KML_FLASHEMBED_PROCESS_SCRIPT_CALLS

Posts Tagged ‘Security’

 

2012 Cloud Computing Predictions from GoGrid Executives, Customers & Partners (Part 1)

Tuesday, January 17th, 2012 by

As is customary with the passing of an old year and the exciting entrance into a new one, people try to make their best predictions as to what the future holds within their area of expertise. For GoGrid, this is obviously around Cloud Computing. This year, instead of making my own prediction list (as I have done in the past), I thought it would be important to get some other expert voices from the GoGrid and cloud community to do this task.

2012-cloud-year-pt1

The important thing to always remember here, especially when dealing with the cloud, is that it changes quickly. It’s similar to buying the latest technology, the moment you buy it (or make the prediction, in this case), it’s instantly outdated. But still, the process is fun if not, educational.

Below is a compilation of 2012 cloud computing predictions from a variety of subject matter experts and thought-leaders in the field of cloud infrastructure, security and services. The contributors are:

  • Warren Heffelfinger (CEO – GoGrid)
  • James Urquhart (Cloud Writer – GigaOm/VP of Product Strategies – enStratus/GoGrid Partner)
  • Larry Warnock (CEO – Gazzang/GoGrid Partner)
  • John Keagy (Chairman & Founder – GoGrid)
  • Carson Sweet (CEO – CloudPassage/GoGrid Partner)
  • Antonio Piraino (CTO – ScienceLogic/GoGrid Customer)

Because of the wealth of knowledge coming from this group, I have actually broken this article out into a series of 2 posts. Without further ado, onto the first set of predictions!

(more…) «2012 Cloud Computing Predictions from GoGrid Executives, Customers & Partners (Part 1)»

How To Set Up Private IP Segregation with CloudPassage in the GoGrid Cloud

Thursday, September 29th, 2011 by

CloudPassage is a key security partner that has images available on the GoGrid Partner Exchange. The CloudPassage images on GoGrid come pre-installed with their Halo daemon. This is available on CentOS, Debian, Red Hat, and Ubuntu on both 32-bit and 64-bit flavors. Alternately, you can launch a GoGrid base image and install the Halo daemon on your own. This tutorial assumes that you have a basic understanding of Linux and SSH as well as basic firewall strategies. It also assumes that you know how to configure private IPs so that will not be covered here.

Things to Think About When Building Secure Infrastructure

Wednesday, July 6th, 2011 by

Whether you’re a small, medium or enterprise company using cloud solutions, using secure Infrastructure-as-a-Service (IaaS) is a must. A couple weeks ago I shared some survey data showing you the average security and compliance requirements from professionals in the IT industry. The results of the survey clearly shows that security is a forethought for most businesses, but just like the term “cloud”, “security” can be a bit of a buzz word if not given proper context.

When thinking about security and potentially compliance within an IT environment, there are a lot of important items to consider; some of these can be “offloaded” to your provider, but others are your own undertaking completely. Start by asking yourself the following questions:

  1. Who is your “customer”? – Is your customer, your end user? Or is it your internal organization? More than likely, it is both. Do these “customers” require different levels of security? If so, what are they?
  2. What level of security is “acceptable”? – This varies from company to company. Some organizations like healthcare or government must adhere to extremely strict security (and compliance) requirements, while other businesses might have more leeway when it comes to protecting their assets.
  3. Who in your organization is responsible for security? – Is there a particular team that is tasked with not only determining the security requirements, but also maintaining and auditing those requirements and activities over time?
  4. Is physical security required? – Do you need to physically audit and control your environment? Remember, while clouds are highly virtualized or abstracted, the providers are physical entities. Does your cloud environment need to be physically isolated from other cloud environments? (If so, you might want to consider a Hosted Private Cloud)
  5. Does your company have their security best practices carefully documented? – If they do, you should review it with a critical eye to ensure that it reflects changes in technologies.

To the last point above, the most important philosophy for businesses to understand is that security isn’t a destination – it is a process that takes constant iteration and innovation. Regardless what cloud provider you use (or even if you use traditional in-house infrastructure), this mentality is important to maintaining infrastructure security and compliance.

