Category: data center

Three Common Data Terms Defined

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, data center, IOT, IT Regulation, Software Development

Data is growing exponentially

image courtesy of itpro.co.uk

Today’s business leaders can be inundated with large data sets presented to them and challenged to determine the best tools to manage and analyze the data. To stay competitive, they need to use historical information to reveal patterns and trends for the future. Understanding and interpreting data have become a vital process for business although some may become intimidated by the amount of data available. Traditionally, data is owned by the IT department of the business. Today, other departments within a business such as human resources (HR), marketing or sales require this information and want it without the delay of IT intervention. This has created the need for non-IT business managers to be acquainted with technical terms and processes previously understood only by the IT department. The vernacular of IT and the speed it changes can be as overwhelming as the data itself. In this brief article, I will introduce three of the most common data terms and define each.

Big Data

Big data is one of several terms in the cloud computing category whose meaning has been diluted with its overuse. I define big data as data sets that are stored by a business for analysis to predict future patterns and trends. I believe the term big data was first introduced as the data businesses needed to manage became too large for its traditional data processing applications. This can be partially ascribed to the fact that in the last two years 90% of the current electronic data has been created. Data capacity and data transmission speed have changed more than any other single technology in IT. For instance, my first computer had a 30 MB hard drive, enough storage for about 20 of the 500 pictures on my smart phone today. It seems like each year we are forced to learn a new term for data capacity. Here are the terms we hear most often today as it relates to the size of data files:

**chart courtesy of techterms.com

In addition to the vast amounts of data businesses need to analyze there are other challenges to big data. First, the variety of forms the data can take such as text, images, and video can test a company’s systems. Additionally, today’s regulatory trends protecting data privacy complicate procedures and policies for the enterprise to store big data. Businesses today storing and analyzing the data must be familiar with the regulations and best practices to protect the identities of all users within the data. Big data has become a tool for creating critical insight for business, but if not managed well it can be more problematic than useful.

Metadata

The simplest definition of metadata is information about the data. Metadata is typically considered to be one of two forms, descriptive or structural. A common example of descriptive metadata is contained in the pictures we take with our smart phones. The picture has additional information attached (metadata) that will describe the time, location and even information about the camera that took the photo. An example more applicable to business users is a column heading of a spreadsheet, this metadata contains vital information needed in understanding the primary data in the spreadsheet. Information stored in a Word document describing who created the document and when it was created is another common example of metadata. These examples provide good insight as to some of the privacy concerns of stored data. It is not uncommon for personal identifiable information (PII) to be hidden in metadata in data files. If not properly secured it will create exposure to breaches and violations of IT regulations.

Structural metadata can be more complicated, it describes data objects or components of the files. Like a book has a table of contents, chapters and pages, structural metadata can guide managers through and help define the components of large data files. Structural metadata is often used in big data applications such as databases which can offer little value without systems to identify components of value to the different business units within an organization. These systems, most times based in a software package, are referred to as data modeling.

Data Modeling

Data modeling is defined as the process of creating a software framework for data information systems by applying formalized techniques. The data modeler will define and analyze the requirement for each unique business unit and initiate processes to allow them to get the most benefit from the data. Data modeling is typically a customized application. There are some off-the-shelf data modeling packages, but they tend to be of little use without customization by an expert.

As data grows so does the insight it offers the business for their future trends. It can also grow out of control if not managed properly, creating substantial risk for the business. As businesses collect and use the data they also need to engage experts to mitigate this risk. A trusted advisor and expert can offer best practices for storing, retrieving and analyzing big data. Two Ears One Mouth IT Consulting will meet with you, discover and understand your data needs and guide you to the right partner and processes to provide these services.

Contact @ Jim Conwell (513) 227-4131     jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

 

5G affects cloud

5G or not 5G- What, When and How it Affects IT and Cloud

by Jim Conwell, posted in Business Practices, BYOD, Cloud and IT Consultants, Cloud Computing, data center, disaster recovery, Edge Computing, IOT

 

Before entering the cloud and IT business I spent more than a decade working with wireless technologies for business.  During this time, I saw the advent of data to cell phones and the transitions of the generations of data offerings that have been delivered. Generation 2 (G2) brought very rudimentary data to cell phones such as text messaging. G3 brought the internet and its many applications such as mobile email. G4 brought us the high-speed internet we use today offering instant access to applications such as real time video. With each transition of the technology, corporate marketing and spin became more extraordinary creating more time between the introduction and the practical delivery of the new product. Now comes 5G and I expect this trend to continue. Although we hear of the current availability of 5G from wireless carriers the products are not fully developed for practical use and are likely years away for business applications.

What is 5G and who will provide it?

The latest technology of 5G wireless data will be provided to us by the same carriers that delivered wireless service in the past, AT&T, Verizon, and Sprint. Although the primary standards for 5G have been set there is still much to be developed in the technology and will likely be introduced as different versions. This will be similar to 4G when it was first launched with its distinct alternatives of WiMAX and LTE.  5G has already been split into different delivery types, 5G, 5GE, and 5 GHz. Verizon’s first introduction to 5G is designed for the home and small office while AT&T is focused on mobile devices in very limited markets. Most believe there will be fixed wireless versions for point to point circuits for business. At this point, it isn’t clear what versions each provider will offer in 5G as it matures and becomes universally delivered.

