Archive for the ‘Security’ Category
Tuesday, January 17th, 2012 by Michael Sheehan
As is customary with the passing of an old year and the exciting entrance into a new one, people try to make their best predictions as to what the future holds within their area of expertise. For GoGrid, this is obviously around Cloud Computing. This year, instead of making my own prediction list (as I have done in the past), I thought it would be important to get some other expert voices from the GoGrid and cloud community to do this task.
The important thing to always remember here, especially when dealing with the cloud, is that it changes quickly. It’s similar to buying the latest technology, the moment you buy it (or make the prediction, in this case), it’s instantly outdated. But still, the process is fun if not, educational.
Below is a compilation of 2012 cloud computing predictions from a variety of subject matter experts and thought-leaders in the field of cloud infrastructure, security and services. The contributors are:
- Warren Heffelfinger (CEO – GoGrid)
- James Urquhart (Cloud Writer – GigaOm/VP of Product Strategies – enStratus/GoGrid Partner)
- Larry Warnock (CEO – Gazzang/GoGrid Partner)
- John Keagy (Chairman & Founder – GoGrid)
- Carson Sweet (CEO – CloudPassage/GoGrid Partner)
- Antonio Piraino (CTO – ScienceLogic/GoGrid Customer)
Because of the wealth of knowledge coming from this group, I have actually broken this article out into a series of 2 posts. Without further ado, onto the first set of predictions!
(more…) «2012 Cloud Computing Predictions from GoGrid Executives, Customers & Partners (Part 1)»
Tags: 2012, Big Data, Cassandra, cloud, Cloud Computing, Cloud Predictions, Encryption, enStratus, Gazzang, GigaOM, Hadoop, IaaS, James Urquhart, Larry Warnock, NOSQL, PaaS, Prediction, SaaS, Security, Storage, Telco, Warren Heffelfinger
Posted in CEO, Cloud Computing, General, GoGrid, Hosting, Industry, Public Cloud, Security | No Comments »
Monday, July 25th, 2011 by Michael Sheehan
As you may recall, at the beginning of 2011 we polled over 500 CTOs, developers and IT professionals asking them about various aspects of cloud computing. Questions included: What is cloud computing and how do you use it?, What security measures do you require in the cloud? and many more. The data from this cloud survey report provides a good idea of the current cloud computing landscape and upcoming trends as we race towards 2012.
Continuing on in the series, we wanted to know what IT professionals thought of cloud computing’s latest innovation: the private cloud. Private clouds have quickly become the topic of much conversation in the industry because they offer core public cloud technology but within a single-tenant environment. Before we jump into the results of our question, What aspects of the private cloud are most important to your organization?, it is important to have a clear understanding of what private clouds are.
What are private clouds?
There are quite a few ways how private clouds differ from public cloud offerings but I won’t go into all of the differences within this post. As I mentioned above, there is the idea of tenancy. To broadly generalize, public clouds are multi-tenant and private clouds are single-tenant. To expand on this concept a bit more, public clouds provide shared resources for consumption by multiple companies or organizations within the same server cluster. However, these resources are dedicated and fully isolated to those users in that networking, storage, RAM and CPU units are allocated to those users. This is very different than traditional shared hosting or VPS’s (Virtual Private Servers) – shared or VPS environments can, at times, suffer from over-allocation of resources or degraded performance if one user on a particular “machine” is “hogging” those resources. Public clouds effectively isolate those resources so that customers don’t experience usage hogs.
Private clouds are essentially public clouds but in an environment dedicated to one company, thus “single-tenant.” That does not mean though, that a private cloud cannot host multiple departments or business units from that single organization. Basically, a private cloud dedicates all of the resources to a single company or corporation and serves just that organization. The computer, storage and networking resources are most likely either owned by that organization, hosted by that organization or running exclusively for that organization but managed by another vendor (see GoGrid’s Hosted Private Cloud).
Private clouds frequently come at a higher cost than traditional public clouds mainly because public clouds give you economies of scale via larger infrastructure installations. Some companies may prefer operating in a non-shared environment due the higher amounts of control that they have on the infrastructure and the hardware or due to compliance or regulatory concerns.
(more…) «GoGrid Cloud Survey Report – The Importance of Private Clouds (Part 5)»
Tags: cloud, Cloud Computing, False Cloud, Hosted Private Cloud, IaaS, Industry, Private Cloud, survey
Posted in Cloud Computing, Datacenter, General, GoGrid, Hosting, Industry, Private Cloud, Public Cloud, Security, Whitepaper | No Comments »
Thursday, July 21st, 2011 by Michael Sheehan
The cloud is great for so many things. You can create a web presence in a matter of hours or completely implement an N-tiered, redundant, elastic, secure globally-available cloud topology. Spinning up infrastructure via a web portal or API in minutes via a few clicks of a mouse is a dramatic transformation from the days of racking and stacking servers, untangling miles of cat5/6 cables, connecting load balancers and firewalls to the mix and hooking up storage devices. And let’s not forget about physical security, power supplies, cooling and network redundancy. The neat thing about the cloud is that all of the stuff has become really easy to do and you can do it very quickly.
