Archive for the ‘Knowledge base’ Category
By YE12, more than 30% of interactive videos invoked for collaborative purposes will be satisfied through cloud computing.
By 2013, more than 25% of the content that workers see in a day will be dominated by pictures, video or audio.
A surplus of existing monitors, low prices for new monitors, and easy connectivity will enable more than 60% of knowledge workers to routinely use at least three displays as part of their primary PC work spaces by 2015.
Plan for less than 20% of employees being able to replace a laptop with a tablet through 2012.
By 2020, mobile and web AD will have evolved into multichannel application development.
By 2015, mobile Web technologies will have advanced sufficiently such that half of the applications that in 2011 would be written as native apps will be, instead, delivered as Web apps.
By 2013, mobile phones will overtake PCs as the most common Web access device worldwide.
Fewer than 5% of handsets sold in 2014 will support LTE. 75% of tablets sold in mature markets in 2014 will have a screen size of approximately 10”
Android will remain the top smartphone platform in shipment terms through 2015.
Most CIOs should plan to support at least three mobile platforms by 2012.
By 2013, Microsoft will overtake RIM in smartphone shipments.
(Source: Gartner)
Although it replaced the command with a new operator, (“quotation marks”) Google has admitted that users still aren’t entirely happy. Corin Anderson, Google’s Principle Engineer for Search says “we’ve received a lot of requests for a more deliberate way to tell Google to search using your exact terms. We’ve been listening, and starting today you’ll be able to do just that through verbatim search.”
Verbatim search is a way for users to make all of their searches specific, without the need to enter another command with every query. Once the Verbatim tool is turned on, all searches will be conducted as if each phrase was wrapped with quotation marks.
This means that Google will not apply certain search tweaks to the query, such as; making automatic spelling corrections, personalizing the search, including synonyms of search terms, finding results that match similar terms to those in the query, searching for words with the same stem, and making some terms optional.
To turn the tool on users need to click on the ‘More search tools’ option in the left hand options bar, and select Verbatim. The tool needs to be selected each time Google is opened but will apply to each query in that session once it is selected.
Worldwide Mobile Device and Smartphone Sales to End Users by Vendor & Operating system
Posted on: November 16, 2011
Worldwide Mobile Device Sales to End Users by Vendor in 3Q11 (Thousands of Units)
|
Vendor |
3Q11 Units |
3Q11 Market Share (%) |
3Q10 Units |
3Q10 Market Share (%) |
| Nokia |
105,353.5 |
23.9 |
117,461.0 |
28.2 |
| Samsung |
78,612.2 |
17.8 |
71,671.8 |
17.2 |
| LG Electronics |
21,014.6 |
4.8 |
27,478.7 |
6.6 |
| Apple |
17,295.3 |
3.9 |
13,484.4 |
3.2 |
| ZTE |
14,107.8 |
3.2 |
7,817.2 |
1.9 |
| Research In Motion |
12,701.1 |
2.9 |
12,508.3 |
3.0 |
| HTC |
12,099.9 |
2.7 |
6,494.3 |
1.6 |
| Motorola |
11,182.7 |
2.5 |
8,961.4 |
2.1 |
| Huawei Device |
10,668.2 |
2.4 |
5,478.1 |
1.3 |
| Sony Ericsson |
8,475.9 |
1.9 |
10,346.5 |
2.5 |
| Others |
148,990.9 |
33.8 |
135,384.1 |
32.5 |
| Total |
440,502.2 |
100 |
417,085.7 |
100 |
Source: Gartner (November 2011)
Worldwide Smartphone Sales to End Users by Operating System in 3Q11 (Thousands of Units)
|
Operating System |
3Q11 Units |
3Q11 Market Share (%) |
3Q10 Units |
3Q10 Market Share (%) |
| Android |
60,490.4 |
52.5 |
20,544.0 |
25.3 |
| Symbian |
19,500.1 |
16.9 |
29,480.1 |
36.3 |
| iOS |
17,295.3 |
15.0 |
13,484.4 |
16.6 |
| Research In Motion |
12,701.1 |
11.0 |
12,508.3 |
15.4 |
| Bada |
2,478.5 |
2.2 |
920.6 |
1.1 |
| Microsoft |
1,701.9 |
1.5 |
2,203.9 |
2.7 |
| Others |
1,018.1 |
0.9 |
1,991.3 |
2.5 |
| Total |
115,185.4 |
100 |
81,132.6 |
100 |
Source: Gartner (November 2011)
Can Google+ beat Facebook? That’s the wrong question – CNN.com.
Pete Cashmore is the founder and CEO of Mashable.com.
- The love affair between Microsoft and Nokia that has transpired over the last year has finally born fruit.
- The Lumia 800, Nokia’s first smartphone that runs Windows Phone 7, is set to hit some retail chains in the U.K. on Wednesday.
- Nokia says the Lumia 800 and the Lumia 710, which is the lower-end version, will arrive in other European countries this month and in parts of Asia by the end of the year. They won’t come to the United States until early next year, the company says.
- After testing the Lumia 800 for a week, I have been impressed by some aspects and confused by others. For example, I like the bold hardware design, but I don’t understand why I have to choose between two apps for music, two for downloading more apps and three for maps.
- Microsoft and Nokia seemed well matched when the partnership was formally announced to much fanfare in February. The software giant’s Windows Phone platform is well made but has attracted little attention from phone manufacturers, app developers or customers.
- Nokia builds exquisite hardware, but its existing lineup of smartphones relied on an outmoded operating system called Symbian. The company is still the world’s largest maker of mobile phones by volume, but it has very little presence in the United States or in the minds of early adopters. Nokia sees the Lumia 800 as a chance to change that.
- The phone is quite solidly built. The rounded, unibody exterior, which is topped with a 3.7-inch touchscreen, is attractive and comfortable to hold. The polycarbonate material looks and feels somewhere in between plastic and metal. It is not slippery. The version I have been testing has a dark gray finish, which resembles a granite stone.
Global branded tablet PC shipments in the fourth quarter are not expected to see growth creating concerns among market watchers whether the tablet PC market has already reached saturation, but Digitimes Research senior analyst James Wang believes that the zero-growth in the fourth quarter is the joint effect of Japan’s earthquake on March 11 and the global economic downturn, which should not become an obstacle that restrains the tablet PC market’s growth in the future.
Since the global economy in 2012 will not be as bad as expected; demand for mobile devices is growing steadily; tablet PCs’ performance/price ratio is rising; and Android tablet PC’s hardware and software designs are improving, the four major drivers will help global branded tablet PC shipments reach 95.1 million units with a growth of 60% on year.
