Cloud computing | Bach Seat

Tag Archive for Cloud computing

RB | April 16, 2013

Comments Off

Dropbox Adds AD for SSO

When people talk about the consumerization of IT, Dropbox is invariably part of the discussion. Dropbox, like Box, Google Drive, Microsoft SkyDrive, and others is a cloud-based storage system that enables users to sync and share files. This can and often is done without IT intervention, potentially putting sensitive data at risk or organizations out of compliance according to Debra Donston-Miller at InformationWeek.

Hoping to land some street cred with corporate IT, the consumer cloud file storage leader Dropbox, rolled out Dropbox for Teams, with security tweaks designed to give companies more control over what their users do with Dropbox, (which I covered here).

Now Dropbox has announced a rebranding, from “Dropbox for Teams” service to “Dropbox for Business” with an eye toward business and its IPO. So it is taking notice of existing enterprise authentication infrastructure to grow its customer base into authorized corporate use.

The InfofWeek article says Dropbox will now add single sign-on (SSO) capabilities to its Active Directory integration and is working with several partners to ease that integration. “Active Directory is really core to IT architectures, security and compliance strategies,” Kevin Egan, Dropbox VP of sales, told InformationWeek. “It lies at the heart of security, so we’re going to make it a lot easier for customers to plug into their existing Active Directory infrastructures, and leverage things like secure sign-on.”

Thomas “Tido” Carreiro, growth engineering lead for Dropbox, explained in an interview that the integration with Microsoft’s Active Directory will let companies use the work they have already done in setting security and authentication policy. This helps end-users and admins alike, he said. “It’s good for the end-user not to have another password to remember — they can just use what they’re familiar with”

Mr. Carriero also claims the new Dropbox for Business will be good for IT Pros. “Admins can set up security policies depending on the nature of the data being stored, and they can do things like set password requirements, reset passwords as often as they’d like, set up two-factor authentication, set up other kinds of authentication — whatever they have decided on for their business.”

According to Dropbox’s Egan and Carriero, the firm will provide SSO out of the box. Dropbox SSO uses the industry-standard Security Assertion Markup Language (SAML), so it will also integrate with any large identity provider companies are using or with companies’ own SAML-based federated authentication systems. DropBox SSO partners include Ping Identity, Okta, OneLogin, Centrify, and Symplified.

The author notes that Dropbox has some pretty stiff competition in the cloud-based storage space, including no less than Google (GOOG) Drive, SugarSync, Apple’s (AAPL) iCloud, Box,net, and Microsoft’s (MSFT) SkyDrive. But the SSO integration with Active Directory is an important step forward in making Dropbox a corporate tool, and not just a tool for consumers.

rb-

The producers of these consumer-targeted technologies need to recognize that for deals in tens of thousands of seats, firms like Dropbox, Box, and Evernote need to offer those of us charged with protecting the firm’s assets assurances about security, privacy, and integration with Microsoft Active Directory.

Despite that, Box Enterprise GM Whitney Bouck also told CITEworld, “The premise of Box is to make it super-easy to share, communicate, and collaborate … At its most open, there should be as few controls as possible.”

And then there are the security breaches. In 2011, Dropbox accidentally pushed a code update that introduced a bug into the company’s authentication mechanism, allowing third parties to log in to user accounts and access files. Last year, hacks at other Web sites allowed attackers to penetrate accounts used by Dropbox employees, including a document from which they may have been able to harvest email addresses. In August, those email addresses were apparently used to send Dropbox users spam.

Get 7GB of Free Cloud Storage from Microsoft (savings.com)

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2013, Centrify, Cloud computing, Consumerization, Dropbox, GOOG, Google, Microsoft, MSFT, Okta, OneLogin, Ping Identity, SAML, Security Assertion Markup Language, Single sign-on, Symplified

RB | March 26, 2013

Comments Off

Chinas Internet Giants are Massive

Derrick Harris, writer for GigaOM recently gave us a peek inside China’s Internet giants and their massive scale. The author describes China’s big four internet companies as huge, but not technological innovators like their American counterparts – yet.

