As enterprises continue to embark on their digital transformation journeys part of this change may involve migrating in-house applications, databases and data to the cloud.  But while all the benefits of cloud are widely understood, migrating a database or an application to the cloud is not always smooth sailing and there can be challenges to overcome when transitioning.  Here I wanted to highlight some of the steps enterprises should take to ensure their database migration is successful.

Why migrate to the cloud?

Let’s first look at why organisations might want to migrate their mission critical database to the cloud. As stated above, the benefits of cloud adoption have been widely documented over the last few years. Factors such as convenience, scalability, flexibility, and economic efficiency, all leading to improved productivity being the key takeaways. During the first wave of cloud adoption we saw that the main benefit was the cloud’s availability of low-cost IT infrastructure, which suited project-based development, Test & Dev, and DevOps. Now during the current wave of adoption, we are seeing more mission critical applications and a wider range of workloads migrating to the cloud. The net effect is a shift up the stack with an increased emphasis on application availability and assurance. Along with this, cloud environments are becoming more manageable, which enables companies to focus on more strategically relevant IT tasks such as defining transformative IT services for their internal and external users.

With the rise of remote working, the ease of access that cloud provides to its users is important. With cloud accessible from a multitude of devices, employees have access to vital information wherever they are located.  What we are seeing more often now is organisations migrating mission critical applications into the cloud including workloads with a variety of requirements. Furthermore, cloud migration enables very effective disaster recovery and high availability options for geographically‑distributed businesses.

Don’t migrate half-heartedly

Migrating workloads to the cloud is a strategic decision for an organisation, as it underpins the transformation towards a more agile and business-aligned operating model for their IT. Because of this, I would avoid migrating half-heartedly. If you are going to migrate to the cloud you should move over as much as possible. While a database can be migrated to the cloud independently, it usually makes more sense – technically and strategically – to also migrate with it the applications which are served and interact with it in order to take full advantage of the benefits of cloud.

If you are going to migrate a database to the cloud in isolation without its associated application, it’s crucially important to rely on specific expertise both for the migration and the following service management related to it. The migration should consider all the interdependencies and resource requirements to guarantee performance, availability and security in the cloud; and adequate service management skills are key to ensure proper configuration and change management. That’s why when it comes to a mission critical database, those serving an ERP system – a specialised enterprise‑class cloud provider which also provides managed services and SLAs – should be considered over general purpose or pure‑IaaS cloud alternatives.

Three key reasons why enterprises don’t migrate to the cloud

Enterprises are often cautious about putting their mission critical workloads into the cloud for very specific reasons:

• Security and compliance. Often security burdens are so heavy that enterprises are cautious about considering alternatives
• Performance degradation. Many enterprises cannot compromise on the performance of mission critical apps
• Availability. If users cannot access applications, they are unproductive; workflows are stifled and the business is up in arms. That’s exactly what Enterprise‑class cloud providers which specialise in mission‑critical workloads effectively address, with a combination of ad hoc cloud architectures and cloud management tools as well as stringent operating principles and expertise.

For example, rather than using a general‑purpose cloud architecture, with Enterprise‑class cloud providers who specialise in mission‑critical workloads, enterprises can utilise dedicated individual VRF domains. VRF is a network virtualisation technique used by Telco Providers, the same one used to isolate MPLS circuits. This helps in isolating domains in a multi-tenanted cloud, with many benefits in terms of security, compliance, resource utilisation and optimisation of network topologies and segmentation. This option provides enterprises the freedom of the public cloud while still keeping it virtually private and as secure – or even more secure – than what they have on-premise.

Make sure you have a plan

With any large-scale programme of work like moving a mission critical application into the cloud, the first step is to devise a plan. By doing so, organisations can avoid the worst-case scenarios that may appear both during and after the migration. This plan should cover what features you require in the cloud and what steps are being taken to secure this data. It is also important to truly understand the cloud environment being used, whether private, public, hybrid or multi-cloud, as no one cloud does it all, and different use cases require specialised attributes. Therefore, preparing and understanding the use case is another important requirement.