In the next three years, smartphone shipments will reach as high as one billion units, and taking smartphones as a base, tablet PC shipments in 2014 are estimated to reach 170 million units, a volume about 70% of the estimated total notebook shipments.
Combined shipments of tablet PCs and notebook (including netbook), a new category named mobile computing devices, will enjoy a CAGR of 17.3% from 2011-2014.
- Despite standing 4th in internet users base worldwide India ranked 108th in global internet speed test conducted by pando networks.
- Internet users in India growing rapidly as 3G technology now available across country and broadband connectivity is also available in rural area with various service providers, Internet on mobile is also common for all Indians despite all these facts average internet speed in India is not up to the mark. With new telecom policy 2011 broadband speed is now modified to 512 Kbps. Based on 27 million downloads by 20 million computers in 224 countries from January through June 2011 , the study provides a comprehensive look at worldwide data accessibility, singling out the very best and the very worst places to link up with the web.
- The average worldwide download speed is 580KBps, placing the U.S. only slightly ahead of the pack with an average speed of 616KBps. While South Korea leading the list with a blazingly fast average speed of 2,202KBps may not come as much of a surprise, the small eastern European nations of Romania (1,909KBps) and Bulgaria (1,611KBps) unexpectedly claimed the second and third highest speeds. In fact, eastern European nations dominated the top of the list with Lithuania in fourth at 1,462KBps, Latvia in fifth at 1,377KBps and Ukraine in eighth at 1,190KBps. The completion rate for measured downloads closely correlates with average speed, South Korea again taking top prize with a 94% completion rate and most of the other speedy countries not far behind.
- The other end of the list is fairly unsurprising; developing nations in Africa and Asia trail far behind the speeds of those with more mature economies. The Congo has the absolute slowest average speed at 13KBps, followed closely by the Central African Republic at 14KBps and Comoros at 23KBps. Other notable countries studied include Germany at 647KBps, Australia at 348KBps, and China at 245KBps.
- The study goes on to break down the data to the city level, the fastest six of which are, unsurprisingly, located in South Korea. Andover, MA (2,801KBps) and Bucharest, Romania (2,665KBps) are the only cities outside of gaming heavyweight South Korea to break into the top 10. The slowest measured city was Algiers, Algeria at 56KBps followed by Itapema, Brazil at 61KBps and Santa Cruz, Bolivia at 62KBps. In the United States, Verizon Internet Services provides the fastest service, averaging 1,056KBps due to their widespread FIOS network. In Great Britain, Virgin Media is the fastest choice with average speeds of 612KBps while Dacom Corp. takes the top spot in speedy South Korea with an average of 5,151KBps.
Mobile cloud computing next
Posted on: November 14, 2011
- The rapid uptake of smartphones and tablet computers is expected to create an opportunity for software developers to create mobile cloud computing services, industry experts say.
- There has been a great deal of hype around cloud computing, an internet-based consumption and delivery model for future IT services. Basically it means the shifting of data, services and hardware from, for instance, a company’s premises or dedicated data centre, onto an external platform, often shared, and accessed via the internet. Take for example Google Docs — instead of having Word software installed on your personal computer, you access it via a browser when you require it.
- Among the benefits of adopting cloud-computing services are a decrease in costs — mainly technology infrastructure costs — as well as increased capacity and flexibility. Although cloud computing has been touted as the next big thing for the past five or six years, it needed a critical mass of desktop users for it to take off in the developed world and so allow companies to take advantage of the benefits.
- With the bulk of internet access taking place via cellphones, it is going to be the more compelling mobile services that will drive higher customer numbers and traffic volumes, says Wilter du Toit, the CEO of Virtual Mobile Technologies. Roelof Louw, cloud computing expert at T-Systems in SA, says the proliferation of mobile devices and applications has changed the way people buy and use business services today.
- According to Juniper Research, more than 240-million business customers will access cloud-computing services via mobile devices by 2015.
- PaaS Rules: IaaS becomes niche. In the long-run, IaaS doesn’t make sense, except for a limited set of scenarios. All IaaS providers want to be PaaS when they grow up.
- Public Rules: Internal clouds will be niche. In the long-run, Internal Clouds (clouds operated in a company’s own data centers, aka “private clouds”) don’t make sense. The economies of scale, specialization (an aspect of economies of scale, really) and outsourcing benefits of public clouds are so overwhelming that it will not make sense for any one company to operate its own data centers. Sure, there need to be in place many security and isolation measures, and feel free to call them “private clouds” — but they will be owned and operated by a few major public providers.
- Specialized Clouds: There are many dimensions to an application: the pattern of its workload; the government regulations it must adhere to; the geographic access to it; the programmig language and framework it supports; the levels of security, performance and reliability it requires; and other more specialized requirements. It’s not a one-size-fits-all world. At least, not always. There will be big generic clouds, and then, many specialized clouds. I’ve written about this in the past.
- Government Regulation: The largest cloud providers will become nationally strategic infrastructure (like utilities, financials, telcos, airlines and shipping companies in the past). Given my “public rules” prediction above, cloud providers will become crucial infrastructure to the economy and the interests of their respective nations. They will become “too big to fail”. Any change in their pricing will have a profound effect on the economy. And they will also hold the risk of a “cloud run” (similar to a “bank run”, a sudden surge of demand they haven’t anticipated. Not to mention the fact that they will maintain the sensitive data of consumers, corporations and government agencies. Any way you slice it, it spells regulation. But if history teaches us anything, this regulation will only come after “The Great Cloud Catastrophe” (use your imagination to figure out what that will look like).
- The Control vs. Freedom Debate: This sums up the story of cloud computing so far. Freedom is the catch-all phrase for drivers of cloud adoption (no upfront costs, on-demand, self-service, empowerment of the rank & file – e.g., developers), but control (or lack thereof) is the catch-all phrase of barriers to adoption by large enterprises. Every democratic country experiences this: there is sometimes a contradiction between the so-called sacred principles of rule-of-law and personal freedom. It’s a matter of drawing the line — and we’re just in the beginning stages of understanding this issue when it comes to cloud computing. This debate will be with us for years to come and will shape the variety of enterprise cloud computing offerings.
- Cloud Federations – While AWS has enjoyed tremendous international success, in any business that relies heavily on trust, such as IT, nothing beats a local brand. So people will flock to the cloud of their trusted national telco or big IT provider. But on the flip side, they will need to reach a global audience and will want servers around the world. As a result, we will see the formation of cloud federations, similar to what we see in airline alliances, such as Star, SkyTeam and Oneworld.
