Cloud computing adds flexibility to enterprise IT. When companies wish to take advantage of this, they are finding they need to turn to microservices instead of their traditional, monolithic architectures to accommodate frequent change.

Microservices can overcome the challnges presented by frequent change, “by splitting monoliths into multiple independent services, each with its own simple business logic,” according to Sergey Sverchkov, a Solutions Architect with Altoros. Doing so leads to another issue: “choosing either PaaS or IaaS for microservices is an open question, “ he says.

Sergey recently posted a thoughtful piece on the topic of PaaS vs. IaaS when implementing microservices on the Altoros blog. Altoros provides system integration services for a worldwide client base with the Cloud Foundry PaaS, yet Sverchov’s piece takes a balanced view of which approach to take.

His fundamntal point is that a DevOps team will be spending a lot of time monkeying around (my phrase, not Sergey’s) when companies work straight to the bare infrastructure; taking the PaaS approach. “An automated PaaS is a bigger investment,” he writes, “but it can shrink release cycles from weeks to hours and even eliminate some downsides of the microservices model.”

In his post, Sergey covers six different areas regarding the implementation of microservices, and the differences between IaaS vs. PaaS in each of these areas, summarized as follows:

1. One service for one job. With IaaS, “every service is deployed as an (IaaS) instance; DevOps ar responsible for configuring valid communication interfaces.” With PaaS, “scalability can be controlled by a developer. Communication endpoints are served by the PaaS.”

2. Using different tools to implement different services. With IaaS, “DevOps needs to configure an application runtime.” With PaaS, “an application runtime is automatically deployed in a PaaS container.”

3. Loose coupling. With IaaS, “The DevOps team manages IaaS instances used for service deployment.” With PaaS, “containers are isolated elements for application deployment. Container lifecycle is managed by the Paas.”

4. Developer independence. With IaaS, “ DevOps may need to create multiple IaaS environments for each of the development groups.” Alternatively, with PaaS, development groups can be managed (using Cloud Foundry terminology) as “organizations” and “spaces.”

5. Continuous delivery. With IaaS, “DevOps engineers need to install and configure build-automation tools and integrate them with a project repository.” Specficially with Cloud Foundry, “build-automation solutions can be deployed as a regular application.”

6. Integration with external services. With IaaS, “the DevOps team deploys external services. Applications connect (to them) using properties.” With PaaS, “a service broker can be used to deploy and publish some external services. Service binding makes it easier to connect an application instance to external services.”

In addition to the item about IaaS/PaaS and microservices, Sergey has authored a much longer technical whitepaper on the general topic of microservices vs. monolithic architectures, available through the blog section of the Altoros website.

I heard a lot of talk last year about major public cloud infrastructure providers starting to subsume PaaS into their offerings. Besides the potential for a new era of vendor lock-in, the IaaS vs. PaaS debate also involves significant functionality issues and questions of the skillsets, and more important, efficiency enterprise IT will have as the presence of cloud – public, private, and hybrid – increases within their organizations. Sergey’s post adds value to this debate.

read more

OpenStack and Hadoop are both amazingly powerful platforms for those who need (and recognize that they need) them. We all know what private clouds and Big Data are, so I won’t waste your time explaining them. I will point out for those who haven’t had the pleasure of installing them that they are terribly difficult to install and manage. Not because they’re poorly designed and written, and not because Open Source doesn’t care about usability, but because they’re that complex. To illustrate this point, I like to point people to this picture from the OpenStack documentation that shows a simplified depiction of the architecture.

read more

In 2014, we saw AWS customers (especially in the small and mid-size segments) start to lay claim that they couldn’t make their own networks as secure as using Amazon’s EC2/S3 infrastructure services. This trend will accelerate in 2015. Small and medium businesses usage of cloud applications will increase because they are unable to keep pace with the rate of change of attacks and threats, as well as resulting legal and compliance requirements. Why? Mainly due to the cost and level of effort it would require to adequately protect against the myriad of data breach possibilities. They want to be experts in their businesses, not in IT Security, and their organizations don’t have the size and scale to justify in-house resources to do it themselves. As a result, they will rely partially on their service providers like Amazon Web Services. This doesn’t mean that these organizations are handing over all responsibility to Amazon. Amazon clearly states that security is a joint responsibility and spells out specific areas they will commit to versus end user responsibilities.

read more

SYS-CON Media announced today that Vormetric launched a popular blog feed on Cloud Computing Journal with almost 5,000 story reads.
Cloud Computing Journal aims to show how and why Cloud Computing is an opportunity for business to implement low cost, low power and high efficiency systems to deliver scalable infrastructure without heavy investment in hardware, training or software licensing.

read more

As much as we think the Apples and Walmarts of the world are running our lives, it’s much more likely that small businesses are running the world. Or at least in the United
States. According to the U.S. Census Bureau, 99.9 percent of U.S. business has less than 500 employees, 98 percent with less than 20 employees.

read more

What changes in the cloud computing, Internet of Things and Big Data landscape should you be expecting in 2015? This article offers a round-up of industry experts’ opinions on the New Year.
Now that cloud services have become part of IT’s “new normal,” commonly referred to as “hybrid,” it seems obvious that the approaches and tools we use to manage IT would also evolve and mature, though the pace of evolution varies amongs companies, of course. According to a Website Magazine article quoting a Gartner survey, more than 55% of CIOs indicate they would host all critical apps in the cloud by 2020. Cloud services use cases can vary greatly, but often hold common themes around converting traditional applications to SaaS, or adding disaster recovery to your existing datacenter with RaaS.
What does this tee up for next year? Here are four key areas to watch in 2015:

read more

Picture credit: Sarah Joy/Flickr

Organisations on average use 613 cloud apps, according to the latest study from Netskope – but almost 90% of them aren’t enterprise-ready.

