SDN Journal Authors: Pat Romanski, Elizabeth White, Yeshim Deniz, Destiny Bertucci, Liz McMillan

Related Topics: @CloudExpo, Microservices Expo, Open Source Cloud, Containers Expo Blog, Cloud Security, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Cloud Is All About Security

An exclusive Q&A with Terry Woloszyn, Founder & CEO, Leeward Security Ltd.

"Open source has always provided a number of benefits, including easing adoption costs, propagating a better understanding of the technology, and allowing for faster evolution and commercialization of products and services based on it," noted Terry Woloszyn, Founder & CEO, Leeward Security Ltd., in this exclusive Q&A with Cloud Expo Conference Chair Jeremy Geelan. "This is clearly evident with the OpenStack and CloudStack," Woloszyn continued, "and others that have been quickly commercialized as offerings such as Rackspace."

Cloud Computing Journal: The move to cloud isn't about saving money, it is about saving time. - Agree or disagree?

Terry Woloszyn: It's actually both. Depending on the type of cloud - SaaS, PaaS, or IaaS, and whether it is private or public - the metrics that are used to determine the savings vary in weighting and importance. For example, the total cost of ownership in selecting, installing, configuring, managing, and ultimately replacing enterprise applications is quite large when compared to utilizing a public cloud SaaS equivalent. In this case, it's about saving time and money. On the other hand, utilizing a private cloud infrastructure as a host platform for enterprise applications is much more about saving time in provisioning, as the money difference is small, realized only in hardware utilization and platform management cost savings.

There are other metrics that factor into a selection decision as well, such as security, redundancy, disaster recovery, scalability, and more. It all comes down to the individual requirements of the selector when determining what "it's all about saving."

Cloud Computing Journal: How should organizations tackle their regulatory and compliance concerns in the cloud? Who should they be asking/trusting for advice?

Woloszyn: Unfortunately, regulatory compliance is a moving target. Depending on the jurisdiction, there may not even be a way to become compliant, as legislation at different levels of government may actually conflict, resulting in a bun fight between them that only the courts can settle, and may take years to do so.

Furthermore, cloud exacerbates the problem by spreading the compliance requirements across a plurality of jurisdictions, which results in more conflicting legislation. Great examples have emerged wherein data privacy compliance dictated by one jurisdiction outside of the US is impossible to achieve, thanks to PATRIOT, to be complied with if a US cloud is utilized. It may even be impossible to comply if the network traffic itself simply transits US territory. Again, legislators and regulators are only starting to realize that they no longer can legislate within their borders - that there is a global economic and technology reality that they must account for if their constituents are to remain competitive in the global markets.

As a result, trying to achieve 100% compliance may be impractical, as it is virtually impossible to understand where every bit is located and where they travel during the usage of the cloud, and what compliance requirements are incumbent on the users and providers as a result. One approach to resolve this is similar to ring security employed by systems today, with the core representing the local jurisdiction regulatory and compliance requirements, and the risks and costs for non-compliance. Each subsequent ring around the core represents regulatory and compliance requirements of lessening importance, along with corresponding risks and costs for non-compliance. The final ring represents no regulatory or compliance requirements, and no risks. By creating this type of framework and taxonomy, with the assistance of technologists, cloud providers, and legal counsel, it allows the adopter to quickly make assessments for existing and future cloud adoption, and easily allows for impact analysis of ever-changing technology, regulatory, and compliance requirements.

Cloud Computing Journal: What does the emergence of Open Source clouds mean for the cloud ecosystem? How does the existence of OpenStack, CloudStack, OpenNebula, Eucalyptus and so on affect your own company?

Woloszyn: Open Source has always provided a number of benefits, including easing adoption costs, propagating a better understanding of the technology, and allowing for faster evolution and commercialization of products and services based on it. This is clearly evident with the OpenStack, CloudStack, and others that have been quickly commercialized as offerings such as Rackspace. It makes for more consistency, faster adoption, and more robust offerings as everyone works towards the same results in the open source community, rather than the competitive development model of the 1980s and 1990s that only resulted in a handful of expensive, proprietary, half-solutions.

Cloud Computing Journal: With SMBs, the two primary challenges they face moving to the cloud are always stated as being cost and trust: where is the industry on satisfying SMBs on both points simultaneously - further along than in 2011-12, or...?