- Financial Efficiency and Sophistication: Computing is a commodity, and every commodity ends up being traded, future-traded, brokered, arbitraged, speculated and manipulated with derivative instruments. The good: the market becomes very efficient. The bad: the market becomes complex and opaque. We are already seeing spot markets
- Cloud Standards: About two years ago there was a strong wave of interest and discussion about the need for cloud standards. I wrote then, and still believe, it is too soon. But it is also inevitable. We will, however, see multiple competing standards. At least one formal stanard specification from a standards body and several de facto standards from large commercial players such as Amazon and VMWare.
- The Ecosystem Wars: I’ve recently written about the importance of ecosystems in cloud computing. Success in building an ecosystem will be a determining factor in who wins and losses in the cloud. It is not just about the size and breadth of the ecosystem, but how well it all works together. In many ways, Amazon has done a poor job of this so far, but it has the one big compelling factor for an ecosystem: a very large install base.
- Horizontal and Vertical Consolidation: As with any industry, as cloud computing matures, it will consolidate. This will happen both horizontally, for example large IaaS players will roll-up regional and smaller IaaS and hosting providers, as well as vertically, for example IaaS providers will acquire cloud management system providers such as RightScale and enStratus.
Here are four questions, which include key metrics and drivers, to ask when researching cloud solutions that will maximize the value of cloud computing for your organization:
1. Why is investment being spent on areas of IT that are not differentiating your business and can be commoditized?
- Key Metric: The balance of percent of investment on non-core commodity IT
- Key drivers: TCO needs to consider where to focus IT investment
2. How can IT grow and adapt with the ever-increasing expansion of data storage and the growth of computing demands eclipsing on-premise facilities?
- Key Metric: The cost of storage and archiving , recovery and continuity
- Key drivers: Latency of network and storage costs can be targeted through considering the whole IT portfolio, not just niche use cases of cost performance. Look at the bigger picture.
3. How can access to new markets and new channels be better served through extending networks and partnerships?
- Key Metric: Size of markets and effectiveness of sales channels, both internal sales and external direct sales and reselling
- Key drivers: Total cost of acquisition can include the creation or use of third-party distributed marketplaces and self-service portals and platforms
4. Is your own IT fast enough to beat your competition or drive the cost savings or revenue and margin growth plans you need?
- Key metric: Speed of IT delivery and its cost and quality of service.
- Key drivers: Performance can be offered through selected service provisioning. Question whether all knowledge needs to be in-house. Skills can be as-a-service too.
- Intelligent Systems–those enabled with high-performance microprocessors, connectivity, and high level operating systems–will grow from 19% of all major electronic system unit shipments in 2010 to more than one third all systems by 2015
- The market for Intelligent Systems will double from more than 1.8 billion units and over $1 trillion in revenue this year to nearly 4 billion units and over $2 trillion in revenue in 2015.
- The embedded semiconductor market equalled $33 billion in 2010 and will grow at a CAGR of 20% throughout our forecast period
1) Next-Gen Mobile – Smart Devices and Tablets
- It’s obvious to the casual observer these days that smart mobile devices based on iOS, Android, and even Blackberry OS/QNX are seeing widespread use. But comparing projected worldwide sales of tablets and PCs tells an even more dramatic story. Using the latest sales projections from Gartner on tablets and current PC shipment estimates from IDC, we can see that by 2015 the tablet market will be 479 million units and the PC market will be only just ahead at 535 million units. This means tablets alone are going to have effective parity with PCs in just 3 years. Other data I’ve seen tells a similar story.
- So, while it’s still early days yet, it’s also quite clear that enterprises must start treating tablets as equal citizens in their IT strategies. So why won’t they? For several reasons:
Key adoption insight
- A likely approach that will scale is to do as JP Rangaswami advocates, and “design for loss of control.” This doesn’t mean letting go of essential control such as robust security enforcement, but it does mean providing a framework for users to bring their own mobile devices to work in a safe manner, including use of apps with business data under certain prescribed conditions. This unleashes choice and innovation and vitally, splits the work of adoption and rollout with users that want to use their favorite mobile devices/app to solve a business problem.
2) Social Media – Social Business and Enterprise 2.0
- While mobile phones technically have a broader reach than any communications device, social media has already surpassed that workhorse of the modern enterprise, e-mail. Increasingly, the world is using social networks and other social media-based services to stay in touch, communicate, and collaborate. Now key aspects of the CRM process are being overhauled to reflect a fundamentally social world and expecting to see stellar growth in the next year. As Salesforce’s Marc Benioff was very clear in his dramatic keynote at Dreamforce last month, leading organizations are becoming social enterprises.
- There now seems to be hard data to confirm this view: McKinsey and Company is reporting that the revenue growth of social businesses is 24% higher than less social firms and data from Frost and Sullivan backs that up across various KPIs. The message is that companies are going to — and have every reason to — be using social media as a primary channel in the very near future, if they aren’t already. It’s time to get strategic.
Key adoption insight
- There are a growing number of established social media adoption strategies, but probably one of the most effective is to engage by example. Both leadership inside the company as well as top representatives to the outside world must engage in social channels to show how they’d like change to happen.
3) Cloud computing
- Of all the technology trends on this list, cloud computing is one of the more interesting and in my opinion, now least controversial. While there are far more reasons to adopt cloud technologies than just cost reduction, according to Mike Vizard perceptions of performance issues and lack of visibility into the stack remain one of the top issues for large enterprises. Yet, among the large enterprise CTO and CIOs I speak with, cloud computing is being adopted steadily for non-mission critical applications and some are now even beginning to downsize their data centers. Business agility, vendor choice, and access to next-generation architectures are all benefits of employing the latest cloud computing architectures, which are often radically advanced compared to their traditional enterprise brethren.
Key adoption insight
- Until cloud computing workloads can be seamlessly transferred back and forth between a company’s private cloud and public/hybrid cloud, adoption will be held back and favored largely for greenfield development. Technologies are now emerging to make this possible, however, and for now, companies should invest in cloud standards (to the extent they exist today) to build private clouds in order to be in position to start selectively transferring services out on a trial basis (and being able to bring them back in safely as needed.)
4) Consumerization of IT
- I’ve previously made the point that the source of innovation for technology is coming largely from the consumer world, which also sets the pace. Yet that’s just one aspect of consumerization, which some like myself and Ray Wang are calling “CoIT” for short. Consumerization also very much has to do with its usage model, which eschews enterprise complexity for extreme usability and radically low barriers to participation. Enterprises which don’t steadily consumerize their application portfolios are in for even lower levels of adoption and usage than they already have as workers continue to route around them for easier and more productive solutions. Another decentralized and scalable solution is, as with next-gen mobile, to help workers help themselves to third party apps that are deemed safe and secure.
