Look closer to home for the biggest cloud security issue, SME execs told

Picture credit: iStockPhoto

The biggest threat to cloud security among IT is the company’s employees unintentionally exposing data, according to the latest research figures from CloudEntr.

The study, which took 438 survey responses from industries including financial and manufacturing, found three quarters (75%) of smaller businesses are most worried about their workforce when it comes to securing data in the cloud. Larger IT firms were more concerned about hackers using employee credentials to get their hands on data.

Not surprisingly, regulated institutions were more concerned about cloud compliance than non-regulated, but 75% also said their biggest tool in becoming more secure was employee education.

It’s not just employee education, but shadow IT which continues to be a problem. 29% of those polled said they had no plans to use the cloud in their organisations, but of that number, nearly half of IT pros said they knew of employees who were using it.

The vast majority (89%) of IT pros questioned said they were concerned with cloud security, and security (63%) was more important than convenience in a cloud solution.

There have been various vulnerabilities and outages in recent days, from Docker’s vulnerability recorded earlier this week, to Microsoft Azure’s downtime from a bug which slipped the testing process. Dejan Lukan, writing for CloudTech earlier this week, noted data breaches and data loss as some of the most serious threats to organisations, as well as a lack of understanding.

“Enterprises are adopting cloud services in everyday operations, but it’s often the case they don’t really understand what they are getting into,” he wrote.

“When moving to the cloud there are different aspects we need to address. If the [cloud service provider] doesn’t provide additional backup of the data, but the customer expects it, who will be responsible when the hard drive fails? The customer will blame the CSP, but in reality it’s the customer’s fault, since they didn’t familiarise themselves enough with the cloud service operations.”

The IT pros surveyed by CloudEntr are making it their prerogative to change this. 89% of respondents who have been impacted by security breaches say they planned primarily to educate their employees in the next year.

What do you make of this data? Are you worried about what your workforce is doing in the cloud?

Related Stories
  • » Salesforce customers: Learn from Code Spaces’ swift demise
  • » More than three quarters of workloads will be through cloud data centres by 2018
  • » Data centres: To buy or not to buy – that is the question
  • » Why growing cloud commoditisation still won’t rain on the data centre’s parade
  • » 7 reasons why cloud governance is a challenge: Should we eradicate shadow IT?

Leave a comment

log in

Alternatively

This will only be used to quickly provide signup information and will not
allow us to post to your account or appear on your timeline.

Article source: http://www.cloudcomputing-news.net/news/2014/nov/27/look-closer-home-biggest-cloud-security-issue-sme-execs-told/

Cloud computing firm 8K Miles buys US-based SERJ Solutions for Rs 16 crore

()

Vol: shares traded

()

Vol: shares traded

Article source: http://economictimes.indiatimes.com/tech/internet/cloud-computing-firm-8k-miles-buys-us-based-serj-solutions-for-rs-16-crore/articleshow/45299362.cms

Docker vulnerability exposed, users urged to upgrade for cloud security

Picture credit: iStockPhoto

Docker, the Linux container for run-anywhere apps, has a major vulnerability in all but the latest version of its software which can enable malicious code to extract hosted files.

The vuln, described as ‘critical’ in severity, was first spotted by Red Hat’s security researcher Florian Weimer and independent researcher Taunis Tiigi, with Docker crediting them in a security advisory.

“The Docker engine, up to and including version 1.3.1, was vulnerable to extracting files to arbitrary paths on the host during ‘Docker pull’ and ‘Docker load’ operations,” it reads. “This was caused by symlink and hardlink traversals present in Docker’s image extraction.

“This vulnerability could be leveraged to perform remote code execution and privilege escalation,” it added.

The advisory document noted there was no cure for this issue, and urged users to upgrade to the latest iteration.

This wasn’t the only bug in the system either. An issue which affects versions 1.3.0 and 1.3.1 allows a malicious image creator to modify the default run profile of containers – yet this has been fixed with the current version.

The problem arises when taking into account the vast majority of major cloud computing providers have partnered up with Docker in order to package sleek, secure applications on its platform. Microsoft announced its deal in October, with Google, Amazon Web Services and Rackspace also on board.

It’s easy to see why these vendors are buddying up; as Docker leverages the host’s operating system, there are no overheads or difficulties in spinning up virtual machines when shipping an application in its container. But like a lot of nascent products that are hitting the zeitgeist, it’s best to not get carried away on an untested system when security scare stories are just around the corner.

Users are urged to upgrade to version 1.3.2 as soon as they can, which they can find here.