Woloszyn: Certainly from a cost perspective, cloud has become very affordable as a technology. However, the skills and labor costs associated with cloud adoption and management are still relatively high, making it a barrier for SMB adoption. As cloud becomes more ubiquitous, the skills become more accessible and affordable. As a result, like any technology, it is the large, early adopters that start, and it slowly cascades down through SMB, and eventually down to SOHO and individuals.

As for trust, SMBs actually seem to trust more than the enterprise adopters. This is because more cloud vendors have succeeded in promoting security and trust of their brand through standards compliance, certification, and customer recognition. SMBs are aware that the cloud vendors are likely more secure an offering, for example, than the SMB themselves could provide.

Cloud Computing Journal: 2013 seems to be turning into a breakthrough year for Big Data. How much does the success of cloud computing have to do with that?

Woloszyn: Big Data, like other enterprise-scale technologies, would only be within reach of large enterprises without the support of cloud. Cloud has a democratization effect on new technology adoption, and allows for economies of scale that would otherwise be unaffordable by most organizations. This makes Big Data accessible by a much larger group of adopters, by virtue of cloud support.

Cloud Computing Journal: What about the role of social: aside from the acronym itself SMAC (for Social, Mobile, Analytics, Cloud) are you seeing and/or anticipating major traction in this area?

Woloszyn: There was a time when having a website was a requirement for organizations to be considered "real" and viable. Organizations without a website were viewed as either too small, or not viable, or not even trustworthy. Today, a website is mandatory for all organizations to do business. The same pattern is being followed for Social. Organizations now see an emerging requirement for social participation in order to be recognized as "real." The convergence of mobile and social and cloud has accelerated the growth of social as the primary and preferred interaction channels between the consumers and business, and between businesses themselves. Without a social presence, organizations today will simply not survive against those that actively exploit social media in their sales, marketing and other business functions.

Cloud Computing Journal: To finish, just as real estate is always said to be about "location, location, location", what one word, repeated three times, would you say Cloud Computing is all about?

Woloszyn: Cloud is all about "Security, Security, Security," where Cloud provides the security in cost savings, the security in access and availability, and the better security against present and future threats.

More Stories By Pat Romanski

News Desk compiles and publishes breaking news stories, press releases and latest news articles as they happen.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@CloudExpo Stories
Evan Kirstel is an internationally recognized thought leader and social media influencer in IoT (#1 in 2017), Cloud, Data Security (2016), Health Tech (#9 in 2017), Digital Health (#6 in 2016), B2B Marketing (#5 in 2015), AI, Smart Home, Digital (2017), IIoT (#1 in 2017) and Telecom/Wireless/5G. His connections are a "Who's Who" in these technologies, He is in the top 10 most mentioned/re-tweeted by CMOs and CIOs (2016) and have been recently named 5th most influential B2B marketeer in the US. H...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
@DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises - and delivering real results.
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optimal end user experience over hybrid-cloud and multi-cloud environments, no matter what the current state of the infrastructure is. To employ a delivery automation strategy that reflects your business rules, making r...
DXWorldEXPO LLC announced today that Dez Blanchfield joined the faculty of CloudEXPO's "10-Year Anniversary Event" which will take place on November 11-13, 2018 in New York City. Dez is a strategic leader in business and digital transformation with 25 years of experience in the IT and telecommunications industries developing strategies and implementing business initiatives. He has a breadth of expertise spanning technologies such as cloud computing, big data and analytics, cognitive computing, m...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
DXWorldEXPO LLC announced today that Kevin Jackson joined the faculty of CloudEXPO's "10-Year Anniversary Event" which will take place on November 11-13, 2018 in New York City. Kevin L. Jackson is a globally recognized cloud computing expert and Founder/Author of the award winning "Cloud Musings" blog. Mr. Jackson has also been recognized as a "Top 100 Cybersecurity Influencer and Brand" by Onalytica (2015), a Huffington Post "Top 100 Cloud Computing Experts on Twitter" (2013) and a "Top 50 C...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve fu...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Daniel Jones is CTO of EngineerBetter, helping enterprises deliver value faster. Previously he was an IT consultant, indie video games developer, head of web development in the finance sector, and an award-winning martial artist. Continuous Delivery makes it possible to exploit findings of cognitive psychology and neuroscience to increase the productivity and happiness of our teams.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...