Key adoption insight
- Consumerization seems especially pernicious to IT departments because it happens all the time, without their involvement. Stats vary on “shadow IT”, which is in the lower double digits, but much of it is for consumer apps. IT departments can begin programs in partnership with other large companies (to distribute the work) to certify SaaS, cloud, and mobile apps and train workers on data safety, backup, and integrity for example. Longer term, companies will imbue their IT service design, solution acquisition, and delivery with user experience and design approaches and fresh ideas from the consumer world. This will drive more worker productivity, less user support, and higher innovation in IT solutions.
5) Big data
- Businesses are drowning in data more than ever before, yet have surprisingly little access to it. In turn, business cycles are growing shorter and shorter, making it necessary to “see” the stream of new and existing business data and process it quickly enough to make critical decisions. The term “big data” was coined to describe new technologies and techniques that can handle an order of magnitude or two more data than enterprises are today, something existing RDBMS technology can’t do it in a scalable manner or cost-effectively.
- Big data offers the promise of better ROI on valuable enterprise datasets while being able to tackle entirely new business problems that were previously impossible to solve with existing techniques. While most companies are still addressing their big data needs with data warehousing, according to Loraine Lawson, one need only scan the impressive McKinsey report on Big Data to see the major opportunities it offers on the business side.
Key adoption insight
- Big data requires a mindset change as much as a technology update. This means making open data a priority for the enterprise as well as an operational velocity that hasn’t been a priority before. Big data enables solving new business problems in windows that weren’t possible before. It also means infrastructure, ops, and development must be part of the same team and used to working together. This means organizational refinements must be made to tap into the greater potential.
read more at ZDNet
1. What happens if your cloud computing resources are unavailable?
While questions about disaster recovery and high availability in the cloud will be similar to those asked about your own data center, you need to be a lot more specific when looking to implement or utilize a cloud environment.
SLAs vary widely between providers so you’ve got to make sure you’re clear on the details surrounding guaranteed uptime, and then decide if that works for your business.
2. How (and more importantly where) do you backup data?
In a cloud environment, IT executives need to be confident that their data not only will be replicated but also stored across multiple sites in separate locations to ensure they will still have access to that data in the event of a data center failure or other incident.
3. How do you handle large data migration and what are the costs?
While provisioning a cloud environment takes minutes, populating that cloud with the necessary data is an entirely different story.
For example, if you need to migrate or populate a database to the cloud that is too large to send over the network, you need to consider factors such as additional costs, available data load options, and the process for working with your provider on the migration.
4. What are my network access options – and, more importantly, the restrictions?
One of the biggest benefits of the cloud is being able to access critical data over the Internet from any location. Beyond obvious questions such as whether you can access the cloud from mobile devices is whether the provider can support VPNs or dedicated connections. This is particularly true for organizations like financial services firms that have more stringent rules around access.
5. My organization must comply with regulations. What are my options for using IaaS?
For some organizations, particularly ones that have to comply with stringent regulations, public cloud IaaS offerings might not make sense.
Ultimately, everything is shared even though it’s separate both logically and from a security perspective. For this reason, many CIOs may look to community clouds, which enable companies with similar requirements – for example, two pharmaceutical companies that both must meet strict FDA regulations – to share a cloud and achieve true economies of scale.
6. What’s the cost to decommission an IaaS project?
While most cloud providers are upfront about the cost of specific IaaS offerings (for example the cost per megabyte for storage), it is much more difficult to provide a cost for decommissioning – a critical but often forgotten step in the cloud life cycle.
In keeping with this theme, cloud computing risk assessments involve these 10 categories:
1. Effectiveness of controls
Evaluate if the current controls provide adequate protections for the data or service the company is considering hosting in the cloud. For example, is the separation of duties for cloud provider employees appropriate and does it limit the number with access to confidential data?
2. Auditing and oversight
Evaluate the cloud provider’s current auditing and how oversight of administrative changes is accomplished. For example, ask for a change-control log where changes were tested and approved by appropriate management personnel.
3. Technical security architecture
Evaluate current technical architecture including firewalls, VPNs, patching, intrusion prevention and network segregation. This evaluation could also include programming languages and Web application frameworks. Can the environment match business security requirements?
4. Data integrity
Investigate how the cloud computing vendor keeps each customer’s data separate while utilizing the same hardware. Does this separation match business security or compliance requirements?
5. Data encryption
Investigate how the cloud computing provider implements encryption for both data-in-transit as well as data-at-rest. Most providers will utilize encryption for data-in-transit, but may not have a capability for encrypting data-at-rest. Do the provider’s encryption practices match business security or compliance requirements?
6. Operations security
Review the disaster recovery and business continuity plans for the cloud service provider. Do they provide adequate protection for business needs? How often are the plans tested? Does the data center provide enough redundancy for business needs?
7. Standardized procedures
Evaluate the standard procedures that the cloud services provider utilizes in its operations. An example would be the offsite tape backup procedure or the background pre-employment screening procedure. Another important procedure to document is how the interests of the customer will be represented during a legal investigation or subpoena request.
8. Business stability
Evaluate the current financial condition and history of the cloud computing provider. It might be necessary to utilize other company resources to assist in this evaluation. It’s easy to find information on publicly traded companies, but private companies may require more investigation.
9. Intellectual property
Investigate potential issues with the cloud computing provider hosting business data. This will include ownership, return and deletion of the data after the contract expires.
10. Contractual language
Review the proposed contract with legal representation. All of the controls documented in the previous nine audit categories listed above should match the contractual language in order to be meaningful. Require that any deviation from these agreed-upon information security protections be communicated with the business and specify penalties associated with non-compliance.
The relevance can be recorded on the same 1-5 scale with five being the most important or relevant to the cloud computing solution being provided. A weighted score for each category can then be calculated by multiplying the relevance score by the risk score. An average of all of the category scores can then be generated to represent a single value that can be easily communicated to management.
The following table demonstrates what the final results of this process would look like for a typical business critical application:
| Cloud Computing Risk Assessment Example | |||
| Relevance (1-5) | Risk (1-5) | Total | |
| Controls | 5 | 2.5 | 12.5 |
| Audits | 5 | 4 | 20.0 |
| Architecture | 3 | 3.5 | 10.5 |
| Data Integrity | 5 | 4 | 20.0 |
| Data Encryption | 2.5 | 4.5 | 11.3 |
| Hosting Security | 5 | 1 | 5.0 |
| Procedures | 4 | 2.5 | 10.0 |
| Business Stability | 5 | 2.5 | 12.5 |
| Legal – Contract | 5 | 4 | 20.0 |
| Intellectual Property | 5 | 2.5 | 12.5 |
| Total Project Risk (out of 25) | 13.4 | ||
Future Applications of Cloud
Posted on: November 11, 2011
1. Government and public services
- The investment in cloud computing has gradually turned into practical application in government industries. One application is called Government Administration Cloud used as government administration and computing platform by its officials and staff; the other application is called Public Services Cloud used for serving the public. To be more specific, Government Administration Cloud provides a platform for government administration informatization and services collaboration, which includes such management functions as unified government email, data storage and processing, urban emergency command, population management, urban disaster and risk control, food safety and so on. Public Services Cloud can provide the public with a variety of services related to the public life such as taxation, fee payment, information announcement, consultation and others.
