Category: IT Regulation

Three Common Data Terms Defined

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, data center, IOT, IT Regulation, Software Development

Data is growing exponentially

image courtesy of itpro.co.uk

Today’s business leaders can be inundated with large data sets presented to them and challenged to determine the best tools to manage and analyze the data. To stay competitive, they need to use historical information to reveal patterns and trends for the future. Understanding and interpreting data have become a vital process for business although some may become intimidated by the amount of data available. Traditionally, data is owned by the IT department of the business. Today, other departments within a business such as human resources (HR), marketing or sales require this information and want it without the delay of IT intervention. This has created the need for non-IT business managers to be acquainted with technical terms and processes previously understood only by the IT department. The vernacular of IT and the speed it changes can be as overwhelming as the data itself. In this brief article, I will introduce three of the most common data terms and define each.

Big Data

Big data is one of several terms in the cloud computing category whose meaning has been diluted with its overuse. I define big data as data sets that are stored by a business for analysis to predict future patterns and trends. I believe the term big data was first introduced as the data businesses needed to manage became too large for its traditional data processing applications. This can be partially ascribed to the fact that in the last two years 90% of the current electronic data has been created. Data capacity and data transmission speed have changed more than any other single technology in IT. For instance, my first computer had a 30 MB hard drive, enough storage for about 20 of the 500 pictures on my smart phone today. It seems like each year we are forced to learn a new term for data capacity. Here are the terms we hear most often today as it relates to the size of data files:

**chart courtesy of techterms.com

In addition to the vast amounts of data businesses need to analyze there are other challenges to big data. First, the variety of forms the data can take such as text, images, and video can test a company’s systems. Additionally, today’s regulatory trends protecting data privacy complicate procedures and policies for the enterprise to store big data. Businesses today storing and analyzing the data must be familiar with the regulations and best practices to protect the identities of all users within the data. Big data has become a tool for creating critical insight for business, but if not managed well it can be more problematic than useful.

Metadata

The simplest definition of metadata is information about the data. Metadata is typically considered to be one of two forms, descriptive or structural. A common example of descriptive metadata is contained in the pictures we take with our smart phones. The picture has additional information attached (metadata) that will describe the time, location and even information about the camera that took the photo. An example more applicable to business users is a column heading of a spreadsheet, this metadata contains vital information needed in understanding the primary data in the spreadsheet. Information stored in a Word document describing who created the document and when it was created is another common example of metadata. These examples provide good insight as to some of the privacy concerns of stored data. It is not uncommon for personal identifiable information (PII) to be hidden in metadata in data files. If not properly secured it will create exposure to breaches and violations of IT regulations.

Structural metadata can be more complicated, it describes data objects or components of the files. Like a book has a table of contents, chapters and pages, structural metadata can guide managers through and help define the components of large data files. Structural metadata is often used in big data applications such as databases which can offer little value without systems to identify components of value to the different business units within an organization. These systems, most times based in a software package, are referred to as data modeling.

Data Modeling

Data modeling is defined as the process of creating a software framework for data information systems by applying formalized techniques. The data modeler will define and analyze the requirement for each unique business unit and initiate processes to allow them to get the most benefit from the data. Data modeling is typically a customized application. There are some off-the-shelf data modeling packages, but they tend to be of little use without customization by an expert.

As data grows so does the insight it offers the business for their future trends. It can also grow out of control if not managed properly, creating substantial risk for the business. As businesses collect and use the data they also need to engage experts to mitigate this risk. A trusted advisor and expert can offer best practices for storing, retrieving and analyzing big data. Two Ears One Mouth IT Consulting will meet with you, discover and understand your data needs and guide you to the right partner and processes to provide these services.

Contact @ Jim Conwell (513) 227-4131     jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

 

Colocation’s Relevance Today for Business

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, colocation, data center, disaster recovery, healthcare IT regulation, IT Regulation

The past several years have shown a “cloud-first” strategy evolve for business with their IT infrastructure. The inclination for a total on-premises infrastructure has decreased as hybrid cloud solutions have expanded. While off-premises solutions are the up and coming choice for many businesses, on-premises continues to be utilized with most companies. As businesses look at their IT strategies for the future, they should explore options to the cloud and consider the reasons why cloud may or may not be the best fit for all their applications. Businesses have seen the value of taking their data off site for years without handing it over to a cloud provider. The primary alternative has been collocation (colo). Many have seen a renewed interest of colo with the growth of hybrid cloud, as the large public cloud providers have implemented changes to their products to promote hybrid cloud architectures.  Here I will review these changes and discuss colocation’s relevance today for business.        

Colo defined and best use cases

Colo allows organizations to continue to own and maintain control of their IT hardware while taking advantage of an off-premises solution that offers increased uptime and security. As a part of the colo agreement, the data center will offer space, power, and bandwidth to its clients in a secured and compliant area within their facility. Although data centers are some of the most secure places in the world, they still can offer their clients access to their IT resources 24 hours a day, 365 days a year. They accomplish this through multiple layers of security including security guards, video monitoring and biometrics. This ability for colo customers to access and touch their data provides a psychological advantage for many businesses.

