Data-Storage-Costs

Preserving Value in Future Ready Storage Solutions

Storage solutions make or break the systems they support and yet these same systems are routinely seen as a cost to be decreased, rather than a competency to be developed. A racer doesn’t remove his engine if he expects to compete. However, rational, well-intentioned businesses sacrifice storage capabilities in an attempt to improve the bottom line. Those who wish to be future ready must think differently. The fact is that storage supports the business and it will be even more important as we move forward into this data-driven economy.

Traditional cost factors and costly mistakes

Storage as a component of IT, is often seen as a cost of doing business. You can’t run a business without looking at costs, but costs are only part of the picture. Companies exist to provide some value and the costs they incur should be contributing to that value. Cutting cost without regard to their value erodes organizational effectiveness, ultimately leading to organizational demise. That said, storage is a cost, but it is more important to view it as a component of the organization’s core competency, and a large contributor to the value the organization offers to its customers.

IT decision makers are still looking for storage solutions that reduce rack space, lower power and cooling costs and meet IOPS (Input/Output Operations per Second) requirements at a low price point. That much hasn’t changed, but continued progress in these areas has primarily been the through the increasing use of flash storage. Flash uses less power and produces less heat and it now comes at an affordable price.

“Compared with other storage solutions in our data center, we have seen a 100 to 200 percent increase in data speeds with our all-flash Dell storage arrays,” says Xu Hui, chief information officer at Daqo Group.

It can also meet IOPS requirements with fewer disks or chips so I/O intensive apps can run off a smaller footprint. Flash capacity has also been changing  with technologies like 3D flash memory allowing for arrays to be flash only, and it comes in a variety of flavors such as SLC, MLC and TLC that offer different price to performance ratios.

For those choosing to retain their spinning disk systems, power and cooling costs cannot be ignored. These aging systems can be costly to maintain. Some organizations may need to keep their data in house due to regulatory or data sovereignty issues, so use cases vary. However, opportunities abound for moving archival functions to the cloud rather than keeping costly nearline storage systems running. Cache locally and hybrid solutions are giving organizations more ways to move active data to the cloud as well which is replacing traditional capital expenditures with operating expenditures.

Some companies do not need the IOPS that flash offers. They are more than happy with a few hundred or thousand IOPS, especially in network attached storage. Some businesses have difficulty adopting flash because of the initial cost, especially when they have an existing system in place that seems to do the job. However, configuration and utilization mistakes are far too common. RAID (redundant array of independent disks) groups are sometimes overprovisioned in order to meet IOPS requirements resulting in lower disk ROI. In other cases, the full cost of ownership of a storage system is not factored in because cost factors such as power and cooling are not assigned directly to the underlying resources, but are managed in their own bucket instead.

Long-term storage value

Each company exists for some purpose and employees work towards that purpose. Similarly, the technology an organization employs is also utilized to further organizational goals such as producing a product, organizing teams, communicating with employees and customers, and making sure that everyone is paid at the end of the day. When you look at organizational assets in terms of their value, it is easy to see which things should be enhanced and which should be removed. Systems that do not provide value should be cut or replaced and those that can bring more value should be enhanced.

Agility is a key factor in both the business of today and tomorrow. Organizations need storage systems that can be deployed quickly and easily to protect their data from loss, ensure its availability when needed, and respond quickly to application and end user requests. Fortunately, deploying storage systems can be much easier today, and some systems are preconfigured for certain use cases. Hyper-converged systems, for example, are already preloaded with software for a workload. These systems are practically ready to go when they are plugged in. This can be quite advantageous for those companies that know what they need. However, other companies need flexibility with platforms that can support a wide range of workloads which flash and hybrid tiered storage can provide.

I would be remiss if I did not mention security because security preserves data value. Organizations rely upon their data, and they receive significant competitive advantage from it. This competitive advantage is maintained when the security of their systems remains intact.

Lastly, users demand instant access to emails and files while databases are ever-hungry for more speed. Future ready storage solutions will see the most value when they can meet or exceed demand. This will allow organizations to make decisions quicker, create solutions for customers in less time and innovate faster than ever before. This is a bright future where technology is leveraged to allow people to do more than they thought possible. The future starts now. Is your storage ready for it?

Continue reading

Share Button
Human brain vs. computers in the identity challenge

The human brain vs. computers in the identity challenge

The concept of identity is core to the protection of data.  Data and other computing resources exist to be used by individuals, each of whom has an identity that is used to grant of deny access to such resources.  However, identity is not limited to humans.  Computer services also have an identity that allows them to interact with other services and data.