The technology of 5G

Similar to all previous generations in the evolution of wireless data 5G offers greater speeds as its primary driver for acceptance. What may slow widespread deployment of 5G is the fact that 4G technology continues to improve and provide greater speeds for users. However, the wireless spectrum available to 4G providers is running short so the transition to 5G is imminent. Most of the 5G technology will be provided on an alternate wireless spectrum, above 6 GHz, and not provided to wireless consumers previously. This new swath of spectrum will offer much greater capacity and speed but won’t come without its own challenges. To achieve these higher speeds the carriers will need to use much higher frequency transmissions called millimeter waves. Millimeter waves cannot penetrate buildings, weather, and trees as well as the previous frequencies. To overcome this wireless carriers will need to implement additional, smaller cell sites called microcells. Many wireless carriers have already implemented microcells complementing the macrocells used in previous offerings of wireless service. Building out additional data network and cell sites such as microcells is expensive and time-consuming. This will add to the delay of a fully implemented 5G offering from the carriers.

Business advantages of 5G

To say that one of the advantages of 5G are greater data speeds would be true, but there is much more to it for business applications. The following are the primary advantages, related to speed, that 5G will provide for businesses for cloud computing.

  • Lower latency – Wireless 5G networks will decrease latency, the time it takes data packets to be stored and retrieved, greatly. This will benefit many business applications such as voice, video and artificial intelligence (AI)
  • Multiple connections- The base stations, or cell sites of 5G, will handle many more simultaneous connections than 4G. This will increase speed for users and capacity for providers.
  • Full duplex transmission- 5G networks can transmit and receive data simultaneously. This full duplex transmission increases the speed and reliability of wireless connectivity enabling new applications and enhancing exiting ones.

Cloud and business solutions enhanced by 5G

It is difficult to say exactly how businesses will benefit from 5G service since it is still being developed. However, the advantages listed above lend themselves to several applications which are sure to be enhanced for business.

The increased speeds and decreased latency 5G offers will expand options and availability for disaster recovery (DR) and data network backups for businesses. When speeds previously only offered to business via wireline can be delivered without wires business continuity will be increased. Many businesses outages today are caused by accidental cable cuts and power outages that wireless 5G will eliminate. It is also possible wireless point to point circuits could replace traditionally wired circuits for the business’s primary data and internet service.

The technology and increasing number of the internet of things (IOT) applications will be enhanced by 5G. The increased speed and connectivity capacity will allow this ubiquitous technology to continue to grow. Similarly, the trend for more and faster edge computing connectivity will benefit. This will enhance applications such as autonomous vehicles that require instant connectivity to networks and other vehicles. Content delivery networks like the ones used for delivery of Netflix will be able to deliver their products faster and more reliably. These are just a few examples of the technologies today that are demanding 5G’s advantages and will expedite its availability.

While the technology to deliver 5G is mostly completed, the timing of widespread implementation for business is still unclear. This is attributed in part to the improvement of 4G speeds in its ability to satisfy today’s consumer’s needs. More importantly, new technologies are not accepted in the marketplace because the technology is ready but rather because the business applications demand them. 5G technologies will be driven by many business applications but widespread acceptance won’t occur for at least another two years. If you want to consult with a partner that has expertise in all aspects of telecom, wireless and cloud technologies, give us a call and we will be glad to find the right solution for your business.

Contact @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

 

Colocation’s Relevance Today for Business

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, colocation, data center, disaster recovery, healthcare IT regulation, IT Regulation

The past several years have shown a “cloud-first” strategy evolve for business with their IT infrastructure. The inclination for a total on-premises infrastructure has decreased as hybrid cloud solutions have expanded. While off-premises solutions are the up and coming choice for many businesses, on-premises continues to be utilized with most companies. As businesses look at their IT strategies for the future, they should explore options to the cloud and consider the reasons why cloud may or may not be the best fit for all their applications. Businesses have seen the value of taking their data off site for years without handing it over to a cloud provider. The primary alternative has been collocation (colo). Many have seen a renewed interest of colo with the growth of hybrid cloud, as the large public cloud providers have implemented changes to their products to promote hybrid cloud architectures.  Here I will review these changes and discuss colocation’s relevance today for business.        

Colo defined and best use cases

Colo allows organizations to continue to own and maintain control of their IT hardware while taking advantage of an off-premises solution that offers increased uptime and security. As a part of the colo agreement, the data center will offer space, power, and bandwidth to its clients in a secured and compliant area within their facility. Although data centers are some of the most secure places in the world, they still can offer their clients access to their IT resources 24 hours a day, 365 days a year. They accomplish this through multiple layers of security including security guards, video monitoring and biometrics. This ability for colo customers to access and touch their data provides a psychological advantage for many businesses.

Another advantage of colo is power which can be offered with options including multiple power utilities. Redundant power offers additional safeguards against an IT outage. This type of power configuration is not available in most business’s office buildings. Also, a data center can offer power at a reduced rate because of their purchasing power with the utility. With more power comes more cooling requirements. The data center also provides better cooling, again with spare resources to assure it’s always available. Finally, bandwidth is a commodity the data center buys in bulk and offers to its colo customers at savings.

Regulatory compliance is another important advantage driving users to a colo solution. Colo provides its customers instant access to an audited data center, such as one with SOC 2 compliance. Colo has long been believed to offer more security and compliance than on-premises or cloud.

Considerations before moving to colo

The primary items to consider before moving to colo in a data center relate to the space and power components of the solution. Colocation space is typically offered by the data center provider by the rack or by a private cage consisting of multiple racks. In either offering, a prospective buyer should consider the requirements for expansion of their infrastructure. In a cage, a customer is typically offered “reserved space” within that cage to be purchase and can then activate when required. When the customer doesn’t require the segregation of a cage, they will purchase racks that are adjacent to other business customers, which can make expansion more complex. Customer-focused data centers allows a business to reserve adjacent racks without activating the power and therefore are priced at a discounted rate. It is important to have contiguous space in a data center colo so consider additional space for growth with the initial purchase. 

