Adopting Cloud Apps? Addressing Data Security Challenges at Cloud Expo NY

The benefits of cloud computing are well documented: faster time to value, lower total cost of ownership, and greater scalability. So, what’s holding up adoption? Concerns include data security, data privacy, loss of governance, regulatory compliance, and data sovereignty. How should organizations address these challenges to leverage the proven benefits of cloud computing?
In his session at the 10th International Cloud Expo, Varun Badhwar, VP, Product Strategy at CipherCloud, will shed some light on these complex issues, discuss how migrating to the cloud impacts regulatory and compliance requirements, cover case studies on how global institutions have securely adopted the cloud, and examine emerging best practices on retaining control over sensitive data in the cloud.

read more

Lumesse Adds New Usability, Integration Features to Lumesse Learning Gateway

Lumesse today announced the latest version of its Software-as-a-Service (SaaS) learning management system, Lumesse Learning Gateway 5.7, with a wide range of new capabilities that include enhanced reporting, additional languages, improved navigation and full integration with Lumesse ETWeb talent management.

The integration (announced earlier this month) with Lumesse ETWeb, delivered using the new Lumesse ETWeb Exchange service-oriented architecture, offers users fast and easy access to learning from a wide range of e-learning vendors anywhere in the world. Personalized, relevant learning content can be selected and delivered directly from the cloud within the familiar, web-based user experience of Lumesse ETWeb.

“Lumesse Learning Gateway takes the pain out of managing learning,” said Lumesse CEO Matthew Parker. “This release helps both learners and learning managers to find and manage the training they need. Learners can identify and start training that is directly relevant to their career goals and their company objectives through a familiar talent management environment. Training managers can control the process, workflow and reporting of learning with less effort and greater oversight. Organizations get better trained, more motivated people with lower costs and less administrative overhead.”

Lumesse Learning Gateway is a powerful and affordable cloud-based learning management system that delivers and manages sophisticated blended learning programmes that can include mobile and social learning, tests and assessments, personalized e-learning, and instructor-led training. Lumesse Learning Gateway is delivered as a SaaS solution configurable to exact needs to encourage high completion rates, and scalable for any number of learners and any amount of learning.

Among the improvements in Lumesse Learning Gateway 5.7 are:

A new scalable reporting framework generates attractive reports –
from a standard, categorized library — that are easy to understand
and use.
Added language support for learners: Chinese and Japanese for a total
of 22 supported learner languages; and French and Italian for a total
of seven supported administrator languages.
A redesigned administrative portal offers simpler, more intuitive
navigation of the powerful learning management capabilities in Lumesse
Learning Gateway.

In addition, tight integration with Lumesse ETWeb talent management allows a learner-centric, consumerized user experience with single sign-on and a common look-and-feel that increases user adoption by making access and navigation simple and intuitive for all users. Users can quickly find best-match learning activities that support career development and objectives, start e-learning from within the talent management system, and easily identify recommended and mandatory training – supporting increased completion ratios. Direct access to development history and development plans from a Talent Profile give a clear overview of training taken and required, while integrated reporting measures and analyzes progress and completion against planned and mandatory learning, as well as cost breakdowns. Configurable workflows allow managers easy approval of learning activities.

Lumesse Learning Gateway 5.7 is available immediately.


SUMMUS Software Launches New Release of Cloud-based IT Management Solution

SUMMUS Software, a provider of cost-effective, comprehensive, cloud-based IT operations management solutions, today announced the latest release of Summus IT Management Suite powered by Summit Platform 4.0, an integrated suite of applications for IT service management, IT asset management, and availability management. This latest release delivers the IT contextual dashboard, together with robust enhancements to incident, service level agreement (SLA), change, configuration management database (CMDB), knowledge, event, release, availability and project management.

SUMMUS Software’s new release of Summus IT Management Suite and Summit Platform are designed to support the growing and maturing IT service management, IT asset management and IT availability management requirements of small and midsized businesses (SMB) and managed service providers (MSP). By supporting IT organization’s on-going efforts to optimize their costs, resources and processes, this release ensures customers can better maximize IT management efficiencies.

