Although the term “cloud computing” is often used to the extent that one may think cloud computing platforms are the same, the truth is that not all clouds are created equal.  Despite the difference that may exist, all clouds depend on the same server hardware that forms the backbone of any computer network. The difference between the traditional and the advanced cloud is the processing power and storage capacity of the available hardware over the internet.

Every cloud computing service provider wants to call itself an advanced cloud computing provider or call its services advanced cloud services. In the real sense, this is often more in theory than in practice because some of these services do not fit into the description. In a world where organizations need to fulfill their need to connect various departments, divisions, different locations, and personnel together, the problem emerges with the fragmentation that spans multiple global locations.  Therefore, advanced cloud services exist in virtual entities- like other clouds- with a final form built upon a shared infrastructure. Furthermore, advanced clouds allow us to change their shape more easily, unlike many cloud services sold in unchangeable form. Therefore, they are highly scalable upwards and downwards.

Unlike the traditional clouds, customers have more say on precisely what services they need and how they want them in advanced clouds. For instance, you can have an office in location A served with high-performance cloud services optimized for heavy transactional data throughput. At the same time, you can have offices in locations B, C, and D, given more storage power, more data analytics engine capabilities, and increased memory performance for B, C, and D, respectively.

Unlike most of today’s cloud services, advanced clouds offer a choice of fast and cheap storage in combination with virtual machines. These clouds are also easy to understand and manage, something that is critical in running modern organizations that need secure and robust operations. In today’s landscape, where remote work seems to be gaining ground, the services offered by cloud service providers have come into sharp focus while the providers always claim to be offering advanced cloud services.

No matter how vendors claim the abilities of their solutions, an advanced cloud should be able to provide simple access to the latest technology that is delivered, supported, maintained, and monitored by a qualified team of professionals. You are always assured of top performance, security, and availability of your network, unlike the traditional on-premise networking solutions that may not be sufficiently agile. With the advanced hardware and software, the advanced clouds deliver business-critical applications. If you have business-critical applications or sensitive data, advanced cloud focuses on keeping them secure within the network.

Choosing the right advanced cloud platform means you are benefiting from built-in redundancy and resilience. You get high availability, and the network is often built in a well-designed architecture and infrastructure. This makes a difference in aspects such as secure access to data and necessary applications and ensuring high performance and cost-effectiveness. These are the things that every organization needs to relate to its customers and adequately offer high-quality services.

In addition to offering you the ability to build experience state-of-the-art security in your business when accessing data and applications, advanced cloud eliminates the need to invest in the IT infrastructure and per usage like. For small businesses, this offers you the opportunity for growth. It allows them to compete with large organizations in the market while the employees only focus on other things. In short, advanced cloud is transforming the way in which businesses, regardless of their size conduct their operations in ways that people may not realize.

When cloud computing is mentioned, many people immediately think of public cloud software as a service (SaaS) and platform as a service (PaaS) offerings available from major vendors like Microsoft and Amazon. These large providers offer any company a wide variety of computing solutions including the ability to obtain virtually limitless storage capacity. The popularity of these products is evident in the number of companies that are migrating systems to the cloud and taking advantage of new services rolled out by providers.

But not all business requirements can be met through the offerings of the public cloud. In some cases, organizations opt to implement a private cloud storage solution to meet their needs or desires. Let’s look at how these two forms of cloud storage differ and what each solution offers to customers. 

Comparing Public and Private Cloud Storage

Some characteristics differentiate public and cloud storage solutions that may make them more or less applicable for meeting specific business objectives. Companies need to weigh the benefits of each alternative when selecting the right type of cloud storage for their needs. 

Public cloud storage

The defining characteristic of public cloud offerings is that they share computing resources among multiple customers. A public cloud solution is hosted by a third-party provider who may provision its hardware as it sees fit to address the needs of its tenants. The benefits that accompany this type of cloud storage model include:

• A low initial cost of entry - Public cloud services can be obtained inexpensively and offer businesses an economic method of taking advantage of extended storage capacity. 

• Enhanced scalability - One of the most appealing aspects of the cloud is the ease with which capacity can be scaled up or down to meet fluctuating business needs while minimizing costs and avoiding paying for unused resources.