Another advantage of colo is power which can be offered with options including multiple power utilities. Redundant power offers additional safeguards against an IT outage. This type of power configuration is not available in most business’s office buildings. Also, a data center can offer power at a reduced rate because of their purchasing power with the utility. With more power comes more cooling requirements. The data center also provides better cooling, again with spare resources to assure it’s always available. Finally, bandwidth is a commodity the data center buys in bulk and offers to its colo customers at savings.

Regulatory compliance is another important advantage driving users to a colo solution. Colo provides its customers instant access to an audited data center, such as one with SOC 2 compliance. Colo has long been believed to offer more security and compliance than on-premises or cloud.

Considerations before moving to colo

The primary items to consider before moving to colo in a data center relate to the space and power components of the solution. Colocation space is typically offered by the data center provider by the rack or by a private cage consisting of multiple racks. In either offering, a prospective buyer should consider the requirements for expansion of their infrastructure. In a cage, a customer is typically offered “reserved space” within that cage to be purchase and can then activate when required. When the customer doesn’t require the segregation of a cage, they will purchase racks that are adjacent to other business customers, which can make expansion more complex. Customer-focused data centers allows a business to reserve adjacent racks without activating the power and therefore are priced at a discounted rate. It is important to have contiguous space in a data center colo so consider additional space for growth with the initial purchase. 

Regarding power make sure you research the amperage and voltage requirements for your infrastructure and its potential for growth. Data centers will have many diverse power offerings so consult with an expert like TEOM for the requirements of your IT equipment.

Today’s evolving advantages of colo

Most of today’s business IT infrastructures, on-premises or colocation, will utilize some type of cloud presence for required applications such a disaster recovery. The byproduct of this growing trend is hybrid cloud implementation. Like the term cloud, a hybrid cloud can have many definitions. For our purposes here, hybrid cloud will be defined as resources complementing your primary on-premises infrastructure with a cloud solution. The large public cloud providers, most often used by businesses, have expanded their presence beyond their own data centers to occupy a cage of colo in large multi-tenant datacenters. This enables the cloud providers to get physically closer to their customers, which creates an advantage for a business user in that data center needing to implement a hybrid cloud solution.

Previously, customers of the large public clouds have relied on either the internet for inexpensive connectivity or expensive dedicated telecom circuits to connect “directly” to their cloud provider. Direct connections have been prohibitively expensive for most businesses because of the high cost of telecom circuits that are required to reach the public cloud. Some have justified the high cost of direct connect due to increased security and the greatly reduced costs of data egress. Egress charges are the cost to move data from the public cloud to the business. Typical egress charges for public cloud providers can be as much is $.14 per gigabyte. When direct connections are established egress charges are greatly reduced to as low as $.02 per gigabyte as of the time this article was written. Because of this direct connect can save users thousands of dollars while greatly increasing security. When the public cloud provider is in the same data center as the colo customer a direct connection to take the form of a “cross connect” within the data center. This common data center service is a fraction of the cost of the telecom circuits mentioned previously. This enormous economic benefit can be multiplied if the business connects to multiple public clouds (multi-cloud).

A more recent trend has the large public cloud providers creating a hybrid cloud on the customer’s premises. Microsoft’s solution, called Azure Stack, was the first introduced, and now has a competitive product from AWS called Outpost. The products, to be covered in a future article, put the hardware and cloud infrastructure of these providers on the customer’s site. This creates additional validation that hybrid is here to stay.

Colo remains relevant today for many of the same reasons it has been chosen for years: availability, security, and compliance. As the large public cloud providers expand outside of their own data centers to get closer to their customers, new advantages for businesses have emerged. When a fiber cross connection in a common data center can be used to direct connect to a public cloud provider, enormous benefits are realized. Ironically, as the public cloud providers grow, colocation has found new life and will remain relevant for the foreseeable future.

If your business wants to stay competitive in this ever-changing environment

Contact us @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

 

Trends for Cloud and IT Providers from the Past Year

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, data center, IT Regulation, IT Security

cloud trends for 2018 cloud trends for last year[/caption]

One of the primary benefits I offer to support my customers is insight and expertise for Cloud and IT services for business. I develop my insight and best practices for clients through working closely with a wide breadth of supplier partners that create the trends in their technology. These IT innovators range from the largest public companies earning billions of dollars each quarter to small entrepreneurs providing IT services to small and medium sized businesses (SMB). Staying current with technology is vital to my customers. Once a year I like to take time to review the trends for the cloud and IT. Here, I will describe recent trends by the primary technologies that are my focus, Infrastructure as a Service (IaaS), Unified Communications as a Service (UCaaS) and IT Managed Service Providers (MSP).