“Summus IT Management Suite is helping IT organizations to achieve greater cost and operational efficiencies using the power of Summit Platform,” said Wai Wong, president and CEO of SUMMUS Software. “This latest release represents the industry’s most comprehensive cloud-based IT management solution with built-in IT intelligence. SUMMUS is helping customers to better optimize their IT operations, and establish a more productive relationship between IT and business.”

The new release of Summus IT Management Suite is powered by the latest version of SUMMUS Software’s unified and integrated IT operations management platform, Summit Platform 4.0. Based on extensive work with customers, key IT industry experts and standards organizations, this release delivers features representing key IT management technology advances in the areas of Incident Management, SLA Management, Knowledge Management, Change Management, CMDB, Availability Management, Event Management, Release Management and Project Management.

Key features of the new release of Summus IT Management Suite include:

Summus Service Management

Incident Management: Fine-grained per-incident cost management, and
simplified end-user request management via templates
SLA Management: Fine-grained control and monitoring of customer SLAs,
vendor SLAs and operations level agreements (OLA)
Knowledge Management: Enhanced knowledge relevance and effectiveness
management
Change Management: Enhanced reliability and availability with powerful
change control and configuration
CMDB: Increased high availability with version control management,
faster and easier implementation and simplified integration with other
IT management systems via open Web Services APIs
Release Management: Comprehensive management of release costs,
versions, builds, and workflows

Summus Availability Management

Server & Network Monitoring: Flexible and fine-grained monitoring,
reporting and alerts based on multiple thresholds, and utilization
trends
Event Management: Automatic, event correlation management

IT Intelligence

IT Contextual Dashboard: Holistic side-by-side, contextually
comparative view of the entire IT operations environment


appRenaissance Acquires Mobile UX/UI Innovator UXFLIP

appRenaissance, a provider of mobile applications, tools and infrastructure, announced today that it has acquired UXFLIP, an innovator in dynamic mobile interface capabilities. UXFLIP’s patent-pending dynamic UX/UI creation, deployment and management capabilities will be merged with the company’s mobile middleware platform, Unifeed™.

“We’re very excited to announce this acquisition today and to have founder Michael Raber join the appRenaissance team,” said Bob Moul, appRenaissance CEO. “The capabilities of UXFLIP are highly complementary to our middleware platform and Michael will be an awesome addition to the team.”

UXFLIP was a participant in the Fall 2011 accelerator program at DreamIt Ventures and recently won “best in show” at the Phorum tech conference in Philadelphia. UXFLIP allows users to dynamically build, deploy and manage the user interface and experience of mobile applications as a cloud-delivered service. A beta version of the offering will be available this summer.

“I am excited to be joining the team at appRenaissance and to help lead the development of next generation revolutionary mobile tools and infrastructure,” said Raber. “Bob was our advisor at DreamIt and immediately saw the value of what we were building. appRenaissance provides the perfect platform to continue to build out the vision we had when we launched UXFLIP.”


Braaains & ZaaS on Cloud

A new acronym, ZaaS (Zombies-as-a-Service), may enter the lexicon, thanks to Broken Bulb Studios, the Scottsdale, AZ developer that’s unleashed the zombie game Braaains on Facebook. The studio expected what it described as a “huge” traffic surge, so has been working with SoftLayer and RightScale to handle it.

Indeed, the game reaches about 371,000 daily and 3.6 million monthly players. With Facebook just announcing it now reaches 901 million people worldwide, one would expect the numbers to continue to scale up.

Braaains are being served by SoftLayer data centers in Houston and Dallas, and migrating completely to the cloud, the company reports. There are several terabytes of data stored already, and peak data transfer rates are currently estimated at 210 Mbps.

George Romero, did you have any idea what you wrought with your little $100k film in 1968?

read more

Cloud Expo New York: The Right Cloud for the Job

The sky is full of clouds. Some are perfect for companies needing outsourced IT, but others are built specifically for scalable Internet-enabled apps and solutions.
In his session at the 10th International Cloud Expo, Duke Skarda, CTO of SoftLayer, will explore the difference between enterprise-class and Internet-scale, explore hybrid clouds and networks of networks, examine specific use cases and case studies, and focus on the requirements of those visionaries building the next wave of massively scalable Internet-facing applications.

read more

Is Cloud Computing a Green Giant?