• Access to cutting-edge technology - Cloud providers have tremendous technical resources and regularly introduce new technologies into their offerings. Customers can take advantage of these improvements without development and implementation costs. 

Private cloud storage

Private cloud storage offers a different set of benefits for companies who are not comfortable with the shared model of the public cloud. A private cloud implementation employs the same basic technologies as its public alternative but is designed to be used by a single tenant. Its advantages include:

• Enhanced control - Private clouds offer companies complete control over the hardware and software products used to provide the storage infrastructure. The solutions can be customized to fit unique business requirements.

• Improved security and access control - All access to private cloud storage will be achieved behind the customer’s firewall, giving them more visibility and control over who can access their data.

• Better regulatory compliance - Customers can tailor private cloud storage solutions to meet any regulatory standards applicable to their industry. 

Making the Choice 

When faced with a choice between public and private cloud storage, many companies are opting for a hybrid approach that uses both models where they are most appropriate for specific business situations. By segregating sensitive data and information subject to regulatory compliance from less critical resources, companies can enjoy the overall benefits of cloud storage designed for their exact requirements. 

There are environmental costs associated with almost every type of human endeavor. This is certainly the case with cloud computing, although this use of technology can also provide benefits to the world’s environment. Let’s look at the environmental benefits, costs, and how the greening of the cloud can change the equation in the future.

Environmental Benefits of Cloud Computing 

Cloud computing offers society some concrete benefits when compared to employing individual, company-specific data centers. The most important benefits include: 

• Better infrastructure - Many cloud data centers are located close to their power generating source, leading to less energy loss during transmission. The facilities are built to minimize energy consumption for activities like cooling and providing backup power. 

• Higher utilization rate and efficiency - Cloud data centers are utilized at higher rates than traditional, on-premises environments. Less equipment sits idle as the provider benefits from using as much of their capacity as possible. Hardware and software refreshes are conducted frequently, leading to increased efficiency for both providers and customers.  

• Dematerialization - Dematerialization refers to the replacement of high-carbon physical products with virtual equivalents. Cloud providers encourage the use of virtual services and systems, reducing waste generated from the disposal of physical items.  

Environmental Costs of the Cloud 

The environmental costs of cloud computing primarily concern the energy required to power its infrastructure. The economies of scale that make the cloud appealing to individual companies result in large data centers that house servers, storage devices, and communication equipment for customers. These facilities require a tremendous amount of electricity to operate. Environmental costs are based on the technology used to generate this electricity. Relying on fossil fuels contributes to global warming, damaging the environment. 

Concerns regarding the energy expended while cryptomining for Bitcoin and other flavors of cryptocurrency have recently been in the news. Mining pools consume incredible amounts of electricity that can be comparable to that used by states or small countries. Another environmental impact of cryptomining is the hardware that burns out from constant use and ends up in landfills.  

Most of the environmental costs of cloud computing would be reduced or eliminated by switching to renewable energy sources like wind and solar over fossil fuels. Some providers have committed to moving in the direction of green energy shortly. Society needs to hold them accountable and insist they follow through on their promises. 

Is the Future of Cloud Computing Green? 

Moving to a more sustainable cloud computing model requires providers to increase their use of renewable energy sources. The big three providers all have indicated their support for green computing, and have been successful to an extent. They all need to continue to support the move to fully power their data centers with renewables. 

Google has pledged to use only carbon-free energy by 2030. Microsoft claims that by 2030 they will be carbon negative, meaning they will remove more CO2 from the atmosphere than they emit. Amazon is striving to reach net-zero emissions by 2040.  The long-term outlook for green cloud computing is an open question that will depend on providers following through on their promises. Individuals can also do a small part to limit the environmental impact of cloud computing. 

You are contributing to the power demands of your provider every time you send a friend a video or photo. Perhaps it’s time to show some restraint. They probably have enough videos of cute cats already taking up storage space.

Organizations operating in the U.S. healthcare sphere are subject to data privacy regulations first defined in the Health Insurance Portability and Accountability Act of 1996. Failure to adhere to the standards reading the handling of Protected Health Information (PHI) can lead to substantial fines. Financial penalties are administered according to a tiered structure, with maximum fines exceeding one million dollars. 

