|By Cloud Best Practices Network||
|September 7, 2012 06:30 AM EDT||
Our Cloud Archiving and Compliance best practices will define a maturity model for this hugely important segment within the industry.
It will also produce a best practices white paper, tailored to meet the needs of the NIST Business Use Case that defines the specific requirements for this functionality, the FAA E-Discovery scenario (11-page PDF).
It will also describe a response to the general best practices defined in the recent CIO.gov document: Best practices for ITaaS, which also describes eDiscovery requirements. Download the 44-page PDF here.
Cloud Archiving Managed Services
This is such a hugely important area for Cloud Providers to develop new services because of the double impact it represents.
First there is the simple facet of the business opportunity. Clients like governments and the finance industry have extensive requirements for archiving and e-discovery.
Secondly and the accelerating factor is that the biggest hold up to Cloud adoption is the lack of maturity in this area. Typically the fears all centre on issues like data residency, where is the data hosted, and what protections are in place to ensure this data is not tampered with and so on.
These are requirements that archiving solutions deal with straight off the bat.
The Gartner Magic Quadrant places vendors like HP (Autonomy), IBM and Symantec as the leaders in this space, but this is a focus on the overall broad category of enterprise archiving, meaning it includes traditional on-site systems too.
Where the real challenge and opportunity is presented is how these types of capabilities can be absorbed into Cloud hosting environments, challenges that are well described in this white paper from another of the vendors Proofpoint: Cloud Computing and eDiscovery.
They describe critical points like:
Cloud computing makes IT operations fast and nimble, but it doesn’t necessarily make ESI easier to discover or legal holds easier to enforce. On the contrary, cloud computing can make legal holds and ESI searches more complex, time-consuming, and difficult. The vast majority of cloud providers would be unable to satisfy the stringent security, privacy, and data access requirements of corporate counsel and other stakeholders responsible for managing legal risk exposure.
They are exactly right on this, which is a blunt explanation of why Cloud adoption is still very low despite the huge hype. There`s your answer.
Also Proofpoint describe the solution, and the associated opportunity for Cloud Providers:
Enterprise IT departments need guidance for deploying eDiscovery applications and for crafting Service Level Agreements (SLAs) with cloud service providers, so that new cloud computing initiatives don’t undermine the enterprise’s investments in eDiscovery.
If Cloud Providers do this they will not only open up a specific product segment, Cloud Archiving, but they will also alleviate Cloud adoption fears in general and open the floodgates for broader adoption of all Cloud apps.
This is why, in my opinion, Cloud Archiving is the single most important product area for Cloud Providers to invest in.
Cloud Archiving – Service specifications
For a taste of these market opportunities we can review a number of related industry initiatives.
Managing Government Records - President Obama recently declared the ‘Managing Government Records‘ initiative , to better use Cloud technologies to perform Information Management and achieve Open Government. Canada also recently announced a similar initiative, to build a ‘GC Docs’ portal that publishes all of their records.
The NIST Business Use Case details the required service specifications, begun with this high level introduction and overview:
“The Federal Aviation Administration (FAA) is examining how to implement cloud-based e-discovery and Freedom of Information Act (FOIA) processes for email. The system must be able to perform discovery in both its in-house email implementation (Lotus Notes) but also in cloud-based email systems. The system will also be used to manage content for compliance purposes, and will serve as an archive of FAA messaging content.
The long-run goal is to support four primary functions: e-discovery, electronic records management, FOIA, and privacy. These four processes have similar needs and capabilities, including searching business applications, document repositories, email (including calendar, contacts, tasks, etc.) and instant messages, and distributed storage (both internal and external) for electronically stored information (ESI) meeting defined criteria.
The focus of this business use case is the processes and systems required to respond to e-discovery and FOIA requests as they pertain to email message data and other supporting data such as calendar entries, tasks, attachments, etc. that are produced and processed by the FAA’s traditional and cloud email messaging systems.”
Our Cloud Archiving best practices program will detail how Cloud Providers can develop products in this area to meet these requirements and opportunities.
The speed of product development has increased massively in the past 10 years. At the same time our formal secure development and SDL methodologies have fallen behind. This forces product developers to choose between rapid release times and security. In his session at DevOps Summit, Michael Murray, Director of Cyber Security Consulting and Assessment at GE Healthcare, examined the problems and presented some solutions for moving security into the DevOps lifecycle to ensure that we get fast AND ...
Mar. 4, 2015 06:00 AM EST Reads: 2,712
The Workspace-as-a-Service (WaaS) market will grow to $6.4B by 2018. In his session at 16th Cloud Expo, Seth Bostock, CEO of IndependenceIT, will begin by walking the audience through the evolution of Workspace as-a-Service, where it is now vs. where it going. To look beyond the desktop we must understand exactly what WaaS is, who the users are, and where it is going in the future. IT departments, ISVs and service providers must look to workflow and automation capabilities to adapt to growing ...
