The Hosting and Cloud Infrastructure-Complexity and IT Transformation webinar:

• Looked at the rise of the outsourced hosting model and the various options and trends
• Gave an analyst’s perspective of the hosting industry
• Assessed the complexities in managed hosting
• Delivered directional guidance for companies considering outsourcing options
• And more!

Click here to view the webinar on demand!

Here are some of the polling questions that were asked along with the results regarding how companies host their infrastructure and their feelings on Hybrid Cloud.

What is your perspective on these results? We would love to hear from you!

While there aren’t simple answers, there are ‘best practices’ that will help you make the right decisions about security in your hosted and cloud infrastructure. Let’s take a look at one of them: identifying the most relevant threats that require you to have good defenses.

Understanding your real threat landscape can help you identify the right technologies and methodologies to deploy, giving you real security benefits. But how do you get data beyond anecdotes to help you make good decisions?

State of Cloud Security

Our partner Alert Logic recently released their latest State of Cloud Security report, an analysis of data from real customer environments in enterprise data centers, hosted environments, and the cloud. The report provides a snapshot of threat activity for a six-month period, and Alert Logic’s added perspective on cloud and hosted environments makes it thought-provoking reading. Here are a few of the findings:

• Web application attacks are the most common threat for hosted environments, pointing to the importance of good coding and active defenses against SQL injection, cross-site scripting, and  other typical exploits.
• Malware is a big problem in enterprise data centers… but much less common in cloud and hosted environments
• Brute force attacks are an unsophisticated but effective tool, remaining common in all environments

The infographic below provides a visualization of some of the report results. You can also download the full report at http://www.alertlogic.com/csr.

Click for full size

Which Workloads are Best Suited for the Cloud?

One of the really interesting findings in the Alert Logic report is that overall, cloud and hosted customers were less likely to experience security incidents than enterprise data center environments. That’s not conventional wisdom, and it’s a piece of data to consider when deciding which workloads are best suited to the cloud.

Understanding the relevant threats makes it easier to prioritize different technologies: intrusion detection and prevention, log management, antivirus, vulnerability scanning, web application security, and so on. The Alert Logic Report is aggregate data with segmentation by environment and industry – however you can get even more specific by collecting data in your own environment to see what is happening. Either way, you will be on the path of identifying relevant threats and building your security plans around them.

Common_Schema

Shlomi Noach, CTO of JobsMiner.Com, presented his common_schema, which was very exciting. Shlomi was very energetic in the discussion which was refreshing, and he showed us just a few examples of what this toolkit can do. Subtitled with “The DBAs Framework,” the project creates a powerful interface for administrators to work with MySQL of virtually any flavor. This schema rings in at a whopping 1MB, and comes with a whole bunch of unique views and stored procedures to aid administrators in a variety of tasks. It even comes with main pages to help get you started and its own programming language built purely out of SQL! While it may not be the kindest to resources with some tasks, it enables you to easily dissect the data within MySQL as well as the security and design of your database server as a whole. It’s available on Google Code under GPL licensing, and it’s definitely worth checking out.

MySQL Server 5.6

As I mentioned before, MySQL 5.6 was released in early April, and the conference was full of great information on that as well. There are a lot of features being implemented by Oracle that incorporate ideas from all over the community. A lot of things that were on the drawing board for years now have also started to make their way into newest iteration of MySQL server, and while it may not suitable for production just yet, I thought I’d bring back some of the things to come and share them with our readers.

New Features and Improvements

A lot of the features that the Percona team has put into XtraDB for performance optimization have found their way into InnoDB which became the default storage engine back in 5.5. These days it seems more and more that disk I/O is the bottleneck for most servers out there, so it’s good news that a lot of focus was put on improving InnoDB performance in this area. Some operations previously handled by the server have been passed down into InnoDB directly. Improved file sorting on less than optimal queries, better indexing, and faster random read operations are just a few of the improvements. They’ve also implemented a method of warming the InnoDB buffer pool on startup which will have quite an impact on the performance of a server after restarting. A warm buffer may take days to fill on some systems running depending on the size of the pool and how often the data is accessed. While the general consensus seems to be that Percona Server 5.6 is not quite where it needs to be for most production systems, there’s a lot of excitement surrounding the project.

