What are the top five cloud features every exec should know?

By Sharon Florentine

You don’t have to be an IT expert to grasp that the cloud translates to cost savings and operational efficiencies. But knowing the key cloud attributes can make selling a migration to the cloud an easy business decision to make. 

Cohesive Flexible Technologies (CohesiveFT), an enterprise application-to-cloud migration services company, has a great blog post explaining the major benefits and features of the cloud. Knowing the basic features of cloud computing can help you, as an executive, explain to any skeptics how migrating to the cloud will translate to efficiencies outside of the IT department and have a positive impact on the entire business. 

Here are the top five cloud features you should know about as an executive: 

On-demand self-service: Your business can use the cloud to obtain, configure and deploy apps without any IT heavy lifting. Many cloud vendors provide templates to front-load most of …

Benchmarking Redis on AWS: Is Amazon PIOPS Really Better than Standard EBS?

The Redis experts at Garantia Data did some benchmarking in the wake of Amazon’s announcement of

Their conclusion:

After 32 intensive tests with Redis on AWS (each run in 3 iterations for a total of 96 test iterations), we found that neither the non-optimized EBS instances nor the optimized-EBS instances worked better with Amazon’s PIOPS EBS for Redis. According to our results, using the right standard EBS configuration can provide equal if not better performance than PIOPS EBS, and should actually save you money.

Read the full post for details and graphs.


Cisco Acquires vCider

Cisco has bought start-up vCider for its expertise in developing virtual network overlay technology for secure data center infrastructure. The price wasn’t disclosed.
GigaOm rates it as a counter to VMware buying Nicira, which, it says, “has strained the once close partnership between Cisco and VMware.” It figures it’ll be used “to build a unified yet distributed Cisco-based cloud.”
The new prize will be integrated into Cisco’s Cloud Computing organization, reporting to cloud CTO Lew Tucker, the vice-chairman of the new OpenStack Foundation.
In a blog posting Cisco said it expects vCider to play an important part in its Open Network Environment (ONE) strategy, particularly in support of OpenStack, a key pillar of Cisco’s open, multi-hypervisor, multi-stack cloud computing strategy.

read more

Why Security Matters for Big Data and Health Care

Data is quickly becoming one of those certainties in life, like death and taxes. It’ll always be there, and like the Once-ler’s Thneed factory from The Lorax (sorry, I have kids), data figures to keep on biggering, and biggering, and biggering and biggering.
More data means more knowledge, greater insights, smarter ideas and expanded opportunities for organizations to harness and learn from their data. Banks, retailers and even government are embracing big data, but while IDC estimated the big data market at $2.2 billion in 2011, only 6% of that investment came from health care.
On the flip side, a 2011 report from McKinsey Global Institute suggests if health care in the U.S. used big data to drive efficiency and quality, the potential could be more than $300 billion in value every year.

read more

A Preposition Makes All the Difference in / of / for / from the Cloud

There is truly a difference in terms of scope, application and business need between security “in” the cloud and security “from” the cloud.
No, this isn’t 7th grade English…I promise.
With all the important decisions IT departments make, what’s the big deal whether cloud security means from the cloud, in the cloud, of the cloud or for the cloud. Well, a lot. Amongst the various media, blogs, professional chatter, webinars, conferences and the like, the concept of cloud security is getting a significant amount of airplay. However, the difference in the application of a simple preposition completely alters the scope and meaning of these conversations to that of a problem or a solution.

read more

Cloud Computing: SOASTA Measures Real Mobile & Web Users in Real-Time

Somebody oughta buy Facebook one of these.
SOASTA, a big cheese in cloud and mobile testing, has come out with mPulse.
It’s supposed to be the first and only Real User Measurement (RUM) data analysis solution to deliver real-time information based on actual mobile user behavior. Naturally it’s cloud-ified and the analytics are patented.
The company has also made its very first acquisition, picking up LogNormal, which, as you might suspect, does real user measurement and monitoring for mobile and web applications.
Anyway, the company says existing tools collect data about the past, not the present, and hence fail to capture the real mobile users’ experience. mPulse, on the other hand, “instantly delivers actionable intelligence to operations and marketing professionals.”