Mar. 4, 2015 04:00 AM EST Reads: 1,083
Docker is becoming very popular--we are seeing every major private and public cloud vendor racing to adopt it. It promises portability and interoperability, and is quickly becoming the currency of the Cloud. In his session at DevOps Summit, Bart Copeland, CEO of ActiveState, discussed why Docker is so important to the future of the cloud, but will also take a step back and show that Docker is actually only one piece of the puzzle. Copeland will outline the bigger picture of where Docker fits a...
Mar. 4, 2015 04:00 AM EST Reads: 3,134
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. ...
Mar. 4, 2015 02:45 AM EST Reads: 3,815
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS soluti...
Mar. 4, 2015 02:30 AM EST Reads: 1,173
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and ex...
Mar. 4, 2015 01:30 AM EST Reads: 3,520
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Mar. 4, 2015 01:00 AM EST Reads: 4,403
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize sup...
Mar. 4, 2015 12:30 AM EST Reads: 3,543
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
Mar. 3, 2015 11:15 PM EST Reads: 749
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures...
Mar. 3, 2015 09:15 PM EST Reads: 880
Business and IT leaders today need better application delivery capabilities to support critical new innovation. But how often do you hear objections to improving application delivery like, “I can harden it against attack, but not on this timeline”; “I can make it better, but it will cost more”; “I can deliver faster, but not with these specs”; or “I can stay strong on cost control, but quality will suffer”? In the new application economy, these tradeoffs are no longer acceptable. Customers will ...
Mar. 3, 2015 07:30 PM EST Reads: 957
Red Hat has launched the Red Hat Cloud Innovation Practice, a new global team of experts that will assist companies with more quickly on-ramping to the cloud. They will do this by providing solutions and services such as validated designs with reference architectures and agile methodology consulting, training, and support. The Red Hat Cloud Innovation Practice is born out of the integration of technology and engineering expertise gained through the company’s 2014 acquisitions of leading Ceph s...
Mar. 3, 2015 06:30 PM EST Reads: 713
The free version of KEMP Technologies' LoadMaster™ application load balancer is now available for unlimited use, making it easy for IT developers and open source technology users to benefit from all the features of a full commercial-grade product at no cost. It can be downloaded at FreeLoadBalancer.com. Load balancing, security and traffic optimization are all key enablers for application performance and functionality. Without these, application services will not perform as expected or have the...
Mar. 3, 2015 05:30 PM EST Reads: 628
As organizations shift toward IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection &E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 16th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships, will disc...
Mar. 3, 2015 05:00 PM EST Reads: 966
VictorOps is making on-call suck less with the only collaborative alert management platform on the market. With easy on-call scheduling management, a real-time incident timeline that gives you contextual relevance around your alerts and powerful reporting features that make post-mortems more effective, VictorOps helps your IT/DevOps team solve problems faster.
Mar. 3, 2015 05:00 PM EST Reads: 1,359
Skytap Inc., has appointed David Frost as vice president of professional services. David joins Skytap from Deloitte Consulting where he served as Managing Director leading SAP, Cloud, and Advanced Technology Services. At Skytap, David will head the company's professional services organization, and spearhead a new consulting practice that will guide IT organizations through the adoption of DevOps best practices. David's appointment comes on the heels of Skytap's recent $35 million Series D fundin...
Mar. 3, 2015 04:45 PM EST Reads: 706
Cloud data governance was previously an avoided function when cloud deployments were relatively small. With the rapid adoption in public cloud – both rogue and sanctioned, it’s not uncommon to find regulated data dumped into public cloud and unprotected. This is why enterprises and cloud providers alike need to embrace a cloud data governance function and map policies, processes and technology controls accordingly. In her session at 15th Cloud Expo, Evelyn de Souza, Data Privacy and Compliance...
Mar. 3, 2015 04:15 PM EST Reads: 928
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, will analyze a range of cloud offerings (IaaS, PaaS, SaaS) and discuss the benefits/challenges of migrating to each of...
Mar. 3, 2015 04:00 PM EST Reads: 910
Platform-as-a-Service (PaaS) is a technology designed to make DevOps easier and allow developers to focus on application development. The PaaS takes care of provisioning, scaling, HA, and other cloud management aspects. Apache Stratos is a PaaS codebase developed in Apache and designed to create a highly productive developer environment while also supporting powerful deployment options. Integration with the Docker platform, CoreOS Linux distribution, and Kubernetes container management system ...
Mar. 3, 2015 04:00 PM EST Reads: 980
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, will discuss why containers should be paired with new architectural practices such as microservices ra...
Mar. 3, 2015 04:00 PM EST Reads: 1,567