All posts tagged Cloud

By on November 18, 2011

How Does Microsoft Approach Cloud Security?

Doug Cavit, the Chief Security Strategist at Microsoft recently did a great video on Cloud Trust at 10,000 feet.

It boiled down to- Can you trust it and how does Microsoft do Cloud Security? Which raises the obvious question: How does Mimecast compare?

Doug is a really interesting guy- he was the CIO of McAfee for 8 years- protecting them from threats – an important job if you consider what happened to RSA. When he joined Microsoft he worked on the OneCare product team as Microsoft started to become more of a service provider in the security space, so he’s definitely one of those people that’s been on both sides of the table.

In the video he’s answering one of the questions we get asked most: How can I trust my data is going to be safe in the Cloud? And it’s a question we take more seriously than anything else.

The fundamental difference in Cloud vs On-Premise is control.

When your data is on your own equipment, you have ultimate visibility and control over the policies and processes that operate on that data, which means you can be the ultimate arbiter as to how it’s treated. With the Cloud, you aren’t. So how do you deal with that?

With Cloud, you need to trade control for transparency.

That’s the only sustainable way to cede control over something so important- your business data, and in our case, your primary communication method, email.

So we take transparency extremely seriously here at Mimecast, to the point where we have a whole team of people here at dedicated to transparency- helping our customers receive the insight and information from us.

What makes a provider transparent and therefore trustworthy?

Policies are the jumping off point- ensuring these meet your requirements as a customer. Policies are fine, but how do you make sure they are followed into procedures? This has consistently been one of the hardest things for Cloud companies to prove because in an emerging sector like Cloud, standards always lag behind the technology. So we’ve had to forge best practices and procedures through collaboration with organisations like the Cloud Security Alliance, which is helping ISO update the Cloud security controls for ISO 27001. But we’re getting there, and hopefully soon we’ll have the most comprehensive ISO 27001 implementation of any Cloud provider to date.

What about reliability?

This is where the rubber meets the road. To take a phrase from the financial services industry- “Past performance is no guarantee of future results” couldn’t be further from the truth- what has the service provider delivered to date? Are they open about it? What’s their SLA to back it up? And we like to put our money where our mouth is too, with an industry leading 100% uptime SLA.

Thinking more broadly about putting your data in the Cloud- one of the most important things to think about is the actual data- how much risk does it represent? It sounds like a ridiculous question, but classifying the data is such an important part of GRC: you don’t need to protect your marketing brochures the same way you protect your trade secrets. Doug has a great quote from the video “I can’t protect something if I don’t know what it is”.

Thinking about the lifecycle of the data and your relationship with the Cloud provider is critically important-  I talk about Birth, Marriage and Divorce in my presentations. It’s easy to think about the birth and marriage when going to Cloud, but vital to think about divorce, in case you need to get it out at the end. It’s a tough question for structured data, like accounting or ERP but significantly easier for unstructured data like emails. Our customers can download their data at any time.

One thing he doesn’t mention is data sovereignty… where your data is physically located, which is becoming more and more important because of legislative requirements and judicial concerns, like the Patriot Act. Having your data located in the right jurisdiction is critical.

So like Microsoft we take a two step approach to security.

  1. We reduce vulnerabilities as much as we possibly can in software
  2. And recognising that issues will happen- when they do, the key is how you deal with them. Triage, Identify, Learn and Integrate that learning into processes. We’ve been doing that for 9 years- that’s a lot of experience built into our processes.

To top that off you can always reach a human being at Mimecast. Someone to help you resolve your issues and escalating them appropriately. I love that. When I got locked out of my Google Apps account the other day- it took a few days for them to respond to my email…

Having a deeper understanding of Cloud security will enable you to use the Cloud provider to do what they do well – abstracting your IT department away from the complexity of running the service.

So can you trust the Cloud? I think so. Like Doug says, just know what you’re trying to accomplish and make sure the vendor offers you the right amount of transparency.

Add your comment (0)

Cloud Strategist
Mimecast

Article Tags

, ,

By on September 7, 2011

Guest Post: Opportunity Knocks in Cloud Email

Our latest guest post is by Philip Carnelly an Analyst with PAC. With over 25 years of experience as an industry analyst, software developer and project manager, Philip has become one of the best-known and most respected analysts in the sector. His work has covered business applications, BI, document management and KM, and latterly Philip has focused on Cloud, Software as a Service and application services. We had the pleasure to spend a morning with Philip- and here’s what he thought- reposted from the PAC blog.