IaaS

Much of the change that occurs in IaaS is created by technologies and services delivered by the cloud hyperscalers such as AWS, Microsoft Azure and Google Cloud Platform. They have created environments that are open to virtually all operating systems and software applications. In a similar fashion, the regional data centers and cloud providers I partner with have evolved to hyper-converged platforms.  Hyper-converged platforms create a software defined IT infrastructure that replaces some of the traditional components of cloud such as storage area networks (SAN) or networking components like firewalls and switches. This trend has also spread to private clouds for organizations that create their own cloud infrastructure on premises.

In addition to hyper-convergence, most IaaS providers have also capitalized on traditional technologies like bandwidth that allows them to better compete with the hyperscalers. These include cloud configurations with a fixed and budget friendly cost structure for data transaction cost or egress. Many hyperscalers customers have been shocked by a low initial cost that rises quickly as their data requirements increase. Most of the trends in IaaS happen first at the hyperscaler then move downstream to the regional cloud providers as they reach general acceptance.   

UCaaS

UCaaS, or hosted IP phone service, has experienced exponential growth with both business users and the cloud providers. The purchase of BroadSoft by Cisco early in 2018 has led the way for many very cost effective UCaaS solutions with enhanced communication features. It is becoming apparent that providers are beginning to reach a critical mass of prospects where the product is being commoditized and the price is a key component of the buyer’s decision process. There have been a handful of providers that have been able to differentiate their UCaaS services through integrations with Customer Relationship Management (CRM) software or other SaaS products. Additionally, some innovative software developers have intrigued customers by taking an “out of the box” view voice communications. Companies like Dialpad, created by ex-Google engineers, have guided their customers to rethink the idea of UCaaS as more than a phone system hosted in the cloud. They have created a new age open communications platform that integrates all the enterprise communication tools. Their solutions often create a voice communication platform without a traditional desk phone. Whatever the technology or provider UCaaS has become ubiquitous. When the business accepts the OpEx model of monthly rental for voice communications the advantages of UCaaS are undeniable.  

Managed Service Providers (MSP)      

In my work to provide guidance to my clients for the best alternatives for cloud providers I often uncover needs for tradition on site IT services. These needs are most often driven by a loss of IT personnel or rapid growth of the company. I wrote an article earlier this last year, Is the MSP Model Right for Your Business, that covered this subject in greater detail. The trend described in the article continues to evolve toward a partner-like relationship between MSP and customer covering the full range of services such as an internal IT department would provide. This mindset is effective if the MSP listens to the customer’s needs and is flexible enough to customize their offering to their specific requirements.

As I stay close and communicate frequently with my supplier partners, I stay abreast of the provider’s changes and how they relate to the industry. I look forward to 2019 as a time of continued growth in cloud computing offerings. As the technology matures it will provide more opportunity to display how the cloud will add value to the business’ IT strategy. Understanding these trends of technology as they evolve will allow Two Ears One Mouth IT consulting to provide valuable insight to clients for years to come.        

          If your business is unique and requires a personalized IT provider strategy and solution

Contact us @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

Cloud Security is a Shared Responsibility

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, data center, IT Regulation, IT Security

shared security model cloud security is shared[/caption]

When I first became familiar with enterprise cloud computing, one of the primary objections of cloud adoption was the security of the data within the applications. Today that has changed; as cloud has matured it is now seen as an option for IT infrastructure that can be designed to be more secure than on premises solutions.  Through the process of designing a cloud infrastructure IT professionals have become aware of the increase security benefits cloud offers. Concurrently, IT data exposure and breaches have become more widespread and security has become a greater responsibility. These factors have led all cloud architects, whether with a cloud provider or working within an enterprise, to realize that cloud security is a shared responsibility. Cloud security is shared in two respects, first within the different groups of the enterprise and secondly, the responsibility of securing data is split between the enterprise and the cloud provider. For the purpose of this article we will focus on the sharing of security responsibilities between the enterprise and the provider. I will segregate three categories of cloud computing responsibility in order to simplify the roles and responsibilities: infrastructure, operating systems including applications and customer data.  

Private Cloud

Most IT users today consider a virtualize stack of IT infrastructure on premises a private cloud. In this scenario, as existed before cloud computing, the enterprise is responsible for all aspects of security. In an on-premises private cloud infrastructure the enterprise needs to secure their data from all physical, technical or administrative threats. With large organizations the security responsibilities can be shared within groups of their IT departments which may include network, security, application and compliance.

Infrastructure as a Service.

The greatest security coordination concerns come from a public or hybrid cloud configuration such as infrastructure as a service (IaaS). With an IaaS environment the enterprise has agreed to have the provider manage the infrastructure component of the IT security. This enables the enterprise to outsource all security and regulatory concerns concerning the actual server hardware. They also realize benefits of physical security because their IT infrastructure is off premises and in a secured facility. Many times, regulation or even large customers, will mandate an audited data center standard such as SOC 2 for their IT infrastructure as a requirement of the business partnership. Creating an audited SOC 2 compliant data center on premises can be costly and time-consuming. The hosting of their IT infrastructure in an audited and physically secure data center is one of the greatest benefits of IaaS.