China’s Internet market

The Chinese Internet market is very, very big despite the Great Firewall that cuts Chinese citizens off from many popular U.S. web services. The article states there are more Chinese netizens than all the citizens of the United States and European Union combined. And they use social media and e-commerce just like the rest of us. The author gives some examples of the scale of the companies providing social media, e-commerce, and information-discovery needs to China’s 1.3 billion people.

Alibaba Group

Taobao, the eBay-like e-commerce line of business from Chinese internet giant Alibaba Group, does a lot of business. On a single day — Nov. 11, 2011 — the company did a whopping 19 billion yuan (about $3.05 billion) in sales. According to Alibaba Group CTO and Alibaba Cloud Computing President Wang Jian, the company site surpassed the 1 trillion yuan (about $160 billion) mark for 2012 revenue at the end of November. Alipay, the company’s version of PayPal, handles about 3 billion yuan (about $480 million) in transactions every day.

By comparison, eBay (EBAY) posted $3.4 billion in revenue for the entire third quarter this year. Amazon (AMZN), with which Taobao also competes (although Alibaba also has a business-to-consumer division called Tmall), closed its third quarter with $13.8 billion in revenue. Of course, Taobao and Alipay are just two of Alibaba’s expansive portfolio of services, which includes a troubled partnership with Yahoo (YHOO).

That type of business means Alibaba needs a lot of servers. In a single year not too long ago, Jian told the author, the company bought more servers than it had in the previous five years combined. If you charted Alibaba’s server count now versus five years ago, he added, the previous number would look like zero. How big is its database? Enough to store data for more than 800 million items for sale.

Baidu

The Chinese search giant is ranked fifth in the Alexa internet rankings, which is evidence of its popularity. All those users, I’m told, result in an annual server growth about equal to the previous three years combined. It is reported that Baidu (BIDU) is planning possibly the world’s largest data center — spanning 120,000 square meters, costing $1.6 billion, housing 100,000 servers (totaling 700,000 CPUs and 3 million cores), and storing 4,000 petabytes of data.

Tencent

Sometimes compared with Facebook (FB), Tencent (TCEHY) boasted more than 717 million users for its popular QQ messaging service as of September 2011. That number has surely grown. The company says its highest-ever number of concurrent users was more than 176 million, although there are often tens of millions (if not more than 100 million people) using it at any given time. An individual with some knowledge of the company’s infrastructure told me Tencent adds about 100,000 servers per year.

Weibo

The Twitter-like platform from internet new-school internet company Sina had more than 400 million users as of April 2012. That’s about twice the number Twitter claims. And the Chinese use Weibo a lot, for everything from micro-blogging to self-publishing. It might actually be a more important tool in China than Twitter is in the United States, sources told the author, because while the government can censor official news outlets, it can’t possibly control the stream of information coming off Weibo. And that will mean even more growth.

Mr. Harris concludes that, despite their sheer scale, Chinese internet companies are, by most accounts, less technologically inclined than their American counterparts. The biggest reason, the author says is that these companies tend to view themselves as traditional businesses and not technology companies. Another factor mentioned is that employees often strive to work up the management ladder not remain career engineers. This inevitably affects R&D budgets, makes companies less willing to take risks, and reduces the pool of employees that really, deeply understand complex systems.

The blog cites the server situation within China’s big four internet companies. Alibaba’s Jian told the author that although his company is running all white boxes in its data centers now, it had a lot of legacy IBM (IBM) gear in its data centers five years ago. The same thing is reported about Baidu. Tencent, had 10,000 webscale servers fail in six months last year and is considering a move back to traditional boxes.

Open Compute Project

The article speculates that these companies are coming around on innovation beyond just buying more efficient gear. Tencent, Baidu, and Alibaba, for example, are all members of the Facebook-led Open Compute Project for designing webscale hardware. Tencent and Baidu actually created their own rack-design specification, called Project Scorpio, which is being merged into Open Compute’s Open Rack design in 2013. They still don’t build their own servers like Google and Facebook do, preferring instead to push their custom specs on server makers, but many innovative American companies, including eBay, do the same thing.

