The Consumer Electronics Show (CES) 2013 is starting next week and cloud computing is on the agenda. You can be sure that a technology has moved out of the hype cycle and into everyday use when it shows up at … Continue reading 
Monthly Archives: January 2013
Change in the Air with Cloud ERP
The gap is widening between legacy ERP and cloud ERP as traditional on-premise solutions are shifting toward delivery of applications over the Internet. Put your ear in the air to hear the rumblings. ERP in the Cloud is here to stay.
Recent earnings reports from several web-based business software providers along with a significant increase in the number of announcements pertaining to new cloud ERP providers are signaling a clear trend in the direction of a rapidly changing business environment for software vendors and business customers alike.
Five IT Security Predictions for 2013
Guest Post by Rick Dakin, CEO and co-founder of Coalfire, an independent IT GRC auditor
Last year was a very active year in the cybersecurity world. The Secretary of Defense announced that the threat level has escalated to the point where protection of cyber assets used for critical infrastructure is vital. Banks and payment processors came under direct and targeted attack for both denial of service as well as next-generation worms.
What might 2013 have in store? Some predictions:
1. The migration to mobile computing will accelerate and the features of mobile operating systems will become known as vulnerabilities by the IT security industry.
Look out for Windows 95 level security on iOS, Android 4 and even Windows 8 as we continue to connect to our bank and investment accounts – as well as other important personal and professional data – on smartphones and tablets.
As of today, there is no way to secure an unsecured mobile operating system (OS). Some risks can be mitigated, but many vulnerabilities remain. This lack of mobile device and mobile network security will drive protection to the data level. Expect to see a wide range of data and communication encryption solutions before you see a secure mobile OS.
The lack of security, combined with the ever-growing adoption of smartphones and tablets for increasingly sensitive data access, will result is a systemic loss for some unlucky merchant, bank or service provider in 2013. Coalfire predicts more than 1 million users will be impacted and the loss will be more than $10 million.
2. Government will lead the way in the enterprise migration to “secure” cloud computing.
No entity has more to gain by migrating to the inherent efficiencies of cloud computing than our federal government. Since many agencies are still operating in 1990s-era infrastructure, the payback for adopting shared applications in shared hosting facilities with shared services will be too compelling to delay any longer, especially with ever-increasing pressure to reduce spending.
As a result, Coalfire believes the fledgling FedRAMP program will continue to gain momentum and we will see more than 50 enterprise applications hosted in secure federal clouds by the end of 2013. Additionally, commercial cloud adoption will have to play catch-up to the new benchmark that the government is setting for cloud security and compliance. It is expected that more cloud consumers will want increased visibility into the security and compliance posture of commercially available clouds.
3. Lawyers will discover a new revenue source – suing negligent companies over data breaches.
Plaintiff attorneys will drive companies to separate the cozy compliance and security connection. It will no longer be acceptable to obtain an IT audit or assessment from the same company that is managing an organization’s security programs. The risk of being found negligent or legally liable in any area of digital security will drive the need for independent assessment.
The expansion of the definition of cyber negligence and the range of monetary damages will become more clear as class action lawsuits are filed against organizations that experience data breaches.
4. Critical Infrastructure Protection (CIP) will replace the Payment Card Industry (PCI) standard as the white-hot tip of the compliance security sword.
Banks, payment processors and other financial institutions are becoming much more mature in their ability to protect critical systems and sensitive data. However, critical infrastructure organizations like electric utilities, water distribution and transportation remain softer targets for international terrorists.
As the front lines of terrorist activities shift to the virtual world, national security analysts are already seeing a dramatic uptick in surveillance on those systems. Expect a serious cyber attack on critical infrastructure in 2013 that will dramatically change the national debate from one of avoidance of cyber controls to one of significantly increased regulatory oversight.
5. Security technology will start to streamline compliance management.
Finally, the cost of IT compliance will start to drop for the more mature industries such as healthcare, banking, payment processing and government. Continuous monitoring and reporting systems will be deployed to more efficiently collect compliance evidence and auditors will be able to more thoroughly and effectively complete an assessment with reduced time on site and less time organizing evidence to validate controls.
Since the cost of noncompliance will increase, organizations will demand and get more routine methods to validate compliance between annual assessment reports.
Rick Dakin is CEO and co-founder of Coalfire is an independent information technology Governance, Risk and Compliance (IT GRC) firm that provides IT audit, risk assessment and compliance management solutions. Founded in 2001, Coalfire has offices in Dallas, Denver, Los Angeles, New York, San Francisco, Seattle and Washington D.C. and completes thousands of projects annually in retail, financial services, healthcare, government and utilities. Coalfire’s solutions are adapted to requirements under emerging data privacy legislation, the PCI DSS, GLBA, FFIEC, HIPAA/HITECH, HITRUST, NERC CIP, Sarbanes-Oxley, FISMA and FedRAMP.