The event was held at the same venue as in previous years, but the turnout was better than ever, and it’s evident that the ecosystem is thriving with no indication of slowing any time soon. For those readers who utilize our managed hosting services, look forward to some improved offerings to take advantage of what we learned this year and stay tuned as development on MySQL and Percona Server 5.6 continues.

Yep, these days, they are pretty much the same thing. The promise that your hosting network, platform, or service will be there when anyone accesses it, anytime—whether it’s you, your staff, your customers—that’s high availability (HA). It’s a percentage that represents a system’s expected uptime, or availability, over a given period, preferably with several nines present: 99.9%, 99.95%–you get the idea.

From a consumer’s point of view, the Internet doesn’t have business hours. It’s always there, always on, always ready. But we all know that’s not realistically the case. Failed hardware, natural disasters, a worker throwing the wrong switch, and software updates can all cause temporary network outages.

Can you trust the cloud to come through? Yes, because the resilience of clustering technology and the distributed nature of the cloud helps absorb and avoid the bumps on the Internet highway. How do cloud providers keep your cloud-based infrastructure, platforms, and software available and ready?

Fail-over: The Key To High Availability in the Cloud

Fail-over means that when a system stops working for whatever reason, another system jumps in. Cloud providers typically achieve this through clustering, where multiple servers continually monitor each other and replicate data. In the event a server fails, another one takes over. Good cloud providers constantly check hardware systems for signs that a failure might occur, and test their fail-over systems to ensure they work as expected. Now, clustering can provide very high levels of availability, but it can’t guarantee 100% uptime—even 99.95% works out to being offline a little over 4 hours a year. However, fail-over is generally rapid, and might require a few seconds to a few minutes to occur depending on the solution in place.

Network Availability: How Many Nines Do You Need?

For some industries like air traffic control, fully redundant systems are necessary, but they are typically very expensive, and entail creating and maintaining duplicate systems that wait silently to take over (and sit idle the rest of the time).

For many businesses, the HA provided by clustering and other solutions is more than enough.  As to how many nines you need for your network availability that will depend on several factors. Take a look at how your business operates and study how much a given amount of downtime actually costs. Knowing that information will help the most in guiding your decision.

The cloud is the right place to be. After you know what you really need, what you can tolerate, and what the costs are, then you can ask the right questions of a cloud services provider and match your needs to the right package for you and your business.

How does your business determine the level of availability it needs? Are you getting the availability that you expect? If not, why not? Tell us!

Fill out the poll below for your chance to win a $50 gift card. We will be running our contests for the Month of May!

Part 2: Is the cloud on your horizon? It should be.

Part 1 of this series focused on three of our Top 5 reasons that businesses are making the move to the cloud:

1. Flexibility so you can better adapt to changes in the marketplace.
2. Scalability to easily increase or decrease capacity when you need it.
3. Technology and services to increase business agility and spur innovation.

Those three reasons are compelling enough on their own to start making the move. Still need convincing? Here are two more reasons to drive home the point that a move to the cloud is a smart one to make:

4.  Network Reliability

In the always-on world of the Internet, an outage won’t go unnoticed. A failed hard drive, a natural disaster, a DoS attack, a bug in an app—it doesn’t matter why. It all means the same thing: major headaches, business disruption, and lost reputation, all while a very expensive meter is running. And yet it’s the immediate threats to your business that get the most attention, not the potential ones. That’s a dangerous place to be in.

Cloud computing providers take preparedness very seriously. Network reliability is truly the foundation of their business, just as much (if not more) than the foundation of yours. The distributed nature of cloud computing helps ensure a level of reliability that an ordinary company would be hard-pressed to match. Thousands of servers ready to fail over automatically if necessary, hardened facilities,  network redundancy, continuous security testing and monitoring—that’s cloud computing at its best.

And unlike a contractor who builds you a system, collects the check, and then walks away, cloud hosting providers are always there 24/7/365 to provide support. Why not benefit from the cloud’s high availability, capacity, and power, rather than trying to compete against it all by yourself?

5.  Savings

Probably the biggest reason to move to the cloud is economics, and it boils down to a simple question: What would you rather invest your company’s money in—overhead, or in growing your business?