Back in the early days of Cloud applications a decade or so ago (it was generally called ASP back then), I was convinced that the most obvious and easy area for Cloud to colonise would be email. In a sense, that proved to be true, with the big webmail systems – Hotmail, Gmail, Yahoo!mail – gathering hundreds of millions of users. But they were free services. CRM got most of the publicity, because that got paid-for users – real companies putting down real dollars to use online CRM from Salesforce, Microsoft, and others.

But more recently, take-up of paid-for cloud-based collaboration solutions – email++ so to speak – has been gathering pace across the globe, with some big-name (and large-scale) adoptions: fairly evenly split so far, it seems, between Google (Gmail and Google apps) and Microsoft (BPOS and Office 365). IBM’s LotusLive is also still in the mix. Drivers for adoption include flexibility, rising need to support mobile workers, desire to off-load the management of a non-core, non-differentiating system, and the opportunity to consolidate multiple systems into a single platform: all goals facilitated by Cloud-based solutions.

The latest such move here in the UK is Tata Steel Europe (TSE), which signed up Capgemini to help it transition to an Office 365 system over the coming months. No numbers were released, but a quick squiz at the annual report shows that TSE has some 34,000 employees, of which I’d guesstimate that around half are in the UK – and I reckon that the majority of staff would be covered by the new system. This echoes another high-profile deal last year where CSC helped Royal Mail move 28,000 employees onto BPOS.

But the opportunities for cloud-based email don’t begin and end with the big two and the giant SIs. We’ve recently met with two smallish but innovative UK-based companies who are doing very nicely out of email in the Cloud – both taking advantage of the huge momentum behind Exchange.

The first is Mimecast, which grew its business 66% last year (and 91% in the US – a tough nut to crack for a UK company). The company offers a pure-SaaS security and archive/retrieval service for Exchange, which works equally well with on-premise and Cloud-based Exchange servers (Office 365). This latter is a real plus point – companies can sort out their security and archive/retrieval policies, put those in the cloud first, and then migrate to cloud-based mailboxes as-and-when convenient – possibly in a number of stages. It can work with intermittent connectivity solutions – handy for mobile workers and executives. It’s also compatible with Blackberry, and iPhone is coming soon: key “must-haves” for knowledge-based companies in particular. UK customers include law firm Eversheds, De Beers and Bolton Wanderers FC.

The second company is Cobweb, which is exhibiting a similar growth trend to Mimecast: it is likely to double its installed base in the coming year. Cobweb reckons to be the “largest independent SaaS provider in Europe of Microsoft Exchange & SharePoint.”  Customers range from small to large, and include Virgin Media, Thames Water and Bedfordshire Police. Cobweb offers multi-tenanted hosted Exchange solutions, linking up with Symantec (former MessageLabs) to provide the archive/retrieval and security side of things. This then, is a sort-of competitor to Office 365 – but as is the way with IT, Cobweb is also a strong partner to Microsoft. It is one of the few companies to truly exploit Exchange Hosting Edition. Its key challenge to growth right now seems to be recruiting sufficient partners to reach its potential audience but it must be careful to always show its value add/differentiation from vanilla Office 365.

What these two companies tell us is that while the Cloud is consolidating core infrastructure service provision, there’s plenty of scope for innovative solutions based around those core offerings. The growth of cloud-email is not limiting opportunities to simple resellers existing on the thin margins from commission-based sales of a vanilla service.

Small companies would be brave indeed – even foolish! – to go head to head with the US giants. But by bundling and pricing services in the right way there is plenty of scope remaining to carve out a lucrative and sizeable niche, both locally and in the US. This is particularly true in the middle market, where needs are more complex than simple mailbox provision, but skills and resources are more limited than in large enterprises.

Add your comment (0)

Cloud Strategist
Mimecast

Article Tags

, ,

By on May 23, 2011

BBC: I’m sorry about Cloud Reliability

I’d like to issue an apology.

I’m sorry Cloud is so confusing.

Yes. There. I said it.

The problem we have is twofold: Cloud covers an enormous part of the computing stack and because it is the movement du jour, almost everything either is Cloud or is being rebranded Cloud. We call this Cloud-washing.

So- a very diverse set of technologies and lots of marketing spin- a recipe for disaster in anyone’s book.

It’s not surprising therefore over the past days and weeks lots of people have reached out to me to ask about the recent downtime on Amazon and Playstation Network (PSN) being hacked asking: Is Cloud really ready for primetime? This sort of fear and uncertainty is exacerbated by Tim Weber’s inaccurate reporting today on the BBC.

