The centralization of apps, data, and management that’s an essential part of well-conceived and well-managed Cloud environments also helps make them more secure. Why? Because security policy is easier to enforce, threats to apps and data are easier to detect and address. 

Since Cloud data and apps are centralized in a data center, it’s actually easier (as compared to traditional siloed IT infrastructures) to establish effective security policy, monitor compliance, and intervene quickly and often preventatively when there are issues

More...

In the right Cloud environment, IT performance goes up while IT costs go down. 

Here’s how IT performance goes up:

1. Applications are hosted on centralized virtual servers in a data center, so …
   • Each department or end-user no longer needs their own copy of the app,
   • There’s just one version of the app, designed to be sufficiently flexible and customizable so all can use it on a variety of devices, and
   • Services are easily scalable, more secure, and more reliable.
2. Applications can be quickly and automatically provided on demand wherever they’re needed, so …
   • IT resources are optimized,
   • The entire IT environment is more responsive and flexible without adding work or cost, and
   • Access to resources improves without new implementation/deployment risks.
3. And end-users and their departments — as well as trusted partners — can be networked far more cost-effectively, regardless of location, via a standardized platform that enables integration and process automation between internal departments and partners. 

More...

Not so long ago, I came across a press release from Gartner, the analyst firm, which quoted one of its vice presidents saying:

“IT organizations that do not match the request for IT as a service run the risk of internal customers bypassing the IT organization and consuming IT services from the external cloud, thereby placing the company at greater risk.” 

It turns out that the analysts at Gartner see a world of hybrid IT architectures. Their view is that IT organizations are becoming brokers of IT services, some of which are hosted internally, some of which reside in externally hosted Clouds.  

More...

It’s pretty clear that mobility will be a major factor in why organizations of all sizes turn to Cloud Computing. The numbers speak for themselves:  

More than 2.5 billion users will connect to the Internet over the next several years via more than 10 billion devices. By 2015, this demand will require 8 times the storage capacity of 2010 as well as 16 times the network capacity and upwards of 20 times the compute capacity.

So here’s how it’ll go …

More...

For years, traditional siloed IT has been so rigid that even cast-in-concrete, one-size fits-all cloud services offer important improvements. This IBM study from last year shows where those improvements are: In flexibility, scalability, and efficiency — as well as reducing costs and providing the ability to ensure business continuity in the face of unanticipated disruption. 

More...

The siloed nature of traditional data center architectures has produced “you-can’t-get-there-from-here” IT environments. Too often applications, data, and storage devices don’t interact, resources are wasted (e.g., one workload per server), and complex management hassles often lead to risky administrative lapses that result in security vulnerabilities . 

The result: IT infrastructures that are too unwieldy, too expensive, and too slow at a time when agility and responsiveness are essential for success. 

More...

We’re seeing more and more interest in Cloud Computing of late — and some lingering confusion about both what it is and what Cloud options a small-to-midsize business really has these days.

So buckle your seatbelts. I’m going to discuss Cloud, and in the process, I’ll lay out what I see as the benefits of Cloud Computing — especially when it’s done right. (And yes, I’ll get to that, too, so keep dropping by…)

OK, so in the beginning there was Cloud Computing. Last year, the National Institute of Standards and Technology (NIST) was kind enough to offer up a definition, which has since become something of a standard:

More...

Data loss prevention (DLP) is a powerful security tool. So powerful that it’s tempting to try a broad, pervasive implementation. But this can backfire into a flood of false alerts — unless you first think through your DLP strategy:

1. Decide/define what data you need to protect and how. 
2. Understand your organization’s business workflow, including how it uses sensitive data and where your network infrastructure is susceptible to data leakage. 
3. Develop a security policy that establishes organization-wide standards and procedures for data ownership and usage — and includes the means to enforce those policies.
4. Seek out a DLP service provider who makes it easy for you to deploy DLP in cost-effective phases at your own pace.
5. Forge an implementation plan that nails down specifics concerning your network, endpoints, discovery requirements, and so on. Aim initially for basic DLP capabilities, usually focused on (select one) network, endpoint, or storage (discovery) requirements — and just a single policy (to avoid being overwhelmed with alerts). Once one capability is deployed and optimized, you can tackle the next one with confidence and efficiency.

DLP is not a box solution. To be effective, it must be deployed in the context of well-considered security policy and a willingness to assess and rank corporate data, apply user-privilege and access controls, routinely audit policy and data flows, and train employees about acceptable use.

A trusted security services advisor can help you map your objectives to what’s possible with DLP and guide you through a successful DLP strategy, planning, and deployment process.