The Great Public Cloud Correction | @CloudEXPO @Hostway @ESayegh #Cloud #Infrastructure #Serverless #DataCenter

Signs of a shift in the usage of public clouds are everywhere. Previously, as organizations outgrew old IT methods, the natural answer was to try the public cloud approach; however, the public platform alone is not a complete solution. Complaints include unpredictable/escalating costs and mounting security concerns in the public cloud. Ultimately, public cloud adoption can ultimately mean a shift of IT pains instead of a resolution.

That’s why the move to hybrid, custom, and multi-cloud will become more and more prevalent. At the heart of this technology trend exists a custom solution to meet the needs and concerns of enterprise organizations, including compliance, security, and cost issues. The «new normal» of enterprise clients is a world of hybrid and multi-cloud solutions, and it is slowly changing the IT technology landscape. Better tools, better management, and easier adoption are emerging. For instance, such as AWS Outposts and Azure Stack. These are big-time, in-demand technologies in the enterprise space, and as these options evolve, we can expect that additional hybrid solutions and integrations will emerge from the market landscape.

read more

Hybrid Cloud and Serverless Case Studies | @KubeSUMMIT @Platform9Sys #Serverless #Containers #DevOps #Docker #Kubernetes

Serverless applications increase developer productivity and time to market, by freeing engineers from spending time on infrastructure provisioning, configuration and management. Serverless also simplifies Operations and reduces cost – as the Kubernetes container infrastructure required to run these applications is automatically spun up and scaled precisely with the workload, to optimally handle all runtime requests.

Recent advances in open source technology now allow organizations to run Serverless and Kubernetes reliably, at scale, also on on-premises and private cloud infrastructure. The ability to achieve the benefits of Serverless on existing infrastructure – and not having to rely solely on public clouds – has greatly increased the adoption of Serverless across industries, including financial services, IoT, retail, healthcare, and more.

Serverless offers an incredible opportunity for business accelerate innovation and reduce operational costs – both for green field applications, as well as for established organizations with legacy applications and technical debt.

read more

How to tackle the multi-cloud security challenge

A growing number of organisations are adopting a multi-cloud strategy in a bid to avoid over-reliance upon one vendor and reduce the risk of threats like DDoS attacks. This generates cost savings, yields performance optimisation, and improves up-time to ensure that operations run at all times.

Abandoning a ‘one-cloud-fits-all’ approach and using multiple services from different cloud providers delivers a raft of other organisational benefits, as well. Through this approach, businesses have the freedom to select offerings that suit their specific needs while structuring different workloads into separate environments in order to stay in line with their business goals and policies. In other words, they maintain their flexibility and operate in the fashion that they prefer.

With enterprises in fast pursuit of digital transformation, the number of multi-cloud deployments is rising rapidly. Companies are moving their data to the cloud to automate operations, enabling bring your own device (BYOD) systems, as well as integrating technologies like AI, IoT, blockchain, and new cognitive tools in order to increase overall efficiency. According to research by the Cloud Industry Forum, 75 percent of UK organisations currently deploy two or more cloud-based services, with 84 percent planning to increase their use of cloud.

Rethinking the enterprise security strategy

While improvements to cloud management tools have made it easier for multi-cloud IT environments to deploy and operate, some challenges still remain. Security is a fundamental issue that can’t be ignored, and while cloud providers have appropriate protocols and tools to ensure that their offerings are safe, the responsibility for securing data itself (particularly at access) still lies with the enterprise. CISOs usually understand the criticality of data and threat security, which is why they are selective when it comes to cloud vendors and third-party tools for securing data access.

There are three key factors that are necessary for enterprises wanting to harness the benefits of multi-cloud without compromising on security.

Come to grips with the reality of the cloud

When it comes to using the cloud, and even more so with multiple cloud vendors, the traditional models of data management and security don’t apply. No longer confined to a controlled environment on premises, employees have the ability to access enterprise data from any location, on any device, and at any time. This means information will be flowing in and out of cloud applications via infrastructure that the enterprise does not own or control.

Traditional security tools are not built to protect cloud data that is accessed from these personal devices and off-premises networks. What’s more, as companies begin moving data from on-premises solutions to the cloud, they must address new cloud-specific types of threats and vulnerabilities.

As the number of cloud services adopted increases, monitoring these data flows can become increasingly challenging; however, companies must still maintain full visibility and control over their information.

Similarly, enterprises need to re-evaluate how they protect against cyber threats like malware. Implementing tools that can stop known and unknown threats in the cloud, on any device accessing data, and in real time is necessary for complete security.

In other words, unique security solutions are needed in this unique cloud environment.