Regarding power make sure you research the amperage and voltage requirements for your infrastructure and its potential for growth. Data centers will have many diverse power offerings so consult with an expert like TEOM for the requirements of your IT equipment.

Today’s evolving advantages of colo

Most of today’s business IT infrastructures, on-premises or colocation, will utilize some type of cloud presence for required applications such a disaster recovery. The byproduct of this growing trend is hybrid cloud implementation. Like the term cloud, a hybrid cloud can have many definitions. For our purposes here, hybrid cloud will be defined as resources complementing your primary on-premises infrastructure with a cloud solution. The large public cloud providers, most often used by businesses, have expanded their presence beyond their own data centers to occupy a cage of colo in large multi-tenant datacenters. This enables the cloud providers to get physically closer to their customers, which creates an advantage for a business user in that data center needing to implement a hybrid cloud solution.

Previously, customers of the large public clouds have relied on either the internet for inexpensive connectivity or expensive dedicated telecom circuits to connect “directly” to their cloud provider. Direct connections have been prohibitively expensive for most businesses because of the high cost of telecom circuits that are required to reach the public cloud. Some have justified the high cost of direct connect due to increased security and the greatly reduced costs of data egress. Egress charges are the cost to move data from the public cloud to the business. Typical egress charges for public cloud providers can be as much is $.14 per gigabyte. When direct connections are established egress charges are greatly reduced to as low as $.02 per gigabyte as of the time this article was written. Because of this direct connect can save users thousands of dollars while greatly increasing security. When the public cloud provider is in the same data center as the colo customer a direct connection to take the form of a “cross connect” within the data center. This common data center service is a fraction of the cost of the telecom circuits mentioned previously. This enormous economic benefit can be multiplied if the business connects to multiple public clouds (multi-cloud).

A more recent trend has the large public cloud providers creating a hybrid cloud on the customer’s premises. Microsoft’s solution, called Azure Stack, was the first introduced, and now has a competitive product from AWS called Outpost. The products, to be covered in a future article, put the hardware and cloud infrastructure of these providers on the customer’s site. This creates additional validation that hybrid is here to stay.

Colo remains relevant today for many of the same reasons it has been chosen for years: availability, security, and compliance. As the large public cloud providers expand outside of their own data centers to get closer to their customers, new advantages for businesses have emerged. When a fiber cross connection in a common data center can be used to direct connect to a public cloud provider, enormous benefits are realized. Ironically, as the public cloud providers grow, colocation has found new life and will remain relevant for the foreseeable future.

If your business wants to stay competitive in this ever-changing environment

Contact us @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

 

Trends for Cloud and IT Providers from the Past Year

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, data center, IT Regulation, IT Security

cloud trends for 2018 cloud trends for last year[/caption]

One of the primary benefits I offer to support my customers is insight and expertise for Cloud and IT services for business. I develop my insight and best practices for clients through working closely with a wide breadth of supplier partners that create the trends in their technology. These IT innovators range from the largest public companies earning billions of dollars each quarter to small entrepreneurs providing IT services to small and medium sized businesses (SMB). Staying current with technology is vital to my customers. Once a year I like to take time to review the trends for the cloud and IT. Here, I will describe recent trends by the primary technologies that are my focus, Infrastructure as a Service (IaaS), Unified Communications as a Service (UCaaS) and IT Managed Service Providers (MSP).

IaaS

Much of the change that occurs in IaaS is created by technologies and services delivered by the cloud hyperscalers such as AWS, Microsoft Azure and Google Cloud Platform. They have created environments that are open to virtually all operating systems and software applications. In a similar fashion, the regional data centers and cloud providers I partner with have evolved to hyper-converged platforms.  Hyper-converged platforms create a software defined IT infrastructure that replaces some of the traditional components of cloud such as storage area networks (SAN) or networking components like firewalls and switches. This trend has also spread to private clouds for organizations that create their own cloud infrastructure on premises.

In addition to hyper-convergence, most IaaS providers have also capitalized on traditional technologies like bandwidth that allows them to better compete with the hyperscalers. These include cloud configurations with a fixed and budget friendly cost structure for data transaction cost or egress. Many hyperscalers customers have been shocked by a low initial cost that rises quickly as their data requirements increase. Most of the trends in IaaS happen first at the hyperscaler then move downstream to the regional cloud providers as they reach general acceptance.   

UCaaS

UCaaS, or hosted IP phone service, has experienced exponential growth with both business users and the cloud providers. The purchase of BroadSoft by Cisco early in 2018 has led the way for many very cost effective UCaaS solutions with enhanced communication features. It is becoming apparent that providers are beginning to reach a critical mass of prospects where the product is being commoditized and the price is a key component of the buyer’s decision process. There have been a handful of providers that have been able to differentiate their UCaaS services through integrations with Customer Relationship Management (CRM) software or other SaaS products. Additionally, some innovative software developers have intrigued customers by taking an “out of the box” view voice communications. Companies like Dialpad, created by ex-Google engineers, have guided their customers to rethink the idea of UCaaS as more than a phone system hosted in the cloud. They have created a new age open communications platform that integrates all the enterprise communication tools. Their solutions often create a voice communication platform without a traditional desk phone. Whatever the technology or provider UCaaS has become ubiquitous. When the business accepts the OpEx model of monthly rental for voice communications the advantages of UCaaS are undeniable.  