GoGrid has a long history of enabling IT infrastructure solutions for companies across the world. We have built out core services and offerings to allow businesses to build want they want quickly, efficiently and with state-of-the-art cloud technology. But just because you have great tools at your disposal doesn’t mean that your cloud environment will magically create itself. And that is something that we realize and understand at GoGrid.
Architect for Success
Cloud computing can be almost magical at times, but we need to remember the processes and best practices for security and ensuring redundancy that we are accustomed to using, and adapt and use them within the cloud as well.
A few weeks ago, I wrote a post “Things to Think About When Building Secure Infrastructure” where I made a few points about “assumption,” namely, assuming that whatever cloud vendor you choose, they will take care of everything for you. Regardless of the cloud vendor, you need to do your due diligence and update your standard operating procedures to reflect how cloud computing works. It is different than traditional IT in many ways. For example, in the GoGrid cloud, you can create a cloud server, harden it with security software and configurations and then save it as a MyGSI (as “server image”). Then, as you need to scale out your infrastructure, you can do this not only quickly, but securely as well, by deploying clones or instances of that hardened server. With a traditional, physical deployment, it takes much longer and there is no guarantee that you will have each and every security patch in place on every server.
(more…) «The Importance of Building Your Cloud Infrastructure the RIGHT Way»
Tags: ASA 5510, backups, Cisco, cloud, Cloud Computing, Cloud infrastructure, CloudPassage, ezEncrypt, firewall, Fortinet, Gazzang, GlusterFS, GoGrid Exchange, GSI, Halo, IaaS, Load Balancer, partner, PGSI, Zeus Technology
Posted in Cloud Computing, General, GoGrid, GoGrid Exchange, Hosting, How To, Images, Load Balancer, Public Cloud, Security | No Comments »
Wednesday, July 6th, 2011 by Michael Sheehan
Whether you’re a small, medium or enterprise company using cloud solutions, using secure Infrastructure-as-a-Service (IaaS) is a must. A couple weeks ago I shared some survey data showing you the average security and compliance requirements from professionals in the IT industry. The results of the survey clearly shows that security is a forethought for most businesses, but just like the term “cloud”, “security” can be a bit of a buzz word if not given proper context.
When thinking about security and potentially compliance within an IT environment, there are a lot of important items to consider; some of these can be “offloaded” to your provider, but others are your own undertaking completely. Start by asking yourself the following questions:
- Who is your “customer”? – Is your customer, your end user? Or is it your internal organization? More than likely, it is both. Do these “customers” require different levels of security? If so, what are they?
- What level of security is “acceptable”? – This varies from company to company. Some organizations like healthcare or government must adhere to extremely strict security (and compliance) requirements, while other businesses might have more leeway when it comes to protecting their assets.
- Who in your organization is responsible for security? – Is there a particular team that is tasked with not only determining the security requirements, but also maintaining and auditing those requirements and activities over time?
- Is physical security required? – Do you need to physically audit and control your environment? Remember, while clouds are highly virtualized or abstracted, the providers are physical entities. Does your cloud environment need to be physically isolated from other cloud environments? (If so, you might want to consider a Hosted Private Cloud)
- Does your company have their security best practices carefully documented? – If they do, you should review it with a critical eye to ensure that it reflects changes in technologies.
To the last point above, the most important philosophy for businesses to understand is that security isn’t a destination – it is a process that takes constant iteration and innovation. Regardless what cloud provider you use (or even if you use traditional in-house infrastructure), this mentality is important to maintaining infrastructure security and compliance.
There are two core levels where security is critical: (more…) «Things to Think About When Building Secure Infrastructure»
Tags: Best Practices, cloud, Cloud Computing, GoGrid, IaaS, infrastructure, Security
Posted in Cloud Computing, General, GoGrid, Hosting, Public Cloud, Security, Whitepaper | No Comments »
Tuesday, June 21st, 2011 by Michael Sheehan
Last time in the GoGrid Cloud Survey Report series, I wrote on cloud use cases and reasons for migrating to the cloud. This week, I wanted to focus on everybody’s favorite topic: security and compliance in the cloud. 
If you’re brand new to this series, let me catch you up to speed. At the beginning of the year, GoGrid gathered feedback from over 500 CTOs, developers and IT professionals relating to cloud computing and best practices. This week, we’re highlighting the results from the question “What type of security/compliance do you require in the cloud?”
You may have noticed, whenever there is a conversation about Infrastructure-as-a-Service, the security debate is sure to follow. We wanted to see what types of security the IT industry uses and which were the most important to maintaining compliance.
What Type of Security/Compliance Do You Require in the Cloud?
As seen in the chart above, private VLANs, network layer firewalls and DDoS mitigation are the most required form of security according to our respondents, followed closely by Virtual Private Networks.
(more…) «GoGrid Cloud Survey Report – Security & Compliance (Part 4)»
Tags: Cloud infrastructure, Cloud Survey, Compliance, GoGrid, HIPAA, IaaS, Industry, IT, PCI Compliance, Results, Security, survey, VPN
Posted in Cloud Computing, General, GoGrid, Hosting, Industry, Partners, Public Cloud, Security | 2 Comments »
Chat with Us
Get a Call