Cloud computing already has trimmed some businesses’ IT costs. But a report found that it also could be the next big thing to help reduce their energy use, according to greenbiz.com
The fourth annual Energy Efficient IT Report – by technology products and services seller CDW – calls cloud computing a possible “game changer” that’s playing a growing role in energy efficiency.
For the report, CDW surveyed 760 people working in private businesses, nonprofits, schools and governments. Of these respondents, 62 percent agreed that cloud computing is an energy-efficient way to consolidate data centers.

read more

Cloud Expo New York Speaker Profile: Bill Lowry – Terremark

With Cloud Expo 2012 New York (10th Cloud Expo) now only seven weeks away, what better time to introduce you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference…

We have technical and strategy sessions for you every day from June 11 through June 14 dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where do they work, what else have they written and/or said about the Cloud that is transforming the world of Enterprise IT, side by side with the exploding use of enterprise Big Data – processed in the Cloud – to drive value for businesses…?

read more

The Encrypted Elephant in the Cloud Room

Encrypting data in the cloud is tricky and defies long held best practices regarding key management. New kid on the block Porticor aims to change that.

pink elephant

Anyone who’s been around cryptography for a while understands that secure key management is a critical foundation for any security strategy involving encryption. Back in the day it was SSL, and an entire industry of solutions grew up specifically aimed at protecting the key to the kingdom – the master key. Tamper-resistant hardware devices are still required for some US Federal security standards under the FIPS banner, with specific security protections at the network and software levels providing additional assurance that the ever important key remains safe.

In many cases it’s advised that the master key is not even kept on the same premises as the systems that use it. It must be locked up, safely, offsite; transported via a secure briefcase, handcuffed to a security officer and guarded by dire wolves. With very, very big teeth.

No, I am not exaggerating. At least not much. The master key really is that important to the security of cryptography. porticor-logo

That’s why encryption in the cloud is such a tough nut to crack. Where, exactly, do you store the keys used to encrypt those Amazon S3 objects? Where, exactly, do you store the keys used to encrypt disk volumes in any cloud storage service?

Start-up Porticor has an answer, one that breaks (literally and figuratively) traditional models of key management and offers a pathway to a more secure method of managing cryptography in the cloud.

SPLIT-KEY ENCRYPTION andyburton-quote

Porticor is a combination SaaS / IaaS solution designed to enable encryption of data at rest in IaaS environments with a focus on cloud, currently available on AWS and other clouds. It’s a combination in not just deployment model – which is rapidly becoming the norm for cloud-based services – but in architecture, as well.

To alleviate violating best practices with respect to key management, i.e. you don’t store the master key right next to the data it’s been used to encrypt – Porticor has developed a technique it calls “Split-Key Encryption.”

Data encryption comprises, you’ll recall, the execution of an encryption algorithm on the data using a secret key, the result of which is ciphertext. The secret key is the, if you’ll pardon the pun, secret to gaining access to that data once it has been encrypted. Storing it next to the data, then, is obviously a Very Bad Idea™ and as noted above the industry has already addressed the risk of doing so with a variety of solutions. Porticor takes a different approach by focusing on the security of the key not only from the perspective of its location but of its form.

The secret master key in Porticor’s system is actually a mathematical combination of the master key generated on a per project (disk volumes or S3 objects) basis and a unique key created by the Porticor Virtual Key Management™ (PVKM™)  system. The master key is half of the real key, and the PVKM generated key the other half. Only by combining the two – mathematically – can you discover the true secret key needed to work with the encrypted data.

split key encryptionThe PVKM generated key is stored in Porticor’s SaaS-based key management system, while the master keys are stored in the Porticor virtual appliance, deployed in the cloud along with the data its protecting.

The fact that the secret key can only be derived algorithmically from the two halves of the keys enhances security by making it impossible to find the actual encryption key from just one of the halves, since the math used removes all hints to the value of that key. It removes the risk of someone being able to recreate the secret key correctly unless they have both halves at the same time. The math could be a simple concatenation, but it could also be a more complicated algebraic equation. It could ostensibly be different for each set of keys, depending on the lengths to which Porticor wants to go to minimize the risk of someone being able to recreate the secret key correctly.