Managed Service Providers (MSP)      

In my work to provide guidance to my clients for the best alternatives for cloud providers I often uncover needs for tradition on site IT services. These needs are most often driven by a loss of IT personnel or rapid growth of the company. I wrote an article earlier this last year, Is the MSP Model Right for Your Business, that covered this subject in greater detail. The trend described in the article continues to evolve toward a partner-like relationship between MSP and customer covering the full range of services such as an internal IT department would provide. This mindset is effective if the MSP listens to the customer’s needs and is flexible enough to customize their offering to their specific requirements.

As I stay close and communicate frequently with my supplier partners, I stay abreast of the provider’s changes and how they relate to the industry. I look forward to 2019 as a time of continued growth in cloud computing offerings. As the technology matures it will provide more opportunity to display how the cloud will add value to the business’ IT strategy. Understanding these trends of technology as they evolve will allow Two Ears One Mouth IT consulting to provide valuable insight to clients for years to come.        

          If your business is unique and requires a personalized IT provider strategy and solution

Contact us @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

Cloud Security is a Shared Responsibility

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, data center, IT Regulation, IT Security

shared security model cloud security is shared[/caption]

When I first became familiar with enterprise cloud computing, one of the primary objections of cloud adoption was the security of the data within the applications. Today that has changed; as cloud has matured it is now seen as an option for IT infrastructure that can be designed to be more secure than on premises solutions.  Through the process of designing a cloud infrastructure IT professionals have become aware of the increase security benefits cloud offers. Concurrently, IT data exposure and breaches have become more widespread and security has become a greater responsibility. These factors have led all cloud architects, whether with a cloud provider or working within an enterprise, to realize that cloud security is a shared responsibility. Cloud security is shared in two respects, first within the different groups of the enterprise and secondly, the responsibility of securing data is split between the enterprise and the cloud provider. For the purpose of this article we will focus on the sharing of security responsibilities between the enterprise and the provider. I will segregate three categories of cloud computing responsibility in order to simplify the roles and responsibilities: infrastructure, operating systems including applications and customer data.  

Private Cloud

Most IT users today consider a virtualize stack of IT infrastructure on premises a private cloud. In this scenario, as existed before cloud computing, the enterprise is responsible for all aspects of security. In an on-premises private cloud infrastructure the enterprise needs to secure their data from all physical, technical or administrative threats. With large organizations the security responsibilities can be shared within groups of their IT departments which may include network, security, application and compliance.

Infrastructure as a Service.

The greatest security coordination concerns come from a public or hybrid cloud configuration such as infrastructure as a service (IaaS). With an IaaS environment the enterprise has agreed to have the provider manage the infrastructure component of the IT security. This enables the enterprise to outsource all security and regulatory concerns concerning the actual server hardware. They also realize benefits of physical security because their IT infrastructure is off premises and in a secured facility. Many times, regulation or even large customers, will mandate an audited data center standard such as SOC 2 for their IT infrastructure as a requirement of the business partnership. Creating an audited SOC 2 compliant data center on premises can be costly and time-consuming. The hosting of their IT infrastructure in an audited and physically secure data center is one of the greatest benefits of IaaS.

Beyond the physical infrastructure, the IaaS or cloud provider also assures the security of the software hypervisor that orchestrates the virtualized cloud operating systems and services. However, the enterprise is still responsible for the operating systems of the virtual servers and the security patches the software developer issues for them. Additionally, the enterprise is responsible for the security of all their own software applications and the data that resides on them. Some cloud providers will offer managed services to their clients that will include security functions. The provider may offer a managed firewall, monitoring and even malware protection for the virtual servers they host. These services add value as the provider is more familiar with security best practices in the IT infrastructure stack than the enterprise. Still there is always a shared responsibility for security with the enterprise always responsible for their own data. 

Software as a Service (SaaS)

SaaS is the cloud technology the majority of businesses have the most experience with and understand the best. Common SaaS platforms like Microsoft Office 365, Google G Suite or CRM based software like salesforce.com have made SaaS commonplace. Virtually the whole IT stack is owned by the provider in a SaaS platform, however, the enterprise still does still have security responsibilities. The enterprise’s primary security responsibility is concerned with their own data. The business owns their data and needs to ensure it is free of malware and other external threats. They also need to protect the end points such as laptops and tablets that are used to access the SaaS data.

Additional Considerations

Other IT security responsibilities the enterprise needs to consider in any Cloud environment are connectivity, authentication and identification services as well as managing abandoned resources.

Connectivity to the cloud provider is most secure when a private circuit or connection can be implemented. If a private connection is not practical the enterprise needs to create a secure connection such as a virtual private network (VPN) and assure a secure connection is created over public internet.

Authentication and identification of network users is an integral part of any enterprise IT network. Additionally, it is equally important to integrate any authentication or directory service with the cloud solution. A solution like Microsoft Azure AD is considered by many as a best practice for this complicated process. It was described in some detail in a previous article Active Directory (AD) in the Cloud. Finally, a frequent cause for concern, especially with enterprises that employ large IT staffs, are abandoned resources. These are cloud instances that were created and have lost their relevance and have been forgotten. They can reside in a public cloud for years, with continued billing, and the customers data is open to the public since they were created in a  time with less stringent security policies. Periodic billing review and the monitoring services security platforms offer can eliminate this waste.

Business cloud solutions offered to the enterprise come in many different configurations that vary as to the type of infrastructure, software and services offered. In all cloud environments security requires a shared responsibility as well as a layered approach coordinated between the cloud providers and the enterprise.  A supplier agnostic advisor like Two Ears One Mouth IT Consulting can assist by helping a business find the right provider and security services for your business’s applications.      