Cloud computing may be the hottest thing in corporate computing right now, but two IT disasters – at Amazon and Sony – beg the question: Is cloud computing ready for primetime business?

This demonstrates the real problem: Being so confusing that some IT professionals don’t understand it- how are the media to know any different? So much so they’re struggling to tell the difference between “On-line” and “Cloud”. And because they don’t understand it- they’re misinterpreting it… I couldn’t resist retweeting David Pogue from the NY Times and CNBC the other day. Why does it matter?

Because everything Online is not Cloud.

And calling everything Cloud when it’s not muddies the water and makes things worse, not better.

So how do you tell the difference? Start with reverting to a position  that a website or web service isn’t Cloud by default, but it might be given the right set of circumstances. When does a web service become Cloud? Typically as SaaS- Software as a ServiceJP Morgenthal on Quora had a good go at answering this:

SaaS implies you are acquiring your software as a service delivery model, and with that, most likely paying for that service. How you interact with that software is undefined, but most likely Web-based. A consumer-oriented Web Service implies nothing more than a publicly published interface based on REST or SOAP approaches for interacting with a Web-based application.

For consumers if it’s not SaaS, then it isn’t Cloud. Just like Sony’s PSN isn’t Cloud- it’s a web service. Look how they describe it on their website:

PlayStation Network is a free-to-access* interactive environment where you can play online games, chat to friends and family around the world and surf the web – and all for free. It doesn’t cost a thing to get connected, so sign up to PlayStation Network and get stuck in today.

That isn’t SaaS so isn’t Cloud. So Sony’s “Cloud” issues aren’t Cloud issues at all, they’re network security issues with their web service and should be described as such. Plus I don’t see how a consumer gaming network is going to effect this scenario quoted in the BBC article:

It’s a nightmare moment. You are under pressure – to meet customer orders, finish a project, execute a deal – and nothing. Your computers, servers or network are down. If you are lucky, a few nail biting hours and a reboot or three later, you and your IT team have restored services.

Amazon’s issues are entirely different- they relate to Infrastructure as a Service (IaaS), a different part of the Cloud Stack.

For those of you that don’t know what IaaS is- it’s disk, network and compute bought on an on-demand basis, normally in the form of virtualisation.

The BBC gleefully showed this image of Amazon’s status page as evidence of it’s unreliability, failing to notice all the other zones being up.

The reality behind the Amazon EC2 outage is their Elastic Block Store (EBS) failed in two availability zones in one location due to human error. They revealed a weakness in EBS that wasn’t known previously but an issue known to Cloud experts.

The websites that went down because they only had their data stored in that one location, and not the more expensive option of cross locations. In essence they failed because they trusted Amazon and wanted to do it as cheaply as possible. Had they installed services locally this would be akin to installing on a single machine with single failure point tolerances. This highlights an important lesson for those going to IaaS. Applications built for IaaS are completely different to those built for on-premise, because they conform to a highly distributed “design for failure” architecture, which gives them the ability to scale up and down, as well as the ability to recover from infrastructure failure.

There were lots of companies that took this approach, and using Amazon didn’t have any downtime at all. Most notable of these was Netflix- which now generates some 29.4% of peak time internet traffic in the US. They have a true “design for failure” approach and have built a “chaos monkey” to randomly cause havoc on their systems by shutting down systems to see how the application responds. They’ve found their weaknesses and fixed them, and as a result survived catastrophic location failures despite being reliant on Amazon.

So with IaaS, it’s not the Cloud that matters- it’s how your application is built.

And finally- but most importantly to me- I don’t want these failures to be associated with SaaS. We go to enormous lengths to ensure that our services are reliable and available to our clients, backed up by a 100% availability SLA. In essence, we put our money where our mouth is.

And yes, “Cloud” or whatever part of the stack you’re talking about, is ready for primetime. It’s what and how you use it that matters.

Add your comment (0)

Cloud Strategist
Mimecast

Article Tags

, ,

By on May 12, 2011

Forrester confirm motivation for Cloud Email

When I’m talking to CIOs about their email compliance strategy they usually have a clear idea what their challenges are and the tools they would need to achieve a perfect Zen-like calmness within their environment.

However, they also know that in order to create their own private Zen Garden Server Room, it’s likely they would need a significant increase in IT budget.

We have written about the Cloud v’s DIY approach on this blog post many times; out of a desire to increase awareness that the old money way, build it yourself, is increasingly less affordable and achievable and certainly more complex than what the Cloud has to offer.