Gain visibility and control over data

While many cloud services come with native or built-in features that offer some degree of visibility and control within their specific applications, applying policies or making changes across every individual cloud service in use can be painful and problematic.

For example, a healthcare provider may need to comply with a new privacy regulation for health records or other protected health information (PHI). This institution would need to add new policies for identifying sensitive data patterns, as well as controlling who can access this data and when.

Dependency on native security tools alone would result in the IT team confronting the massive task of manually adding or editing policies in each and every application. This scenario is further complicated by the fact that some apps’ native security features may be less granular than others, making it difficult to apply these changes on a uniform basis; some apps simply cannot be secured as well as others.

To address these challenges, organisations need a single solution that delivers visibility and control across all their cloud applications.

Replicate due diligence in the cloud

Making the move to multi-cloud doesn’t necessarily mean that the practices applied in on-premises environments should be discarded. While this may require different technologies and implementation strategies, enterprises will still need to maintain comprehensive data protection, threat protection, visibility, and identity management to prevent unauthorised access to their data.

To ensure comprehensive protection, the security solutions selected must be easy to deploy and integrate with existing on-premises tools. This will assure continuous and consistent security across the enterprise no matter where its data goes. These advanced solutions will also need to be scalable enough to cope with the addition of more cloud applications and cloud-based workloads.

Initiating effective real-time security and governance that is appropriate for the multi-cloud world is vital to ensuring the delivery of persistent protection for data and its users. Recognising this need and reframing security strategies appropriately will ensure organisations can take advantage of a multi-cloud environment with confidence.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

CloudEXPO Gold Sponsor @SUSE to Present at @KubeSUMMIT | #CloudNative #DevOps #Serverless #AWS #Docker #Kubernetes

Take advantage of autoscaling, and high availability for Kubernetes with no worry about infrastructure. Be the Rockstar and avoid all the hurdles of deploying Kubernetes. So Why not take Heat and automate the setup of your Kubernetes cluster? Why not give project owners a Heat Stack to deploy Kubernetes whenever they want to?

Hoping to share how anyone can use Heat to deploy Kubernetes on OpenStack and customize to their liking.

This is a tried and true method that I’ve used on my OpenStack clusters and I will share the benefits, bumps along the way and the lessons learned.

read more

Announcing @xMatters _Inc «Technology Sponsor» of @CloudEXPO | #CloudNative #DevOps #Serverless #Docker #Kubernetes

xMatters helps enterprises prevent, manage and resolve IT incidents. xMatters industry-leading Service Availability platform prevents IT issues from becoming big business problems. Large enterprises, small workgroups, and innovative DevOps teams rely on its proactive issue resolution service to maintain operational visibility and control in today’s highly-fragmented IT environment. xMatters provides toolchain integrations to hundreds of IT management, security and DevOps tools. xMatters is the primary Service Availability platform trusted by leading global companies and innovative challengers including BMC Software, Credit Suisse, Danske Bank, DXC technology, Experian, Intuit, NVIDIA, Sony Network Interactive, ViaSat and Vodafone. xMatters is headquartered in San Ramon, California and has offices worldwide.

read more

How to Sponsor @DevOpsSUMMIT | #CloudNative #Serverless #DevOps #APM #DataCenter #Monitoring #Kubernetes

Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector.

The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential.

DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.

read more

Mirantis to help AT&T build Network Cloud for 5G

US telecom giant AT&T will be building the next generation of its Network Cloud for 5G with the help of cloud computing firm Mirantis, as part of a three-year deal reportedly to be more than £7.7mn ($10mn).

AT&T’s Network Cloud for 5G will be built via software from an open source project known as “Project Airship”, which was initially formed by the telecom company, along with SK Telecom, the OpenStack Foundation, and Intel in May of 2018.

Amy Wheelus, AT&T’s vice president of cloud and Domain 2.0 Platform integration, said:

“Simply put, Airship lets you build a cloud easier than ever before. Whether you’re a telecom, manufacturer, healthcare provider, or an individual developer, Airship makes it easy to predictably build and manage cloud infrastructure.”

Boris Renski, co-founder and CMO of Mirantis, said that Project Airship is very crucial for AT&T because it is what makes it possible to roll out many data centres and manage them on a single life cycle.

“AT&T had the foresight to start building this in open source about one and a half years ago,” he commented.

AT&T’s Integrated Cloud (AIC), which was built using cloud infrastructure software from OpenStack, is used by more than hundred data centres. When A&T first announced the Project Airship, it said that it was changing the name of AIC to Network Cloud. And since then, the company is referring it as Network Cloud for 5G.

