By Kenneth N Rashbaum Esq. and Jason M. Tenenbaum of Barton, LLP.

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

In light of the disclosures by Edward Snowden, there has been a push towards transparency both from governments and from technology companies that have amassed data about the personal lives of citizens. While the call for increased transparency has been worldwide, the European Union has been at the forefront of advocating for change.

In addition to revising its Data Protection Directive, a topic that will be discussed in more detail in a future post, the EU also tasked a group of industry experts from companies like Amazon, Adobe, Google, Microsoft, IBM, and Oracle with standardizing the language of cloud computing contracts to make them more consistent and easier to understand.

As a result, on June 6, 2014, the European Commission’s Cloud Select Industry Group – Subgroup on Service Level Agreement (“C-SIG-SLA”) released its Cloud Service Level Agreement Standardization Guidelines (“Guidelines”). Part of the larger Digital Agenda for Europe, the stated goal of the Guidelines is to “improve[] the clarity and increase[] the understanding of SLAs for cloud services in the market, in particular by highlighting and providing information on the concepts usually covered by SLAs.”

As such, the Guidelines are a “set of principles that can assist organisations[] through the development of standards and guidelines for cloud SLAs and other governing documents.”

The Guidelines propose that SLAs should be drafted with an eye towards consistency across companies in a manner that is “business model  and technologically neutral,” with unambiguously defined terms and with a broad variety of users in mind. In addition to these guiding concepts, the Guidelines suggest that topics such as encryption, logging and monitoring,  privacy,  availability (“up time”), termination processes, and breach response be addressed in sufficient detail to allow customers to make informed decisions about the cloud service providers and their services.

Neelie Kroes, the European Commission Vice-President, hailed the Guidelines as a step in the right direction, stating that “small businesses in particular will benefit from having these guidelines at hand when searching for cloud services.” As the initiative to standardize SLAs is based in the European Union, it remains to be seen what effect these Guidelines will have on American companies and their agreements.  

Currently, the C-SIG-SLA is working with ISO (International Organisation for Standardisation) to present the “European position at the international level.” As such, the Guidelines, in whole or in part, may ultimately become international standards and will find their way into SLAs for engagements with hosting providers and their customers within U.S. This is only logical in that many U.S. cloud engagements in this age of globalization comprise data from beyond the United States.

Accordingly, if the Guidelines have the effect that the European Commission Vice-President believes that they will have, American companies will most probably conform to the principles established by the Guidelines for business reasons.

The post Standardization of Cloud Contracts In Europe: Coming Soon to the U.S.? appeared first on Cloud Computing News.

The prognosticators have been at the tea leaves and crystal balls again. This time, an IDC study has found that cloud hardware spending will break $4bn (£2.34bn) across EMEA in 2014.

The report, entitled EMEA IT Infrastructure Hardware for Public and Private Cloud 2011-2018 Forecast, saw year on year growth of 19% and “confirmed that cloud is the major disruption factor in the EMEA infrastructure hardware market”, according to a press release.

According to the researchers 15% of infrastructure spend in EMEA will be related to cloud environments in 2014. This went up from a miserly 8% in 2011 and will grow to more than 22% by 2018.

$3.4bn (£1.99bn) was spent on hardware going to cloud environments in EMEA through 2013, with the majority of it (42%) going on public cloud environments. 38% of spend went to on-premise private clouds, and 20% by hosted dedicated private clouds, showing a relatively even mix.

This won’t last though, with figures showing that public cloud spend will accelerate to the point of contributing almost $3bn in spend alone by 2018, as can be seen in the graph below:

Credit: IDC

Perhaps less surprisingly, strongest growth in EMEA is driven by Western Europe.

“In the longer term, IDC expects greater adoption of hybrid cloud with benefits for both private and public consumption”, said Monhammed Hefny, senior research analyst at IDC EMEA. “Hybrid cloud allows customers to retain sensitive data behind a corporate firewall while still taking advantage of cloud-related lower costs.”

Recent cloudy IDC predictions include a report from David Tapper on the state of the IaaS market which concluded that IBM was the vendor of choice for the US enterprise market, whilst the analyst house’s emphasis on big data, social, mobility and cloud for the future of IT is remarkably similar to Gartner’s Nexus of Forces – remember analyst firms usually like to disagree with one another, of course.

What do you make of this?

Like most maturing industries, standards are required to achieve broad adoption and maximum value. For the cloud, in particular cloud Infrastructure as a Service (IaaS) offerings like Amazon Web Services and Rackspace Cloud, it’s time for a standard method for presenting these services so buyers can reasonably compare and contrast and make better buying decisions.
At the moment, purchasing IaaS is similar to how groceries were bought decades ago – very difficult to compare – both the product contents and the price/value vary from one vendor to another. A recent study conducted by the Open Data Center Alliance (ODCA) – involving Intel, Appnomic Systems and a number of other ODCA enterprise members – illustrates just how difficult the situation is today.

read more

Cloudy ERP and CRM provider NetSuite has snapped up London-based e-commerce provider Venda in a move which signals a concerted effort by both companies for omnichannel commerce in the cloud.