read more

Cloud Expo Silicon Valley: Simplify Enterprise Deployments of OpenStack

OpenStack delivers powerful capabilities for deploying an Infrastructure-as-a-Service cloud, but getting up and running can take time and effort you can’t afford. SUSE Cloud delivers an enterprise ready OpenStack-based solution that eases your cloud deployment.
In their session at the 11th International Cloud Expo, Peter Linnell, SUSE Linux Technical Specialist for the West Coast at SUSE, and Cameron Seader, a SUSE Sales Engineer, will discuss the dos and don’ts of deploying OpenStack and show how SUSE Cloud speeds your journey to the cloud.

read more

Cloud Computing: Ellison Swears Off Big Acquisitions

Larry Ellison, who spent $50 billion more or less on acquisitions in the last 10 years, is swearing off making any big acquisitions to add to Oracle for a couple of years to focus instead on growing the company organically in an attempt to dominate the cloud, a technology he used to call “complete gibberish” and a “fad.”
Of course Larry can resist anything but temptation and didn’t rule out a big deal “down the road,” when he spoke to CNBC’s Maria Bartiromo in his first interview in years. But he’s especially not going to buy NetApp, the storage concern rumored to be a target. It would cost a lot of money and doesn’t fit Oracle’s current strategy.
“We have all the assets in-house to grow very rapidly on an organic basis,” he said.

read more

Mimecast: Email Regulation Issues Leaving Businesses Confused

Corporate email archiving and retention policies are muddled and unclear, with many businesses leaving themselves exposed to potential litigation or compliance issues, according to new research launched today by Mimecast®, the leading supplier of cloud-based email archiving, security and continuity for Microsoft Exchange and Office 365.

The research, which surveyed IT managers on their organizations’ email policies and archiving practices, found that just 20 percent of businesses (23 percent globally) retain archived email for three years or more, with one in four businesses (25 percent U.S.; 26 percent globally) admitting that they do not have a clear policy on retaining email at all.

Key findings:

  • Email retention policies are often ad hoc or based on guesswork – Just
    one in four IT departments (30 percent U.S.; 26 percent globally) have
    an email retention policy designed to comply with industry regulations:
  • Forty-one percent of businesses surveyed (43 percent globally) say
    their archiving policies are based on ‘internal best practice’
    with no consideration given to industry or country specific
    regulations
  • Six percent of U.S. and global businesses admit to deciding their
    email retention policy around a ‘random future date’ with ‘no
    basis’
  • eDiscovery for email is a major area of concern – Many
    businesses are not confident that they would be able to identify all
    emails relating to a specific customer in a timely manner:

    • On average, it would take a U.S. business 15 working days to
      identify all emails relating to a potential litigation
    • Eighteen percent of U.S. businesses do not think they would be
      able to comply with this kind of email eDiscovery request within a
      month
  • Forty-one percent of businesses surveyed (43 percent globally) say
    their archiving policies are based on ‘internal best practice’
    with no consideration given to industry or country specific
    regulations
  • Six percent of U.S. and global businesses admit to deciding their
    email retention policy around a ‘random future date’ with ‘no
    basis’
  • On average, it would take a U.S. business 15 working days to
    identify all emails relating to a potential litigation
  • Eighteen percent of U.S. businesses do not think they would be
    able to comply with this kind of email eDiscovery request within a
    month
  • Concern around email compliance – IT departments are concerned
    that they are leaving their businesses exposed:

    • Just one in four (24 percent U.S.; 27 percent globally) IT teams
      are ‘completely confident’ that their email policies comply with
      all relevant regulations
    • Forty-eight percent (46 percent globally) are ‘mostly confident’
      with 34 percent (23 percent globally) ‘minimally confident’ or
      ‘not at all confident’
  • Just one in four (24 percent U.S.; 27 percent globally) IT teams
    are ‘completely confident’ that their email policies comply with
    all relevant regulations
  • Forty-eight percent (46 percent globally) are ‘mostly confident’
    with 34 percent (23 percent globally) ‘minimally confident’ or
    ‘not at all confident’

“Taking fifteen days to identify all relevant emails sent and received by a client is a massive and unnecessary resource drain,” said Jim Darsigny, CIO, Brown Rudnick LLP. “For IT departments, managing and enforcing email policies can no longer be an ad-hoc approach as the risk potential and time wasted is too high to ignore. In our organization, the cloud enables our business to significantly reduce the pain, costs and resources normally dedicated to sourcing archived email data. With a solid email eDiscovery strategy in place, we are not only able to better serve our clients, but we can also more accurately assess their level of risk.”

