Distributed Computing Industry
Weekly Newsletter

In This Issue

Partners & Sponsors

A10 Networks

Aspera

Citrix

FalconStor

ShareFile

VeriStor

Cloud News

CloudCoverTV

P2P Safety

Clouderati

gCLOUD

hCLOUD

fCLOUD

Industry News

Data Bank

Techno Features

Anti-Piracy

April 29, 2013
Volume XLIII, Issue 8


Don't Miss CLOUD COMPUTING EAST 2013

The Cloud Computing Association (CCA) and the Distributed Computing Industry Association (DCIA) welcome DCINFO readers to attend CLOUD COMPUTING EAST 2013 (CCE:2013) from Sunday May 19th through Tuesday May 21st at the Marriott Boston Copley Place in Boston, MA.

CCE:2013 will focus on the use of cloud-based technologies by government, healthcare, and financial services to revolutionize business processes, increase efficiency, and streamline costs.

Learn about attendance options here; and sign-up to attend here.

An opening workshop on Sunday afternoon will orient delegates and provide a fundamental grounding in cloud models, deployment methods, and technology definitions. Then a welcome reception will offer networking opportunities for speakers, exhibitors, and audience members.

On Monday morning, keynote and panel sessions include Stefan Bewley, Altman Vilandrie; Matt Stevens, AppNeta; Michelle Munson, Aspera; Larry Freedman, Edwards Wildman Palmer; Fabian Gordon, Ignite Technologies; Dan Rooney, Kronos; Brad Maltz, Lumenate; Joe Foxton, MediaSilo; Larry Veino, Presidio; Brian Benfer & Cameron Jahn, ShareFile; and Omar Torres, VeriStor.

After a pace-changing workshop entitled Take the Bore out of Boardroom by Wes and Amy Peper, and conference luncheon, attendees will have the opportunity to choose from among three event tracks offering panel discussions and case studies including the following speakers.

Nicole Nakashian, Agio Technology; David Cerf, Crossroads Systems; Tom Gonser, Docusign; Pete Manca, Egenera; Jamie Brenzel, KineticD; Brad Maltz, Lumenate; Yung Chou, Microsoft; Kevin Nyberg, NaviSite; Arwin Holmes, NorthPoint, Keith Hartley & Doug Natal, Oracle, Chris Christy & Marlyn Zelkowitz, SAP America; Brian Daleidin, TraceLink; Grant Kirkwood, Unitas Global; Amit Khanna, Virtusa; and Adam Firestone, WSO2.

At day's end, there will be a networking reception in the Exhibit Hall.

On Tuesday morning, we'll continue our in-depth examinations of the subject matter with such speakers as Doug Barbin, BrightLine; Laura Girasole, Citrix; David Linthicum, Cloud Technology Partners; Chris Poelker, FalconStor; Daniel Beazer, FireHost; Whitney Vickrey, GCE; Sriram Subramanian, GiftGiv; Owen DeLong, Hurricane Electric; Mark Lundin, KPMG; Russ Hertzberg, SoftServe; Jim Duval, Telestream; and Gerry and Stegmaier, WSGR.

After a working luncheon that will feature solution provider showcase demonstrations, keynotes and panels will continue with James Mitchell, Cloud Options; Geof Griebel, Eoscene Corporation; Yesica Schaif, IBM; Allan McLennan, PADEM Group; Jaye Connolly, PathCentral; Rohit Mahna, Salesforce.com; Jay Gleason, Sprint; Mark Levitt, Strategy Analytics; Mohamad Ali, Wexford Health Sources; and Brian Drewes, ZYNC Render.

Platinum sponsors for CCE:2013 include Citrix Systems and ShareFile, and gold sponsors are A10 Networks, Aspera, FalconStor, and VeriStor. Silver sponsors include AppNeta, Ce3, CSC Leasing, Lumenate, NaviSite, Presidio, SoftServe, and Virtusa.

Associate Sponsors for CCE are Apptix, Aspiryon, Cloud Options, Edwards Wildman Palmer, Ignite Technologies, Infoblox, and Permabit Technology Corporation.

Register now to attend CCE:2013.

Build, Buy or Rent? Your Optimal Cloud Storage Solution

For many companies one of the biggest decisions they will make, or have made, when moving to the cloud will be how they implement their cloud storage infrastructure.

Issues around ease of access, uptime, security, redundancy, SLA, maintenance, and total cost of ownership drive the decision to one of three options: build, buy, or rent.