Facebook VP Frank Frankovsky told PCWorld, “We compete with those guys, but on the infrastructure side, if we can make our infrastructure more efficient, it makes everyone that much better. Where we differentiate our business is in the service we provide to our end users.”

That differentiation comes in large part from an incredible investment in research and technology. If they want to be considered thought leaders in their field — and if they want to expand significantly into cloud computing (as Alibaba and Sina clearly want to do) — China’s internet companies will have to start matching their immense scale with demonstrated technology.

China’s M-Commerce Shopping Spree to Hit $27.1 Billion in 2014, Surpassing US Mobile Shoppers (Infographic) (techinasia.com)

Category: Uncategorized | Tags: 2013, Alibaba, Amazon, AMZN, Baidu, China, Cloud computing, EBay, Sina Weibo, Taobao, Tencent, Tmall, Yahoo

RB | December 4, 2012

One comment

Is Cloud-Based Anti-Virus Ready?

Cloud computing technology is one of the most disruptive technologies in recent history. Xath Cruz at CloudTimes argues in a recent article that cloud computing is also disrupting security software such as anti-virus and he asks how effective are cloud-based anti-viruses?

The article, How Effective are Cloud-Based Anti-Viruses? claims the demand for cloud-based anti-virus software has gone up steadily as more cloud-dependent computing devices have invaded the market. Cloud-dependent computing devices like iPads, Nooks, iPhones, and Galaxy’s are as susceptible to malware as their big desktop brethren.

In order to fight the malware threats to cloud-dependent computing devices, cloud-based anti-virus has evolved. Cloud based anti-virus works differently than popular cloud-based document editors like Google Docs, where you only need a web browser and internet access. The blog post explains that cloud-based anti-virus software can’t function if it’s only in the cloud, since your PC won’t easily give the right kind of administrative access needed by antivirus software to programs hosted remotely, as that would leave your PC at risk of being intruded upon by other programs.

In order to protect a PC, tablet, or smartphone, a cloud-based anti-virus software requires a small native app to run on the device. When downloaded, the app acts as the anti-virus, with its database and heuristics data being hosted on the cloud. There is also cloud-based anti-virus software that use web browser extensions or Active X and Java to gain proper access to your PC.

Like any technology, cloud-based antivirus software has specific pros and cons when compared to native anti-virus suites, Mr. Cruz lays out some of the pros and cons of cloud-based anti-virus:

Cloud advantages

1. No Installation Required – The first advantage of cloud-based anti-virus is that there’s no need to install them on your PC. Cloud-based anti-virus does not eat up hard disk space, with its storage and memory footprint being a fraction of what local anti-virus need. Additionally, you can get them up and running immediately, and there’s no likelihood of messing up the installation (which usually results in a non-working antivirus or corrupted file volume).

2. No Updating Necessary – With cloud-based anti-virus, there is no need to update data files, since it’s hosted on the cloud, and will automatically be patched or updated by the provider. This will offer the latest in protection when it becomes available.

3. Double Security Layer – With cloud-based anti-virus software, it is possible to run a locally installed anti-malware app and run another different cloud-based antivirus without worrying about conflicts or PC slowdown. Different anti-virus software are better able to catch or inoculate different viruses.

4. An advantage of cloud-based anti-virus software the author missed is collective or community intelligence. SearchSecurity reports that when a system identifies malware, it’s able to give feedback to the cloud anti-malware provider, thus providing a wider surface area for rapidly detecting 0-day attacks.

Cloud disadvantages

1. Won’t Run in the Background – Cloud-based anti-viruses are not effective against viruses that run on startup. Cloud-based anti-viruses are not TSR (terminate and stay resident) programs and only run on an as-needed basis.