Related Stories
  • » Look closer to home for the biggest cloud security issue, SME execs told
  • » Four key ways to overcome security concerns in the cloud
  • » Salesforce customers: Learn from Code Spaces’ swift demise
  • » The top cloud computing threats and vulnerabilities in an enterprise environment

Leave a comment

log in

Alternatively

This will only be used to quickly provide signup information and will not
allow us to post to your account or appear on your timeline.

Article source: http://www.cloudcomputing-news.net/news/2014/nov/27/docker-vulnerability-exposed-users-urged-upgrade-cloud-security/

How will cloud computing impact your job? Find out



Checking expectations and hypotheses in real time, Campbell said, takes hours, instead of months and years in the legacy world.

Checking expectations and hypotheses in real time, Campbell said, “takes hours, instead of months and years in the legacy world.”

By Quentin Hardy

Technology has been accused of making many a job disappear, on the production line or in the accounting office. And it is not done yet.

A company often resembles its communication and technology system. In the era of cloud computing that the tech industry is moving into, that seems to suggest that companies will have smaller departments, quickly analyzing data and endlessly experimenting.

That means change is on the horizon at the many companies that will adopt cloud computing over the next few years. Middle managers: This is not good news for you.

“Technology shapes styles of work,” said Ed Lazowska, who holds a chair in computer science and engineering at the University of Washington. “One critical advantage of the cloud is that sharing becomes dramatically easier.” He foresees more collaboration and outsourcing of work, and more specialization into whatever a worker, team or company does well.

A corporate organizational chart from 100 years ago looks like a factory, with little workers at the base like parts, assembled by managers into units that interact with or fit into larger parts.

Layers of white-collar jobs died in the “corporate re-engineering” boom 20 years ago, after email and networking replaced middle managers carrying plans among departments.

Outsourcing and offshoring happened once the dot-com bubble put lots of fiber-optic cable under the ocean. Otherwise, you couldn’t have so many call centers in India or manage a global supply chain.

In cloud computing, computer servers are pooled through management software. Power is dialed up or down depending on the workload, and the system is continually reconfigured, based on data about the next workload. To see how this changes a workplace, look at the structure of the biggest cloud companies around.

Have something to say? Post your comment

Comments are moderated and will be allowed if they are about the topic and not abusive.

Characters remaining (1500)

To post this comment you must

Log In/Connect with:

Indiatimes Network

Fill in your details:

Will be displayed

Will not be displayed

Will be displayed


Share this Comment:


Please answer this simple math question.
Have something to say? Post your comment

Comments are moderated and will be allowed if they are about the topic and not abusive.

Characters remaining (1500)

To post this comment you must

Log In/Connect with:

Indiatimes Network

Fill in your details:

Will be displayed

Will not be displayed

Will be displayed


Share this Comment:


Please answer this simple math question.

Article source: http://economictimes.indiatimes.com/magazines/panache/how-will-cloud-computing-impact-your-job-find-out/articleshow/45258709.cms

Computerworld’s 2015 Forecast Predicts Security, Cloud Computing And …

IT spending for security technologies will increase 46% in 2015, with cloud computing increasing 42% and business analytics investments up 38%.Enterprise investments in storage will increase 36%, and for wireless mobile, 35%.

Cloud computing initiatives are the most important project for the majority of IT departments today (16%) and are expected to cause the most disruption in the future. IDG predicts the majority of cloud computing’s disruption will be focused on improving service and generating new revenue streams.

These and other key take-aways are from recent IDG Enterprise research titled Computerworld Forecast Study 2015. The goal of the study was to determine IT priorities for 2015 in areas such as spending, staffing and technology. Computerworld spoke with 194 respondents, 55% of which are from the executive IT roles. 19% from mid-level IT, 16% in IT professional roles and 7% in business managementYou can find the results and methodology of the study here.

Additional key take-aways from the study include:

  • Enterprises are predicting they will increase their spending on security technologies by 46%, cloud computing by 42% with the greatest growth in enterprises with over 1,000 employees (52%), 38% in business analytics, 36% for storage solutions and 35% for wireless mobile.  The following graphic provides an overview of the top five tech spending increases in 2015:

top five tech increases

 

  • 43% of IT executives predict IT budgets will increase in 2015, with 45% saying they will stay the same and just 12% reporting they will decrease.  The average IT budget will increase by 4.3% in 2015.  The following graphic provides an overview of the study’s findings pertaining to budget:

budget findings

  • Top new areas of IT spending in 2015 include the Internet of Things (IoT) (32%), High Performance Computing (HPC) (22%), and energy-saving carbon-reducing technologies (16%).