All the time and money you spend building network infrastructure, buying servers and equipment, plus patching, maintenance, and training all equals an unnecessarily high cost of doing business, and one that can end up chaining you to limited ways of doing business if you’re not careful. Why lock yourself in if you don’t have to?

When you move to the cloud, you can get out of the rat race of hardware upgrading and replacement, and instead redirect your money and your people (who are really your most important asset) toward developing your business instead of merely supporting it.

Get the cloud on your side

So: why move to the cloud? Because it makes sense—commercial, technological, and financial sense. You pay for what you need, you use what you want, and you can concentrate on what you do best, while you let the cloud do what it does best.

The cloud’s ready and waiting for you. What are you waiting for?

If you’ve made the move to the cloud or are considering a move, which of these factors motivate you the most? Answer our poll below and you will be entered to win a $50 gift card to Best Buy!

In a nutshell, they’re moving because the cloud can handle a significant chunk of their business overhead—particularly infrastructure and hardware—and can do it bigger, better, and more efficiently than they could themselves. And you can be sure that some of the businesses enjoying those benefits in the cloud include your competitors. So, what about you?

If your business hasn’t made the move already, what’s holding you back? Maybe you’re concerned about being locked in to somebody else’s system, or not quite sure how cloud services can really benefit you. Or maybe you just don’t know where to begin.

Concerns like those are valid. Smart businesses can and should ask these kinds of questions before taking a leap toward something new like a business cloud solution. For answers, take a look at our Top 5 Reasons to Move to the Cloud, and see what’s driving more and more businesses each day to the cloud.

1.    Flexible Cloud Solutions
Ever hear the saying “change is the only constant in life”? Businesses know that better than anyone. Your customers, your competitors, products, services and markets are always in flux. One of the best ways to combat that uncertainty is to build in as much flexibility to your plans and operations as you can, so that you can adjust quickly to changing conditions.

Moving to the cloud provides that flexibility in a number of ways, especially through the different services it can provide. And moving to the cloud isn’t an all-or-nothing proposal. You can move as much or as little of your operation into the cloud as you like to suit the size and nature of your business.

For example, a large enterprise might utilize the cloud for its massive storage capacity and infrastructure, but have the resources at its disposal to manage everything else itself. If you’re a small or medium sized-business and could benefit from a platform to build upon as well as the infrastructure support, you can go that route. Or, if you want to go in deeper and take advantage of Software as a Service (SaaS) offerings to drive efficiencies in your business, you can do that too. And you can change your mind or shift strategies as business conditions change without having to worry about whether all the hardware you procured last fall will keep up.

2.    Cloud Scalability
Trying to predict demand is difficult at best, and expensive at worst. When you’re wrong, either your customers don’t get the service they expect, or you’ve burned money buying unused capacity.

The vastness of the cloud means it’s easy to scale up or down to meet demand. You can add additional horsepower as you need it, for example during the holiday season, and do it fast, and then go back to normal levels. It’s essentially a pay-as-you-go model that translates into more efficient use of your resources.

Better yet, you don’t need to maintain a bunch of dormant servers yourself just for the few times a year you need them, and you won’t need to use a crystal ball trying to predict how much capacity you need to invest in for the next purchasing cycle.

3.    Cloud Technology
Hardware and infrastructure are critical aspects of doing business online. So it makes sense that some might want to keep that in-house, but think about all the research, procurement, deployment, testing, and maintenance it takes to do this.

That’s a lot of effort, time, and money spent just to get up and running. It’s like having to build a car from the ground up just to get out of the driveway. The cloud, utilizing the latest hardware (and a lot of it), can do all that heavy lifting for you. Instead of building the car yourself, you can focus your attention on where you want to drive it. (And that’s where the action is, right?)

The tremendous capacity of cloud computing and the efficiencies of scale it offers are by themselves a reason to move. When you add SaaS offerings to the mix, you can open up new opportunities for the way you do business. By freeing your attention from having to manage your infrastructure, there’s more room to try new ways of doing business. You can experiment with SaaS, look for efficiencies, and pursue innovations.

Stay tuned

There’s more on the way—in Part 2 of this topic we’ll uncover the last two (big) reasons to move your business in the cloud.

If you’ve made the move to the cloud, what other factors motivated you? What benefits have you seen? And if you’re still thinking about the move, what’s holding your organization back? We’d love to know—leave a comment below! Or download this webinar: How to Drive Business with the Cloud!

