IT Support and Hardware for Clinics
31.3K views | +4 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Looks like Microsoft is outsourcing a part of its cloud

Looks like Microsoft is outsourcing a part of its cloud | IT Support and Hardware for Clinics | Scoop.it

CDN expert Dan Rayburn reported Monday that Microsoft is deep-sixing its home-grown content delivery network capabilities and is instead turning to Verizon EdgeCast to deliver video for Microsoft Azure customers. Verizon bought Edgecast for its media delivery expertise, in late 2013.

Reached for comment, a Microsoft spokesman provided a limited confirmation: “Microsoft licenses technology from many partners to complement our product offerings and to give customers complete solutions. We are happy to partner with EdgeCast to provide an integral component of the Azure Media Services workflow.”

Delivery of content of all kinds, including bandwidth-hungry video, has been a priority for the Azure forces. Microsoft trumpeted the use of Microsoft Azure Media Services to help live stream Winter Olympic events from Sochi, for example, but that effort relied on CDN market leader Akamai.

“While azure did have some CDN services of its own before shutting them down, but they were basic, Rayburn said via email.

“Partnering with Verizon’s EdgeCast gives Azure more CDN functionality, greater reach and capacity and allows Azure to get all of the advantages of one of the best CDNs in the market, without any of the major capex or opex challenges. It’s a smart move on Azure’s part,” he said.

As Rayburn pointed out on his blog, Amazon builds almost everything in its cloud from foundation to rooftop. Microsoft, on the other hand, is more partner-focused and thus more inclined to license or buy technology.

And, don’t forget, Microsoft is also playing cloud catch up to Amazon Web Services, which, having launched in 2006, has a multi-year head start over competitors. Azure, in its first PaaS-based incarnation launched in 2010, but the more AWS-comparable version kicked off in 2013.

When you’re behind in the race, buying in could be a way to make up for lost time.

more...
Scoop.it!

What you need to know about the cloud

What you need to know about the cloud | IT Support and Hardware for Clinics | Scoop.it

The cloud is the Internet, when used for chores that are traditionally handled by local hardware and software. For instance, if you back up your files to an external hard drive, that’s local. But if you use an online service such as Mozy or Carbonite, you’re using cloud-based backup.

Another example: If you use the installed Outlook program to read email, you’re using the Internet, but not the cloud. But if you read your email on the Outlook.com webpage, you’re reading it in the cloud.


Other cloud-based applications include storage/sync services such as Dropbox, and web-based office alternatives like Google Docs.

The word cloud suggests something that’s not quite real, not quite solid. And while cloud computing can feel that way, that’s not quite true. The software and data are stored on a server somewhere—probably multiple servers in various places.

But the very nature of the cloud brings problems. Speed, for instance. Almost any sort of local data connection—ethernet, Wi-Fi, USB 2.0—is going to be faster than most home Internet connections, especially when you’re uploading (the exception, of course, is if you’re lucky enough to have fiber to the home). A backup that would take minutes to an external drive could take hours online.

And then there’s price. Many cloud services are free, but only if you accept severe limitations. For instance, the free version of MozyHome will back up only 2GB of data. Upgrading to 125GB will cost you $120 a year. Compare that to the cost of an external drive: $50-$80 for 1TB, and you only have to pay that once.

Worst of all, you have to worry about security and privacy. Unless you’re encrypting everything on your end before it uploads, you have to assume the possibility that the company providing the service, the government, and illegal hackers could be accessing your files.



more...
No comment yet.
Scoop.it!

Top Security Threats Still Plaguing Enterprise Cloud Adoption - Redmondmag.com

Top Security Threats Still Plaguing Enterprise Cloud Adoption - Redmondmag.com | IT Support and Hardware for Clinics | Scoop.it

As cloud computing moves beyond the early-adopter stage, security and privacy concerns and the inherent risk of moving assets off-site are not just fears -- they're real. Uncertainty about data security and privacy slowing the adoption of cloud computing existed before last year's revelations by Edward Snowden of covert government surveillance, but the scope accentuated skepticism, coinciding with the rise of cyber attacks from around the world.

"Edward Snowden's revelations were really a wake-up call for the industry about what the government can do with your data," says IDC analyst Al Hilwa. "And if the government can see your data, who else can? It's really not surprising that security concerns have slowed enterprise adoption."

Those fears notwithstanding, they're unlikely to put a major dent in projected adoption of public cloud services in the coming years. Gartner Inc., for example, predicts cloud computing will constitute the bulk of new IT spending by 2016, and that nearly half of large enterprises will have hybrid cloud deployments by 2017. However, the results of a recent survey by U.K.-based communications services provider BT Group of IT decision makers in large U.S. companies underscore a contradiction: 79 percent of respondents said they're adopting cloud storage and Web applications in their businesses, but they also report their confidence in the security of the cloud is at an all-time low.

