McAfee is acquiring cloud security provider Skyhigh Networks with the aim of ‘establishing the leading company to provide the cybersecurity architecture of the future.’

Skyhigh, alongside other organisations such as Netskope, is in the ‘cloud access security broker’ (CASB) space, defined by Gartner as “on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed.”

In other words, CASBs are gatekeepers ensuring traffic between on-premises devices and cloud providers are compliant. Skyhigh secured a total of $106.5 million in funding across four rounds, with the most recent being a $40m series D. At the time, the company said it would use the money to ‘carry [itself] to productivity’.

Rajiv Gupta, Skyhigh CEO, will run McAfee’s new cloud business unit, with Skyhigh’s existing organisational structure remaining ‘generally intact’, McAfee said. The move can also be seen in the wake of McAfee’s structure; the company announced in April it was operating as a new standalone company, in the process closing the funding put in place by Intel, who purchased the security provider in 2011 and called it Intel Security for the past three years.

“Becoming part of McAfee is the ideal next step in realising Skyhigh Networks’ vision of not simply making the cloud secure, but making it the most secure environment for business,” said Gupta in a statement. “McAfee will provide global scale to further accelerate Skyhigh’s growth, with the combined company providing leading technologies and solutions across cloud and endpoint security – categories Skyhigh and McAfee respectively helped create, and the two architectural control points for enterprise security.”

Financial terms of the acquisition were not disclosed.

A research report from BMC Software argues organisations are struggling to manage multi-cloud environments – with four in five respondents saying current multi-cloud management approaches need rethinking.

The study, which polled 1,000 IT decision makers across 11 countries, found that drivers of multi-cloud strategies were less than clear. The most popular reason was cost optimisation, cited by 45% of respondents, with agility (44%) and mitigating risk (40%) also highly cited.

It may however not be as much of a surprise that the drivers were unclear if the definition of multi-cloud is unclear. Just over half (52%) of those polled agreed that the term multi-cloud ‘includes a combination of public and/or private clouds as well as on-premises solutions’. 23% of respondents said it must encompass all three.

Wait, you may be asking: isn’t that hybrid? More on that shortly. Yet the most worrying finding from the study is around costs; even though 45% of respondents said cost optimisation was the biggest driver in multi-cloud, 40% admitted they did not know how much their businesses were spending on cloud services.

“IT leaders must consider new ways to manage multi-cloud environments to ensure they are getting the expected benefits from public cloud in terms of cost savings, automated performance optimisation, and increased security and governance,” said Bill Berutti, BMC president of enterprise solutions.

The report goes on to note the different approaches organisations can take, with automation high on the list. Yet it may be worth taking a step back here.

Analysis

Let’s take an extremely basic definition of multi-cloud – in this instance “the use of two or more cloud computing services”. This often refers to a mix of public infrastructure as a service (IaaS) environments. For instance, organisations could use Amazon Web Services (AWS) for compute, and Microsoft Azure for storage. A looser definition could be utilising different cloud providers for different product sets. Security provider Symantec appears to have done this, using Azure to power its Norton anti-virus product suite, and AWS for many other workloads.

The other definition of multi-cloud is around avoiding vendor lock-in; something which, as TechTarget notes, drove many early strategies but is being slowly subsided, as previously mentioned, for organisations’ broader business or technical goals. Writing for this publication in August, Jay Chapel, CEO of ParkMyCloud, argued risk mitigation was not the most significant driver, while vendor lock-in could be mitigated in other instances. Chapel argued he sees customers using a multi-cloud strategy ‘to design and build applications in the clouds best suited for optimising their applications’. “You can then use this leverage to help prevent vendor lock-in,” he added.

In April, analyst firm 451 Research said that around half of AWS houses in Europe were also using Azure, and vice versa. More recent figures released by the company show more than two thirds (69%) of survey respondents were planning to have some type of multi-cloud environment by 2019.

The cloud providers themselves are of course more than aware of this – and in certain instances trying to get organisations to bridge the divide. Earlier this year Microsoft, whose aggressive strategy in cloud is unmistakeable, published a lengthy guide comparing AWS and Azure services. As Melanie Posey, 451 research vice president, told this publication at the time, while the guide notes the importance of multi-cloud for organisations in terms of greater choice and flexibility, the real aim is most likely to ‘translate’ AWS services into Azure, and showing organisations how to migrate from one to the other.

