Guest Blog: Is Your VM Celebrating World Backup Day?

Guest blog article from Peter Hale, Content Manager (Consumer), Acronis! Is Your VM Celebrating World Backup Day? Despite what you may have heard, you need to back up your virtual machines Everyone knows that April 1 is April Fools’ Day. But did you know that the day before that (March 31) is World Backup Day? It was […]

The post Guest Blog: Is Your VM Celebrating World Backup Day? appeared first on Parallels Blog.

A Cloud Solution-Level Approach to SMBs | @CloudExpo #Cloud #DigitalTransformation

The next BriefingsDirect Voice of the Customer cloud adoption patterns discussion explores how integration of the latest cloud tools and methods help smooth out the difficult task of creating and maintaining cloud-infrastructure services contracts. The results are more flexible digital services that both save cloud consumers money and provide the proper service levels and performance characteristics for each unique enterprise and small business.

read more

Enabling #DevOps | @DevOpsSummit @GlueNetworks #NFV #SDN #SDNO

Digital transformation requires rapid network changes. Navigating these changes well is difficult but critical, as the function of business applications are at stake. Customers aren’t interested in what’s going on behind the scenes; they simply want the platform to work. Hosting Facts researchers found that a single-second delay in website loading time can result in a seven percent loss in conversion, and 40 percent of web users will abandon a website if it takes longer than three seconds to load.

read more

System Hardening with @Ansible | @DevOpsSummit @AppseccoUK #DevOps

The DevOps pipeline is constantly changing. Therefore relevant security controls must be applied contextually. We want to be secure, but I think all of us would rather spend our time developing and deploying software. Keeping up with server updates and all of the other security tasks is like cleaning your home – you know it has to be done, but you really just want to enjoy your clean home. The good news is you can hire a “service” to keep your application security up-to-date, giving you more time to develop.
At the recent All Day DevOps conference, Akash Mahajan (@makash), a Founder/Director at Appsecco, discussed how to harden your system’s security with Ansible. In addition to his role at Appsecco, Akash is also involved as a local leader with the Open Web Application Security Project (OWASP).

read more

IT Companies Continue to Fuel Cloud Growth

There’s no question any more about cloud growth. The many advantages that come with cloud have made it a preferred option for storing and accessing applications, and companies world over have begun to embrace it in a big way.

The SolarWinds IT Trends Report 2017 that was released on Wednesday shows the magnitude of cloud growth. It reports that 95% of IT professionals surveyed have said that their organization has migrated critical applications and data to the cloud.

This is significant in many ways. Firstly, it gives us an insight into the depth of cloud market. Though most of us knew that companies were adopting cloud in a big way, it’s still a surprise to see that 95% have some kind of critical application in it. This number signifies the growing trust that companies have in the cloud now.

Secondly, it shows how far cloud security has come over the last few years. Many reports released a few years ago show the reluctance of companies to migrate their critical applications to the cloud because of security concerns. Though these concerns are not fully gone, the fact that companies are considering a hybrid model to overcome these insecurities is heartening. This way they can leverage the power of cloud and at the same time, protect their assets.

That said, there is more room for cloud growth based on the statistics presented in this report. It states that IT budgets are not moving towards cloud technologies, as 69% of respondents said that companies spend less than 40% of their annual IT budget on cloud technologies. Another 45% of respondents said that their respective organizations are spending around 70% of their budget on traditional and on-premise applications.

These numbers mean that there is room for cloud growth, and also that hybrid infrastructure is emerging as the preferred model of operations, as businesses prefer to use both cloud platforms and on-premise datacenters to store their data and applications. The choice of moving to the cloud is believed to be based on factors such as the priority of applications, perceptions about cloud security and ROI

The report further states that 74% of respondents said that their organization had moved applications to the cloud, 50% had said that they moved storage and 35% said they moved databases. The decision to choose these migrations was based on return on investment (ROI). In fact, ROI is seen as the driving factor for deciding what and when should be migrated to the cloud.

What does this report mean to customers and client industry at large? First off, it’s a ton of positive news that can entice more customers to move their operations to the cloud. Another aspect that it reflects is the changing role of IT professionals within the industry. With such a rapid rate of cloud growth, there is going to be a greater focus on management and integration than pure development. It’ll be interesting to see how IT professionals take to this change.

Lastly, it shows the vast opportunities that continue to exist for cloud-based companies.

In all, there’s much to cheer from this report.

The post IT Companies Continue to Fuel Cloud Growth appeared first on Cloud News Daily.

AWS turns its contact centre into a service with Amazon Connect

Amazon Web Services (AWS) has announced the launch of Amazon Connect, a self-service cloud-based contact centre service which aims to make customer service easier and cheaper for businesses.

The service is an extension of the cloud infrastructure giant’s own customer contact centre technology – going back 10 years – put together as a service; think of the launch of Lex, the technology that powers Alexa, as a general service for a similar example.

Indeed, Lex is part of the package. Customers can build natural language contact flows and organisations can adapt the customer experience; in other words, callers can simply state their commands instead of having to listen to never-ending lists of menu options.

Crucially, many other players in the contact centre space are on board with AWS, including Freshdesk, Salesforce, and Zendesk. “An Amazon Connect and Zendesk integration provides our many shared customers with a seamless experience,” said Sam Boonin, Zendesk VP product strategy in a statement. “These companies are placing customer relationships at the forefront of their business and, in return, creating loyal customers.”

The press materials give a quick rundown of how Connect works. “With Amazon Connect, customers can set up and configure a ‘virtual contact centre’ in minutes,” AWS notes. “There is no infrastructure to deploy or manage, so customers can scale their Amazon Connect Virtual Contact Centre up or down, onboarding up to tens of thousands of agents in response to business cycles and paying only for the time callers are interacting with Amazon Connect plus any associated telephony charges.

