Check it out—Scott Patterson, Assistant Editor of Education Technology Solutions in Australia, recently interviewed Parallels’ own Kevin Greely. Read their conversation, discussing the ‘School of the Future’, BYOD, and more emerging trends in technology: Based on what you are seeing, what does the ‘School of the Future’ look like? Kevin, Parallels: I’m 20 years […]
The post Employee Interview: Five Minutes with Parallels’ Kevin Greely appeared first on Parallels Blog.
(c)iStock.com/magann
Almost two thirds of organisations in a CipherCloud survey on cloud data protection say compliance and auditing privacy is the biggest security challenge associated with cloud computing.
CipherCloud, which has released its inaugural “Global Cloud Data Security Report”, found a number of interesting findings in the research, and the challenges associated with data security for Global 2000 companies.
Compliance and data protection concerns continue to remain the top barriers for cloud adoption. Compliance (64%) was seen as the biggest cloud security challenge, followed by unprotected data for documents (32%). Malware protection for documents (2%) and a lack of secure collaboration and file sharing methods (2%) were relatively inconsequential in comparison.
The number one concern identified was a regulation that a country imposes upon an industry or organisation, often referencing the collection of data on their citizens and utilising cloud apps to process and store the information.
Increasingly in Europe, as this publication has previously reported, cloud service providers are building data centres in countries closer to their customer base to get around issues of data sovereignty and latency – yet the concern still pervades. 58% of respondents cited this as a main issue, while 31% were concerned about internal security adherence and 11% cited a lack of data residency.
“Several organisations are proactively instituting self-imposed data security regulations for any cloud-based application,” the report notes. “These internal regulations are extensions of existing enterprise data security policies and best practices. The primary concern associated with self regulation is the lack of data classification standards.”
Compelling events that drove cloud adoption decisions included the opportunity to introduce new cloud tools and services (47%), replacing legacy applications (22%), and information collaboration (11%). Despite this Pravin Kothari, CipherCloud CEO, remains optimistic.
“Organisations are harnessing cloud computing to more effectively compete in the global economy with faster time to market and cost efficiencies,” he said in a statement. “At the same time, the headwinds of privacy legislation in North America, Europe, South America and Asia Pacific make the case for data-centric protections in the cloud.”
He added: “Our research indicates that compliance factors are galvanising organisations, particularly in healthcare and finance, to fortify their data defences in the cloud.”
Do you agree with this analysis?
One of the most difficult things to do today is to identify a legitimate user. Part of the problem is that the definition of a legitimate users depends greatly on the application. Your public facing website, for example, may loosely define legitimate as “can open a TCP connection and send HTTP request” while a business facing ERP or CRM system requires valid credentials and group membership as well as device or even network restrictions.
A security skills shortage is hampering cloud adoption
Security and an IT security skills shortage remain the most prevalent barriers to cloud uptake, according to Ovum principle analyst Andrew Kellett.
Although Ovum’s research suggests the volume of sensitive corporate data stored in the cloud continues to grow, with enterprise cloud adoption rates exceeding 80 per cent, in many cases this data is not adequately protected.
“Security, or lack thereof, is a significant issue. If there is one problem area inhibiting further adoption of cloud-based services, it is enterprise concerns about shortfalls in the protection regimes of many cloud service providers,” Kellet said, adding that since more sensitive data appears to be stored in the cloud the most basic security practices and controls aren’t necessarily enough.
“On too many occasions, security policies only come into place once a new technology has already gone mainstream, and this is certainly true of the cloud industry. Many cloud providers have been guilty of ‘bolting on’ security as an afterthought, something which has left previous generations of technology vulnerable to malware attacks, advanced persistent threats and other breach tactics.”
“Whether they like it or not, organisations are putting their trust in the hands of the service provider, often without being completely satisfied that such trust is justified or that service levels and protection can be maintained,” he concluded.
Other recently published research from Ovum suggests enterprises are quite concerned with how their cloud service providers implement security controls. The company recently surveyed 818 ITDMs for their views on cloud security and found that in the US specifically, respondents seemed most concerned about lack of control over the location of data (82 per cent), increased vulnerability of shared infrastructure (79 per cent), and “privileged user” abuse of the cloud service provider (78 per cent).
FinancialForce has raised $110m from TCV, Salesforce
FinancialForce, a provider of a Salesforce-based ERP and HR services has raised $110m in a round led by Technology Crossover Ventures (TCV) with participation from Salesforce’s investment arm, Salesforce Ventures. The company said it will use the funds to expand sales, marketing and development.
The latest funding round comes less than a year after the company scored $50m from Advent International.
“Our goal has always been to transform the ERP market in the same way that Salesforce has for CRM. As our growth indicates, the industry is responding to our customer-centric approach to ERP where our apps, built natively to run alongside the Salesforce Customer Success Platform, help businesses create meaningful relationships with customers and employees to grow their top and bottom lines,” said Jeremy Roche, chief executive officer and president, FinancialForce.com.
“With TCV and Salesforce Venture’s contributions, FinancialForce.com can continue our rapid rate of growth and become the cloud ERP choice for all forward-thinking companies,” Roche added.
The company has reported strong growth over the past couple of years, no doubt bolstered by the continued success Salesforce seems to be realising.