This webinar, live at noon ET on Wednesday May 15th, will explore these issues, and compare and contrast the three options helping you to optimize your plan for your business needs and growth.

Please join Forrester Research and DataDirect Networks for this educational webinar to learn about the challenges and solution options for implementing storage in the cloud.

Featured speakers will be Henry Baltazar, Senior Analyst serving Infrastructure & Operations Professionals at Forrester Research, and Tom Leyden, Director of Object Storage Product Marketing at DataDirect Networks.

Please click here to register.

Report from CEO Marty Lafferty

Photo of CEO Marty LaffertyThe Distributed Computing Association (DCIA) heartily commends the US Senate Judiciary Committee for its unanimous approval by voice vote on Thursday of S. 607, the Electronic Communications Privacy Act Amendments Act of 2013.

Data stored in the cloud, web-based e-mail and instant messages (IM), and other online communications are now one step closer to greater privacy protections thanks to this action.

Please click here for the final version of S.607, which Committee Chairman Patrick Leahy has now reported to the Senate floor for consideration.

S.607's amendments, which now need to be passed by the full Senate and US House of Representatives, will extend Fourth Amendment protections to the online world.

Having a higher standard for government access to electronic content is critical to ensuring online privacy and ensuring the continued advancement of the distributed computing industry.

Chairman Leahy (D-VT) and Ranking Member Michael Lee (R-UT), in particular, as well as all Members of the Senate Judiciary Committee deserve special recognition for their leadership in advancing this measure.

We applaud their bipartisan efforts in requiring law enforcement to possess a warrant before gaining access to digital content, no matter where it is stored or for how long.

The importance of requiring the government to obtain a warrant from a judge based on probable cause before seeking the content of private electronic communications and documents stored by third-parties — and of special concern to us, cloud-based solutions providers — cannot be overstated.

The Constitutional right of due process is one that is guaranteed to all Americans, and S.607 will bring outdated legislation current to ensure that right. At the same time, judicial procedures that are currently inconsistent and confusing will be clarified, meaning that this law should actually make it simpler for law-enforcement officials to do their jobs effectively.

The Electronic Communications Privacy Act (ECPA) was enacted in 1986, long before widespread use of the Internet.

The technological advances in communications and computing since the bill's passage have been nothing short of revolutionary. As a result, the legal framework provided by this statute has left both providers and users of remote computing with a complex, baffling, and now badly outdated set of rules.

Today's society communicates in a dramatically different manner from then, with a steadily increasing amount of data stored digitally in data centers operated by third-party providers.

This legislation will level the playing field for law-enforcement access to electronic content, setting a warrant as the consistent standard, regardless of how or where content is stored.

Our concerns have been expertly championed by the Digital Due Process Coalition (DDP), of which the DCIA is a member organization, with its consistent focus on the privacy of information stored online, including the use of third-party cloud providers for data storage.

The 1986 law was unclear in regard to what kind of authority law enforcement and government agencies need to have to access such information.

Members of the DDP pushed hard for more than a year to include provisions in ECPA reform legislation that will require a search warrant in order for law enforcement to access the content of electronic communications.

Berin Szoka, President of fellow DDP Member TechFreedom expresses DDP's position well:

"What Mark Twain once said about the weather is true about Congress and privacy, too: everybody talks about it, but nobody ever does anything about it."

"Wednesday's Senate Commerce Committee hearing on the status of the 'Do Not Track' working group was par for the course in Washington: angsty blustering about a complex problem that few in Congress understand and that's already being worked out by the various stakeholders."

"But Thursday, the Senate Judiciary did something constructive — and profoundly important."

"They took responsibility for fixing a problem Congress itself created back in 1986: failing to protect Americans' e-mails from law enforcement snooping without the kind of judicial process required by the Fourth Amendment."

"This is the most important step towards long-overdue ECPA reforms since the House Judiciary Committee passed a bill 20-1 back in 2000."

"Sadly, that effort stalled, leaving Internet users' privacy unprotected even as we all have increasingly come to rely on cloud services — not just for e-mail but for things we used to do on our own computers, where our private files were fully protected by the Fourth Amendment."

"We applaud the bipartisan support for ECPA reform. That should mean swift passage by the Senate and House."

"But ECPA reform won't be complete until Congress enacts the other three principles advocated by the DDP. Most significantly, that means a warrant requirement for location data. The Fourth Amendment requires nothing less. The courts are already heading towards that conclusion but Congress can't wait for them to work out these doctrinal knots. The sooner Congress focuses on the real privacy problem — government access — the better."