The two companies told CloudTech they had first met about four years ago, with the deal – the terms of which were not disclosed – coming about as both firms “share the same DNA”, according to Venda CTO and co-founder James Cronin.

Pete Daffern, president EMEA at NetSuite, told CloudTech: “We’ve been talking to Venda for a number of years because if somebody doesn’t want our backend capabilities, and they’re using one of the competitive ERP solutions, it’s really giving them another solution to plug in to that as they might evolve to the next solution over time.

“That’s very much part of what this is about, as well as acquiring a company with a great set of customers and a great set of technicians to allow us to further enhance the e-commerce capabilities,” he added.

“It’s just us doubling down on our European investment.”

Cronin added: “What we’re going to be doing in the short term is further enhancing the integration that we have between the Venda platform and the NetSuite platform, continuing to sell both products, and allowing our customers the choice of an upgraded end to end solution as and when the time’s right.”

There are two technology plays here: firstly, it’s about companies moving more of their core business systems to the cloud, as well as omnichannel commerce, across devices and across all parts of the customer experience, from EPOS and order management to inventory and customer support.

For Venda, whose customers include Tesco, TK Maxx and Arsenal Football Club, there was a noticeable trend of becoming more integrated into their customers’ business as e-commerce became more important.

“It’s clear that businesses succeed now by having fully integrated business systems,” Cronin said. “Some retailers are running on business systems that were built maybe 10 or 20 years ago, so now almost all of those systems need upgrading and enhancing.

“NetSuite’s vision of being able to deliver all that capability in the cloud, in a way that upgrades are managed for you, that security’s managed for you, that availability is managed for you, is really exactly the same idea we had for e-commerce. They just have a more complete product set.”

NetSuite will discuss the financial implications of this deal on July 24. Find out more information here.

In a post Snowden world it is clear that for cloud data security, we need strong encryption. When properly implemented, encryption in the cloud reduces risk to levels acceptable for sensitive data.

There is no doubt data protection in the cloud computing era is never going to be a ‘one size fits all’ kind of a solution. It requires a 360-degree view of the company with 365-days a year dedication.

The best place to start is with a risk analysis so you know what kind of data you have, its levels of sensitivity, who’s using it, where it’s used and stored, and how and where and over what technologies it’s going to ‘commute’. You need to understand your company’s data – in terms of technology and human weaknesses. Data should be unreadable to an attacker. It must be incoherent at all times to anyone other than you and your trusted personnel: while it’s travelling – or you are; whether it’s in transit, storage, stopping, or resting, data is safest in encrypted form.

read more

If your organization’s got a lot riding on the continued security of its confidential or proprietary data, then you need to stay informed on the threats and how to address them. One of the most worrying threats of late, especially when it comes to cloud data security, is government spying – both foreign and domestic.
Foreign spying and corporate and economic espionage are, of course, not new concepts, but the enterprise’s increasing reliance on the Internet and cloud computing make them more of a concern than ever before. Just this week, the Wall Street Journal reported that the U.S. Justice Department has indicted five officers of the Chinese military on charges that they “hacked U.S. companies’ computers to steal trade secrets” from firms including U.S. Steel Corp. and Westinghouse Electric Co. Wang Dong, Gu Chunhui, Sun Kailiang, Huang Zhenyu, and Wen Xinyu are the first “employees of a foreign power [to be charged] with cybercrimes against American firms,” according to the WSJ, but they won’t be the last.

read more

SYS-CON Events announced today that DevOps.com has been named “Media Sponsor” of SYS-CON’s “DevOps Summit at Cloud Expo,” which will take place on June 10–12, 2014, at the Javits Center in New York City, New York.
DevOps.com is where the world meets DevOps. It is the largest collection of original content relating to DevOps on the web today Featuring up-to-the-minute news, feature stories, blogs, bylined articles and more, DevOps.com is where the thought leaders of the DevOps movement make their ideas known.

read more

Some people are never satisfied. These fearless agents of change are everywhere. They’re informed, confident and willing to experiment. They seek out the best business technology solution for the job at hand. They act on instinct. Yes, you could say that they’re driven.

However, they’re also at risk of being labeled as «rogue employees» because they ordered a software-as-a-service (SaaS) offering and perhaps expensed it without prior approval. Sometimes they’re the champion of progressive projects that are referred to as Shadow IT — intentionally bypassing their company’s formal evaluation and procurement process. How can this happen?

