(c)iStock.com/BlackJack3D

The debate over whether the end user or the cloud service provider (CSP) should be responsible for data security has been reopened after new research from Armor and Ponemon Institute proved inconclusive.

The survey, which quizzed 990 US and UK-based CIOs, CISOs and directors of IT operations, found almost a third (31%) expect their cloud provider to keep SaaS applications secure, while 20% believe the customers are more responsible and only 16% argue it is a shared responsibility.

While 15% of organisations polled believe the IT security team should be most accountable for securing SaaS applications, 60% admit IT security is rarely or never involved when it comes to evaluating cloud services.

Not surprisingly, 79% of respondents say security is important always or most of the time, while three quarters (74%) see similarly with regards to compliance. Yet only a third (33%) of respondents express confidence in meeting security objectives in the cloud.

So is this issue related to the lack of consensus over cloud security responsibility? Dr. Larry Ponemon, founder of Ponemon Institute, believes so. “The fact there’s so much confusion about how to properly secure and understand compliance mandates isn’t surprising considering most organisations today still aren’t sure who – internally – should be managing security for the cloud,” he said.

“It’s my hope that organisations will review this report and look in the mirror to see if they’re part of this group that is still allowing for so much confusion when it comes to secure cloud implementations,” he added.

The imbroglio between cloud providers and their customers has been covered in this publication before, most notably research from iland which argued vendors did not give customers as much support as possible. A quarter (26%) of respondents said the onboarding process took too long, 21% said the onboarding lacked a human aspect, while 18% had bill shock over their support costs.

Elsewhere, more than half (56%) of respondents say the ability to save money is by far the primary reason to use cloud resources.

(c)iStock.com/Erik Khalitov

The majority of organisations surveyed by IDG and Globalscape argue compliance, reliability at scale and tracking file movement were key reasons to keep data on-premise.

82% of firms cite confidence in meeting compliance mandates as a benefit of using an on-premises enterprise file transfer solution, with 37% viewing it as critical. Reliability at scale was also seen as critical by 35% of respondents, alongside the ability to track file movement (29%) and the ability to integrate the solution into existing processes to enable automation (22%).

More than half (53%) of respondents see an on-premises managed file transfer solution as either extremely or very valuable, while a further 35% saw it as at least somewhat valuable.

45% value the ability to securely trade sensitive data as critical, compared to 41% who see it as very important. Interestingly the numbers were relatively even when it came to organisations’ interest in cloud-based file transfer solutions. 45% said they did allow users to store or transfer sensitive data in the cloud, compared to 43% who refuse it. The remainder said they plan to implement it over the next 12 months.

Yet less than one third (31%) of organisations say they have extensive measures in place to protect sensitive data transferred or stored in the cloud. The majority (62%) say the data is protected to some extent, while the remaining 7% admit there is no protection.

14% of organisations within highly regulated industries, such as government, finance or retail, are significantly more likely to allow or plan to allow the use of a cloud-based file transfer solution within the next 12 months. 45% of organisations report that they currently allow employees to store or transfer sensitive data in a cloud-based application.

The overall consensus from the survey results was that organisations value the core benefits gained from a managed file transfer solution, but the decision to choose between on-prem, cloud-based or a hybrid solution is largely influenced by business needs.

 “Handling sensitive data while trying to facilitate compliance and maintain security is a top priority for many organisations,” the report notes. “However, managed file transfer solutions are not all of nothing. Every organisation that manages sensitive data faces the same concern; keeping their data safe.

“On-premises deployment models are appealing because of the added confidence in the security and compliance they have because they live in-house, while hybrid solutions can offer the best of both worlds; the flexibility of the cloud, along with the confidence of security and compliance of an on-premises deployment,” the report adds.

(c)iStock.com/KIVILCIM PINAR

Digital giant Adobe and cloud storage provider Dropbox have announced a partnership for more seamless document handling and editing in a variety of locations.