Another much more recent example, albeit not both in the public cloud, can be seen with Microsoft and VMware. Today saw the launch of Azure Migrate to all Azure customers, aimed at helping organisations migrate VMware-based applications to Azure, integrate them with Azure, and deploy VMware virtualisation on Azure hardware. VMware responded by saying it could not support customers who went down that route as the Microsoft service had neither been certified nor supported by the company. Indeed, VMware has an official partnership with AWS in place with the marketing touted at combining the ‘world’s leading’ private and public cloud providers respectively.

Whichever definition of multi-cloud you take and the reasons for taking it on, there are tangible benefits. But as ever, plenty of due diligence needs to take place to make sure your organisation gets a solution which both offers technological advantage as well as saves costs.

In its report, BMC offers five recommendations for organisations in successfully managing multi-cloud environments: gain increased visibility into cloud assets to get the complete picture; get a clear picture of cloud costs as not everything may need to be in the cloud; take a proactive stance to harden a broader attack surface and ensure compliance; rethink management approaches and simplify and automate as much as possible; and explore AI and machine learning, which has the potential to remove repetition out of the multi-cloud management process.

You can find out more about the report here (pdf).

Microsoft’s recent announcement and product update aimed at helping customers migrate from their VMware environments has, unsurprisingly, not gone down very well with the virtualisation giant.

On Monday, as announced in a blog post earlier this week, Microsoft will announce Azure Migrate, a free service, will become broadly available to all Azure customers. The key use case, and one which Corey Sanders, Azure director of compute, described as a frequent request, is moving on-premises VMware workloads to Azure.

“Many of you are looking to move to the cloud to help your business move faster,” wrote Sanders. “At the same time, we understand that it may not be possible to run your entire business in the cloud.

“The reality is, running your VMware virtualisation stack in the cloud does not address your hybrid requirements,” added Sanders. “For this, you need a broad set of hybrid services and solutions that provide not just connectivity and virtualisation, but true consistency across your cloud and on-premises environments.

“Azure is the only true hybrid cloud that enables consistency across application development, management, security, data, and identity.”

VMware responded to this by saying that as the Azure Migrate service has been neither certified or supported by the company, it could not recommend it for customers.

“Our experience has shown public cloud environments require significant joint engineering to run enterprise workloads,” wrote Ajay Patel, senior vice president product development cloud services at VMware. “Hence, we cannot endorse an unsupported and non-engineered solution that isn’t optimised for the VMware stack.

“VMware does not recommend and will not support customers running on the Azure announced partner offering,” Patel added.

Patel also wrote of the various initiatives VMware already has in place with cloud providers. The most prominent is VMware Cloud on AWS, announced at VMworld back in August. At the time, VMware CEO Pat Gelsinger said the move was “the ultimate hybrid solution.” Other partnerships include OVH and IBM.

One thing to note here: this may well be an interesting byplay to the AWS-heavy narrative at re:Invent next week.

It was ranked as the most cloud-ready area in the Asia Pacific region – and now one of the largest players in the industry is set to build a region there in 2018.

Google has announced that a new Google Cloud Platform (GCP) region will be opened in Hong Kong next year, making it the sixth GCP region in Asia Pacific alongside Singapore, Sydney, Taiwan, and Tokyo, as well as Mumbai, which went live earlier this month.

Including Hong Kong, the total now stands at 18 global locations and 53 zones either open or planned – the Iowa region has four zones instead of the standard three while Singapore and the planned work in the Netherlands currently stand at two.

“A solid cloud infrastructure is the foundation for building a smart city and helping businesses succeed in the digital economy,” said Nicholas W Yang, secretary for innovation and technology at HKSAR Government in a statement. “We are glad that Google is launching the Hong Kong cloud region, a recognition of Hong Kong’s edge and strengths as a data hub.

“This means businesses in Hong Kong, whether big or small, can leverage the latest, well-established technology infrastructure to expand and succeed in the region and globally.”

