|By Patrick Burke||
|January 14, 2013 09:00 AM EST||
As more organizations move critical data to the cloud, security takes on ever-increasing importance, according to a recent report on cloud security.
The Security for Business Innovation Council, consisting of IT security professionals from 19 companies worldwide, called cloud computing the main disruptive force for 2013. In its report, "Information Security Shake-Up," the group said it was evident many organizations are preparing to move more business processes to the cloud. This year, it will even be "mission-critical apps and regulated data" consigned to the cloud, according to an article on NetworkWorld.com.
The Council includes security professionals from Coca-Cola, eBay, FedEx, EMC, Fidelity Investments, Intel, Johnson & Johnson and Walmart, among several others.
"Although supplier lock-in and system availability are some of the big concerns with the cloud, security remains the No. 1 obstacle to adoption," the Council's report states. "But trust in the cloud is growing."
Even regulators are starting to warm up to it, they noted, pointing out that the Dutch banking authority gave Dutch banks the green light to use cloud services late last year. But there are "gaps" in how well companies are planning for any transition to the cloud, the report notes. Though middle managers in companies may favor cloud computing for business reasons, there's a gap in coordination and trust with the IT security managers responsible for regulatory and security controls.
"Middle managers don't want to use their resources on security," the report bluntly says. "They are incentivized by timeline and budget; adding security doesn't fit into their objectives."
Security teams should be striving this year to build relationships with these middle managers, the report emphasizes. The practice of regular meetings and information exchange is an approach that has worked well over the past few years with the top corporate executives to bring their attention to the nature of cyber-threats. These top execs now largely understand and prioritize information security. But getting the same rapport going with middle managers is likely to be an even bigger challenge, the report says.
Growing Confidence in Cloud Security
Cloud computing has IT professionals increasingly convinced that while security controls are adequate, there still remains some skepticism.
Len Peters, CIO at Yale University, has undertaken a cost-benefit analysis of cloud-based services in comparison to on-premises software purchases. He found that not only are unit costs less for the software-as-a-service (SaaS) he's most interested in, but that SaaS can also further the compliance and security goals of the IT department, according to an article on CSOonline.com.
Last spring, Yale elected to migrate from an on-premises IT management application to the cloud-based ServiceNow. The economic analysis indicated a positive cost advantage within 13 months. But security and compliance considerations were and always are going to be critical factors in cloud-computing decisions, Peters said. Like many IT pros, he found himself asking the questions, "Is the cloud safe? What are the potential risks?"
The answer, he says, is yes, there are risks, but not necessarily any more than in your own environment if the proper security and contractual arrangements can be put in place with the cloud provider. What's more, use of cloud services can help speed the adoption of best practices that would further safeguard the university.
Yale is going to be looking at more cloud-computing options in the future for things such as human resources and ERP, Peters said.
Protecting Information in the Cloud
As attractive as cloud environments can be, they also come with new types of risks, according to an article on CFO.com.
Executives are asking whether external providers can protect sensitive data and also ensure compliance with regulations about where certain data can be stored and who can access the data. CIOs and CROs are also asking whether building private clouds creates a single point of vulnerability by aggregating many different types of sensitive data onto a single platform.
Blanket refusals to make use of private- or public-cloud capabilities leave too much value on the table from savings and improved flexibility. Large institutions, which have many types of sensitive information to protect and many cloud solutions to choose from, must balance potential benefits against, for instance, risks of breaches of data confidentiality, identity and access integrity, and system availability.
Refusing to use cloud capabilities is not a viable option for most institutions. The combination of improved agility and a lower IT cost base is spurring large enterprises to launch concerted programs to use cloud environments. At the same time, departments, work groups, and individuals often take advantage of low-cost, easy-to-buy public-cloud services - even when corporate policies say they should not.
Akana, a leading provider of API Management, API Security and Cloud Integration solutions, announced that it is introducing DevOps automation to the API lifecycle. New capabilities in Akana's API Management platform significantly reduce the time required to update API definitions and versions. DevOps teams will be able to work faster in designing and developing APIs, as well as managing them at runtime and publishing them to a portal.
Jun. 2, 2015 03:15 PM EDT Reads: 689
DevOps Summit at Cloud Expo New York is offering a limited time FREE "Expo Plus" registration option in New York. On site registration price of $1,95 will be set to 'free' for delegates who register during special offer. To take advantage of this opportunity, attendees can use the coupon code, and secure their registration to attend all keynotes, @DevOpsSummit sessions at Cloud Expo, expo floor, and SYS-CON.tv power panels. Special FREE registration givess access to all Containers and Microservi...
Jun. 2, 2015 03:00 PM EDT Reads: 985
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jun. 2, 2015 03:00 PM EDT Reads: 4,599
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jun. 2, 2015 03:00 PM EDT Reads: 4,208
SYS-CON Events announced today that SUSE, a pioneer in open source software, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. SUSE provides reliable, interoperable Linux, cloud infrastructure and storage solutions that give enterprises greater control and flexibility. More than 20 years of engineering excellence, exceptional service and an unrivaled partner ecosystem power the products and support that help ...