new areas IT spending

  • In 2015 IT will take on an increasingly important role growing revenue, profitability, enhancing competitiveness and getting to know customers. Of these, growing revenue is predicted to be where IT senior management leads line-of-business leaders.  The following graphic provides a comparison of the business priorities for the IT department in the next 12 months:

IT Driving more value

 

  • Business analytics is most relied on for the insights gained in generating new revenue streams and increasing sales within existing channels. The study found the following intersection of the most important technology projects versus primary business goals. Maintaining and improving expected service levels emerges as the single most important overall objective from the study.

top goals

  • Cloud computing initiatives are the single most important initiative today in 16% of the IT departments surveyed, followed by legacy systems modernization and replacement (12%) and software on-premises (9%).  The following graphic shows what the single most important technology projects are that IT departments are working on right now.

cloud projects more important to IT

 

  • 41% of enterprises are using Mobile Device Management (MDM) split between enterprises (54%) and small medium businesses (31%).  The following graphic provides an analysis of MDM adoption and which applications are being used:

MDM Access

Please click on the “following” button to get every new blog post as soon as its goes live.

Article source: http://www.forbes.com/sites/louiscolumbus/2014/11/26/computerworlds-2015-forecast-predicts-security-cloud-computing-and-analytics-will-lead-it-spending/

Cloud Professional Services Market’s Worth Could Triple by 2019

‘)})()
//–



A new study predicted that the cloud professional services market’s worth will increase at a 27.2 percent CAGR from $10.33 billion in 2014 to $34.41 billion in 2019. Here are the full details.

A new study believes the cloud professional services market’s worth will increase at a 27.2 percent compound annual growth rate from $10.33 billion in 2014 to $34.41 billion in 2019.

Where is the cloud professional services market heading? A new study suggests channel partners leveraging these services have little to worry about — at least until after 2019.

Market research firm MarketsandMarkets recently predicted that the cloud professional services market’s worth will increase at a 27.2 percent compound annual growth rate (CAGR) from $10.33 billion in 2014 to $34.41 billion in 2019. But that doesn’t mean this space is fully in the clear. The firm said data security and data storage concerns could stifle this market’s growth.

PerspecSys: Security Pros Say Cloud More Difficult to Secure

Office 365 Partner Focuses On Professional Services Revenue

“MarketsandMarkets believes that the data security concerns associated with consumers regarding their critical data storage in the cloud and technological constraints giving rise to network and application performance issues are the major constraints in the cloud professional services market,” MarketsandMarkets said in a prepared statement. “These challenges carry significant potential of hampering the adoption rate of cloud professional services and solutions by numerous small and medium-sized businesses (SMBs) across a wide range of verticals.”

The market research firm also said it expects North America to be the biggest cloud professional services market in terms of revenue.

Will the cloud professional services market landscape evolve?

A recent International Data Corp (IDC) analysis of worldwide cloud professional services vendors revealed numerous cloud services providers (CSPs) could separate themselves from the pack over the next few years.

Here’s a closer look at some of the cloud professional services vendors that soon could become leaders in the cloud professional services market:

  • Accenture — IDC noted Accenture recently topped $1.5 billion in revenue and continues to invest heavily in the cloud, which could help it become a major player in the cloud professional services space.
  • Capgemini — “Capgemini continues to be a pioneer in helping exploit cloud benefits for its customers and views cloud as a fundamental design principle that underpins the majority of its solutions,” IDC wrote in its analysis.
  • Cisco Systems — Cisco Systems is helping customers “plan, build and manage” their professional cloud services, IDC said, and frequently provides its customers with technicial insights that they can use to leverage the cloud.

IDC noted vendor selection is key for cloud professional services buyers and understanding “the nuances of alternative pricing schemes for cloud professional services” could help these buyers find the right vendor to support their respective organizations.

Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at [email protected]

Upcoming Webcasts

December 4: Special Report: MSP Profit Watch: Looking back at 2014 – the challenges and opportunities for MSPs

December 10: Transitioning Your Business to the Cloud: Top 5 Questions

December 18: MAXfocus Webinar – How to become the Perpetually Valuable MSP!