It has been years now that Mirantis is working with the American telecom giant. Moreover, the cloud computing firm was an early OpenStack collaborator and now provides commercial OpenStack distribution. OpenStack’s original software was built to use virtual machines (VMs) in the data centre.

AT&T’s Network Cloud for 5G is being built on OpenStack using containers as opposed to VMs. These containers are managed by a container management system, called Kubernetes.

The Network Cloud for 5G will be built based on containers and Kubernetes. However, it will still have ample of workloads running on VMs within its AIC.

(Photo by Markus Spiske on Unsplash)

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Mumsnet reports data breach to ICO after problematic cloud move


Bobby Hellard

8 Feb, 2019

Mumsnet has reported itself to the Information Commissioner’s Office (ICO) after a botched upgrade resulted in users accidentally logging into the accounts of others.

The parental forum believes that the breach was caused when moving its services to the cloud on Tuesday afternoon. The problem ran from 2pm Tuesday to 9am Thursday when the changes were reversed.

The breach concerns logins where for three days users logging into their accounts at the same time as another user could have had their account info switched. A user alerted the company to the breach on Wednesday night saying that they were able to login and view another user’s account.

Mumsnet said it is investigating its logs to determine the impact of the breach. Approximately 4,000 users were logged in during the three-day window, but Mumsnet doesn’t know how many of those were actually breached. The company has only been made aware of 14 incidents so far and those individuals have been notified of the issue.

According to the site, logging into another user’s account allowed them to see email addresses, account details, posting history and personal messages, but not passwords as they are encrypted.

No further incidents have been reported suggesting that it was the move to the cloud that caused the issues. Mumsnet founder Justine Roberts posted a blog post to apologise to users and notify them that it will report the breach to the ICO.

«You’ve every right to expect your Mumsnet account to be secure and private,» she said. «We are working urgently to discover exactly how this breach happened and to learn and improve our processes. We will also keep you informed about what is happening. We will, of course, be reporting this incident to the information commissioner.»

Mumsnet is not alone in this regard, as 2018 saw an unprecedented number of companies reporting data breaches, with almost 60,000 reported across Europe since GDPR came into force.

What’s interesting about the Mumsnet incident is it’s due to a fault during an upgrade to cloud services, highlighting the dangers of rushing digital transformations. To the company’s credit, it acted swiftly and took steps to shut down the problem, notify its users and involving the regulator.

IBM scores a major cloud win with multi-million dollar deal


Clare Hopping

8 Feb, 2019

IBM and Smart Energy Water have signed an agreement to boost the global energy and water provider’s cloud platform with the addition of IBM’s cloud infrastructure to host its mobile and web apps.

US-based Smart Energy Water will host various workloads on IBM’s cloud platform, including its customer and mobile workforce apps, online billing, energy efficiency monitoring, reward programmes and data collection tools.

SEW will offer the infrastructure for other energy businesses to build their apps upon IBM’s cloud. The utilities tech provider works with more than 150 energy and water businesses around the world, so this is a noteworthy deal for IBM.

“Consumers are open to new ways of engaging with their utility,» said Harman Sandhu, President at Smart Energy Water. «Together with IBM, we can deliver solutions at large scale that help utilities lower the cost-to-serve by moving customers from the call center to lower-cost digital channels, personalize service to increase overall customer satisfaction, and target customers for the right opportunities for value-added programs and services.»

The five-year deal will help SEW expand its offerings into analytics, artificial intelligence (AI), machine learning and Internet of Things (IoT), helping clients develop a more diverse set of tools to benefit customers.

“Smart Energy Water is anticipating the major impact connected technologies will have on their customers business,» said Brad Gammons, global managing director, IBM Energy, Environment and Utilities. «By investing in data, their workers can do their job better than ever before and customers will have access to self-service capabilities that can help improve client service.»

IBM has sealed deals with some pretty big businesses of late, including BNP Paribas and Vodafone.

Culture of Continuous Improvement | @DevOpsSUMMIT @GreenHouseData #Cloud #CIO #DevOps #DevSecOps #Serverless #ContinuousDelivery

Even if your IT and support staff are well versed in agility and cloud technologies, it can be an uphill battle to establish a DevOps style culture – one where continuous improvement of both products and service delivery is expected and respected and all departments work together throughout a client or service engagement. As a service-oriented provider of cloud and data center technology, Green House Data sought to create more of a culture of innovation and continuous improvement, from our helpdesk on to our product development and cloud service teams. Learn how the Chief Executive team helped guide managers and staff towards this goal with metrics to measure progress, staff hiring or realignment, and new technologies and certifications.

read more