards the moving image. “300 hours of video are uploaded to YouTube every minute, a number that’s trebled in the last two years,” they explain. “In addition more TV content and advertisements are being produced than ever before. And all this content needs music.”

The company estimates that the market for music for video is already worth US$2 billion and growing all the time. Of course, music is not only created for video. Think retail, training modules, gaming, all platforms which benefit from the addition of rights-free music.

Music & SaaS Evolution

The unique selling point here is the fact that machine-learning has enabled that music to be original. Music has been evolving into a SaaS business for some time now. The advent of streaming services like Spotify and Apple Music ensure that the storage capabilities of the cloud and the slick delivery of content to users is central to the continued use of the product. As TechCrunch explained in its story on “The SaaSing of the Music industry’, “the streaming services also have to play the SaaS game to ensure subscribers don’t churn and join other streaming services. In many respects, the artists themselves become creative talent for iTunes, Spotify and others, much like engineers and product developers are the rock stars behind other SaaS providers, such as Uber and Airbnb.”

Jukedeck is a logical next step in that evolution and will provide a neat solution for thousands of amateur videographers looking to get better quality content online.

By Jeremy Daniel

DRaaS: Can Make Providers Life Easier

DRaaS: Can Make Providers Life Easier

DRaaS Planning

Earlier in Part 1 this week we’ve touched on “What Is DRaaS?”. Now we will explore this a little further. 

Disaster recovery situations are always high pressure, stressful affairs which require cool heads and excellent planning. What can service providers of DRaaS to do to make life easier for their customers and to plan ahead for any eventuality which might occur?

Let’s explore a few ideas in Part 2 of our analysis of the Disaster Recovery Software industry.

Firstly, it is a proven fact that the more you test your disaster recovery plan, the more likely it is to work when you need it to. So, allow us to test our disaster recovery whenever we want and stop charging us for it. The main reasons for not testing disaster recovery are the costs involved and the lack of time to run proper tests. By making the test free, you immediately eliminates one of the barriers. We could take that one step further. Let the cloud service provider offer to run the disaster recovery tests for the client and report back the results for a fee. Here’s a good article on the overall benefits of DRaaS.

Mission Critical


DRaaS providers have copies of our servers already, so why not leverage those copies for making off-site backups? Many companies are required to maintain off-site backup copies of their data. Being able to leverage your DRaaS for these backups would be of great help. Not only would it offload backup services from your network and save you time, but you would eliminate the performance hit your network takes during these backup windows. Now I realize most companies do not have all their servers under a DRaaS contract, usually just the mission critical systems, but these are precisely the systems usually most important to have backup copies off-site for.

Provide us with a means to access the applications at the disaster recovery site in an effective and productive manner. As companies move to SaaS-based application delivery, the problem of application access during a disaster is eliminated. SaaS application are accessed via a browser easily from any computer. Not all applications are offered via SaaS or have been implemented with a browser front-end. For those applications not accessed via SaaS, a “thin client solution’’ is required to access these applications during a disaster. For companies not already using a thin client solution to deploy applications, having to install one specifically for disaster recovery is an expensive proposition.


What if the DRaaS provider could offer thin client services as part of their disaster recovery offering? Better yet, they could only charge for the thin client infrastructure and licensing when you declare a disaster. That would really add value to the solution.

Failover And DRaaS

Finally, the most important addition that could be made to a DraaS is the ability to provide near instant server failover for a production server. How many times has a server failed or become corrupted during business hours, causing an outage that could have been avoided. With the size of today’s servers and growing quantities of data, it is not improbable for a single server restore to take 8 or more hours. During the restore process the server and applications it serves are unavailable. Imagine if that failed server was part of your disaster recovery plan and you could instantly fail-over to the corresponding server at the disaster recovery location. Granted, performance may be impacted but at least the server and applications would be available while the production issue is addressed. The DraaS offering could turn into a passive secondary data center solution for the cost of disaster recovery. This would be a tremendous value-add and is possible to deliver with a little extra work by the cloud providers.

As we can see, DraaS is now available to all enterprises regardless of size thanks to the new market of cloud providers. Now, let’s push these providers to take it to the next level and add more value to the offering and solve some real pain points of the IT community.

By Marc Malazia

Principles For Data Protection In The Cloud In 2016

Principles For Data Protection In The Cloud In 2016

Data Protection In The Cloud

2015 ushered in the start of a data economy. As organizations amass more detailed consumer profiles they have begun realizing that data could equal or surpass the value of the products and services they sell, especially in the Internet of Things era with its constant and very personal streams of data. Data breaches such as the Office of Personal Management and toymaker, VTech are indicative of increasing hactivist interest in more personal data and also of the growing value of that data.