Featured Authors
ConnectWise, StorageCraft Release Integration Module for MSPs
SafeNet ProtectV Enables Encryption-as-a-Service for Service Providers
Cloud Professional Services Market’s Worth Could Triple by 2019
Abstraction Layers Simplify Hybrid Cloud Computing



Guest Bloggers

  • AppRiver Guest Blog

  • Easy Office Phone Guest Blog

  • Ingram Micro Guest Blog

  • Nuvotera Guest Blog

  • Riverbed Technology Guest Blog

  • VMware Guest Blog


PISCES


MSP Mentor

Visit mspmentor.net




 


 





Sponsored Introduction Continue on to (or wait seconds) ×

Article source: http://talkincloud.com/cloud-computing-research/11262014/cloud-professional-services-markets-worth-could-triple-2019

Cloud computing and privacy series: the data protection legal framework (part …

In this second article of our cloud computing and privacy series (see our first article here), we consider the general data protection legal framework that applies to cloud computing in certain key Member States(1).

It clearly results from our cross-jurisdictional analysis of key Member States that the issues of privacy and data protection are of paramount importance when considering cloud computing. This is logical as the provision of IT services over the Internet leads in many instances to the processing of personal data. This poses recurrent issues relating to the applicable law, the determination of the controller and the processor and their corresponding roles, cloud services contracts put in place, and the international transfer of data.

Without aiming to reiterate the legal analysis provided in many academic and learned studies and articles, the following sections examine whether EU and national authorities provide specific guidance or decisions on the subject of cloud computing and privacy.

Guidance on cloud computing and data protection provided by public authorities

EU guidance

The ‘Article 29 Working Party’ (the “Working Party”) has issued numerous opinions on different aspects, many of which are relevant to cloud computing.

Among such opinions issued by the Working Party, the following are particularly relevant:

  • Opinion 05/2014 on anonymisation techniques onto the web(2) (discussed in our upcoming fourth article);
  • Opinion 03/2014 on personal data breach notification(3) (discussed in our upcoming fifth article);
  • Opinion 03/2013 on purpose limitation(4);
  • Opinion 15/2011 on consent(5);
  • Opinion 8/2010 on applicable law(6); and
  • Opinion 4/2007 on the concept of personal data(7).  

More importantly, the Working Party published an opinion dedicated to cloud computing(8). Opinion 05/2012 on Cloud Computing (link), adopted on 1 July 2012, analyses all relevant issues for cloud computing service providers (“CSP”) operating in the European Economic Area (EEA), and their clients, specifying all applicable principles from the EU Data Protection Directive (95/46/EC) and the ePrivacy Directive 2002/58/EC (as revised by Directive 2009/136/EC) where relevant(9).

National guidance

In addition to the EU general and specific guidance applicable to cloud computing, the question arises as to whether national data protection authorities have adopted specific guidance on the applicability of their local data protection legislation to cloud computing.

Most local data protection authorities (“DPA”) have issued data protection guidance dedicated to cloud computing. Only a very few DPA have not issued cloud-specific data protection guidance, including Belgium, Denmark (there are however cloud–specific decisions of the Danish DPA, see below), Finland and Poland.

Also, those countries that have issued general guidance on cloud computing (see our first article here) all cover data protection aspects (e.g., Belgium and Denmark). Moreover, the absence of dedicated guidance on data protection in a cloud environment does not mean that other guidance published by local DPA’s in such countries on more general topics does not apply to cloud computing, in just the same way that the data protection guidance at the EU level is also relevant to cloud computing. Several other countries provide tailored guidance by local authorities on privacy and data protection in a cloud environment.

In general, this national guidance does not provide divergent views from the ones set out in the aforementioned Working Party Opinion 05/2012 on cloud computing.

For instance, in the Czech Republic the Czech Data Protection Office issued on 7 August 2013 its official position on the Protection of Personal Data within Cloud Computing Services (link). Such document, which almost entirely corresponds to the Working Party Opinion 05/2012, includes (i) definitions of the terms “Cloud Computing”, “IaaS”, “SaaS”, “PaaS”, “Public cloud”, “Private cloud” and “Hybrid cloud”, (ii) definitions of the data controller and the data processor, (iii) explanation on how the adequacy of the level of protection is assessed, (iv) rules regarding the transfer of personal data outside Czech Republic, and (v) explanation of Standard Contractual Clauses and Binding Corporate rules.

In Spain, the Spanish DPA has also provided guidance in 2013 on privacy and cloud computing with two specific guides: the “guide for clients using Cloud computer services”(link) and the “guide for Cloud service providers” (link).

The major findings of the Spanish Guidelines are summarised as follows:

  • CSP’s shall be considered as data processors;
  • The customer shall be informed of the identification of services and the outsourcing company (including the country in which it develops its services if international data transfers are to take place);
  • The customer can make decisions as a result of the intervention of subcontractors, i.e. it may terminate the agreement or refuse that the sub-contractors are appointed; and
  • The CSP and subcontractors shall enter into a contract that includes guarantees equivalent to those included in the contract with the customer.