SYS-CON.tv Interview: Global Cloud Computing
“Cloud Acceleration is an attempt to capture the fact that as people move to the cloud and start virtualizing their data centers, they need solutions that aren’t hardware based,” explained Jerry Miller, VP of Technology at CDNetworks, in this SYS-CON.tv interview with Cloud Expo Conference Chair Jeremy Geelan at the 11th International Cloud Expo, held November 5-8, 2012, at the Santa Clara Convention Center in Santa Clara, CA.
Cloud Expo 2013 New York, June 10–13, at the Javits Center in New York City, New York, will feature technical sessions from a rock star conference faculty and the leading Cloud industry players in the world.
Great expectations from cloud computing in 2013
The year 2012 has definitively been marked by a rapid development of cloud computing technologies all over the world.
Though most of the companies have been operating in the cloud for years now, the true peak of cloud computing is yet to be seen in 2013, especially in Europe. Experts and cloud enthusiasts predict pretty much the same destiny of the cloud in the following year.
Worldwide expansion
The European Union has recently brought an act on implementing cloud computing technologies and standards for all member states. The reason it hesitated to adopt the cloud were the problems related to standardisation of the new technology across all the states.
As each country has different laws and governmental practices, the question of standardising was much more complicated than in the US. However, the year 2013 is expected to be a real breakthrough of cloud in Europe.
Besides Europe, there are other …
Cloud Adoption Is All About Value for CIOs
Four out of five executives agree: choosing the cloud is a smart value proposition.
Research from Host Analytics and conducted by Dimensional Research found that for four out of five business execs, the cloud is chosen for its value over any other factor, according to an article on CloudComputingNews.net.
A similar number of employees surveyed said that it’s beneficial for them to use cloud applications.
The research talked to more than 300 CIOs and business executives and found various benefits to cloud adoption, which may perhaps shift the balance as IT budgets are being prepared for 2013.
When asked for the reasons a cloud app was chosen over other, on-premise options, the disparity between business executives and CIOs was stark.
Value was the obvious factor for execs (80%), whereas compliance was the most important component for CIOs (58%); value (53%) and greater competitive advantage (51%) completed the top three.
Compliance is a vital and underrated reason for utilizing the cloud. Sixty-one percent of survey respondents said they have out-of-date, business-critical software, and 14% said their on-premise software hadn’t been upgraded in four or more years.
More than one in three CIOs stated that while their company didn’t have plans for any solution, the cloud seemed a better fit.
Spinneret Releases Ticket Portal for Resale Market
Spinneret today announced the availability of Ticket Portal, a subscription-based web app for creating and maintaining web sites to sell sports, concerts and theater tickets online.
The secondary ticket market, also known as the resale market, has evolved into a multi-billion dollar industry. In this market, ticket brokers buy tickets from the primary sellers, such as Ticketmaster, and resell them to fans online.
Currently, it costs thousands of dollars and months of development, design and testing to create a website to sell tickets. This has effectively made selling tickets online an expensive investment accessible only to large ticket brokers and a few affiliates and marketers willing to take the investment risk.
Spinneret’s Ticket Portal app changes this and makes creating a ticket web site a quick and painless process with a low monthly subscription fee and no upfront fees. Ticket Portal is a single app that sits in the cloud and powers all subscriber websites, which are customized with themes and custom HTML content through a web-based administration panel.
Instructure Releases Canvas for Android
Instructure has released a new Canvas Android app, which enables mobile access to the Canvas learning platform from Android devices. Faculty and students can download the app for free from the Google Play store.
“The Canvas for Android app is designed to make it easy for faculty and students to stay connected to their courses, including courses from their institution or the Canvas Network,” said Brian Whitmer , co-founder and chief product officer at Instructure. “We’ve always pushed information to Android devices through our email and text messaging notification feature, but now users can participate in their courses through a native app designed specifically for learning.”
Canvas for Android provides an elegant way for students to access their Canvas To-Do list, Assignments, Calendar, Grades and more. It also enables them to read and compose messages using Canvas Conversations, a secure, built-in messaging system that connects participants in a course.
Since the initial launch of Canvas, Instructure has demonstrated its commitment to native apps for mobile devices. In 2011, the company released SpeedGrader for iPad, a powerful mobile grading app, and Canvas for iOS, an iPhone and iPad app with course functionality for students and instructors. With the release of Canvas for Android, Instructure is taking the first of many steps to bring a native Canvas experience to Android users.
“We recognize that the modern learner is mobile, and we believe a native mobile experience is critical to the learning experience,” said Devlin Daley , co-founder and chief technology officer at Instructure. “We didn’t decide after the fact to build mobile apps because it was a hip thing to do. We made an intentional decision to include mobile apps from the start – at no extra charge.”