Maintaining compliance can be a difficult task. Modern information technology (IT) environments have become more diverse and complex. Hybrid cloud solutions are becoming increasingly popular, further complicating compliance efforts. Companies often have infrastructure components spread among different cloud providers and on-premises data centers. 

Another issue that affects some smaller healthcare providers is the lack of a dedicated IT staff that can focus on implanting the protections required to meet HIPAA guidelines. A small doctor’s office needs to remain HIPAA compliant but may not have the resources available to make that happen. That is not a valid excuse to offer auditors or investigators in the wake of a data breach involving PHI.

Fortunately, there are cloud solutions designed to help small and large organizations comply with HIPAA data protection regulations. 

HIPAA Compliant Cloud Solutions

The HIPAA security rule mandates that all covered entities conduct a risk assessment of their organization, including cloud deployments, to verify that they are compliant with HIPAA’s administrative, physical, and technical safeguards. While HIPAA does not demand the use of encryption, it is the most effective method of protecting PHI when at rest or during transmission. Providing end-to-end encryption, full disc encryption, and creating encrypted backups are some of the techniques used by cloud providers to protect PHI. 

Cloud vendors who are confident in their HIPAA compliance standing should be willing to sign a business associate agreement (BAA). Providers who are reluctant to sign this type of agreement should not be counted on to furnish the required data safety and privacy safeguards. Their claims of HIPAA-compliant systems may just be marketing doublespeak, leaving the customer in a perilous position regarding compliance. Providers should also be willing to show prospective clients HIPAA certifications and audit assessments. 

Following are some of the third-party cloud providers that offer HIPAA-compliant storage systems and services. These companies are all willing to sign a BAA and share responsibility for HIPAA compliance with the customer, known as the covered entity (CE). 

• Amazon Web Services has HIPAA-compliant offerings that help healthcare industries process, store, and transmit PHI. 

• Microsoft offers multiple services in scope for HIPAA BAA coverage. They include Azure, Azure DevOps, Office 365, and Power BI. 

• Google Cloud Services ensures that services covered under their BAA meet HIPAA requirements. These include a wide array of offerings on the Google Cloud Platform (GCP), Google Workspace, and secure communication solutions.  

• Dropbox Business can be configured to provide HIPAA-compliant cloud storage. Other features include two-factor authentication and administrative controls including user activity reports. 

• Box offers accounts that can share data securely with a direct messaging protocol and enables audit trail functionality for users and content. The platform enables secure remote viewing of medical records.  

When working with cloud providers, it is essential to understand that the covered entity is responsible for ensuring systems are configured and used appropriately to remain HIPAA compliant. It’s the confidentiality of the CE’s patients’ data that is put at risk through customer misuse.

COVID-19 has changed how we do business and the way consumers approach the market. The burden is increasingly on business leaders to adjust to the demands of the market and consumer behavior. How? Besides embracing cloud computing, it’s important to question whether things are actually working - if your tools and processes align with delivering for the customer.

Be an Iconoclast

Technology is only one component of business growth. Attitude is everything. We need to keep leveling up our value to the customer by enhancing how we deliver brand values. We do this by continually seeking to improve the organization. This involves assessing what’s actually working, what tech is effective, or at least what can improve key processes.

COVID-19, more than any other event, forced us to question how we work. It’s made us re-evaluate the framework for success, and how we accomplish our goals. Success during the pandemic required leaders to adopt an iconoclast mindset to adapt and succeed. Despite COVID-19 causing standstills and even drops in sales or activity in some industries, business kept moving.

Organizations pivoted their strategies and harnessed the could to remain active and even prosper during the pandemic. They were iconoclasts because they had to break traditions and even alter the way they functioned or were supposed to run their business. An iconoclast is an individual who challenges the prescribed way of doing things, designs a better way, and executes a plan for change. When it comes to harnessing the best technology to speedtrack your growth past COVID-19, these are critical steps.

Question Your Tech

Are your current tools really doing what you need them to do? Or are you struggling to manage too many apps?  Is your automation sufficient or is your team struggling to make deadlines and must reconcile data more than interact with customers? These are all essential questions to ask about your IT tools. Assess what’s working, what isn’t, and what you need. This is how you can begin to fill the technology gap. This is done by using reliable technology and a tailored approach to fulfill business objectives. You can’t just look for an immediate fix, but an investment for your future. Adaptability is the way of the future, so this must be a core staple in your IT.