Top Security Threats
The lack of confidence is with good cause. The Cloud Security Alliance (CSA) has identified what its researchers believe to be the top nine cloud security threats. Data breaches top that list, dubbed "The Notorious Nine". Also on that list are data loss, service traffic hijacking, insecure interfaces and APIs, denial-of-service attacks, malicious insiders, cloud services abuse, insufficient due diligence, and shared technology vulnerabilities. The company emphasized those risks at a three-day conference in September hosted jointly by the CSA and the International Association of Privacy Professionals (IAPP).

Not on that list, but another major risk, is the ease with which employees can and typically do bypass IT departments when using cloud services, says Jim Reavis, founder and CEO of the CSA. Today, anyone can use a credit card to spin up a virtual machine on Amazon or Microsoft Azure, set up a SharePoint instance via Office 365 or another third-party provider or by using free services such as Box, Dropbox, Google Drive or Microsoft OneDrive. Reavis points out that when people bypass IT when using these and other services, it undermines business-level security policies, processes, and best practices, making enterprises vulnerable to security breaches.

Another risk Reavis points to: the lack of knowledge by IT management of the scope of cloud usage in an organization. At the CSA Congress 2014, the group published the results of a survey of U.S. companies, many of which drastically underestimated the number of cloud-based apps running in their organizations. The report concludes, "Cloud application discovery tools and analytical tools on cloud app policy use and restrictions are crucial in the workplace, especially when it comes to sensitive data being used by these cloud applications. With sensitive data being uploaded and shared by these apps with authorized and unauthorized users, policy enforcement becomes a major role in protecting your data."

The report estimated with more than 8 billion Internet connected devices, a growing number of businesses may own data, but no longer own their infrastructure. "A few years from now, that 8 billion will become a quarter trillion," Reavis says. "If we lose ground on privacy and security today, we'll have a very hard time getting it back. That creates a mandate to embrace the tools and technologies that are emerging to manage and protect these resources."

The proliferation of all those devices and the bring-your-own-device corporate culture has resulted in an enterprise that's more difficult than ever to protect -- cloud or no cloud, says C.J. Radford, VP of Cloud at data security company Vormetric Inc.

"The perimeter has failed or is failing, given that data is now everywhere," Radford says. "If you're only focused on your perimeter, you're going to have a very hard time protecting your data. But that's where the enterprise has traditionally spent its money over the past 10 or 15 years -- essentially, on building a bigger moat. The problem is, you can't build a moat around, well, everything."

Controlling Access
In an increasingly cloud-centric, perimeter-less world, enterprises must concentrate their security efforts on protecting the data itself, Radford says. His company partners with leading cloud vendors, including Amazon Web Services Inc., Rackspace, IBM Corp., and Microsoft, to provide data-at-rest encryption, integrated key management, privileged user access control, and security intelligence logging. Among other things, the Vormetric Key Management Key Agent software works with Microsoft SQL Server Transparent Data Encryption (SQL Server TDE) to help manage SQL encryption.

"Today, it's all about controlling data access," he says. "If you read any of the major breach reports, one of the ways the bad guys are getting access to data is compromising privileged username and password credentials. They're doing it through social engineering, phishing and that sort of thing."

Not surprisingly, Radford is a strong advocate of data encryption, and he also recommends a bring-your-own-key (BYOK) approach. "You should never rely on the provider to manage your encryption keys," he says.

"BYOK means the provider can turn over your data in encrypted form, but it's useless without the key. The other thing it buys you is the ability to `digitally shred' your data. We call that `permanently securing your data.' That's why we always say, rule No. 1 in encryption is never lose your key."

Encryption support is even showing up above the infrastructure level. Azure, Outlook.com, Office 365 and OneDrive, for example, are now supported by Transport Layer Security (TLS), Microsoft announced last summer. The encryption support covers inbound and outbound e-mail, as well as Azure ExpressRoute, which allows users to create private connections among Azure data.

Data encryption and data-centric solutions seem to be especially appealing to enterprises in the post-Snowden era, says Luther Martin, chief security architect for Voltage Security Inc.

Martin believes the primary cloud security concern in the enterprise today is availability.

"If you look at the data, in terms of frequency, most of the cloud incidents so far have been about service outages," he says. "The outages have been relatively short, but they can be terrifying, and there's not much an enterprise can do about them."

He also notes, however, that encryption keys present their own challenge -- namely, keeping track of them. "Effective encryption key management is hard," he says, "and people often don't give it the consideration it deserves. I mean, if you lose a key, you've lost your data, too."




Via Michael Dyer
more...
No comment yet.