RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

Business Versus Technical Cloud Service Brokers And Why It Matters

Cloud Service Brokers

Gartner predictsBy 2015, at least 20% of all cloud services will be consumed via internal or external cloud service brokerages, rather than directly, up from less than 5% today.” Thus, it is important to understand what a cloud broker is and what they do; however, before we can do that, we need to clear up some confusion between different definitions and implementations of cloud brokers.

The term “cloud broker” was defined by NIST in Special Publication 500-292, the NIST Cloud Computing Reference Architecture, as “An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between Cloud Providers and Cloud Consumers.” The use of the word “entity” makes it ambiguous as to whether a broker is a person or a software service; however, most interpreted this “actor” as a person or persons in a business. NIST divides the broker’s services into three categories service intermediation, service aggregation, and service arbitrage. Service intermediation means the broker enhances a vendor’s cloud service and provides that enhanced service to the cloud consumer (in essence, “wrapping” the cloud provider’s service to provide enhanced functionality). Service aggregation is where the broker integrates or combines multiple services into a single new service like in the case of data integration. Service arbitrage is where a broker arbitrates between multiple vendors and the client to select the best provider. NIST cleared up the ambiguity of this definition in a later special publication, 500-299, the NIST Cloud Computing Security Reference Architecture where it clearly differentiated between a “cloud business broker” and a “cloud technical broker”. In this article, we will explore the differences between these two concepts and how both are being leveraged today.

brokerage

A cloud business broker is the traditional definition of a broker, akin to a stockbroker or commodity broker, where an intermediary assists a customer in navigating through a complex environment of many options. A better name for this may be “cloud agent.” An early example of this was the Defense Information Systems Agency (DISA) that was designated as the Department of Defense’ (DoD) cloud broker on June 26, 2013. Another Government example is the Intelligence Community (IC) CIO which is leading other IC agencies to develop and migrate to a community cloud. On the commercial side, there are companies like Cloudsherpas.com that offer cloud business broker services.

A cloud technical broker pertains to a new type of software that sits on top of cloud providers to abstract, simplify and map various cloud offerings to your environment. Cloud broker software assists organizations in creating solutions in the cloud, migrating solutions to the cloud and moving solutions between clouds. Examples of cloud technical broker software are the Gravitant platform, Incadence Strategic Solutions (my company) Axon Cloud Broker, the Compatible One Open Source cloud broker and JamCracker.

These two concepts – business role and software tool – can be effectively combined in the Office of the Chief Information Officer for an organization whereby the CIO uses one to better perform the other. “Gartner Inc. analyst Dru Reeves said CIOs are best positioned to be service brokers because they possess both the technical knowledge and implementation experience to grasp the risks cloud services pose to the business.” Many CIOs in both the Government and Private sector are gladly stepping into this role. Secondly, CIOs can leverage a technical cloud broker to assist their business units in evaluating and selecting cloud providers and help them to migrate their applications to that selected provider. One cloud broker vendor, Gravitant, cites a State of Texas Case study where they successfully tested the Gravitant platform and business units were able to use its procurement workflow tool to select and design the best cloud platforms for their needs. In regards to Application Migration to the cloud, InCadence Strategic Solutions (whom I work for), has migrated its Army customers applications to the cloud using its Axon Cloud broker software.

In this article, we have distinguished between business and technical cloud brokers and shown the value of both. We also examined how smart CIOs are combining these concepts to help their organizations select the best provider and migrate their legacy applications to the cloud.

By Michael C.Daconta,

Michael is the Vice President of Advanced Technology at InCadence Strategic Solutions and the former Metadata Program Manager for the Department of Homeland Security.  His new book is entitled, “The Great Cloud Migration: Your Roadmap to Cloud Computing, Big Data and Linked Data”.  

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

SYNDICATED NEWS SOURCES

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…