- Government cloud computing center is able to store, share, exploit, search and analyze mass data, which makes intangible assets like data manageable and centralized. Through data integration and infusion technology, it can eliminate the data barrier across different departments, realize information sharing and service collaboration among all. Government Administration Cloud and Public Services Cloud will greatly improve the government informatization level and working efficiency, as well as cut down government expenses on IT construction considerably and realize environment-friendly administration.
2. Application in different industries
Manufacturing industry: Cloud computing provides an innovative operating mode.
- The professional operators serving the manufacturing industry will provide them with software development and services based on the PaaS and SaaS model and offer overall support for products, technology, platform, operation and maintenance management. As a result enterprises can focus on manufacturing rather than IT infrastructure construction and maintenance.
- Under the PaaS mode, the users can write their application program and run it on the cloud computing platform with programming language and tools supported by operators. Under the SaaS model, the users will have enterprise informatization solutions and services like ERP and CRM at low cost, as well as conduct simulation in a fast and effective way.
- With services purchased, enterprises can reduce design and manufacturing cost, significantly shorten the cycle of product upgrading, enhance product performance, improve the level of company informatization, effectively stimulate innovation and considerably enhance the independent innovation efficiency and boost the core competitiveness of the enterprise.
Telecom industry: cloud computing leads to the integration of internal and external resources.
- With the increasing size of data, widening bandwidth and the development of mobile Internet, it is necessary for telecom operators to adopt cloud computing technology to maintain their long-term competitiveness in operation efficiency and mode. Based on cloud computing technology, they are to experience significant improvements, as well as make hefty profits from various paid cloud service products. Analyzing the demand of clients in different industries, they will develop relevant cloud products, services and system of their own brands.
- Internally telecom operators can integrate the IT resources to improve efficiency and management level, as well as reduce service cost. Externally, they can establish a basic resource platform for new business model, which provides public IT services.
- All above will ultimately improve the efficiency of traditional telecom economy, accelerate the building of platform and integration of the industrial chain, and fulfill the application of cloud computing.
Education industry 1/4sCloud computing serves for educational informatization.
- Cloud computing will provide universities and research institutions with a practical R&D platform in the future. It is currently accepted by Peking University and Chinese Academy of Sciences, and has shown good results. Cloud computing will be widely introduced into the rest of universities and research institutions, who will build the cloud computing platform according to their own research fields and technology requirements. They will make necessary integration of servers and stored resources in their subordinate institutes. The reusable and efficient platform will provide powerful computer resources for scientific research and teaching, which can improve the efficiency of R&D.
Medical and pharmaceutical industry: Cloud computing pushes ahead the new medical reform.
- Enterprises and entities in the medical and pharmaceutical industry have always obtained a higher level of informatization. Under the New Medical Reform policy, they are requested to optimize and upgrade their informatization system further. With cloud platform at the core, the centralized informatization application mode will be developed, which is to gradually replace the current departments-dispersed application mode. The new mode will improve the information sharing within the pharmaceutical enterprise and enhance the overall service level of medical information sharing platform.
Agriculture
- Together with the construction of basic infrastructure, the development of agriculture informatization includes the digitalized design of production factors, intelligentized controlling, accurate operation, scientific management and application of cloud service. Agriculture producers, operators and managers will be guided to ensure the successful launch of their products in the market. To improve their living standard, broadcast media will be used to spread information; while software and services will be specifically designed for farmers to meet their using habit, industrial and geographic characteristics.
3. Application in enterprises
Private clouds prevail in large-sized enterprises.
- Cloud computing gets it momentum in large-sized enterprises. Private cloud application makes a breakthrough in data protection, which is highly concerned in large-sized enterprises. It speeds up the informatization process from R&D, purchase, produce, store, to sales in the enterprises and thus enhances their competitiveness.
Small and Medium-sized enterprises make PaaS/SaaS services the favorite.
- The construction of informatization infrastructure for Small and Medium-sized enterprises is being perfected gradually and the network transmission speeds up day by day. Under the circumstance, cloud computing shows the way for renovation and changes. It will reduce the construction cycle and cost of informatization, lower operation risk and strengthen the competitiveness of the enterprises. Small and Medium-sized enterprises should select PaaS/SaaS services of high quality to ensure the cloud platform to provide IT resources in a steady, flexible and extendable way, as well as to meet the need of its core business.
1. Are files and backups quickly available?
- If your business is looking to the cloud as a primary location for file storage and backups, availability is key. For Nhan Nguyen, Chief Scientist and CTO at CIC, being able to access files quickly and at any time is the cornerstone of providing customers with the quality of service they expect.
- CIC provides electronic signature solutions for the time-sensitive financial services industry. So its technologists needed to know that their cloud storage solution would maintain the same level of availability and speed as an on-site option. Nguyen explained, “We support a very high number of concurrent users. Maintaining very high uptime and guaranteed document load performance of less than three seconds are our main goals.”
- CIC needed a solution that would meet these goals and satisfy customer SLAs. After some research, they decided to deploy Gluster’s File System (GlusterFS), which complemented their existing cloud technology infrastructure.
- Using GlusterFS, CIC was able to pool, aggregate, and virtualize their existing Amazon Web Services Elastic Block Storage (EBS). By utilizing both synchronous and asynchronous replication, files are retrieved quickly–even surpassing customer expectations.
2. Can the solution scale to keep up with future growth?
- For Stanley Kania, CEO of Software Link, a hosted ERP provider, looking to the cloud was a way to meet expanding storage needs.
- Using local disc storage on servers became unmanageable and unsustainable, especially as we began to virtualize our infrastructure. At the same time, we need to store more and more data,” Kania said. With over 2,000 customers and growing, Kania and his team found a solution in Coraid.
- Coraid’s EtherDrive platform enabled faster performance and allowed for adding new storage as-needed, scaling to meet Software Link’s growing storage needs.
