Posts Tagged ‘Cloud’

IT Spending to Rise, Though Growth Remains Sluggish

November 19th, 2014

The outlook for 2015 is mostly positive, with innovations in mobility, business intelligence and cloud computing, Computer Economics found.Outsourcing4

IT operational spending is projected to increase 3 percent at the median in the United States and Canada as tech executives look ahead to 2015, seeing a business climate that is improving with sustainable, if not remarkable, growth, according to a report from Computer Economics.

The outlook for 2015 is mostly positive, with innovations in mobility, business intelligence and cloud computing enabling businesses to derive transformational value from their IT investments.

However, the report warned that at the same time, IT spending faces real constraints in the slow-growth environment, and IT executives will need to grapple with finding resources to maintain existing infrastructure while investing in transformational technology—a factor that is expected to remain a challenge for many years ahead.

“Our study shows that many IT organizations will be budgeting for projects in these areas and fewer are budgeting for infrastructure projects,” John Longwell, vice president of research at Computer Economics, told eWEEK. “From other research, we can show that companies that rely mostly on the cloud have lower IT spending than the norm.”

The annual report provides guidance for IT executives as they firm up spending plans for the coming year and is based on the company’s survey of 128 IT organizations worldwide, including 68 IT organizations in North America.

The study assesses IT spending plans for 2015, priorities for IT spending and investment, and plans for hiring, outsourcing and use of contractors and part-time workers.

“The confidence is generally good and the hiring that is occurring reflects that sentiment. IT organizations are no longer just relying on contractors, but they are bringing on regular, full-time employees,” Longwell said. “This is a shift that has been occurring over the last year and it reflects increased confidence in the sustainability of the recovery. We are also seeing less emphasis on cost cutting and more emphasis on improving IT service levels.”

The report projected IT capital budgets will remain flat, showing little or no growth at the median, and IT organizations will continue to invest in enterprise applications, security and business intelligence.

However, spending on data center infrastructure is expected to remain weak, but more than half of IT organizations will increase IT staff headcount.

“Companies are investing in business systems that promise to enhance sales and marketing operations,” Longwell said. “There is still a focus on quick payback, but there is a greater willingness to invest strategically for growth. One reason organizations are showing more interest in cloud-based applications is the lower upfront costs and quicker return on investment.”

The company is also projecting a shift from the use of contractors to the hiring of more full-time, regular employees.The typical IT worker will receive a 3 percent pay raise, and IT organizations will need to pay greater attention to recruitment, training and retention activities.

“Capital spending will remain somewhat weak, but operational budgets are poised for modest improvement,” Longwell said. “Beyond that, we have no special insight into how things will unfold. In areas where IT can enhance productivity, companies will make those investments–otherwise, IT spending will track with top-line revenue growth.”


Cloud Computing Set to Rain on Indian Outsourcers’ Parade

November 18th, 2014

There are dark clouds on the horizon of India’s information technology and outsourcing industry.Outsourcing39

Profit growth at even India’s most successful and sophisticated software companies could be doused as companies, governments and consumers around the world do an increasing amount of their computing on the cloud, says outsourcing services advisory firm ISG Inc.FCD.UN.V +2.26%

Companies that have traditionally used in-house servers running on custom-made applications are putting more of their business on external servers and using off-the-shelf software. Using the cloud often means using fewer people so Indian software companies—once dubbed “body shops” because they could supply as many computer engineers as a project needed—are going to suffer as they lose much of their competitive advantage.

As it is only going to get cheaper and easier for companies to switch to the cloud, smart people-powered service providers need to get ready for the storm, said Sidharth Pai, partner and president for Asia Pacific region at ISG.

“This means, developing software that allows businesses to (interact) faster and more efficiently with their external stakeholders–customers, suppliers, etc.–rather than focus on changes to the internal workings of a client,” he said.

Around one in four of the deals ISG helped advise involved cloud computing last year. That’s more than three times more than the percentage of cloud deals it saw three years earlier.

India’s software and outsourcing companies are still too reliant on the business model that uses lots of relatively inexpensive Indian engineers and sends them to client sites to build software and fix problems, ISG and other analysts say.

Cloud providers use external servers, sophisticated technology and automation to manage clients data using fewer employees. Where a traditional service provider deploys one employee to monitor up to 200 servers, cloud players can use one employee to monitor up to 10,000 servers, ISG estimates.

The cloud infrastructure players are drastically cutting down prices and starting to create pricing pressure on service providers in India and elsewhere who continue to set contracts based on the number of engineers deployed in a project.