ARMA International, a not-for-profit professional association and the authority on data management of records and information, developed 8 Generally Accepted Record-keeping Principles:

1.    Accountability- Assign staff that will be responsible for documenting records management policies and procedures as well as implementing and auditing the records management program.  Policies and procedures should be kept up-to-date and audits should be conducted to ensure compliance and understanding.

2.    Integrity- Guarantee the authenticity and integrity of records by:

• Adherence to organizational policies and procedures
• Appropriate staff training to ensure understanding of the program
• Reliability of  the creation, maintenance and storage of organizational records
• Provide a documented audit trail

3.    Protection- Have reasonable levels of protection that are private, confidential, secure and essential to organizational operations.  To achieve this, organizations should develop the following safeguards:

• Administrative – security policies and training
• Physical – Locks, security systems, key card access
• Technical safeguards- Computer encryption, password policies, restricted access, and security practices such as dual-factor authentication

4.    Compliance- Designed to ensure the organization is in compliance with applicable laws and organizational policies. Two examples would be: PCI and HIPAA compliance.

5.    Availability- Organizations should have the ability to identify, locate and retrieve records as needed.  Records can be retrieved electronically keeping in mind that electronic records should have an established disaster recovery plan to ensure records can be accessed in the event of a natural disaster.

6.    Retention- Determine retention periods to for records based on the appropriate legal, regulatory, fiscal, operational and historical requirements. They should also be destroyed properly at the end of their lifecycle.

7.    Disposition- Provide secure disposition for records that are no longer required to be maintained according to law or organizational policy.

8.    Transparency-Records management programs should be documented, clear and available to staff or other interested parties such as auditors, investigators or attorneys.

For more information on keeping your data secure- click here to download our security checklist!

Lehigh Valley Technology Event

Ah, lovely April.  Spring is in the air, flowers are in bloom and a young code-slinger’s fancy quickly turns to…HACK-A-THONS!  Yes, hack-a-thons.

What is a Hack-a-Thon?

Forty-eight hour long sleepless, sweaty coding marathons where ad hoc teams of code developers, web designers and free-range entrepreneurs meet to solve problems, build applications and cavort amongst their comrades.  There are lots of different kinds of hack-a-thons (technology events) these days and they generally fall into two flavors: theme-specific or general.  My favorite hack-a-thons are the general flavored ones, mostly for two reasons:

1) I’ve always been a big fan of creative entropy

2) The networking possibilities are greater amongst general purpose hack-a-thons, because they attract first-timers to the game of problem-solving.

What kind of problems, you ask? “What kind you got?” they reply with gritted-teeth and a pre-CrazyChairGuy Clint Eastwood stare.

Actually, the “what problems are we gonna solve with computers” is a big part of the draw for many who attend a hack-a-thon.  For some, they have an idea in their head that they want to test out in a less-tense environment than in front of potential investors.  For others, they like the challenge of helping others refine, brand and market their burgeoning solutions.  For still others, it’s a great place to play and experiment with design or development ideas too tangential or too diverse from whatever their day job pays them to create or code.  These technology events are three-fourths work and concentration, one-quarter entrepreneurial role-playing game. For forty-eight hours, you don the costume of a mover, a shaker, a code-cowboy, an edgy designer or the guy or gal Friday who gets it done!

Golly, that sounds like fun, a (small) number of you are saying, but where could I find a hack-a-thon?  Better yet, close to my home base in Philly or New York or surrounding areas this weekend?

Better still, that’s this weekend?  Easy, my pretend audience member:  the Lehigh Valley Hack-a-thon 2013!  The brainchild of the informal group of cyber-evangelists called Lehigh Valley Tech, LVHack2013 is the second (and slightly grander) outing of what its founders hope to become an annual destination for the Lehigh Valley’s tech crowd and the larger circle of businesspeople and entrepreneurs, those who flock to see and gain the technological edge even as its emerges from the foundry. INetU is a promoter sponsor of the event. I will be there on 4/5 and 4/7 representing INetU.