In the United Kingdom, the ICO published on 27 September 2012 a set of guidelines for businesses in relation to cloud computing (link). In addition to addressing the application of the rules contained in the Data Protection Act 1998 to the processing of information in the cloud, the ICO guidance runs through the three main types of cloud deployment models (private, community and public) and considers which role will be filled by the customer and provider. As the cloud customer will be making the decisions on the purposes and manner in which the data are processed, it will generally be the data controller and therefore it will be ultimately liable for compliance with the Data Protection Act. However, the precise role of the CSP should be reviewed on a case-by-case basis to determine whether it is processing personal data to such an extent that it could be operating as a data controller in its own right. The ICO guidance then highlights the key areas, which should be considered by organisations looking to move to the cloud, such as (i) the formalisation of the relationship, (ii) the auditing/monitoring the CSP, (iii) the protection of data (with for instance an encryption algorithm), (iv) data retention and deletion, (v) the further processing, and (vi) the use of cloud services from outside the UK (see our more detailed article on the ICO guidance here).  

National case-law relating to cloud computing and data protection

In addition to the guidance of the Working Party and several national data protection authorities across the EU, any judicial and administrative decisions on the matter are also of importance.

Where a particular decision does not specifically concern cloud computing it may still apply to such situation. It is therefore necessary to take into consideration the entire body of case-law available. This is for instance the case at EU level with the Court of Justice of the European Union (the “CJEU”). The CJEU has currently not issued any decision on data protection and cloud computing. It remains that several decisions are worth being taken into account. This is the case for instance for the Lindqvist (case C-101/01), Google Spain (case C-131/12) and Heinz Huber (C-524/06) judgments. In this context, it should be reminded that judgments of the CJEU apply throughout the EU.

The same logic applies in each Member State, where local decisions of the data protection authorities or the administrative and judicial courts may be relevant.

Our in-depth analysis of the current legal situation in key Member States shows that two countries have cloud-specific decisions: Denmark and Spain. 

Case-law in Denmark

Since 2011, the DPA in Denmark (Datatilsynet) has in a few cases dealt with cloud computing from a data protection perspective. In particular, topics relating to the obligations as data controller and data processor, security issues and transfer of personal data to third countries outside the EEA are covered in several decisions related notably to Dropbox, a driver’s license system, Google Apps and Microsoft’s Office 365.

More specifically, the Google Apps case with Odense Municipality is probably the most well-known case brought before the Danish DPA. The Danish DPA rejected Odense Municipality’s application to use the cloud service “Google Apps” to store data in relation to its public schools. Odense Municipality stated that data would be transferred initially to Google Ireland Limited; Google subsequently informed the DPA that it holds all data in numerous data centres worldwide, including in the United States and Europe. Accordingly, data would initially be shared between Denmark and Ireland and then between Ireland and potentially every other country in which Google operates data centres (be it the United States, within the EEA or others). The Danish DPA’s view was that any Google data centres in the United States would be covered by the EU-U.S. Safe Harbour Framework; thus Odense Municipality was permitted to store data there as well as in Ireland. However, the Danish DPA decided it must assume that data would be transferred not only to Ireland and the United States, but also to all the other countries in which Google maintains data centres, including those neither in the EEA nor the United States (and thus not covered by Safe Harbour). It therefore deemed that Odense Municipality would not comply with current legislation because it was not proposing to enter into a contract based on the European Commission’s standard contractual clauses with Google’s individual data centres. Further the Danish DPA found that Odense Municipality had not conducted a sufficient risk evaluation, and that the data processor agreement which was to be entered with Google, did not comply with the legal requirements, most notably because it could be changed unilaterally by Google. 

The other very relevant case from the Danish DPA, the Office 365 case, relates to the IT University of Copenhagen’s request for use of Office 365 as e-mail solution for the University’s students and employees. The Danish DPA restated the same arguments as in the Odense Municipality case but since Microsoft was more open to enter into a contract based on the European Commission’s standard contractual clauses, the outcome was different. Even though the Danish DPA’s decision in the Office 365 case is not a seal of approval for cloud computing in the public sector, it shows a path when using cloud computing in the public sector.

Case-law in Spain

In Spain, the Supreme Court was compelled to examine several issues relating to claims against the Spanish Data Protection Regulation (the “Royal Decree 1720/2007″ of 21 December 2007).