According to Dropbox, there are more than 18 billion PDF files in the storage provider’s repository, being one of the most common business file types in Dropbox. The new partnership enables easier collaboration facilities with Adobe files, including viewing additional actions on PDF files stored in Dropbox Basic, Pro, and Dropbox for Business accounts, as well as edit PDFs via Dropbox through Acrobat DC on desktop or Reader elsewhere.

As a result, it seemed the partnership was a no-brainer from Dropbox’s perspective. “Ultimately, we want you to be able to work with any kind of file easily, from viewing to editing to sharing,” a company blog post reads. “Our collaboration with Adobe, the inventor of the PDF, is the next step in this process.”

“The requirements of our customers have constantly evolved over time; today, mobile has become the rule and people expect to complete work quickly and simply wherever and whenever they need,” added Kevin M. Lynch, SVP and general manager of Adobe Document Cloud. “Our work with Dropbox, as our first file sync and share partner, will help Adobe Document Cloud customers and people around the world be more productive with the documents at the centre of their daily lives.”

This move again highlights the necessity for the cloud storage provider in shaping its operations around the enterprise market. In November last year, Dropbox announced a partnership with Microsoft to entail closer collaboration with Office 365. Figures released by the company in June revealed there were more than eight million Dropbox business customers, compared to their overall total of 400 million.

(c)iStock.com/AzmanL

The DevOps movement is gaining ground in the UK with spending topping £1 million for one in three UK organisations, according to latest research published by Delphix.

More than three quarters (77%) of organisations surveyed said they had introduced dedicated budgets and support teams for DevOps. Companies have on average introduced seven DevOps initiatives over the past 24 months, with this figure expected to rise to nine in the next two years.

The influences for DevOps are evident. Two thirds (66%) of teams say they need to deliver software faster, while almost half (49%) say the volume of applications that businesses support is increasing and code is being released more frequently.

Almost three in five (59%) of those polled say DevOps is somewhat to strongly defined – yet the responsibility of who controls DevOps initiatives is still up in the air, with 28% opting for the development side, 22% the operations side and the remaining 50% saying both combined.

The first part of the report’s results, released back in August, showed similar disparity. The most popular definition for DevOps was “developers and system administrators collaborating to ease the transition between development and production” (84%), compared to 69% opting for “using infrastructure automation to facilitate self-service provisioning of infrastructure by development teams.”

Even if the definition is not quite there, organisations are increasingly turning to DevOps to identify defects before they get into production. More than half (56%) of businesses identify issues either once the application has been deployed to production, or during QA and validation, which takes on average five days to resolve.

Yet 46% of teams admit they experience delays waiting for testing and development data environments. The result is that teams are often working against data security constraints, with four in 10 respondents admitting developers and QA personnel are given unaudited access to production data.

“The pace at which companies need to securely deliver and update applications has increased drastically over the last few years,” said Iain Chidgey, VP international sales at Delphix. “Traditionally, IT could update applications once or twice a year, but today expectations are much higher, with releases being pushed out weekly, daily or even hourly.”

You can find more about the 2015 State of DevOps report here.

(c)iStock.com/SorenP

A study by the Swedish government has pushed for a 97% reduction in electricity taxation for data centres in the Scandinavian country by January 2017.

The study, which has been sent to the country’s Ministry of Finance, proposes a 0.005 krona, or USD 0.0006/kWh, pricing for data centres in Sweden as well as a 97% tax cut for data centres and data service providers.

Industries such as manufacturing already enjoy tax breaks on its power and electricity requirements, which the report asserts should extend to the data centre industry. Anne Graf, investment and development director of Swedish data centre hub The Node Pole, is optimistic about potential change.

“It’s been a discussion going on in Sweden for a while, [the government] commissioned this study and the proposal is here now,” she tells CloudTech. “We’re very pleased with what they’ve suggested, which is basically just treating data centres the same way as other industries,” she adds. “It’s also a statement that Sweden is interested in this industry and wants to be a part of it growing, which is great as well.”

The report, the subject area of which has already been examined by Denmark, Finland and Norway, has been in the works since 2014 and has passed through two different governments in opposing political parties.