That’s the key takeaway from Netskope’s January 2015 cloud report of millions of users in the Netskope Active Platform, which found that more than one in five organisations have over 1000 cloud apps in use.

Given 15% of users admitted they had their credentials compromised, as well as a quarter of all files in cloud storage apps being shared with at least one person outside the organisation, it’s certain to give CIOs a headache.

Marketing, collaboration and HR departments are least likely to be using enterprise-ready cloud apps – marketing departments polled by Netskope had a whopping 96% of apps not ready.

The report asserts that a growing number of users are logging into their cloud apps using compromised credentials, be it through reused passwords or details which have been stolen through a data hack or exposure. Despite this, cloud adoption continues to grow, with a 6% increase between the last two quarters.

“Employees today have shifted from thinking of apps as a nice-to-have to a must-have,” said Sanjay Beri, CEO and founder of Netskope. “CISOs must continue to adapt to that trend to secure their sensitive corporate and customer data across all cloud apps, including those unsanctioned by IT.”

The most popular enterprise cloud apps, according to the study, were Google Drive, Facebook and YouTube, with Twitter and Gmail completing the top five. This is an interesting comparison, given aside from Google Drive, there were no other storage and collaboration apps in the top five. iCloud (#6), Dropbox (#7), OneDrive (#9) and Box (#10) however all featured strongly.

Despite the worries about what files go where and who has access to what, some organisations are attempting to stem the tide. Veradocs, a Mountain View-based startup, aims to effectively provide a ‘kill switch’ for compromised data, allowing end users and IT to set policies for files and change their in real time.

Cyberattacks such as Heartbleed and Shellshock were cited by Beri as a serious danger last year. “These events underscore the sobering reality that many in the workforce have been impacted by data breaches and will subsequently use compromised accounts in their work lives, putting sensitive information at risk,” he said.

You can download the full report here.

Picture credit: Adam Fagen/Flickr

Fewer than 10% of companies polled in the latest Cloud Security Alliance (CSA) survey are aware of their employees’ shadow IT activity.

The survey, created in conjunction with Skyhigh Networks, gave a definition of shadow IT as “technology spending and implementation that occurs outside the IT department, including cloud apps adopted by individual employees, teams, and business units.”

And the report, which polled executives and IT managers, found their biggest worry over shadow IT is security of corporate data in the cloud, with almost half (49%) of respondents citing it. Compliance violations (25%), the ability to enforce policies (19%) and redundant services creating inefficiency (8%) were also noted.

It’s certainly a worry for business executives – and particularly so given these worrying stats:

• File sharing and collaboration tools (80%) by far the most popular cloud services used, followed by communication tools (41%), social media (38%) and content sharing (27%)
• Dropbox (80%) is by far the most likely cloud service to be blocked, followed by Facebook (50%) and Apple iCloud (50%). Surprisingly, 18% of respondents say they block LinkedIn
• Security of data (73%) is the biggest concern for holding back cloud projects, with loss of control over IT services (38%) and concern over regulatory compliance (38%) again highly cited

Remarkably, half of companies still don’t have a policy in place on acceptable cloud usage. But is it apathy which is holding firms back? Yes and no: 27% of those polled admitted they didn’t have a plan but are looking to create one, while 23% were more apathetic.

However in terms of data breaches, 2014 was hardly a banner year according to the CSA. While more software vulnerabilities were uncovered last year than any other year on record, only 17% of companies polled said they’d experienced an insider threat in the past 12 months, such as an employee taking sensitive data with them after quitting. Yet around a third (31%) said they weren’t sure, which certainly raises alarm bells.

The report again sounds out issues facing organisations when moving data to the cloud. “Companies will need to enforce the same security, compliance, and governance policies that they do for data stored on premises,” the report argues.

“IT will also need to work more collaboratively with business users to understand the motivations behind shadow IT and enable the cloud services that drive employee productivity and growth in the business without sacrificing security,” it adds.

Back in 2013 the CSA coined the term ‘the notorious nine’ for security threats to cloud, with data breaches, data loss and account hijacking the top three fears. As we enter 2015, it seems not much has changed.

There is a difference. One is strategic, one is tactical. One lays the foundation for the future, the other sweeps the past under the rug.

There is a move (again) in technology that pits consolidation as the be-all and end-all of tactical maneuvers in the data center to reduce operating expenses. The hue and cry is not surprising. Many of us have seen it before. An onslaught of technology in the forms of solutions and services rains down upon the data center, promising to solve this pain point and the next. Eventually, overwhelmed by the unmanageable number of devices, appliances and servers needed to support all these disparate solution, consolidation arrives on a white horse to save the day. Get rid of all the boxen! Save money on power, on cooling, on management. Simplify your architecture!

read more

SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, will exhibit at SYS-CON’s 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Cloudian, Inc., is a Foster City, California – based software company specializing in cloud storage software. The main product is Cloudian, an Amazon S3-compliant cloud object storage platform, the bedrock of cloud computing systems, that enables cloud service providers and enterprises to build reliable, affordable and scalable cloud storage solutions. In addition, Cloudian is actively partnering with the leading cloud computing environments including Citrix Cloud Platform and OpenStack, cloud on-ramp providers, and the vast ecosystem of tools and applications that is afforded through true S3 compatibility. Cloudian’s customers include Alcatel-Lucent, Vodafone, Nextel, Docomo, NTT, SoftBank, Telecom Italia, Nifty, LunaCloud, Constant Hosting, and Clara Online. The company has additional offices in China and Japan.

read more