Recently Forrester Research carried out a study of risk management and compliance executives within financial services firms who were once reliant on in-house systems but who are now moving to the Cloud. The headline findings were unsurprising, to me anyway; Forrester found that more than 60% of the respondents said their shift to the Cloud was being driven by the “promise of lower total cost of ownership” increasingly simple and rapid deployments and easier management than their network based competitors. Over half of the respondents said they already had plans to use hosted email management and general compliance solutions by 2012.

Some key findings of the report also included the following:

  • E-discovery and data privacy is a struggle: Some 55% said they had problems complying with privacy laws, whilst at the same time making data accessible and searchable for ediscovery purposes.
  • Compliance has many heads: 75% of decision makers at the polled financial services firms said they worried about the reputational damage of regulatory oversight or investigations. They also reported having major concerns about integrating the various compliance tools in their armory into the network in an efficient manner.
  • Content, content, content: Email wasn’t the only driver for taking compliance to the cloud; other sources of content are being considered too. Anything that generates, consumes, removes or manipulates their electronic content needed to be considered.

The findings of the report probably make a lot of sense to most people. I expect anyone with a reasonable driver for email compliance tools and services, whether internal or external, will be feeling similar pains.

When you stack up all the bells and whistles needed to achieve compliance with each and every regulation out there, especially if you’re in the financial services sector that’s a pretty large heap of hardware and software – certainly one that won’t fit in the average Zen Garden. It’ll make a terrible mess of the gravel and bamboo if it does. The reason I said I’m not surprised by the reports findings are because I’m exposed to people trying to solve these problems everyday. Invariably the conversation gets onto how the Cloud can help remove this complexity, and one by one we usually cross the LAN-based compliance solutions off the whiteboard and move them out to the Cloud.

What really interests me, and the study by Forrester confirms this; is that CIOs are no longer thinking about the old money. They are the ones driving their businesses towards the Cloud, it is the CIO clearing out the multitude of tools that clutter their minds and infrastructure. It’s almost as though a sort of Cloud Enlightenment has come upon them.

Either that or the cost and complexity benefits are unbelievably clear.

 

 

Add your comment (0)

CISSP, CCSK
Mimecast, North America.

Article Tags

, ,

By on April 25, 2011

10 Signs You Might be a Server Hugger

Some Definitions

Server (sûr’vər) – noun – A computer that manages centralized data storage or network communications resources. A server provides and organizes access to these resources for other computers linked to it.

Hugger (huh’ger) – noun – A tight clasp with the arms; embrace.

I would therefore suggest that if you’re tightly clasping or embracing, with your arms, a computer that provides and organizes data, network resources or other computers – you’re a server hugger, even just metaphorically.

Why

I had never heard of a Server Hugger before; tree hugger maybe. After checking the authoritative tome on the subject, the Little Book of Hugs (of course), I am none the wiser.

This all came about after a meeting where the topic of discussion was mostly Cloud and Email Management in the Cloud; a quick debrief revealed that one of the ‘opposing team’ was a card carrying Server Hugger, and staunchly opposed to all things Cloud. So that got me thinking,

There’s no known cure for being a server hugger, but luckily it is yet to be a terminal problem; unless you include Terminal Services. It’s no bad thing if you are a Server Hugger, even if undiagnosed, just think of all the new concepts and technologies you can offer your employees by adding just a teeny little bit of Cloud to your network.

10 Signs you Might be a Server Hugger

These 10 signs might indicate you’re a server hugger.

1. You enjoy large air-conditioned rooms, lit only by strip lights, devoid of all soft furnishing. The rows of metal boxes or racks will appeal to your organized side. The constant hum and fizz of white noise relaxes you.
2. Using a fingerprint or hand biometrics to gain access to rooms still excites you.
3. You can’t walk past messy or disorganized cabling (of any kind) without tutting and shaking your head
4. When you apply patches to your servers or application you can’t help but think services take longer to start when you watch them.
5. You believe any ‘progress bar,’  especially the blue ones, have built in anxiety detectors. The more anxious you get the slower they go.
6. Blinking green or yellow lights have a calming effect as you look at them, almost hypnotic. Red ones give you that ‘ohno second‘ feeling.You would go out of your way to buy things with blue LEDs
7. You like the feel of cold rackable metal boxes. You touch them often.
8. You’re thinking Cloud is the same as virtualization, something we should take a look at sooner or later, but for now you have users to deal with.
9. You believe there is no security applied to Cloud data, regardless of what the vendor tells you.
10. You have half thought about Aralditing up your users’ USB ports to stop them plugging things in.
11. (One for luck): You worry about all those servers and boxes and applications and green lights and red lights, but secretly you just need a big Cloud hug.