We are grateful to DCIA Member companies and DCINFO readers who actively supported this effort. S. 607 will provide much-needed reform to the existing law to bring it into today's technological landscape.

This continues to be an important issue for the distributed computing industry, and we remain committed to ensuring that this bill is signed into law.

We urge all Members of Congress to advance this legislation, and look forward to working with House Judiciary Chairman Bob Goodlatte on a companion measure in the House, so that Americans can be assured that information stored in the cloud gets the same protection as information stored in their homes. Share wisely, and take care.

Balancing Individual, Business, and Law-Enforcement Interests

Excerpted from The Guardian Report by Jim Reavis

We all know about the massive presence of computing and the Internet in our everyday lives. It therefore boggles the mind to consider how rudimentary our use of technology will seem in just a few short years as many projections point to 100 billion Internet-connected devices in 2020, compared with just 8 billion today.

This post-PC world of pervasive computing, from appliances to automobiles to the electrical grid will center around cloud computing. The massive cloud data centers of today will grow at a phenomenal pace to manage these devices and store their data — a utility on a global scale.

Like a utility, the cloud is always on and available. Individual countries and federations of nations, such as the European Union, are scrambling to understand how to regulate the cloud and promote its growth, while protecting the rights of its citizens.

While much of this is well meaning and quite good, the great challenge is in understanding the international interdependencies that have emerged within this global compute utility, and defining strategies and policies that balance the interests of individuals, business and law enforcement. Compounding this challenge is a great acceleration in innovation, which in effect is asking us to govern an entity that is highly dynamic.

Cloud Security Alliance (CSA) is building an ecosystem to create trust and confidence in the cloud based upon vendor-neutral best practices research conducted by a global constituency. We believe that in most respects, the European Union has shown global leadership in a citizen-centric approach to data protection and privacy.

For that reason, CSA has based its own privacy research in Europe, called the Privacy Level Agreement (PLA), with a long-term objective of exporting EU privacy principles globally.

One of the most vexing problems that results from the perceived need for countries to regulate the cloud is the issue of data sovereignty. A country or a block of nations will decide that due to the concerns about nefarious practices within certain other countries, much of that country's information must be physically located in-country.

The US Patriot Act, and the risk of warrantless access to personal information is typically cited as a reason not to do business with US-based cloud companies. The problem with this restriction is that it has not kept pace with technological backdoors, it restrains trade and it turns many innocent companies and individuals into lawbreakers.

The solution is not for countries to view the cloud as a series of physical locations, nor is the solution for individual countries or federations of nations to cede sovereignty to international authorities to govern violations of their citizens' privacy.

The solution is to think virtually about how the cloud operates and adapt the enforcement of laws accordingly.

It does not matter where German information is stored, what matters is that German laws apply and that German businesses and German authorities have ultimate access to their information.

Put another way, it is absolutely feasible to make German citizen information stored in a San Francisco data center more difficult for the US government to access than if it were in Frankfurt.

It is possible that countries could eventually see data centers as neutral territory, and apply some derivation of maritime law to their governance, but that seems unlikely and far off.

Technology will effectively do this for us, creating containers for information that will only be accessed by the rightful owner.

Through techniques such as format preserving encryption, technology is increasingly reaching the point that customers can prevent the cloud provider from reading their information at all.

Sure, mistakes will happen and German data may be mishandled, but this will not be a function of that information's physical location, but of information owners failing to use the available technology to protect it.

Thinking virtually about regulating the cloud is a key principle CSA endorses to work through the myriad of legal complexities in this global utility.

The digital rights of European citizens should not terminate at the waters' edge, nor should those citizens be severely limited in their choice of cloud computing services. It is our obligation to find governance solutions to technology that is racing past our laws.

US Used "Distributed Intelligence" to Investigate

Excerpted from Wall St. Journal Report by Steve Rosenbush

After the Boston Marathon bombing, there were reports that many people in China viewed the story as an example of the weaknesses and the strengths of the US system.

"Chinese web users seemed to draw two general conclusions: that China would be more effective at preventing a Boston-style attack, but that the US is better equipped to respond to and cope with such an event," Max Fisher wrote in the Washington Post's WorldViews blog.

The transparency of the investigation and the ability of the US to come together in the midst of the attack were viewed with "reverence" by many people who made comments on China's giant social network, Weibo, according to Fisher.

That transparency and unity were aspects of a more basic problem-solving capability that seems to appear all too infrequently these days in the US, but is at its most effective in the face of acute crisis.