Define Your Digital Workplace

The idea of ‘an app for that’ just doesn’t cut it anymore - despite it being a long-standing accepted idea. There are too many! Lack of flexibility and customization features will inhibit your ability to adapt to changes and new business goals. Consider how technology will scale and enable you to build on top of it as you pivot and grow.

This is why IT platforms are a stronger investment than one-off applications. IT platforms provide high-level flexibility and a host of other interconnected solutions equipped to work together to consolidate data and increase efficiency. This also eliminates the problems and costs of IT integration. Quality over quantity, remains a strong virtue in the iconoclast mindset.

Define and Execute Your Solution

Cloud computing technology on its own is not the answer. Business leaders must take ownership of said technology and use it to create their own solutions. Being an iconoclast doesn’t just mean questioning how things are working or whether they’re working. You must engineer your own means of success. When it comes to business tools, prioritize flexibility, consolidation, and scalability. If the tech is sufficient with these, you can pivot and adjust however you need.

Tony Zorc is an Iconoclast, Founder and CEO of Accounting Seed, technology entrepreneur, ForbesBooks author, and CPA for 20+ years. He embodies iconoclasm, the idea of challenging the prescribed way of doing things and coming up with a better, more innovative solution. Accounting Seed – the world’s first accounting platform – is disrupting the cloud accounting industry and has over one thousand customers and fourteen thousand users, and has sustained double digit growth for over ten consecutive years. A father, leader, person of faith, and avid CrossFitter, Tony brings a rare mix of personal and professional experience to the table and seeks to inspire other leaders to create innovation in places where innovation is scarce. Tony has a degree in accounting from Hope College. His new book, Iconoclasm: A Survival Guide in the Post-Pandemic Economy, is available on Amazon, and through all major booksellers.

You can connect with Tony via TonyZorc.com, or on Instagram, Facebook, LinkedIn and Twitter.

As the internet of things (IoT) and smart home devices become increasingly popular, the number of security issues and attacks on IoT devices are also on the rise. Over the recent years, there are many incidences involving consumer IoT devices that have seen malicious actors gaining access to home networks by taking advantage of vulnerabilities in devices. According to analysts, IoT devices will be over 20 billion by 2025. That is an awful lot of devices. This means that these devices will be everywhere around us. With this large number of devices, the security incidences will be high. Here are a few tips that will help you keep your IoT connections safe.

• Be careful of on devices you buy

Although smart devices are helpful, they collect large amounts of personal data. Before purchasing any smart device, learn many things about the device, including what type of data it collects, how the data is stored and protected, and who it is shared with. Also, understand what it will be used for and if it is shared with a third party or parties. In short, do thorough research before buying devices to see the protections you have and possible data breaches.

• Understand your data and apply protection measures

According to Zscaler, 91.5% of transactional data from IoT devices is plaintext. This means it is easy for hackers to intercept, read and manipulate data and send it back without you even noticing it. As such, you must protect the physical devices that collect, store, and process data and protect data at rest, in transit, or in use across the IoT ecosystem. The parties involved in the value chain must ensure data is safe and cannot be manipulated to avoid the possibility of being hacked. The process involves understanding the data, encrypting it, and tracking and tracing data to protect networks and identify changes.

• Ensure you have the latest firmware

Firmware updates are an important aspect of the security of any system. For the IoT devices, make sure you have the latest security patches to reduce the chances of attackers breaching the systems successfully. Keep your firmware fully updated by making sure you are aware of new updates and updating it as soon as possible. Updates will fix vulnerabilities as they emerge. Therefore, IoT devices and your home routers need to be regularly updated. Wherever possible, automate updates or set a schedule such as every three months or so.

• Take a holistic security approach

To secure IoT solutions, companies must have a holistic approach to security which entails the technologies, people, and processes. Begin by considering some key approaches, including end-to-end ecosystem security and aligning the organization to IoT security. The security must be managed from device to end-user service (horizontally) or hardware to applications (vertically). Also, the IoT ecosystem, which is made up of manufacturers, app developers, network service providers, and end-users, must be adequately managed and involved in securing IoT devices.

