Click here to close now.

Welcome!

@ContainersExpo Blog Authors: Liz McMillan, Harry Trott, Elizabeth White, Adrian Bridgwater, Pat Romanski

Blog Feed Post

Cloud Computing, the NSA, and Why Businesses Should Care

Listen: as cloud computing consultants, we drink the cloud computing koolaid. We’ve implemented cloud-based software for businesses of all sizes, across just about every industry. We’ve seen it revolutionize how businesses work.

We’ve also seen security become a very real and increasingly serious concern.

Don’t worry, it’s safe!

When we first began showing cloud-based software to clients, the idea of storing your data remotely was a new concept. Like clockwork, clients were all concerned about security. Is my data safe? What happens if the software company folds? Can we be hacked?

cloud securityLike good cloud computing consultants everywhere, we’d listen, smile, shake our heads, and explain why clients needn’t worry, how storing your data on 3rd party servers was safer than storing it locally, how Google had armed guards.

And that was all true. In many ways, top-of-class cloud-based software tools do deliver top-notch security.

But in other ways, those early clients had prescient concerns. The shift to cloud computing has – in subtle and not-so-subtle ways – followed a fundamental shift in data and how we think of property writ large.

Lets rewind….

Software-as-a-pain-in-the-ass (SAPAS)

Before Salesforce, before Google, there were local servers and hard drives. If businesses used software (and that’s a big “if”), they had it installed locally, on-site, on their own computers or servers. Barbaric, I know.

This had major disadvantages: accessing your programs if you weren’t at the office was a pain. Syncing data between workstations was a nightmare. Collaborating in real time without overwriting was impossible.

Then there were the bills. Typically, companies paid third-party consultants like us huge retainers to maintain servers, push updates, and install patches. The value-add of those consultants was technical – they operated as IT janitors, doing the dirty work that no one else wanted or knew how to. Inexplicably, this is still a viable business model.

But for many businesses, cloud computing changed all that.

Enter the cloud

With cloud computing, businesses didn’t have to worry about maintaining anything. Sign up for an account and you’re done: the vendor does all the dirty work, no middle-man necessary. Just you, your data, and your sweet, innocent software.

Other advantages followed. Because vendors no longer relied on resellers for sales, the market was flooded with new software options – and increased competition meant better, cheaper products. And because the cloud affords technical advantages (such as integrations), the feature-set deepened. What could possibly go wrong?

The fight for your data

As many, many observers predicted, data privacy and security is today a major concern for businesses. This fact is highlighted by recent revelations about the NSA’s writing backdoors into consumer software, and Target losing credit card data on tens of millions of its customers.

Used to be, we didn’t care much about that stuff. It won’t happen to you.

business hackerBut the reality is, something major has happened. Most businesses don’t have technical control of at least some – if not all – of their data anymore. Their banking data, their client data, their sales data, their documents and records – for millions of businesses, that stuff is stored on anonymous data servers and leased back.

Now, I’m not saying that’s an inherently bad thing. And it’s still true, for most businesses, that their data is safer (in some ways) now than it was when it was recorded on some dusty Exchange server in the closet.

But it’s also true that vendors, businesses, and consultants all need to do a better job of being honest about the state of software security. Too many vendors say “we use bank-grade encryption” and leave it at that. Too many clients aren’t asking the right questions. And too many consultants just don’t care.

A better way

By definition, cloud computing means a loss of some control. A relinquishing of technical reigns in return for better products. That’s just a fact.

But that doesn’t mean we can’t demand more.

Vendors should have transparent security outlines, where it’s 100% clear where your data is, what they’re doing with it, how it’s protected, and what they plan to do when something goes wrong.

Businesses should demand more. When vendors or consultants don’t address security, they should force the issue – and don’t accept anyone rolling their eyes.

Consultants should care more. They should know about SSL vs TSL; the difference between hashing and encryption; the strengths and limitations of multi-factor authentication.

This stuff is stressful to think about, but it’s super important. We’ve never had a client or a vendor suffer a data breach, but we also know it’s a lottery – and it’s up to us (and you) to mitigate risks.

VM Associates is a New York City cloud computing consulting firm. We help companies transition into newer, better, smarter software. Contact us to talk about your business, the cloud, and how we might help.

The post Cloud Computing, the NSA, and Why Businesses Should Care appeared first on VM Associates.

Read the original blog entry...