Beyond the physical infrastructure, the IaaS or cloud provider also assures the security of the software hypervisor that orchestrates the virtualized cloud operating systems and services. However, the enterprise is still responsible for the operating systems of the virtual servers and the security patches the software developer issues for them. Additionally, the enterprise is responsible for the security of all their own software applications and the data that resides on them. Some cloud providers will offer managed services to their clients that will include security functions. The provider may offer a managed firewall, monitoring and even malware protection for the virtual servers they host. These services add value as the provider is more familiar with security best practices in the IT infrastructure stack than the enterprise. Still there is always a shared responsibility for security with the enterprise always responsible for their own data. 

Software as a Service (SaaS)

SaaS is the cloud technology the majority of businesses have the most experience with and understand the best. Common SaaS platforms like Microsoft Office 365, Google G Suite or CRM based software like salesforce.com have made SaaS commonplace. Virtually the whole IT stack is owned by the provider in a SaaS platform, however, the enterprise still does still have security responsibilities. The enterprise’s primary security responsibility is concerned with their own data. The business owns their data and needs to ensure it is free of malware and other external threats. They also need to protect the end points such as laptops and tablets that are used to access the SaaS data.

Additional Considerations

Other IT security responsibilities the enterprise needs to consider in any Cloud environment are connectivity, authentication and identification services as well as managing abandoned resources.

Connectivity to the cloud provider is most secure when a private circuit or connection can be implemented. If a private connection is not practical the enterprise needs to create a secure connection such as a virtual private network (VPN) and assure a secure connection is created over public internet.

Authentication and identification of network users is an integral part of any enterprise IT network. Additionally, it is equally important to integrate any authentication or directory service with the cloud solution. A solution like Microsoft Azure AD is considered by many as a best practice for this complicated process. It was described in some detail in a previous article Active Directory (AD) in the Cloud. Finally, a frequent cause for concern, especially with enterprises that employ large IT staffs, are abandoned resources. These are cloud instances that were created and have lost their relevance and have been forgotten. They can reside in a public cloud for years, with continued billing, and the customers data is open to the public since they were created in a  time with less stringent security policies. Periodic billing review and the monitoring services security platforms offer can eliminate this waste.

Business cloud solutions offered to the enterprise come in many different configurations that vary as to the type of infrastructure, software and services offered. In all cloud environments security requires a shared responsibility as well as a layered approach coordinated between the cloud providers and the enterprise.  A supplier agnostic advisor like Two Ears One Mouth IT Consulting can assist by helping a business find the right provider and security services for your business’s applications.      

 

If your business is unique and requires a custom cloud security solution for IT Support

Contact Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

         

MSP model

Is the MSP Model Right for Your Business?

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, IT Regulation, IT Security

mspornot2

In my initial article, What’s a Managed Service Provider (MSP), I introduced the concept of an MSP and its advantages. The article describes how a growing organization evolves when it transitions from calling an individual IT service provider each time an issue presents itself to developing a relationship with a  trusted partner that delivers a full scope of IT services. To review some pertinent definitions: an IT services provider follows a traditional model of being contacted when needed and are paid for their services by time and materials. An MSP provides the full scope of services and in many cases, the outsourced MSP is the business’s IT department. Today the MSP deliverable of a flat fee for services has become widespread and accepted. For a business to transition to an MSP, one vital characteristic must be present… trust. Trust can be difficult to create if the company has no prior experience with the provider. On the other hand, trust can be built when the provider is transparent with their motivations and offerings within the MSP model. In this article, I will dig deeper into the MSP offering to help answer the question is the MSP model right for your business?

Primary Components of the MSP

The concept of managed services has become so popular that some IT providers fail to offer other options to their prospects. A typical MSP agreement will include all phone and remote support services as well as an allowance for on-site labor. Projects out of the scope of the agreement are billed according to time and materials. MSP customers will typically receive a discounted labor rate on project work. The MSP model allows the provider to include a rental fee for certain critical IT infrastructure hardware. Critical IT hardware may be devices such as firewalls, the first defense of IT security and ethernet switches that are the foundation of the IT network. The MSP requires a detailed understanding and control of all the devices on the network in order to manage them properly.

What’s driving the MSP model?

The growth of the MSP model has come from the way it benefits customers as well as advantages realized by the MSP. While the MSP Model is not always the customers first choice, there are factors in the market that are driving customers to embrace this model. To follow are the primary factors that have driven the customer to accept the model.

A scarce and competitive marketplace for talent-

Most small and medium-sized businesses can’t find or can’t afford the IT resources their company requires. When they do find affordable candidates, they typically have a specific skill set that can’t match the depth of expertise the MSP can deliver.   

Organic growth and mergers-

Because of the organization’s explosive growth, sometimes through mergers, it is impossible for the customer to maintain or even be aware of the IT team they require at any given time. The MSP relationship and their technical staff can allow the business to scale up or down quickly their IT support.