 

If your business is unique and requires a custom cloud security solution for IT Support

Contact Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

         

Disaster Recovery, Which Option is Right for Your Business?

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, data center, disaster recovery

 

Active-Active performs the quickest recovery
An Active-Active Disaster Recovery Solution

 

In a recent article, I described how an outsource, or hosted provider can deliver Disaster Recovery (DR) as a Service. In this article, I would like to look at the advantages a business can achieve by creating their own Disaster Recovery and answer the question, which option is right for your business. First, a reminder that DR is not a backup of data but rather a replication of data to ensure its availability and business continuity. DR solutions that are created by using the business’s own IT infrastructure can be divided into two primary categories, active-active and active-passive. Since active-passive was covered in the previous blog, I will focus on active-active here. While both attempt to achieve the same goals, keeping the business IT systems up at all times, they are created and maintained differently. Because of the unique nature of DR solutions, it is generally accepted to engage an expert such as Two Ears One Mouth IT Consulting to determine the right DR solution for an organization. I will compare the two DR strategies through complexity, cost and the most common metrics for DR Recovery Time Objective (RTO) and Recovery Point Objective (RPO).

Active-Active Disaster Recovery

An active-active, or stretched clustering, configuration is the deployment of a second identical live infrastructure which continually replicates with the first site. This framework will typically consist of only two sites.  Because of the simplicity of the concept and the speed and ease in which recovery can occur, it is usually the clients first choice. Ironically, after all the pertinent information is uncovered, is rarely selected by the small medium business seeking disaster recovery.

The two primary reasons it isn’t chosen for most businesses is its cost and the requirement for high bandwidth with low latency. Its high initial cost is due to the purchase of a duplicated set of hardware infrastructure for the primary site. In an active-active scenario, either site can handle the entire workload for the business. Every time a request is made in a software application at one site it must be written to the other site immediately before completing the request. An active-active solution requires a high level of connectivity, or bandwidth, between sites such as dedicated fiber optics. Even with dedicated (dark) fiber between sites data latency is still a consideration. Best practices dictate that the distance between active-active sites should be less than 100 miles. These two requirements eliminate many prospects from considering an active-active solution.  

Advantages of Active-Active

Now I will describe the advantages of an active-active configuration and the businesses that can benefit from it. There are many benefits to this configuration as it is a remarkable process for business continuity. After realizing the upfront cost, many businesses need to determine if it’s a nice-to-have or need-to-have solution for their business. To follow are some of the benefits of an active-active DR solution. 

1)      No “big red” button to push-

One of the most difficult processes of any DR solution is knowing how and when to declare an IT outage a disaster and quickly executing the DR plan. Many solutions will require a detailed process and action plan that involves the entire IT team. An active-active configuration is much simpler to invoke the DR plan because it transfers all workloads to one of the continually running and replicated systems. In addition, it requires very little testing and can be engaged automatically with minimal human intervention.  

2)     Cross-site load balancing-

Although it can be simple to transition to DR mode an active-active DR configuration is very complex to design and create. Some of the factors that make it difficult to create are the very same that provide additional benefits beyond DR. On such benefit is “load balancing” of the data transmitted between sites and offsite. Since both sites are always actively processing data it can be designed so that any process being run can occur at the optimal site available at that time. This can eliminate challenges of slow data responses and maximize bandwidth availability for the business.

3)      Less management means less cost-

The argument can be made that the active-active DR solution is the more cost effective for the long term. The time and technical resources to test, maintain and initiate an active-passive DR solution is much greater than the active-active. Additionally, in analyzing a DR solution, most don’t consider the operational task to “fallback” to normal mode after DR has been implemented; this can be more difficult than the original DR transition. Although expensive initially, the active-active solution has very little ongoing costs.  

Active-Passive Disaster Recovery

An active-passive DR solution creates an environment that is not intended to be live for IT production until a disaster is declared by the business. The infrastructure is over subscribed for resources and dormant until needed. This creates large initial cost savings on hardware. Many times, a business will re-purpose their aged IT equipment and servers for their DR site to realize even greater financial benefit.

One of the most popular active-passive software platforms for disaster recovery today is Zerto. Zerto’s DR solution creates DR at the hypervisor level of the virtualized environment. This allows for a quick and complete transition to the DR resources when an outage occurs. Zerto works with the most popular hypervisors such as VMware or Microsoft’s Hyper V. An active-passive solution such as Zerto can create a more customized solution. A business may select only a small percentage of their application servers as critical to the business and enable DR solution for those applications only. An active-passive solution is more accommodating to multi-site or multi-cloud business DR. Active-passive solutions are also used to provide Disaster Recovery as a Service (DRaaS) from data center and cloud providers.

When a business looks to create DR solution for their business, they have three primary options, active-active, active-passive and DRaaS. It is not a quick or simple decision as to what works best for your business. You need a trusted advisor like Two Ears One Mouth IT Consulting to investigate your IT environment, understand your budget, to guide you down the path to assured business continuity.

If your business is unique and requires a custom DR solution for IT Support

Contact us @ Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

   

 

a cloud buyers guide

A Buyer’s Guide to Cloud

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, colocation, data center, disaster recovery, IT Regulation, IT Security, Latency, migration, protecting cloud resources, Uncategorized

buyguide_Cloud

Most businesses have discovered the value that cloud computing can bring to their IT operations. They may have discovered how it helps to meet their regulatory compliance priorities by being in a SOC 2 audited data center. Others may see a cost advantage as they are approaching a server refresh when costly hardware needs to be replaced. They recognize an advantage of placing this hardware as an operational expense as opposed to the large capital expense they need to make every three years. No matter the business driver, the typical business person isn’t sure where to start to find the right cloud provider. In this fast paced and ever-changing technology environment these IT managers may wonder, is there a buyer’s guide to Cloud?