When confronted with clear, imminent and grave danger, the otherwise fractious elements of our open society come together like nodes in a massive, distributed computing platform to solve the problem at hand.

"There was a distributed intelligence that worked really well," said Irving Wladawsky-Berger, a visiting lecturer at the MIT Sloan School of Management, and a regular contributor to CIO Journal. Mr. Wladawsky-Berger — a former Vice President of Technical Strategy and Innovation at IBM — also is a strategic advisor to Citigroup.

In a distributed computing environment, an application is typically divided into small components that can be run on any number of servers in the system. There is no single mainframe or central node — but all of the smaller parts work together in concert, providing a massive amount of computational power.

This sort of architecture — cheaper and faster than older architectures — provides the power to run massive websites like those of Google and Facebook.

"The code is all distributed. It is a peer-to-peer (P2P) system, analogous to a flock of birds. Even though no single bird is in control, they can do things together as a flock," Barry Morris, Founder and CEO of database company NuoBD, in Cambridge, MA, told CIO Journal.

As soon as news of the Boston Marathon bombings broke around 2:50 PM on Monday, April 15th, myriad layers of the US's problem-solving "stack" came into play.

Law enforcement agencies, emergency medical crews, hospitals, elected officials and government agencies, old and new media, and the public itself functioned like servers in a massive, open source network — breaking off small pieces of the problem of the investigation.

Information was shared and vetted. That which was accurate and useful — and not all of it was — was shared and repurposed. Bad information was quickly exposed.

Within a few days, the suspects were identified — one killed during a gun battle with police, the other apprehended.

While the Federal Bureau of Investigation (FBI) may have been the nominal head of the network, the investigation was actually more like a flock that included many critical parts — from amateur photographers to an alert and curious homeowner who lifted the blood-stained tarp that covered the boat stored in his backyard, to come face to face with the surviving suspect, 19-year-old Dzhokhar Tsarnaev.

The precursors to this sort of problem-solving are transparency, trust, and a high-degree of consensus.

That is why this sort of problem-solving is best for handling a clear and present danger. Everyone was in agreement that there had been an attack, that the victims needed to be helped, and the perpetrators brought to justice.

While those goals might seem obvious, there are plenty of places in the world — pick the failed state of your choice — where that consensus isn't possible and terror attacks aren't so efficiently addressed.

Even in the US, that problem-solving power is difficult to harness.

"You really need everyone pulling in the same direction to solve problems in this manner, and that doesn't happen all that often in the US," Mr. Wladawsky-Berger said, noting that the bombing investigation involved the executive branch of government only, not the messier and slower legislative branch.

When it comes to solving longer-term, policy-oriented problems, the machine works — by design — much more slowly. Once longer term policy debates become short term crises, the problem-solving mechanism tends to lurch into gear.

That is why, he said, governments seldom solve problems such as healthcare or retirement or public debt until a full-on emergency is at hand.

Business problems tend to lend themselves to this distributed form of problem-solving more readily than government, according to Mr. Wladawsky-Berger.

When governments run into trouble, their leaders are typically replaced, while the country itself more often than not lurches on. Businesses face life-or-death issues all the time, and that tends to focus the mind. "Businesses go bankrupt, while countries tend to be a bit longer lasting," Mr. Wladawsky-Berger says. "Or at least we hope."

BitTorrent Sync Connects without Cloud Storage

Excerpted from PC & Tech Authority Report by Nick Peers

One of the big advantages of cloud storage is that most services make it easy to use themselves as a tool for effortless syncing of data between computers. Update a file on one device, and it quickly becomes available to everyone else.

The problem with syncing via the cloud is that you usually have to pay for any meaningful amount of storage space, and that's before you consider the potential implications of having a copy of your sensitive data stored in the cloud. However tight your cloud provider's security is, there is always the nagging doubt that your files could be accessed by someone else.

If you love the idea of syncing — particularly when it comes to huge amounts of data — but want to restrict your files and folders to your own hard drives only, then BitTorrent Sync is shaping up to be the perfect choice. Currently in alpha, it makes the task of sharing or syncing data across multiple computers (including Linux-based NAS drives) as simple, fast and secure as it can be.

The service is capable of syncing locally using your own personal network, or utilizing the Internet to sync data remotely, with the data only in the cloud long enough to travel from A to B (or back again). The major drawback, of course, is that your computers need to be switched on and connected for any syncing to take place — with the cloud as an intermediary, this isn't an issue for the likes of SkyDrive or SugarSync.