In its ruling of 15 July 2010, the Spanish Supreme Court dismissed the claimant’s challenge as it considered that the data processor’s duty to inform the data controller of its identifying data before proceeding with the subcontracting is applicable. Furthermore, it considered that the subcontractor must not only be identified, but that said identity of the subcontractor must also be notified to the client. The reason for this need to notify is that CSP’s are considered to be data processors and the client is considered the data controller.

Moreover, the Spanish Supreme Court established that if third party processors are involved in the provision of cloud services, additional aspects must be guaranteed:

  • The customer shall be informed of the identification of the outsourcing company (including the country where it develops its services if international data transfers are to take place);
  • The customer can make decisions as a result of the intervention of subcontractors, i.e. it may terminate the agreement or refuse that sub-contractors are appointed;
  • The CSP and subcontractors shall enter into a contract that includes guarantees equivalent to those included in the contract with the customer (back-to-back agreements).

The Spanish DPA has also applied the above criteria in other resolutions such as that regarding a Microsoft Office 365 cloud solution data transfer (9 May 2014), where it considered that the company fulfils the aforementioned requirements (link).

Case-law in the United States

One of the areas of key concern for cloud vendors and customers currently is the interplay between EU data protection rules and laws in other countries which seemingly conflict, particularly in respect of government or court ordered access to information about individuals held on servers in the EU. Given the US origin of many of the largest cloud vendors, the size of the US market and revelations about NSA surveillance and information gathering, the position in the US continues to be watched closely.

The highest profile case is the Microsoft Warrants case, where on 31 July 2014, Chief US District Judge Loretta Preska ruled against Microsoft’s appeal against a warrant to disclose emails and other records in a particular MSN email account(10). Judge Preska ruled that the location of the data (in Dublin) was not relevant because Microsoft still “controlled it” and was therefore liable to provide it under warrant pursuant to the US Stored Communications Act. Microsoft decided not to comply with the order, voluntarily putting itself in contempt, and is continuing to seek ways to appeal the decision.

Apple, Cisco, Verizon and ATT all filed Amicus briefs in support of Microsoft’s appeal on the basis that finding in favour of the US Government would conflict directly with EU data protection laws. Viviane Reding, former EU Justice Commissioner, has said that “the extraterritorial application of foreign laws (and orders to companies based thereon) may be in breach of international law and may impede the attainment of the protection of individuals guaranteed in the [European] Union“.

The case will continue but what is certain for now is that the lack of clarity and the potential conflicts of laws present real challenges for US cloud vendors and their customers or potential customers.

The information given in this document concerning technical, legal or professional subject matter is for guidance only and does not constitute legal or professional advice.

This series of articles has been made possible thanks to the CoCo Cloud project (www.coco-cloud.eu) funded under the European Union’s Seventh Framework Programme, and of which Bird Bird LLP is a partner. Said project aims to establish a platform allowing cloud users to securely and privately share their data in the cloud.

Article source: http://www.lexology.com/library/detail.aspx?g=f9ce8487-50b2-4676-9ef5-2df6405540d3

Abstraction Layers Simplify Hybrid Cloud Computing

‘)})()
//–



Where experts and professionals share insights and inspirations to grow business and build careers

Nov 26, 2014

Solution providers are going to be regularly dealing with hybrid cloud computing environments that typically expose different APIs that need to be mastered. In order to assist with cloud integration, CloudRail has launched CloudRail for Cloud Storage Services for solution providers. Here are the details.

(Photo by Sean Gallup/Getty Images)

Almost by definition solution providers are going to be regularly dealing with hybrid cloud computing environments that typically expose different application programing interfaces (APIs) that need to be mastered. In fact, a recent study from CompTIA suggests that customers are already moving workloads not only in an out of clouds, but also between them at a fairly rapid rate.

To facilitate that process, many solution providers already rely on open source software such as the Dasein Cloud project to create an abstraction layer written in Java that enables developers to write applications that work on multiple clouds using a common layer of metadata.

7 Cloud Must-Reads of the Week, Nov. 22

IBM Launches Private Bluemix Service: New Management Opportunity Arises

Now there is also another option that solution providers can add to their cloud integration toolbox. CloudRail has launched CloudRail for Cloud Storage Services, which allows solution providers to build applications capable of invoking multiple backend cloud services via a common API.

CloudRail CEO Felix Kollmar said what distinguishes CloudRail is that the translation of various cloud APIs takes place on the endpoint rather than in the cloud itself. This results in reduced latency and better overall performance than relying on open source software running in the cloud because each client has a peer-to-peer connection with any given cloud, said Kollmar.