Where Exactly is the Cloud?…and Where is My Data?

Except for the cloud hyperscalers, (Amazon AWS, Microsoft Azure, and Google) cloud providers create their product in a multi-tenant data center. A multi-tenant data center is a purpose-built facility designed specifically for the needs of the business IT infrastructure and accommodates many businesses. These facilities are highly secured and most times unknown to the public. Many offer additional colocation services that allow their customers to enter the center to manage their own servers. This is a primary difference with the hyperscalers, as they offer no possibility of customers seeing the sites where their data resides. The hyperscale customer doesn’t know where there data is except for a region of the country or availability zone. The hyperscaler’s customer must base their buying decision on trusting the security practices of the large technology companies Google, Amazon, and Microsoft. These are some of the same organizations that are currently under scrutiny from governments around the world for data privacy concerns.  The buying decisions for cloud and data center for cloud seekers should start at the multi-tenant data center. Therefore, the first consideration in a buyer’s guide for the cloud will start with the primary characteristics to evaluate in the data center and are listed below.

  1. Location– Location is a multi-faceted consideration in a datacenter. First, the datacenter needs to be close to a highly available power grid and possibly alternate power companies. Similarly, the telecommunications bandwidth needs to be abundant, diverse and redundant. Finally, the proximity of the data center to its data users is crucial because speed matters. The closer the users are to the data, the less data latency, which means happier cloud users.
  2. Security– As is in all forms of IT today, security is paramount. It is important to review the data center’s security practices. This will include physical as well as technical security.
  3. People behind the data– The support staff at the datacenter creating and servicing your cloud instances can be the key to success. They should have the proper technical skills, responsiveness and be available around the clock.

Is My Cloud Infrastructure Portable?

The key technology that has enabled cloud computing is virtualization. Virtualization creates an additional layer above the operating system called a hypervisor that allows for sharing hardware resources. This allows multiple virtual servers (VMs) to be created on a single hardware server. Businesses have used virtualization for years, VMware and Microsoft HyperV being the most popular choices. If you are familiar with and have some secondary or backup infrastructure on the same hypervisor as your cloud provider, you can create a portable environment. A solution where VMs can be moved or replicated with relative ease avoids vendor lock-in. One primary criticism of the hyperscalers is that it can be easy to move data in but much more difficult to migrate the data out. This lack of portability is reinforced by the proprietary nature of their systems. One of the technologies that the hyperscalers are beginning to use to become more portable is containers. Containers are similar to VMs however they don’t utilize guest operating systems for the virtual servers. This has had a limited affect on portability because containers are a leading-edge technology and have not met widespread acceptance.

What Kind of Commitment Do I Make?

The multi-tenant data center offering a virtualized cloud solution will include an implementation fee and require a commitment term with the contract. Their customized solution will require pre-implementation engineering time, so they will be looking to recoup those costs. Both fees are typically negotiable and a good example where an advisor like Two Ears One Mouth can assist you through this process and save you money.

The hyperscaler will not require either charge because they don’t provide custom solutions and are difficult to leave so the term commitment is not required. The hyperscaler will offer a discount with a contract term as an incentive for a term commitment; these offerings are called reserved instances. With a reserved instance, they will discount your monthly recurring charge (MRC) for a two or three-year commitment.

Finding the best cloud provider for your business is a time-consuming and difficult process. When considering a hyperscaler the business user will receive no support or guidance. Working directly with a multi-tenant data center is more service-oriented but can misuse the cloud buyer’s time. The cloud consumer can work with a single data center representative that states “we are the best” and trust them. Alternatively, they can interview multiple data center provider representatives and create the ambiguous “apples to apples” spreadsheet of prospective vendors. However, neither is effective.

At Two Ears One Mouth IT consulting we will listen to your needs first and then guide you through the process. With our expertise and market knowledge you will be comforted to know we have come to the right decision for you company’s specific requirements. We save our customers time and money and provide our services at little or no cost to them!

If you would like assistance in selecting a cloud provider for your business contact us at:

Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

Why Pay More?!

Will an Indirect Consultant Cost My Business More?

by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, colocation, data center

Getting more while paying less

Recently, a prospective customer asked me, “Will an indirect consultant cost my business more than negotiating with the service provider directly?” It’s a fair question, one I can answer with minimal effort. Working on a cloud or telecommunications solution with a supplier agnostic advisor (indirect) doesn’t cost anything additional and often will reduce the total cost of a project.

The indirect model

Most cloud and telecommunications providers today will utilize both the direct and indirect sales consultant models. A direct sales consultant is an employee of the supplier who is given a sales quota and a limited variety of solutions to propose. An indirect sales consultant will represent a variety of suppliers and solutions. The consultant will also typically focus on a select group of suppliers and narrow the prospective vendors down for their client based on their specific needs. The indirect and supplier relationships have no quota or demands that create a false urgency or bias to the buyer. The primary goal for the indirect consultant is to save their client time and utilize their expertise to find the best supplier and solution for their customer. Since all suppliers currently embrace the indirect model the list of suppliers is unlimited. The consultant will focus on a few but is prepared to engage any supplier needed for a unique situation. The past decade has shown a clear trend for suppliers to move to the indirect model and many have engaged the indirect channel exclusively.

Why pay more?!

