Monthly Archives: June 2012

Coalfire, Federal Information Security Management Act of 2002, Government, HITRUST

Coalfire Accredited as FedRAMP Third Party Assessment Organization

Coalfire Systems, Inc. announced today that it has achieved accreditation as a FedRAMP (Federal Risk and Authorization Management Program) Third Party Assessment Organization (3PAO).

The FedRAMP program supports the U.S. government’s objective to enable U.S. federal agencies to use managed service providers that enable cloud computing capabilities, and Coalfire is one of the first ten accredited 3PAO firms. With this certification, Coalfire is the only assessment firm authorized to conduct cloud assessments for the federal government (3PAO), healthcare industry (HITRUST certified) and the payment card industry (Qualified Security Assessor).

FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. As a part of the FedRAMP process, cloud service providers (CSPs) must use a FedRAMP approved third party assessor to independently validate and verify that they meet the FedRAMP requirements.

“Moving to the cloud raises numerous security concerns for any business,” said Tom McAndrew, executive vice president, professional services at Coalfire. “For government agencies, these concerns can be even more sensitive since national security can be at risk. This accreditation further validates Coalfire’s expertise in cloud security and risk assessment and we look forward to working with CSPs on their FedRAMP initiative towards receiving an authority to operate (ATO).”

Receiving the accreditation of 3PAO means Coalfire will be able to validate the security and control implementations that CSPs must provide in order to work with and provide cloud services to federal agencies. 3PAOs are critical to the FedRAMP program, as they demonstrate the independence and competency of CSPs that host the government’s most crucial data.

In addition to demonstrating the requisite technical competency in FISMA and independence and quality management to achieve 3PAO accreditation, Coalfire has diverse leadership experience in additional vital compliance fields – in cloud and virtualization environments – such as PCI, HIPAA/HITECH and GLBA; backed with expert staff that includes former CIOs, CTOs and auditors. Coalfire staff are heavily experienced in those respective industry regulations and are located across the U.S. Coalfire has offices in seven major markets in the U.S. including the Washington, D.C. area.

FedRAMP implementation began earlier this month and will be done in phases – starting with 3PAOs assessing CSPs. Coalfire has already begun preparing agencies and cloud service providers for testing. The wave of activity is growing and includes assessments and penetration tests with interested CSPs this month. Inquiries for FedRAMP services can be made with Coalfire at 877-224-8077 or at http://coalfire.com/FedRAMP-3PAO.

For those interested in learning more about the FedRAMP certification process, Coalfire will be conducting a free webinar on July 10, 2012 at 2:00pm EDT / 11:00am PDT. Click here to register.


Uncategorized

Appcore Enables continuityX to Bring Portfolio of App Services to Market

Appcore announced on Tuesday that continuityX, a provider of business continuity, disaster recovery and managed network services to medium-to-large scale enterprise businesses, has selected them as their primary provider to deliver cloud-based disaster recovery and application services to their global user base.
“As a rapidly expanding, global company, we were looking for an agile partner that would accelerate our revenue generating capabilities and expand our product portfolio by providing a differentiated array of products plus branded marketing and sales materials quickly,” said David Godwin, President, continuityX. “Appcore’s industry leading service level agreement, providing best-in-class service and support, cemented our decision to partner with them.”

read more

Linux, Open Source, Red Hat, Red Hat Enterprise Linux

Red Hat Delivers Advanced Tooling, Community Resources to Software Developers

Image representing Red Hat as depicted in Crun...

Red Hat, Inc. today announced it has expanded its Red Hat Enterprise Linux Developer Program with enhancements to its Developer Suite, including a new toolset for software developers worldwide. Through the Red Hat Enterprise Linux Developer Suite, Red Hat delivers the latest, stable open source developer tool versions at an accelerated cadence than that of Red Hat Enterprise Linux. Developers now have access to a robust suite of tools with synchronized availability on Red Hat Enterprise Linux and Red Hat OpenShiftTM, allowing developers to deploy applications freely to either environment.

“For Linux programmers, having ready access to the latest, stable development tools is key to taking advantage of new Linux advancements,” said Jim Totton, vice president and general manager, Platform Business Unit, Red Hat, Inc. “The Red Hat Enterprise Linux Developer Program makes it easy for developers to access industry-leading developer tools, instructional resources and an ecosystem of experts to help Linux programmers maximize productivity in building great Red Hat Enterprise Linux applications.”

Designed for many types of Linux developers, including Independent Software Vendors (ISVs), software solution providers, Systems Integrators (SIs), enterprise, and government software developers, the Red Hat Enterprise Linux Developer Suite enhances developer productivity and improves time to deployment by providing affordable access and updates to essential development tools. The latest, stable tooling can be used to develop applications on Red Hat Enterprise Linux whether on-premise or off-premise in physical, virtual and cloud deployments, and on OpenShift, the leading open Platform-as-a-Service (PaaS).