As humans, we understand identity as all the characteristics that are representative and unique of an individual and our method of validating identity comes naturally in the course of interaction.  We recognize and associate these characteristics with a unique person and our ability to associate characteristics with a person increases with our exposure to the individual.  Exposure does not need to be direct, such as spending time with them, but can be gained indirectly through activities such as reading or talking about them or seeing them on TV.  This is why some persons are more easily recognizable than others.  Consider how you recognize the touch of a loved one or the voice of your mother whereas a former acquaintance’s name may be unfamiliar to you, even when encountering them face to face.  Similarly, popular personalities such as actors or politicians are easily recognized by each of us even if we have never met them personally.  Similar methods are used to build trust.  You wouldn’t let a stranger borrow your car, but this might change as strangers become friends.

Computers, likewise, can use a variety of characteristics to validate a claimed identity but the methods of recognizing that identity differ from humans.   Users validate their identity to a computer by claiming an identity and then providing credentials to back up that claim in a process called authentication.  For example, a username claims an identity while the correct corresponding password validates it.

However, there are several important distinctions between the identification that occurs on a computer system and identification between persons.  Computers have an advantage over humans in that they do not forget user identities over time but their methods of identifying a person are much more limited.  Whereas a human can use hundreds of characteristics to make an identity and they can associate a different set of characteristics with different people, a computer system typically only supports a few very structured methods of identification.  The most familiar method of authenticating to a computer system is the traditional username and password, but other methods such as fingerprints, facial recognition, proximity cards and secret questions can also be used.

There are further distinctions between computers and humans in terms of trust.  Humans trust an individual based on their experience, knowledge and interactions with the individual, but computers trust an individual only as far as the user’s permissions dictate.  Permissions determine how an identity can interface with data including viewing, modifying, creating or deleting it.  Other permissions might allow a user to issue commands to a computer system, run a program, or utilize a service.

Mitigating computer-based identity weaknesses

Both human and computer identification systems suffer from inherent weaknesses.  A computer’s limited methods of identification and the structured method used to evaluate identity make it relatively straightforward for an individual to programmatically exploit these methods and fraudulently authenticate.  These characteristics are also an advantage since a computer will always stick to the rules and enforce the identity requirements for an individual when identity systems are implemented properly.  Computer weaknesses are commonly exploited through credential cracking, credential theft, and the exploitation of authentication system vulnerabilities.

The overly simplistic solution to the problem would be to combine the advantages of both systems together.  However, this does not work well in practice.  Multi-factor authentication — utilizing multiple methods for validating a claimed identity — is a well-accepted method for improving authentication over single-factor authentication, but this is often limited to a small handful of identifying characteristics.  This limitation primarily lies in resistance from users of computing systems who resent the time required to present multiple credentials or the need to carry items on their person in order to authenticate.  Some of the most effective systems utilize a combination of user provided credentials and data the computer system can collect on its own such as the location, device initiating the connection, and time and date, but still fall short of what can be utilized by a human in identification.  Furthermore, these credentials can still be faked or fraudulently obtained.

Human interaction typically detects a change in identity or behavior naturally in the course of interaction, but computers validate identity once and then trust the identity has not changed between a user’s logon to a system and their logoff, also known as a session.  This presents a problem for enterprise security since malware, shared sessions, or idle sessions that have not been locked, allow for misuse by others.  The computer system cannot differentiate between activities taken by a coworker on another user’s computer or malware running in a user’s session and legitimate activities performed by the user.  This risk is somewhat mitigated by automatically logging off idle sessions and by locking out computers at specific intervals, but this still leaves a lot of room for session compromise.

Some systems are beginning to revalidate credentials periodically to protect against a compromised session.  The most basic systems simply revalidate at predefined intervals while more advanced systems utilize a variety of variables and complex algorithms to evaluate the level of assurance they have in the identity.  For example, user interaction may be abnormal which could trigger reauthentication or the user could change location, or login in two locations simultaneously, also prompting reauthentication.

A variety of systems under the umbrella of Identity and Access Management (IAM) have been created to handle computer identity based on the scope and complexity of the need.

Mitigating human-based identity weaknesses

Humans are not as disciplined in validating identity and humans can become distracted.  A pretty smile or a few friendly words will not be enough to get past a computer, but they work just fine and quite often with humans.  Other techniques such as making oneself appear to be an authority figure, playing on emotions, or asking for help, exploit general human characteristics.  I refrain from calling them weaknesses because they are vital to positive social interaction but they can present a threat when exploited by a malicious individual such as a social engineer.