The submitted study will be examined by the finance ministry before moving into public consultation. Following that, the legislative process will kick in, and Graf estimates the process to take approximately six months. She notes the political ramifications give cause for more optimism.

“We have reason to believe that all parties are for this change,” she explains. “I don’t think this is particularly controversial because it’s not about treating data centres differently in any way; it’s actually about treating them the same way as we treat other industries.”

Companies already utilising the Node Pole include renewable energy firm Hydro 66, bitcoin technology provider KnC Miner, and most famously Facebook, where it all began for Lulea and whose warehouse is claimed to be the most energy efficient computing facility ever built.

The social giant is well on the way to building a second data centre, with eight having been built overall in the past four years. Graf notes: “Facebook’s investment was confirmation for us that we were right in thinking this was a great place for data centres. Their investment was kind of the go-ahead for us to do this in a more public way.

“Facebook has been hugely important not only for the Node Pole but also for the region, both in terms of jobs created and bringing this industry to the attention of Sweden,” she adds.

Regular readers of this publication will note a trend by larger vendors to build data centres closer to their customer base – IBM SoftLayer launched its first Italian cloud data centre in Cornaredo back in June. Despite this, in October research from Synergy found the US (44%) and China (10%) overwhelmingly the most popular global data centre locations.

Graf argues the opportunities the Nordics brings, such as natural energy and lower costs – Hydro 66 claims they can do colocation at half the cost compared to if they were in London – is a good compromise for a few milliseconds of latency.

“I think as both technology advances and the cost of connectivity has gone down massively over the last couple of years, it makes much more sense to move the data to where the power is produced,” she explains. “I think the trend will definitely go towards looking at more efficient solutions, both when it comes to costs and environment, and I think the Nordics is important in that sense.”

Key to that going forward, Graf hopes, is pushing through lower tax legislation in line with other industries. “We’re very happy with how this has developed, but we think that this energy tax message will hopefully mean that more of the really big players will start looking at the Nordics again,” she adds.

(c)iStock.com/ictor

Tech giants Dell and EMC have announced a definitive agreement worth $67 billion (£43.7bn) which claims to “bring together the industry’s leading innovators in digital transformation, software-defined data centre, hybrid cloud, converged infrastructure, mobile and security.”

Under the terms of the agreement, which will according to the two companies create “the world’s largest privately-controlled, integrated technology company,” EMC stockholders will receive approximately $33.15 per share. Dell also confirmed VMware will remain an independent, publicly traded company.

Michael Dell, CEO of Dell, said: “The combination of Dell and EMC creates an enterprise solutions powerhouse bringing our customers industry leading innovation across their entire technology environment.

“Our investments in R&D and innovation along with our privately-controlled structure will give us unmatched scale, strength and flexibility, deepening our relationships with customers of all sizes. I am incredible excited to partner with the EMC, VMware, Pivotal, VCE, ERS and Virtustream teams and am personally committed to the success of our new company, our customers and partners,” he added.

Joe Tucci, EMC CEO, added: “The waves of change we now see in our industry are unprecedented and, to navigate this change, we must create a new company for a new era. I truly believe that the combination of EMC and Dell will prove to be a winning combination for our customers, employees, partners and shareholders.”

Reaction to the news was mixed. Elliott Management, a large stockholder of EMC, said in a statement it “strongly supports” the deal. “This landmark transaction will create a powerhouse with leading franchises across enterprise IT,” they said. Others were less charitable. Writing for WIRED, Cade Metz described Dell and EMC, along with HP, Cisco, IBM and Oracle, as “the walking dead”, as cloud services and open source moves ever closer to gobbling up legacy software and hardware.

A year ago, EMC announced a raft of merger and acquisition activity, buying open cloud provider Cloudscaling for a figure south of $50 million before buying out all but 10% of Cisco’s stake in data centre firm VCE. EMC pre-announced its third quarter earnings and sales alongside the acquisition news, with adjusted earnings per share and revenue at 43 cents and $6.05bn to $6.08bn, below the FactSet consensus of 48 cents and $6.24bn respectively.

(c)iStock.com/abbeth77

Cloud computing has been cited by CIOs as one of the biggest contributors to IT complexity, according to a report released this week by Trustmarque.

