Category Archives: Public Cloud

Is It Time to Join the Cloud?

Posted on February 27, 2016 | 3 comments

Risks-Comes-With-Cloud-Migration-938x535
Wondering if joining the cloud is the right move for your company? It’s a question that many CTOs have considered recently as the advantages of cloud computing  are frequently heralded as the next evolution of managing an IT infrastructure. Moving your IT infrastructure to a cloud could save your company money on hardware and software costs, it could save time by providing maintenance and management for your data, and it can save resources by eliminating the needs and requirements for equipment storage.

However, any shift from the norm is met with some fair amount of healthy skepticism. And no company should hastily make the switch to cloud computing without first examining the disadvantages as well as the advantages. The reality is there is no one-size-fits-all answer when it comes to cloud computing and ultimately the decision must be made by examining the needs and operational requirements of each company and comparing these to the available cloud computing services.

Understanding the benefits of cloud computing first comes by examining the three different levels of service that cloud computing can provide: infrastructure-as-a-service, platform-as-a-service and software-as-a-service.

Infrastructure-as-a-service, also known as hardware as a service, uses virtual machines to connect to a partitioned space on the cloud servers. The local computers connect through via the Internet to the cloud server that does all the heavy lifting. The obvious benefit here is that it eliminates the cost of an in-house infrastructure – companies do not need to invest in capital expenditures like servers, data center space, and network equipment to get up and running. You can still use your own software, but it is all run on the cloud instead of your local computers. This is a great option for small, startup companies because they can immediately have access to an enterprise-grade infrastructure for a fixed monthly fee. Some vendors of hardware as a service include Rackspace, Sunguard, Cloudscaling, Amazon, Google and IBM.

The next level of cloud computing is platform-as-a-service. This option provides you with a development platform where you can develop software applications for the web. The cloud provider takes care of handling the loading for you and ensures your applications are elastic with the number of users. Think of Facebook as an example of a platform as a service provider. Third party developers can write new applications that Facebook makes available on their social application platform. Google also provides APIs to developers to build web applications. This service is useful for software development companies because the cloud provider facilitates the development of applications without the cost and complexity of buying and managing the underlying hardware and software provision hosting capabilities. You have all the facilities required to complete the development life cycle, from development, to testing, to deployment, to hosting, to maintenance in the same integrated development environment. This is a useful solution for companies that want to focus exclusively on software development because it relieves their platform woes. For companies that already use a platform internally, the platform-as-a-service advantage is that the cloud platforms are designed to scale linearly. Cloud development platforms have guidelines that help the application scale to accommodate any number of users. SalesForce.com’s Force.com is an example of a platform as a service vendor

The highest level of cloud computing is software-as-a-service, also called software on demand. Here, companies simply use software on a cloud rather than buy it, license it, upgrade it, and patch it on their local machines. Anyone using a service like Yahoo Mail or Google Docs is already using software as a service cloud computing. This is the most popular form of cloud computing because it is highly flexible and minimizes the maintenance of software. This service is best suited for companies that are not specifically in the technology business and simply need their software to be available and require little maintenance. Even companies who already have their own software should look into using software-as-a-service if they spend a lot of time on the maintenance of in-house software. There are many providers of software-as-a-service, including Amazon, Microsoft and Google.

Now, while many of these cloud computing services sound beneficial, there are still some disadvantages to take into account before jumping into a cloud. Keep in mind that all of these services require an Internet connection. If your connection goes out, you won’t be able to connect to the cloud and use the hardware, platform, and/or software that your company requires to operate. In this case, companies may want to still invest in some local infrastructure so operations do not come to a crashing halt.

Another concern is that some companies are apprehensive about turning all their data over to a third party (not to mention, it can be a chore to migrate massive amounts of data to a cloud). How can they be sure their data is protected? What if the cloud server is hacked? While these questions should be investigated, remember that cloud computing services live and die by their reputations, so information assurance is a high priority for all of them.

These fears of cloud computing stem from the fact that your company is at the mercy of a third party. There is a loss of control and it is not a predictive as having a local infrastructure. If something goes wrong, you have to depend on your cloud provider to respond and troubleshooting can be very complicated. Many companies are still reluctant to give up control over their data.

But with these warnings in mind, cloud computing has many general advantages that all companies can appreciate. Company data is backed up and secured by your cloud provider. Less equipment and hardware saves space and reduces electricity costs. Users have access to the same data and software no matter how geographically diverse. With less time spent on “keeping the lights on” with in-house maintenance, CTOs can better spend their time and resources on future growth. And with a fixed cost structure for the service, you can better allocate your IT budget.

Companies may want to consider first testing the waters by using an existing cloud offering as an extension of their in-house architecture. Then, if the company is comfortable with the service, they can move new projects to cloud-based services. Finally, the company can migrate their existing applications to the cloud if the cloud is reliable and it makes sense economically.

In the end, it is up to each individual CTO to determine if the advantages of cloud computing make sense for their company. This can only be determined with a thorough assessment of the costs and requirements of their technology needs and comparing it to the costs and risks of a cloud computing service. While it may be economical for some companies, it may not be for others. But for every company, it is worth at least worth the time and effort to look into.

3 Comments

Posted in Big Data, Cyber Security, Data Breach, Public Cloud, Security, Technology

Tagged , , , , , ,

If Amazon were in Apple’s position, would it unlock its cloud for the feds?

Posted on February 24, 2016 | 1 comment
Lock
There’s an easy way to protect your data in the cloud.

As Apple continues to resist FBI demands to unlock a terrorist suspect’s phone, it raises a question: What if Amazon Web Services was ordered to provide access to a customer’s cloud? Would AWS hand the data over to the feds?