Human weaknesses are the targets of social engineering, cyber persuasion schemes that entice users to divulge their credentials or perform actions on the social engineer’s behalf.  This threat is reduced through security awareness training, documentation and enforcement of policies and procedures, and a culture of security.

The threats to identity compromise, both with computers and humans, have been the force behind many of the security controls in place today.  Humans and computers handle identity very differently but both access and interface with organizational data and both are potential targets for identity compromise when they are protected independently. However, when humans and computers are integrated into a human-centric security strategy, their strengths and weaknesses can reinforce one another.  When humans lack consistency, a computer assists and when computers have difficulty validating, humans add context and experience.  As a result of this increased understanding of human-computer strengths and weaknesses, the security controls that comprise a human-centric strategy are easier and more intuitive for users.  This results in fewer mistakes or security workarounds and it increases productivity by reducing security complexity.  Simply put, humans and computers combined are a winning combination.

Continue reading

Share Button
data-new-storage

Big Data ROI – How to use what you already have

We may not be using more of our brains but we can probably use more of our data. Did you know that organizations typically use only 1 percent of the data they collect? Why is this and how can we change it? Do organizations need more motivation, utility, expertise, tools, or just better data retention policies?

The problem of motivation

Motivation is the driving force behind activity but businesses, and the people who run them, are often juggling many priorities. Big data may just not be on the top of their list. It is easy to push analyzing organizational data because it seems easy to keep it around. After all, storage media continues to grow and is available at lower cost. However, there are additional costs, especially associated with the loss of data in a breach that organizations do not often factor in when considering the cost of storing data that may or may not be utilized in the future.

At the same time, some organizations struggle with motivation because they are always waiting to collect a bit more data before analyzing it. Statistical analysis is typically more reliable as data sets grow. However, machine learning can be used to fill in the some of the gaps once an analytical program has been sufficiently trained. Still, no matter what method is used, a minimum amount of data will be needed for a relatively accurate analysis and some companies are afraid of acting on potentially incorrect data. The downside of this is that they are also waiting to capitalize on the benefits of the data they hold.

Motivation needs to come from the top down if you want the use of data to be both successful and consistent. Organizational leaders must decide what they want to achieve from their data and then empower those best suited to analyze the data the task of putting it all together to obtain meaningful and valuable results.

Finding the utility

Lack of data ROI could also be due to a lack of value or utility. Some organizations collect data just because it is there or because it was provided but they have no need for the data and it is not producing them any value. Further, they see no value in the information. In this case, the best course of action is to make an informed decision as to whether the data is valuable. If it is not valuable, the organization should delete the data so that they do not have to expend resources managing and protecting it.

Achieving expertise

Analyzing big data, configuring machine learning algorithms, evaluating outcomes, and implementing the underlying analytical systems for big data requires a high level of expertise in a variety of disciplines. Some organizations do not have the expertise or they are in the process of developing that expertise.

Those that are new to analyzing big data might seek the help of a trusted partner to get them up to speed or they may outsource the role entirely. However, given the value of organizational data and the risk of exposure, outsourcing should be treated with a due diligence assessment of the outsourced company’s capabilities and reinforced with a strong contract.

Building better models and tools

Those who are using big data probably see room for improvement, especially in the models they are using to interpret the data and, in lesser cases, the software and infrastructure they utilize. Cloud computing can offer great advantages in expanding to meet big data needs and in providing the raw computing power to analyze large data sets. Other companies are deploying private or hybrid clouds so that they can offer more customized analytics to decision makers.

Performing better housecleaning

Lastly, some only use 1 percent of their data because they simply do not have a policy and procedure for removing useless data. A large component of this is the data retention policy which spells out how long different types of data will be stored by the company and when that data will be destroyed. Additionally, some data that fits certain criteria may be removed immediately. This might include spam or other junk emails, draft files, temporary files, Internet history, cookies, or encryption keys. Removing this data makes it easier to manage the remaining data and it can prevent malicious outsiders from obtaining data that could be used to launch attacks or otherwise harm the company or its customers.

Humans only use a small portion of our minds and we use an even smaller portion of the data we collect. The good news is that there are viable strategies companies can employ to begin utilizing more of that data. So what is holding you back?