Two thirds (66%) of survey respondents claim cloud is a primary reason for IT complexity, ahead of legacy technology (51%) and software licensing (51%). Almost three quarters (71%) said it was increasingly difficult to understand the right technology to use, while 61% agreed that finding the right solution to their business need was becoming more complicated.

Not surprisingly, 79% of those polled said that simplifying IT was a priority for their organisation. Breaking those numbers down, 36% said the biggest priority was ‘simplifying the management of shadow IT and business-led IT spend’, while 34% argued it was ‘simplifying the user experience through deploying new digital technologies’. Equally unsurprisingly, 87% of CIOs noted keeping ahead of security threats was a challenge.

An even higher number of CIOs (89%) argued that simplifying legacy IT whilst driving innovation remains a challenge. The topic of keeping on top of the competition while transforming enterprise IT was covered in depth at the IP EXPO event earlier this week. Antonio Piraino, CTO at ScienceLogic, put part of the blame at the CIO for hybrid IT issues; problems included the CIO being hesitant, a shift in complexity, and not identifying cloud appropriate workloads.

One of the key tenets of Piraino’s talk – that transforming to cloud is as significant a change as moving from the mainframe to client/server – was emphasised by James Butler, Trustmarque CTO. “The challenge of transforming traditional IT estates and organisations to this new platform is as significant as from mainframes to PCs, or the adoption of the Internet,” he said.

“This transition from the internet-enabled business to the digital one is a huge increase in complexity for IT departments designed for business as usual technical operations, while traditional models of integration, licensing and management that were not designed for cloud are exacerbating the problem,” Butler added.

The issue of software licensing and restrictive models is being taken up by the Campaign for Clear Licensing (CCL), which has examined the practices of Oracle, SAP, and IBM thus far.

(c)iStock.com/Erikona

The term ‘enterprise transformation’ is frequently heard, relating to organisational change and moving away from legacy technologies. Accenture defines it as a “fundamental shift [of] strategy, in response to major disruptions through a complete, business-driven remodelling of how a company structures itself.” But how far down the company does change go?

Antonion Piraino, chief technology officer at IT management software provider ScienceLogic, argues organisations need to assess the effects of bimodal IT at an operational level as well as at the application layer.

Speaking at IP EXPO, Piraino explained the consequences of bimodal IT – the idea that organisations need two speeds of IT, one for reliability and the other for agility. “Your people now start to go down two different paths; [one] orderly, traditional IT, maintenance on a day to day basis, and [then] you have these new sprinting, DevOps-type people developing new applications, trying things all the time,” he said. “Your processes change dramatically now.”

It affects the platform level, with the move towards a Docker-esque containerising of applications going against the traditional ‘building blocks’ approach and using lifecycle management technologies. But it also affects operations in a variety of ways. How do you decide which apps to move where? Which heritage apps require refactoring to make them cloud ready? Is there a danger of reinvigorating the previous siloed approach? “There’s a huge impact on your operations teams as well – you create a Chinese wall between them,” explained Piraino.

Recent statistics from the Cloud Industry Forum show how entrenched companies still are. 86% of organisations polled expect in 2016 to still own and operate the majority of workloads inside their own data centres. 78% still run their own IT operations. 60% still run Windows Server 2003.

Piraino identifies four problems when companies assess a move to hybrid IT: CIOs being hesitant and lacking confidence in understanding workloads; a shift in complexity from on-premise to cloud; struggling to identify cloud appropriate workloads, and fearing a lack of visibility before, during, and after a move to hybrid.

Problems with #hybrid IT: CIOs hesitating; shift in complexity; not identifying #cloud appropriate workloads; lack of visibility #IPEXPO

— CloudTech (@cloud_comp_news) October 7, 2015

Ultimately, Piraino advocates a federated cloud environment for enterprise transformation to ensure greater visibility and cost effectiveness. “The biggest cost in all of your businesses today is manual labour,” he explained. “You can go down the track of deploying open source technologies to your hearts’ content, but at the end of the day it is not going to overcome the fact that your labour costs are going to be high.

