Use of Cloud Computing and Virtualization in the Time of Recession

Cloud Computing on Ulitzer

Subscribe to Cloud Computing on Ulitzer: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Computing on Ulitzer: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Cloud Computing Authors: Pat Romanski, Liz McMillan, Automic Blog, Kevin Jackson, John Katrick

Related Topics: Cloud Computing, Microservices Journal, Cloud Data Analytics

Article

To Cloud or Not to Cloud

Vendors need to dial back a bit on the marketing hype and focus more on real-time solutions

I've been asked quite a few times, "when will it be a good time to get into cloud computing?" by potential clients. My answer is typically it depends... I know, I know.... not much direction there, but really it all depends. Why ?

Well, some may state, "we all know of the much beaten security concerns, and we will ensure that systems on our end are secured and synced to work in tandem with the vendors' security."

Can one ensure some degree of monitoring by the implementation of an Intrusion Detection System (IDS) residing within the system hosting the gateway into the cloud?

The intent of such an implementation can be to monitor the cloud gateway system's software for anomalies, variances from expected traffic and quantity of access into an enterprise's cloud service.But will it be effective enough?

We all remember the buzz and the alarm over adopting the cloud that the occurred from the Bitbucket-EC2 debacle last year and the stories about the back and forth that left Bitbucket's services unavailable for an "eternity" in "internet time" until the EC2 team acknowledged an issue.

Were they hacked? They were DDoSed as most of you already know. Hacking as we know it today, is a for profit enterprise. But can hacking in the cloud become a common instance considering the large enterprises that are vendors, the clients they can or are providing services for, and the levels of security, disaster recovery and back up plans that these vendors claim are in place?

Maybe, but I believe that there is a good chance that any such instance can be caught and dealt with in a manner more expeditious due to the processes in place at these larger vendor facilities than it would at a smaller enterprise. I am not saying that a smaller enterprise can not mitigate an attack, just that the larger cloud vendor will have more resources to act with.

According to some, the cloud is a hackers trove of resources to say launch a DDoS attack. My question is then, to date how many such attacks have occurred with regard to a cloud deployment? Less than a dozen I believe in the last nine months, this simply because there is no real profit in a DDoS within this environment. Unless of course the aim for whatever reason is to stop traffic to a site and disrupt operations as in the case of Bitbucket.

Amazon's response to this situation was it was localized to this company's instance and no other enterprise sharing the system was affected. They further went on to state that they will provide guidance to companies to combat such an attack via Elastic Load Balancing and Auto-Scaling. If the enterprise affected was say a twenty man operation with no large customers to get on the horn to Amazon, would the outcome have been different? One can only hope that the answer to this is no, however as consumers we know the merits of shopping around, right?

So where does this leave us, is it reasonable to get some cloud services? Of course it is, cost savings aside,( in fact that will soon be a non-issue as this ecosystem matures) the general public is growing to expect real time satisfaction to their needs that are increasingly governed by IT.

As a result and in order to stay competitive, profitable and  "in the game", enterprises will be driven to adopt some type of cloud service. A good start should be a private cloud and then scale out to a public or hybrid as needed, with of course effective SLA agreements.A good rule of thumb as many have mentioned -don't put anything into a public cloud that you cannot risk losing.

Market Confusion?  As consumers or potential consumers of a cloud service customers are bombarded by the proliferation of cloud vendors and/or cloud services, or more correctly claims for services being offered. In order to get the best out of your cloud service, there must be a mutual understanding, agreement and clarity of need. Look at the offerings of multiple vendors and if feasible spread your requirements between vendors.

In order to ensure a level of comfort and security when it comes to cloud adoption and alleviate some concerns for end-users or tenants of the cloud; vendors need to dial back a bit on the marketing hype and focus more on real-time solutions that can be verified by neutral industry and/or academic researchers.

Everyone involved in IT want their cloud solutions to be effective and time managed and the for-profit sector expects a maximum ROI. In order to achieve a modicum of, across the board trusted computing, compatibility and success within this ecosystem; look to a consortium of vendors that are working toward ensuring that any design and implementation of a software stack across platforms maintains a level of vendor neutrality.

This will give an assurance of you the customers' best interest primarily and cloud vendor profit following, by a vendor's or vendors aim to design cloud applications for resilience, effective management of data and data replication as well as the expected latency that can occur between a spread of multiple providers.

More Stories By Jon Shende

Jon RG Shende is an executive with over 18 years of industry experience. He commenced his career, in the medical arena, then moved into the Oil and Gas environment where he was introduced to SCADA and network technologies,also becoming certified in Industrial Pump and Valve repairs. Jon gained global experience over his career working within several verticals to include pharma, medical sales and marketing services as well as within the technology services environment, eventually becoming the youngest VP of an international enterprise. He is a graduate of the University of Oxford, holds a Masters certificate in Business Administration, as well as an MSc in IT Security, specializing in Computer Crime and Forensics with a thesis on security in the Cloud. Jon, well versed with the technology startup and mid sized venture ecosystems, has contributed at the C and Senior Director level for former clients. As an IT Security Executive, Jon has experience with Virtualization,Strategy, Governance,Risk Management, Continuity and Compliance. He was an early adopter of web-services, web-based tools and successfully beta tested a remote assistance and support software for a major telecom. Within the realm of sales, marketing and business development, Jon earned commendations for turnaround strategies within the services and pharma industry. For one pharma contract he was responsibe for bringing low performing districts up to number 1 rankings for consecutive quarters; as well as outperforming quotas from 125% up to 314%. Part of this was achieved by working closely with sales and marketing teams to ensure message and product placement were on point. Professionally he is a Fellow of the BCS Chartered Institute for IT, an HITRUST Certified CSF Practitioner and holds the CITP and CRISC certifications.Jon Shende currently works as a Senior Director for a CSP. A recognised thought Leader, Jon has been invited to speak for the SANs Institute, has spoken at Cloud Expo in New York as well as sat on a panel at Cloud Expo Santa Clara, and has been an Ernst and Young CPE conference speaker. His personal blog is located at http://jonshende.blogspot.com/view/magazine "We are what we repeatedly do. Excellence, therefore, is not an act, but a habit."