If you or someone you know if affected by this problem or you recognize more than six of the symptoms you should consult us straight away for the only known cure.

Add your comment (0)

CISSP, CCSK
Mimecast, North America.

Article Tags

, ,

By on March 23, 2011

Cloudonomics: a closer look

I was recently asked to write an article for an IT magazine on the economics of Cloud Computing: Cloudonomics. Specifically, I covered what are the cost dynamics, how do you measure them and how do you evaluate them. Here’s my article:

The economics of the cloud are becoming assumed and this is dangerous because they are by no means assured. The electricity-commodity metaphor, while useful, has outgrown its usefulness.  Make the wrong choices about cloud and you could be stuck with a solution that doesn’t return ROI at all. The key to Cloud Economics, or Cloudonomics as they’re known, is understanding the types of Cloud and key economic drivers.

In preparation for this article I asked a computing professional: “What is Cloud Computing?”

His answer was: “Computing which you buy in a pay-as-you-use, or on-demand way.”

Sound reasonable?

Yes, if you were only talking about Infrastructure as a Service. However, if you’re talking about the economics of Platform as a Service or Software as a Service, you need an answer that is completely different.

This is the nub of the problem: people commonly associate Cloudonomics only with the economics of Infrastructure as a Service (IaaS), which consists of Disk Storage, Compute Cycles, Memory and Network Bandwidth. In other words, virtualised compute resources all purchased as a service- or on a pay-as-you-use basis. The provider that most people have heard of is Amazon EC2.

So what are the Cloudonomics of IaaS?

In the past, organisations had to always provision for peak use- or expected demand. This meant that while the organisation was under normal load- typically about 30% utilisation- 70% of the compute capacity was being wasted. Then when the application needed more power, more physical machines had to be added, thereby increasing spare capacity when not under load. This process could take weeks, so organisations typically tried to predict loads and provision even more resources, thereby pushing utilisation down even further.

And organisations have been known to take over provisioning to extremes; Vivek Kundra, the United States Federal CIO found that utilisation in Federal Datacentres was less than 3%.

Platform as a Service (PaaS) and Software as a Service (SaaS) have completely different economics because they are purchased in completely different ways. A PaaS is a service used by organisations to execute code produced by developers and is paid for as it’s used. Applications typically need to be redeveloped for PaaS, as the application needs to be designed to take advantage of the platform it’s running on. PaaS provides ROI by alleviating developers’ concerns about scaling their infrastructure or employing engineers to run the service.

SaaS is software used by organisations and again paid for in an as-you-use model. However, SaaS is billed on value, is normally aligned with users and delivers ROI much like traditional software, except there is no capital investment, which means that value and expense are closely aligned. It also produces systems that are much more scalable and flexible than traditional software.

So how can IaaS help and deliver ROI? Instead of having to provision for peak capacity, organisations can buy resources as they need them, matching utilisation and thereby provisioning with demand.

Cloudonomics really come into play when you optimise the purchase of resources. That’s because on-demand resources are more expensive than dedicated resources, so you shouldn’t just use all on-demand resources if your application has any continuous load. The formula for working out how much to provision as dedicated is the inverse of the utility premium, i.e. how much more expensive on-demand is over dedicated. If dedicated is the same price as on-demand, then no dedicated resources should be used.

That’s the idea, but for many organisations that’s nothing more than a pipe dream, as their applications aren’t built for IaaS. Applications that work best on IaaS are applications that scale horizontally and have built in failure redundancy. Not the typical applications that have been built over the last 20 years and deployed widely on the corporate landscape that require reliable hardware and scale vertically using more compute.

 

 

 

 

 

Add your comment (0)

Cloud Strategist
Mimecast

Article Tags

, ,

By on January 14, 2011

The Email Monster

The complexity monster

The complexity monster

Dan Tyan over at Infoworld wrote a great piece; ITs Biggest Money Wasters. Tyan poses six significant drains on your IT budget. Number four on Tyan’s list is the “Email Monster.” He sums this up perfectly;

“You already knew email was a productivity suck, but it also sucks money out of your organization in terms of storage, maintenance, software licenses, server upkeep, and the constant battle against spam, malware, and data leaks. It’s a problem that will only get worse.”