Chief Information Officer (CIO) as a service-

Since its inception, IT providers have always looked for ways to create additional value for their clients. One of the first ways they accomplished this is by making recommendations for future technology to test and implement. This is the type of service the CIO provides for a large enterprise, which can take the form of periodic meetings where the provider is updated on the business strategy to help determine technological recommendations. These regularly scheduled meetings or Quarterly Business Reviews (QBRs) initiate a mutually beneficial relationship that lead to a long-term partnership.

As a service instead of purchase-

Renting technology infrastructure instead of an outright purchase may be advantageous due to IT hardware’s limited life. It can also create positive cashflow and other financial advantages for the business. This is an “as a service” model introduced by the cloud computing industry where expensive server hardware is rented instead of purchased.

The IT provider will also receive benefits from the MSP model. It was in large part designed by providers to solve the challenges of both parties.

Consistent revenue

Historically the small IT service provider has struggled, as any small business, creating a consistent revenue and cash flow. The MSP model with its monthly recurring charge (MRC) helps to relieve this challenge. Predictable revenue in addition to an educated customer who is more aware and consistent with their IT demands helps to build the successful model. In a similar fashion, the MSP model helps with hiring decisions and scheduling technicians for customer service calls. With this partnership, the MSP gets to know the needs of the customer better and can predict their requirements more accurately.

Outsourcing by the Outsource-

Some parts of the total MSP solution are not provided by the local provider but rather outsourced to one of their vendors. These services are typically security and monitoring based offerings that offer great value but are costly to implement without large quantities of clients. These services will take the form of malware and antivirus software for endpoints coupled with proactive monitoring as a service. These services enhance the offering and can add profit margin for the MSP. Some popular providers of these types of services are SolarWinds, Webroot and Datto. These companies have grown significantly as part of the MSP trend. They work exclusively with MSPs, never end-users, which helps protect the MSP product.

The MSP model makes sense for most businesses, but not all businesses all the time. When a client has recently experienced growth and is desperate for quality support it can be an easier conversion for the MSP provider. It will be a challenge to justify the cost if the customer’s experience has been in the pay-as-you-go model. This is where the MSP needs to show flexibility and understand that trust is a major part of the solution. They may need to scale back some services and present a custom solution that eases the customer into the MSP model and builds the trust required. A supplier agnostic advisor like Two Ears One Mouth IT Consulting can assure the supplier selection process is transparent and the best option is chosen that will enable trust and a long term partnership.

If your business is unique and requires a custom solution for IT Support

Contact us @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

a cloud buyers guide

A Buyer’s Guide to Cloud

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, colocation, data center, disaster recovery, IT Regulation, IT Security, Latency, migration, protecting cloud resources, Uncategorized

buyguide_Cloud

Most businesses have discovered the value that cloud computing can bring to their IT operations. They may have discovered how it helps to meet their regulatory compliance priorities by being in a SOC 2 audited data center. Others may see a cost advantage as they are approaching a server refresh when costly hardware needs to be replaced. They recognize an advantage of placing this hardware as an operational expense as opposed to the large capital expense they need to make every three years. No matter the business driver, the typical business person isn’t sure where to start to find the right cloud provider. In this fast paced and ever-changing technology environment these IT managers may wonder, is there a buyer’s guide to Cloud?

Where Exactly is the Cloud?…and Where is My Data?

Except for the cloud hyperscalers, (Amazon AWS, Microsoft Azure, and Google) cloud providers create their product in a multi-tenant data center. A multi-tenant data center is a purpose-built facility designed specifically for the needs of the business IT infrastructure and accommodates many businesses. These facilities are highly secured and most times unknown to the public. Many offer additional colocation services that allow their customers to enter the center to manage their own servers. This is a primary difference with the hyperscalers, as they offer no possibility of customers seeing the sites where their data resides. The hyperscale customer doesn’t know where there data is except for a region of the country or availability zone. The hyperscaler’s customer must base their buying decision on trusting the security practices of the large technology companies Google, Amazon, and Microsoft. These are some of the same organizations that are currently under scrutiny from governments around the world for data privacy concerns.  The buying decisions for cloud and data center for cloud seekers should start at the multi-tenant data center. Therefore, the first consideration in a buyer’s guide for the cloud will start with the primary characteristics to evaluate in the data center and are listed below.

  1. Location– Location is a multi-faceted consideration in a datacenter. First, the datacenter needs to be close to a highly available power grid and possibly alternate power companies. Similarly, the telecommunications bandwidth needs to be abundant, diverse and redundant. Finally, the proximity of the data center to its data users is crucial because speed matters. The closer the users are to the data, the less data latency, which means happier cloud users.
  2. Security– As is in all forms of IT today, security is paramount. It is important to review the data center’s security practices. This will include physical as well as technical security.
  3. People behind the data– The support staff at the datacenter creating and servicing your cloud instances can be the key to success. They should have the proper technical skills, responsiveness and be available around the clock.