• Avoid device defaults

Just like the routers and other devices, do not use a device with its default settings. Hackers know these defaults and easily access your devices if it is not reconfigured with strong security measures. The default settings in IoT devices and networks make you a soft target for malicious individuals. Therefore, change the defaults as soon as you purchase a smart device to reduce the risk.

To sum it up, if you are dealing with sensitive data, you might need to take more stringent measures. Have a look at the IoT devices you are considering, the security protocols they support, and the ease of securing them. One thing that you should keep in mind is that you should never assume that you are safe.

Digital technologies have played a crucial role in keeping things working during the COVID-19 pandemic. It has ensured the economy and society are running through remote working and contactless payment while at the same time supporting communication and ecommerce. In 2020 alone, many businesses suffered because most of them were not prepared to handle a massive disruption occasioned by the coronavirus. However, many responded by accelerating digital transformation and ensuring operations are running and production ongoing thanks to remote work and online collaboration tools.  

Cloud computing was a true game-changer during the pandemic. It enabled ecommerce and collaboration to thrive. The cloud-based platforms allowed billions of ecommerce purchases and teleconferences each day to be held. This has been a critical element that has fueled the survival of many businesses.

According to research by Global Data, more than 80 percent of business executives say that cloud computing and networks are crucial in aiding businesses to withstand the effects of the pandemic. For those in retail, for example, the cloud, whose adoption accelerated during the pandemic, has helped them bring together customers and their businesses when no in-store purchases were allowed. According to Deloitte, the online sales of grocery rose by 233 percent during the pandemic in March 2020 compared to back to the same month in 2019.

The need to respond to the coronavirus pandemic with agility has renewed the emphasis on adopting cloud-based applications. These applications will support modern technologies such as robotics, big data, and digital channels of distribution. It will also support the increased adoption of digitization post-pandemic. Expect crucial aspects of workplaces such as communications and core business applications to be moved to the cloud to help improve availability, reliability, and resilience, all of which are critical in keeping operations running in changing times post-COVID. With the computational needs expected to fluctuate from one time to another, the cloud will immediately scale to adjust to the increase or reduction in business requirements every day, which will minimize losses.

For healthcare, cloud computing and AI have become famous in the past two years in research and in helping medical professionals and researchers fight the pandemic. Researchers have resorted to cloud computing-based AI technologies to analyze vaccines and find potential cures for the disease. In the US, Europe, and Asia, these efforts have succeeded in shortening the vaccine development process. This has saved millions of dollars in time that would have been wasted and investments that would have been used in research. The advanced communication technologies will help patients to access the healthcare cloud anytime, regardless of the location. In short, cloud computing is helping build value-driven and patient-centric care.

The transport industry is also benefiting immensely from cloud computing. The rise of connected cars or buses requires massive storage of data. This means that things such as traffic management will depend on the cloud, which would have been difficult for the traditional methods to solve. The cloud-based traffic management systems will ease the coordination of traffic signals and tracking of emergency traffic cases.

Besides helping in medical, transport, and commerce, cloud computing will be beneficial for small and medium-sized businesses. It promotes operational efficiency, improves innovation, and expands financing and markets. Digital transformation is helping SMEs bring significant benefits, which are critical for local economic development.

After the pandemic, businesses will have to strictly focus on digitizing their operations because that is the right thing to do in this era. Technologies such as cloud computing will help companies become independent, reduce cost of operations, and ensure intelligent and effective service delivery.

Almost every organization today seems to have embraced cloud computing. This has been occasioned by the advancements that have been made in this area. While the cloud has shown tremendous opportunities, there are various benefits and risks of cloud migration, that you need to consider. Here are the risks and benefits:

Benefits

• Scalability

Cloud services are offered based on demand capacity taking advantage of the pay-as-you-go model. This means that when your company grows due to seasonality, operations will not be affected. Unlike the on-site systems, that depend on the infrastructure that has already been installed, you can increase or downsize any time. For instance, when a business experience high levels of traffic in their existing plan, they can change their plan to accommodate the new traffic.

• Reduced cost

Another major benefit of migrating to the cloud is the reduced costs that can be experienced by organizations. By moving to the cloud, companies can significantly save a lot of money, especially in the long-term. Remember that the cloud does not involve purchasing any on-premise hardware or any upfront investment. Instead, you just buy a specific plan, and you are done. With this, you avoid costs such as those associated with the purchase and operating of servers, electricity costs, and management.