What an excellent term ‘Productivity Suck” is. It just sums up the sickness you feel at the thought of all that complexity that surrounds your email server. And let’s not forget email is actually a relatively simple concept; it’s all the demands and brouhaha the business aims at this poor little service that force IT departments to build a tangle of technology made of  various point solutions that don’t cooperate.

The email monster, or in our case the ‘Complexity Monster’, is a creature (above left) that we recently took to Dev Connections in Las Vegas where a lucky few got the opportunity to slay the beast. But the analogy of an email or complexity monster is much more powerful, and slaying that monster is comparable to the task ahead of some CIOs and IT teams who are trying to get on top of their email management infrastructure.

Looking into the eye of your monster might be a scary prospect, but there are ways around the impending doom. As everyone knows all Dragons & Monsters have a blind spot of some sort, and finding a way to exploit that in your Monster will be key.

More on the Blind Spot

I’m beginning to stretch the analogy a bit far here I know, but the idea of a blind spot is about getting to the soft underbelly of that Monster and finding a way to slay it once and for all. For example your blind spot might be compliance based, you might need to archive email but you know your storage is already creaking; simply adding more disk to the mail server isn’t going to solve the problem. So as a way of exploiting that problem (blind spot), make this a business issue; take the problem to the business, explain the risk of not retaining email correctly in light of your compliance requirement. Then importantly suggest a solution that encompasses everything that’s wrong with your email management infrastructure. Poking at one small part of the Monster with a pointy stick merely annoys it and endangers your own health.

In Tyan’s article, Gary Bahadur of KRAA Security suggests that sub 1000 user companies can gain efficiencies by outsourcing their email to the Cloud. This blog has long extolled the virtues of the Cloud and email management but I think the key point is; in order to slay your Monster you’re going to need a weapon that won’t give up on you or break halfway through the process – you essentially need a weapon that slays this thing once and for all. I think the Cloud is going to be the only sensible weapon to choose. Everything else is simply a pointy stick.

I would love to hear your heroic stories of Monster slaying… email them to monsters@mimecast.com and we’ll publish the best on this blog.

Add your comment (0)

CISSP, CCSK
Mimecast, North America.

Article Tags

, ,

By on January 7, 2011

Looking Back, Going Forward: 2011 Predictions

Fortune Teller

Flickr Image via riptheskull

After looking back to 2010 what will 2011 see? Here’s my take:

  1. Cloud First purchasing policy pervades
    I see a mind shift when people are looking at procuring technolog y- they’re going to look “Cloud First” before considering other solutions, even if they’ve got existing investments on-premise.  We’ve seen some of the most cautious organisations – even the US Government - doing this.
  2. On-Premise needs Integration / On-Ramps
    As organisations go “Cloud First”, they’ll need to integrate Cloud into their existing IT with Cloud Integration or “On-ramp” technologies. These are technologies that enable companies to use the Cloud in conjunction with their existing systems. Despite being considered decidedly ‘un-sexy’ by the clouderati, the majority of organisations will enable their Cloud journeys with On-ramp technologies. Mimecast is a great example of an On-ramp technology, leveraging the best of the Cloud with on-prem systems. The word I’m really trying to avoid using here is hybrid, which has negative connotations for me – but yes On-ramp could mean hybrid.  But that’s another conversation entirely.
  3. Continued Consumerisation of Enterprise Software
    Cloud is putting IT departments under enormous pressure.  As a result of the confluence of Social, Mobile and Cloud, staff are getting used to having excellent tools at home and want to use them in their workplace – so called Sunday night / Monday Morning expectations. IT departments need to satisfy these expectations using corporate IT, or risk the scenario of users making their own credit card purchases, creating compliance nightmares (Cloud Piracy- remember wireless?). “Simple, easy-to-build, easy-to-learn, easy-to-use consumer-style apps will increasingly be used to power enterprises,” said Jeff Clavier.  And the proliferation of Tablets beyond iPad – Android, BlackBerry and Windows – will accelerate it. That means change, which is scary- but surely much less scary than if users do it themselves.
  4. IT’s shift towards Business Transformation accelerates
     To make that happen, IT folk need to realise their future role is in the use of technology to enable Business Transformation, rather than being technologists for the sake of it. James Staten from Forrester articulated it best:“And The Empowered Shall Lead Us. In Forrester’s new book Empowered, we profile a new type of IT leader, and they don’t work for you. They work for the business, not I&O, and are leveraging technologies at the edge of the business to change relationships, improve customer support, design new products, and deliver value in ways you could not have foreseen. And, despite your “better judgment” you need to help them do this. Your frontline employees are the ones who see the change in the market first and are best positioned to guide the business on how to adjust. They can turn — and are turning — to cloud services to make this change happen but don’t always know how to leverage it best. This is where you must engage.”