Continue reading

Share Button
Data-security

Top security initiatives for 2016

2016 is going to be a big year for security. News of data breaches and the major technological innovations of 2015 will put more pressure on companies to implement effective organizational security. I believe 2016 will see major initiatives in these seven areas:

  1. Securing the supply chain

2015 demonstrated the need for organizations to ensure that their weakest security link does not lie among one of their suppliers. Some of the security breaches that occurred were the result of suppliers or partner companies that were handling or had access to company information.

The supply chain relies on sharing of information in order for it to function effectively and 2016 will see an increase in initiatives to implement a standard or minimum set of security controls throughout the process and wherever sensitive data is shared with suppliers or other partner companies.

  1. Leverage more data analytics for security

Big data has been growing more and more each year. It has been leveraged greatly in determining shopping habits, customer needs, process improvement and many other areas but I believe 2016 will see a growth in the use of big data in security. Big data can be used to predict likely targets, identify attack patterns, detect network or data anomalies that indicate abnormal activity such as a data breach, validate data sources to better screen out garbage data or identify areas where security controls are performing well. This is all very valuable in protecting organizational assets. It is also valuable to governments trying to protect their citizens and companies against attacks from foreign nations and companies.

  1. Internet of Things security

The Internet of Things (IoT) is expected to explode next year. As more and more devices come online, companies will develop new strategies and technologies to protect the devices and the data produced from those devices. I expect the innovation in IoT and IoT security will also trickle over to other areas of security, helping to improve security overall.

  1. More companies will hire a security executive such as a CSO

The Chief Security Officer (CSO) will be a more common member of the “C-suite” in the next year as companies realize that top level support is required and an independent executive division is needed to ensure transparency and functionality between technical, operational, financial, legal and other critical business areas.

CSOs will be expected to implement security best practices and work with compliance officers or teams to ensure adherence to relevant regulations. They will also be responsible for aligning businesses and security goals so that security initiatives are more effective.

  1. Find ways to hire and retain valuable infosec talent

2016 will see an increase in hiring of other infosec professionals, as well. CSOs will need a team to achieve their objectives and they will not be able to fill that need entirely from existing resources. Such resources may include risk management professionals, security analysts, penetration testers, security engineers and architects, security managers and other security professionals.

  1. Extend security to the mobile device

Employees today are not just mobile, they are mobile with multiple devices. Employees may have a laptop, tablet, and smartphone each connected to the corporate network. Companies will be implementing more controls to extend organizational security to the mobile device. This will include mobile device management systems but also more transparent security such as data driven security, identity management systems that integrate across mobile and traditional platforms and cloud systems that offer services to mobile and traditional systems alike.

  1. Encryption is the new “minimum” security

The regulations have spoken and encryption is practically the new minimum standard for security. 2016 will see an increase in the use of encryption for key systems such as email, network communications, web traffic including traffic that was previously not deemed sensitive, end user computers and mobile devices and servers. Those systems that are already using encryption will most likely get an upgrade to the type of encryption used or to the way they manage keys so that they are in line with best practices.

Do you see any other security initiatives coming forward in 2016?  Please share your thoughts with on Twitter @evanderburg and copy @DellPowerMore.

Continue reading

Share Button
Hololens

FashionLens – A virtual dressing room for Microsoft HoloLens

You probably remember Microsoft’s announcement for their augmented reality hardware called HoloLens which occurred around the announcement of Windows 10.  For those of you who did not see their popular promotional video, look below.

Microsoft has requested ideas for uses of their HoloLens hardware so I submitted an idea called FashionLens which I am also posting here on my blog.

Try on clothing virtually!

There would be two modes to this functionality. First the program needs to get detailed body measurements and then you could choose products from participating stores and try them on yourself with holoLens and see it from your own point of view.

The second mode I would call “mirror mode”. Here, the user would choose to create a mannequin or avatar of themselves and the clothes would be placed on the personal avatar. The user could walk around the avatar and look at it from different angles or command the avatar to sit down or position it in different poses my moving it around with their hands.

There are a number of features that would be common to both modes. Users would be able to adjust how the garment hangs on themselves, tuck shirts or blouses in, wear pants at their preferred level on their hips, or leave buttons undone. Users would also be able to try items out with those from their own wardrobe. Speaking of the wardrobe, users would be able to scan the barcode on their own clothing or search through a database to add clothing to their wardrobe so that they can mix and match new items with those they already own.

Users would also be able to take pictures of themselves in the virtual clothing that could then be submitted to participating stores to be potentially included with product information or they could easily share the pictures on social media to receive feedback from others before making a purchase.