There are two core levels where security is critical: (more…) «Things to Think About When Building Secure Infrastructure»

GoGrid Cloud Survey Report – Security & Compliance (Part 4)

Tuesday, June 21st, 2011 by

Last time in the GoGrid Cloud Survey Report series, I wrote on cloud use cases and reasons for migrating to the cloud. This week, I wanted to focus on everybody’s favorite topic: security and compliance in the cloud. ;-)

If you’re brand new to this series, let me catch you up to speed. At the beginning of the year, GoGrid gathered feedback from over 500 CTOs, developers and IT professionals relating to cloud computing and best practices. This week, we’re highlighting the results from the question “What type of security/compliance do you require in the cloud?

You may have noticed, whenever there is a conversation about Infrastructure-as-a-Service, the security debate is sure to follow. We wanted to see what types of security the IT industry uses and which were the most important to maintaining compliance.

What Type of Security/Compliance Do You Require in the Cloud?

cloud_survey_security_1

As seen in the chart above, private VLANs, network layer firewalls and DDoS mitigation are the most required form of security according to our respondents, followed closely by Virtual Private Networks.

(more…) «GoGrid Cloud Survey Report – Security & Compliance (Part 4)»

Reflection on “5 Cloud Computing Predictions for 2010″

Tuesday, December 28th, 2010 by

As 2010 draws to a close, I thought that I would take a look back at some predictions about Cloud Computing that I made at the beginning of the year, but with a bit of an added spin. This reflection could be pretty lengthy so I will focus mainly on how GoGrid matched up to the predictions. While that can be perceived as a bit one sided, I believe that it is important for the Cloud Computing community to contemplate on what they did for the Cloud from a “personal” perspective and how they are driving this evolutionary movement forward.

Here were my predictions from January 2010:

  1. Cloud Outages – There will be several Cloud Outages that get high visibility this year. As complexity and associated infrastructure grows and more users turn toward the cloud, any hiccups therein will receive quick and broad media coverage, with naysayers quickly stating “I told you so”. Unfortunately, any type of outage may be perceived as a “cloud failure”, resulting in the masses becoming increasingly doubtful in the reliability of the cloud. This “F.U.D. Factor” will be a steep hurdle that cloud providers and partners will have to overcome. Those companies with sound IT strategies and best practices in place will be able to weather any outages well, assuming they employ Disaster Recovery (DR) solutions and have them implemented.

    End of Year Update:
    Yes, there were outages in the cloud but the term “cloud” expanded to include a variety of items that were indirectly related to the Cloud Pyramid. No hosting service or data center is fully immune to outages or disruptions. Several SaaS providers had disruptions of service that were pretty high profile (most recently Tumblr, a micro-blogging platform, affected countless customers across the globe). ReadWriteWeb has a good listing of significant disruptions that occurred including Wikipedia, WordPress, Gmail, Twitter, Facebook, and yes, even WikiLeaks.
    GoGrid Update: I’m happy to say (knock on wood), that GoGrid has maintained a 99.99% uptime throughout the year which means that customers who have implemented their infrastructure solutions within our cloud offerings have made an important choice. With our rollouts of new service offerings as well as an East Coast data center, our customers now have a choice on the type of infrastructure to provision and where they want it to reside.
  2. The Rise of Hybrid Hosting Solutions – While relatively new in 2009, more providers will consider implementing the ability to have the “best of all worlds” hosting solutions. Whether this be the combination of physical and cloud environments or, cloud bursting, or private and public clouds working congruently, there will definitely be a blurring of lines between what hosting is.

    End of Year Update:
    There was definitely some significant movement in this arena, with a couple providers announcing “Cloud Connect” or “Hybrid Connect” features that cross-connect physical and virtual environments. This is an important item for corporations looking to have flexible network topologies.
    GoGrid Update: We first launched Cloud Connect back in November of 2008 as we understood this need by businesses to have hybrid environments. Coincidentally, it was released using the “Cloud Connect” name which other providers seem to have attempted to capitalize on. However, back in February 2010, we released our GoGrid Dedicated Servers offering that effectively integrates physical and virtual infrastructure within the GoGrid Cloud. More recently (December 2010), we announced that GoGrid Dedicated Servers and our Hybrid Hosting environment was available within our East Coast data center as well, thus providing these hybrid solutions in multiple locations. The important take-away here is that 2 years ago we realized that this would be an important service that enterprises, businesses and corporations would desire, so our products and engineering teams ensured that the physical and virtual components that comprise our offering were tightly integrated and easy to use, all within the same web portal and private network.
  3. Security Concerns, Vulnerabilities and Malware – this is an only logical prediction. As the number of cloud or virtualized environments increase due to their ease of use and lower cost, the possibility of environments being created and left unattended also increases. Also because of the ease of use, with “average” users deploying environments that are not hardened or at least audited from a security standpoint, there are more possibilities for hackers or users to unintentionally open their systems up to malware, botnets or other malicious code.