    And that’s why IT doesn’t have to fear for it’s job in the Cloud. It’ll just be different and we need to embrace the change.

  5. Lock-in fears subside
    Vendors need to continue to tackle the perceived lock-in generated by the Cloud. The reality is that the lock-in isn’t nearly as bad as people think. People have been using proprietary standards for years.  The only difference now is that it’s in someone else’s datacentre and they can’t prod it. Portability of PaaS will remain critical, and although this has seen significant improvements, there may be more to come.
  6. The Rise of the Plaforms
    We’ve long been saying that PaaS is the future of apps. But PaaS requires re-development, and that takes time to do, as well as confidence in the future of PaaS platforms (as lock-in is currently a problem). The more lock-in fears subside, the greater uptake of PaaS we’ll see. Why would you want to run your own stack if you don’t have to?
  7. Standards come to the party
    In certain areas – especially Compliance – 2011 will be the year for standards. When people voice objections to Cloud, the number one objection is always Security. Security is a function of Compliance. It is imperative if Public Cloud is to attract “serious” buyers such as Governments and major corporates that standards in critical areas develop so that buyers can have certainty over what they’re procuring. Christopher Hoff summed it up:“Security is not the biggest barrier to companies moving to applications, information and services delivered using cloud computing.

    What is?

    Compliance.

    … That means what one gives up in terms of direct operational control, one must gain back in terms of visibility and transparency”

    That’s the only way you can measure the security or compliance of a Cloud solution. This has been massively challenging for Cloud providers to date, because of the lack of standards and unwillingness to divulge too much IP.

  8. Rise of Cloud Exchanges or Brokerages
    As we see growth in providers of IaaS we’ll see more brokerages or exchanges, where people trade computing capacity according to trading principles of supply and demand. This will enable compute capacity to be utilised more efficiently, thereby driving down the cost of Cloud compute resources. Incumbent vendors don’t really want this to happen because they don’t want to be competing on price, but this will force them to innovate at an increasing rate to differentiate against the commodity providers. Upstarts in the Cloud sector like Telcos and Hosters will be keen to dip their toe in this market, since they have both customers and infrastructure at their disposal.
  9. Customers will get wise to “Cloudwashing”
    In 2010, a lot of vendors jumped on the Cloud bandwagon with the same products as before, masquerading as ‘Cloud’.  I heard a great story about vendors jumping on the bandwagon:

    “At the start of the millennium, EMC launched the concept of Information Lifecycle Management (ILM) to embrace the idea of caring for data management from cradle to grave across multiple media and tiers. Within weeks, a rush of vendors issued press releases about their latest ILM offerings. In many cases, these were the exact same products as before but with a rebranding to capitalize on the fad of the moment.”

    That’s certainly happened again with Cloud. I predict that 2011 will be the year when Customers “get” Cloud and therefore get what’s not. This will be strongly helped by those vendors previously guilty of Cloudwashing who have used the intervening period to build or buy “true” Cloud technology.

What are your predictions for Cloud in 2011?

Add your comment (2)

Cloud Strategist
Mimecast

Article Tags

, ,

By on January 5, 2011

Looking Back, Going Forward: 2010 in review

If you don’t know where you’ve come from- how do you know when you’ve arrived?

Before looking forward towards Cloud in 2011- let’s look back at 2010- in acquisitions, to see where the industry is putting its money:

I think it’s clear that Cloud crossed the Chasm in 2010 and the Enterprise Software Vendors have piled in with acquisitions to sure up their positions.

The main trends I would pick up from these acquisitions are:

  • On-ramp and Integration tools are critical to help Enterprises leverage Cloud (IBM, Dell)
  • Monitoring and Automation is key to Cloud (HP, Cisco, CA)
  • PaaS is the future of Application Development (Red Hat, Salesforce)
  • IaaS is key to Public and Private Clouds (CA)

So what will 2011 see for Cloud? Come back Friday.

Add your comment (0)

Cloud Strategist
Mimecast

Article Tags

, ,

By on December 23, 2010

Predictions for the Technology Industry in 2011

Forget what all the other folks are telling you. Here’s what’s really going to happen in the technology industry in 2011:

– In January, Facebook will announce the death of the telephone in the era of social networking. “Why would anyone need a telephone when they can simply update their facebook status?” asked Facebook’s Mark Zuckerberg, pointing out that he is now worth more than any phone company in the world.

