|By Gilad Parann-Nissany||
|November 15, 2012 07:23 AM EST||
It is possible, however, to cut this debate in a different way if you look at it not from an IT perspective, but from the point of view of the end user of an application. That end user often has similar expectations from a “public” and a “private” cloud solution.
Let’s take a business case and analyze it from a security point of view – this is the most direct way of bringing out the argument. Suppose you are creating an application for your users which manages sensitive information. Further assume your users are not internal to your own organization.
That latter point is central. If your users are completely internal to your own organization, especially if they are pure IT users or are localized (your organization is not too far-flung), chances are you have no business reason to go to a public cloud at all, and even a private cloud may be just a fun technology play for you. In other words, if your users are completely internal and/or a tight-knit group, doing a “cloud” approach is a matter of technology fashion and not a business need.
So, let’s go back to the business case we outlined, where your users are not internal. As a consequence, your users will not care whether you have implemented your solution on a third party vendor’s cloud or on your own private cloud. The users will have many of the same security expectations, and meeting these expectations may involve many of the same technologies.
Security is touted as one of the main differentiators between private and public clouds. As more users express the same expectations from both, we will see a more mature discussion emerge in 2013. Private clouds will certainly leverage existing investments in the data center, and offer more direct control to the service provider; public clouds will offer economies of scale. But both kinds of provider will find that they have similar security conversations with their customers.
For example, sensitive information in the cloud should always be encrypted. Your users will not need to understand the technological details, but they will need to know that – at the end of the day – you have provided maximum security for their data, so much so that it is private even to you. This can be achieved today with cutting edge technologies, such as Homomorphic Key Encryption and Split Key Encryption. While users need not understand the details of these technologies, they will appreciate the result: A guarantee from you, their supplier, that you can never read their data; and that they have full control of their data through a simple “master key” that is never exposed in the cloud or to anyone but the user.
In another example, let’s address concerns about physical access. Your users want a guarantee that physical access is tightly controlled to the servers that deliver the application with their data. Whether you control physical access yourself, or farm it out to a third party who has controls you trust, is up to you. Your users will – in both cases – want the guarantee from you, and it is up to you to decide whether you achieve this directly or through outsourcing and contractual obligations.
Such attitudes among the users – the people that count – mean that the differences between public and private clouds are not all what they are hyped to be. This is affecting the market – user perceptions are affecting supplier perceptions. More and more shops understand that the security questions that matter most will come up whether you label your solution as private or public. In 2013 we will see this view becoming commonplace, and users in both scenarios will be shopping around for solutions to similar security issues.
The post Private and Public Clouds will be, in many ways, the same in 2013 appeared first on Porticor Cloud Security.
"We help to transform an organization and their operations and make them more efficient, more agile, and more nimble to move into the cloud or to move between cloud providers and create an agnostic tool set," noted Jeremy Steinert, DevOps Services Practice Lead at WSM International, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 2, 2015 04:13 PM EDT Reads: 559
The basic integration architecture, as defined by ESBs, hasn’t changed for more than a decade. Most cloud integration providers still rely on an ESB architecture and their proprietary connectors. As a result, enterprise integration projects suffer from constraints of availability and reliability of these connectors that are not re-usable across other integration vendors. However, the rapid adoption of APIs and almost ubiquitous availability of APIs amongst most SaaS and Cloud applications are ra...
Jul. 2, 2015 03:18 PM EDT Reads: 643
Agile, which started in the development organization, has gradually expanded into other areas downstream - namely IT and Operations. Teams – then teams of teams – have streamlined processes, improved feedback loops and driven a much faster pace into IT departments which have had profound effects on the entire organization. In his session at DevOps Summit, Anders Wallgren, Chief Technology Officer of Electric Cloud, will discuss how DevOps and Continuous Delivery have emerged to help connect dev...
Jul. 2, 2015 03:00 PM EDT Reads: 1,018
"What Dyn is able to do with our Internet performance and our Internet intelligence is give companies visibility into what is actually going on in that cloud," noted Corey Hamilton, Product Marketing Manager at Dyn, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 2, 2015 02:52 PM EDT Reads: 628
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists addressed this very serious issue of pro...