There is another key aspect, which is the complexity of different application environments. They don’t live in isolation. There is a lot of interdependency between different application modules or between the applications and the databases. The way those interdependencies are sustainable in a private cloud environment is via very sophisticated network topologies through the use of VLANs, and so on. These are the driving principles which govern the network or VLAN configuration in a private environment. When you consider moving legacy applications to the cloud, you don’t want to disrupt those configurations, topologies and related private IP addressing schemes, as the ripple effect could be fatal. Lifting and shifting to a standardised cloud environment just won’t work here.

And finally – cost efficiencies

The biggest cost of mission critical applications and databases is not building them and starting them up, but rather the total cost of running them. Migrating a database to an enterprise‑class specialised cloud gives access to a set of automation tools and operating templates which reduce human intervention and improve speed and accuracy for most of these important tasks, while significantly reducing the associated operating costs.

Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or personal computing needs.

read more

The RSA Conference in San Francisco is a hotbed of news, analysis and reports on the security industry, with research from the Cloud Security Alliance (CSA) and automation software provider Sonatype being of particular interest.

The CSA report, State of Cloud Security 2018, assesses the steps cloud providers and enterprises are taking when it comes to security, as well as regulation and the changing threat landscape.

The report notes that as the landscape for cloud services expands, so do the security options with it. Infrastructure as a service (IaaS) overlaps with platform as a service (PaaS), while serverless enables the hardware and software to be decoupled, and the software as a service market (SaaS) also expands. The rise of cloud access security broker (CASB) providers, and managed security services, is a sign that organisational security goes beyond the traditional corporate perimeter.

Regarding the role providers have to play, the report warns around the evolving landscape. “Training videos and manuals may not be enough as enterprises are using multiple cloud services and can’t keep up,” the report explains. “To help enterprises battle against the technology sprawl of features, the aim needs to be towards safe and secure default configurations and ensuring the proper use of new features.

“Any breach of a service, even due to user error, can negatively impact customer trust and reliability of a product,” the report adds. “User interface and behaviour should be just as important as the features themselves.”

The report concludes that, ultimately, technology moves faster than the business’ skills to adopt them, and the dreaded cloud skills gap needs to be met head on by the industry through partnership and collaboration.

Vinay Patel, managing director at Citigroup and chair of the CSA Global Enterprise Advisory Board, said that cloud security remained a ‘work in progress’. “It is incumbent upon the cloud user community to collaborate and speak with an amplified voice to ensure that their key security issues are heard and addressed,” he said.

“We hope this document will serve as a roadmap to developing best practices in the establishment of baseline security requirements needed to protect organisational data,” Patel added.

Elsewhere, a report from Sonatype concluded that organisations with mature DevOps practices were significantly more likely to integrate automated security than firms with no DevOps practice. More than three quarters of mature DevOps organisations have open source policies in place, with greater adherence than those without, while nine in 10 (88%) with mature DevOps practices are investing in application security training.

You can read the CSA report here (registration required) and the Sonatype report here (registration required).

The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D

read more

Cloud services are becoming practically ubiquitous – but according to the latest study from McAfee, one in four organisations who use the public cloud has had their data stolen.

The findings appear in ‘Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security’, a report which surveyed more than 1,400 IT professionals around security concerns with private and public cloud services.

Usage numbers are as strong as one would expect – except for one. 97% of respondents said they were using cloud services of some form, while more than four in five (83%) say they store sensitive data in the public cloud. Yet while two thirds (65%) said they had a cloud-first strategy, this was down from last year’s ranking of 83%. McAfee puts this down to caution on the part of certain companies – but added that ‘the more they know, the more confident IT professionals are that cloud-first is the course they want to be on.’