Last year, the Asia Cloud Computing Association noted Hong Kong as the most mature Asia Pacific cloud nation, overtaking long-time leader Japan. The report gave the country top marks across the board, with particularly high praise on international connectivity, broadband quality and privacy.

“Under the strong industry leadership of the Office of the Government CIO, Hong Kong is continuing its tradition of robust future planning and a strong tech industry by focusing on ensuring Hong Kong’s infrastructure is primed for fast, reliable and secure cloud offerings targeting the entire region,” the report noted.

You can read more about the GCP Hong Kong region by visiting here.

It may be holiday season in the US – but two companies who probably won’t be on the same Thanksgiving table are Amazon Web Services (AWS) and Microsoft. The two largest public cloud providers appear to have crossed paths again, this time over security giant Symantec.

Late last night, AWS issued a missive announcing that Symantec has chosen the Seattle firm as its ‘strategic infrastructure provider for the vast majority of its cloud workloads’.

According to the press materials, Symantec has “transformed legacy applications into cloud-based solutions, and built innovative, cloud-native, as well as hybrid offerings” through AWS, adding its relationship was long-term and ‘bi-directional’. Symantec built a data lake on AWS collecting tens of terabytes of data each day from 175 million endpoints and more than 57 million attack sensors.

“Symantec is committed to protecting the cloud generation through our leading security products, as well as leveraging the cloud to deliver our services,” said Raj Patel, Symantec VP cloud platform engineering in a statement. “AWS’s experience serving some of the most risk-sensitive enterprise customers was an important part of the decision to choose AWS as we execute on our enterprise Integrated Cyber Defence strategy.”

This is all well and good, yet just over a month previously Microsoft issued a release titled ‘Symantec powers consumer security with the Microsoft Cloud’, positing that Symantec was “using the Microsoft Azure cloud to help deliver its Norton consumers products to a global community of more than 50 million people and families.”

A rift? Perhaps not. It may not be multi-cloud in the strictest interpretation, but using different cloud providers for different parts in organisations is not uncommon. Take General Electric (GE) as an example. In 2015, the company moved 300,000 of its employees to Office 365. Last month, GE chose AWS as its preferred cloud provider, according to an Amazon announcement, ‘[continuing] to migrate thousands of core applications’, while starting next week customers and developers using GE’s IIoT platform Predix will be able to build industrial apps on Azure.

One other slightly confusing aspect of this AWS announcement revolves around the timing. With AWS re:Invent due to kick off next week, expect a plethora of customer wins, product updates, and perhaps the occasional competitor smackdown. Last year, for instance, saw shipping carrier Matson go all-in, and Workday confirm it was using AWS as its preferred public cloud supplier.

Google has announced a price reduction for GPUs attached to on-demand Google Compute Engine virtual machines by up to 36%.

For US regions – Oregon and South Carolina – NVIDIA’s Tesla P100 GPU attached to a VM will cost $1.46 per hour, while the K80 GPU will set users back $0.45 per hour. The P100 and K80 GPUs are also available in Belgium and Taiwan

The company added that organisations such as Shazam and oilfield services provider Schlumberger were among those taking advantage of GPUs to ‘innovate, accelerate and save money.’ Companies can utilise GPUs from Google in various ways; hardware is passed through directly to the virtual machine to focus on bare metal performance, while faster disk performance can be achieved through attaching up to 3TB of Local SSD to any GPU-enabled virtual machine.

Alongside this, Google added it was lowering the price of preemptible Local SSDs by almost 40% compared to on-demand Local SSDs – equating to $0.048 per GB-month in the US.

Google’s focus on making GPUs more affordable is good news for customers, but it’s even better news for NVIDIA. Earlier this month, the company put out a statement saying that every major cloud provider has put out cloud services based on its product. Alongside this, NVIDIA’s most recent financial results found record revenues of $2.64 billion, up 32% from this time the previous year.

“We hope that the price reduction on NVIDIA Tesla GPUs and preemptible Local SSDs unlocks new opportunities and helps you solve more interesting business, engineering and scientific problems,” wrote Chris Kleban, Google product manager in a blog post.