- We chose Coraid because we got the most bang for our buck. Coraid provides the kind of advanced storage virtualization and data availability we required to successfully continue expanding our business,” Kania said.
- Software Link is now able to host far more applications and has seen an increase in spindle speed and high demand IL. When they need additional storage, additional EtherDrive shelves can be configured and deployed in a matter of minutes.
3. Will the solution fit with existing applications and infrastructures?
- For both Software Link and CIC, integrating a storage solution with existing applications and infrastructures was a key requirement. Both companies were looking for complementary solutions that would accommodate existing workflows.
- “The solution we were looking for had to fit with current applications,” says Kania, whose business primarily provides hosted ERP solutions from Sage and SMB solutions from QuickBooks.
- For Nyguen and his staff at CIC, a streamlined transition from their preexisting storage to the cloud was a main requirement. The staff at CIC had already selected the RightScale Cloud Management Platform as the foundation for their operations, and had decided on Amazon’s EBS.
4. Is the solution secure?
- The year 2011 was a record year for natural disasters and catastrophic weather in terms of number of events and their devastating costs. Earthquakes, fires, floods, tornadoes and other events have made an indelible impact on many communities and businesses both in the US and around the world.
- This trend made Veronica Barnes, Directory of Technology for the Town of Dedham, Massachusetts, nervous about the future and what would happen in the event of a disaster. The town was performing local backups and was not fully protected from the potential risks.
- “The number of recent disasters in other parts of the country really raised my level of urgency,” Barnes stated.
- The town looked to Zetta for a solution that would backup a majority of their critical data off-site. ZettaMirror automatically replicates and syncs local data for on-demand access. The data is transferred and stored in encrypted format, and a current copy is persistently available through either a web browser or directly through the remote file system.
- Although the Town of Dedham has not had a disaster from which they had to recover data through Zetta, the solution has given the town and their IT staff peace of mind. “Zetta took a lot of pressure off us. Before, we were going home at night and worrying a lot.”
- Kania of Software Link echoes concerns over the increasing need to protect against catastrophic events. You want to look for a data center in a location that’s not prone to a lot of disasters. You want a place where you know your data will be okay, and where security is solid.
5. Does it deliver ROI?
- Usually when organizations think about moving to the cloud, cost savings is one of the big drivers. With storage, solid ROI is certainly a consideration, but it’s not necessarily the most important consideration.
- CIOs and IT managers would be well served to educate the business side of the organization on the fact that not every benefit can be accurately captured by ROI calculations – which for services like cloud storage are often fictions anyway.
- Ensure that monetization reflects the underlying business agreements. Monetization is increasingly challenging as organizations create services and products built on more and more complex models featuring interrelated, multiparty relationships. The ability to easily translate business terms into automated action, build complex agreement rules by composing reusable slices, and to track and fulfill obligations across all parties are now all table stakes for an enterprise-grade cloud monetization solution. Further, the impact of the social enterprise is being felt in the form of customer self-care via Web 2.0+ and dashboard-driven business intelligence (BI) and analytics. An agreements-based billing (ABB) and compensation solution contains the financial state of agreements between customers, suppliers and partners. It is required to feed online portals and business intelligence.
- Pay attention to cloud chargeback. Sharing resources to maximize their utilization and to raise infrastructure ROI is not a new concept for financial services companies. IT has long been a service provider for lines of business, sharing common resources among a number of internal customers. The financial crisis has further accelerated the need to look at infrastructure options that enable companies to remain competitive and decrease the costs of IT infrastructure. The economics of a resource-sharing model that enables on-demand IT resource delivery without additional capital expenditures is hard to ignore. An ABB solution is required to support sophisticated chargeback across the organization for cost containment and profitability analysis, and to handle billing and compensation for situations where the enterprise is bursting between private and public clouds.
- Do not hinder new services. The increasing number of financial services made possible as result of the cloud include mobile financial services, microfinance and mobile money offerings for small and medium enterprises (SMEs), data as a service, and data-on-demand approaches that use the cloud to reach new customers and monetize underutilized data assets to bolder IaaS offerings from exchanges such as NYSE. The latter provides a glimpse of the long-term potential to become a cloud provider for financial markets. The community and unique technology needs within the financial services industry make more generic clouds less compelling for Wall Street. The complexity of right-billing customers takes on new meaning. Billing solutions that emerge from the business-to-consumer environment lack the sophistication to support these new service models.
- Embrace transparency to ease compliance processes. Regulations are far reaching and include the need to preserve historical data for certain periods. The billing solution may also need to provide information on how fees were calculated across parties (monthly charges for debit cards and online banking charges). ABB simplifies calculations, supports auditing and eases understanding of the state of agreements across many interrelated relationship models.
- Recognize that monetization is bigger than billing. Exploiting the ROI potential of the cloud means being able to do more than simple digital invoicing. Online customer care and stakeholder compensation count as well, as does revenue sharing, remuneration and settlement, pricing, bundling, discounting and promotional demands. Monetization must also let users negotiate value from all customers while reducing day sales outstanding (DSOs), improving customer care and winning new business through the ability to individually tailor contracts.
- Take advantage of expansion and globalization opportunities. When organizations move toward ABB for cloud-delivered services, they also gain benefits that grow business. The first involves flexibility. Companies can quickly model any new business requirement, thereby reducing the time and cost required to go to market. And, with multilingual billing and communications functionality built in, institutions can manage agreements in dozens of countries with multiple languages, currencies, tax codes and regulatory requirements with ease. Adding this ability to an in-house legacy system can be a slow, costly and difficult process.
- Don’t abandon your legacy investments. While legacy systems can’t support some of the innovations the cloud can enable, financial institutions don’t need to scrap everything they have. Most will have numerous enterprise applications and more than one for billing. These need to be integrated with other software components to create a complete solution. That integration should be seamless, but it should not require a business to completely rip and replace existing technology investments.
Re-Strategising for More Thorough Coverage, Lower Cost
- When asked about their IT security strategy, respondents believe that the top two areas of improvement by far are comprehensiveness of coverage and cost of their IT security implementation. They want coverage to be extended beyond the core network perimeter to areas like mobile endpoints and processes, and they want security-related costs to be reduced. Of the seven markets surveyed, Indian respondents ranked comprehensiveness of coverage as their no.1 priority (63%), followed by cost effectiveness (41%).
- There are several drivers for the strategy changes. Heading the list are technologies under rapid adoption in India, including cloud computing (36% of respondents named it as the most important driver) and virtualisation (16%). Other influences shaping IT security strategy are the emergence of more sophisticated threats and attacks (15%), user-led IT (14%) and mobility (11%).