Cloud infrastructure providers such as Amazon Web Services, Red Hat, Rackspace Hosting and others are emerging as a formidable threat to Indian outsourcers and other traditional service providers and consultants including International Business Machines and Accenture, that earn revenues from managing the technology infrastructure of clients.

Traditional service providers now have to strive to get more cloud contracts–where they help clients shift data to cloud infrastructure providers–rather than focusing on creating their own clouds, ISG said.


10 Principles Of IT Security Every Small Business Should Know

November 17th, 2014

IT security breaches are a risk to small business.Condoleezza Rice Meets With Alexander Downer

Without a dedicated IT department, managing online security for a small business can be a daunting task.

While big organisations have entire teams working to secure networks and information, small businesses are lucky to have a computer guy.

But there are simple steps you can take to secure your data – and remember, much of this is your customers’ data too, and they expect it will be cared for properly.

So to get up to speed, here are 10 things every small business should know to protect systems from intruders.

1. Invest in and update security software
Even if you’re a small business, security is important because being connected to the internet opens you to the world, Airtasker COO and co-founder Jonathan Lui told Business Insider.

Last year Australians spent $408 million on security software but they spent $770 million on potato chips. The message: invest in reliable and up-to-date security software.

Security software needs to be installed on all your devices. It should include a firewall, anti-virus and anti-spyware. One of the mistakes people make is installing the software and never updating it – new threats emerge on the internet every day and your protection software needs to keep up with that.

Also good to know – many of the cloud software offerings on the market already have stringent security solutions built into them. So you may not need to invest over and above the technology that you already have.

2. Back everything up
Gone are the days where backing up your data was a tedious task. Cloud technology means you can set up your devices to back up all the information they hold as often as you like.

A comprehensive solution combines online and offline – so back up to the cloud and to a USB regularly.

3. Build a culture of IT security in the business
Establishing a culture which is aware of security threats is one way to protect your business. This can be as simple as training staff around expectations and technology uses.

“It comes down to a lot of human security principles,” Lui said.

“Generally when a new employee comes in we get them to sign a policy agreement which outlines what we expect in terms of IT security and confidentiality. I generally do an audit once a quarter but try to keep it a bit random.”

Expert360 head of engineering Tom Jowitt said education can be one of the strongest security policies.

“Educate your team on best practices. Small improvements can drastically improve security. People are always the weakest link,” he said.

4. Outsource to an expert global provider
Outsourcing tasks like hosting and servicing IT infrastructure to a global provider is important. It enables small business to take advantage of the big company’s developments and have less chance of data being lost or breached as well as hopefully minimising any downtime.

“Don’t try to bring all the security skills into your business if you don’t have to. You’re not the security guy. If you think it’s a priority pay for those skills,” Lui said.

“You need to delegate the responsibility to someone who is going to care about your IT security.

“You’re trying to minimise the risk of something catastrophic happening down the track.”

Jowitt said outsourcing gets security out of the way of critical business tasks.

“In small businesses, data is one of the most valuable assets yet you often lack the resources that larger companies do. You need to make sure that your security approach is manageable and doesn’t get in the way of the business. Security is always a trade-off between being secure and being usable,” he said.

5. Have different passwords for everything
Setting passwords on all devices and introducing two-factor identification for more sensitive information can protect your business from intruders. It’s especially important with the rise in portable and mobile devices that leave the office. Passwords can stop people from accessing information if a phone or laptop for example is lost or stolen.

Passwords should also be different for each device or platform to stop giving someone access to everything if they figure out one access code.

Think about what would happen if someone could read your email. A sophisticated hacker could trawl your correspondence for all those times you shared passwords around the business, and reverse engineer much of your security.

Lui said setting up a password management plugin is an easy way to manage security when a business has multiple users. It also enables a manager to set different access levels and allocate a master password.

6. Learn to remote wipe
Just like you would want all your data backed up if a device was lost, stolen or infected with malicious software – you also need to have the ability to wipe data remotely.

This means you can log in from another device in the case of an unexpected event and wipe all the data to stop it being accessed by prying eyes.

Lui said setting up the ability to lock down access to emails and files that an employee has access to is also important, especially if they leave the company unexpectedly.

“I always err on the side of being cautious from the start,” he said. “It prevents these types of issues if they happen.”

7. Brush up on the Australian Privacy Act
Knowing the rules and regulations around obtaining and storing data – especially customer data – is important to ensure you’re not breaking any laws.

Lui said there is also business incentive for ensuring personal data is properly protected.

“Customer data is quite sensitive,” he said.

“It’s very important to hold as much data as possible but that it’s secure.