FinancialForce said 2014 was its “banner year” for the firm, reporting 91 per cent annual subscription run rate growth and $50m in revenue. It also increased its global headcount by more than 80 per cent, from 250 employees at the end of 2013 to more than 450 at the end of 2014. The company said it currently has more than 500 employees spread across six global offices.
The funding round speaks to what now seems to have become an entrenched industry dynamic – where younger, more nimble cloud-native startups like NetSuite and FinancialForce are starting to overtake large IT incumbents, particularly in areas where software is traditionally bulky and relies heavily on tight integration (i.e. ERP). Salesforce, the platform upon which FinancialForce is based, recently announced full fiscal year 2015 revenue hitting $5.37bn – no small sum by any stretch of the imagination.
Microsoft and close to 50 tech companies and civil liberties associations have renewed calls to reform the US Patriot Act ahead of the expiry of the law’s provisions governing bulk data collection
Microsoft, along with nearly fifty other technology civil rights associations and technology firms have signed an open letter to senior members of the US government calling for reform of the Patriot Act, a cause célèbre for Microsoft among other cloud firms in recent years.
Microsoft has previously criticised the US government’s bulk data collection practices, and the ability of its authorities to act on warrants beyond US soil (particularly when such acts contradict local laws where those businesses operate).
In an open letter to very senior members of the US government including Michael Rogers, director of the NSA, senate minority leader Harry Reid, and US president Barack Obama, the organisations reaffirm the need to end the US government’s bulk data collection practices, and make government and corporate reporting on any Foreign Intelligence Surveillance Court decisions more transparent.
The US Patriot Act Section 215, which currently serves as the legal basis for the NSA’s bulk collection of metadata, is due to expire in June this year.
“We the undersigned represent a wide range of privacy and human rights advocates, technology companies, and trade associations that hold an equally wide range of positions on the issue of surveillance reform. Many of us have differing views on exactly what reforms must be included in any bill reauthorizing USA Patriot Act Section 215,” the letter reads.
“That said, our broad, diverse, and bipartisan coalition believes that the status quo is untenable and that it is urgent that Congress move forward with reform.”
“It has been nearly two years since the first news stories revealed the scope of the United States’ surveillance and bulk collection activities. Now is the time to take on meaningful legislative reforms to the nation’s surveillance programs that maintain national security while preserving privacy, transparency, and accountability.”
Microsoft is among a range of technology companies in support of reforming how American legal entities treat data, both within the context of surveillance activities or general legal proceedings. But US lawmakers have signaled they are prepared to act on longstanding promises to reform the legal landscape. Last month American lawmakers introduced two bipartisan bills that seek to limit the reach of US courts over data stored in cloud services located outside the US, a move welcomed by a broad coalition of technology and telecoms firm – including Microsoft.
The list of ‘new paradigm’ technologies that now surrounds us appears to be at an all time high. From cloud computing and Big Data analytics to Bring Your Own Device (BYOD) and the Internet of Things (IoT), today we have to deal with what the industry likes to call ‘paradigm shifts’ at every level of IT.
This is disruption; of course, we understand that – change is almost always disruptive.
There’s a lot of focus on the performance of mobile communications given the incredible rate at which mobile is outpacing legacy PC (did you ever think we’d see the day when we called it that?) usage. There’s been tons of research on the topic ranging from the business impact (you really can lose millions of dollars per second of delay) to the technical mechanics of how mobile communications is impacted by traditional factors like bandwidth and RTT. Spoiler: RTT is more of a factor than is bandwidth in improving mobile app performance.
Security is one the more prominent of the application service categories, likely due to its high profile impact. After all, if security fails, we all hear about it. The entire Internet. Forever.
So when one conducts a survey on the state of application delivery (which is implemented using application services) you kinda have to include security.
Which of course, we did.
Khatib & Alami moved onto iland’s public cloud platform this year
Global architectural design and project management firm Khatib & Alami (K&A) has moved from a private cloud platform onto a public cloud, which the company said has led to a 40 per cent reduction in IT operations management spend.
K&A, which was set up in 1964 and has offices in the Middle East, Africa, Western Europe and North America, offers a range of architectural and engineering services.
The company originally moved to deploy its internal applications on a private cloud platform hosted in iland’s datacentre in London, which it did in order to consolidate its IT environments.
At the time the company also experimented with public cloud platforms, but preferred to maintain its private cloud deployment. However, while it’s difficult to narrow down an exact figure where private and public cloud platforms are equal in cost, the company’s corporate IT manager Mohamed Saad said the public cloud option began to make more sense at the company’s growth began to outpace its ability to scale efficiently, both in terms to technology and personnel.
“The hardware was becoming too restrictive because we weren’t able to scale up. We would have had to purchase more hardware and then deploy that and add more virtual servers with capacity for additional processing power. We would also have needed to employ the maintenance staff that went along with purchasing more hardware. Then we’d have to maintain all this equipment,” he explained.
“All of the maintenance and management headaches and the fact we needed rapid scalability helped us come to the decision that having our own private cloud infrastructure was just too much of a hassle.”
“What’s more, iland’s public cloud was considerably more economical than using our own equipment. We’re getting close to 35 to 40 per cent cost savings with iland’s cloud. iland now hosts all of our mission critical applications, allowing us to focus our IT efforts on activities that drive our business forward,” he added.