Jul. 2, 2015 02:30 PM EDT Reads: 1,217
Internet of Things is moving from being a hype to a reality. Experts estimate that internet connected cars will grow to 152 million, while over 100 million internet connected wireless light bulbs and lamps will be operational by 2020. These and many other intriguing statistics highlight the importance of Internet powered devices and how market penetration is going to multiply many times over in the next few years.
Jul. 2, 2015 02:15 PM EDT Reads: 2,212
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid iteration. Such behaviors also characterize open source software development and are at the heart of DevOps culture, processes, and tooling.
Jul. 2, 2015 02:15 PM EDT Reads: 882
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, will explore the IoT cloud-based platform technologies drivi...
Jul. 2, 2015 02:00 PM EDT Reads: 1,068
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of...
Jul. 2, 2015 01:45 PM EDT Reads: 2,313
Live Webinar with 451 Research Analyst Peter Christy. Join us on Wednesday July 22, 2015, at 10 am PT / 1 pm ET In a world where users are on the Internet and the applications are in the cloud, how do you maintain your historic SLA with your users? Peter Christy, Research Director, Networks at 451 Research, will discuss this new network paradigm, one in which there is no LAN and no WAN, and discuss what users and network administrators gain and give up when migrating to the agile world of clo...
Jul. 2, 2015 01:36 PM EDT Reads: 618
SYS-CON Events announced today that JFrog, maker of Artifactory, the popular Binary Repository Manager, will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based in California, Israel and France, founded by longtime field-experts, JFrog, creator of Artifactory and Bintray, has provided the market with the first Binary Repository solution and a software distribution social platform.
Jul. 2, 2015 01:00 PM EDT Reads: 1,267
"We got started as search consultants. On the services side of the business we have help organizations save time and save money when they hit issues that everyone more or less hits when their data grows," noted Otis Gospodnetić, Founder of Sematext, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 2, 2015 01:00 PM EDT Reads: 1,063
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of robomq.io, and Fred Yatzeck, principal architect leading product development at robomq.io, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at th...
Jul. 2, 2015 12:00 PM EDT Reads: 2,040
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult – let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and liv...
Jul. 2, 2015 11:50 AM EDT Reads: 571
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
Jul. 2, 2015 11:17 AM EDT Reads: 556
"We have a tagline - "Power in the API Economy." What that means is everything that is built in applications and connected applications is done through APIs," explained Roberto Medrano, Executive Vice President at Akana, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 2, 2015 11:15 AM EDT Reads: 1,067
Malicious agents are moving faster than the speed of business. Even more worrisome, most companies are relying on legacy approaches to security that are no longer capable of meeting current threats. In the modern cloud, threat diversity is rapidly expanding, necessitating more sophisticated security protocols than those used in the past or in desktop environments. Yet companies are falling for cloud security myths that were truths at one time but have evolved out of existence.
Jul. 2, 2015 11:00 AM EDT Reads: 2,219
The cloud has transformed how we think about software quality. Instead of preventing failures, we must focus on automatic recovery from failure. In other words, resilience trumps traditional quality measures. Continuous delivery models further squeeze traditional notions of quality. Remember the venerable project management Iron Triangle? Among time, scope, and cost, you can only fix two or quality will suffer. Only in today's DevOps world, continuous testing, integration, and deployment upend...
Jul. 2, 2015 11:00 AM EDT Reads: 2,147
IT data is typically silo'd by the various tools in place. Unifying all the log, metric and event data in one analytics platform stops finger pointing and provides the end-to-end correlation. Logs, metrics and custom event data can be joined to tell the holistic story of your software and operations. For example, users can correlate code deploys to system performance to application error codes. In his session at DevOps Summit, Michael Demmer, VP of Engineering at Jut, will discuss how this can...
Jul. 2, 2015 10:46 AM EDT Reads: 482
"A lot of the enterprises that have been using our systems for many years are reaching out to the cloud - the public cloud, the private cloud and hybrid," stated Reuven Harrison, CTO and Co-Founder of Tufin, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 2, 2015 10:45 AM EDT Reads: 752