Still, some folks might be concerned that the master key exists in the same environment as the data it ultimately protects. Porticor intends to address that by moving to a partially homomorphic key encryption scheme.

HOMOMORPHIC KEY ENCRYPTION

If you aren’t familiar with homomorphic encryption, there are several articles I’d encourage you to read, beginning with “Homomorphic Encryption” by Technology Review followed by Craig Stuntz’s “What is Homomorphic Encryption, and Why Should I Care?”  If you can’t get enough of equations and formulas, then wander over to Wikipedia and read its entry on Homomorphic Encryption as well.

Porticor itself has a brief discussion of the technology, but it is not nearly as deep as the aforementioned articles.

In a nutshell (in case you can’t bear to leave this page) homomorphic encryption is the fascinating property of some algorithms to work both on plaintext as well as on encrypted versions of the plaintext and come up with the same result. Executing the algorithm against encrypted data and then decrypting it gives the same result as executing the algorithm against the unencrypted version of the data. 

So, what Porticor plans to do is apply homomorphic encryption to the keys, ensuring that the actual keys are no longer stored anywhere – unless you remember to tuck them away someplace safe or write it down. The algorithms for joining the two keys are performed on the encrypted versions of the keys, resulting in an encrypted symmetric key specific to one resource – a disk volume or S3 object.

The resulting system ensures that:

No keys are ever on a disk in plain form Master keys are never decrypted, and so they are never known to anyone outside the application owner themselves The “second half” of each key (PVKM stored) are also never decrypted, and are never even known to anyone (not even Porticor) Symmetric keys for a specific resource exist in memory only, and are decrypted for use only when the actual data is needed, then they are discarded

This effectively eliminates one more argument against cloud – that keys cannot adequately be secured.

In a traditional data encryption solution the only thing you need is the secret key to unlock the data. Using Porticor’s split-key technology you need the PVKM key and the master key used to recombine those keys. Layer atop that homomorphic key encryption to ensure the keys don’t actually exist anywhere, and you have a rejoined to the claim that secure data and cloud simply cannot coexist.

In addition to the relative newness of the technique (and the nature of being untried at this point) the argument against homomorphic encryption of any kind is a familiar one: performance. Cryptography in general is by no means a fast operation and there is more than a decade’s worth of technology in the form of hardware acceleration (and associated performance tests) specifically designed to remediate the slow performance of cryptographic functions. Homomorphic encryption is noted to be excruciatingly slow and the inability to leverage any kind of hardware acceleration in cloud computing environments offers no relief. Whether this performance penalty will be worth the additional level of security such a system adds is largely a matter of conjecture and highly dependent upon the balance between security and performance required by the organization.

Connect with Lori: Connect with F5: o_linkedin[1] google  o_rss[1] o_facebook[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1] google Related blogs & articles: Getting at the Heart of Security in the Cloud
Threat Assessment: Terminal Services RDP Vulnerability
The Cost of Ignoring ‘Non-Human’ Visitors
Identity Gone Wild! Cloud Edition F5 Friday: Addressing the Unintended Consequences of Cloud
Surfing the Surveys: Cloud, Security and those Pesky Breaches Dome9: Closing the (Cloud) Barn Door  Get Your Money for Nothing and Your Bots for Free  Technorati Tags: F5,MacVittie,Porticor,cryptography,cloud,homomorphic encryption,PKI,security,blog

read more

Building a Dynamic Enterprise App Store in the Cloud at Cloud Expo NY

Interest is growing rapidly in “enterprise app stores” where software designers and users can share and consume IT applications. Such stores may be offered by hosting providers to onboard customers and partners to their cloud, or by an enterprise to facilitate collaboration among engineering teams. However, many stores are limited to supplying pre-packaged cloud images, rather than editable templates.
In his session at the 10th International Cloud Expo, James Weir, CTO and co-founder of UShareSoft, will discuss the benefits and technologies for building a flexible, “dynamic” enterprise app store. These stores allow users to customize server templates before publishing directly to cloud. Additionally, hosting providers can dynamically “inject” managed services into templates and empower channel partners to offer customized cloud solutions.

read more