Click here to close now.

Welcome!

API Journal Authors: Carmen Gonzalez, Liz McMillan, AppDynamics Blog, Vormetric Blog, Elizabeth White

Blog Feed Post

Cloud Computing, the NSA, and Why Businesses Should Care

Listen: as cloud computing consultants, we drink the cloud computing koolaid. We’ve implemented cloud-based software for businesses of all sizes, across just about every industry. We’ve seen it revolutionize how businesses work.

We’ve also seen security become a very real and increasingly serious concern.

Don’t worry, it’s safe!

When we first began showing cloud-based software to clients, the idea of storing your data remotely was a new concept. Like clockwork, clients were all concerned about security. Is my data safe? What happens if the software company folds? Can we be hacked?

cloud securityLike good cloud computing consultants everywhere, we’d listen, smile, shake our heads, and explain why clients needn’t worry, how storing your data on 3rd party servers was safer than storing it locally, how Google had armed guards.

And that was all true. In many ways, top-of-class cloud-based software tools do deliver top-notch security.

But in other ways, those early clients had prescient concerns. The shift to cloud computing has – in subtle and not-so-subtle ways – followed a fundamental shift in data and how we think of property writ large.

Lets rewind….

Software-as-a-pain-in-the-ass (SAPAS)

Before Salesforce, before Google, there were local servers and hard drives. If businesses used software (and that’s a big “if”), they had it installed locally, on-site, on their own computers or servers. Barbaric, I know.

This had major disadvantages: accessing your programs if you weren’t at the office was a pain. Syncing data between workstations was a nightmare. Collaborating in real time without overwriting was impossible.

Then there were the bills. Typically, companies paid third-party consultants like us huge retainers to maintain servers, push updates, and install patches. The value-add of those consultants was technical – they operated as IT janitors, doing the dirty work that no one else wanted or knew how to. Inexplicably, this is still a viable business model.

But for many businesses, cloud computing changed all that.

Enter the cloud

With cloud computing, businesses didn’t have to worry about maintaining anything. Sign up for an account and you’re done: the vendor does all the dirty work, no middle-man necessary. Just you, your data, and your sweet, innocent software.

Other advantages followed. Because vendors no longer relied on resellers for sales, the market was flooded with new software options – and increased competition meant better, cheaper products. And because the cloud affords technical advantages (such as integrations), the feature-set deepened. What could possibly go wrong?

The fight for your data

As many, many observers predicted, data privacy and security is today a major concern for businesses. This fact is highlighted by recent revelations about the NSA’s writing backdoors into consumer software, and Target losing credit card data on tens of millions of its customers.

Used to be, we didn’t care much about that stuff. It won’t happen to you.

business hackerBut the reality is, something major has happened. Most businesses don’t have technical control of at least some – if not all – of their data anymore. Their banking data, their client data, their sales data, their documents and records – for millions of businesses, that stuff is stored on anonymous data servers and leased back.

Now, I’m not saying that’s an inherently bad thing. And it’s still true, for most businesses, that their data is safer (in some ways) now than it was when it was recorded on some dusty Exchange server in the closet.

But it’s also true that vendors, businesses, and consultants all need to do a better job of being honest about the state of software security. Too many vendors say “we use bank-grade encryption” and leave it at that. Too many clients aren’t asking the right questions. And too many consultants just don’t care.

A better way

By definition, cloud computing means a loss of some control. A relinquishing of technical reigns in return for better products. That’s just a fact.

But that doesn’t mean we can’t demand more.

Vendors should have transparent security outlines, where it’s 100% clear where your data is, what they’re doing with it, how it’s protected, and what they plan to do when something goes wrong.

Businesses should demand more. When vendors or consultants don’t address security, they should force the issue – and don’t accept anyone rolling their eyes.

Consultants should care more. They should know about SSL vs TSL; the difference between hashing and encryption; the strengths and limitations of multi-factor authentication.

This stuff is stressful to think about, but it’s super important. We’ve never had a client or a vendor suffer a data breach, but we also know it’s a lottery – and it’s up to us (and you) to mitigate risks.

VM Associates is a New York City cloud computing consulting firm. We help companies transition into newer, better, smarter software. Contact us to talk about your business, the cloud, and how we might help.

The post Cloud Computing, the NSA, and Why Businesses Should Care appeared first on VM Associates.