• Increased collaboration

In the modern business environment, collaboration is fast becoming an area of competitiveness that every organization seeks efficiency. Due to this, many companies have increasingly started investing in cloud computing to boost their collaboration efforts. Cloud can be accessed over the internet from anywhere, and employees can work together regardless of the location constraints. Documents and files and be accessed simultaneously and can also be updated in real-time.

• Security

Security is one of the biggest misconceptions of the cloud. In reality, however, one of the benefits of moving to the cloud is improved security. Cloud service providers have the best and strictest security infrastructure and expertise needed in the current era. Cloud providers make cybersecurity their main priority, making the cloud more secure than on-site systems.

Risks

• Speed

For any modern organization, speed is a highly critical factor. As such, a business must never lose speed to be efficient. Unfortunately, speed is a limiting factor for some organizations when it comes to cloud computing. If your organization has applications, databases, or software that requires fast speeds that are above average, the cloud might not meet these needs. The good thing, however, is that cloud service providers often allow testing before migrating your operations.

• Lack of expertise and adequate knowledge

Migrating to the cloud requires the right expertise and people with adequate knowledge. Without this, you will not be able to realize the full potential of the cloud, and migration itself might not be a success. Proper migration requires putting the right systems in place and the right knowledge of these systems. Although the team in your organization may have the necessary expertise on physical hardware, the cloud technology might be too complicated.

• Legal issues and restrictions

The next risk to migrating to the cloud is legal restrictions. Before moving to the cloud, one must first understand if any legal restrictions may deny them an opportunity to migrate. For example, government contractors may not be allowed to put their data in the cloud, making it necessary for them to use on-site solutions for their operations. Some of the common regulations include PCI and HIPAA. Although some cloud service providers have been certified to handle PCI and HIPAA, it still presents a significant risk that cannot be denied.

On behalf of USU, a leading provider of IT solutions and services, the research company Research in Action has surveyed 750 decision makers from medium-sized and large companies on the challenges, solutions and savings potential of cloud services. The detailed results of the study are available free of charge.

This study offers 5 important analysis points about the future of cloud services. It shows that cloud is essential in today's economy, but the challenges are immense: three-quarters of companies suffer from exploding cloud costs, and two-thirds from an uncontrolled increase in cloud services.

Cloud computing as a cost trap

A large percentage of respondents reported an explosion in costs for IT infrastructures with cloud components. Almost all participants from companies with up to 5,000 employees suffer from this and at least 59% from larger companies. 

Wild growth and lack of ROI calculation

For 65% of respondents, it is very important to prevent uncontrolled increase in the procurement of cloud services. A lack of transparency and uniform control leads to over 50% of respondents missing a ROI calculation before cloud deployment. In particular, 75% of large companies see the danger of a cost explosion due to poor decisions from lack of ROI calculation.

Software tools for efficient cloud operation

More than four-fifths of decision makers plan to use software tools for the challenges of cloud management. The range of applications is broad for the study’s participants, who report a combination of modules for cost control, billing and resource management. 

Minimizing costs and risks through cloud management

More than four-fifths of respondents expect to reduce their infrastructure and software licensing costs by using cloud management software. More than three-quarters expect cost reductions of up to one million euros per year. The efficiency and security of IT operations are also important to sustainably strengthen the overall organization.

The time is ripe for cloud management software

Participants mostly cite timeframes of a few months to introduce software to optimize their hybrid IT landscapes, and 94% plan this introduction in the next two years. They want a transparent overview of which services are used in the company and whether the implemented resources are fully utilized. Many of these aspects are covered by a modularly structured complete solution for cloud management software.

According to GCN, NASA is putting mission information in the cloud. 

To make it easier and less expensive for researchers to work with satellite data, engineers at NASA’s Goddard Space Flight Center created the Data Acquisition Processing and Handling Network Environment. 

Read the article on GCN

According to Information Week, companies still struggle to find qualified cloud professionals. 

Building up cloud skills within an enterprise remains an essential part of transformation, according to experts such as Cloudtamer.io, a cloud solutions developer, and A Cloud Guru, a cloud training provider. 