    End of Year Update
    : With the exception of DDoS attacks which any hosting provider is susceptible to (and which are typically targeted at a specific site, not a provider), and with the obvious exception of the WikiLeaks attacks, cloud “hacks” or vulnerabilities seemed to remain fairly low. There is still obviously the FUD factor (fear, uncertainty and doubt) but since cloud computing has really seemed to have hit mainstream IT, companies are doing their due diligence when selecting a cloud hosting provider, obviously looking toward robustness and security as core requirements for IT implementations.
    GoGrid Update: We have strengthened our DDoS mitigation services, engaged with new technology partners and service providers, and continue to provide robust support should malicious activities occur. GoGrid has been conducting regular educational webinars (including some with our partners) to help our customers reduce risks associated with technology as well as develop redundant, N-level architectures designed for fault tolerance and resiliency.
  4. A “Cloud” for Everyone – Towards the end of last year, we started to see a blurring of the definition of “cloud” and “cloud computing”. The mainstream media is to blame for much of this confusion. To that end, people seem to be ubiquitously interchanging the word “cloud” and “cloud computing” where they are actually quite different. Most people are simply using the word “cloud” to describe anything where the data is stored somewhere else, whether it be truly using a “cloud computing” environment or simply a cluster of servers somewhere. I predict that this confusion will get worse long before it gets better. People will continue to interchangeably use “cloud” and “cloud computing” thus forcing those of us in the industry to (re)define what “cloud computing” truly is. However, as the word “cloud” becomes incredibly mainstream, it will grow to mean anything that is delivered via the web, regardless of if it is applications, services, infrastructure, data or what have you. (In fact, I used “cloud” interchangeably throughout this post…for me, I’m talking about “cloud computing.”)

    End of Year Update
    : Unfortunately to those of us in the Cloud Computing industry, the term “cloud” continues to morph into an encompassing of anything related to “stored on the Internet somewhere”. Recent advertising campaigns now throw the term “cloud” around extremely loosely, polluting the true definition. We believe that Gartner’s definition of Cloud Computing is one of the best in the space currently: “A style of computing where scalable and elastic IT-related capabilities are provided ‘as a service’ to customers using Internet Technologies.”
    GoGrid Update: At GoGrid, we make it our mission to adhere to the important qualities of cloud computing: self-service, scalable, on-demand, pay-as-you-go and as a service. While we may use the term “cloud” loosely, our core competency is “cloud computing”, being the largest “pure play” provider in the space. What I mean by pure play is that our business is devoted to providing infrastructure services entirely, not diluted by other add-on services or products or physical items. This year we developed our Unique Value Proposition (UVP) – “Complex Infrastructure Made Easy™” which we live and breath by. So while the term “cloud” continues to become fractured, representing many things that it wasn’t initially supposed to, we fully believe in ensuring that our “cloud” represents industry definitions and standards.
  5. Analysts will Shorten their “Coming of Age” Stories – Many of the big name players predicted that cloud computing wouldn’t really be adopted by the mainstream for another few years. I believe that they will retract or refine their statements to show how much closer to mainstream cloud computing really is. While Fortune100 companies may still be slow to adopt, the “rest of us” will get on the cloud a lot faster than analysts originally predicted.

    End of Year Update:
    Cloud Computing continues to “infiltrate” corporations and enterprises as these companies look to alternatives to traditional IT requisitioning. While corporate entities as a whole might not fully throw themselves at replacing their existing infrastructure with cloud infrastructure, business units and other departments therein are seeing the advantages and embracing them. I still believe that the adoption curve is moving a lot faster than what analysts are predicting.
    GoGrid Update: Our increase in corporate and enterprise customers clearly indicates that there is a significant uptake in interest as well as implementation of cloud and hybrid scenarios and solutions. Also, our ever-growing numbers of SMB and Web 2.0 customers reflect an even healthier adoption of cloud computing as outsourcing of IT services remains a critical component of financial savings, human resource optimization and other unrealized IT rearchitecture.

So there you have it. A quick look back at my predictions for 2010 and how the market and GoGrid faired. What are your thoughts on the past year and how Cloud Computing did therein? What about 2011? Would love to get your read! And Happy Holidays from all of us at GoGrid.

(more…) «Reflection on “5 Cloud Computing Predictions for 2010″»