Is My Cloud Infrastructure Portable?

The key technology that has enabled cloud computing is virtualization. Virtualization creates an additional layer above the operating system called a hypervisor that allows for sharing hardware resources. This allows multiple virtual servers (VMs) to be created on a single hardware server. Businesses have used virtualization for years, VMware and Microsoft HyperV being the most popular choices. If you are familiar with and have some secondary or backup infrastructure on the same hypervisor as your cloud provider, you can create a portable environment. A solution where VMs can be moved or replicated with relative ease avoids vendor lock-in. One primary criticism of the hyperscalers is that it can be easy to move data in but much more difficult to migrate the data out. This lack of portability is reinforced by the proprietary nature of their systems. One of the technologies that the hyperscalers are beginning to use to become more portable is containers. Containers are similar to VMs however they don’t utilize guest operating systems for the virtual servers. This has had a limited affect on portability because containers are a leading-edge technology and have not met widespread acceptance.

What Kind of Commitment Do I Make?

The multi-tenant data center offering a virtualized cloud solution will include an implementation fee and require a commitment term with the contract. Their customized solution will require pre-implementation engineering time, so they will be looking to recoup those costs. Both fees are typically negotiable and a good example where an advisor like Two Ears One Mouth can assist you through this process and save you money.

The hyperscaler will not require either charge because they don’t provide custom solutions and are difficult to leave so the term commitment is not required. The hyperscaler will offer a discount with a contract term as an incentive for a term commitment; these offerings are called reserved instances. With a reserved instance, they will discount your monthly recurring charge (MRC) for a two or three-year commitment.

Finding the best cloud provider for your business is a time-consuming and difficult process. When considering a hyperscaler the business user will receive no support or guidance. Working directly with a multi-tenant data center is more service-oriented but can misuse the cloud buyer’s time. The cloud consumer can work with a single data center representative that states “we are the best” and trust them. Alternatively, they can interview multiple data center provider representatives and create the ambiguous “apples to apples” spreadsheet of prospective vendors. However, neither is effective.

At Two Ears One Mouth IT consulting we will listen to your needs first and then guide you through the process. With our expertise and market knowledge you will be comforted to know we have come to the right decision for you company’s specific requirements. We save our customers time and money and provide our services at little or no cost to them!

If you would like assistance in selecting a cloud provider for your business contact us at:

Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

automation help build cloud infrastructure

What is Code as a Service?

by Jim Conwell, posted in cloud automation, Cloud Computing, IT Regulation, protecting cloud resources

 

CaaS

When I first started experimenting with the public cloud providers I, like many, began by setting up demo accounts and creating virtual servers. It isn’t a complicated process to create servers, particularly if you compare it to the process of buying hardware and loading software that was required 10 years ago. Cloud computing’s self service capabilities have caused a major disruption in the business of information technology. But even as I “spun-up” servers in a matter of minutes or seconds I began to wonder; how does the large enterprise migrate to and manage their cloud environment? How do they maintain the IT governess and framework with their cloud infrastructure as they have with their on premises infrastructure? How do they maintain standards considering all the ever-changing choices so commonly provided by the cloud vendors? I could see these questions as an issue with small implementations, but how does the enterprise handle this across dozens or even hundreds of cloud architects creating virtual servers? In short, the question I attempt to answer here is what tools are available to maintain IT governance and security compliance in the “move fast and break things” world of the cloud? The answer to all the questions can be found it what has been coined as Code as a Service (CaaS) or Infrastructure as Code (IaC).

Automation with Code as a Service

CaaS’s primary service or function is automation. It uses software to automate repetitive practices to hasten and simplify implementations and processes. A valuable byproduct of this automation is consistency. When processes are automated they can be designed from the start to follow the rules of regulation and governance of the organization. They help assure that no matter how fast process is moving or how many users are involved, governance is maintained.

 Popular Code as a Service tools

There are a host of these tools designed to automate and govern the development of software and IT infrastructure. To follow are examples, starting with the most general IT automation systems and moving to tools designed to work more specific to work with cloud infrastructure.

Ansible

Ansible is an open source automation software promoted by Redhat Corporation. In addition, to cloud provisioning, it assists in application development, intra-service orchestration, and configuration. Ansible uses the simple programming language YAML to create playbooks for automation. Ansible has many modules that integrate with the most common cloud solutions such as AWS, Google Cloud Platform (GCP) and VMware.            

Teraform

Terraform is an infrastructure as code software by Hashi Corporation. It primarily focuses on creating data center infrastructure that is provided by large public clouds. Teraform utilizes JSON language to define infrastructure templates with integrations such as AWS, Azure, GCP, and IBM cloud.         