“Reducing that complexity and reducing that labour cost is critical – bringing back time and money to your organisation, and ultimately having a single management capability.

“You are going to hear more and more about bimodal IT, and you are going to have to think about it in the long run. Know it’s measured risk if you do so,” Piraino added.

(c)iStock.com/malerapaso

Two thirds of respondents in a survey from Dimensional Research and Cloud Cruiser say they find it challenging to track cloud consumption for cost allocations.

The research, which quizzed IT professionals who attended the AWS Global Summit events in San Francisco and New York in April and July this year, found almost four in five (79%) are pursuing a hybrid cloud strategy. Almost a third (30%) of respondents saying they will grow cloud services by more than half in the coming year, compared to 23% who said their company’s use of public cloud will increase by 25-50%. Only 9% said there would be no increase.

Of most interest is how organisations deploy hybrid clouds. At least 30% of respondents said they will complement their AWS cloud with another cloud. 31% said they planned on using an internal private cloud in addition to AWS, compared with 30% who opted for Microsoft. 27% said they did not plan on using any other cloud environments, while after Google (19%), the rest of the competition – Rackspace 9%, IBM SoftLayer 7%, Cisco 6% – lagged.

The majority of AWS usage is for software development and testing, cited by over 45% of respondents. Use for enterprise applications was cited by 35%, while more than one in five said they used AWS as a sandbox for testing other public cloud offerings.

Yet this balancing act comes at a cost. 61% of respondents admitted it would be of ‘high value’ to set alerts when public cloud consumption exceeded target, compared to only 2% of companies who said it would be of no value. In terms of cloud cost tracking, by application was the most popular according to two thirds of respondents, ahead of by project, by user, by department, and by VM.

In this instance it’s not so much a case of hidden costs, more of cutting them as necessary. “These findings tell us what we hear from our customers every day; budget tracking and forecasting is extremely difficult when you simply don’t know who is using what service, at what capacity level, much less the financial impact,” said Deirdre Mahon, Cloud Cruiser chief marketing officer.

“Making investments in the right solutions is critical even during the early stages of cloud adoption. Measure from the beginning and it will pay dividends when your bill comes in month after month,” she added.

At this point, you will be less than surprised to learn, Cloud Cruiser aligned this survey research with the release of a new product offering which tracks hybrid cloud usage by user and by cost, called CloudSmart-Now. Yet this is not an uncommon theory; regular readers of this publication will recall Springs.io in July, claimed to be the UK’s first pure-play container cloud service and offers billing based on actual usage rather than provisioned capacity.

(c)iStock.com/serg3d

Google has unveiled a new data centre with three new zones in the US east coast region, adding South Carolina to Iowa, Belgium and Taiwan as its primary data centre locations.

The expansion move comes two weeks after Microsoft cloud platform marketing general manager Mike Schutz decried Google and Amazon Web Services (AWS) for having, at the time, 12 regions combined compared with Microsoft’s 19.

“This will open up our services to customers that were waiting on a US East Coast presence,” Jay Judkowitz, Google Cloud Platform senior product manager wrote in a blog post, adding: “Besides lowering latency to those on the US East Coast, the addition of the South Carolina location gives customers across North America the capability to build multi-region disaster recovery plans for their applications running on Google Cloud Platform.”

While this often comes down to a question of semantics, Google now has 13 available zones across four regions. AWS has four North American regions, with US East, in North Virginia, open since 2006, alongside four Asia Pacific regions, two European regions and one in South America. The most recent of these was the opening of the second European region, in Frankfurt.

The move correlates with a recent study put forward by Synergy Research on data centre location, which argued the US and China would remain the major hubs for data centres from the primary public cloud providers such as Microsoft, Google, and AWS. “While the hyperscale cloud operators continue to invest huge amount  in their data centre footprints and to expand their geographic scope, there is no doubt that the US and China will continue to be the lead countries for locating major data centres,” said John Dinsdale, a Synergy chief analyst.

You can find out more about Google’s US East Coast data centre region here.