2. Limited Scan – Cloud-based anti-viruses risk missing dormant viruses in unopened or archived files. Windows’ security protocols will prevent some cloud anti-viruses from scanning the computer. They will only be able to scan core windows files and what’s currently loaded in the memory.

3. It Requires an Internet Connection – Cloud-based anti-virus is useless without access to the Internet. This is a problem for portable device users who can’t be connected 24×7. Without an Internet connection viruses will be free to do whatever they want.

rb-

The author concludes for the best protection your PC can get, you need to use the services of both a locally installed anti-virus software and a cloud-based one.

The main concern I have about cloud-based anti-virus apps is downtime. Cloud providers like Microsoft, Amazon, and Amazon have had issues lately providing their services. Downtime at the upstream ISP on the LAN can also play havoc with cloud-based anti-malware apps.

Why You Should Rethink Your Endpoint Security Strategies Part I (webroot.com)

Category: Uncategorized | Tags: 2012, AAPL, Anti-Virus, Apple, Cloud computing, Docs, GOOG, Google, iPad, iPhone, Security

RB | June 7, 2012

Comments Off

‘Personal Cloud’ to Replace PC by 2014, Says Gartner

Mike Barton wrote on Wired’s Cloudline that there’s no doubting the cloud invasion. But the research firm Gartner (IT) believes the personal cloud will replace the PC as the center of our digital lives as soon as 2014.

Steve Kleynhans, research vice president at Gartner, said in a statement, “Major trends in client computing have shifted the market away from a focus on personal computers to a broader device perspective that includes smartphones, tablets, and other consumer devices.” He continues, “Emerging cloud services will become the glue that connects the web of devices that users choose to access during the different aspects of their daily life.”

In the article, Mr. Burton writes that Google plans a cloud-centered future with Google (GOOG) Play and Android mobile OS. But the personal computer will also not miss out on the cloud, as Microsoft (MSFT) and Apple (AAPL) are planning to weave the cloud into the next generation of their desktop operating systems, Windows 8, and OS X Mountain Lion.

But a cloud-happy future will not be as easy as that, because Gartner says, “it will require enterprises to fundamentally rethink how they deliver applications and services to users.” Gartner sees a number of factors are converging to make for a perfect personal cloud storm by 2014.

Megatrend No. 1: Consumerization— Gartner says what corporate IT has seen so far been a precursor to the major wave that is starting to take hold across all aspects of IT as several key factors come together:

Users are more technologically savvy
The internet and social media have empowered and emboldened users.
The rise of powerful, affordable mobile devices changes the equation for users.
Through the democratization of technology, users of all types and statuses within organizations can now have similar technology available to them.

Megatrend No. 2: Virtualization — Virtualization has improved flexibility and increased the options for how IT organizations can set up client environments.

Megatrend No. 3: “App-ification” — Apps change the way applications are designed, delivered, and consumed by users and it has a dramatic impact on all other aspects of the market.

Megatrend No. 4: The Ever-Available Self-Service Cloud – The cloud opens a whole new level of opportunity for self-servicing users. Every user can now have a scalable and nearly infinite set of resources available for whatever they need to do.

Megatrend No. 5: The Mobility Shift — Wherever and Whenever You Want Today, mobile devices combined with the cloud can fulfill most computing tasks, and any tradeoffs are outweighed in the minds of the user by the convenience and flexibility provided by the mobile devices.

Gartner’s Kleynhans said. “In this new world, the specifics of devices will become less important for the organization to worry about. Users will use a collection of devices, with the PC remaining one of many options, but no one device will be the primary hub. Rather, the personal cloud will take on that role. Access to the cloud and the content stored or shared in the cloud will be managed and secured, rather than solely focusing on the device itself.”