Getting started is easy: with the client installed, create your first shared folder, making a note of the "secret" 32-character code required to sync with that folder from other devices. This is copied to your other devices, pasted into the BitTorrent Sync client there and then the sync connection is made. It's also possible to generate read-only codes as well as those that expire after a set period for granting others — friends, family or colleagues for instance — limited access to folders.

You can share as many folders as you like, and sync with as many other devices or people as you like too. Make sure you tweak the client's preferences should your Internet connection grind to a halt — thankfully, like BitTorrent itself, you can put a cap on download and upload transfer speeds.

One immediate weakness with this first public build is the lack of differential sync —that means if a file is changed on one machine, the entire copy rather than just its changes are synced, which makes the process less efficient than it could be. Nevertheless, BitTorrent hopes to implement differential sync in a future build, which could prove to be the game changer in its favor.

BitTorrent Sync 1.0.116 is available now as a freeware, but alpha, download for Windows, Mac, and Linux. We recommend making separate copies of any files or folders you plan to sync with others in case of possible data loss while the program remains in alpha.

5 Reasons Cloud Computing Is Booming

Excerpted from Huffington Post Report by Drew Hendricks

Cloud computing has experienced serious growth in recent years — even the Department of Defense (DoD) is jumping on board. However, some people are a little concerned about giving up hard copies and going completely virtual.

Big change is always difficult to deal with. However, getting on this bandwagon is a great idea that can save money and time (assuming the cloud server chosen has a solid reputation). Here are 5 of the biggest reasons cloud computing is gaining in popularity.

1. It Saves Money (and the Environment)

Keeping paper copies, updating them, making more copies to distribute, shredding them, ordering more paper and ink — it's a vicious cycle. Many companies waste serious cash on this process, not to mention the leg work of employees whose sole responsibility is to keep up with the filing. Switching to cloud computing can save a lot of money and trees, which is why many companies are going green and upping the bottom line at the same time.

2. It Saves Time

All of that updating, filing, and printer maintenance wastes precious time that can be better spent elsewhere. Cloud computing also gets rid of the risk of double work. When one employee updates a document but forgets to send it to one person, maybe that one person decides to take on the task herself. This is another cycle that needs to be broken — and cloud computing can do that.

3. It's Easier

Let's say 10 people all need the latest information on an RFP that's due soon. One person may be in charge of the budget, another the narrative, and of course the Executive Director needs to oversee it all. A lot of meetings, back and forth emails and stress are in order, right? Wrong--if cloud computing is involved. Everyone can see the latest updates from their platform of choice in real time.

4. It Ups Organization

People have a tendency to file away hard copies and then forget about them. With cloud storage, everything is in one virtual place and it's simple to use a search function to find documents. This also leads to less double work and helps keep everyone on the same page.

5. It's Safer

Most offices and homes don't have the ultimate security systems — but cloud servers do. There's no risk of a fire, a burglary or a flood damaging documents. Instead, everything is safe and sound in the cloud. This also relieves some stress, which is always a good thing. Infrastructure-as-a-service (IaaS) is increasingly popular with cloud servers leading the way.

It's easy to see why cloud storage is falling into everyone's favor. Why not give it a try and see how it can improve the business (and sanity of the employees)?

SAP & Oracle Grow Faster than Overall Software Market

Excerpted from ComputerWorld Report by Mikael Ricknas

A growing interest in big data, analytics, and cloud computing helped propel a weak software enterprise market last year, according to research from IDC.

SAP and Oracle fared the best among the large software vendors.

The worldwide software market grew 3.6% year-on-year and totaled $342.6 billion, which is less than half the growth rates seen in 2010 and 2011, according to IDC's latest Worldwide Semiannual Software Tracker.

IDC sees 2012 as the beginning of a period with slower growth for the enterprise software market as a whole. However, there are faster growing segments, such as data access, analysis and delivery; collaborative applications; CRM applications, security software; and system and network management software, according to IDC.

On a regional basis, the overall software market was undermined by sluggish sales in Western Europe, which represented 26.5% of the worldwide market and was the only region to experience a drop in revenue in 2012. The US market — which represented more than 45% of the overall market — grew by 6% year-on-year, according to IDC. The countries with the greatest growth in 2012 were Saudi Arabia, Peru, Colombia, China, and Turkey, it said.

Microsoft, IBM, Oracle, SAP and Symantec were the top five software vendors in 2012 based on revenue. SAP's revenue grew the most at 5.1% followed by Oracle at 3.9%. The other three vendors also saw revenue grow, but slower than the overall market, according to IDC's data.