Enterprises Responding Faster to Changing Trends
- In line with fast evolving trends, many organisations are assessing their IT security strategy frequently. As many as 80% of the respondents from India have conducted a full reappraisal of their information security strategy in the last 12 months.
- In fact, the survey unveiled that as many as 85% of respondents are concerned about their firms’ ability to secure corporate data in this new user-led IT environment, where individual users, rather than enterprises, define the preferred IT practices and technologies they wish to use. South Korean and Indian organisations are the most worried (both 94%) by this IT consumerisation. Japan is the least worried, but even there, almost two thirds of the respondents (63%) say they are concerned.
Inadequate Security for Personal Mobile Devices
- Across the sample, 94% of respondents say that they have a mobile security strategy defined. Hong Kong and Taiwan are the most advanced markets in this area, both at 98% followed by India at 96%.
- However, results indicate that most companies are not confident of or do not have the means to secure personal mobile devices: 67% of respondents say they only allow the use of corporate mobile devices onto which security policies can be directly enforced. Twenty six percent of enterprises place responsibility for securing personal mobile endpoints directly with the users/owners of those devices − a dangerous practice.
Wireless Networks: The Greatest Vulnerability
- When asked about which parts of their IT infrastructure are vulnerable from a security standpoint, wireless networks are named most frequently (quoted by 59% of the respondents). In terms of severity of risk, wireless networks are also rated highest, ahead of endpoints (ranked 2nd) and databases (3rd). Wireless networks are seen as particularly vulnerable in Japan, with 86% of that country’s respondents ranking it as their top threat, ahead of South Korea (61%) and Hong Kong (55%).
Migration to Application Aware and XML Firewalls has Started
- Today’s security threats are no longer port-based and can slip into enterprise networks through applications. With application awareness and control capabilities underpinning the emergence of ‘next-generation’ firewalls and the death of traditional firewalling solutions, 42% of the respondents are now using, or plan to use, a firewall with application control features. Specialised Web application and XML firewalls are also being adopted in significant numbers, with 45% of the overall sample now using, or planning to use, this technology to secure Web-based applications.
- Singapore shows the highest rate of ‘next generation’ firewall adoption with 52% of its sample using this technology. India and South Korea follow closely, tying at 48%.
- China and Taiwan are the largest adopters of Web application /XML firewalls, with 61% and 48% of their samples, respectively. India is 3rd with 44%.
Network Security Consolidation Gathering Momentum
- To date, almost three quarters (71%) of respondents have consolidated security elements to take advantage of tighter security, simplified management and lower cost, and 90% of them say that they will continue consolidating security over the next 12 months.
- Twenty-six percent of the sampled organisations plan to embark on a network security consolidation exercise for the first time in the next 12 months. Only 3% of the respondents plan to continue abstaining from any network security consolidation in the foreseeable future.
- South Korea is the furthest ahead in the network security consolidation game, with 78% of respondents already having done some form of consolidation. China is 2nd with 77% and Taiwan is 3rd with 74%.
- In Japan, 14% of the sample feels they have embraced network security consolidation to the furthest extent desirable. This is twice as high as the Asian average of 7%.
- Hong Kong organisations are most likely to start out on network security consolidation for the first time (34%). Singapore is 2nd with 32%. In Japan, the figure is only 18%.
India is likely to witness the rollout of fourth generation (4G) mobile telephony in 2012 even as third generation (3G) service is still gaining ground among mobile subscribers.
Indian ICT spending
Posted on: November 11, 2011
India information and communication technology (ICT) spend is forecast to reach $71. 9 Billion in 2011, a 10.3 percent increase from 2010 spending of $65.23 billion, according to Gartner, Inc.
Hardware is the fastest growing segment with a compound annual growth rate (CAGR) growth of 20.4 percent through 2014.
IT services is showing the strongest annual revenue growth at 22 percent in 2010 while the telecom segment, that is forecast to account for 73 percent of the Indian ICT market in 2010, is witnessing a slowdown and is set to grow at 13.2 percent growth (see Table 1). Double-digit growth across all sub segments of the ICT space will drive the growth this year.
Table 1. IT End-User Spending Forecast, India, 2009-2014
| 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | CAGR 2009-2014 | |
| Hardware ($M)
|
6,388 | 7,558 | 9,290 | 11,152 | 13,257 | 16,152 | 20.4% |
| Software ($M)
|
2,112 | 2,421 | 2,768 | 3,124 | 3,521 | 3,960 | 13.4% |
| IT Services ($M)
|
6,223 | 7,591 | 8,774 | 10,181 | 11,815 | 13,691 | 17.1% |
| Telecommunications ($M)
|
42,100 | 47,664 | 51,097 | 54,487 | 58,178 | 61,668 | 7.9% |
| Total ICT ($M)
|
56,823.5 | 65,233.9 | 71,927.9 | 78,943.8 | 86,770.4 | 95,470.6 | 10.9%
|
| CAGR = compound annual growth rate | |||||||
1) Is Your Business Situation “Vertical”?
Good candidates for cloud computing include “single business processes or small numbers of business processes with consistent requirements that can be considered as a single set.” In other words, it’s easier to move a focused set of requirements from a single business unit, such as human resources or marketing tasks, to cloud applications.
2) Is There Competitive Differentiation in Your Processes?
You may have a way of engaging customers that gives you the highest satisfaction ratings in your industry. Or you may have higher quality products than you produce very cost-effectively. Can the underlying technology supporting these processes be swapped out effectively? The Open Group authors advise that if the business process under consideration is a key differentiator for the business, you need to examine if the process is insulated from changes in the technology. If not, then cloud may not be a good candidate here.
3) Is the Differentiation IT Based?
If there’s some kind of secret sauce your company employs that is embedded into the code of its applications or systems — such as rapid, sub-second responses that competitors have yet to match, then cloud is not the way to go.
4) Are There Any Impediments to Outsourcing?
Cloud, for all intents and purposes, is a form of outsourcing. Barriers that could stand in the way of cloud are the same that prevent more traditional outsourcing arrangements, such as in-house services that cannot be matched externally; long-term leases; switching costs; fixed assets with depreciation value; an immature business architecture; business culture; geographic location sovereignty rules (particularly in the EU); industry regulations; compliance audit rules; and even labor contracts. Compliance concerns are a particularly important area that also ties into information security — you need to know who is handling your information, and how they are handling it.
5) Are There Impediments to Cloud Adoption?
Most of the impediments to be considered for outsourcing apply also to cloud
adoption. More cloud-specific barriers include highly customized resources; such as enterprise licenses; policy restrictions on resource sharing or on control of configuration changes; too few potential subscribers; unacceptable service level agreements from cloud providers; and unacceptable recovery point objective (RPO) and recovery time objective (RTO) performance by cloud providers.
