Enterprise IT Watch Blog

October 19, 2010  8:18 AM

Chief Software Architect Ray Ozzie leaves Microsoft: Is Azure another victim of Clippy?

Michael Morisy Michael Morisy Profile: Michael Morisy

Microsoft CEO Steve Ballmer announced Ray Ozzie, Microsoft’s Chief Software Architect, would be leaving the company, making him the latest in a line of visionaries to leave the Redmond campus. What is startling to so many isn’t that Ozzie’s going – his daring, cloud-first strategies runs counter to every prevailing stereotype about Microsoft – but that it seems Microsoft’s still betting big on its legacy business, which many have assumed would begin to whither sooner rather than later.

In other words, Microsoft is still placing many of its bets on the traditional Windows/Office powerhouse rather than on the Ozzie-led cloud Azure architecture, which has, as the New York Times’ Ashlee Vance points out, run into stumbling block after stumbling block:

Microsoft’s cloud story has been mixed under Mr. Ozzie’s leadership. The company has a number of huge services like Hotmail and Xbox Live and online versions of its corporate e-mail and collaboration software. But it took Microsoft years to build the Azure platform that stands as its highest profile cloud play, allowing companies like Amazon.com and Salesforce.com to strengthen their positions in the market.

But can you really blame Ozzie? Barbara Darrow saw the writing on the wall months ago, when she outlined coming fractures between Ozzie and the teams he was, in theory, supposed to lead but which he had little to no direct control over:

You’ve got to wonder how Ray Ozzie, the chief strategist brought in to forge Microsoft’s cloud thinking, can prosper in this environment where a half dozen company presidents report into the CEO, Steve Ballmer, but not to him.

And you’ve got to wonder if long-simmering rumors of discord between Ozzie and Sinofsky, mean trouble for Azure ahead. After all, if a mere tablet threatened Office, think what true cloud computing means to Microsoft’s ginormous on-premises operating systems and apps business.

So what’s Microsoft’s cloud strategy now? Do they even need one to make you, as a Microsoft corporate customer, happy? Let me know in the comments or directly via e-mail, listed below.

Michael Morisy is the editorial director for ITKnowledgeExchange. He can be followed on Twitter or you can reach him at Michael@ITKnowledgeExchange.com.

October 18, 2010  7:53 AM

Will I see you at Interop New York 2010?

Melanie Yarbrough Profile: MelanieYarbrough

I just filled out my profile over at MyInterop and set up my tentative Interop schedule. Here are some of the sessions I’m excited about:

Wednesday, October 20th

Democratization of IT (Time permitting)

If I get into New York in time, I’d love attend Founder of Bitcurrent Alistair Croll’s talk on how cloud computing is changing the face of IT.

Measuring Cloud Performance

One of our favorite cloud computing tweeters, Randy Bias, is a panelist (alongside David Link, Jason Read, Russell Rothstein and Alex Polvi) on Measuring Cloud Performance. Hopefully they’ll dig into specific guidelines for enterprises moving into the cloud.

Is Cloud Security Risk Overstated?

Moderated by CEO of CyberRiskPartners, Drew Bartkiewicz, this panel discussion explores the other side of the cloud security debate. Does migrating to the cloud present any bigger threats than those posed from the inside of the enterprise?

Deploying Your First Amazon Application

CTO of Syntenic, Daniel Koffler will give us a walk-through of deploying first-time apps atop Amazon Web Services.

Thursday, October 21st

Building a Private Cloud in Today’s Data Center with Today’s Infrastructure

Ryan Shopp from CA Technologies is going to debunk the myths about heavy lifting involved in deploying the private cloud. From best practices, the private cloud’s benefits to fashioning one with new processes and automation, Shopp has a full agenda.

Using Clouds to Modernize the Enterprise

CSO at GCE, David Lucas, plans to share GCE’s government agency-wide overhaul of the Department of Labor’s financial system earlier this year and the resulting best-practices for the transition to, adoption and implementation of cloud-based systems that can utilized across the enterprise.

Connecting Private and Public Clouds

David Warm, CTO of Financial Services at Platform Computing, will bridge the gap between private and public clouds so the enterprise can improve elasticity, disaster recovery and cost efficiency.

What are some sessions you’re planning on attending? Any recommendations for can’t-miss panels?

Can’t Attend?

Let us know what you want to see from Interop New York, and we’ll go in your stead!

Let’s Meet Up!

If you’re planning on attending, send me an email at Melanie@ITKnowledgeExchange.com to meet up and have a chat. Follow my tweets @ITKE for videos, photos and opportunities to meet up and get some great ITKnowledgeExchange schwag.

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

October 13, 2010  9:53 AM

Bird-watching in the Cloud: SaaS & Cloud Twitter Pros

Melanie Yarbrough Profile: MelanieYarbrough

The cloud is shrouded in enough mystery, here are some pros and experts to help you navigate through the fog. Have some of your own to share? Send them over, and I’ll add them to our list!

