datacenter cloud computing consulting – Two Ears One Mouth IT Consulting

Three Common Data Terms Defined

March 5, 2019June 10, 2019 by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, data center, IOT, IT Regulation, Software Development

Data is growing exponentially

image courtesy of itpro.co.uk

Today’s business leaders can be inundated with large data sets presented to them and challenged to determine the best tools to manage and analyze the data. To stay competitive, they need to use historical information to reveal patterns and trends for the future. Understanding and interpreting data have become a vital process for business although some may become intimidated by the amount of data available. Traditionally, data is owned by the IT department of the business. Today, other departments within a business such as human resources (HR), marketing or sales require this information and want it without the delay of IT intervention. This has created the need for non-IT business managers to be acquainted with technical terms and processes previously understood only by the IT department. The vernacular of IT and the speed it changes can be as overwhelming as the data itself. In this brief article, I will introduce three of the most common data terms and define each.

Big Data

Big data is one of several terms in the cloud computing category whose meaning has been diluted with its overuse. I define big data as data sets that are stored by a business for analysis to predict future patterns and trends. I believe the term big data was first introduced as the data businesses needed to manage became too large for its traditional data processing applications. This can be partially ascribed to the fact that in the last two years 90% of the current electronic data has been created. Data capacity and data transmission speed have changed more than any other single technology in IT. For instance, my first computer had a 30 MB hard drive, enough storage for about 20 of the 500 pictures on my smart phone today. It seems like each year we are forced to learn a new term for data capacity. Here are the terms we hear most often today as it relates to the size of data files:

**chart courtesy of techterms.com

In addition to the vast amounts of data businesses need to analyze there are other challenges to big data. First, the variety of forms the data can take such as text, images, and video can test a company’s systems. Additionally, today’s regulatory trends protecting data privacy complicate procedures and policies for the enterprise to store big data. Businesses today storing and analyzing the data must be familiar with the regulations and best practices to protect the identities of all users within the data. Big data has become a tool for creating critical insight for business, but if not managed well it can be more problematic than useful.

Metadata

The simplest definition of metadata is information about the data. Metadata is typically considered to be one of two forms, descriptive or structural. A common example of descriptive metadata is contained in the pictures we take with our smart phones. The picture has additional information attached (metadata) that will describe the time, location and even information about the camera that took the photo. An example more applicable to business users is a column heading of a spreadsheet, this metadata contains vital information needed in understanding the primary data in the spreadsheet. Information stored in a Word document describing who created the document and when it was created is another common example of metadata. These examples provide good insight as to some of the privacy concerns of stored data. It is not uncommon for personal identifiable information (PII) to be hidden in metadata in data files. If not properly secured it will create exposure to breaches and violations of IT regulations.

Structural metadata can be more complicated, it describes data objects or components of the files. Like a book has a table of contents, chapters and pages, structural metadata can guide managers through and help define the components of large data files. Structural metadata is often used in big data applications such as databases which can offer little value without systems to identify components of value to the different business units within an organization. These systems, most times based in a software package, are referred to as data modeling.

Data Modeling

Data modeling is defined as the process of creating a software framework for data information systems by applying formalized techniques. The data modeler will define and analyze the requirement for each unique business unit and initiate processes to allow them to get the most benefit from the data. Data modeling is typically a customized application. There are some off-the-shelf data modeling packages, but they tend to be of little use without customization by an expert.

As data grows so does the insight it offers the business for their future trends. It can also grow out of control if not managed properly, creating substantial risk for the business. As businesses collect and use the data they also need to engage experts to mitigate this risk. A trusted advisor and expert can offer best practices for storing, retrieving and analyzing big data. Two Ears One Mouth IT Consulting will meet with you, discover and understand your data needs and guide you to the right partner and processes to provide these services.

Contact @ Jim Conwell (513) 227-4131 jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

Cloud Security is a Shared Responsibility

December 26, 2018 by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing, data center, IT Regulation, IT Security

shared security model cloud security is shared[/caption]

When I first became familiar with enterprise cloud computing, one of the primary objections of cloud adoption was the security of the data within the applications. Today that has changed; as cloud has matured it is now seen as an option for IT infrastructure that can be designed to be more secure than on premises solutions. Through the process of designing a cloud infrastructure IT professionals have become aware of the increase security benefits cloud offers. Concurrently, IT data exposure and breaches have become more widespread and security has become a greater responsibility. These factors have led all cloud architects, whether with a cloud provider or working within an enterprise, to realize that cloud security is a shared responsibility. Cloud security is shared in two respects, first within the different groups of the enterprise and secondly, the responsibility of securing data is split between the enterprise and the cloud provider. For the purpose of this article we will focus on the sharing of security responsibilities between the enterprise and the provider. I will segregate three categories of cloud computing responsibility in order to simplify the roles and responsibilities: infrastructure, operating systems including applications and customer data.