More Stories By Chris Bliss

Chris Bliss works at VM Associates, an end-user consultancy for businesses looking to move to the cloud from pre-existing legacy systems.

@ThingsExpo Stories
SYS-CON Events announced today that BMC will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. BMC has worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, BMC pairs high-speed digital innovation with robust IT industrialization – allowing customers to provide amazing user experiences with optimized IT per...
Imagine a world where targeting, attribution, and analytics are just as intrinsic to the physical world as they currently are to display advertising. Advances in technologies and changes in consumer behavior have opened the door to a whole new category of personalized marketing experience based on direct interactions with products. The products themselves now have a voice. What will they say? Who will control it? And what does it take for brands to win in this new world? In his session at @ThingsExpo, Zack Bennett, Vice President of Customer Success at EVRYTHNG, will answer these questions a...
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be - especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. In his session at @ThingsExpo, Ryan Bagnulo, Solution Architect / Software Engineer at SOA Software, focused on desi...
The multi-trillion economic opportunity around the "Internet of Things" (IoT) is emerging as the hottest topic for investors in 2015. As we connect the physical world with information technology, data from actions, processes and the environment can increase sales, improve efficiencies, automate daily activities and minimize risk. In his session at @ThingsExpo, Ed Maguire, Senior Analyst at CLSA Americas, will describe what is new and different about IoT, explore financial, technological and real-world impact across consumer and business use cases. Why now? Significant corporate and venture...
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile devices as well as laptops and desktops using a visual drag-and-drop application – and eForms-buildi...
While great strides have been made relative to the video aspects of remote collaboration, audio technology has basically stagnated. Typically all audio is mixed to a single monaural stream and emanates from a single point, such as a speakerphone or a speaker associated with a video monitor. This leads to confusion and lack of understanding among participants especially regarding who is actually speaking. Spatial teleconferencing introduces the concept of acoustic spatial separation between conference participants in three dimensional space. This has been shown to significantly improve comprehe...
There will be 150 billion connected devices by 2020. New digital businesses have already disrupted value chains across every industry. APIs are at the center of the digital business. You need to understand what assets you have that can be exposed digitally, what their digital value chain is, and how to create an effective business model around that value chain to compete in this economy. No enterprise can be complacent and not engage in the digital economy. Learn how to be the disruptor and not the disruptee.
The enterprise market will drive IoT device adoption over the next five years. In his session at @ThingsExpo, John Greenough, an analyst at BI Intelligence, division of Business Insider, will analyze how companies will adopt IoT products and the associated cost of adopting those products. John Greenough is the lead analyst covering the Internet of Things for BI Intelligence- Business Insider’s paid research service. Numerous IoT companies have cited his analysis of the IoT. Prior to joining BI Intelligence, he worked analyzing bank technology for Corporate Insight and The Clearing House Pay...
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. According to a recent IDG Research Services Survey this rate of traffic will only grow. What's driving t...
The Internet of Things promises to transform businesses (and lives), but navigating the business and technical path to success can be difficult to understand. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, demonstrated how to approach creating broadly successful connected customer solutions using real world business transformation studies including New England BioLabs and more.
The world is at a tipping point where the technology, the device and global adoption are converging to such a point that we will see an explosion of a world where smartphone devices not only allow us to talk to each other, but allow for communication between everything – serving as a central hub from which we control our world – MediaTek is at the heart of both driving this and allowing the markets to drive this reality forward themselves. The next wave of consumer gadgets is here – smart, connected, and small. If your ambitions are big, so are ours. In his session at @ThingsExpo, Jack Hu, D...
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
The recent trends like cloud computing, social, mobile and Internet of Things are forcing enterprises to modernize in order to compete in the competitive globalized markets. However, enterprises are approaching newer technologies with a more silo-ed way, gaining only sub optimal benefits. The Modern Enterprise model is presented as a newer way to think of enterprise IT, which takes a more holistic approach to embracing modern technologies.
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impact.
There's no doubt that the Internet of Things is driving the next wave of innovation. Google has spent billions over the past few months vacuuming up companies that specialize in smart appliances and machine learning. Already, Philips light bulbs, Audi automobiles, and Samsung washers and dryers can communicate with and be controlled from mobile devices. To take advantage of the opportunities the Internet of Things brings to your business, you'll want to start preparing now.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect at Hookflash, will walk through the shifting landscape of traditional telephone and voice services ...