Read the article on Information Week

There are several tactics a company can use to keep their data safe in the cloud, reports Forbes.

Cybersecurity and risk management have moved on top of the boardroom agenda. According to a Gartner survey 61 percent of chief information officers (CIOs) are increasing their investment in cyber and information security.

Read the article on Forbes

According to the Register, Microsoft testified to a House Committee that it receives numerous secrecy orders per day.

The US House Committee on the Judiciary met on Wednesday to hear testimony on the government's practice of secretly subpoenaing cloud service providers, and Microsoft was happy to oblige.

Read the article on The Register

Organizations that choose to take advantage of public cloud services often find themselves with their resources spread amongst multiple vendors. This situation can arise for several reasons including:

• The evolution of enterprise workloads and the search for the most cost-effective solutions;
• Sprawl resulting from the ease with which departments can migrate systems;
• New offerings not available from current vendors;
• Simply being dissatisfied with a service or vendor and riding out the length of the contract.

Regardless of the underlying factors that led to a multi-vendor cloud environment, its management presents decision-makers and technical support staff with additional layers of complexity. Adopting a set of best practices will help organizations successfully implement a hybrid and multi-vendor computing environment. 

The following best practices will assist in the successful management of a multi-cloud environment.

• Use hybrid cloud management tools - Make use of hybrid cloud management tools to address multi-cloud environments. These tools can provide features such as self-service functionality for end users, service aggregation, deployment orchestration, and cost management. 

• Optimize costs across vendors - Companies should regularly review the comparative costs of their various vendors and be willing to migrate if a move is dictated by the economics. Cloud service brokers may be able to evaluate resources and suggest ways to optimize spending. 

• Focus on disaster recovery and reliability - Recovering a diverse multi-cloud environment in a disaster scenario demands a well-planned and documented strategy. Leveraging cloud vendors may be possible by backing up resources from one to the other. 

• Prioritize security and compliance - Ensuring data security and compliance is more challenging in multi-cloud implementations. Identity and access management (IAM) tools are necessary to ensure only authorized users can get to data resources. Customer and vendor roles regarding maintaining regulatory requirements need to be fully understood to avoid gaps and failed audits.  

Concentrating on these four areas will help organizations manage their multi-cloud environments.  

Using the Right Tools Matters

Commercial and open source software tools are available to assist in the management of multi-cloud environments. These applications focus on big picture items that affect the entire cloud infrastructure and help decision-makers identify the right solution from among the alternatives and keep the complex environment running smoothly. 

Morpheus is a commercial product providing integration and automation functionality across multiple clouds and on-premises environments. It is designed to facilitate compliance, cost optimization, and application modernization.  

OpenStack is an open source solution that offers a set of software components providing common services for cloud infrastructures. It enables large pools of cloud resources to be managed centrally through dashboards or APIs. 

On a more granular scale, dedicated tools can help minimize the strain on technical support teams when systems are spread across multiple on-premises and cloud platforms. A case in point is an application like Idera’s SQL Diagnostic Manager for SQL Server. It employs a unified interface from which to monitor SQL Server performance on physical and virtual machines located on-premises or housed with major cloud vendors. 

The potential benefits of multi-cloud environments can outweigh the challenges of dealing with their complexity. Following some basic best practices and deploying the right tools will enable organizations to take advantage of the offerings of multiple cloud vendors without incurring any undue risks. 

Taking advantage of the benefits of cloud computing is not restricted to organizations operating in the private sector. In the United States, local, state, and federal governments make extensive use of public cloud resources. As is customary for all types of government contracts, some assessments and approvals must be obtained before the offerings of a cloud service provider (CSP) can be used by specific agencies. Government contracts can be very lucrative and service providers who want a piece of the business need to demonstrate that their products meet all requirements surrounding security and functionality.

All CSPs that wish to do business with the U.S. federal government need to be assessed and approved by the Federal Risk and Authorization Management Program (FedRAMP). The program’s goal is to protect the data of U.S. citizens when it is in the cloud and is the most rigorous security framework in use by the government. 

FedRAMP was created to address the problem of different and potentially conflicting requirements for each agency working with cloud providers. FedRAMP provides standard security baselines and processes that simplify the process of obtaining cloud services for both providers and government agencies. Once a CSP achieves FedRAMP approval for an offering, it is listed in the FedRAMP Marketplace to gain visibility across the government.