Private Cloud

Most IT users today consider a virtualize stack of IT infrastructure on premises a private cloud. In this scenario, as existed before cloud computing, the enterprise is responsible for all aspects of security. In an on-premises private cloud infrastructure the enterprise needs to secure their data from all physical, technical or administrative threats. With large organizations the security responsibilities can be shared within groups of their IT departments which may include network, security, application and compliance.

Infrastructure as a Service.

The greatest security coordination concerns come from a public or hybrid cloud configuration such as infrastructure as a service (IaaS). With an IaaS environment the enterprise has agreed to have the provider manage the infrastructure component of the IT security. This enables the enterprise to outsource all security and regulatory concerns concerning the actual server hardware. They also realize benefits of physical security because their IT infrastructure is off premises and in a secured facility. Many times, regulation or even large customers, will mandate an audited data center standard such as SOC 2 for their IT infrastructure as a requirement of the business partnership. Creating an audited SOC 2 compliant data center on premises can be costly and time-consuming. The hosting of their IT infrastructure in an audited and physically secure data center is one of the greatest benefits of IaaS.

Beyond the physical infrastructure, the IaaS or cloud provider also assures the security of the software hypervisor that orchestrates the virtualized cloud operating systems and services. However, the enterprise is still responsible for the operating systems of the virtual servers and the security patches the software developer issues for them. Additionally, the enterprise is responsible for the security of all their own software applications and the data that resides on them. Some cloud providers will offer managed services to their clients that will include security functions. The provider may offer a managed firewall, monitoring and even malware protection for the virtual servers they host. These services add value as the provider is more familiar with security best practices in the IT infrastructure stack than the enterprise. Still there is always a shared responsibility for security with the enterprise always responsible for their own data.

Software as a Service (SaaS)

SaaS is the cloud technology the majority of businesses have the most experience with and understand the best. Common SaaS platforms like Microsoft Office 365, Google G Suite or CRM based software like salesforce.com have made SaaS commonplace. Virtually the whole IT stack is owned by the provider in a SaaS platform, however, the enterprise still does still have security responsibilities. The enterprise’s primary security responsibility is concerned with their own data. The business owns their data and needs to ensure it is free of malware and other external threats. They also need to protect the end points such as laptops and tablets that are used to access the SaaS data.

Additional Considerations

Other IT security responsibilities the enterprise needs to consider in any Cloud environment are connectivity, authentication and identification services as well as managing abandoned resources.

Connectivity to the cloud provider is most secure when a private circuit or connection can be implemented. If a private connection is not practical the enterprise needs to create a secure connection such as a virtual private network (VPN) and assure a secure connection is created over public internet.

Authentication and identification of network users is an integral part of any enterprise IT network. Additionally, it is equally important to integrate any authentication or directory service with the cloud solution. A solution like Microsoft Azure AD is considered by many as a best practice for this complicated process. It was described in some detail in a previous article Active Directory (AD) in the Cloud. Finally, a frequent cause for concern, especially with enterprises that employ large IT staffs, are abandoned resources. These are cloud instances that were created and have lost their relevance and have been forgotten. They can reside in a public cloud for years, with continued billing, and the customers’ data is open to the public since they were created in a time with less stringent security policies. Periodic billing review and the monitoring services security platforms offer can eliminate this waste.

Business cloud solutions offered to the enterprise come in many different configurations that vary as to the type of infrastructure, software and services offered. In all cloud environments security requires a shared responsibility as well as a layered approach coordinated between the cloud providers and the enterprise. A supplier agnostic advisor like Two Ears One Mouth IT Consulting can assist by helping a business find the right provider and security services for your business’s applications.

If your business is unique and requires a custom cloud security solution for IT Support

Contact Jim Conwell (513) 227-4131 jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

Disaster Recovery, Which Option is Right for Your Business?