SAP was helped by increasing traction for its data management and business intelligence solutions, while Oracle's biggest product lines, databases and enterprise resource management solutions, grew between 5% and 8%, Patrick Melgarejo, Director at IDC, said.

IDC divides the software market into three primary segments: applications; application development and deployment; and systems infrastructure software. The application development and deployment segment, which contributed nearly a fourth of total software revenues in 2012, was the fastest growing market with a 4.6% year-over-year growth rate, thanks to the increasing adoption of big data and analytics among enterprises.

The applications segment was the largest of the three with 49% of total software revenue. It grew slightly slower than the overall the market at 3.3%. However, CRM and collaborative applications stood out with yearly growth rates near 7%, thanks to companies migrating to cloud-based services and more interest in enterprise social software, according to IDC.

The system infrastructure software segment, which made up 27% of overall revenue, also grew by 3.3% year-on-year. Again there were stand-out areas, including security software as well as system and network management software, which both grew by more than 6%.

Verizon Shines Light on Low Number of Cloud Data Breaches

Excerpted from CloudPro Report by Caroline Donnelly

End-users concerned about the integrity of their cloud provider's security defenses should be heartened by the observations of networking vendor Verizon.

The firm published its sixth annual Data Breach Investigations Report (DBIR) yesterday, which featured contributions from 19 organizations that track security breaches across the globe.

Financial reasons were cited as the motivation behind 75 percent of data breaches, closely followed by state-affiliated campaigns at 20 percent.

However, despite the burgeoning popularity of cloud services, the company said it found little evidence of breaches involving cloud-specific technologies.

Jay Jacobs, Principal Analyst within the risk team at Verizon, told Cloud Pro, "We are certainly seeing data breaches in the cloud, but they are breaches that would occur regardless of whether that application was being hosted in the cloud or not.

"What we are not seeing are breaches involving cloud providers that would result in multiple virtual machines cascading into a large-scale failure, for example," he added.

The reason for this, claimed Jacobs, could be that hackers tend to favor the path of least resistance when it comes to carrying out an attack.

"It could be that there are hundreds of ways to go after the data they want or to cause the kind of disruption they are after, and what we usually see is that hackers favor easy targets and the simplest route to getting what they want," he added.

"At the moment, it could be that cloud infrastructures offer neither of these things."

Amazon Looks to Move Security Appliances to the Cloud

Excerpted from ComputerWorld Report by Mikael Ricknas

Amazon Web Services (AWS) is looking to expand its security offerings with hosted intrusion protection appliances and more extensive encryption features, as it looks to increase the level of protection users can get in its cloud.

For Amazon, proving its cloud computing platform can offer the same level of security as traditional hardware and software has been an ongoing challenge.

That it's difficult for companies to meet their existing security requirements in the cloud is a common misconception, according to Stephen Schmidt, Chief Information Security Officer (CISO) at AWS.

"For example, they are concerned about access control; network perimeter device control; and the ability to construct networks in ways that are consistent with their particular compliance or enforcement requirements. In most cases we find that not only can they do what they are doing right now in the cloud, but have more granular controls," Schmidt said.

There is also a misconception about separation of computing resources in the cloud, according to Schmidt.

"Some people have written academic papers that say it is theoretically possible to, for instance, have maybe a side-channel between hypervisors ... where you could pass information between virtual machines. The important thing about that is that those are academic papers set in a laboratory environment, as opposed to in the real world," Schmidt said.

The Virtual Private Cloud service, which lets users configure a logically isolated section of Amazon's cloud, completely negates that threat, according to Schmidt.

The company is now working with partners to let enterprises move security appliances to the cloud, including virtual appliances for intrusion detection and prevention. The move to the cloud will be a boon for enterprises that are concerned about denial-of-service attacks that rely on using a lot bandwidth, according to Schmidt.

"Obviously individual companies can't afford to have the kind of connectivity to the Internet that we can. Furthermore, they don't necessarily have the network expertise to mitigate large scale attacks whereas we do," he said.

Amazon will expand on the ways encryption can be used to help protect information, as well

"I think in the short term you'll see us enabling encryption on smaller and more granular pieces of data," Schmidt said.

Amazon's road to improve encryption functionality has already started with the recent addition of Oracle Transparent Data Encryption to its Relational Database Service (RDS), and with the introduction of CloudHSM, a service that uses a separate appliance to protect cryptographic keys used for encryption.

"You can see there is a theme here. Give the customers the tools to create an encryption infrastructure that allows them to ensure only the people they want to, whether it's in their organization or ours, have access to that data," Schmidt said.

