Helping clients manage their technology for over 30 years.

Application vulnerabilities: Closer than you think

graph showing application vulnerabilities. small version has no labels.

Consider: Last year, according to Verizon, 54% of data breaches began as attacks on web applications, and for years one type of attack — SQL injection — has been the means by which 83% of stolen records were extracted. Meanwhile, says Gartner, 25% of all DDOS attacks this year will be application-based, and an increasing portion of these attacks may actually be diversions in which the bad guys use remotely accessible malware to target user accounts (for personal data or, in the case of financial institutions, for money).
Continue reading

Cloud Computing best practice: Always monitor your Cloud services

In order to know whether your Cloud provider is meeting the performance and availability parameters set out in your service-level agreement (SLA), you have to be able to monitor your Cloud services.

While you might not need or care to see detailed reports about the performance of your provider’s various infrastructure elements (VMs, storage, etc.), since this information doesn’t really provide a sufficient view into overall Cloud performance, you can and should seek information from your provider regarding application and/or workload performance.

Continue reading

Cloud Computing best practice: Use your Cloud SLA to get what you really need

clipboardChecklist

Do not — I say again, do not give your Cloud service-level agreement (SLA) short shrift. Your Cloud SLA is how you make sure you get what you want and pay only for what you get.

It’s not uncommon, however, to find yourself with an assortment of Cloud SLAs — one for each service your business subscribes to. Happily, the right Cloud SLA will enable you to bundle all your Cloud services into a single monthly OpEx payment.

Continue reading

Cloud Computing best practice: 4 security must-dos

Cloud on blue background with a lock in front. To illustrate Cloud Managed Services and Security services from Quest.

Your Cloud provider isn’t the only one with responsibility for the security of the information and applications your enterprise depends on. When it comes to security in the Cloud, it’s a collaboration between provider and customer.

After all, there are limits to a Cloud provider’s reach. For instance, if your employees use compromised web browsers to access data in the Cloud, your provider cannot be blamed.

Continue reading

Cloud Computing best practice: Evaluate Cloud provider security with these 7 questions

Person writing on glass the words good, better, best. The word best is circled.

Unless you’re an expert in security issues, doing proper Cloud provider due diligence can be daunting. Yet it’s essential, given the importance of your business’s data and applications.

So I offer seven questions for you to ask of every Cloud provider you’re considering. Pay attention to the answers you get and don’t hesitate to demand drilldown details. Remember: You’re contemplating putting at least some of the data and apps your business relies on into this provider’s Cloud environment.
Continue reading

Do your Cloud provider due diligence

Checklist with a cloud on it.

Whether or not we give it much explicit thought, we all do at least some due diligence every time we buy something.

When it comes to Cloud services, due diligence ought to be done explicitly and with forethought — because getting out from under a bad Cloud choice can be onerous. It’s worth your while to choose well in the first place.

Continue reading

Cloud Computing best practice: Understand available Cloud capabilities

Various cloud icons - cloud in center surrounded by monitors, laptops, etc

I’ve posted before about Cloud computing best practices, and I’m doing it again now (and for the next several posts) for a couple of reasons:

  1. Cloud computing continues to (quickly) evolve, and while some Cloud best practices stay more or less constant, others must be adapted to keep pace,
  2. Cloud success depends on adhering to best practices — so there’s no such thing as talking too much about them or the order in which they should be applied.

Continue reading

Why IT environments managed by service providers are more secure

Cloud with a lock and key to illustrate Cloud Security by Service Providers

For a while now, those of us who provide Cloud services have been saying that a properly run Cloud environment is inherently more secure than traditional on-premise IT environments.

Now a recent study from Alert Logic backs up that claim. The study compared security in traditional on-premise and service-provider-managed environments of 1,500 organizations with active investment in IT security.

Continue reading

Details, details: A look at the hybrid Cloud SLA

Hybrid Cloud Computing

Reading a service-level agreement (SLA) may be as exciting as watching paint dry — but when it comes to creating a hybrid that fits your organization and truly meets its needs, bringing your full attention to your SLA can make all the difference.

So here’s my version of Hybrid Cloud101:

Expect to customize your hybrid cloud SLA. The whole point of a private cloud is to design and customize cloud capabilities to address your unique needs, and you need a Cloud services provider willing and able to do that in ways that precisely reflect your business requirements so you can achieve the flexibility, scalability, cost reductions, efficiencies, redundancy, and disaster recovery protections you need — without overspending on overcapacity.

Continue reading

4 reasons for the hybrid Cloud of your dreams

Cloud computing written on a chalkboard

As you spend more and more time using Cloud-delivered services, applications, and data, odds are you’ll end up interested in a hybrid Cloud environment that can be deployed in ways that quite specifically meet your organization’s needs, both business-wise and budget-wise.

If your experience has been limited to public Clouds, you’ll need to tread carefully into the realm of hybrids because, by definition, hybrid Clouds are customized. Very quickly, you’ll come to understand that the success of your hybrid Cloud greatly depends on its customizer.

Continue reading