So what do you think?  Check out other ideas at Microsoft’s Hololens site or vote for this idea here:

https://microsoftstudios.com/hololens/shareyouridea/idea/fashionlens-a-virtual-dressing-room/

 

Share Button
Black-Friday-Phishing

4 ways to avoid holiday phishing on Black Friday

Cybercriminals are raising the black flag this Black Friday and Cyber Monday. These are the biggest shopping days of the year and these criminals know that the sales ads and offers will soon start pouring in. Buried among those offers will be fake deals from these cyber criminals. Use these tips to stay safe this year.

1. Verify deals

The first thing you can do is verify deals on the retailer’s website. If you receive a deal from a website, go to the site and verify the same deal there rather than trusting the email alone. Do not click the links contained in the email to access the site as these might take you to an attacker site first or direct you to an entirely different site. Please note that phishing sites may look exactly like legitimate sites such as Best Buy or Walmart. Type the address for the site you wish to validate in your browser instead.

2. Verify addresses

Sometimes retailers send out deals only to those who subscribe to their mailing list. In such cases, you will not be able to verify the deal on the retailer’s site. If you still believe the message might be a hoax, you can verify the addresses in the email links. Hover over links in the email to see the address. Make sure the address displayed matches the address in the link. Make sure that links attached to images are going to the retailer’s website address. For example, if the email has a picture of a Dell laptop and it says it is from Dell, make sure that the address is Dell.com.

Also, make sure that there are no additional names following the .com. Dell.com.dealsexpress.fr will not take you to Dell.com. The address is composed of a few elements. Items before the site name are subdomains so support.dell.com is a subdomain of Dell.com. Items listed before the .com, .org, or other top level domain name in the address direct you to a specific site while items following a / will take you to a specific location on that website. For example, Walmart.com/toys/lego.html would take you to a page called lego.html in the toys folder on the Walmart.com website.

3. Browser warnings

If you do click a link and your browser displays a warning, close the browser window or tab and do not proceed to that link. Browser warnings might include “There is a problem with this website’s security certificate” or “This connection is untrusted”.  These warnings indicate a problem with the web site’s certificate.

Certificates are used by websites to prove their identity. Certificate issuers are companies that computers are configured to trust and companies go through a validation process and then purchase certificates from these companies. The certificates are installed on a website and then your browser verifies that the certificate was issued for the site you are visiting and that the certificate came from a certificate authority that you trust.

Take these warnings seriously and do not proceed to such sites. While there are some instances where a legitimate site could have a certificate problem, it is generally not worth the risk to proceed.

4. General phishing signs

You should also watch out for other phishing messages in addition to the holiday specials. Some other signs for spotting these messages include bad spelling, the request for personal information or a detailed sad story that requests you to send money.

I hope you stay safe this holiday shopping season. Catch the Black Friday and Cyber Monday deals without getting pillaged by following the tips above. Above all, remember if a deal sounds too good to be true, it probably is a hoax or a scam.

Continue reading

Share Button
Techsgiving

2015 #Techsgiving at CDW

CDW asked me what my must-have products were for #Techsgiving sweeps and I have to say the choice was rather easy. These five products are my choice for the person who likes to work smart and play hard at home and on the go.  Vote for your favorite #techsgiving package here for a chance to win the package or other prizes.

Dell Laptop

 

 

 

 

 

This set begins with a laptop that knows no borders. Dell’s new XPS 13” 9343 laptop features the amazing infinity display that will make you feel like what you see on your computer is part of the world around you. Not only is this display thin and almost borderless, it is also a QHD+ with a resolution of 3200×1800 with touchscreen capability to boot. The rest of the machine is no slouch either. It features an i7 processor, 8GB of memory and a 256GB solid state drive so you can work like a champ and its 802.11ac WIFI will keep you connected at to WIFI easily and reliably.

QNAP

 

 

 

 

 

 

My second item is the QNAP TS-653 Pro NAS server. This beast of a NAS has so many uses that even the most tech savvy of you will be hard pressed to utilize them all. It comes without drives but it has six drive bays so my next choice is six 3TB Western Digital WD30EFRX 6Gb/s SATA WDHDDdrives. This should be plenty of space for most of you so I would recommend you configure the drives in a RAID 5 with one hot spare. This means that you would have 4 drives for data, one for parity and one that would automatically be swapped in if a single drive fails. Even with that configuration, you would have 12TB of space. For those of you who need more, simply drop the hot spare and you will have 15TB.