6) Is the Primary Business Driver “Cloud Compatible”?
Cloud-compatible business drivers may include the need to reduce medium and/or long-term total cost of ownership; improve cash flow; shift from CAPEX to OPEX; have access to functionality or domain expertise; or to become a cloud provider yourself. Business drivers not compatible with cloud may include the need to cut short-term costs; increase capacity without need for third-party financing; or change tax situation (recognize depreciation, job creation incentives, …); or shift fixed assets (potentially including leases) or labor to provider.
7) Is the Application Insulated from Changes to the Business Process?
The business logic should be separated from the underlying technology. As the Open Group authors put it: “A business person with no knowledge of the application should be able to modify the definition of the business process without impacting the ability of the application administrator to manage and maintain the application efficiently.”
8) Will the Cloud Solution Be a Platform?
Transforming the solution layers below the business processes and applications into a standard, shared configuration for delivering all of the company’s IT services may be a good case for cloud computing. These layers typically include middleware, operating system, hardware, and data center infrastructure.
9) Are the Hardware, Operating System and Application Custom-Made or Specialized?
If the hardware, operating system and applications layers are all custom-made, then cloud solutions are not a good fit,” Harding and his co-authors state. Cloud may not be a good fit for handling legacy IT solutions either. Cloud may be a workable approach, however, if only one of these elements (hardware, operating system, or application layer) are based on custom technology.
The challenges that surround asset management in the corporate data center environment are significant. SOX regulations
require that a corporation be able to actively identify and locate high‐value assets and assets that contain information such as
customer data, human resource data, and financial transactions. Leveraging RFID technology to automate common business
processes relating to critical assets and media in data centers has many benefits. Improving visibility and tightening security
can be achieved by automating three key functions.
1. Inventory Audit
Management is required to maintain a complete accounting of all equipment. Inventory audits are done at least annually and
at great cost and effort. RFID has delivered significant benefits that include:
- Conducting Inventory audits across multiple facilities with little or no infrastructure investment
- Accurately cycle count inventory in days, not weeks or months
- Instantly retrieving automated reports for management and compliance
With RFID tagged assets, customers are achieving 100% accuracy while eliminating 90% of audit costs, enabling instant
reconciliation and reduced asset shrinkage.
2. Asset Tracking
The ability to track each asset or media from the moment it is registered with the asset management system of the data
center is essential. Benefits include:
- Tracking assets and media in real time as they are moved in and out of a data center
- Reservation functionality to schedule specific assets for use or maintenance
- Instant alerts upon unauthorized movement of assets
Leveraging RFID technology to automate common business processes relating to critical assets and media in the data center
has come of age and is delivering results.
3. Asset Security
With the growing incidence of identity theft, companies are becoming increasingly concerned over the security of the
information that is maintained in their data centers. RFID benefits include:
- Detecting the removal of RFID tagged devices from the data‐center
- Insuring only authorized personnel have access to secure areas
- Providing alerts and alarms for any violation of security rules
Through the use of RFID, security can be greatly enhanced through the location and tracking of servers, media libraries and
personnel as well as the physical monitoring of a facility.
- Agent-based solutions – Organizations will be able to deploy an agent to their cloud instances that will provide various security services. Among the likely services for this category will be a host-based firewall, anti-virus, VPN, and log / file monitoring. These agents may also help check configurations and settings of the operating system and perhaps applications.
- Gateway- based solutions – Another path that organizations may go down would be to place a “gateway VM” at the head of their individual cloud infrastructure. Likely an excellent path for those with more than just a few virtual instances, all traffic in this scenario would pass through the gateway security virtual instance. In this case, firewall, IDPS, WAF, and other services where traffic inspection is critical are good potential fits.
- Appliance-based solutions – A variation on the gateway theme will be solutions where traffic is routed through a separate appliance that may not be within the virtual infrastructure. Traffic to and from a cloud customer’s virtual instances would be cleansed through the security appliance. The benefits of this approach would be for situations where increased processing power is required (e.g. SSL decryption) or where the cost of placing a gateway virtual instance is too high relative to an appliance. There also may be cases where a specific solution may not be available as a virtual instance, but could be available as a multi-tenant appliance.
Tenant-based Cloud Security
Posted on: November 11, 2011
- Tenant-based cloud security is critical to solving the issue of protecting your individual cloud infrastructure. An infrastructure provider’s goal is to secure the platform and provide security options to the tenant (or customer). Tenant-based security is that answer and is an attractive model for obvious reasons – it allows each organization to customize the security to the company’s needs, not to mention it is cost effective, much more efficient and easily scalable for organizations looking to expand.
- For most organizations, a cloud service providers’ foundational security will not suffice. The tenants in the infrastructure have unique applications and differing levels of confidential data. Each tenant needs to be able to build upon the infrastructure providers’ foundation with a set of security solutions aimed at solving the concerns and problems that they have.
- For instance, some cloud users may have PCI compliance concerns while others may not be overly concerned as they are using the infrastructure for just dev and test. The first organization in these examples would require services such as firewall, IDPS, log management, web application firewall, and file integrity monitoring among others. The second organization may just opt for firewall and VPN. Each cloud customer needs to have the ability to easily make those choices and turn on and off the level of service they need. This security model is critical to ensuring the success of the cloud.
Action items:
- Develop applications that are elastic in nature and can scale with relative ease.
- Apps should be low in latency. High security apps, for example, can take a lot of resources and can slow systems down. HPC speeds things up; within the cloud the infrastructure needs to offer sufficient support.
- The HPC architecture should be based on “loose coupling.” That way, each computer note is independent and has its own storage data. To increase scale, the number of nodes are increased.
Action items:
- Select a vendor or solution provider that has partnered this way before.
- Learn about your partners cloud strategy. Will this partner be able and willing to bring you up to speed?
- Ask about regulatory and compliance issues they have faced, and also ask whether they understand your particular environment. Get examples.
- Research your prospective partner. Do Internet searches, but be sure to call their customers. Ask for referrals. Interview the company. Determine whether it has the capability to provide secure key management even in highly complex environments. Can it integrate encryption management for cloud services (including private cloud) into the broader enterprise infrastructure?
- Discuss with your customer what the acceptable amount of data loss would be, measured in time. Then talk about the suitable amount of time that can transpire before a business process is restored in order to avoid a break in business continuity. Ask, “To what point in time does the data need to be restored?
- Determine which business processes should be backed up most frequently. IT solution providers can create a customized tiered system within the cloud that can more frequently backup certain applications. Traditional backup doesn’t generally provide that level of customization.
MarketBite 