@eekygeeky: A fellow TechTarget-er, Carl Brooks is a powerhouse of knowledge over at SearchCloudComputing.com.

@jamesurquhart: He authors the blog The Wisdom of Clouds over at CNET, and he’s always down for an enlightening conversation on the cloud. Check out his feed to eavesdrop on some great conversations between him and his followers.

@Beaker: Christopher Hoff is the Director of Cloud & Virtualization Solutions of the Security Technology Business Unit (take a breath) at Cisco, but this feed is his own personal soundstage. He also writes a great blog over at Rational Survivability.

@Clouderati: From one of Clouderati’s recent tweets: “FYI clouderati is not a never ending list of anyone who’s ever tweeted about cloud.” Get an up-to-date picture of who’s active in the cloud, where you can get answers, solutions and insight.

@cloudpundit: Lydia Leong is a Gartner analyst on Internet infrastructure. Contact her through Twitter, you never know what you’ll learn in 140 characters!

@randybias: CEO of Cloudscaling, Randy is all over the latest in cloud and SaaS in an engaging and conversational way.

@wattersjames: He’s a “passionate cloud practitioner” and writer. He’s in the Bay Area, so check him out for local cloud meetups.

@kloudlabs: Described as “an online resource and educational lab…an initiative to spread awareness about cloud computing and SaaS world,” KloudLabs is all cloud all the time.

@jhodge88: He’s an IBM Cloud Network Manager, and he’s got your updates on what IBM’s doing in the cloud.

@cloudysaas: It’s like having your own personal cloud and SaaS newsfeed.

@workinthecloud: A great compilation feed for quick news bits involving the cloud and SaaS.

@_StuartLynn: He works for Sage UK, but this is his personal feed on the cloud and SaaS.

When in doubt, make (Twitter) lists.

Discover more cloud front-runners by finding out who the pros are listening to(after the jump): Continued »

October 13, 2010  9:37 AM

Should you also prepare for customer no-service with cloud computing?

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

It’s been exactly a year since I went on a rant about my experience with cloud computing and customer no-service. Here was a follow-up story I wrote as well: Email business continuity – this is funny…and ironic

So I was thinking about how things have changed since then. Well, I can say that I haven’t had any big issues with cloud providers and customer no-service lately. I am just a one-man shop so my setup isn’t all that complicated.

In the end, for me and my email continuity woes, things turned out OK. I moved on to Google’s Postini. Ironically, after a few months, THEY started dropping random emails of mine – for no apparent reason. I used my power of choice in the free market and have since moved on to a managed Barracuda solution and it’s working great. My fingers are crossed! Wish me luck.

My point is: imagine the trouble something like this would cause in a larger corporation, non-profit, or government agency. Folks, think long and hard about this kind of stuff (the rest of the story) before jumping on the cloud computing bandwagon. Once things are out of your control in the cloud, it’s a different story altogether.

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.

October 13, 2010  8:23 AM

A flaw in the cloud is still a flaw: How do your SaaS apps stand up?

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

Call me a cynic, but I’m still skeptical when it comes to these SaaS “solutions” that are nothing more than a traditional Web application with a pretty front-end. You see, with traditional systems come traditional vulnerabilities – namely Web application vulnerabilities like cross-site scripting, SQL injection, cross-site request forgery and so on. These can be big, big problems that create risks for your business. You can’t overlook them and assume that all’s well just because your cloud provider says so.

The question is: How do you know that your cloud providers’ applications are truly secure? All it takes is some input validation weaknesses, some poor login mechanism controls, or a missing patch such as the Microsoft ASP.NET padding oracle exploit. I’ve seen all three in Web applications I’ve been testing this week. So, how do your vendors’ applications stand up? You’ll never know unless you ask. Even then, you’ll likely hear, “Our applications run in a state-of-the-art SAS 70 Type II-certified data center.” Big deal. (More on that in a different post.) I’m talking about true in-depth vulnerability scanning and manual analysis – both are required on a consistent and periodic basis, period.

Security is one of the ongoing concerns surrounding the cloud and SaaS. Read up on the things you need to consider when considering SaaS in the cloud:

Find unexpected vulnerabilities to ensure cloud compliance

Cloud computing and application security: Issues and risks

What you should know about cloud backup security

Data security concerns with online backup

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.

October 11, 2010  8:21 AM

Cloudy about cloud terminology? We can help.

Melanie Yarbrough Profile: MelanieYarbrough

According to a 2009 study done by IBM of over 1,000 IT decision makers regarding perceptions of cloud computing, there is a significant inconsistency of terms associated with both internal and external clouds. How do we expect to have productive conversation if we’re all speaking different languages? Let us help. Continued »

October 7, 2010  8:52 AM

The S/M/L of Software-as-a-Service Adoption: Which companies embrace the cloud?

Michael Morisy Michael Morisy Profile: Michael Morisy

Enterprise software-as-a-service seems to be garnering much of the press these days, but which companies are actually ditching the traditional out-of-the-box for, shall we say, out of the box thinking? Like with almost all things cloud, the numbers get fuzzy very quickly, but I like the sound of two recent reports.