The Red Hat Enterprise Linux Developer Suite includes:

  • Red Hat Enterprise Linux, variants, and related Add-On software for
    development use including Red Hat Enterprise Linux, High-Availability
    Add-On, Load Balancer Add-On, Resilient Storage Add-On, Scalable File
    System Add-On, High-Performance Network Add-On, Extended Update
    Support, and MRG Real Time and Smart Management Add-on.
  • Red Hat Enterprise Linux Developer toolset, a collection of
    development tools to create highly scalable applications. Delivered as
    part of the Developer Suite, Red Hat plans to accelerate the release
    cadence of these tools to deliver the latest, stable open source
    developer tool versions on a separate life cycle from Red Hat
    Enterprise Linux releases.

The first version of the Red Hat Enterprise Linux Developer Suite includes a toolset that makes developing Linux software applications faster and easier by allowing users to compile once and deploy to multiple versions of Red Hat Enterprise Linux. Using the developer toolset, software developers can now develop Linux applications using the latest C and C++ upstream tools. These tools include the latest GNU Compiler Collection (GCC 4.7) with support for C and C++; the latest version of the GNU Project Debugger (GDB 7.4) with improvements to aid the debugging of applications; and the GNU binutils collection of binary developer tools, version 2.22, for the creation and management of Linux applications.

“The velocity of development is as high today as it has ever been, which means that developers are putting a premium on a toolchain that is current from libraries to compiler,” said Stephen O’Grady, Principal Analyst with RedMonk. “With its expanded Red Hat Enterprise Linux Developer Program and toolset, Red Hat aims to provide developers with just that.”

The self-supported Red Hat Enterprise Linux Developer Suite and the Red Hat Enterprise Linux Developer Support Subscriptions are available immediately worldwide. Red Hat customers and partners can join the developer online user group on Red Hat’s award-winning customer portal to access the extensive knowledgebase and recommended practices.


Florida, Government, Health Care, Health insurance, HIX, Medical, Partnerships, Xerox

Xerox to Build Health Insurance Marketplace for Florida Health Choices

Florida Health Choices, a corporation established by the state to improve access to health care, has selected Xerox to administer its Insurance Marketplace, a program designed to give small business and eligible individuals more flexibility in finding affordable health insurance and other services. The nine-year contract is valued at $68 million.

With partner CHOICE Administrators Exchange Solutions, Xerox will provide a cloud-based Web portal and online plan selection tool to give consumers and employers more information when making health insurance selections. The solution preserves the benefits of employer-sponsored insurance and eases the administrative burden for small businesses.

“We’re designing and supporting programs that increase access to health coverage for consumers,” said Will Saunders, group president, Government Healthcare Solutions, Xerox. “The solution we create in Florida will serve citizens and small business owners and help position the state as a leader in establishing a competitive and voluntary health insurance marketplace for small employers.”

Xerox will also provide eligibility determination and enrollment management services for the program, and operate a customer contact center to share information on marketplace offerings. These services will help Florida Health Choices handle the massive amounts of information involved with the marketplace quickly, efficiently and securely.

“We need a partner who can get a fully functional marketplace setup that is designed to serve Floridians now and into the future – delivering on both our short and long-term goals,” said Aaron Bean, chairman, board of directors, Florida Health Choices. “We’re confident Xerox will support us in establishing our marketplace quickly, while helping us to increase healthcare access to small business employees – one of our key priorities.”

Xerox has more than 40 years of experience working with government health agencies to enhance the efficiency of health programs and help ensure the health of citizens.


Uncategorized

Cloud Computing: The Next Cloud You See May Be Google’s Version of EC2

Apparently the world is standing by waiting for Google to copy Amazon and wheel out an EC2 imitator this week at the Google I/O developer conference in San Francisco.
Google already has the platform-as-a-service App Engine and the S3-like Google Cloud Storage but the money is in IaaS. It’s said Amazon Web Services may do $2 billion this year.
Microsoft remade Windows Azure into a Linux-toting hybrid-supporting infrastructure-as-a-service vehicle a couple of weeks ago. Microsoft is tight with enterprise developers and both Amazon and Google want them. That’s why Amazon tied up with Eucalyptus and its private clouds.

read more

DataCore, Hosting, IT Management, IT service management, Partnerships, service provider, Storage hypervisor, Storage virtualization, VMware

DataCore Software Announces Pay-as-You-Serve Cloud Service Provider Program for Hosted IT Services

DataCore Software today announced that providers of hosted IT services may now rent DataCore’s SANsymphony-V storage hypervisor through the company’s Cloud Service Provider Program. Under the program, Cloud Service Providers (CSPs) pay for the use of the software monthly based on the amount of storage they serve versus having to purchase it outright. This allows participating providers to reduce capital expenditure and better align costs to revenue.

DataCore’s storage hypervisor software manages and protects hosted IT environments, providing a high performance, highly scalable, automatically tiered storage infrastructure upon which providers can confidently build and offer their hosted IT services.