Currently providing support for Dropbox, Google Drive, and Microsoft OneDrive, Kollmar said CloudRail for Cloud Storage is clearly extensible to other platforms. In fact, one of the benefits that CloudRail provides is that it keeps track of all the updates to various cloud APIs, as opposed to waiting for an open source community to update a particular community project.

The issue that most solution providers are currently wrestling with in the cloud is that each different customer has their preferred one. In addition, it’s more than likely that customers will soon be asking solution providers to create applications that invoke multiple backend cloud services. The end result is that solution providers supporting multiple customers have to master an array of APIs. By relying on higher levels of abstractions solution providers can take that complexity issue off the table all together.

There’s no doubt at this point that cloud computing is going to be hybrid affair for the foreseeable future. The challenge facing solution providers in the years ahead will be figuring ways to navigate new and existing clouds as quickly as possible. After all, what’s currently the most popular cloud environments today may not necessarily be the same tomorrow.

Upcoming Webcasts

December 4: Special Report: MSP Profit Watch: Looking back at 2014 – the challenges and opportunities for MSPs

December 10: Transitioning Your Business to the Cloud: Top 5 Questions

December 18: MAXfocus Webinar – How to become the Perpetually Valuable MSP!









Featured Authors
ConnectWise, StorageCraft Release Integration Module for MSPs
SafeNet ProtectV Enables Encryption-as-a-Service for Service Providers
Cloud Professional Services Market’s Worth Could Triple by 2019
Abstraction Layers Simplify Hybrid Cloud Computing



Guest Bloggers

  • AppRiver Guest Blog

  • Easy Office Phone Guest Blog

  • Ingram Micro Guest Blog

  • Nuvotera Guest Blog

  • Riverbed Technology Guest Blog

  • VMware Guest Blog


PISCES


MSP Mentor

Visit mspmentor.net




 


 





Sponsored Introduction Continue on to (or wait seconds) ×

Article source: http://talkincloud.com/cloud-computing/11262014/abstraction-layers-simplify-hybrid-cloud-computing

Why more organisations than you think have failed or stalled their cloud …

Picture credit: iStockPhoto

Nearly half of organisations polled in a recent survey admitted they had failed or stalled their cloud hosting implementations, with a further half claiming they had to alter their budget and a whopping 70% force to make changes to their design.

These are the latest figures from a study of 358 respondents conducted by INetU and THINKStrategies entitled “The Adventures of Moving to the Cloud”, which aims to show CIOs and business managers it’s not a “walk in the park” to migrate over.

Only 27% of respondents said they were “extremely satisfied” by their experience with a cloud vendor, according to a post from THINKStrategies’ Jeff Kaplan on Datamation.

“While I’ve always been a tireless advocate for the fundamental advantages of cloud-based alternatives to traditional on-premise systems and software, I’m also a realist who believes our survey findings show that there are still plenty of potential pitfalls associated with migrating important business applications and processes to the cloud,” he noted.

Security remains the toughest hurdle to clear with regards to cloud implementation according to the survey respondents, with 27% citing it as the most difficult. This compares with compliance (20%), capacity planning (13%), monitoring (9%), provisioning (4%) and billing (4%).

Similarly, billing was the easiest function according to those polled (50%), ahead of provisioning (34%), monitoring (30%), compliance (27%), security (22%) and capacity planning (21%).

A recent seminar at the Public Sector Enterprise ICT conference in London found four key ways to overcome security in the cloud: build your knowledge up, be a smart buyer, bust the ‘in-house is best’ myth, and prioritise the quick wins.

Yet there was one piece of good news which came from the survey data: 96% of respondents who said they were extremely satisfied with their solution were managed by their cloud hosting provider.

You can find out more here. What do you make of the results?

Related Stories
  • » Data centres: To buy or not to buy – that is the question
  • » How Carlsberg is deploying Office 365 to move its operations to the cloud
  • » Salesforce opens first UK data centre, more European expansion planned
  • » What to move to the cloud: A more mature model for SMEs
  • » Hidden costs and locations: Solving the mystery of cloud solutions for businesses

Leave a comment

log in

Alternatively

This will only be used to quickly provide signup information and will not
allow us to post to your account or appear on your timeline.

Article source: http://www.cloudcomputing-news.net/news/2014/nov/25/why-more-organisations-you-think-have-failed-or-stalled-their-cloud-migrations/

Building on-ramp to cloud computing

Rice Univ. is preparing to offer its researchers who deal in “big data” the opportunity to compute in the cloud with fewer barriers.