+MORE AT NETWORK WORLD: Tim Cook issues internal memo on ongoing FBI/iPhone saga | VMware turns to IBM in the public cloud +

Amazon’s terms of service provide us a clue. AWS says it complies with legally binding orders when compelled to do so. Here’s a statement from Amazon’s FAQ on cloud data privacy (which is not written specifically about the Apple-FBI issue):

“We do not disclose customer content unless we’re required to do so to comply with the law or a valid and binding order of a governmental or regulatory body. Governmental and regulatory bodies need to follow the applicable legal process to obtain valid and binding orders, and we review all orders and object to overbroad or otherwise inappropriate ones.”

Most of the time, when ordered to hand over data, Amazon does so. In 2015 AWS received 1,538 subpoenas from law enforcement officials, according to information the company recently began making public. Just over half the time (in 832 cases, or 54% of the time) AWS complied fully with those orders. Another quarter of the time (in 399 cases) Amazon partially responded to the request for information, while in the remaining 20% of cases AWS did not respond to the subpoena.

amazon-subpoenas-100646389-large_idge

For customers who are concerned about Amazon handing over their data to the government, there are protections that can be put in place. “There’s a huge market focused on encrypting data stored in the cloud, and giving the customers the keys,” explains 451 Research analyst Adrian Sanabria. If customers use a third-party encryption service to scramble their data and manage the keys themselves, then even if Amazon did hand over the data to the feds, it would be useless. “Yes, it does sometimes create some issues with flexibility and breaking functionality, but it is there as an option if you want it, and (if done properly) AWS (or the government) can’t decrypt the data,” Sanabria says.

+ MORE ON APPLE: Apple and the FBI will need to compromise, Cisco’s CEO says +

AWS offers multiple different encryption methods, including ones that are built in automatically to some services – like S3, the Simple Storage Service, and others that customers manage themselves, such as the Hardware Security Module (HSM). AWS’s marketplace offers a variety of additional encryption and security services from independent software vendors.

Amazon says that it notifies customers when there’s been a request for their data to be handed over, unless there’s a compelling reason not to do that; for example if its clear the cloud service is being used for an illegal purpose.

AWS is more stringent about not providing other types of information to the government. In the second half of 2015 alone, AWS received 249 “National security requests” but did not comply with any of them. AWS also received 78 requests from non-U.S. entities, the vast majority of which (60) the company did not respond to.

AWS did not respond to a request to comment on this story.

Microsoft Azure basically has the same policy, according to the company’s website, saying “We do not provide any government with direct or unfettered access to your data except as you direct or where required by law.”

Even with all the concern over providers or the government being able to access data, Sanabria estimates that only a minority of cloud users encrypt data and manage their own keys.

 

 

 

 

1 Comment

Posted in Big Data, Network, Public Cloud, Security, Technology

Tagged , , ,

Verizon Shutting Down Public Cloud, Gives Users One Month to Move Data

Posted on February 15, 2016 | 1 comment

Verizon-HQ-NY-getty-e1455314841646
Verizon Communications, which several years ago had huge public cloud ambitions, is shutting down its public cloud service, which competes head to head with giants like Amazon Web Services and Microsoft Azure.

The company notified its cloud customers of the coming change Thursday, giving them one month to move their data or lose it forever. It has already removed any mention of public cloud compute services from its website.

The move appears to be a confirmation of what many in the industry have been predicting, especially since news started coming out of big telcos looking to offload massive data center portfolios they had amassed in recent years to go after the cloud services market. It has become almost impossible to compete with AWS, Azure, and to a lesser extent with Google Cloud Platform in the market for renting virtual compute power over the internet and charging by the hour.

In competing with each other, these giants have made the cost of using cloud VMs so low and built out global infrastructure so big, no-one can really manage to keep up. HP made several attempts to become a public cloud provider but failed, and so did Dell. Notably, IBM is still in the market, gradually expandintg its cloud data center capacity around the world.

Read more: Who May Buy Verizon’s Data Centers?

Publicly, Verizon has been quiet about its plan to discontinue public cloud services, one of its spokespeople telling Fortune the closure affected a “cloud service that accepts credit card payments…” The world learned about it from a tweet by one of its cloud customers, who posted the entire notice, giving customers the deadline of April 12 to move their data elsewhere:

Ca9xq65UAAA5sz1Ca9xq6_UsAATNKM

A Verizon spokeswoman did not respond to a request for comment from Data Center Knowledge in time for publication.

The company is offering its Virtual Private Cloud services as an alternative. These are dedicated, physically isolated cloud environments. They are usually a lot more expensive than public cloud services, where many customer VMs run on shared physical servers.

“Please take steps now to plan for migration to VPC or another alternative before the discontinuation date,” the notice read. “Verizon will retain no content or data remaining on these Cloud Spaces after that date and any content or data that you do not transfer prior to discontinuation will be irrecoverably deleted.”

Services being shut down are Public Cloud and Reserved Performance Cloud Spaces. Public cloud storage services will remain intact.

Kenneth White, the user who posted Verizon’s notice on Twitter, is a security researcher and co-founder of the Open Crypto Audit Project. In another tweet, he referred to Verizon’s “credit card payment” response to Fortune as spin:

One of the people who commented under White’s original tweet was involved in one of HP’s failed early efforts to build a public cloud business, saying those efforts stood little chance against AWS:

The commenter, Tim Pletcher, was a senior engineering manager at HP between 2011 and 2014, according to his LinkedIn profile.

Gartner analyst Lydia Leong, one of the top industry analysts covering cloud services, wrote in a tweet that although the technology behind Verizon’s public cloud was impressive, going from vision to successful product is a difficult road:

Another one bites the dust !!!!!

 

 

1 Comment

Posted in Network, Public Cloud, Technology

Tagged , ,