A quarter of firms polled who use IaaS, PaaS or SaaS said they have had data stolen, while one in five has experienced an advanced attack against its public cloud infrastructure. This is particularly serious given the various types of sensitive data stored. 61% of firms polled said they stored personal customer information, while 30% store intellectual property and healthcare records.

With GDPR just around the corner – only a month away – organisations reported a significant increase in their compliance efforts. Fewer than 10% of respondents said they were dialling back investment in their cloud provider because of GDPR.

The report gives three best practice tips for organisations looking for greater security gains. Firms should, if they’re not already, explore DevOps and DevSecOps environments – ‘integrating development, quality assurance and security processes within the business unit or application team is crucial to operating at the speed today’s business environment demands’ – as well as invest in a unified management platform across multiple clouds and automation techniques.

“Despite the clear prevalence of security incidents occurring in the cloud, enterprise cloud adoption is pressing on,” said Rajiv Gupta, McAfee senior vice president. “By implementing security measures that allow organisations to regain visibility and control of their data in the cloud, businesses can leverage the cloud to accelerate their business and improve the security of their data.”

You can read the full report here (registration required).

Singapore has overtaken Hong Kong to be the number one cloud-ready Asia Pacific nation, according to the latest report from the Asia Cloud Computing Association (ACCA).

The two regions have swapped places since the previous analysis two years ago, with New Zealand retaining bronze medal position, and Japan and Taiwan overtaking Australia. While the latter has slipped a couple of places in the rankings, ACCA said it was still a ‘strong regional contender’ which performed well in most areas but was ‘weighed down by its relatively poor cloud infrastructure.’

Singapore scored particularly strongly in broadband quality, cybersecurity, regulation and business sophistication while Hong Kong top scored in international connectivity and privacy. A study from SolarWinds published last week found cloud and hybrid IT was the most important technology and management tool for organisations in Hong Kong, albeit with plenty to do – 61% of respondents said their IT environment was not performing at its optimal level.

There was no change in the bottom half of the rankings compared with 2016, with Vietnam, China and India propping up the table.

China’s continued poor ranking comes amidst a series of improvements over recent years. According to IDC in February the country will – apart from Japan – be the biggest public cloud spender in the Asia Pacific region. The continued growth of Alibaba’s cloud operations, as this publication has frequently reported, was also apparent. The eCommerce giant was ranked third in public cloud IaaS by Gartner last year and announced plans for European expansion at this year’s Mobile World Congress.

The ACCA report noted China had made progress across ‘several parameters’, but had struggled in power sustainability and broadband quality, reflecting issues with the logistics in getting country-wide adoption. “The Chinese government continues to devote considerable fiscal resources to the development and improvement of infrastructure, a move that will undoubtedly pay off in the next few years,” the report explained.

For the region overall, the report sends a message of strengthened cloud capabilities, but with a caveat. “The fact that the eight highest ranking economies remain unchanged between the 2014 and 2018 [reports] suggests that the cloud divide may already be deeply entrenched,” ACCA said. “Without further intervention, this divide could widen despite the efforts being made by emerging markets to leverage the smart technologies that enable sustainable digital economies.”

You can read the full report here (pdf).

Keumars Afifi-Sabet

By enabling enterprises to scale security with user behaviour-based, contextual intelligence, next-gen access strategies are delivering Zero Trust Security (ZTS) enterprise-wide, enabling the fastest companies to keep growing strong.

Every digital business is facing a security paradox today created by their proliferating amount of applications, endpoints and infrastructure on the one hand and the need to scale enterprise security without reducing the quality of user experiences on the other. Businesses face a continual series of challenges to growth, the majority of which are scale-based. Scaling security takes a multidimensional approach that accurately interprets user behavior, risk and threat predictions, and assesses data use and access patterns.

