Entries with tag cloud computing .

Private Connections to the Cloud

Recently, Google launched Google Cloud Interconnect, a service that allows enterprises to create secure private connections to its cloud services.  In doing this, they’re playing catchup with AWS, which already has a Direct Connect service, and Microsoft, which offers Azure Express Route.  All of these provide direct network links between private networks and cloud facilities, resulting in improved security, higher availability, and lower latency than connecting over the Internet.  The distinctions between these services are as follows:

  • Google offers three types of interconnection: carrier interconnect, secure VPN over the public Internet, and direct peering at 70+ locations in 33 countries.

  • AWS Direct Connect offers connections at Layer 2, based on 802.1q VLANs.  These can be partitioned into multiple virtual interfaces, so as to share a single connection between a number of public and private cloud resources.

  • Microsoft Azure Express Route offers a range of connections at the IP layer using public and private peering based on border gateway protocol (BGP).

The cloud providers bill for these services based on the volume of data on egress from their network, but the cost of the telco connection is additional.

The connections are available through a range of network providers including Equinix, Level 3 and Verizon, which are also developing their own products in this space.  Equinix launched its Cloud Exchange earlier this year with over 50 cloud partners, and Verizon launched Secure Cloud Interconnect at about the same time.  Level 3 has been offering its Cloud Connect service for over a year, which includes IP, MPLS, Ethernet and optical options.

These services are particularly useful for organizations that use hybrid cloud architectures with multiple cloud providers.  They allow businesses to connect directly to cloud resources, bypassing the Internet while separating the network connections to public-facing web servers from backend systems, such as databases or application servers.  If you think direct cloud connections would benefit your organization, Scisbo can help you find the right service.

Protect Your Data

Somewhat shockingly, a recent study suggests that the data integrity of Internet users may be less secure than they think.  Consider the fact that 21% of Internet users reported having a social media or email account compromised.  Worse, 11% of online users have had personal information stolen such as a social security number, bank account information, etc.[1]  As such, we felt that a timely reminder on how to keep your data secure was in order.

Protect Your Password

We’ve all heard it time and time again.  Choose a strong password, change it frequently, and don’t select security questions that anyone with access to your Facebook profile could answer.  So, how do you choose a strong password?  Author Farhad Manjoo recommends that you select a phrase that’s easily remembered.[2]  For example, Disney World is my number one favorite vacation spot.  By taking the first letter of each phrase, this could easily be converted to DWimn1fvs.  Talk about a difficult password to hack!

Keep Your Virus Protection Software Up-to-Date

Just last year the Environmental Protection Agency had a security breach affecting nearly 8,000 users.  The breach included Social Security numbers, home addresses, and bank account information, and was caused by an email attachment with a virus.[3]  It’s easy to let virus protection software expire—offering no protection at all—or to allow virus definitions to become out-of-date.  Make sure that your software is constantly running in the background and that you are using the latest security patches.

Always Create Backups

Creating backups and storing them in the cloud is a great way to ensure that even if the worst occurs, you can still access your important files.  Contact us to learn more about disaster recovery and cloud storage services.  You can store and retrieve your files in a snap and never have to worry about losing important files again.

In short, you never want to take your data security for granted and preventing data leaks doesn’t have to be complicated.  With simple steps like these, you can avoid becoming a victim of identity theft, saving yourself lots of time, money and headaches.

Recovery as a Service Brings Peace of Mind

Having a disaster recovery plan in place is critical for any organization.  Very few businesses survive losing all of their data.  While this is common knowledge, many small businesses fail to commit time and resources to making sure that enough backups are being created and that their systems can be restored successfully.

If you're not completely sure that your organization is prepared for a big system crash or an environmental disaster, then Recovery as a Service (RaaS) might be the answer.  RaaS involves more than just backing up data to the cloud.  Instead, the RaaS service provider audits your system and schedules frequent backups in multiple geographical locations.  The provider will also create a 'sandbox' using servers and network resources in the cloud to test that everything restores correctly.  Using the cloud means that your live systems are not disrupted—and the resources are released once the test is complete—so that you only pay for what you use.

If a disaster should occur, your systems can quickly be recreated in the cloud so that staff can work via the Internet if your office undergoes a shutdown.  It's cheaper than running a hot backup, where the data is mirrored on a running server at all times, because the computing resources are only paid for when they’re needed.