December 12, 2018 by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, data center, disaster recovery

Active-Active performs the quickest recovery — An Active-Active Disaster Recovery Solution

In a recent article, I described how an outsource, or hosted provider can deliver Disaster Recovery (DR) as a Service. In this article, I would like to look at the advantages a business can achieve by creating their own Disaster Recovery and answer the question, which option is right for your business. First, a reminder that DR is not a backup of data but rather a replication of data to ensure its availability and business continuity. DR solutions that are created by using the business’s own IT infrastructure can be divided into two primary categories, active-active and active-passive. Since active-passive was covered in the previous blog, I will focus on active-active here. While both attempt to achieve the same goals, keeping the business IT systems up at all times, they are created and maintained differently. Because of the unique nature of DR solutions, it is generally accepted to engage an expert such as Two Ears One Mouth IT Consulting to determine the right DR solution for an organization. I will compare the two DR strategies through complexity, cost and the most common metrics for DR Recovery Time Objective (RTO) and Recovery Point Objective (RPO).

Active-Active Disaster Recovery

An active-active, or stretched clustering, configuration is the deployment of a second identical live infrastructure which continually replicates with the first site. This framework will typically consist of only two sites. Because of the simplicity of the concept and the speed and ease in which recovery can occur, it is usually the clients first choice. Ironically, after all the pertinent information is uncovered, is rarely selected by the small medium business seeking disaster recovery.

The two primary reasons it isn’t chosen for most businesses is its cost and the requirement for high bandwidth with low latency. Its high initial cost is due to the purchase of a duplicated set of hardware infrastructure for the primary site. In an active-active scenario, either site can handle the entire workload for the business. Every time a request is made in a software application at one site it must be written to the other site immediately before completing the request. An active-active solution requires a high level of connectivity, or bandwidth, between sites such as dedicated fiber optics. Even with dedicated (dark) fiber between sites data latency is still a consideration. Best practices dictate that the distance between active-active sites should be less than 100 miles. These two requirements eliminate many prospects from considering an active-active solution.

Advantages of Active-Active

Now I will describe the advantages of an active-active configuration and the businesses that can benefit from it. There are many benefits to this configuration as it is a remarkable process for business continuity. After realizing the upfront cost, many businesses need to determine if it’s a nice-to-have or need-to-have solution for their business. To follow are some of the benefits of an active-active DR solution.

1) No “big red” button to push-

One of the most difficult processes of any DR solution is knowing how and when to declare an IT outage a disaster and quickly executing the DR plan. Many solutions will require a detailed process and action plan that involves the entire IT team. An active-active configuration is much simpler to invoke the DR plan because it transfers all workloads to one of the continually running and replicated systems. In addition, it requires very little testing and can be engaged automatically with minimal human intervention.

2) Cross-site load balancing-

Although it can be simple to transition to DR mode an active-active DR configuration is very complex to design and create. Some of the factors that make it difficult to create are the very same that provide additional benefits beyond DR. On such benefit is “load balancing” of the data transmitted between sites and offsite. Since both sites are always actively processing data it can be designed so that any process being run can occur at the optimal site available at that time. This can eliminate challenges of slow data responses and maximize bandwidth availability for the business.

3) Less management means less cost-

The argument can be made that the active-active DR solution is the more cost effective for the long term. The time and technical resources to test, maintain and initiate an active-passive DR solution is much greater than the active-active. Additionally, in analyzing a DR solution, most don’t consider the operational task to “fallback” to normal mode after DR has been implemented; this can be more difficult than the original DR transition. Although expensive initially, the active-active solution has very little ongoing costs.

Active-Passive Disaster Recovery

An active-passive DR solution creates an environment that is not intended to be live for IT production until a disaster is declared by the business. The infrastructure is over subscribed for resources and dormant until needed. This creates large initial cost savings on hardware. Many times, a business will re-purpose their aged IT equipment and servers for their DR site to realize even greater financial benefit.

One of the most popular active-passive software platforms for disaster recovery today is Zerto. Zerto’s DR solution creates DR at the hypervisor level of the virtualized environment. This allows for a quick and complete transition to the DR resources when an outage occurs. Zerto works with the most popular hypervisors such as VMware or Microsoft’s Hyper V. An active-passive solution such as Zerto can create a more customized solution. A business may select only a small percentage of their application servers as critical to the business and enable DR solution for those applications only. An active-passive solution is more accommodating to multi-site or multi-cloud business DR. Active-passive solutions are also used to provide Disaster Recovery as a Service (DRaaS) from data center and cloud providers.