Is it just because their activities are tolerated, or are they being encouraged? If so, by whom? Why would any business leader applaud a team member that breaks the rules? Maybe, the simple answer is that staying within the confines of the status-quo won’t enable a top-performer to fully apply their talent, achieving their absolute best.

On the other hand, having a defined structure does provide benefits. Clearly, standardised business technology purchase processes are often chosen to create a manageable IT environment. But those guidelines also need to be flexible, to accommodate exceptions to the rules.

Truly, this scenario creates a dichotomy; one that will likely occur at greater frequency — from within the smallest business to the largest enterprise — as more companies encounter rapid shifts in global markets that tend to reward the most agile and responsive competitors.

Ongoing quest for strategic advantage

As a senior executive, you know that business technology will always be a key part of your own forward-looking planning process. It’s assumed that information and communication technology (ICT) will continue to be the business enabler of the 21st Century.

But these platforms are often just the table stakes that enables your business to participate in the Global Networked Economy — they’re not the actual source of a sustainable strategic competitive advantage.

In 2003 Nicholas Carr wrote a provocative article for HBR entitled «IT Doesn’t Matter» — where he suggested that once a technology achieves ubiquity, then the focus must shift to differentiated applications that are very difficult for competitors to replicate. Likewise, in time, cloud will become commonplace. So, when that eventuality comes to pass, what comes next?

That’s when value-adding vendor offers of guidance on how to achieve distinct business outcomes will have the edge in this rapidly evolving marketplace. When evaluating cloud companies, such as Cisco, look for a vendor that offers deep domain contextual guidance at every stage of the cloud evolution cycle, for each of the major industry verticals, and for all the key stakeholders within your diverse leadership team.

This will help you implement a cloud-first strategy that brings together your organization, cloud partners and providers, and other technology vendors to form a portfolio and strategy that is open and secure.

Moving beyond basic cloud readiness

If your organization is an early-adopter of cloud computing, then you’re already ahead of the game. You probably know how cloud services can be applied to help you achieve your desired business outcomes.

But are you seeing the full depth and breadth of the upside potential opportunities? If so, then are you ready to respond — just in time — when your top performers are ready to act on the next wave of cloud-related capabilities?

According the latest findings from the Cisco Global Cloud Index, 2014 will be the first year when the majority of workloads shift to the cloud — it’s estimated that 51 percent of all workloads will be processed in the cloud. By 2017, it will expand to 63 percent of all workloads.

Furthermore, if you’ve been following the key business technology trends, then you know that the evolving cloud services debate now incorporates the advent of mobile internet applications — many of which are inherently cloud-centric. The virtual mobile office will gain momentum in 2014.

Preparing to navigate the Internet of Everything

When the Internet emerged just over two decades ago, at first it wasn’t clear what — if anything — would be significantly impacted. Today, we can point to numerous examples of how it has removed traditional boundaries to market entry, leveled the playing field, or recast a legacy industry landscape. Certainly, the disrupted media and entertainment sectors will come to mind.

But what we’re about to see will make that transition pale in comparison. The Internet of Everything will change all kinds of industries that may have seemed unscathed by the prior disruptions. For the adventurous among us, that means a vast array of new opportunities.

And yet, many of the same core business-related challenges will likely remain constant. New venture capital investment will still be in short supply. Top-performing employee talent might be difficult to hire and retain.

Meanwhile, cloud services will be abundant. You’ll have a plethora of choices — including public, private and hybrid cloud offerings. But so will every one of your competitors. Therefore, you’ll need something extra special, something that truly differentiates you in the marketplace.

If you want to win big, then you’ll need to apply the best and brightest minds — to uncover that special ingredient. Be prepared to seek help and ask for guidance from those who have «been there, and done that» type of forward-thinking ICT project before.

Value-adding vendors have savvy business consulting and technical services staff, plus a multifaceted ecosystem of integration partners that you can depend on to meet your primary goals and satisfy the demands of your top-performers. Be wise, choose carefully. Don’t settle for anything less than what you really need to succeed in the coming year.

Some people are never satisfied. These fearless agents of change are everywhere. They’re informed, confident and willing to experiment. They seek out the best business technology solution for the job at hand. They act on instinct. Yes, you could say that they’re driven.
However, they’re also at risk of being labeled as «rogue employees» because they ordered a software-as-a-service (SaaS) offering and perhaps expensed it without prior approval. Sometimes they’re the champion of progressive projects that are referred to as Shadow IT — intentionally bypassing their company’s formal evaluation and procurement process. How can this happen?
Is it just because their activities are tolerated, or are they being encouraged? If so, by whom? Why would any business leader applaud a team member that breaks the rules? Maybe, the simple answer is that staying within the confines of the status-quo won’t enable a top-performer to fully apply their talent, achieving their absolute best.

read more