Read the original blog entry...

More Stories By Chris Bliss

Chris Bliss works at VM Associates, an end-user consultancy for businesses looking to move to the cloud from pre-existing legacy systems.

@ThingsExpo Stories
"ciqada is a combined platform of hardware modules and server products that lets people take their existing devices or new devices and lets them be accessible over the Internet for their users," noted Geoff Engelstein of ciqada, a division of Mars International, in this SYS-CON.tv interview at @ThingsExpo, held June 9-11, 2015, at the Javits Center in New York City.
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
SYS-CON Events announced today that SoftLayer, an IBM company, has been named “Gold Sponsor” of SYS-CON's 17th International Cloud Expo®, which will take place November 3–5, 2015 at the Santa Clara Convention Center in Santa Clara, CA. SoftLayer operates a global cloud infrastructure platform built for Internet scale. With a global footprint of data centers and network points of presence, SoftLayer provides infrastructure as a service to leading-edge customers ranging from Web startups to global enterprises. SoftLayer’s modular architecture, full-featured API, and sophisticated automation pro...
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Among the proven benefits, DevOps is corr...
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of robomq.io, and Fred Yatzeck, principal architect leading product development at robomq.io, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at the same time reduce Time to Market (TTM) by using plug and play capabilities offered by a robust IoT ...
SYS-CON Events announced today that Intelligent Systems Services will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Established in 1994, Intelligent Systems Services Inc. is located near Washington, DC, with representatives and partners nationwide. ISS’s well-established track record is based on the continuous pursuit of excellence in designing, implementing and supporting nationwide clients’ mission-critical systems. ISS has completed many successful projects in Healthcare, Commercial, Manu...
The enterprise market will drive IoT device adoption over the next five years. In his session at @ThingsExpo, John Greenough, an analyst at BI Intelligence, division of Business Insider, analyzed how companies will adopt IoT products and the associated cost of adopting those products. John Greenough is the lead analyst covering the Internet of Things for BI Intelligence- Business Insider’s paid research service. Numerous IoT companies have cited his analysis of the IoT. Prior to joining BI Intelligence, he worked analyzing bank technology for Corporate Insight and The Clearing House Payment...
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company helps mid-market firms built on IBM hardware platforms to deploy new levels of reliable and cost-effective computing and high availability solutions, leveraging the cloud and the benefits of Infrastructure-as-a-Service (IaaS...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, will explore the IoT cloud-based platform technologies driving this change including privacy controls, data transparency and integration of real time context wi...
The basic integration architecture, as defined by ESBs, hasn’t changed for more than a decade. Most cloud integration providers still rely on an ESB architecture and their proprietary connectors. As a result, enterprise integration projects suffer from constraints of availability and reliability of these connectors that are not re-usable across other integration vendors. However, the rapid adoption of APIs and almost ubiquitous availability of APIs amongst most SaaS and Cloud applications are rapidly redefining traditional integration approaches and their reliance on proprietary connectors. ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Architect for the Internet of Things and Intelligent Systems, described how to revolutionize your archit...
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures traffic gets delivered faster, safer, and more reliably than ever.
To many people, IoT is a buzzword whose value is not understood. Many people think IoT is all about wearables and home automation. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed some incredible game-changing use cases and how they are transforming industries like agriculture, manufacturing, health care, and smart cities. He will discuss cool technologies like smart dust, robotics, smart labels, and much more. Prepare to be blown away with a glimpse of the future.
"We have a tagline - "Power in the API Economy." What that means is everything that is built in applications and connected applications is done through APIs," explained Roberto Medrano, Executive Vice President at Akana, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
WebRTC converts the entire network into a ubiquitous communications cloud thereby connecting anytime, anywhere through any point. In his session at WebRTC Summit,, Mark Castleman, EIR at Bell Labs and Head of Future X Labs, will discuss how the transformational nature of communications is achieved through the democratizing force of WebRTC. WebRTC is doing for voice what HTML did for web content.
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the cloud and the best price/performance value available. ProfitBricks was named one of the coolest Clo...
Internet of Things is moving from being a hype to a reality. Experts estimate that internet connected cars will grow to 152 million, while over 100 million internet connected wireless light bulbs and lamps will be operational by 2020. These and many other intriguing statistics highlight the importance of Internet powered devices and how market penetration is going to multiply many times over in the next few years.