IT Security

IT Business Edge – Tread Carefully into the Mission-Critical Cloud

The initial phase of the cloud transition is nearly done, with more than three-quarters of enterprises pushing at least a portion of their workload to public infrastructure.

As expected, however, most of this is non-critical data and applications and is largely limited to storage and backup services rather than production workloads. So it stands to reason that the next leg of the cloud journey will involve mission-critical workloads – the stuff that sets the corporate suite’s hair on fire if it should cease to function for any reason.

This is why the growth of cloud computing is likely to slow down some as we approach the next decade. It’s not that the enterprise is growing tired of the cloud or is starting to see more of its flaws (yes, the cloud does have flaws), but that future deployments will have to be handled with more care as the stakes get higher. Not only will cloud services have to be more resilient going forward, but they will be increasingly optimized from the ground up to suit highly targeted processes, which takes time and coordination between users and providers.

More of the IT Business Edge post from Arthur Cole

CIO Strategy / Cloud Computing / Cloud infrastructure / IT Governance / IT Security / IT Strategy — Comments Off
03
Aug 16

ZDNet – Today’s cloud computing projects are missing something – a strategy

Everyone at some level is exploring or considering public cloud options for a range of functions — from automating IT functions to enhancing business processes.

The survey of 500 executives, published by Softchoice, finds a lack of strategic thinking when it comes to cloud implementations. A majority, 54 percent, report their teams struggle to form an effective cloud strategy, and 52 percent lack a formalized cloud strategy altogether.

Having a cloud strategy makes a big difference, the survey suggests. Compared to IT leaders with no public cloud strategy in place, those with a formal strategy are less likely to grapple with cloud skills gaps, the cloud procurement model, and cloud budgeting. Fifty-eight percent of companies without strategies have experienced cloud failures, compared to only 22 percent of strategy-minded organizations. Seventy-five percent say they are struggling to find the right skills, for example — compared to 41 percent of those with strategies. At the same time, while 70 percent of companies without strategies ran over budget, only 52 percent of those with strategies have had such issues. If anything, transitioning to public cloud is a slow-moving process for most businesses. A new survey of 500 IT and business executives finds 61 percent “still experimenting with or making limited use of public cloud”.

More of the ZDNet article from Joe McKendrick

CIO Strategy / Cloud Computing / Cloud infrastructure / Data Center / IT Security / IT Strategy — Comments Off
02
Aug 16

The Server Side – Managed services model addresses cloud-based analysis paralysis

It can be a tad disconcerting when a popular trend pushes its way through the industry and you and your organization are yet to jump on the bandwagon. For enterprises that haven’t yet moved their applications onto the Azure, Google or Amazon cloud, it would be understandable for managers and C-level executives to be questioning both why it hasn’t happened yet and when it actually will. But according to Jordan Jacobs, vice president of products at SingleHop, the Azure, Amazon and Google cloud models are being oversold, and for many core business functions, a managed services approach to application hosting is often a better model.

Public clouds vs. managed services model

“The thing that wows a lot of people is the market share discrepancy between public clouds and managed services, especially when compared to the press each one gets,” said Jacobs. “Amazon, Azure and Google get all of the press, but they’re actually only about a third of the managed services and managed hosting market.”

Unfortunately, the love affair the press is having with the dominant cloud providers is causing a great deal of consternation with decision makers. On the one hand, decision makers feel that they need to catch up with the latest trend; on the other hand, they are having a hard time rationalizing, in terms of cost efficiencies, security, and business benefits, the porting of their core business applications into the public cloud. It’s creating a sort of analysis paralysis, where decision makers are unsure of whether using the public cloud is the right move, whether the managed services model makes more sense or if they should just keep everything on premises.

More of The Server Side post from Cameron McKenzie

CIO Strategy / Cloud Computing / Cloud infrastructure / IT Governance / IT Security / IT Strategy / Shadow IT — Comments Off
01
Aug 16

TheWHIR – Nearly Half of All Corporate Data is Out of IT Department’s Control

Many organizations are not responding to the continuing spread of “Shadow IT” and cloud use with appropriate governance and security measures, and more than half do not have a proactive approach, according to research released Tuesday. The 2016 Global Cloud Data Security Study, compiled by the Ponemon Institute on behalf of Gemalto, shows that nearly half of all cloud services (49 percent) and nearly half of all corporate data stored in the cloud (47 percent) are beyond the reach of IT departments.

The report is drawn from a survey of more than 3,400 IT and IT security practitioners from around the world. It shows only 34 percent of confidential data on SaaS is encrypted, and members of the security team are only involved in one-fifth of choices between cloud applications and platforms.

IT departments are making gains in visibility, with 54 percent saying the department is aware of all cloud applications, platforms, and infrastructure services in use, up from 45 percent two years ago. Also, the number of respondents saying it is more difficult to protect data using cloud services fell from 60 to 54 percent, however those gains were offset by more broadly reported challenges in controlling end-user access.

CIO Dashboard – CIOs Wanted for Innovation Expansion

Do CIOs have a role in product development? Some say no. Call on the CTO or CDO or CMO. But those who wish to banish CIOs to the backend of the enterprise for eternity haven’t taken a close look at what’s needed in the enterprise as innovation shifts from products to software and service solutions.