How enterprises are solving the security paradox with next-gen access

Security defies simple, scale-based solutions because its processes are ingrained in many different systems across a company. Each of the many systems security relies on and protects have their cadence, speed, and scale. When a company is growing fast, core systems including accounting, CRM, finance, pricing, sales, services, supply chain and human resources become security-constrained. It’s common for companies experiencing high growth to choose expediency over security. 32% of enterprises are sacrificing security for expediency and business performance, leaving many areas of their core infrastructure unsecured according to the Verizon Mobile Security Index 2018 Report.

The hard reality for any growing business is the faster they grow; the more sophisticated and strong they need to become at security. Protecting intellectual property (IP), all data assets and eradicating threats assures uninterrupted, profitable growth. Adding new suppliers, sales teams, distribution partners and service centers can’t be slowed down by legacy-based approaches to user authentication and system access.  The challenge is the faster a business is growing, the slower its legacy approaches to security reacts, slowing down sales cycles, supplier qualifications, and pipelines.

Next-gen access solves the security paradox of fast-growing businesses, enabling Zero Trust Security (ZTS) enterprise-wide by solving the following major challenges of a high growth business:

Quit relying on brute-force multi-factor authentication (MFA) techniques that deliver mediocre user experiences and slow down productivity

Any company can still attain Zero Trust Security (ZTS) without reverting to brute-force approaches to MFA. Get away from the idea of having MFA challenges be for every user on every device they use to access every resource. Instead look to next-gen access (NGA) to quantify context, device, and behavioral patterns and derive risk scores for each user.

Begin to rely on next-gen access, risk-aware MFA, and risk scores to quantify trust and set the foundation of a Zero Trust Security (ZTS) enterprise-wide strategies

The goal is to keep growth going strong, uninterrupted by any security event or breach. Next-Gen Access (NGA) provides behavioral, contextual intelligence indexed as a risk score for each user, enabling more secure and efficient user experiences. NGA is built on a platform that includes identity as a service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM). They are also the essential components for creating and fine-tuning Zero Trust Security (ZTS) across fast-growing businesses. Taken together in a concerted strategy, ZTS delivers greater control and visibility over every resource in a company.

Identify potential security risks on a per-user basis to the device level and limiting access while asking for identity verification without impacting user experiences

NGA takes contextual and user intelligence into account when deciding which resources will be available to a given user based on their previous login and system use actions and behaviors quantified in their risk score. Machine learning algorithms are used to find patterns in user behavior that could signal a potential security risk. Based on the risk score, conditional access is provided or not. All of this is done in seconds and doesn’t impact the user experience.

Rely on more NGA that learns users' behavioural patterns over time and improves the user experience, scaling Zero Trust Security enterprise-wide

Solving the paradox of scaling security in fast-growing companies needs to start with a machine learning-based approach to finding and acting on user’s behavioral and contextual activity. As NGA “learns” how valid users interact with security, updating risk scores and performing identity verification, the quality of a user’s experience improves. In fast-growing companies adding new employees, partners, and suppliers, this is invaluable as every new user will generate a risk score. Quantifying trust using NGA, the foundation of any ZTS strategy makes fast, secure profitable growth possible.

The era of ZTS has arrived, and it is accentuating the importance of partnering with security providers who excel at offering next-gen access solutions

ZTS will continue to revolutionise every aspect of an organisation’s security strategy, enabling digital businesses to grow faster and more securely over time. Next-Gen Access solutions are the foundations enabling enterprises to scale ZTS strategies across their businesses. Key Next-Gen access providers enabling the era of ZTS include Palo Alto Networks for firewalls and Centrify for Access. Over the next 18 months, ZTS will redefine the cybersecurity landscape as digital businesses look to Next-Gen Access solutions to securely scale their companies and grow.

When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things’). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing? IoT is not about the devices, it’s about the data consumed and generated. The devices are tools, mechanisms, conduits.
In his session at Internet of Things at Cloud Expo | DXWorld Expo, Ed Featherston, VP, Principal Architect at Cloud Technology Partners, will discuss the considerations when dealing with the massive amount of information associated with these devices.

read more