This year, the Lehigh Valley Hack-a-thon moves into a new home: the Fowler Family Southside Center at Northampton Community College’s South Side campus in Bethlehem, PA.  In addition to being closer to Bethlehem’s vibrant South Side with the Sands Casino and Steel Stacks, the Fowler Center has an even geekier advantage than last year’s venue: lasers!!!  “This year the hack-a-thon just a few hundred yards from a high-tech prototyping laboratory, so the participants will have access to tools like a 3D printer, a laser cutter, CNC routers, as well as other advanced equipment.”  As cheap wireless sensor technology and commodity priced programmable microprocessors become available at your local Radio Shack, more and more technology pioneers are giving hardware ideas and prototyping as much effort and time as software prototyping occupied even a few years ago.

So what will a room-full of thinkers, dreamers and makers do with an entire desktop factory at their disposal and a carte-blanche, ad-hoc approach to problem-solving produce? Find out this weekend as the all-powerful Hack Clock starts at the Lehigh Valley Hack-a-thon 2013.

But fret not, future hack-a-thon attendees!  Tomorrow comes the really fun part:  A Twitter-based Q and A with the LVHack2013 leader, Tim Lytle (@TimLytle).

Being Twitter-based, my questions were 140 characters and so were his responses. You can follow my twitter at @INetUTHarrison to catch all of the action!

A leaked version of a Windows 8 Update has surfaced with the code name of Windows Blue. Microsoft has acknowledged this update. They are “working … on plans to advance our devices and services, a set of plans referred to internally as Blue,” the company said in The Official Microsoft Blog yesterday.

These leaked updates feature the following:

-         Smaller tile arrangements

-         Larger start screen desktop tile

-         More room for customization

-         More touch-friendly settings

-         New alarm, sound recorder, and calculator apps

-         Internet Explorer 11

-         App settings section that gives options to change default apps and provides information on app sizes

-         New screenshot option that lets you quickly share an image with applications

In addition to these updates, snap views will promote multi-tasking, allowing apps to be moved side by side. Tabs will have the capability to be synced across multiple devices. Up to 4 snapped apps can be arranged alongside each other. This is probably the most significant improvement.

Another note- SkyDrive options in the update appear to show greater integration with auto camera uploads and control over device back-ups and files. There hasn’t been anything leaked that affects the business desktop user or IT so far, but more details and small improvements are sure to follow.

Windows Blue will be previewed to the public in the coming months, and will have a full release later this year.

2 weeks ago, I had the opportunity to attend HIMSS13 with INetU in New Orleans, LA. This was our 4th year attending HIMSS (Healthcare Information and Management Systems Society) and the Cloud was more prominent than ever. In addition to increased Cloud awareness, ICD-10, the most recent code sets used to report medical diagnoses and inpatient procedures was a heavily covered topic along with Mobile Health. We noticed a lot more people than previous years asking about security and HIPAA (Health Insurance Portability and Accountability Act) in regards to the cloud.

So, How can Protected Health Information be safe on the cloud?

HIPAA and HITECH (Health Information Technology for Economic and Clinical Health ) include several technical and policy requirements that healthcare providers and their business partners who handle PHI (Protected Health Information) must follow to be considered HIPAA-compliant. Storing PHI on the cloud might seem unnerving at first—I’m supposed to trust my most business-critical and legally sensitive information to a third-party located who-knows-where? Shouldn’t I keep everything locked up in-house?
You could, but when you think about it, doctors and other healthcare providers specialize in healing, not in firewalls, encryption, or interpreting complex federal regulations. A reputable, experienced HIPAA hosting provider with compliance expertise can handle the technical details of protecting sensitive data, storing and transmitting it securely, and keeping vigilant against threats. That way, healthcare providers can focus on what they do best—taking care of their patients.

Get Your HIPAA Hosting Provider to Put it in writing

According to HIPAA, a business associate is a person or entity that, generally speaking, has contact with PHI. It’s a good idea to get a written Business Associate Agreement (BAA) with any business or organization that you share PHI with.

Even though a HIPAA hosting provider doesn’t typically have direct contact with PHI but rather simply stores it, a formal agreement is still a good idea. You want a HIPAA hosting provider who you can treat as a true partner, especially if any issues or questions should arise later, and a formal agreement can provide that assurance.

Take Action Today

Click here to download our Checklist for Choosing a HIPAA Hosting Provider.