“IT departments can and should be doing more to protect their organizations by adopting a more rigorous approach to email archiving,” Eliza Hedegaard, Account Director Legal, Mimecast. “However, the businesses I speak to are not being helped by a regulatory system that is incredibly confusing and difficult to navigate. Regulators should be helping businesses by simplifying the regulatory framework and putting greater emphasis on clearly communicating what organizations need to do to in order to comply instead of adopting scare tactics that focus on what will happen if organizations fall foul of the rules.”

 


LogRhythm Partners with VMware to Automate Regulatory Compliance in Virtualized Environments

LogRhythm today announced that it has partnered with VMware to contribute to its newly introduced VMware Compliance Reference Architectures, a set of resources including solution guides and design architectures intended to simplify compliance for business-critical applications in the cloud era. As part of this initiative, LogRhythm has published the LogRhythm Solution Guide for Payment Card Industry (PCI), an addendum to the VMware Solution Guide for PCI. The LogRhythm solution addendum is a QSA-reviewed guide that outlines how the company’s SIEM 2.0 platform complements existing VMware security capabilities to help customers assure PCI compliance when virtualizing mission-critical business applications with VMware vSphere®.

“Security and compliance are top concerns for organizations seeking to virtualize critical business systems such as PCI payment processing,” said Parag Patel, vice president, Global Strategic Alliances, VMware. “We’re committed to helping customers address these concerns on their journey to the cloud, and partners like LogRhythm extend our native security capabilities to make this possible. Through our solution guides, VMware and LogRhythm are delivering a validated roadmap that details how organizations can achieve PCI compliance in virtualized environments.”

LogRhythm’s SIEM 2.0 platform delivers the visibility and insight needed to detect, defend against and respond to increasingly sophisticated cyber threats, efficiently meet compliance requirements, and proactively respond to operational challenges. The company provides out-of-the box compliance solutions that enable organizations to meet their requirements for log data collection, review, archive, reporting, and alerting under mandates such as PCI, HIPAA, NERC-CIP, GLBA, Sarbanes Oxley, GPG 13, and other regulatory regimes. LogRhythm’s PCI compliance package features specific investigations, alarms and reports designed to meet PCI reporting requirements, and directly addresses or augments at least 80 individual PCI controls. With fully integrated file integrity monitoring, advanced multi-tenant support, robust reporting, and rapid search and drill-down capabilities, LogRhythm is an ideal solution for addressing PCI compliance requirements in virtual environments. LogRhythm can ensure that sensitive data, such as credit card account information, is not inappropriately accessed by shared virtual resources or unauthorized individuals. LogRhythm is field-proven in numerous deployments where the solution is being used to automate and assure regulatory compliance in virtual environments.

“We’re very pleased to have been selected by VMware to help address the compliance requirements of customers moving their critical systems to virtual and private cloud environments,” said Matt Winter, vice president corporate and business development at LogRhythm. “LogRhythm has a significant track record helping customers meet their regulatory compliance obligations in virtual, physical and hybrid environments. Our compliance capabilities dovetail well with VMware’s native security offerings to create a robust and comprehensive solution. With the VMware Solution Guide for PCI and LogRhythm’s addendum solution guide, organizations can have confidence that there is a detailed, validated path to maintaining PCI compliance in virtualized environments.”

The LogRhythm Solution Guide for PCI has been reviewed by Coalfire, an independent Qualified Security Assessor specializing in IT audit, risk assessment and compliance management, and is available for download on the LogRhythm website and VMware Solution Exchange.