Jun. 2, 2015 02:15 PM EDT Reads: 1,187
SYS-CON Events announced today that the "First Containers & Microservices Conference" will take place June 9-11, 2015, at the Javits Center in New York City. The “Second Containers & Microservices Conference” will take place November 3-5, 2015, at Santa Clara Convention Center, Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
Jun. 2, 2015 02:15 PM EDT Reads: 923
"Application monitoring and intelligence can smooth the path in a DevOps environment. In a DevOps environment you see constant change. If you are trying to monitor things in a constantly changing environment, you're going to spend a lot of your job fixing your monitoring," explained Todd Rader, Solutions Architect at AppDynamics, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jun. 2, 2015 02:00 PM EDT Reads: 4,505
ThingsExpo New York is offering a limited time FREE "Expo Plus" registration option in New York. On site registration price of $1,95 will be set to 'free' for delegates who register during special offer. To take advantage of this opportunity, attendees can use the coupon code, and secure their registration to attend all keynotes, ThingsExpo sessions, expo floor, and SYS-CON.tv power panels. Special FREE registration givess access to all DevOps, Containers and Microservices sessions as well. Regi...
Jun. 2, 2015 02:00 PM EDT Reads: 1,029
IndependenceIT has been selected by nGenx to power Windows-based DaaS and application delivery on Google Compute Engine to support the delivery of GoldMine Cloud software. For independent software vendors (ISVs) like GoldMine, this expands the theater of operations to increase revenue opportunities while reducing software management and maintenance liabilities. IndependenceIT was selected by application and desktop pioneer, nGenx, to deliver its “Bring Your Own Cloud” strategy to GoldMine and o...
Jun. 2, 2015 01:44 PM EDT Reads: 328
The web app is Agile. The REST API is Agile. The testing and planning are Agile. But alas, Data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes which force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software orga...
Jun. 2, 2015 01:30 PM EDT Reads: 1,043
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the...
Jun. 2, 2015 01:15 PM EDT Reads: 4,275
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jun. 2, 2015 01:00 PM EDT Reads: 4,387
2015 predictions circa 1970: houses anticipate our needs and adapt, city infrastructure is citizen and situation aware, office buildings identify and preprocess you. Today smart buildings have no such collective conscience, no shared set of fundamental services to identify, predict and synchronize around us. LiveSpace and M2Mi are changing that. LiveSpace Smart Environment devices deliver over the M2Mi IoT Platform real time presence, awareness and intent analytics as a service to local connecte...
Jun. 2, 2015 01:00 PM EDT Reads: 1,075
The only place to be Nov 3-5 is Cloud Expo | @ThingsExpo | DevOps Summit 2015 West at the Santa Clara Convention Center in Santa Clara, CA. Join us there as delegates from all over the world come to listen to and engage with speakers & sponsors from the leading Cloud Computing, IoT, Big Data and DevOps companies. Cloud Expo & @ThingsExpo are the leading events covering the booming market of Cloud Computing, IoT & Big Data for the enterprise. Speakers from all over the world will be hand-picked...
Jun. 2, 2015 12:45 PM EDT Reads: 1,778
The basic integration architecture, as defined by ESBs, hasn’t changed for more than a decade. Most cloud integration providers still rely on an ESB architecture and their proprietary connectors. As a result, enterprise integration projects suffer from constraints of availability and reliability of these connectors that are not re-usable across other integration vendors. However, the rapid adoption of APIs and almost ubiquitous availability of APIs amongst most SaaS and Cloud applications are ra...
Jun. 2, 2015 12:45 PM EDT Reads: 720
While there are hundreds of public and private cloud hosting providers to choose from, not all clouds are created equal. If you’re seeking to host enterprise-level mission-critical applications, where Cloud Security is a primary concern, WHOA.com is setting new standards for cloud hosting, and has established itself as a major contender in the marketplace. We are constantly seeking ways to innovate and leverage state-of-the-art technologies. In his session at 16th Cloud Expo, Mike Rivera, Seni...
Jun. 2, 2015 12:15 PM EDT Reads: 1,193
“We are a managed services company. We have taken the key aspects of the cloud and the purposed data center and merged the two together and launched the Purposed Cloud about 18–24 months ago," explained Chetan Patwardhan, CEO of Stratogent, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jun. 2, 2015 12:15 PM EDT Reads: 3,948
SYS-CON Events announced today DevOps.com will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Launched in 2014, DevOps.com has quickly established itself as an indispensable resource for DevOps education and community building. DevOps.com make it their mission to cover all aspects of DevOps – philosophy, tools, business impact, best practices and more.
Jun. 2, 2015 12:14 PM EDT Reads: 346
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jun. 2, 2015 12:00 PM EDT Reads: 3,743
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
Jun. 2, 2015 12:00 PM EDT Reads: 1,702