A key part of Amazon's security efforts has been getting various kinds of certifications.

"For some industries it is an absolute must-have. For instance, for Amazon.com to move onto AWS we had to be PCI compliant, because of the credit card transaction volumes. For U.S. government organizations to move into AWS, we had to be compliant with their rules and regimes and for the U.K. government we had to be compliant with theirs," Schmidt said.

For organizations where compliance isn't a must then certifications, including ISO 27001, still work as a way for them to understand how Amazon practices security, according to Schmidt.

One certification Amazon is still working on is Federal Risk and Authorization Management Program (FedRAMP), a government program that aims to standardize security assessment, authorization, and continuous monitoring for cloud services, according to Amazon.

"It is an evolving process. The US government hasn't quite decided what it wants to do with FedRAMP, and it keeps changing some of the evaluation criteria, but hopefully that will be settled soon because we are really looking forward to that one," Schmidt said.

Government organizations and agencies can rely on FedRAMP instead of doing their own evaluations, resulting in cost savings and uniform evaluations. Today some organizations are more capable of performing a good review than others are, but the FedRAMP program will iron out those differences and raise the security bar across the government space, according to Schmidt.

SMBs that Embrace Cloud Enjoy More Revenue

Excerpted from ARN Mobile Report by Hafizah Osman

Small-to-midsize businesses (SMBs) that embrace cloud computing and business websites are much more likely to enjoy rising revenue than others, according to accounting software provider, MYOB.

The company's March 2013 MYOB Business Monitor study, which was conducted by research firm Colmar Brunton and surveyed more than 1,000 SMBs, found that the businesses that adopted cloud technologies were twice as likely to see an earnings uplift in the past year.

However, only 16 percent indicated to use cloud computing and 38 percent said to have a business website.

MYOB CEO, Tim Reed, said the research findings provide a clear cut case for embracing online technologies in business.

"It's obvious that as time goes on, Australian business operators using Cloud computing are increasingly likely to achieve positive financial results. This ubiquitous technology has helped so many smaller businesses become better connected, more productive and more competitive," he said.

Another key finding of the study is the widening gap in financial performance between the online-savvy and the online-cautious.

Business operators in the cloud were not only more likely to see a revenue rise in the past year (33 percent versus 16 percent of those who weren't) they were more likely to expect one in the next year (37 per cent as compared to 28 percent).

Similarly, those with a business website were not only more likely to see a revenue rise in the past year (24 percent versus 15 percent), but also more likely to expect revenue growth in the next year (35 percent versus 27 percent).

"Interestingly, more than half our respondents said they would vote for the political party that proposed 'free government-funded training on how to use the Internet to enhance their business.' This says the majority realize they require further education on how to best employ online technology," Reed said.

Other findings from the study include: the most popular reason for cloud use was the ability to access data from whatever location they wanted (52 percent). The top use for cloud computing was file sharing (50 percent) and file back-up (49 percent). 35 percent of respondents said they didn't know enough about cloud computing to implement it.

Among the SMBs that didn't have a website, 68 percent said they did not set one as they prefer to advertise and market their business using other methods. Businesses exporting goods and services were the most likely to use cloud computing and business websites. South Australia had the highest proportion of cloud users (22 percent) and business website owners (42 percent).

Telefonica Digital & AirWatch Cloud-Based Mobile Device Management

Excerpted from ComputerWorld Report by Antony Savvas

Telefonica Digital and AirWatch have announced a global partnership to offer a cloud-based Security Mobile Device Management (SMDM) system to companies.

The browser-based platform supports corporate bring your own device (BYOD) strategies. It provides end-to-end management of companies' mobile devices and the necessary tools to define, enforce, and monitor the security policies for the use of mobile devices across the organization.

Analyst Gartner estimates that by 2016 the typical organization will spend over $300 per year per employee on mobile applications, security, management and support, and that by 2017, half of employers will require employees to supply their own device for work purposes.

The Telefonica/AirWatch platform incorporates an intuitive administrative interface that supports all relevant operating systems, and which is also easy to scale, said the partners, supporting large numbers of users across multiple areas.

It also incorporates features to guarantee that each device is working according to defined security policies, and monitors and manages in real time devices and profiles relating to access control, covering VPNs, WiFi, e-mail access, software and content distribution, and apps management.

In addition, the service offers an apps portal for the organization's private use. The service can be fully customized over the cloud or on-premise, and is offered as a self-service or managed service.