When a business looks to create DR solution for their business, they have three primary options, active-active, active-passive and DRaaS. It is not a quick or simple decision as to what works best for your business. You need a trusted advisor like Two Ears One Mouth IT Consulting to investigate your IT environment, understand your budget, to guide you down the path to assured business continuity.

If your business is unique and requires a custom DR solution for IT Support

Contact us @ Jim Conwell (513) 227-4131 jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

A Buyer’s Guide to Cloud

November 10, 2018 by Jim Conwell, posted in Business Practices, Cloud and IT Consultants, Cloud Computing, colocation, data center, disaster recovery, IT Regulation, IT Security, Latency, migration, protecting cloud resources, Uncategorized

Most businesses have discovered the value that cloud computing can bring to their IT operations. They may have discovered how it helps to meet their regulatory compliance priorities by being in a SOC 2 audited data center. Others may see a cost advantage as they are approaching a server refresh when costly hardware needs to be replaced. They recognize an advantage of placing this hardware as an operational expense as opposed to the large capital expense they need to make every three years. No matter the business driver, the typical business person isn’t sure where to start to find the right cloud provider. In this fast paced and ever-changing technology environment these IT managers may wonder, is there a buyer’s guide to Cloud?

Where Exactly is the Cloud?…and Where is My Data?

Except for the cloud hyperscalers, (Amazon AWS, Microsoft Azure, and Google) cloud providers create their product in a multi-tenant data center. A multi-tenant data center is a purpose-built facility designed specifically for the needs of the business IT infrastructure and accommodates many businesses. These facilities are highly secured and most times unknown to the public. Many offer additional colocation services that allow their customers to enter the center to manage their own servers. This is a primary difference with the hyperscalers, as they offer no possibility of customers seeing the sites where their data resides. The hyperscale customer doesn’t know where there data is except for a region of the country or availability zone. The hyperscaler’s customer must base their buying decision on trusting the security practices of the large technology companies Google, Amazon, and Microsoft. These are some of the same organizations that are currently under scrutiny from governments around the world for data privacy concerns. The buying decisions for cloud and data center for cloud seekers should start at the multi-tenant data center. Therefore, the first consideration in a buyer’s guide for the cloud will start with the primary characteristics to evaluate in the data center and are listed below.

Location– Location is a multi-faceted consideration in a datacenter. First, the datacenter needs to be close to a highly available power grid and possibly alternate power companies. Similarly, the telecommunications bandwidth needs to be abundant, diverse and redundant. Finally, the proximity of the data center to its data users is crucial because speed matters. The closer the users are to the data, the less data latency, which means happier cloud users.
Security– As is in all forms of IT today, security is paramount. It is important to review the data center’s security practices. This will include physical as well as technical security.
People behind the data– The support staff at the datacenter creating and servicing your cloud instances can be the key to success. They should have the proper technical skills, responsiveness and be available around the clock.

Is My Cloud Infrastructure Portable?

The key technology that has enabled cloud computing is virtualization. Virtualization creates an additional layer above the operating system called a hypervisor that allows for sharing hardware resources. This allows multiple virtual servers (VMs) to be created on a single hardware server. Businesses have used virtualization for years, VMware and Microsoft HyperV being the most popular choices. If you are familiar with and have some secondary or backup infrastructure on the same hypervisor as your cloud provider, you can create a portable environment. A solution where VMs can be moved or replicated with relative ease avoids vendor lock-in. One primary criticism of the hyperscalers is that it can be easy to move data in but much more difficult to migrate the data out. This lack of portability is reinforced by the proprietary nature of their systems. One of the technologies that the hyperscalers are beginning to use to become more portable is containers. Containers are similar to VMs however they don’t utilize guest operating systems for the virtual servers. This has had a limited affect on portability because containers are a leading-edge technology and have not met widespread acceptance.

What Kind of Commitment Do I Make?

The multi-tenant data center offering a virtualized cloud solution will include an implementation fee and require a commitment term with the contract. Their customized solution will require pre-implementation engineering time, so they will be looking to recoup those costs. Both fees are typically negotiable and a good example where an advisor like Two Ears One Mouth can assist you through this process and save you money.

The hyperscaler will not require either charge because they don’t provide custom solutions and are difficult to leave so the term commitment is not required. The hyperscaler will offer a discount with a contract term as an incentive for a term commitment; these offerings are called reserved instances. With a reserved instance, they will discount your monthly recurring charge (MRC) for a two or three-year commitment.