Wired says that former Microsoft chief software architect Ray Ozzie made the same point recently, “People argue about, ‘Are we in a post-PC world?’. Why are we arguing? Of course, we are in a post-PC world.” Ozzie reportedly told a conference, ”That doesn’t mean the PC dies; that just means that the scenarios that we use them in, we stop referring to them as PCs, we refer to them as other things.”

rb-

Goodie for Gartner, they get paid for codifying the obvious. Consumers are moving to the personal cloud. DVDs vs.Netflix streams. Files on your hard drives vs. some distant data center run by Dropbox. Photo albums vs. Flickr. Books vs. Kindles and Nooks.

Supermodels, Megatrends, and Ultra Big Paradigm Shifts to the Cloud

Category: Uncategorized | Tags: 2012, AAPL, Apple, Cloud computing, Gartner, GOOG, Google, IT, Microsoft, MSFT, PC, Ray Ozzie, Tablet computer

RB | May 8, 2012

Comments Off

Unknown Malware Rampant in Enterprise Networks

Unknown malware plague enterprise networks according to network security company Palo Alto Networks. Help Net Security reports that Palo Alto Networks found hundreds of unique, previously unknown malware samples on live networks. Palo Alto Networks conducted the research with their new WildFire malware analysis engine.

DarkReading says that the cloud-based WildFire analysis engine found that seven percent of all unknown files analyzed contained malware. WildFire is a new service recently announced by Palo Alto Networks that integrates in-line firewalling with automated cloud-based malware analysis. Over a three-month period of analyzing unknown files from the Internet entering enterprise networks,the firm discovered more than 700 unique malware samples, 57 percent of which had no coverage by any antivirus service or were unknown by Virus Total at the time of discovery. Out of all the new malware identified, 15 percent also generated malicious or unknown outbound command and control traffic.

The firewalls identify unknown and potentially malicious files by executing them in a virtual cloud-based environment to expose malicious behavior even if the malware has never been seen in the wild before. Wade Williamson, Senior Security Analyst at Palo Alto Networks says, “WildFire is taking sandbox technology out of the lab and applying it to a real product … customers can detect and protect themselves against malware using the hardware that they already have deployed today.”

For malicious files, Palo Alto Networks automatically generates new signatures for both the file itself and for any traffic generated by the malicious file. These signatures are then distributed with regular signature updates, as well as providing the user with actionable analysis of exactly how the malware behaves, who was targeted, and what application delivered the threat.

“I think we were all a bit surprised by the volume and frequency with which we were finding unknown malware in live networks,” the Senior Security Analyst said. “Unknown malware often represents the leading edge of an organized attack, so this data really underscores the importance of getting new anti-malware technologies out of the lab and into the hands of IT teams who are on the front lines. The ability to detect, remediate and investigate unknown malware needs to become a practical part of a threat prevention strategy in the same way that IPS and URL filtering are used today.”

Palo Alto Networks found that a variety of web applications distributed zero-day malware, in addition to the traditional HTTP web-browsing and email traffic commonly associated with malware distribution. WildFire was able to identify specific phishing campaigns based on their affinity for particular applications. One attacker used AOL Mail and another used the Hotfile file hosting service as the delivery vector.

“It’s important to note this because many enterprises only inspect email or FTP traffic for malware but do not have the ability to scan other applications. Applications that tunnel within HTTP or other protocols can carry malware that will be invisible to a traditional anti-malware solution,” said Williamson. “These are examples of the big reasons why a lot of malware gets missed – most enterprises only focus on scanning their corporate email application. To control this problem we need to expand our view to other applications, pull the traffic apart, and go a level deeper in to find out if there’s a file transfer happening.”

Taking the Leap to Cloud-Based Malware Inspection (circleid.com)
Debate Over Facebook Use At Work Gets New Compromise From Palo Alto Networks Firewall (allfacebook.com)

Category: Uncategorized | Tags: 2012, Cloud computing, Malware, Network security, Palo Alto Networks, Security, VirusTotal.com, WildFire

« Older Entries Recent Entries »

Bach Seat

Tag Archive for Cloud computing

Related articles

China’s Internet market

Open Compute Project

Related articles

Cloud advantages

Cloud disadvantages

Related articles

Related articles:

Related articles

Meta