“You don’t want to get famous for the wrong reasons, if the story leaks out that you let out the details of your customers that’s not good.”

Importantly, the major providers have local data centres that operate under Australian jurisdiction which remove the legal uncertainties.

8. Lock up your gadgets
It may sound rudimentary but having a device stolen can be a headache for business.

Locking up laptops and gadgets and keeping them out of sight when people aren’t around can go a long way ensuring hardware isn’t taken.

“No computers lying around the desk when people aren’t there, it has to be locked up. Don’t just leave things lying around that might have data on it,” Lui said. “Do a general check on locks after hours.”

9. Think about how you’re sending data around
Emails can be forwarded all over the place without the sender ever knowing.

“If someone asks for some data that they need I make sure I pass it to them securely,” Lui said.

“These days with more data going online for everyone there’s a lot of ways people can get their hands on that data.

“We try and do almost everything in the cloud and try not to store anything on our computers.”

10. Have a disaster plan
If something can go wrong, chances are it probably will, Jowitt said small businesses need to think about how they might deal with worst-case scenarios. Larger businesses have incredibly detailed plans for how they will respond in case of things like fire, mass power outages, or other unforeseen disasters. For small business, it needn’t be complicated, but some basic planning will help.

“Make sure you have contingency and disaster recovery plans for when things go wrong,” he said.

“If you can’t afford a full-time sysadmin or security team make sure you at least bring in an external auditor to review your IT infrastructure.”


Acquire BPO completes 100% Shore Solutions acquisition

November 13th, 2014

Melbourne, Australia-based Acquire Business Process Outsourcing (BPO) has already completed the 100% acquisition of homegrown Shore Solutions Inc., one of the fastest-growing BPOs in the Philippines.Outsourcing31

The acquisition adds approximately 2,000 employees to Acquire, with an aim to provide a full suite of outsourcing operations for major corporations across Asia, Australia, the United Kingdom, and the United States.

Acquire’s acquisition of Shore Solutions is its second in less than a year.

In January, Acquire bought the Philippine company Animation1, thus its foray into the 3D animation market.

Scott Stavretis, chief executive officer of Acquire and Shore Solutions, said the Shore Solutions’ acquisition offers several exciting opportunities for Acquire in diversifying its current service offering and bolstering its revenue.

Shore Solutions has proven expertise human resource outsourcing (HRO); knowledge process outsourcing (KPO); IT (information technology); and professional services, which all complements Acquire’s outsourcing capabilities.

Shore Solutions is also a value-added reseller of SAP-SuccessFactors Human Capital Management (HCM) cloud technology, which is now included in Acquire’s service offerings.

Shore’s contact center division, meanwhile, has grown rapidly over the past 3 years and services a range of clients across the globe, including some very large, well-known household brands, Stavretis said.

The acquisition will scale the Acquire employee numbers to about 7000 globally.

Future acquisition activity, including its current strong, organic growth of both businesses, positions Acquire as a strong disruptor in the competitive landscape of the BPO industry.


IBM takes on enterprise cloud security

November 6th, 2014

As organizations increasingly move their operations to the cloud, they need to remain vigilant against security breaches. IBM had this in mind as it prepared a new portfolio of services designed to help secure an enterprise’s cloud operations with the same rigor that has come to be expected with in-house operations.Outsourcing6

“The move to the cloud is nothing new, but what we’re seeing now is that people are now considering moving critical workloads to the cloud,” said Marc van Zadelhoff, IBM vice president of strategy for security systems.

The Dynamic Cloud Security portfolio, available now, “allows customers to take security to the cloud with them,” Zadelhoff said.

IBM gets fast file transfers with Aspera acquisition IBM adds OpenStack to its cloud marketplace IBM sends Cognos, SPSS to the cloud
The portfolio concentrates on aiding enterprises in three of areas of security: authenticating access in the cloud, protecting applications and data in the cloud, and improving visibility into the effectiveness of security controls watching over cloud resources.

Over 200 engineers helped build the portfolio over the past year. The services extend IBM’s collection of security software programs, such as QRadar security event management software and the Guardian data protection software, so they can be used to guard cloud resources as well.

Initially, the services will focus on securing resources on Amazon Web Services and IBM’s own SoftLayer cloud, though they can also be used with other cloud services as well, Zadelhoff said.

The portfolio includes a central portal that offers a summary of the state of security across all of an organization’s assets. Most security breaches can take weeks or even months to discover, IBM has estimated. The longer a breach goes undiscovered, the more damage an attacker can do. So a security portal can help identify problems as soon as they arise.