– In February, after describing cloud computing as “water vapor” in 2009 and then announcing a hardware-inclusive “cloud-in-a-box” offering in 2010, Larry Ellison will announce Oracle’s latest vision, Orbital Cloud (TM). “If you’re going to outsource your IT,” he’ll tell a crowd of skeptical journalists, “you might as well get it off the planet, where it’s safe from earthquakes, hurricanes, and open source advocates. When people talk about cloud computing, they really mean clouds of diffuse interplanetary gases.” LISP programmers worldwide launch a protest movement under the slogan, “In space no one can hack in Scheme.”

– In March, in further pursuit of the perfect user interface, Apple will announce that it is disabling all iPhone apps not personally approved by Steve Jobs. “We expect our users to be grateful,” said an Apple spokesman, “for our protecting them against accidentally seeing anything ugly, ever.”

– In April, Apple will admit that they can no longer produce the more-beautiful iPhones fast enough to ship them to the US, because they’re all being purchased in Asia for well over list price. To address this shortage, Apple will double the list price globally. Consumers will promptly queue overnight at Apple stores in hope of paying the new higher prices.

– In May, Facebook will introduce its own “revolutionary” IP-based telephony service. “In the future,” says Mark Zuckerberg, “any two people in the world will be able to speak to each other, via audio, in real time, as long as they have Facebook accounts. This changes everything.”

– In June, after years of struggle to live up to the corporate slogan, “Don’t Be Evil,” CEO Eric Schmidt will snap during negotiations with the Chinese government and begin screaming political slogans at Chinese President Hu Jintao. The YouTube publication of an unfortunate video clip of this incident — which, to add insult to injury, was taken with an iphone — will result in Google’s banishment from China, “until more mature leadership is established.”

– In July, Google will announce that Schmidt is taking an indefinite “medical leave” and that it has arranged for former lobbyist Jack Abramoff to be released from prison to serve as interim CEO. In his first press conference, Abramoff will say that in the future Google will be more sensitive to cultural differences, noting that one culture’s “free speech” is another’s “treason.” China will promptly reopen its doors to Google, welcoming its “return to ethical behavior.”

– In August, Apple will wow everyone yet again with the introduction of the new “Apple iRose,” red-tinted digital glasses that both correct your vision and make everything and everyone look more beautiful. By the end of the month, Apple’s market capitalization will exceed the rest of the NASDAQ combined.

– In September, the Obama administration will announce the seventh version of its final decision about net neutrality. This policy will say that Internet traffic carriers must provide non-discriminatory access over wired lines, but may discriminate in access to wireless traffic, unless the content of the traffic is a discussion of whether or not there should be any difference between wired and wireless traffic, in which case they can only discriminate over wired lines. Exceptions will be made for public interest organizations, heavy political donors, and certain phases of the moon. Republicans announce that they intend to oppose the policy vigorously, just as soon as they can figure out what it says.

– In October, Larry Ellison will announce the cancellation of the Orbital Cloud program due to poor server performance, and will fire dozens of incompetent engineers for limiting transmission speeds to 186,000 miles per second. Claiming that the term ‘cloud computing’ was a typographical error all along, Ellison will introduce a new line of high-decibel servers he says will “fulfill the long-awaited vision of Loud Computing.”

– In November, Apple will introduce the revolutionary new Apple iWeight, a perfectly smooth white plastic sphere with a flat bottom and a weight ideally calibrated to hold papers down. “Our research tells us that customers want beautiful things,” says Steve Jobs, “and that they don’t really care what they do, or if they do anything at all.” Violence breaks out in front of those Apple stores that don’t have enough room for long lines to queue. Apple’s market capitalization surpasses the gross domestic product of the European Union. Jobs offers to pay off the US national debt if the government will replace all its Windows machines with Macs. As the Obama administration considers this offer, the Republican leadership announces that whatever the administration decides, it will oppose it.

– In December, Larry Ellison, saying “we’ve finally got it right this time,” will drop broad hints about the still-secret upcoming Oracle Clown Computing system. Puzzled observers given a sneak peak will be unable to identify any differences from traditional Oracle offerings.

– And finally, by January 2012, no one will remember a single one of the many predictions made a year earlier of what would happen in the technology industry in 2011.

Add your comment (0)

Chief Scientist
Mimecast

Article Tags

, ,
Previous Posts