Believe it or not, the first data backups were made on paper. Dating back as early as the 18th century, the “technology” was used in the form of paper tapes constructed from punch cards to control the functions of automated machinery such as textile looms. The concept of these cards was then further developed by IBM in the early days of data processing, where data input, storage and commands were captured using a series of hole punches.

In 1956, IBM introduced the 350 disk storage unit – the first ever hard disk drive. It was 60 inches in length, stood nearly 70 inches tall and had a capacity of 5 million 6-bit characters – or 3.75 MB of data. And although less than 4 megabytes may not seem like much (a decent cell phone can today take a picture with a larger file size), the 350 unit represents a more modern concept of storage and data backup that over time has become a critical element of business planning and strategy.

read more

(c)iStock.com/Maciej Noskowski

With Mobile World Congress over for another year, I’ve now had a chance to digest everything that was on show last week. This conference, which is arguably the planet’s best venue for mobile industry networking, looked at the Internet of Things and the connected world, anything and everything from developments such as 5G to newly connected toothbrush devices that ensure consumers brush their teeth as the dentist intended.

What all these new technology innovations seem to have in common is the capability to generate obscene – and yet potentially very useful – amounts of data. How organisations manage and use this data – and how they keep it secure – will be a major challenge and one of the key predictors of success across many industries.

With an overwhelming array of new technology producing ever increasing amounts of often sensitive data, now more than ever there is scope for hackers to breach personal and company sensitive data. With reports highlighting the need to safeguard the confidential data on employees’ smartphones and tablets, the security of connected devices is becoming even more problematic and is set to be a big issue in 2016.

This was further highlighted by recent research conducted by analyst firm, Gartner, who predicted that half of employers will require employees to supply their own devices for work by 2017, which opens up a lot of sensitive data that will be available via millions of unsecure devices.

This got me thinking about the fact that even if you secure devices on a network, you still need to secure your systems and infrastructure right from the server to the end user. This includes wherever that infrastructure might be – most of which is likely to be in the cloud.  With the growth of IoT, the Connected World, mobile devices and cloud being key themes for 2016, companies need to ensure that the end-to-end attack surfaces are all fully protected.

This is clearly evident from the many infrastructure breaches we have seen recently in the press – from the well-known UK telecoms provider that suffered a well-publicised infrastructure breach at the end of October 2015, to lesser known small and medium-sized businesses that have been completely shelved by a cyber-attack in the final quarter of last year. With more businesses adopting cloud than ever before, the cloud infrastructure that employees are working from also needs to be just as secure to cope with a security breach and protect all of that data.

Making sure your cloud networks, infrastructure, applications and data are as secure as possible is a vital part of leveraging the technological innovations that were presented at Mobile World Congress. Here are three security issues that organisations must consider and address to ensure a fully-secure cloud:

Threat landscape monitoring against attacks: Making sure that you know where the most vulnerable points are in your existing infrastructure means you can work to address and protect them. Having a cloud infrastructure in place that can monitor the threat landscape, scan for vulnerabilities and detect any potential threats can keep your organisation safe from debilitating infrastructure breaches.

Compliance: Many companies have higher levels of compliance policies to adhere to, including industry regulatory compliance requirements. Having a fully-compliant cloud infrastructure that fits to your country’s regulations and adheres to data sovereignty rules is essential in these highly regulated environments. More importantly, though, is the need to have the visibility into your cloud infrastructure that enables you to monitor cloud security and prove (to the C-Suite or auditors) that your company apps and data are secure and compliant. Cloud transparency and security and compliance reporting will become essential as cloud adoption grows and is used for more mission-critical business workloads.

Encryption of data: Having the ability to encrypt sensitive data is beneficial for a plethora of reasons; including making sure that service providers cannot access this information, deterring hackers and adding an additional layer of security for extra-sensitive data. As companies take on multiple clouds to manage data, it is important to ensure security and flexibility when transferring data between clouds. Alongside this, having the ability to hold your own key to this data encryption provides the power and security that comes with placing the highest possible restrictions on who can access sensitive data.

It is vital to have conversations with your cloud provider to ensure that you are on the same page where security is concerned. Otherwise, your infrastructure may not be fully protected and this can mean your organisation will remain mired in using cloud for the most basic use cases or, worse, expose your company data and apps to unacceptable risk.

There is no doubt that the onslaught of new technology – in some cases technology beyond our wildest dreams as showcased last week at MWC – brings with it additional security risks and threats. With the Internet of Things and the connected world growing exponentially, there will undoubtedly be more infrastructure breaches. In research that we conducted last June with Forrester, which covered the challenges companies face in dealing with their cloud providers, over half of respondents (55%) found that critical data which was available to cloud providers but hidden from users creates challenges with implementing proper controls. In today’s digital world, the consequence of not implementing proper controls around sensitive data is huge.

Our research clearly shows that more needs to be done in order for companies to feel safe using the cloud and being part of the connected world without feeling at risk of a breach. So, before you go racing off to implement the latest ‘must have’ gadget or new technology, the first step is to ensure that your systems are secure right at the core of the organisation. This clearly includes ensuring that your cloud infrastructure provides the security as well as the insight, and reporting into security that is required for your organisation to successfully be part of the connected world and the Internet of Things.