Kubernetes

Kubernetes is an open source project started by Google and donated in its entirety to the Cloud Native Computing Foundation (CNCF). It orchestrates and automates the deployment of containers. Containers are a different type of virtual server that has promoted and added to the popularity of micro services. Micro services create business applications by combining many smaller applications to create the entire solution. Micro Services are used to increase agility and uptime and make maintenance of the application easier and less disruptive.

CloudFormation

CloudFormation is Amazon Web Services CaaS application that is provided to its customers at no charge. CloudFormation templates can be written in YAML or JSON and make the deployment of AWS services at scale quicker and more secure. CloudFormation saves massive amounts of time for the enterprise cloud architect and insurers all instances maintain the IT governance of the organization.

Code as a Service is a valuable tool for cloud architects and businesses to create cloud native applications or migrate their applications to cloud service providers. There are many products, but most are opensource and will utilize playbooks or templates to assist in creating the cloud infrastructure in a compliant manner.        

If you would like to talk more about strategies for migrating to or creating cloud infrastructure contact us at:
Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net
www.twoearsonemouth.net
we listen first…
migrating datta to cloud

Compliance with Current IT Regulation

by Jim Conwell, posted in Cloud and IT Consultants, IT Regulation

Because of the explosion of data breaches in the past 10 years, most businesses are aware that compliance with IT regulation and security policy is imperative. That doesn’t stop the governments of most nations enforcing regulation to remind us of this. Maybe it’s because I have been in the IT industry most of my life, but I believe IT regulation is vital in this digital age. However, it is typically vague and much less effective than written law. Government regulation tends to be difficult to understand and followed without assistance. One way businesses are assisted with IT regulation is by following a certified IT framework. These frameworks are written in less general terms and describe IT “best practices”. Businesses can use them as a reference to achieve regulatory or security compliance.

Popular IT Frameworks

Cobit a framework designed by Information Systems Audit and Control Association (ISACA) provides management and business process owners with an information technology (IT) governance model that helps in delivering value from IT and understanding and managing the risks associated with IT.

ISO 38500 an IT framework used by management and originated and maintained by the International Organization for Standardization (ISO) and the International Electro Technical Commission. (IEC). It is similar to and builds upon previous ISO frameworks.

Calder-Moir an IT Super-Framework that pulls all the existing frameworks together in a way that enables an organization to maximize its benefit. CALDER-MOIR IT Governance Framework is designed to help you use all these overlapping and competing frameworks and standards.

Common IT Regulation

HIPAA

A government regulation created in the Clinton Administration, the Health Insurance Portability and Accountability Act (HIPAA) primarily mandates compliance for the security of Protected Health Information (PHI). Originally passed in 1996 it was later amended to include the Health Information Technology for Economic and Clinical Health Act (HITECH) and the Omnibus Rule. HIPAA promoted physical, administrative and technical safeguards for the protection of PHI. It contained some of the strongest language to date of any regulation under the Privacy, Security, and Enforcement rules. It is the most important and revolutionary regulation of our time.

GDPR

The European Union’s (EU) General Data Protection Regulation (GDPR) replaced the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe. GDPR was approved by the EU parliament in April 0f 2016 and was enacted in May of 2018. It is designed to protect the data of all EU citizens whereever in the world they reside or do business. As is the case with most new regulation some of the details and enforcement are not clear yet. Most US based multi-nationals have taken this very seriously and have begun the process of compliance. For small and medium business (SMB) compliance starts with several questions:

  • Do we have data of EU citizens?
  • Is the data benign such as found on a business card or more details such as health records or political or religious affiliation?
  • Where is this data and how can we protect it?

While complete compliance may be not possible currently the best practice for SMB is to know where the data resides and to develop and document policies for its protection.

PCI DSS

In addition to government regulation, industry associations have aligned to create a compliance standard for their data. One primary example of this is the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS develops a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents. The PCI Security Standards Council originates the standards for compliance with all credit card information as well as an approved list of assessors who audit and validate an entity’s adherence to PCI DSS.

Regardless of the size of your business, if you have an IT presence you are likely subject to regulation. However, with a strong IT partner that has a deep understanding of IT frameworks like Two Ears One Mouth, compliance can be achieved.

             If you would like to talk more about strategies for IT compliance contact us:

                           Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

  we listen first…

Three Reasons to Use a Local Datacenter and Cloud Provider

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, Edge Computing, IT Regulation, Latency

Cincinnati-dc

photo courtesy of scripps.com

Now that the business cloud market has matured, it has become easier to recognize the leaders of the technology as well as the providers that make the most sense to partner with your business. Many times that can be a local datacenter and cloud provider. There are many large public cloud providers and most agree on three leaders:  Amazon Web Services (AWS), Microsoft Azure and Google Cloud. Google has been an uncharacteristic laggard in the space and seems to be struggling with the Business to Business model (B2B). Clearly, a B2B strategy can evolve from Business to Consumer (B2C) strategy, one can look no further than the public cloud leader AWS.

Whether Google Cloud can succeed is unclear. What is clear, however, is that there will always be a place for large public cloud providers. They have fundamentally changed how IT in business is done. The mentality the public cloud help to create, “go fast and break things“, has been an important concept for the enterprise IT sandbox.