In What is the Difference between a Direct and Indirect Channel, I covered some of the advantages of the indirect partnership and why it enables long term sustainability. Many times, the indirect consultant will save the end-user the cost of a technology solution. Certainly, as some may surmise, suppliers that utilize the indirect model don’t add cost to the solution because it involves an indirect consultant. All suppliers budget for the cost of sales in their pricing, regardless of the channel it comes from. They understand that the opportunities from the indirect channel are unique from their direct sales funnel and don’t incur any additional cost to sales.

Due to their vast knowledge and experience, the indirect representative is very familiar with the sales process of cloud computing and telecommunications and know where the supplier may have flexibility. It may be in the term contract, the installation charges or the monthly recurring charges (MRC) for the service. The indirect consultant becomes a trusted guide through the discovery, sales, and implementation process. This has its greatest value in a cloud or data center acquisition. The discovery and decision process for this type of service may be completed once or twice in an IT leader’s tenure and many years can pass between engagements. As a result, they are unable to remain apprised of the current technology, sales trends, and processes. Conversely, the indirect consultant may lead his or her other clients through a similar process several times a month. They know how to get the best value and are rewarded by it. Cost is not the best reason to use indirect consultant, but it is never the downside of the indirect consulting process.

Today’s suppliers of telecom and cloud services have come to embrace the indirect sales channel because of its propensity to create a “win-win” for all parties involved. It provides a more customized and less expensive solution to the potential customer while introducing new opportunities and reducing the cost of sales for the supplier.

If you would like to understand more about getting more and paying less contact us at:

Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

migrating datta to cloud

Creating a Successful Cloud Migration

by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, data center, disaster recovery, IT Security, migration, protecting cloud resources

cloud-migrationIf you’ve been a part of the growth of cloud computing technology, you know that creating a successful cloud migration goes far beyond what can be covered in a short essay. However, this article will communicate guidelines or best practices that will greatly improve the success of your migration project. A successful cloud migration will include at least these three stages: planning, design, and execution. Each phase builds on the previous one and no step should be ignored or downplayed. The business cloud migration requires an expert, internal or external to the organization, to manage the process.

Planning: what type of cloud works best?

When we speak of a cloud migration we are referring to a business’s transition to Infrastructure as a Service (IaaS). Migrating to IaaS is the process of converting your on-site IT infrastructure to a cloud service provider and initiating an OpEx financial model for the business. When approaching this migration the business will investigate three provider solution types: hyperscaler, national cloud service provider and a hybrid of a cloud provider with a portion of the infrastructure remaining on-premises.

The largest public cloud providers, AWS, Azure, and Google are often referred to as hyperscalers.  This name is appropriate as it is what they do best, allow customers to scale or expand very quickly. This scaling is served up by a self-service model via the provider’s web portal which can be very attractive large organizations.  Small and medium sized businesses (SMB) have a harder time adjusting to this model as there is very little support. Self-service means the customer is on their own to develop and manage the cloud instances. Another drawback of the hyperscaler for the SMB is that is nearly impossible to budget what your cloud infrastructure is going to cost. The hyperscalers transactional charges and billing make costs difficult to predict. The larger enterprise will often take the strategy of building the infrastructure as needed and then scale back to meet or reduce the cost. SMB typically does not have this type of latitude with budget constraints and will opt toward the more predictable national or regional cloud provider.

The regional or national data center is a better fit for SMB because of their ability to conform to the businesses needs. Often SMB will have unique circumstances requiring a customized plan for compliance and security or special network requirements. Also, this type of cloud provider will provide an allowance of internet bandwidth in the monthly charges. This eliminates unpredictable transaction fees the hyperscaler charges. In this way, the business can predict their monthly cloud cost and budget accordingly.

There are times when an application doesn’t work well in the cloud infrastructure, yet it is still required for the business. This is when a hybrid cloud environment can be implemented. Hybrid cloud in this instance is created when some applications move off-site while others stay and are managed separately. The challenge is to integrate, or make seamless, this non-cloud application with the other business processes. Over the long term, the application creating the hybrid environment can be repurposed to fit in the cloud strategy. Options include redeveloping the existing software to a cloud native architecture or finding a similar application that works more efficiently in a cloud environment.

Design: a cloud strategy.

A cloud strategy requires not only a strong knowledge of IT infrastructure but also a clear understanding of the business’s operations and processes. It is vital that the customer operations and management teams are involved in the cloud strategy development. Details regarding regular compliance and IT security need to be considered in the initial phases of development rather than later. The technical leader of the project will communicate a common strategy of building a cloud infrastructure wider as opposed to taller. Cloud infrastructure is better suited to have many servers with individual applications (wide) instead of one more powerful server handling many applications (tall).

Once all the critical business operations are considered, a cloud readiness assessment (CRA) can be developed. A CRA will dig deep into the business’s critical and non-critical applications and determine the cloud infrastructure needed to support them. In this stage, each application can be considered for its appropriate migration type. A “lift and shift” migration will move the application off-site as is, however some type of cloud customization may be completed before it is migrated. Connectivity also needs to be considered at this stage. This includes the bandwidth required for the business and its customers to connect with the cloud applications. Many times, an additional private and secure connection is required for access by IT managers or software developers through a VPN that will be restricted and have very limited access. IP addresses may need to be changed to a supplier issued IP block to accommodate the migration. This can create temporary Domain Name System (DNS) issues that require preparation. Finally, data backups and disaster recovery (DR) need to be considered. Many believe migrating to the cloud inherently assures backup and disaster recovery and it does not! Both backups and DR objectives need to be uncovered and planned out carefully.         