Rice is installing the Big Research Data Cloud (BiRD Cloud), which will allow for cloud bursting. That means data-intensive tasks can spill over into outside cloud-computing systems when necessary, essentially providing unlimited computing capacity.

Big data refers to collections of information too large for anything but a supercomputer to process. Scientists who construct computer models of genomes, weather patterns, astrophysics and biological systems—to name just a few examples—rely on processing power to get their results quickly.

“(BiRD Cloud) will be a great resource for fitting statistical and machine-learning models to big data with massive numbers of variables,” said neuroscientist Genevera Allen, Rice’s Dobelman Family Junior Chair of Statistics and an assistant professor of statistics and electrical and computer engineering. In one of her projects, Allen is developing statistical tools to make the best use of the wealth of cancer data collected by hospitals. “Such tasks require large amounts of computer memory and typically run on single nodes.”

Rather than one node, or access point, BiRD Cloud will incorporate 88 Hewlett-Packard SL230 nodes, each a computer on a card with two Intel eight-core Ivy Bridge processors. The nodes will be interconnected via 10-gigabit Ethernet. With a total of 1,408 computational cores, the system’s peak computing power will be 29.3 teraflops.

Rice and the National Science Foundation’s Major Research Instrumentation Program funded the system, which officials expect to be available to all Rice researchers by April 2015. Rice’s Ken Kennedy Institute for Information Technology and the Research Computing Support Group, in collaboration with the Office of the Vice Provost for Information Technology, will administer BiRD Cloud.

The university’s science, engineering, bioinformatics and educational technology researchers already use a large amount of computing power for their multidisciplinary projects, and their needs are growing, said project leader Moshe Vardi.

“BiRD Cloud will serve as our ‘on-ramp’ to external cloud infrastructures, thus enabling cloud bursting,” said Vardi, Rice’s Karen Ostrum George Professor in Computational Engineering and director of the Ken Kennedy Institute. “Rice’s stake in the cloud is one small step when compared with the benefits it will realize from this capital investment.”

Vardi said BiRD Cloud enables the university to experiment with operating a local cloud infrastructure as well as take seamless advantage of commercial providers. Cloud bursting occurs when an application exceeds local computing capacity and is allowed to “burst”—with the user’s permission—so that it can share the load with remote servers.

“Research will no longer be confined to the size of Rice’s shared computing infrastructure,” said Jan Odegard, executive director of the Ken Kennedy Institute. “Instead, BiRD Cloud will supply access to boundless computing resources from commercial providers like Google and Amazon, and access to such national resources as XSEDE’s cloud resources.”

The collaborative effort and expertise of more than 30 Rice faculty members contributed to the creation of BiRD Cloud, including the project’s co-principal investigators: Allen; Stephen Bradshaw, an assistant professor of physics and astronomy and the William V. Vietti Junior Chair of Space Physics; Lydia Kavraki, the Noah Harding Professor of Computer Science and a professor of bioengineering; and Ashok Veeraraghavan, an assistant professor of electrical and computer engineering and of computer science.

BiRD Cloud will support the campus user community while helping Rice’s IT professionals learn to support on-premise cloud computing and develop an understanding of how it can become part of an expansive, powerful and sustainable computing resource pool, said Kamran Khan, vice provost for information technology at Rice. “Our IT department has always been innovative in its efforts to provide the best solutions and applications to meet the varied needs of its user community,” Khan said. BiRD Cloud “will bolster our current and future research cloud and big-data strategy and hybrid initiatives at Rice.”

As a single system, BiRD Cloud will by no means be the largest computing system at Rice, but it will significantly accelerate research with the use of HP Helion, a portfolio of cloud products and services that enable organizations to manage workloads in hybrid IT environments, Odegard said.

He expects the higher bandwidth between BiRD Cloud and users’ desktops will enhance code development and interactive data analysis using such tools such as Matlab, R and Hadoop, popular software packages often used to analyze massive amounts of data. BiRD Cloud will be expandable, he said, and will leverage Rice’s condominium computing platform by offering researchers the option to buy additional computational resources.

More broadly, he said, BiRD Cloud will enhance the training of hundreds of undergraduate and graduate students and postdoctoral researchers in science and engineering, making a significant and direct impact on the educational experience offered by Rice. Administrators expect to work with a select group of users early next year to help Rice optimize BiRD Cloud’s potential.

Source: Rice Univ.

Article source: http://www.rdmag.com/news/2014/11/building-ramp-cloud-computing