Your QNAP is not just a storage device. You can connect it directly to your TV to display videos and images or play music. The popular XBMC/Kodi media center can be installed directly on it as well as other application such as Chrome. You can also use it as a DLNA player to stream content to network devices such as AV receivers, computers and smart televisions. The QNAP has a variety of apps that can be installed on it. My favorites include the backup station that can operate as a Mac OS time machine and a backup device for Linux and Windows machines. You can also connect it to cloud storage such as Dropbox to backup that data. Additional features include a VPN server, antivirus software, web server, FTP server and much more.

Now that you have a powerful computing device you can take anywhere and a storage device to hold all your digital content and make it available to you, you might wonder what else you would need.

4k TV

 

 

 

 

 

 

Well, the laptop screen is great for lying on the couch, traveling and so much more, but sometimes you want a larger than life experience. Just plug the laptop into a 4k display and you’ll be able to do even more. The Samsung UN40JU6400F is a 40 inch 4k display that really shines. It has so many pixels that you can display six, non-overlapping windows on this 4k display and redefine the meaning of multitasking. This unit has 4 HDMI connections so you can connect that QNAP to it as well, but, even if you don’t, this TV is equipped with a wide variety of smart features including Netflix, Youtube, Hulu plus and web browsing.

Keyboard

The last item on my list is probably the best keyboard I have ever used. The Logitech G710+ is a mechanical keyboard that provides the perfect level of responsiveness, feedback, and speed. It is built for gamers but I use it for writing and have found that I can type noticeably faster with it. Logitech’s software can analyze how you type to show you which keys you utilize the most. The programmable keys can be used for games or you can program macros to perform common computer tasks. Such macros have the potential to save you a lot of time. You will also love the backlit display that can be adjusted or even turned off so that it provides the right amount of light for use. In the end, this is a polished, well-built keyboard with enough features for gamers and power users alike.

So, if you are like me and you want to work hard and play hard, grab a few of these great products for #Techsgiving. The only problem you’ll have is determining what is work and what is play.

 

Share Button
Hybrid-cloud-no-compromise

No compromise with the hybrid cloud

This statement may be familiar to many who have considered cloud services and it was both the start and end to many cloud discussions.

What is most important to you, cloud security and service customization or flexibility and cost?

Those who picked security and service customization adopted a private cloud model and those who picked flexibility and cost chose a public cloud model. Those that couldn’t choose continued using traditional IT to solve today’s problems and they had a tough time of it.

The good news is that you don’t have to make that choice anymore. Security, service customization, flexibility, and cost objectives can each be met through a merger of public and private cloud approaches in the hybrid cloud. To understand how this works, let’s briefly explore both prior models and the compare them to the hybrid cloud.

Security in public and private clouds

Organizations have more control over data and services when using a private cloud. This control allows for cloud services to be tailored to the company’s security strategy to better protect the data including security controls, and procedures necessary to meet compliance requirements. Along with greater control is increased visibility into the system for easier management and incident response. For example, computer forensic or investigative work can be streamlined as no third party limits access to the data or logs and the organization can collect evidence directly, resulting in a clearer chain of custody. Public clouds offer less visibility and control, making it harder to enforce security requirements, perform investigations, collaborate on incident response and notify customers quickly about data breaches. They have received the most criticism for their ability to securely protect data, especially in regulated businesses that must meet compliance requirements.

Private clouds may be shared among business units but they are not shared between unknown entities as is common in public cloud offerings. This reduces the chance that a successful exploit of a neighboring cloud system will impact organizational systems. However, public clouds are by nature targets because they are visible, well-known repositories of data. Attackers may not know what data resides in a public cloud or whether it is worth their effort to attack but public clouds hold so much data that they make a tempting target for attackers. By placing data in a public cloud, consumers are no longer a target of opportunity, they are a target of intent.

Flexibility

Public clouds offer the best flexibility since they can be expanded or adopted almost at will. Cloud consumers purchase just the services they desire. When they want more storage or additional processing power, they simply increase their cloud plan. Similarly, when they no longer need resources, they can release them back to the cloud.

Private clouds differ greatly in their flexibility. Organizations often purchase the servers, storage, and networking equipment along with the necessary software to set up a private cloud and they must pay IT personnel to maintain it. They also need to make purchases as the environment grows. Unfortunately, if demand for the private cloud shrinks, the investment is already made and the organization must find a different use for the equipment or suffer a poor return on investment when the equipment stands idle or when IT staff are not fully utilized. Hosted options are available for private clouds, but the organization must still have staff who are capable of managing the private cloud.