The IBM services can scan the applications being used in the cloud for potential vulnerabilities, and can alert developers or system administrators of any potential security weaknesses. They can identify sensitive data in the cloud, and then monitor that data for any unauthorized usage. Pricing is based on different services used, overall usage and other factors.

RegisterSubscribe to Newsletters
IBM itself already collects more than 20 billion daily security events in the course of its duties managing security for clients. This intelligence allows IBM to identify threats early on.

IBM has identified security as a growth market for the company. It has acquired 12 security companies in the past decade, and has invested over $2 billion into security research, securing over 3,000 patents in this area.

In the field of cloud security, IBM will be competing against a wide variety of companies such as Symantec, Barracuda, Qualys, SafeNet, TrendMicro and WatchGuard — many of which have built up expertise in on-premise security products and services.


Federal IT Leaders Look for Trust, Transparency in Cloud Vendors

November 3rd, 2014

As the FedRAMP security certification standard evolves, government tech officials are having an easier time evaluating private cloud offerings. However, they caution that trust and vendor relationships are key, and regardless, some sensitive applications will remain in-house.Outsourcing5

Even as federal agencies have been warming to the opportunities that commercial cloud service providers can offer, the transition is gradual, as government IT officials continue to express concerns about service agreements and turning over sensitive applications to outside vendors.

Throughout the contracting process, officials stress the importance of developing trust between the agency and the service provider, urging contractors to tailor SLAs to address security concerns, worries about vendor lock-in and clearly defined roles and responsibilities.

“Transparency is key,” Melinda Rogers, CISO at the Department of Justice, said recently at a panel discussion hosted by Federal News Radio. “Transparency on service, transparency on cost.”

FedRAMP Certification is First Step in Government Cloud Conversation

The government’s move to the cloud has been hastened to some degree by the implementation of the Federal Risk and Authorization Management Program (FedRAMP), a standardized, government-wide security review and authorization process for private-sector cloud offerings, one that federal officials say has become essential for vendors to win contracts.

“That’s your baseline. That’s kind of your price of entry,” says Gary Barlet, CIO at the U.S. Postal Service’s Office of Inspector General.

“The very first question you ask is … [vendors] must be FedRAMP certified — are you, yes or no? If the answer’s no, you’re done. It’s one of those deals where if you don’t pass a minimum price of entry, there’s no reason to continue to have a conversation about it,” Barlet says.

The idea of a common certification that is recognized across the government offers vendors a single development template — albeit a rigorous one — to replace the patchwork of department and agency standards that have bedeviled federal IT contractors for years.

Cloud vendors, however, have still been able to submit their products for an agency-specific review, or to go through the more exhaustive evaluation of the Joint Authorization Board, or JAB, which, if successful, confers a certification to operate across the government.

“It’s a very taxing process,” Mark Williams, CSO at Microsoft’s federal division, says of the JAB review.

Not only do vendors have to pass their products through that stringent review process and furnish volumes of documentation, there is also something of a logjam in the review process, according to Williams. So Microsoft, like other cloud service providers, has been winning gradual approval for its offerings, but the FedRAMP review boards have unable to keep up with the volume of products vendors have been submitting for approval.

“Our services are slowly getting through, but not at the rate we need,” he says.

But even once a commercial cloud product passes through that review process, vendors may still face skeptical government buyers. For all the inter-agency work in developing FedRAMP as a common security standard, many officials still remain on edge about the various cloud models, and insist that some sensitive applications will remain on-premises or hosted in a government cloud.

At the Postal Service, for instance, Barlet’s team was considering which applications would be good candidates for a cloud migration, and ended up transitioning some processes like the organization’s project management software. But the agency’s more complex case-management software, it was ultimately decided, was too elaborate and carried too many unique specifications to shift to a third-party provider.

“Because of all the extra requirements, it just seemed a little safer to keep that in-house,” Barlet says.

Security Still Chief Impediment to Government Move to Cloud

Security has long been cited as a chief impediment to the government’s move to the cloud and its partnership with commercial providers. Much of that comes down to an issue of trust, according to Steve Hernandez, CISO at the Department of Health and Human Services’ Office of Inspector General, who urges vendors to be more forthcoming with information about their risks and vulnerabilities in their conversations with government buyers.

“We need to know beforehand what type of risk we’re assuming, and to do that we need accurate vulnerability information from these cloud providers,” Hernandez says. “What can happen is you can end up being collateral damage because another agency or commercial provider was hit.”

Officials have also been slow to warm up to the cloud brokerage initiative that the General Services Administration has been developing, inviting cloud services firms to establish themselves as brokers who would help government agencies purchase and deploy cloud products from other vendors.