Meg Whitman is to step down as CEO of Hewlett Packard Enterprise (HPE), bringing down the curtain on a six-year tenure and overseeing one of the largest corporate breakups of recent years.

Whitman had in July stepped down as chairwoman of HP’s board of directors, remaining chief executive of HPE, and had previously faced speculation about her role as the chief executive’s seat at Uber dramatically became available earlier this year.

Whitman’s replacement will be HPE president Antonio Neri, a 22-year HP veteran who will take over in February. “I said for many years that the next leader of HPE should come from within the company and Antonio Neri is exactly the type of leader I had in mind,” Whitman told analysts, as transcribed by Seeking Alpha, adding the board of directors had approved the new boss. “He is a computer engineer by training, has a deep technology background and is passionate about our customers, partners, employees and culture.”

The news of Whitman’s departure inevitably pushed HPE’s fourth quarter results somewhat into the shade. The company posted Q417 combined net revenue of $7.8 billion, up 5% from the previous year, while full year 2017 revenue was at $28.9bn, down from $30.3bn for FY16.

Yet it may be apt here to assess the various initiatives Whitman has put into place to attempt to turn around HP.

First announced three years ago, Hewlett Packard split into two companies in November 2015; HP Inc, which would focus on printers, PCs, and more on the consumer side, while HPE would be more attuned to the B2B side of data centres, networking, and servers. Whitman told analysts yesterday that the move was “exactly the right decision because it allowed both companies to optimise for strength and invest in core strategies.”

Last year, HPE announced it would merge its enterprise services division with CSC to create a new company, DXC Technology – a move that was finalised in April this year – as well as spinning off its application software business with Micro Focus. On the acquisitions side, HPE has bought networking firm Aruba, hyperconverged infrastructure provider Simplivity, and most recently Cloud Technology Partners to bolster its cloud consulting presence and hybrid IT capabilities.

Analysts continue to position the company at the sharp end of proceedings for cloud infrastructure equipment – a report from Synergy Research in March saw HPE in a three-way tie alongside Cisco and Dell-EMC.

In terms of the company’s position, Whitman said she was proud that HPE was exiting the year with almost $6 billion in net cash as well as ‘reigniting innovation and delivering groundbreaking new technology solutions’. Key to this is ‘The Machine’, a huge single-memory computer which aims to be ‘built for the big data era’ and with a prototype containing 160 terabytes of memory.

This continues to be a key part of HPE’s narrative; a news advisory piece issued by the company last week described the release of high-density compute and storage solutions focused on high performance computing (HPC) and artificial intelligence applications.  “Today, HPE is augmenting its proven supercomputing and large commercial HPC and AI capabilities with new high-density compute and storage solutions to accelerate market adoption by enabling organisations of all sizes to address challenges in HPC, big data, object storage and AI with more choice and flexibility,” said Bill Mannel, HPE VP and general manager of HPC and AI segment solutions.

If you’re starting a small business, then you’re probably going to be utilising cloud technologies, for cost saving if nothing else. But without security, your ambitions could be over before they have begun.

A new whitepaper from the Cloud Security Alliance (CSA) aims to help software as a service startups build solid security foundations early into the product development cycle and gain customer trust in the process.

The key for startups, according to the paper, is to plan their security posture according to the progress they make in funding and product development. In the inception phase – when money is tight – startups need to focus on laying building blocks for potential security need. When the first paying customers arrive, the strategy should accelerate, and then when the company has a solid presence, a more mature security posture needs to come through.

There are various tips throughout the paper. For a start, the CSA recommends organisations be transparent about their security. “Offering your clients some useful security insights regarding the best ways to integrate your service into the client’s environment may position you as a trusted advisor,” the report notes. “This proactive approach may help you earn your client’s appreciation when they go to evaluate your company’s security risks.”

Another key is for organisations to understand the shared responsibility model – a bugbear this publication has frequently noted – as well as considering deploying to more than one region in its cloud provider platform to increase resilience to region-level failures.

“In today’s risk environment, young startups find themselves challenged on how to best align security with current and future business growth,” said John Yeoh, research director at CSA in a statement. “In creating this paper, we hope that startups, regardless of industry or geography, will find it a valuable tool in understanding, addressing and applying trusted and best practices for creating a secure computing environment.”

You can find out more about the report here (registration required).

Want to know a secret? Amazon Web Services (AWS) is beefing up its government capability by announcing the AWS Secret Region, which can operate workloads up to the highest level of security classification.

The move, claims AWS, makes it the only commercial cloud provider to offer regions serving workloads across the full range of data classifications, from ‘unclassified’, to ‘sensitive’, to ‘secret’, and then finally to ‘top secret’.

John Edwards, Central Intelligence Agency (CIA) CIO, said that the Secret region is a ‘key component of the Intel Community’s multi-fabric cloud strategy’, while Teresa Carlson, vice president for AWS worldwide public sector, added it was an ‘important milestone’.

“The U.S. Intelligence Community can now execute their missions with a common set of tools, a constant flow of the latest technology and the flexibility to rapidly scale with the mission,” said Carlson.

The region will complement the work Amazon already does with the CIA. Regular readers of this publication will remember the protracted legal action between AWS and IBM in 2013 with the final decision going to AWS in October of that year. Speaking at an industry event in early 2015 Doug Wolfe, the then-CIO at the CIA, confirmed AWS’ cloud had attained “final operational capability”, and praised the company for getting the project up and running in less than 18 months.

“Ultimately, this capability allows more agency collaboration, helps get critical information to decision makers faster, and enables an increase in our nation’s security,” added Carlson.

Last month, Microsoft announced the launch of new Azure government capabilities for classified mission-critical workloads, called Azure Government Secret. “Azure Government is the mission-critical cloud, providing more than 7,000 federal, state, and local customers the exclusivity, highest compliance and security, hybrid flexibility, and commercial-grade innovation they need to better meet citizen expectations,” wrote Tom Keane, Microsoft Azure head of global infrastructure.

With AWS re:Invent just around the corner, another piece of research which affirms Amazon’s top position in the cloud infrastructure biz; IHS Markit says the company secured more than a quarter of total infrastructure as a service (IaaS) revenue in the first half of 2017.

Total revenues for what IHS defines as off-premises cloud services – IaaS, PaaS, SaaS and the curious ‘cloud as a service’ (CaaS) – grew 26% year over year to total $72 billion (£54.4bn), while IBM took first place for SaaS revenue, grabbing 19% of the market. By 2021, this number is forecast to hit $343 billion, at a CAGR of 22%.

In terms of trends fuelling cloud providers’ strategies, IHS argues CSPs are ‘continually looking for ways to innovate by integrating machine learning and artificial intelligence techniques into their services.’ Alongside this, container technologies were cited – as was the importance of partnerships in what can be considered a relatively mature ecosystem.

“The competitive landscape has changed as off-premises cloud service providers establish strong relationships with key companies that have large enterprise customer bases,” wrote Cliff Grossner and Devan Adams, IHS Markit analysts. “Providers cannot depend on mergers and acquisitions as their sole paths to growth.”

Key partnerships cited include IBM and VMware’s deals, as well as the move by Google, Pivotal and VMware to launch Pivotal Container Services (PKS), enabling enterprises and service providers to use Kubernetes on VMware vSphere and Google Cloud Platform. On the acquisition side, Rackspace’s buy of Datapipe was cited – officially completed last week – as was Digital Realty’s merger with DuPont Fabros in the data centre realm.

AWS re:Invent, taking place from November 27 to December 1, will see a litany of news from the major players, the partners and the hangers-on. As for the company itself, the most recent financial analysis from Synergy Research argued the major players were all progressing as usual, with AWS ‘in a league of its own’ and Microsoft the best of the rest, ahead of Google and Alibaba. Amazon posted total revenue across all segments of $43.74bn for its most recent quarter, with AWS contributing just over 10% of that figure at $4.58bn.

This all dovetails with a recent two-part opinion article from Robert X. Cringely, the first of which detailing how cloud computing has reached its tipping point, and the second opining on how Amazon will become the new Microsoft – or rather, the old, pre-Satya Nadella walled garden Microsoft.

You can find out more about the IHS Markit report here (subscription required).