Jose Perdomo, Global Security Managing Director at Telefonica Digital, said: "This partnership with AirWatch puts us in an excellent position to meet the needs of our clients in this area. We combine their technical expertise with our global reach, corporate customer base and relationship with device manufacturers."

The SMDM Solution is already commercially available for Telefonica customers in Argentina, Spain, and the Czech Republic and will soon be expanded to other countries, said Telefonica Digital.

With Experience Comes Wisdom in Cloud Computing

Excerpted from Forbes Report by Joe McKendrick

A new survey finds that roughly one out of four organizations is heavily into cloud computing, and is providing lessons from which everyone else can benefit. For example, after a couple of years, its promised benefits do begin to show up.

That's the story behind RightScale's latest "State of the Cloud" Survey. The survey of 625 companies finds cloud is just about commonplace — only eight percent of respondents wanted nothing to do with cloud at all. And bigger enterprises are now the leading adopters of cloud.

RightScale even went a step further and introduced a "Cloud Maturity Model" that shows where everyone stands with cloud:

Cloud Watchers are developing cloud strategies and plans but have not yet implemented cloud projects. (17 percent of respondents).

Cloud Beginners are new to cloud computing and are working on proof-of-concepts or first projects (26 percent).

Cloud Explorers have implemented some cloud projects and are running applications in the cloud. (23 percent).

Cloud-Focused respondents are heavily using cloud computing and using it as a strategic initiative to transform business. (26 percent).

This model doesn't include the eight percent of non-cloud users — I guess they aren't even cloud watchers.

In addition, RightScale reports, survey respondents continued to show a strong interest in "multi-cloud" strategies, with plans to evaluate and use a broad range of public and private cloud options — not just one approach.

Consider the lessons learned as cloud users climb the maturity curve:

Only 18 percent of the advanced cloud users (cloud-focused) see security and compliance as a challenge, versus 38 percent of the greenhorns.

Eighty percent of the advanced-level respondents are seeing faster time to market for applications, versus 25 percent of the beginners.

A total of 87 percent of advanced respondents report that they were gaining faster access to infrastructure, compared to 30 percent of beginners.

Experienced cloud companies don't necessarily have fewer outages, and they're shorter in duration. because of greater exposure to cloud, 57 percent of the veterans had an outage in 2012, compared to 32 percent of the novices. But the length of an outage at an experienced site was 4.6 hours, compared to 5.8 hours at the beginner companies.

Still, about 65 percent of the experienced companies reported higher system availability, compared to 20 percent of the novices.

Coming Events of Interest

Digital Hollywood Spring - April 29th-May 2nd in Marina Del Rey, CA. The premier entertainment and technology conference. The conference where everything you do, everything you say, everything you see means business.

CLOUD COMPUTING EAST 2013 - May 19th-21st in Boston, MA. CCE:2013 will focus on three major sectors, GOVERNMENT, HEALTHCARE, and FINANCIAL SERVICES, whose use of cloud-based technologies is revolutionizing business processes, increasing efficiency and streamlining costs.

Cloud World Forum - June 26th-27th in London, England. The Cloud World Forum offers a comprehensive agenda and speaker line-up from the cloud sector, making it an ideal platform for global authorities to present their "how-to" strategy and vision. Many recognized headline participants along with detailed coverage of the enterprise IT market.

Cloud Computing Summit - July 16th-17th in Bradenton, South Africa. Advance your awareness of the latest trends and innovations from the world of cloud computing. This year's ITWeb-sponsored event will focus on key advances relating to the infrastructure, operations, and available services through the global network.

NordiCloud 2013 - September 1st-3rd in Oslo, Norway. The Nordic Symposium on Cloud Computing & Internet Technologies (NordiCloud) aims at providing an industrial and scientific forum for enhancing collaboration between industry and academic communities from Nordic and Baltic countries in the area of Cloud Computing and Internet Technologies.

P2P 2013: IEEE International Conference on Peer-to-Peer Computing - September 9th-11th in Trento, Italy. The IEEE P2P Conference is a forum to present and discuss all aspects of mostly decentralized, large-scale distributed systems and applications. This forum furthers the state-of-the-art in the design and analysis of large-scale distributed applications and systems.

CLOUD COMPUTING WEST 2013 — October 27th-29th in Las Vegas, NV. Three conference tracks will zero in on the latest advances in applying cloud-based solutions to all aspects of high-value entertainment content production, storage, and delivery; the impact of cloud services on broadband network management and economics; and evaluating and investing in cloud computing services providers.

Copyright 2008 Distributed Computing Industry Association
This page last updated May 5, 2013
Privacy Policy