We’re in the midst of an innovation boom. Traditional, standalone products are no longer enough to wow and woo customers. Enterprises are setting up innovation outposts in Silicon Valley to tap into the culture and brainpower of startups to develop sticky products that customers can’t live without. Call it digital or the new way of doing business, but savvy companies are converging technology, data and product design to expand innovation. Think of software and service solutions this way…

Are you selling a fitness wearable or giving consumers the thrill of learning what they’re physically capable of and sharing the experience with family and friends?
Are you providing a refrigerator or empowering people with a remote access view of their food so they can spend more time at home breaking bread with family versus shopping?
Are you offering a ride from here to there or the freedom for people to move fast and fluidly with on-demand availability to cars and data that enable them to make decisions about how they spend their time?
This trend is crossing industries, but consider the automotive sector as one example

More of the CIO Dashboard article from Chris Curran

CIO Strategy / Cloud Computing / Cloud infrastructure / IT Security / IT Strategy — Comments Off
27
Jul 16

ITWorld – Disaster recovery in a DevOps world

Organizations that are adopting DevOps methodologies are realizing actual benefits from taking that approach.

According to a 2015 survey by IT Revolution Press in conjunction with Puppet Labs, organizations using DevOps deploy code 30 times faster than others, doing deployments multiple times per day. Moreover, change failure gets cut in half with DevOps and services are restored up to 168 times faster than they are at non-DevOps organizations.

Let’s focus on those last two points for a moment. One thing is for certain: Embracing DevOps also pays off from a disaster recovery standpoint, because the tools and procedures that you use to move applications from development to testing to production and back to development again can also be applied to failing over and recovering from disasters and service interruptions. The same tools that automate the entire DevOps life cycle can also help you make the most use of the resources you already have for recovery purposes.

There are indeed plenty of open-source tools to help with this automation, like Chef and Puppet, which create, launch, and deploy new virtual machine instances in an automated way and configure them appropriately. They even work across security boundaries, deploying on your private laptop, in your own data center, or even up in the public cloud — Amazon Web Services and Microsoft Azure are two major public cloud providers that support Chef and Puppet.

More of the ITWorld article from Jonathan Hassell

CIO Strategy / IT Security / Shadow IT — Comments Off
21
Jul 16

CIO Insight – Why IT Departments Lack Diversity Programs

The majority of IT departments and their organizations are doing relatively little to increase workforce diversity, according to a recent survey from TEKsystems. Very few tech pros and leaders, for example, said their company has a formal diversity program in place. They admit that they struggle to find quality talent to fill open IT positions, but they don’t often consider diversity in recruitment efforts—ignoring the value of existing diversity programs which could help close gaps.

“While IT departments struggle to find qualified IT workers for their teams, our data indicates that most have yet to leverage diversity programs to help solve that challenge,” said Michelle Webb, director of diversity and inclusion for TEKsystems. “In our conversations with clients regarding diversity initiatives, we’ve found that IT departments are less aware of the value that diversity programs can play in their skills-sourcing efforts when compared to human resources or business leadership.

With the shortage of qualified IT workers likely to increase, organizations need to add diversity programs to their arsenal to address their hiring needs.

More of the CIO Insight slideshow from Dennis McCafferty

CIO Strategy / Data Center / Disaster Recovery / IT Security / IT Strategy — Comments Off
20
Jul 16

Continuity Central – Majority of organizations experience downtime and service degradation due to IT capacity issues

Super interesting research on the hidden troubles associated with IT capacity.

Sumerian has published the results of its latest research, in conjunction with analyst house Freeform Dynamics. The research revealed a genuine mismatch between the IT infrastructure that businesses have in place versus what they actually need , supporting the widely held view that there is significant overspend on server capacity across industries. Worryingly, it also revealed a total mismatch between the capacity management tools and processes currently in place versus those needed to deal with this issue.

Key highlights of the research include:

76 percent of IT professionals resort to overprovisioning IT infrastructure in order to avoid capacity related issues
‘Overprovision and forget’ remains the most common approach amongst IT professionals, with the vast majority relying heavily or partially on instinct and vigilance (90 percent), system alerts and alarms (86 percent), and a range of ad hoc tools and practices (73 percent), to manage capacity in a very reactive way. As a result, less than one in five (18 percent) rated their capacity planning practices for their overall IT system resources as ‘very effective’, with others admitting they were less than ideal (54 percent), or wholly inadequate (21 percent).

CIO Dashboard – A CIO’s Guide for Engaging the Board

Guest post by Paula Loop, Leader of PwC’s Governance Insights Center

New technologies from artificial intelligence and drones to 3-D printing, predictive analytics, and driverless cars are disrupting how companies compete and create value. US CEOs believe investing in technology is the most direct path to meaningful innovation and operational efficiency, but these new technologies are generating risks that Boards are scrambling to contain.

The average age of a director at a public company is 63 years old. The majority of public company directors aren’t sitting executives who work through technological advancements in their day jobs. Given the pace of technological change, how can boards really be on top of their game?

Directors recognize their dilemma. Nearly one-third of directors polled in our 2015 Annual Corporate Directors Survey say their board isn’t sufficiently or at all engaged in overseeing/understanding the company’s annual IT budget. Similarly, 33% say the company’s approach to IT strategy and risk mitigation doesn’t anticipate potential advantages from emerging technologies.

What’s the solution? Should we swap all sitting directors with millennials and the technologically savvy? Or should we push companies to prioritize IT awareness and devote elements of board meetings to IT education? The answer lies somewhere in between.