“Amazon Connect’s self-service graphical interface makes it easy for non-technical users to design contact flows, manage agents, and track performance metrics – no specialised skills required.”

Connect integrates with a variety of current AWS tools, including Amazon S3, Redshift, and QuickSight for data visualisation and analytics. “We’re excited to offer this technology to customers as an AWS service – with all of the simplicity, flexibility, reliability, and cost-effectiveness of the cloud,” said Tom Weiland, Amazon vice president of worldwide customer service.

The product is currently available in the US and the majority of Europe, with more countries being rolled out ‘in the coming months’. You can find out more about it here.

Choosing a #Serverless Architecture | @DevOpsSummit #DevOps #AI #Docker

Information Technology has advanced in different areas at different speeds. This has always been true, as people found workable solutions to the problems that faced them today, most often before there was a market for those solutions. While things like virtualization and eventually cloud computing grew slowly, programming languages sat at the same point for around a decade before the current round of new languages and approaches—Python, Ruby, Node, Swift—came about. These things seem unrelated, but there is a union of the two sets of changes that we are about to see blossom.

read more

There’s no such thing as a free lunch: Why business needs to understand cloud threats

Businesses across the country have bought into the extraordinary benefits of cloud computing. Senior executives have become passionate advocates, attracted by the promise of greater agility, cost savings and convenience. It is no surprise that global spending on public cloud services will reach $141bn by 2019. But business leaders are less well informed when it comes to the risks the cloud can introduce to enterprise environments.

That’s why IT needs to take ownership of cloud security. This will certainly require specialised tools designed to detect the “needle in the haystack” of cyber threats across this type of IT service delivery. It will also demand that IT functions articulate those threats in a language the business understands. Without cyber risk being articulated in the familiar lexicon of business risk, senior management and board-level engagement is difficult to secure.

Scoping the threat

Clouds (and cloud services) come in many shapes and sizes. But despite the undoubted business and IT benefits, security still tops the list of barriers to adoption. These concerns frequently revolve around the multi-tenancy nature of many cloud offerings. The question as to whether you can be sure your sensitive customer data and/or IP is protected from the virtual machines (VMs) of other tenants, some of whom may be competitors is a reasonable concern? Others include: whether your supplier is certified to comply with relevant industry standards and regulations like PCI DSS and ISO 27001? If you know where your data is being stored and how it is being handled by your CSP? Do you know what kind of security measures are in place, and what you are expected to provide?

These are all valid concerns, especially as the means to launch successful attacks in the cloud are increasingly available on the dark web. Anyone trying to “shoehorn” traditional security products and techniques into their cloud environment needs to be confident that they are not compromising their security preparedness. 

Zero-day threats are particularly difficult to detect, yet critical to defend against. Signature-based anti-virus solutions, traditional firewalls and even intrusion defence systems are fine when dealing with known malware. But they become problematic when they present as something that hasn’t been seen before. A zero-day threat in your cloud environment could enable attackers to access your sensitive customer data and trade secrets, or simply give them an opportunity to spread ransomware.

A determined hacker will always find a way into a system. The important thing to focus on is detecting this as soon as possible. The longer you allow an attacker to stay active, the deeper they can go and the more damage they will inflict.

Taking control

Business users keen to accelerate moves to the cloud can sometimes risk paying insufficient attention to safety or security, so it is important for IT leaders to take control. The reality is that when it comes to the cloud, you can’t outsource responsibility, so businesses need to be proactive about vetting providers, understanding what security controls they have in place and where and how data is stored. But most importantly, they need to work out what protections they still need to put in place “over the top” to keep key data and systems safe from harm.

Central to any security strategy should be to reduce the attackers’ “dwell time” – the time between infection and detection – which currently averages an unacceptable 146 days. Some organisations set up alerts to help them spot unusual behaviour. Unusual, however, is not necessarily a problem but it can swamp teams with too much data to investigate, inevitably leading them to spend so much time fire-fighting that they can miss the all-important needle in the haystack.

Threat intelligence needs to be consolidated to be genuinely useful;  part of this is being able to baseline normal behaviour in order to better spot unusual activity that indicates a breach. Applied in the right way, machine learning can help by systematically prioritising only the most critical threats to maximise your response team’s effectiveness. Given the more exposed and accessible nature of cloud systems, these approaches become even more important.

Talk, talk, talk

Detecting threats is one thing, but taking action on major issues typically requires wider understanding from technical and business teams. That means being able to describe threats and impacts in a way that is meaningful beyond security operations. It doesn’t matter how impassioned you are about threat vectors, unsecured APIs, or inter-VM attacks, it will mean nothing unless they are translated into the right risk lexicon.

Highlighting a compliance failure may be met with blank stares but if it means no revenue because the business can’t process payments it takes on a greater significance and will be rectified quickly. Similarly, a report of a security issue affecting a number of virtual servers may not be seen as a priority until the associated business impact and the potential loss of customer data and resulting financial and reputational impacts are clearly understood by management. To support this, companies are increasingly investing in intelligent systems that can articulate the specific business risk to the organisation of a given cyber threat.

Cloud computing is here to stay, and is transforming organisations across the globe. But it has also introduced new challenges that many organisations are still coming to grips with. IT teams, security functions and business stakeholders need to communicate effectively, in a common language, to understand and manage cyber risks in this new outsourced world. 

[slides] The Right #AWS Services | @CloudExpo @BMCSoftware #TrueSight

Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.

read more