At the outset, some officials are wary of that model for introducing added layers of complexity, particularly when federal CIOs already worry about outsourcing critical applications to commercial vendors.

“Maybe at some point we’ll get there,” Barlet says. “But I don’t know if it’s going to come any time soon.”


Did you believe in any of these cloud computing myths?

October 29th, 2014

Myths and misunderstandings around the use and benefits of cloud computing are slowing down IT project implementations, impeding innovation, inducing fear and distracting enterprises from yielding business efficiency and innovation, analyst firm Gartner has warned.Outsourcing52

It has identified the top ten common misunderstandings around cloud:

Myth 1: Cloud is always about the money

Assuming that the cloud always saves money can lead to career-limiting promises. Saving money may end up one of the benefits, but it should not be taken for granted. It doesn’t help when all the big daddies of the cloud world – AWS, Google Microsoft – are doing are tripping over each other to cut down prices. But cost savings must be seen as a nice-to-have benefit while agility and scalability should be the top reasons for adopting cloud services.

Myth 2: You have to do cloud to be good

According to Gartner, this is the result of rampant “cloud washing.” Some cloud washing is based on a mistaken mantra (fed by hype) that something cannot be “good” unless it is cloud, a Gartner analyst said.

Besides, enterprises are billing many of their IT projects cloud for a tick in the box and to secure funding from the stakeholders. People are falling into the trap of believing that if something is good it has to be cloud.

There are many use cases where cloud may not be a great fit – for instance, if your business does not experience too many peaks and lulls, then cloud may not be right for you. Also, for enterprises in heavily regulated sector or those operating within strict data protection regulations, a highly agile datacentre within IT’s full control may be a best bet.

Myth 3: Cloud should be used for everything

Related to the previous myth, this refers to the belief that the characteristics of the cloud are applicable to everything – even legacy applications or data-intensive workloads.

Unless there are cost savings, moving a legacy application that doesn’t change is not a good candidate.

Myth 4: “The CEO said so” is a cloud strategy

Many companies don’t have a cloud strategy and are doing it just because their CEO wants. A cloud strategy begins by identifying business goals and mapping potential benefits of the cloud to them, while mitigating the potential drawbacks. Cloud should be thought of as a means to an end. The end must be specified first, Gartner advises.

Myth 5: We need One cloud strategy or one vendor

Cloud computing is not one thing, warns Gartner.  Cloud services include IaaS, SaaS or PaaS models and cloud types include private, public or hybrid clouds. Then there are applications that are right candidates for one type of cloud. A cloud strategy should be based on aligning business goals with potential benefits. Those goals and benefits are different in various use cases and should be the driving force for businesses, rather than standardising on one strategy.

Myth 6: Cloud is less secure than on-premises IT

Cloud is perceived as less secure. To date, there have been very few security breaches in the public cloud — most breaches continue to involve on-premises datacentre environments.

Myth 7: Cloud is not for mission-critical use

Cloud is still mainly used for test and development. But the analyst firm notes that many organisations have progressed beyond early use cases and are using the cloud for mission-critical workloads. There are also many enterprises (such as Netflix or Uber) that are “born in the cloud” and run their business completely in the cloud.

Myth 8: Cloud = Datacentre

Most cloud decisions are not (and should not be) about completely shutting down datacentres and moving everything to the cloud. Nor should a cloud strategy be equated with a datacentre strategy. In general, datacentre outsourcing, datacentre modernisation and datacentre strategies are not synonymous with the cloud.

Myth 9: Migrating to the cloud means you automatically get all cloud characteristics

Don’t assume that “migrating to the cloud” means that the characteristics of the cloud are automatically inherited from lower levels (like IaaS), warned Gartner. Cloud attributes are not transitive. Distinguish between applications hosted in the cloud from cloud services. There are “half steps” to the cloud that have some benefits (there is no need to buy hardware, for example) and these can be valuable. However, they do not provide the same outcomes.

Myth 10: Private Cloud = Virtualistaion

Virtualisation is a cloud enabler but it is not the only way to implement cloud computing. Not only is it sufficient either. Even if virtualisation is used (and used well), the result is not cloud computing. This is most relevant in private cloud discussions where highly virtualised, automated environments are common and, in many cases, are exactly what is needed. Unfortunately, these are often erroneously described as “private cloud”, according to the analyst firm.

“From a consumer perspective, ‘in the cloud’ means where the magic happens, where the implementation details are supposed to be hidden. So it should be no surprise that such an environment is rife with myths and misunderstandings,” said David Mitchell Smith, vice president and Gartner Fellow.


Protected by تهنئة
Get Adobe Flash player