Where Does the Local Data Center Fit in?  

I also believe there will always be a place in business IT for the local data center and cloud provider. The local data center and cloud provider mentioned here is not an engineer putting a rack up in his basement, or even the IT service provider whose name you recognize hosted in another data center. The local data center I am referencing has been in business many years, most likely before the technology of “cloud” was invented. My hometown in Cincinnati, Ohio has such a respected data center, 3z.net. 3z has been in business for over 25 years and offers its clients a 100% uptime Service Level Agreement (SLA). It has all the characteristics a business looks for in an organization it trusts its data with: generator, multiple layers of security, and SOC II level of compliance. It uses only top tier telecom providers for bandwidth and its cloud infrastructure uses technology leaders such as Cisco and VMware.  Most of all, 3z is easy to do business with.

To follow are three primary reasons to use a local datacenter.

Known and Predictable Cost-

The local data centers’ cloud cost may appear more expensive on the initial cost evaluation; however, they are often less expensive in the long run. There are many reasons for this but most often it is based on the rate charged for transmitting and receiving data to your cloud. Large public clouds charge fees based on the gigabyte of outbound data. While it is pennies per gigabyte, it can add up quickly. With the per gigabyte charges, the business doesn’t know all their costs up front. The local datacenter will typically charge a flat fee for monthly bandwidth that includes all the data coming and going. This creates an “all you can eat” model and a fixed cost.

Customized and Increased Support for Applications-

Many of the applications the enterprise will use cloud may require customization and additional support from the cloud provider. A good example of this is Disaster Recovery (DR) or Disaster Recovery as a Service (DRaaS). DRaaS requires a higher level of support for the enterprise in the planning phases as most IT leaders have not been exposed to DR best practices. Additionally, the IT leaders in the enterprise want the assurance of a trusted partner to rely on in the unlikely event they declare an emergency for DR. In many of the local cloud provider and datacenters I work with, the president of the datacenter will happily provide his private cell phone number for assistance.

Known and Defined Security and Compliance-

Most enterprise leaders feel a certain assurance of knowing exactly where their data resides. This may never change, or at least not to an IT auditor. Knowing the location and state of your data also helps the enterprise “check the boxes” for regulatory compliance. Many times, the SOC certifications are not enough, more specific details are required. 3z in Cincinnati will encrypt all of your data at rest as a matter of their process. Additional services like these can ease the IT leader’s mind when the time for an audit comes.

It is my opinion that the established local datacenter will survive, and flourish.  However, it may need to adjust to stay relevant and competitive with the large public cloud providers. For example, they will need to emulate some of the popular public cloud offerings such as an easy to use self-service portal and a “try it for free” cloud offering. I believe the local datacenter’s personalized processes are important and I offer support for 3z and its competitive peers to prosper in the future.

If you would like to learn more or visit 3z please contact us at:

Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

Should We Eliminate or Embrace Shadow IT?

by Jim Conwell, posted in BYOD, Cloud Computing, IOT, IT Regulation, IT Security

shadowit_image

With cloud computing’s acceptance in business coupled with the ease of entry and setup with public cloud offerings, the terminology of Shadow IT has reemerged. Wikipedia defines Shadow IT as “a term often used to describe information-technology systems and solutions built and used inside organizations without explicit organizational approval”.

If the cloud initiated this reemergence, the Internet of Things (IOT) and the Bring Your Own Devise (BYOD) phenomenon’s have exacerbated it. When employees started bringing their mobile phones and tablets to the office they began integrating applications they used in their personal life to business. Likewise, Machine Learning (ML) applications have influenced corporate IT and its guidelines throughout the enterprise. Opponents say Shadow IT challenges the IT governance within the organization. What may appear to be a disadvantage to the IT department may be advantageous to the company. To follow are some of the advantages and disadvantages of shadow IT.

Advantages

  • Increased agility – departments within an organization can create their own IT resources without depending on the lag time and processes of the IT department.
  • Empowering employees – employees will be more productive when they feel they have the power to make decisions, including IT selections, on their own.
  • Increased creativity – putting the process of creating IT resources in the hands of the user often creates a better product and experience for that user.

Disadvantages

  • Security – Employees outside the IT department rarely consider security when implementing IT services.
  • Cost- When IT resources can be implemented at the employee level, as opposed to being purchased centrally, there will be wasted resources.
  • IT governance and compliance –Outside of the IT department, purchasers will not consider the regulatory concerns and governance. Processes and rules for IT need to be in place regardless if the resources are centrally implemented.

IT departments are not wrong to have contempt for the concept of Shadow IT. However, we believe they can learn to work with aspects of it. If a business can communicate across all departments and overcome the disadvantages listed above, we believe Shadow IT can be a win/win for the entire enterprise.

If you need assistance designing your evolution to the cloud or data center

please contact us at Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net      www.twoearsonemouth.net