The duo of interesting surveys have shed some light on the question of actual Software-as-a-Service adoption in various-sized companies, as NASDAQ News’ Steve Monfort reports:

Techaisle, an IT market research firm, reports that companies begin to use cloud computing services when they expand beyond 20 employees. As companies grow to 250-plus employees, they become more likely to move IT operations in-house – and if they continue to grow past 500 workers, they turn once again to the cloud. 

Monfort also notes a Novell study that indicated 77% of 2,500-person companies are using “some form of cloud computing today,” mostly to complement rather than replace existing IT infrastructure. Both studies jibe with what I’ve seen anecdotally: The smallest companies are often relying as much as they can on SaaS, whether it’s free products like Google Docs or low-cost SaaS options like Quick Books Online. And the big companies almost cannot avoid it, with the sales force demanding, well, Salesforce.

It’s the medium-sized companies, however, that are being the most cautious: They’re too big with too-specific needs for the “trimmed down” offerings available to the low-end, but not able to afford enough customization and cloud redundancy on the high-end to make it worth their while.

As mentioned, the data itself can be a bit cloudy. See a recent CompTIA study which found mid-sized businesses being the largest “cloud” adopters. Sure, cloud can cover a lot of things beyond SaaS, but perhaps the most important lesson from all this is that the right cloud strategy isn’t what your peers are doing, it’s what’s right for your company.

Michael Morisy is the editorial director for ITKnowledgeExchange. He can be followed on Twitter or you can reach him at Michael@ITKnowledgeExchange.com.

October 4, 2010  6:00 AM

James Urquhart helps us find the Cloud’s silver lining

Melanie Yarbrough Profile: MelanieYarbrough

The perennial search for innovation serves as the greatest threat to traditional IT: Has the cloud – with its nebulous definition (pun not intended but appreciated) – simply become the face to blame?

James Urquhart, Market Strategist for Cloud Computing and Data Center Virtualization at Cisco, was recently traveling in Australia. What struck him the most, he said, was how they were equating cloud computing with outsourcing. “They’re not the same thing,” he assured me. “Though they do have a loose relationship with one another. They have the same concerns: service levels, security, liability, legal concerns and all that. They’re still there.”

So, what can cloud computing offer the enterprise? Continued »

October 1, 2010  6:21 AM

Trust No One: Info Security’s Biggest Weakness

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

I came across an intriguing article in a 2009 issue of Fortune magazine about how businesswoman Dina Wein Reis duped high-profile executives, ultimately costing their corporations millions of dollars. In the final paragraph the author states:

Don deKieffer, the lawyer who pursued Wein Reis for years, says that companies will always be susceptible to such schemes as long as executives are so trusting. “In almost every case you had people inside the company not paying attention to the good of the entire enterprise,” says deKieffer. “There are bad people out there — wolves who will eat you unless you pay attention.”

If this doesn’t summarize the very essence of the problem we have with information security today, I don’t know what does. It’s really nothing new. Just look at the infamous hackers from our time – many of them preyed upon this very weakness. Very enlightening insight into the executive psyche. I’ve always believed that as long as people are involved with IT, we’ll always have information security problems.

For further reading, check out these pieces I’ve written on the subject of people and information security.

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.

September 30, 2010  3:12 PM

Loosen the reigns: Telecommuting in 2010

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

I’ve been commuting into downtown Atlanta a good bit recently and I’m about done…not with my projects but with the traffic, and even more so, the nasty air. It seems I can’t catch a break from the diesel trucks sputtering their filth, smokers with their cigarettes hanging out their windows, and old junker cars burning oil (I guess a lot of people missed “cash for clunkers”). Having a family member who suffered from lung cancer, I’m extra sensitive to this stuff.

All the traffic and filth in the air reminded me of telecommuting. Where the heck are all the telecommuters? It seems like everyone who has a job is driving into work. Why!!?? It’s 2010, for crying out loud!

I think it’s crazy not to let people work from home as long as the security issues that come along with it (i.e. unsecured home computers, unsecured wireless network usage, weak passwords, and unencrypted laptops/mobile devices) are addressed. Telecommuting helps morale. It helps productivity. You can’t tell me no one is goofing off at the office anyway. I see people doing that all the time. Furthermore, research has shown that when you’re interrupted it takes 20 minutes to get back into the groove of what you were doing. Interruptions occur in the workplace about every 20 minutes; does that mean no one is really getting anything done?

I’ve been ranting about telecommuting for a while, and unfortunately there’s a huge double standard. It’s okay for management to do it but not for regular employees. I have a good friend who has been subjected to this at multiple companies. Does management not trust its employees enough to let them work from home at least a few days a week? Why? If you ask me, this is an HR problem – managers not hiring the right people – more than anything else.

It’s time to step into the 21st century and use some of these technologies we’ve paid so much to put in place. Make telecommuting work for your business and be done with it. It’s not only a matter of thinking things through to do it right – it’s also a matter of choice.

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: