(c)iStock.com/JasonDoiy

A federal court has ruled that the US government cannot force Microsoft to hand over data stored in other countries, overturning an original decision from a magistrate judge in 2014 and giving a shot in the arm for cloud security and data sovereignty.

The key asset in the case was data located in Microsoft’s data centre in Dublin, after the US Department of Justice had wanted to access an email server. The previous ruling argued that while Microsoft’s position over giving federal access to servers outside the US was ‘not inconsistent’ with statutory language, it was ‘undermined’ by the structure of the Stored Communications Act (SCA).

At the time of the original ruling, Microsoft deputy general counsel David Howard accepted the timeframes of having to go first through a magistrate judge, before a US district court judge and then eventually to the federal court of appeals. And as the 43-page ruling (viewable here) filed yesterday concludes: “Congress did not intend the SCA’s warrant provisions to apply extraterritorially.

“The SCA warrant in this case may not lawfully be used to compel Microsoft to product to the government the contents of a customer’s email account stored exclusively in Ireland,” it adds. “We therefore reverse the District Court’s denial of Microsoft’s motion to quash; we vacate its order holding Microsoft in civil contempt of court; and we remand this cause to the District Court with instructions to quash the warrant insofar as it demands user content stored outside of the United States.”

Understandably, Microsoft welcomed the decision. “Since the day we filed this case, we’ve underscored our belief that technology needs to advance, but timeless values need to endure,” wrote Brad Smith, Microsoft president and chief legal officer in a statement.

“Privacy and the proper rule of law stand among these timeless values,” Smith added. “We hear from customers around the world that they want the traditional privacy protections they’ve enjoyed for information stored on paper to remain in place as data moves to the cloud. Today’s decision helps ensure this result.”

According to the BBC, the US Department of Justice was “disappointed” by the decision. If the federal department appeals, the case could still yet go to the US Supreme Court. For Microsoft, however, the position was clear going forward. “Today’s decision means it is even more important for Congress and the executive branch to come together and modernise the law,” wrote Smith.

“We’re confident that the technology sector will continue to roll up its sleeves to work with people in government in a constructive way. We hope that today’s decision will bring an impetus for faster government action so that both privacy and law enforcement needs can advance in a manner that respects people’s rights and laws around the world.”

(c)iStock.com/franckreporter

The concept of infrastructure as code (IaC), where computing infrastructure is managed and configured by automation rather than through manual processing, has been around for a while. Mark Burgess’ work on CFEngine, an open source configuration management system dating back to 1993, laid the groundwork, while DevOps.com introduced its readers to the concept back in May 2014. But what does the landscape look like in 2016?

Kief Morris (left) is cloud practice lead at ThoughtWorks, and author of Infrastructure as Code (the opening extract you can exclusively read here). The book discusses the different approaches of IaC, examples of dynamic infrastructure platforms, going on to detail patterns for provisioning servers. The book has taken Morris two years to write, and in the introduction, he outlines the need for IT teams and developers to move away from the traditional fire-fighting culture to continuous improvement.

“I have been discovering, refining, and using the ideas of infrastructure as code shared by people in the DevOps movement for years,” Morris tells CloudTech. “In working with ThoughtWorks clients, I’ve found that although most people are using technologies and tools like cloud and automated configuration, many teams haven’t worked out how to fully take advantage of the tools. So I thought it would be useful to pull these ideas together into a book.”

Key to these ideas is changing working models while keeping things running smoothly. “Teams need to be empowered to own their services and applications from end to end,” explains Morris. “But teams that provide supporting services to other teams in their organisation need to engage closely with their users to make sure they’re building the right thing, while not making themselves a bottleneck for routine operations.”

Morris notes in the introduction to Infrastructure as Code that the movement is a ‘cornerstone’ of DevOps, and represents the ‘automation’ part of CAMS (culture, automation, measurement and sharing). DevOps as a whole is a skillset which research firms continually claim is vital to have – so what do organisations need to know about DevOps trends going forward?

“I believe a few shifts still need to happen,” says Morris. “One is a move from the split between ‘build’ and ‘run’, [but] this doesn’t mean every application team should build and run its own infrastructure.

“Cloud creates a clean model for teams to manage the way they use infrastructure provided by other teams, and other companies, and this empowers teams to have full ownership of their applications from concept to production,” he adds.

An increasingly important part of the conversation is through containerisation platforms, with Docker assuming the position of court favourite. A Diginomica article from July 2014 proclaimed that ‘virtualisation was dead…long live containerisation’. Naturally, containerisation is essentially just another flavour of virtualisation, but Morris notes its influence over the past couple of years. “Container references increased from a few paragraphs to a few sections, and eventually throughout the book,” he explains.

Can Docker become a platform that is fully enterprise-grade? “I believe Docker is ready for the enterprise, but not necessarily everything in the enterprise at this point,” says Morris. “Containerisation is a great model for defining the contract between applications and the systems they run on in a way that simplifies both, so it’s a natural mode for building new applications and services. But there is a mass of existing software which isn’t architected to be containerised – and we’re all still learning how to implement containerised platforms and applications.”

All in all however, with increased knowledge of IaC, how to deploy it, and how it relates to DevOps and containers, Morris hopes readers will have one takeaway when reading the book: “Use automated pipelines to test infrastructure changes so that you can make changes to your systems confidently.”

Read more: What you need to know about infrastructure as code – and why now

(c)iStock.com/sinarp2

IT automation software provider Chef has announced the launch of Chef Automate, claimed to be a flagship software product which ties together all of the company’s product portfolio.

Chef Automate aims to give users comprehensive visibility across all applications and their supporting environments, providing a single dashboard with access to analytics, trending data and health status of Chef-managed resources.

Other key features include a unified workflow, essentially a shared pipeline – previously known as Chef Delivery – which provides a fixed and reusable workflow when changing infrastructure or applications, monitoring progress and changes as workflows move from development to product. Chef Automate also offers proactive compliance to ensure companies are operating according to their security policies.

The product is available immediately through an annual subscription, and includes commercial support for open source projects Chef, InSpec and Habitat.

“Velocity is the ultimate goal of every business and in today’s software-driven economy, that can only happen through IT automation,” said Ken Cheney, VP business development and product marketing at Chef. “However, many organisations are still forced to choose between speed and security.

“We think that’s absurd. Chef Automate allows businesses everywhere to stop trading off between velocity and safety – you can have both,” he added.

Chef claims its client has been downloaded more than 37 million times, with more than 80% of its revenue coming from enterprise organisations. Total booking have grown more than 80% year over year in the second quarter of 2016, according to the company.

Chef has also announced the launch of a certification program, offering training and credentials for developers, IT and system admins. The regular missives which arrive in this publication’s inbox regarding key tech job skills invariably mention DevOps and automation; according to Rackspace last month, jobs requiring DevOps skills went up a ‘modest’ 53% over the past year, with 3,723 jobs available. The managed cloud provider argued this was indicative of the area moving more into the mainstream.

(c)iStock.com/sorbetto

A new report from big data analytics provider Mu Sigma argues that higher performing companies are four times more likely to use a consistent approach to big data analysis, while consensus is divided on whether the CIO or CFO should be in charge.

The findings come from a survey of 150 large enterprises which turn over at least $500 million (£377.2m) a year, and draw some interesting conclusions on how large firms prioritise their data crunching. 23% of those polled said the CIO was responsible for analytics, compared to 17% who cite the CFO. In contrast, only 4% of respondents said they have a chief data scientist in charge, compared to 9% for a chief data officer and 13% a chief analytics officer.

With this in mind, there is also a distinct lack of consensus on the models organisations adopt. The majority (44%) of respondents said they use a centralised model, whereby a central group oversees analytics development for the entire company, while 22% said they opt for an approach where individual business units govern themselves. 16% adopt a federated approach, which blends the two.

Almost two thirds (65%) of senior decision makers polled say they recognise the positive impact analytics can have on business growth. The issue, the report argues, is around harnessing it properly. “Changes in customer behaviours are leading to a scramble for new capabilities and offerings – which in turn fuels the need for analytics and insights,” said Tom Pohlmann, head of values and strategy at Mu Sigma. While many enterprises are taking the right approach to meeting those challenges, many are still not paying enough attention to creative problem solving and consequently falling short in analytics.

“Organisations need to understand the importance of decisions in order to gain truly valuable insights from their data – and sometimes you need to ‘think outside the box’ to get there,” Pohlmann added.

Seven out of 10 (70%) respondents said that they plan to make improvements to their big data analytics approach and have a clearer roadmap of what they want to address in the coming year.

(c)iStock.com/Keith Kiska

The Financial Conduct Authority (FCA) has issued a series of guidelines on how financial firms can migrate to the cloud and provisionally giving the green light to them.

“We see no fundamental reason why cloud services (including public cloud services) cannot be implemented, with appropriate consideration, in a manner that complies with our rules,” the report notes.

The authority notes that they have successfully supported many firms to use cloud and other IT service solutions, yet the updated guidelines come after concern from organisations over how the term ‘cloud’ should be defined and how it applies to them, as well as operational and supply chain risks.

The FCA insists firms need to review the contract with their outsourcing provider to ensure it meets their standards; in terms of regulations, organisations need to ensure their operational risk is not worsened by cloud migration, as well as identifying all service providers in the supply chain and ensuring compliance through all those steps. The finalised guidance insists that it is keeping in line with these guidelines despite concerns over the supply chain being ‘impractical’ and ‘unduly burdensome’.

Regarding data security, the FCA argues firms should agree a data residency policy with their chosen provider, understand the provider’s data loss and breach processes, as well as comply with the eight principles of the Data Protection Act (DPA). Similarly, the importance of continuity planning – “appropriate arrangements to ensure that it can continue to function and meet its regulatory obligations in the event of an unforeseen interruption of the outsourced services” – and an exit strategy were also highly emphasised.

Alongside this, the FCA insists the report, which can be viewed in full here (via FinExtra), should not be read in isolation – citing the Prudential Regulation Authority (PRA) as another important body – nor is exhaustive. “We expect firms to take note of the guidance and, where appropriate, use it to inform their systems and controls on outsourcing,” the report notes.

While industries such as finance, healthcare and manufacturing have been traditional laggards in moving to the cloud, this view, backed up by the FCA paper, is changing. Tony Connor of Datapipe, writing for this publication back in March, argued the shifting view on cloud security but insisted trust was key. “With a trusted partner and careful planning, even the most complex IT ecosystems in a financial institution can be moved to the cloud and start reaping its numerous benefits,” he wrote.

(c)iStock.com/Vernon Wiley

Cloud technology can create positive business outcomes for businesses – but only if the organisation is willing to foster business transformations that leverage what the cloud offers.

That is the key finding from a report published by The Economist and sponsored by Google on how trust in cloud computing correlates with business performance.

The report, which is based on a global survey of more than 450 executives in 10 countries across five continents, finds 38% of enterprise IT is currently based on cloud-based technology, with the figure expected to grow to 45% by 2019. Despite this, trust in cloud technology remains muted, with only 16% of those polled indicating ‘very high trust’ in the cloud.

Despite this comparative lack of trust – although more than half (52%) of those polled noted an increase in overall cloud trust –  almost all (99%) of respondents report use of at least some cloud services in their organisation. Respondents who say their company has higher trust in the cloud report much better outcomes in both financial and non-financial success metrics.

Yet trust in the cloud does not grow organically. The report advocates three primary elements that will help businesses engage further:

• C-suite support for cloud initiatives. The survey argues that at organisations with low levels of cloud trust, management is the most common barrier to the adoption of cloud technologies. “The C-suite alone cannot instil trust in cloud technology, but without its help such confidence may not develop,” the report notes.
• Introducing cloud services with an eye to building trust. High profile improvements can help build trust across an organisation, the report notes, as well as simpler, quick win solutions. This was one of the keys to Siemens building their trust in cloud.
• Go further than simply educating employees. Training in new tools is one thing, but for ‘deep change management’, as the report puts it, pushing people to use their new tools in a creative way will be more fruitful.

You can find the full report here (no registration required).

(c)iStock.com/ricochet64

Oracle and Fujitsu have announced a new strategic alliance to deliver enterprise-grade cloud services to customers in Japan and their subsidiaries.

The partnership aims to bring Oracle’s cloud application and platform services to Fujitsu’s cloud service, K5; installing Oracle’s cloud services into its data centres in Japan and connecting them to K5.

The first Oracle cloud app being offered to Fujitsu customers as part of the new deal is Oracle HCM Cloud, regarding, as the name suggests, HR and human capital management. Fujitsu for its part will implement Oracle HCM Cloud to gain ‘unprecedented insight’ into the company’s global workforce.

“We at Fujitsu support the digital transformation of our customers, and aim to contribute to optimised customer systems and business growth with the rollout of our Digital Business Platform MetaArc,” said head of digital services business and CTO Shingo Kagawa. “Oracle is a leader in Japan’s database market segment and possesses strong capabilities in the [systems of record] domain. Now, as we look to strengthen MetaArc and K5, taking part in this strategic alliance with Oracle will work to meet the cloud needs of our customers.”

Fujitsu’s infrastructure offering in EMEA was recently tracked by analyst house IDC, alongside nine other vendors, finding that EMEA cloud IT infrastructure revenue had grown by 17% to £1.3 billion (£1bn) in the first quarter of this year. In September last year, the Japanese giant announced Fujitsu Cloud Services Management, a service which enables unified management of cloud environments across different departments within an organisation.

“We strongly believe this cloud alliance will support Japanese companies to drive digital transformation,” said Hiroshige Sugihara, president and CEO of Oracle’s Japanese arm. “This will be a gateway for customers to achieve standardisation, modernisation, and globalisation.”

(c)iStock.com/-MG-

Organisations’ fears of cloud-based backup are mostly down to inexperience or ignorance of how the systems work rather than technological issues, according to new survey results released by analyst house Clutch.co.

The research, which surveyed more than 300 small to medium US businesses to measure the benefits and challenges of cloud-based backup, found that 87% of respondents said online backup was either equally or more secure than on-premises equivalents. 24% argued it was “much more” secure, with 32% opting for “somewhat” and 31% equally secure. Only 2% argued online backup was much less secure.

In terms of benefits to cloud backup, greater data security (31%) was most frequently cited, ahead of data space (21%) and simpler backup (21%), while more than a third (37%) of businesses polled said they had experienced no problems when utilising cloud backup, with downtime and bugs (36%) cited most often ahead of limited data space (22%), security issues (19%), and data recovery problems (14%).

Despite this, the research argues these factors can be improved upon. “It’s often very disconcerting if there’s any downtime with getting to the provider to get the data,” said Bob Lamendola, general manager of infrastructure services at MindShift. “It makes people very uneasy if the solution is not reliable and stable…it really casts a dark shadow and can create a barrier to adoption.”

Almost half (49%) of respondents say they back their data up on a daily basis, according to the research, compared with 34% who say weekly. Perhaps worryingly, 2% of firms polled said they back up their data annually. On a similar theme, backup services are usually tested weekly (34% of respondents) or monthly (34%). One in 10 ensure to perform a test daily, while 3% admit they have never done it.

Clutch argues a mix of frequent monitoring and annual, or semi-annual, testing by fully simulating a data leak and checking if the data can be fully restored. “[You should] simulate the ‘loss’ of a critical file, folder, database, or system, and document the exact steps and amount of time it takes to recover this data completely,” said Mark Anderson, of Anderson Technologies. “Go through every step necessary to get the data back on a system in-house and completely usable again.”

The concept of companies fearing change, rather than technology, is one which has been covered extensively in this publication. Matthew Finnie, CTO of Interoute, argued as much when speaking to CloudTech last month. “It’s all transitionary,” he said. “From our experience, the speed of [cloud] transformation has got nothing to do with technology…[but] many times the fear and loathing of the IT department.”

You can read the full Clutch report here.

(c)iStock.com/Tuomas Kujansuu

Amazon Web Services (AWS) has said it will continue its plans to build a data centre in the UK despite the referendum vote to leave the European Union last month.

The news was disclosed by AWS UK&I managing director Gavin Jackson at the AWS Summit in London earlier today. The UK data centre region, first announced in November last year, is part of AWS’ expansion plans which also include new bases in Montreal, Ohio, and Ningxia in China.

AWS’ confirmation that the UK data centre will be built – scheduled to arrive either at the end of this year or the beginning of next – arrives after Gartner issued a bleak warning over IT spending after the UK voted to Brexit. In a note, the analyst house argues that “with the UK’s exit, there will likely be an erosion in business confidence and price increases which will impact UK, Western Europe and worldwide IT spending.”

If that wasn’t bad enough, IDC adopted a similarly cautious tone in a forecast released earlier this week, arguing the UK faces a ‘challenging transition’ in terms of how organisations will spend their IT budget. Neither analyst firms’ figures took Brexit into account, however IDC warned that the following quarter could see a downturn for the UK.

And if that wasn’t bad enough, AWS has also announced greater support for EU-based ISVs through the AWS Marketplace, meaning ISVs that have legal entities in EU countries can register, list, and sell their products through AWS. The full list of vendors that have already signed up is available on the AWS blog, including Germany-based in-memory database provider EXASOL. “Companies of all sizes can now take advantage of EXASOL’s performance-beating in-memory analytic database on the world’s most significant cloud platform,” said Dr. Jens Graupmann, EXASOL VP product management.

“This is of great benefit to organisations that want to get started with data analytics fast but cannot invest upfront in analytic infrastructures, and it will be interesting to see what new data-driven businesses are created as a result,” he added.

(c)iStock.com/RyanKing999

Analyst house IDC has released two forecasts in quick succession examining the cloud infrastructure landscape, and found that EMEA cloud IT infrastructure revenue grew 17% to $1.3 billion (£1bn) in the first quarter of this year.

IDC expects this particular market to hit more than $10bn by 2020, creating 46.4% of total market expenditure, while total cloud-based EMEA infrastructure spend on server, disk storage and Ethernet switch, grew by four percentage points compared to this time last year.

Overall, private cloud represented $0.8bn in the first quarter, with public cloud at $0.6bn and traditional IT at $4bn. Year over year private cloud growth was 20.8%, compared to public cloud at 13.4% and traditional IT at a 6.9% decrease.

IDC tracked Cisco, Dell, EMC, Fujitsu, Hitachi, HP, IBM, Lenovo, NetApp and Oracle among others for the survey, and found some interesting regional highlights. For Western Europe, growth in cloud infrastructure was distributed almost equally between enterprise storage (42%) and servers (45%), while CEMA (Central and Eastern Europe, the Middle East, and Africa) represented 15% of overall EMEA cloud investments this quarter.

Yet this could change. While the first quarter’s figures naturally did not account for the result of a UK referendum, IDC warned that the second quarter could be an eye-opener, with the research firm expecting a ‘challenging transition’ ahead if the UK activates the process of withdrawing from the EU. “Our forecast for the UK may be adjusted downward in the following quarter,” said Kamil Gregor, IDC European infrastructure group research analyst. “Other EMEA markets are expected to remain largely unaffected.”

The result of the EU referendum has had effects on other parts of business infrastructure. Now that the UK has returned a Brexit vote, and assuming the formal process to leave the EU will be initiated, it doesn’t mean businesses should avoid data best practices in line with the EU General Data Protection Regulation (GDPR), according to commentators.

Elsewhere, IDC predicted that spending on IT infrastructure for cloud environments in 2016 will be strong despite a first quarter slowdown. Total spending will increase by 15.5% in 2016 to reach $37.1bn.