Getting Out of the IT Business
Randy Weis, Director of Solutions Architecture
Strange title for a blog from an IT solutions architect? Not really.
Some of our clients—a lumber mill, a consulting firm, a hospital—are starting to ask us how to get out of “doing IT.” What do these organizations all have in common? They all have a history of challenges in effective technology implementations and application projects leading to the CIO/CTO/CFO asking, “Why are we in the IT business? What can we do to offload the work, eliminate the capital expenses, keep operating expenses down, and focus our IT efforts on making our business more responsive to shifting demands and reaching more customers with a higher satisfaction rate?”
True stories.
If you are in the business of reselling compute, network, or storage gear, this might not be the kind of question you want to hear.
If you are in the business of consulting on technology solutions to meet business requirements, this is exactly the kind of question you should be preparing to answer. If you don’t start working on those answers, your business will suffer for it.
Technology has evolved to the point where the failed marketing terms of grid or utility computing are starting to come back to life—and we are not talking about zombie technology. Cloud computing used to be about as real as grid or utility computing, but “cloud” is no longer just a marketing term. We now have new, proven, and emerging technologies that actually can support a utility model for information technology. Corporate IT executives now are starting to accept that the new cloud computing infrastructure-as-a-service is reliable (recent AWS outages not withstanding) predictable, and useful to a corporate strategy. Corporate applications still need to be evaluated for requirements that restrict deployment and implementation strategies–latency, performance, concerns over satisfying legal/privacy/regulatory issues, and so on. However, the need to have elastic, scalable, on-demand IT services that are accessible anywhere is starting to force even the most conservative executives to look at the cloud for offloading non-mission critical workloads and associated costs (staff, equipment, licensing, training and so on). Mission critical applications can still benefit from cloud technology, perhaps only as internal or private cloud, but the same factors still apply—reduce time to deploy or provision, automate workflow, scale up or down as dictated by business cycles, and push provisioning back out into the business (while holding those same units accountable for the resources they “deploy”).
Infrastructure as a service is really just the latest iteration of self-service IT. Software as a service has been with us for some time now, and in some cases is the default mode—CRM is the best example (e.g. Salesforce). Web-based businesses have been virtualizing workloads and automating deployment of capacity for some time now as well. Development and testing have also been the “low hanging fruit” of both virtualization and cloud computing. However, when the technology of virtualization reached a certain critical mass, primarily driven by VMware and Microsoft (at least at the datacenter level), then everyone started taking a second look at this new type of managed hosting. Make no mistake—IaaS is managed hosting, but New and Improved. Anyone who had to deal with provisioning and deployment at AT&T or other large colocation data centers (and no offense meant) knew that there was no “self-service” involved at all. Deployments were major projects with timelines that rivaled the internal glacial pace of most IT projects—a pace that led to the historic frustration levels that drove business units to run around their own IT and start buying IT services with a credit card at Amazon and Rack Space.
If you or your executives are starting to ask yourselves if you can get out of the day-to-day business of running an internal datacenter, you are in good company. Virtualization of compute, network and storage has led to ever-greater efficiency, helping you get more out of every dollar spent on hardware and staff. But it has also led to ever-greater complexity and a need to retrain your internal staff more frequently. Information Technology services are essential to a successful business, but they can no longer just be a cost center. They need to be a profit center; a cost of doing business for sure, but also a way to drive revenues and shorten time-to-market.
Where do you go for answers? What service providers have a good track record for uptime, customer satisfaction, support excellence and innovation? What technologies will help you integrate your internal IT with your “external” IT? Where can you turn to for management and monitoring tools? What managed services can help you with gaining visibility into all parts of your IT infrastructure, that can deal with a hybrid and distributed datacenter model, that can address everything from firewalls to backups? Who can you ask?
There is an emerging cadre of thought leaders and technologists that have been preparing for this day, laying the foundation, developing the expertise, building partner relationships with service providers and watching to see who is successful and growing…and who is not. GreenPages is in the very front line of this new cadre. We have been out in front with virtualization of servers. We have been out in front with storage and networking support for virtual datacenters. We have been out in front with private cloud implementations. We are absolutely out in front of everyone in developing Cloud Management As A Service.
We have been waiting for you. Welcome. Now let’s get to work.For more information on our Cloud Management as a Service Offering click here
SYS-CON.tv Interview: The Open B2B Transaction Cloud
“We develop a SaaS platform so you can run your entire company on the cloud – it’s an ERP system on the cloud,” explained Vilayat William, Chief Business Development Officer at TBlox, in this SYS-CON.tv interview with Cloud Expo Conference Chair Jeremy Geelan at the 11th International Cloud Expo, held November 5-8, 2012, at the Santa Clara Convention Center in Santa Clara, CA.
Cloud Expo 2013 New York, June 10–13, at the Javits Center in New York City, New York, will feature technical sessions from a rock star conference faculty and the leading Cloud industry players in the world.