You can use RaaS whether your servers are on your premises, in a colocation facility, or in the cloud.  RaaS provides peace of mind, because you know that your IT systems will always be there when you need them.  If you suspect that your disaster recovery plans need improvement, give Scisbo a call.  We’ll be happy to help get RaaS set up at your workplace.

Hybrid IT Architectures Bring Maximum Flexibility

Hybrid cloud architectures are increasingly becoming the preferred way for businesses to implement their IT infrastructures.  They provide maximum flexibility, combining high security for critical data—like credit card numbers—with an elastic cloud architecture, making it possible to scale web sites dynamically to match demand.  Hybrid cloud architectures also give you the tools to control all of your IT resources through a single management interface, as well as the flexibility to move IP addresses, share firewalls and create load balancing between locations; these locations may be different areas within a single data center or geographically dispersed.

To make the most efficient use of hybrid infrastructure, it’s best to match the type of server to the application load.  The reasoning behind this is because it’s more cost-effective to use a dedicated server for stable loads and a flexible cloud infrastructure for loads that have seasonal fluctuations.  It just doesn't make sense to pay for flexibility unless you need it.

In some cases, a single application may be implemented using different types of servers for different tasks.  For example, an online retailer may need highly secure servers to handle payments and use dedicated servers in a colocation space for that purpose.  But, they may also have an online catalog that sees huge spikes in demand at certain times of the year—such as Christmas—for which the public cloud would be a great fit.  A hybrid architecture allows the payment processing servers to be implemented on company owned infrastructure while the catalog can be hosted on a flexible cloud using Infrastructure as a Service (IaaS).  This allows servers to be spun up quickly when they’re needed and taken down again when the surge in demand is over.

Hybrid hosting services are also a good choice when you’re developing a new application.  Flexible IaaS cloud hosting allows servers to be set up and torn down rapidly without affecting any live services.  When the time comes to deploy for public use, then more stable servers can be deployed alongside those hosting the existing services.

If you think that hybrid cloud sounds right for you—or you want to check that you’re getting the most out of your existing hybrid architecture—then give us a call at Scisbo.  We'll create the right hybrid service for you.

Security Ultimately Depends on Trust

The growth of cloud computing is making people think harder about security—that’s not a bad thing.  Organizations need to know that their cloud provider can be trusted to store their data securely and comply with any regulations their business may be subject to.

Technical protection measures depend on two pillars—Access and Identity Management (AIM) to ensure that only authorized users are allowed onto the network, and encryption to make the data unusable if it is intercepted at any point.  These rely on long passwords and security keys because the computing power needed to crack them increases exponentially with the number of characters—this leads to an endless race to stay ahead of computing power.  For example, recently it was announced that security services used powerful computers to crack the AES 128-bit encryption that was generally regarded as the gold standard for securing data.  Now, security has moved on to 256-bit and 923-bit encryption.  Amazingly, even the 923-bit encryption was cracked in 2012 by Japanese researchers, but it required cutting-edge supercomputers and took them 148 days.

Encryption depends on treating your data as a series of numbers and performing predictable mathematical operations on it using other numbers, known as keys.  Someone has to issue and store the keys and the process is vulnerable to impostors intercepting that process (man-in-the-middle-attacks).  Often the computing power required means that the encryption process takes place in the cloud, so your data has to be stored in the clear while it happens.  The Edward Snowden news reminds us that the technicians have access to everything, so it’s important to choose a cloud provider you can trust.

At Scisbo, our partners understand our customers' security, regulatory, and compliance obligations.  Their operations are audited annually by multiple independent firms to comply with SOC, PCI, HIPAA, FISMA, and other regulatory bodies.  Their data centers are covered by dual-standard SSAE 16 and ISAE 3402, SOC 1 Type II, SOC 2 Type II, and SOC 3 reports.  Each facility complies with the PCI Data Security Standard for physical security, information security policies, and managed firewall service; they also comply with HIPAA and NIST 800-53 for environmental and physical security controls.  Additionally, they register annually for adherence to the US-EU Safe Harbor Privacy framework.  All of this means that you can rely on our partners' security.  To learn more, contact us—we’ll help you secure a cloud provider you can trust.

— 5 Items per Page
Showing 1 - 5 of 11 results.