Execution and day 2 cloud.

Now that the best cloud provider and the application migration timeline have been determined, the project is ready for the execution phase. The migration team should have performed tests on the applications as a proof of concept (POC) to assure everything will work as planned. After the tests are complete, the data will then be migrated to the provider via an internet connection or a physical disk delivered to the provider. The business’s IT infrastructure has now been moved to the cloud, but the work is not over. The business’s IT infrastructure is in a place called cloud day 2.      

The two services that deliver and assure success in your cloud going forward are monitoring and support. These can be handled internally, or they can be provided by the cloud supplier or another third party. When purchasing the professional services from the cloud provider, it is important to understand their helpdesk operations and have expectations for response times.  Make sure you discuss service level agreements (SLAs) for response both during business hours and after. The service provider should be monitoring the health or “state” of all VMs and network edge devices; security falls under these ongoing services. Many security-minded organizations prefer a more security focused third-party provider than the cloud provider itself. It is critical to understand the data backup services that have been included with your cloud instances. Don’t assume there is an off-site backup included in the cloud service, many data center providers have additional charges for off-site backup. DR goes well beyond backups and creates data replication with aggressive SLAs to restore service during an outage. An often-overlooked part of DR strategy is the “fallback” to your primary service location once the primary site has been restored to service.

A migration of IT infrastructure is a complicated process that needs to be performed by a team of experts. Just as important, the team needs to be managed by a seasoned project manager that has your business interests as primary. This is accomplished when the project manager is not a part of the cloud provider’s team. Having the right manager and team can assure your business can migrate to the cloud without a disruption to your business. Two Ears One Mouth IT Consulting can be the partner that guarantees a successful cloud migration.

If you would like to talk more about cloud migration strategies contact us at:

Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

Security and Cloud

Security in the Cloud

by Jim Conwell, posted in Business Practices, Cloud Computing, data center, IT Security, protecting cloud resources

When cloud computing first gained acceptance and began to gain momentum in business IT security became a headwind holding it back from even greater acceptance. After all, the IT manager may have thought moving his/her data from the premises to an off-site location is sure to be risky. Similarly, they wondered how their data could be secure when they don’t own and manage the hardware it resides on or even know where it is. While these arguments seem logical, logic does not equal security. How the data is protected is far more important than where it is geographically speaking regarding security. Many times, the data center or cloud provider is better at laying the foundation for IT security than the IT leader of a business, but it is best when there is a team effort between the two.

Beginning with Compliance

Many businesses today are faced with the challenge of regulatory compliance in their IT services. Compliance is a complicated and tedious process that includes not only IT operations but virtually all aspects of the business. A regulated business needs to consider processes that affect the datacenter as well as other departments such as employee and visitor access to data, audits and reporting, and disaster recovery. These are functions that data center providers consider as a primary part of their business. These practices are defined by certifications, with today’s most common certification being Service Organization Controls or SOC. Today you will find most data center using SOC 2. SOC 2 is a set of standards the data center complies with and reports on to satisfy their customer requirements. The audits of SOC 2   will authenticate the data center is doing what it says it does regarding monitoring, alerts and physical security. When a business moves or migrates their IT infrastructure to a SOC 2 compliant datacenter they are assured to have met their compliance goals without managing the difficult process themselves.

Encryption, Cloud Securities Best Practice

Many of the most valued processes of IT security in whole hold true for a cloud and data center environment. No single exercise is as important as encrypting the vital data of the business. Encryption is one of the most effective data protection tools because it converts the data into a secret code that renders it useless without a key. The encryption software produces a key that must be used to unlock and read the data. Data can be encrypted at rest, as when it resides in storage in the datacenter or in transit between the datacenter and the data users. Data encryption in transit is typically created by an appliance that creates a Virtual Private Network (VPN). Encryption is a vital technology to secure data wherever the data resides, encrypting the data in transit is an additional layer of security that helps keep data secure as it moves on and off site.

The Future of Security in the Cloud

It is difficult to predict future trends across industries, but this exercise proves to be especially difficult in technology. To consider how security in the cloud will be handled in the future it is important to understand how the cloud itself with be evolving. In cloud technology, containers are the technology that is gaining acceptance and market share at the current time. Containers are similar to the virtual machines (VMs) of today’s infrastructure but are more independent and create an environment for the use of microservices. Microservices is a concept that a single application for a business should consist of many smaller services instead of one monolithic application. This allows for greater overall uptime as the entire application doesn’t need to be taken down due to a single service requiring maintenance or an update. The same benefit can be realized for security. However, microservices can create a very complicated “mesh” of services that will complicate all aspects of the infrastructure including security. To alleviate these complications for security there have been opensource software packages developed. One helpful opensource software package is Istio. Istio is an opensource package that allows the infrastructure manager to secure, connect and monitor microservices. Itsio can be implemented in a “side-car” deployment where it will secure services from outside the service or container. Today we often think of security services, such as anti-malware as another application running within the server or VM it is protecting. Software like Itsio makes security more of an integral part of the application as opposed to something added to a completed solution. Opensource services like Itsio are making complicated systems easier to manage. Containers and microservices are the strongest evolving trends for the cloud, so one should look to them for the future of security in the cloud.

With each change in technology, the landscape seems to get more complicated. Security can add to the complication; however, it can be simplified if it can be considered prior to the service being developed as opposed to after. The cloud computing industry is taking the lead in corporate IT infrastructure as well as the dual role of creating new ways to approach securing a business’s data.

If you would like to talk more about security in cloud strategies contact us at:

Jim Conwell (513) 227-4131      jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…