At the same time the concept of cloud is changing. In our hyper connected era traditional backend clouds where the bulk of data processing takes place have been superseded by waves of cloud migration that are closer to where the data transaction is occurring. This allows for real-time data exchanges.  Additionally, the lines between SaaS, PaaS and IaaS are becoming blurred with hybrid models such as SaaS built upon PaaS.  With the confluence of a data economy, blurring of cloud models, and far more egregious data breaches I have outlined principles that Information Security Practitioners may want to consider as we move into 2016.

1. Bake standard data security profiles into a cloud brokerage platform that can be applied on as needed consumption basis.  This will more easily allow IT and InfoSec to keep pace with new instantiations by the business across the cloud-extended data center.

2. Place increasing importance on federated identity schemes with individuals having multiple devices across different cloud services.

3. Build a data brokerage to help calculate the value of data.  It’s the most effective way for business users to learn the value of the data they create, collect or handle.

Protect data according to the following domains:


Data Classification

  • State data classification in business consumable terms if you want business users to own up to protecting data according to its business risk.
  • Leverage machine learning for dynamic data classification as data changes value over the course of its lifecycle.

Data Ownership

  • Where possible digitally tag or watermark data that is transacted, stored or processed with a cloud provider.  This minimizes confusion around data ownership and entitlement rights.

Data Protection and Lifecycle Management

  • Ensure policy management extends to access management at the various admin layers for the cloud provider as well as for the elements of the cloud stack you as an organization have control over.
  • Enable data owners to specify what actions users can take– read, write, copy, modify.
  • Ensure that data lifecycle management – creation, modification, retention, destruction is built into your policies.
  • Set encryption settings – key strength and key management parameters based on data sensitivity.
  • Continuously log all actions based on the context of who, what when and where.

By Evelyn de Souza

CloudTweaks Comics
Update: Timeline of the Massive DDoS DYN Attacks

Update: Timeline of the Massive DDoS DYN Attacks

DYN DDOS Timeline This morning at 7am ET a DDoS attack was launched at Dyn (the site is still down at the minute), an Internet infrastructure company whose headquarters are in New Hampshire. So far the attack has come in 2 waves, the first at 11.10 UTC and the second at around 16.00 UTC. So…

Cloud Infographic: Security And DDoS

Cloud Infographic: Security And DDoS

Security, Security, Security!! Get use to it as we’ll be hearing more and more of this in the coming years. Collaborative security efforts from around the world must start as sometimes it feels there is a sense of Fait Accompli, that it’s simply too late to feel safe in this digital age. We may not…

A New CCTV Nightmare: Botnets And DDoS attacks

A New CCTV Nightmare: Botnets And DDoS attacks

Botnets and DDoS Attacks There’s just so much that seems as though it could go wrong with closed-circuit television cameras, a.k.a. video surveillance. With an ever-increasing number of digital eyes on the average person at all times, people can hardly be blamed for feeling like they’re one misfortune away from joining the ranks of Don’t…

The DDoS That Came Through IoT: A New Era For Cyber Crime

The DDoS That Came Through IoT: A New Era For Cyber Crime

A New Era for Cyber Crime Last September, the website of a well-known security journalist was hit by a massive DDoS attack. The site’s host stated it was the largest attack of that type they had ever seen. Rather than originating at an identifiable location, the attack seemed to come from everywhere, and it seemed…

The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole. In 1983, the first commercially handheld mobile phone debuted and provided workers with an unprecedented amount of availability, leading to more productivity and profits. More recently, the Cloud has taken…

Four Keys For Telecoms Competing In A Digital World

Four Keys For Telecoms Competing In A Digital World

Competing in a Digital World Telecoms, otherwise largely known as Communications Service Providers (CSPs), have traditionally made the lion’s share of their revenue from providing pipes and infrastructure. Now CSPs face increased competition, not so much from each other, but with digital service providers (DSPs) like Netflix, Google, Amazon, Facebook, and Apple, all of whom…

Security: Avoiding A Hatton Garden-Style Data Center Heist

Security: Avoiding A Hatton Garden-Style Data Center Heist

Data Center Protection In April 2015, one of the world’s biggest jewelry heists occurred at the Hatton Garden Safe Deposit Company in London. Posing as workmen, the criminals entered the building through a lift shaft and cut through a 50cm-thick concrete wall with an industrial power drill. Once inside, the criminals had free and unlimited…

How The CFAA Ruling Affects Individuals And Password-Sharing

How The CFAA Ruling Affects Individuals And Password-Sharing

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

Cloud Services Providers – Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…


Sponsored Partners