Lots of things are happening there. As of today it’s the liveliest software ecosystem. The last time I’ve seen such an interesting gathering was 15 years ago in Java.
Fifteen years ago Java developers were looking down on the JavaScript folks. It was assumed that JavaScript was only good for highlighting menus and making an impression that the Web site is current by displaying a running clock on the page. Mobile phones still had buttons with one digits and three letters. There were no App stores. Java was promising “Write once run everywhere”, but now we can see that JavaScript actually delivered on this promise.

read more

(c)iStock.com/Spondylolithesis

By Steve Davis, marketing director, NGD

We’ve seen it many times before; first generation technology products creating huge untapped marketplaces but eventually being bettered either by their originators or competitors. Think VCRs and then CDRs, both were usurped by DVRs and streaming, or the first mobile phones becoming the smartphones of today – the list goes on.

Cloud computing is no exception. The original ‘product’ concept remains very much in vogue but the technology and infrastructure holding it together keeps on getting faster, more functional, more reliable – put simply, better. Growing user and cloud service provider maturity is seeing to that. After 10 years of cloud, the industry and users have learned valuable lessons on what does and doesn’t work. They still like it and want much more of it but there’s no longer room for a one size fits all approach.

With this evolution, cloud “1.0” has morphed into “2.0” in the past year or so; while the name has been around for a few years, 451 Research among others have recently put it again at the forefront. The two core varieties of public and private have ‘cross-pollenated’ and given rise to hybrid, an increasingly ‘virulent’ strain. This is because companies are realising that they need many different types of cloud services in order to meet a growing list of customer needs.

For the best of both worlds, hybrid cloud offers a private cloud combined with the use of public cloud services which together create a unified, automated, and well-managed computing environment.

Economics and speed are the two greatest issues driving this market change. Look at the numbers. According to RightScale’s 2016 State of the Cloud Report, hybrid cloud adoption rose from 58% in 2015 to 71% thanks to the increased adoption of private cloud computing, which rose to 77%. Synergy Research’s 2015 review of the global cloud market found public IaaS/PaaS services had the highest growth rate at 51%, followed by private and hybrid cloud infrastructure services at 45%.

It’s an incestuous business. Enterprises using public clouds for storing non-sensitive data and for easy access to office applications and productivity tools, automatically become hybrid cloud users as soon as they connect any of these elements with private clouds, and vice versa.  Many still prefer the peace of mind of retaining private cloud infrastructure for manging core business applications as well as embracing those still valuable on-premise legacy systems and equipment which just can’t be virtualised.

Equally, a company might want to use a public cloud development platform that sends data to a private cloud or a data centre based application, or move data from a number of SaaS (Software as a Service) applications between private or data centre resources. A business process is therefore designed as a service so that it can connect with environments as though they were a single environment.

Hybrid and the data centre

So where does cloud 2.0 and the rise of hybrid leave the data centre? Clearly, the buck must continue to eventually stop with the data centre provider as it is ultimately the rock supporting any flavour of cloud – public, private or hybrid. Whether you are a service provider, systems integrator, reseller or the end user you will want to be sure the data centres involved have strong physical security, sufficient power supply on tap for the high density racks that allow scaling of services at will, and of course, diverse high speed connectivity for reliable anyplace, anytime access.

But for implementing hybrid environments, the devil is in the detail.  Often what isn’t considered is how to connect public and private clouds. And don’t forget some applications may still remain outside of cloud type infrastructures. There is not only the concern around latency between these three models but the cost of connectivity needs to be built into the business plan.

Location of the public and private cloud is a primary concern and needs careful consideration. The time to cover large geographical distances must be factored in and as a result the closer the environments can be positioned the better. The security of the connections and how they are routed also needs to be examined. If the links between the two clouds was impacted then how might this affect your organisation?

Customers who are actively building hybrid solutions increasingly demand their private clouds to be as close to the public cloud as possible. This is because using public Internet connections to connect to public cloud can expose end users to possible congestion and latency whilst direct connections do not come cheap.  Sure, latency between private and public cloud can be reduced but with some costs. Caching can help sometimes and the use of traffic optimisation devices is well-proven but each adds more complexity and cost to what should be a relatively straightforward solution.  Developers need to be conscious of the fact that moving large amounts of data between private and public cloud will cause latency and sometimes will need to redesigned purely to get over latency problems.

In a perfect world it would be ideal to use a single facility to host both public and private cloud infrastructure and use the various backup solutions available for data stored in the private and public clouds. This would reduce latency, connectivity costs and provide a far higher level of control for the end user. Obviously the location would have to be in a scalable, highly secure data centre with good on-site engineering services available for providing remote hands as necessary.  And thanks to the excellent quality of modern monitoring and diagnostics tools, much of the technical support can now be done remotely by the provider or user these days.

DevOps bridges the gap between Development and Operations to accelerate software delivery and increase business agility and time-to-market. With its roots in the Agile movement, DevOps fosters collaboration between teams and streamlines processes, with the goal of breaking silos in order to “go fast.”
Information Security (InfoSec) and compliance are critical to businesses across the globe, especially given past examples of data breaches and looming cybersecurity threats. InfoSec has long been thought of as the group that “slows things down” – the wet towel to your DevOps efforts – often requiring a more conservative approach as a means of mitigating risk. Traditionally, DevOps was viewed as a risk to InfoSec, with the increased velocity of software releases seen as a threat to governance and security/regulatory controls (these, by the way, often require the separation of duties, rather than the breaking of silos.)

read more

FalconStor Software® Inc. and Fujitsu have teamed up to provide a bundled hardware and software SAP HANA storage solution. The SAP-certified bundle consists of the FUJITSU Storage ETERNUS DX S3 system and FalconStor’s NSS IO multi-cluster technology. The joint solution not only meets the high demands of SAP HANA through application-optimized shared storage components but provides for seamless business continuity with its innovative, intelligent approach. The bundle is available immediately from Fujitsu.

read more