The DataCore Cloud Service Provider Program goes a step further in the direction of “on demand” infrastructure with its “Pay-as-You-Serve” proposition to hosted IT service providers—they pay for the software as they use it, based upon the storage they serve to their subscribers.

“In order to offer the most competitive pricing for their services, CSPs and other hosting companies seek to lower capital expenditures and keep expenses and their timing aligned to revenue-producing activities,” said Carlos M. Carreras, vice president of alliances and business development, DataCore Software. “The DataCore storage hypervisor ‘software advantage’ gives us the unique ability to offer the kind of service provider program that other leading software companies, like VMware, have developed, but apply it to the storage-side of the infrastructure. Ideally tailored for the flexibility, efficiency and predictable expenses they seek.”

New cutting edge technologies will also be of interest to CSPs. These innovations designed to satisfy large scale, Infrastructure-as-a-Service (IaaS) requirements crucial to building robust cloud storage infrastructures are packaged in the company’s newest product, SANsymphony-V R9.0, aptly described as “The Storage Hypervisor for the Cloud.”

The storage hypervisor’s powerful storage management capabilities and interchangeable hardware design empowers hosters with great cost-savings flexibility, new levels of automation for increased resource productivity and a storage infrastructure that easily incorporates the industry’s latest innovations.

“The new DataCore CSP pricing model reduces our upfront costs – thereby enhancing our margins,” comments Philippe Merckel, CEO, MERCKEL SAS. “DataCore understands that as data centers move to the cloud in the form of virtual, private data centers, cloud platforms need the storage virtualization functionality that DataCore brings to the table with its storage hypervisor. The key, however, for CSPs lies in making the adoption of this technology cost-effective. That is what this Cloud Service Provider Program does. It makes it far easier for us to standardize on DataCore for storage virtualization because we pay as we go rather than paying for everything upfront. It fundamentally suits our own business model whereby our own clients lease our cloud platform.

The DataCore Cloud Service Provider Program is currently open only to providers of hosted IT services located in Europe; the program will be expanded to include North America and additional geographies over the next 90 days. For more up-to-date information about program eligibility and the program itself, please visit: http://www.datacore.com/Partners/cloud-service-providers/CSP-Program.aspx.


Uncategorized

Eucalyptus Launches Authorized Education and Consulting Partner Programs

Eucalyptus Systems on Tuesday launched the Eucalyptus Authorized Education Partner (EAEP) and Authorized Consulting Partner (EACP) Programs. The EAEP Program enables Eucalyptus partners to deliver Eucalyptus authorized training courses using Eucalyptus Certified Instructors (ECI), while the EACP Program recognizes Eucalyptus partners who have developed a high level of competency in designing and implementing Eucalyptus cloud solutions.
“These new programs enable our partners to provide value-added consulting and training services for Eucalyptus,” said Andy Knosp, vice president of professional services at Eucalyptus Systems. “Customers are rapidly embracing Eucalyptus’ open approach to cloud computing as demonstrated by our enablement of 25,000 cloud starts annually. Eucalyptus partners can leverage these new partner programs to expand their portfolio of offerings and drive incremental revenue opportunities.”

read more

Uncategorized

Drama in the Cloud: Coming to a Security Theatre Near You

The conflicting messages are the result of security colliding with productivity, which is probably a lot like security colliding with performance. In other words, we know who all too often wins that confrontation, whether we like it or not. The problem is that many are approaching the conflict with an either/or perspective. They’re trying to answer the question with an allow or deny policy based on the end-point, but ignoring the other end of the equation: the application or resource.
Like the two halves of drama, comedy and tragedy, the client and the resource (whether application or file or otherwise), go together. Settling on a BYOD strategy should necessarily not be based solely on the answer to “do we allow X on the network” but on the answer to “do we allow X to access this resource”. For example, in the case of many SaaS-styled applications, i.e. data is always stored in the database or on the server and never on the client, is there some other reason to deny an iPad or other mobile device access over any network?

read more

Uncategorized

Cloud Computing: Compuware Launches SpeedoftheWeb

Compuware Corporation on Tuesday launched SpeedoftheWeb.org, a new free online cloud service that helps web application and site owners increase the speed of their most important web properties. This cloud service enables organizations to compare the speed of their website’s performance against leading competitor sites.
SpeedoftheWeb is available here.
As modern application delivery continues to add complexity at the edge of the Internet, speed is one of the most important factors for improving end-user experience on the web. Studies have shown that improving website performance can lead to increased revenues and reduced operating costs.

read more

Uncategorized

Subscribe to Enterprise Storage via the Cloud

About a dozen years ago, the storage utility model was a novel concept. The idea was that businesses could literally plug applications into enterprise storage, enabling them to outsource administration and begin paying on a monthly usage basis. While the concept was attractive, unfortunately, many of the storage service providers (SSPs) who sprouted back then couldn’t quite perfect the model. Fast forward to today. Over the past 5 years, cloud storage providers (CSPs) have successfully made the delivery of on-demand data storage to the premises a reality, with a pay-as-go model backed by huge economies of scale.

read more