The biggest challenge for today’s enterprise IT is to provide 24/7 access to corporate resources from a range of devices while securing and managing the infrastructure. Closed IT access policies are a thing of the past. With the advent of IT consumerization, employees are now able to access company resources from anywhere, anytime and from […]
The post Why Parallels RDP Client Makes More Sense than Citrix XenApp Receiver appeared first on Parallels Blog.
On February 8, 2011, then United States CIO Vivek Kundra released the US Federal Cloud Computing Strategy[1]. In the executive summary he laid out the inefficient state of affairs that was the US Federal Government’s IT environment:
The Federal Government’s current Information Technology (IT) environment is characterized by low asset utilization, a fragmented demand for resources, duplicative systems, environments which are difficult to manage, and long procurement lead times. These inefficiencies negatively impact the Federal Government’s ability to serve the American public.
(c)iStock.com/Nomadsoul1
To ensure a completely bulletproof data service, there are certain components you must own and control. At all times, you need to ensure that you’re in the driver’s seat, and that you didn’t hand over your car keys, along with your corporate data security and privacy, to someone else.
As your company’s security expert, you are the one chosen to protect your organisation’s data so you should invest in a system that allows you to apply your corporate policies, integrate your corporate security countermeasure systems while gaining continuous insight to your corporate user usage patterns.
You must own your corporate user identities, your metadata and your encryption keys. In addition, you must control your corporate data residency, network countermeasures and internal and external sharing policies. This must be achieved against a backdrop of heightened regulation and increased threats for enterprises that want to adopt cloud computing.
On the regulatory front, the US Patriot Act stipulates that the US government may collect data from US-based cloud companies regardless of the data’s physical location. As part of the PRISM programme, the NSA secretly collects internet communications from major US internet companies, including Google and Microsoft.
High profile hacks demonstrate the intensification of malicious attacks by rogue parties and it has become fundamental for any organisation using cloud services that they can demonstrate they – and their cloud providers – are compliant to the highest security standards.
Such standards include state-of-the art physical protection of hosting facilities, electronic surveillance and ISO 27001 certifications, to name a few, but while such efforts may sound impressive, in reality they offer absolutely no defence to enterprises seeking a security model that cannot be owned. In addition, they provide no protection against government data requests, blind subpoenas and clandestine spying.
Many SaaS companies will tell you that it matters less where the data is physically located, and more where the encryption keys are managed. One way around data privacy and residency regulations is encrypting everything before sending it to the cloud, and keeping the encryption keys on-premises, while allowing the encrypted data to be stored at public cloud providers. This is sound advice.
Attempting to implement this idea, many public cloud file services have announced their support for enterprise key management (EKM) to push security-conscious, cloud-averse organisations to adopt the cloud by placing the encryption keys in the customer’s hands.
While at first this may seem like a good approach to data security, it’s neither sufficient nor comprehensive, because, whether cloud-based or on-premise, EKM only provides a solution for preventing data arriving at unwanted hands after the event.
Your enterprise data service needs to provide you with controls that will enable you to take proactive measures and adhere to secure file transfer standards to prevent sensitive corporate data loss or leakage.
You need to trust that your service provider:
In this age of cyber threats and exponential data growth, organisations cannot afford to take the optimistic approach or put on blindfolds and pray that their company’s sensitive information doesn’t get compromised. Breaches are the new normal.
(c)iStock.com/phototechno
Enterprise cloud storage provider Box has announced its second quarter financial results, with revenue at $73.5 million (£47.6m) and a customer base of over 50,000.
For the second quarter of fiscal 2016, ending July 31, Box announced revenue figures at an increase of 43% year over year. Billings were at $79.6m, an increase of 45% from the same period last year, while non-GAAP operating loss was at 45% of revenue, down from 57% in fiscal year 2015.
The SaaS provider noted among its 50,000 customers were Airbnb, Uber, and IBM. The latter is particularly noteworthy. In June the two companies announced a collaboration aimed at content management and social collaboration, as well as future integration with Watson Analytics. Yet it goes beyond that; IBM signed one of the four customer deals beyond $500,000 in the last quarter.
Dylan Smith, co-founder and chief financial officer of Box, said in a statement: “We continued to execute on our path to profitability by delivering improved non-GAAP operating margin. While we continue to invest in our large market opportunity and solidify our leadership position, our business model allows us to drive gains in operational efficiency as we scale.”
Box has made various plays in recent months to strengthen its hand in both enterprise and security. Among the more than 40 federal customers on the SaaS provider’s books is the US Department of Justice, in a deal announced back in May. Two months before, Box hired former General Services Administration CIO Sonny Hashmi to help lead the company’s efforts in the space.