Finding the best cloud provider for your business is a time-consuming and difficult process. When considering a hyperscaler the business user will receive no support or guidance. Working directly with a multi-tenant data center is more service-oriented but can misuse the cloud buyer’s time. The cloud consumer can work with a single data center representative that states “we are the best” and trust them. Alternatively, they can interview multiple data center provider representatives and create the ambiguous “apples to apples” spreadsheet of prospective vendors. However, neither is effective.

At Two Ears One Mouth IT consulting we will listen to your needs first and then guide you through the process. With our expertise and market knowledge you will be comforted to know we have come to the right decision for you company’s specific requirements. We save our customers time and money and provide our services at little or no cost to them!

If you would like assistance in selecting a cloud provider for your business contact us at:

Jim Conwell (513) 227-4131 jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…

How to Select a Cloud or Data Center Provider

July 10, 2018 by Jim Conwell, posted in Cloud and IT Consultants, Cloud Computing

Two Ears One Mouth Business Concept and Purpose

Two Ears One Mouth IT Consulting (TEOM) began with the monumental decision Judge Green made divesting AT&T in 1984. That decision created the telecommunications and Information Technology (IT) industries of today. My personal mentor taught me an important sales consultation concept early in my career. When consulting and selling we must first listen to our customers intently, before we speak to offer solutions. Later in my career, I heard this same concept described in that we have two ears and one mouth, so we can listen more than we speak.

What does our product do?

I’ve always enjoyed working with technologies in the growth portion of their life cycle. Most recently my passion has been in information technology as it relates to cloud computing and data center. Cloud computing has become a mature and reliable product, even while experiencing continued solid growth. TEOM’s primary product focuses on protecting businesses IT infrastructure, and its two primary models, colocation and cloud. We assist organizations by analyzing their IT infrastructure and the applications they run to help decide the best path forward for the infrastructure that houses their data.

We answer questions such as:

· Should the business migrate from an on premise server-based infrastructure to the cloud?

· Should the business continue to own their infrastructure with a CapEx model and place it in a secure data center? (Colocation)

· How best can the goals of regulatory compliance and maximum uptime be accomplished?

· Can a hybrid model be created that allows the business to migrate to the desired solution over time?

TEOM will also assist businesses that have been through the technical exercise but are looking for a better price or level of service. TEOM has the experience, expertise, and partnerships to help our clients make the right decisions.

How is TEOM different from the others?

There is a growing number of multi-tenant data centers that offer their customers secure data center services, as well as their own flavor of cloud. These businesses typically implement a direct sales force to market their products and services. This model falls short in the depth of expertise and solutions that are offered to the client. Their focus and product offering are limited, they can’t compete with a consultant that represents multiple providers. They are forced to make their limited solutions fit their customers’ requirements.

TEOM utilizes an indirect consultation and sales process in which the products and services are brokered from a wide array of these providers. We take an unbiased approach and consider all partners to determine the best solution for our client.

During customer analysis we even consider the largest cloud providers, such as Amazon Web Services (AWS), which use a direct to the end-used or self-service model. We make sure to understand all the current technology options and utilize them in our client’s solution.

Who is the right client for TEOM?

Virtually any business can benefit from cloud services. However, for a business to derive a benefit from a TEOM consultation, a certain amount of infrastructure is required. Our typical customer will have at least 5 active servers. Our most common customer engagement is an organization with dozens of servers and a headcount of over 100.

Many times, our clients have an IT department, including a CIO who realizes the benefit of an outsourced solution for analyzing datacenter providers. In addition to saving critical time, it helps to have a fresh look analyzing the infrastructure with a level of expertise they can’t match internally. Using TEOM can also save time and tedious efforts of interviewing and pricing potential vendors. There is no maximum size of business for a TEOM consult considering we can look at parts or independent departments of the largest enterprise or government organization.

TEOM is the best choice for an expert, unbiased consultation for your organization’s cloud and datacenter needs. We have deep and unparalleled expertise, in large part due to our vast array of partners. We can eliminate many hours of research and vendor interviews with little or no cost to our clients. Our indirect consultation and sales strategy allows us to offer you the best choices from our full breadth of suppliers while charging little or nothing for our services.

If you would like to talk more about an IT infrastructure analysis contact TEOM:

Jim Conwell (513) 227-4131 jim.conwell@twoearsonemouth.net

www.twoearsonemouth.net

we listen first…