Public and private cloud cost models

Cost models differ greatly between cloud offerings. Public cloud pricing is based on service level and utilization. This tends to work well for companies that want to keep service costs aligned to usage. Private clouds often require direct capital expenditure, as mentioned above, or at least additional staff to manage, create and expand them.

Putting it together with the hybrid cloud

The hybrid cloud combines elements of the private and public cloud models. Private cloud elements provide the portal to services but public cloud elements can be used to extend the private cloud as needed. This makes the hybrid cloud flexible. Standardized elements that do not need the enhanced security of the private segment can be moved to the pubic segment, allowing for growth without as significant investment in capital equipment.

Data flows between public and private segments of the hybrid cloud can be fine-tuned to adhere to organizational security, privacy and compliance rules. For example, sensitive or confidential data, such as trade secrets, financials, and customer information could reside on the private element of the cloud while more operational data and public data are pushed to the public segment as needed. Alternatively, data could be allowed to be pushed to the public segment of the hybrid cloud but would only be able to reside there for a limited time and the data would be encrypted automatically.

I’m happy to say that you don’t have to choose between security and service customization or flexibility and cost. You can get it all in the hybrid cloud. For those who have rejected public or private cloud models, I encourage you to seriously consider the hybrid cloud. Tomorrow’s challenges will come in all shapes and sizes, many of which existing IT cannot handle. Move to a platform engineered for the future and reshape your business with the hybrid cloud.

Continue reading

Share Button
Cloudsizing

Cloudsizing: Finding the right fit for your cloud

The maturation of the cloud is fascinating as it continues to adapt, providing more opportunities for companies and consumers to leverage the vast computing and storage power of computers around the world. Whether those resources are housed in a corporate data center or dedicated hosting facility as part of private cloud services or through third party public cloud offerings, the cloud is most likely part of your everyday life and it is one of the biggest technology growth areas, offering companies ways to save money and become more adaptable to change.

There are many options for cloud consumers, those utilizing or wishing to utilize cloud services. A large differentiator in cloud types lies in ownership and operation of the cloud infrastructure and three main types of clouds, private, public and hybrid are used to support differing business needs.

Private cloud

Private clouds allow business units to utilize cloud services without needing direct capital investment. The organization makes the investment in the underlying technology resources and support personnel to maintain the equipment and offers cloud resources to business units as a service.

Private cloud resources are not shared with other companies, resulting in predictable performance and optimized workloads. Neither are they restricted by the requirements of other clients. This allows for private cloud services to be customized so that they are tailored for the organization’s needs.

There are disadvantages to utilizing a private cloud. The main disadvantage is the large capital investment required on the part of the organization to implement and expand a private cloud. This makes it less flexible than public cloud offerings and more difficult for organizations to test the waters by deploying pilot or prototype systems or to offer services. Rather, prototypes and pilots must make a business case that results in realistic expectations of long-term revenue to cover capital expenses. However, an organization can set up a private cloud using outside hosted resources. The difference here between a private cloud that is hosted and a public cloud is that the private cloud resources are dedicated to you, not shared among multiple companies.

Public cloud

Public clouds, on the other hand, are what most end users think of when the word “cloud” is mentioned for these clouds are owned and operated by an outside entity and services are provided on a subscription basis, or sometimes for free. Cloud consumers can purchase only the services they need and they can easily increase or decrease their cloud resources by simply purchasing more or less. Public cloud services can also be made available very quickly to consumers because the infrastructure is already there. This is important for companies that need to rapidly respond to demand. In some cases, public cloud services can be provisioned hours or minutes later compared to days or weeks of procurement time in private clouds

Many public cloud services are designed for a specific use case that may or may not fit your own organizational use case. Public cloud providers do this in order to better manage their solution and reduce complexity of upgrades and maintenance. Public cloud services can be customized but this tends to increase the cost of the service and reduce service portability or the ability of the cloud consumer to migrate from one cloud provider to another.

Since public clouds are operated by a third party, consumers of the cloud do not have the same level of visibility into the underlying technology, processes and procedures that go into providing those services. This makes it more difficult to ensure that services in the cloud meet organizational compliance requirements. This is especially crucial when a data breach occurs and the organization must investigate and notify its customers. Public cloud contracts may not specify notification and compliance requirements leading to issues such as lack of timely notification of a data breach, inability to identify breach scope or other required data, and fines and sanctions against the cloud consumer.

Hybrid cloud

Both of these cloud models are powerful methods for providing organizational technology services but not all companies neatly fit into one of these two categories. This has led to the rise of the hybrid cloud. The hybrid cloud extends the private cloud to the public cloud. This adds the flexibility private clouds lack but still allows the organization to manage the data, processes and controls in the way they do with a purely private cloud.

In a hybrid cloud, customizations can be integrated on the private segment while standardized, out-of-the-box, portions of a solution are located on the public segment. This allows the organization to tailor the solution to their needs without limiting their ability to move the standardized elements to another cloud vendor or to spread the workload and service availability risk among multiple cloud vendors.

One significant benefit of the hybrid cloud is the ability to utilize existing infrastructure and to migrate portions of a service to public segments over time. This reduces the disruption a large change would have on system availability and utilization which can increase productivity. The front-end of a system can stay the same for users while back-end components are moved around the hybrid cloud.

The piece that makes this all work is a hybrid cloud service and associated management tools such as Dell Cloud Manager.  These tools centralize the administration of the hybrid cloud and interface with the public and private segments to enforce defined rule sets and establish communication and functionality between the components.

Wrapping it up

The hybrid cloud offers many of the advantages of both public and private clouds. This is not to say that the hybrid cloud is the best solution for all cloud scenarios as many services may still find that a private or public solution meets their needs. The biggest news and key element of the hybrid cloud is its fit for the myriad solutions that have yet to make their way to the cloud due to one objection or another or for those that had to settle for one type that did not truly meet their needs. With hybrid in the mix, cloud services can be more ubiquitously deployed and utilized, resulting in increased agility, closer alignment to operational objectives, and a better match of technology expenses to revenues.

Continue reading

Share Button
Call-Screen

Screen your calls in the cloud

I used to be agitated by the sound of the phone. My wife and I both have cell phones but we got a land line because there are some parts of the house where we have no reception and we occasionally misplace our phones. Shortly after we purchased it and before we could even give the number to friends, the calls started. Political calls, sales calls, and a plethora of other junk was funneled into our house. It was as if I had hooked up a sewer pipe directly to my kitchen and it dumping garbage calls into my home, hence the agitation.

Most of the calls were automated; robots per se. Companies have found it is much cheaper to record a call and then automate the call and playback process rather than hire the work out to a call center. Internet based phones, like the one I have, called Voice Over IP (VOIP) phones make it even easier and cheaper for companies or individuals to implement these automated calls. Such calls have earned the name robocalls and are increasingly used for illegal sales calls and scams. These internet-based calls often originate from overseas but have domestic phone numbers, real or spoofed, which allows them to violate the FTC’s National Do Not Call Registry so don’t count this registry to save you from them.

I wanted to get rid of the phone all-together but my wife, wanting to always be connected with friends and family, had become somewhat attached to the security of a backup line. My first step was to get a phone that audibly announced the caller ID so that I could avoid getting up for more junk calls. I then did my best to ignore the incessant ringing once I heard the telltale caller ID of another vapid robotic exchange.

Last week, however, everything changed. I was preparing for a presentation on hacktivism and I was researching how to prevent fax spam when I came across a cloud-based service that claimed to stop robocalls. I instantly wanted to learn more. Not only did this company claim to have good success in preventing these calls but they were offering the service to consumers for free.

The service I am talking about is Nomorobo. It is pronounced like No More Robo and it came out of a robocall challenge issued by the FTC to develop a solution to the robocall problem. Nomorobo maintains a black list of bad calling numbers but robocallers routinely change their numbers and these are often spoofed, meaning that they are not the actual number that the calls originate from. For this reason, Nomorobo only keeps a number in the blacklist for a short time and relies more on the characteristics of the call in much the same way that spam messages are blocked.

Now, some robocalls are legitimate ones that I actually would want to receive. These include calls from my doctor reminding me of an appointment or from my pharmacy about a prescription to pick up. Nomorobo can identify legitimate robocalls and allow those through so you do not miss that appointment or forget that prescription or bring the kids to school on a school closing.

The service relies upon answer anywhere, a feature of many VOIP carriers that allows calls to be sent to two numbers simultaneously. After signing up for Nomorobo and giving it your phone number, you log into your VOIP carrier and configure answer anywhere to go to Nomorobo’s number. Calls are then routed to both numbers and Nomorobo will drop calls after the first ring if they are a robocall. Nomorobo is currently supported on Verizon FiOS, Comcast Xfinity, Time Warner Cable, and AT&T U-verse.

So, in the end, you still receive the calls but the line will only ring once if it is a robocall. In the last year, Nomorobo has blocked 15.1 million robocalls. For me, it is blocking three to five calls each day. I am so much happier with this service and my wife can keep the phone.

Share Button