Navigating the FedRAMP Authorization Process

CSPs that want authorization to provide services to federal agencies need to follow a process comprised of three complementary phases.

In the pre-authorization phase, CSPs should complete FedRAMP training which includes modules that define the baseline security plan. Education can be accessed via online courses, webinars, or in-person training events. A request from the CSP will result in a consultation with government subject matter experts set up by the FedRAMP Program Management Office (PMO). To successfully get through this phase of the authorization process, a CSP needs to: 

• Document agency interest in their offering and establish partnerships with agency customers.
• Establish a partnership with an approved third-party assessment organization. 
• Ensure that the service implements the required security controls.

During authorization, a CSP is responsible for developing a package that includes the completion of the System Security Plan. The plan is then assessed by the third-party assessment organization and findings are presented to the CSP for remediation. When all risks have been successfully addressed, the CSP attains authorization and status as a FedRAMP authorized vendor.

In the post-authorization phase of the process, the CSP is required to provide monthly monitoring deliverables to the agency using its service. Failure to provide these documents can result in the service losing its authorization.

The purpose of FedRAMP is to eliminate any confusion regarding the ability of individual agencies to use cloud services. By publishing authorized services on the FedRAMP Marketplace, the authorization process only needs to be done once for each offering. Once approved, it can be used with confidence by any federal agency that wants to use the service. 

This appears to be an example of government working efficiently by reducing the duplicate work that would ensue from individual agencies or departments authorizing CSPs. In a subsequent post, we will take a closer look at the FedRAMP Marketplace and the agencies that use its authorized services. 

The thirst for convenient and scalable computing power has led many organizations to make use of cloud delivery models. This has resulted in a booming worldwide market for cloud computing that is expected to top $350 billion by 2022. With this kind of money in play, the competition to attract customers among cloud providers is fierce. 

Artificial intelligence (AI) and machine learning (ML) are two transformative technologies that are gaining traction in many areas of scientific research and business analytics. The cloud offers a platform from which organizations of all sizes can access the level of computing power necessary to conduct research and make effective use of these disciplines. Consequently, major cloud providers have bolstered their portfolios with cutting-edge products designed to attract companies interested in AI and ML.

Developing new solutions or delivering advanced functionality to popular platforms is one way a vendor can stand out against its rivals. A method of gaining a competitive advantage that is enjoying increased popularity among large providers is the use of custom-built hardware that is designed to optimize their software offerings. Let’s take a look at some of the hardware solutions and innovations that cloud vendors are employing to provide enhanced capabilities to their customers. 

Google’s tensor processing units (TPUs) are a prime example of hardware dedicated to processing the workloads demanded by AI applications. These are custom-built chips designed specifically to provide the power required by AI systems. The chips are often favored over more traditional graphics cards for the higher speeds they offer. 

Google has developed an infrastructure option called Cloud TPU Pods that use server racks packed with TPUs. They are configured with either 256 or 1,024 TPUs and the larger configurations offer speeds that approach those of supercomputers. The company powers its popular search engine and Google Translate with TPU pods. 

Amazon Web Services’ Graviton processors are custom built by the company using 64-bit ARM Neoverse cores. The processors offer cost-efficient scalability for general-purpose, compute-optimized, and memory-optimized EC2 instances. Second-generation Graviton processors provide an improved price-performance ratio over x86 chips for diverse workloads such as video encoding and CPU-based machine learning. Security is enhanced with always-on 256-bit DRAM encryption, allowing developers to run native cloud applications securely.

Microsoft’s Project Olympus is an open-source solution that incorporates hardware and software modules to create a holistic rack architecture. Project Olympus is part of the Open Compute Project which is releasing technical information to the developer community that may help even the playing field in the server industry. 

The schematics offer a well-defined starting point upon which manufacturers can build custom hardware solutions. Servers built under the auspices of Project Olympus will be infused with high debugging and testing capabilities that will help isolate intermittent and hard to duplicate problems. 

As the computing world’s requirements for faster and more efficient processing continues to grow, the cloud-tech giants will continue to evolve their solutions to meet the demand. The immense resources they wield ensure that when the need calls for it, the financial cost of employing custom hardware will not be an obstacle.