It was this area which was cited as key by Zuora CEO Tien Tzuo in March. Analysing strategic avenues in the aftermath of Box’s IPO, he wrote: “Risk-averse, highly regulated industries like healthcare, banking, and government represent huge opportunities for Box. Box has a huge opportunity in terms of offering government-grade protection protocols to both large enterprises and private consumers.
“Users may come to see Box as less of a place where they store information securely, and more of a place where they go to actively secure sensitive information.”
Compare and contrast with Dropbox, a company often portrayed as a rival, particularly given both firms’ push towards enterprise customers. In June Dropbox announced eight million business users were on board, a number which has doubled in 19 months.
Information overload has infiltrated our lives. From the amount of news available and at our fingertips 24/7, to the endless choices we have when making a simple purchase, to the quantity of emails we receive on a given day, it’s increasingly difficult to sift out the details that really matter.
When you envision your cloud monitoring system, the same thinking applies. We receive a lot of useless data that gets fed into the system, and the reality is no one in IT or DevOps has the time to manually determine the actionable data points (that’s a whole job itself), meaning monitoring what really matters is a tall order.
Monetizing the cloud is fast becoming a hot area of interest for everyone. Rightfully so, perhaps because we have come along in our evolution as cloud technologists and are now able to see more than just being able to make things work on the cloud. It’s time now to derive maximum value from the cloud and the need for any vendor is to generate revenue. What are the rules of monetization and how do we even get started? Let’s look at three things that essentially make up a monetization framework.
The concept of cloud backup has been around awhile and seems well-understood: For a monthly fee, a third-party vendor will back up your business data and store it “in the cloud” (network of servers) so it can be retrieved on demand at a later date.
What is less well-understood is the idea of cloud disaster recovery. Its name gives some indication of its purpose, suggesting a more robust response to an unforeseen data-loss emergency. But is a more robust response always the appropriate response? In other words, how does one calibrate a solution to best fit one’s specific needs?
Enterprises can achieve rigorous IT security as well as improved DevOps practices and Cloud economics by taking a new, cloud-native approach to application delivery. Because the attack surface for cloud applications is dramatically different than for highly controlled data centers, a disciplined and multi-layered approach that spans all of your processes, staff, vendors and technologies is required. This may sound expensive and time consuming to achieve as you plan how to move selected applications to the cloud, but smart organizations are actually reporting an improved security posture, accelerated development processes and greater cost savings.
“It’s important to have control over each module and each service in order to distribute the load and make the whole system flexible. We need to work with every component of the infrastructure and adjust it – and IaaS with its ready solutions helps us and saves both our and our customers’ time,” explained MobiDev CEO Oleg Lola and CCO Oleksii Ostroverkhyi, in this exclusive Q&A with Cloud Expo Conference Chair Roger Strukhoff.
(c)iStock.com/mikedabell
Even though 93% of businesses are now using the cloud in some capacity, expectations are exceeding specific gains according to a new survey from cloud provider ElasticHosts.
More than four in five (84%) UK-based CIOs believe their cloud provider could do more to reduce the burden on in-house IT staff, and a similar number (80%) believe the pricing structure is a “rip off.”
Top of the list of grievances was slow response time to customer service queries, cited by 47% of respondents. Call handlers lacking sufficient technical knowledge (41%) and use of automated phone lines (33%) were also major issues.
Three in four respondents believe the move to cloud has forced them to sacrifice service and support in some capacity, while a third insist they have sacrificed the majority or all support by moving to the cloud.
This is not the first piece of research to suggest vendors must up their game. Back in June a report from iland and Forrester asserted cloud providers must do better in assuaging compliance fears, building support issues, and making customers feel wanted. At the time, Forrester gave three takeaways for customers: get the metadata you require; look for cloud providers with strong reporting and compliance alerting; and ensure your cloud is supported by humans.
The latter point correlates with the ElasticHosts research. Richard Davies, ElasticHosts CEO, argues, “Many companies adopt cloud so they can take away the headaches related to managing their IT and reduce the burden on in-house IT staff. Yet when using any services, you want to be able to ask questions. You should be able to do this without having to pay a hefty premium.”
Among Davies’ interests is Springs.io, which launched in July as the UK’s first pure play container cloud service. Building upon the auto-scaling Linux container technology from ElasticHosts, the startup aims to make cloud computing a similar commodity as gas, electricity and water – automatically scaling and billing users based on their actual usage and not being a ‘rip off’, as a majority of CIOs claim.