The recent discovery of the extensive Solar Winds hacking incident once again focused attention on the difficulty of securing enterprise data resources in the cloud. Thousands of customers had their networks breached by malware hidden in monitoring software. It appears that the cyberattack was perpetrated by a coordinated team of Russian hackers and the full extent of the intrusion will not be known for many months. Though this is one of the most egregious recent examples of a successful hack, it is certainly not the only one.

While the cloud has simplified some aspects of IT management such as capacity planning and storage, it has complicated the process of securing computing assets in two distinct ways. The shared nature of security in the cloud and the increased number of potential gaps or oversights make it difficult to protect enterprise information. Here are some suggestions that can help protect your company’s cloud environment.

Knowing Your Role in Cloud Security

A full understanding of how cloud security is shared and implemented is necessary for each provider and model an organization uses. Substantial differences in responsibility are associated with different cloud models. Some providers may perform a larger or smaller part in protecting your systems. 

An illustrative example can be seen in the way Microsoft defines the shared security responsibilities customers can expect when engaging them as their provider. Depending on if an organization is using an SaaS, PaaS, or IaaS solution, the responsibilities for certain aspects of security may shift from customer to provider. Some security elements are always the customer’s responsibility. 

Customers are always responsible for protecting accounts, identities, data resources, and devices. This includes traditional computing platforms as well as mobile devices. Conversely, Microsoft assumes responsibility for the physical hosts, networks, and data centers that it provides to its customers. 

Gray areas exist surrounding the security of applications, network controls, and operating systems. In SaaS solutions, security is performed by the provider, while it is the customer’s responsibility when the IaaS model is employed. When PaaS solutions are in play, both customer and provider share the task of providing security. This is where the majority of cloud security issues occur and where organizations need to have a full understanding of what they need to do to protect their cloud resources. 

Locking all the Doors

The cloud increases the number of attack vectors exponentially. The theoretical ability to access cloud resources from any mobile device results in an environment where each device needs to be secured from use by unauthorized actors. It’s convenient for the account team to access the sales database from their iPads, but can also be very dangerous. A lost or stolen device can compromise vast quantities of corporate data.

Another characteristic of cloud services is that access is required by the provider’s staff while performing administrative duties. This introduces an additional population of potentially malicious actors with the ability to mishandle data or engage in more harmful activities such as introducing malware to an environment. It is extremely hard to eliminate these risks. Robust monitoring can help identify anomalies that may indicate misuse of enterprise cloud resources.

Maintaining security should be the top priority of any organization that takes advantage of cloud computing resources. It’s a complicated task, but one that is essential to the safety of the enterprise data assets stored in the cloud. 

Migrating computing environments to the cloud offers organizations many benefits if done correctly. Companies can take advantage of the scalability and flexibility offered by cloud providers which can often lead to cost savings as resources are used more efficiently. For many small and mid-size enterprises, the cloud offers the only way to gain access to cutting-edge technology and high-performance computing solutions. Software as a service (SaaS) enables the introduction of new applications into the environment without the overhead of in-house support. 

While the benefits of the cloud are real, the process of moving business-critical systems to public providers can be complicated. A variety of problems can affect cloud migrations. Some mistakes are consistently seen in cloud migrations. Avoiding these mistakes gives your organization a better chance of a successful partnership with their cloud vendors and the ability to reap the advantages they can provide.

Lack of Strategic Planning

Inadequate planning is a major factor in unsuccessful and unsatisfactory cloud migrations. Even if the goal is to eliminate an on-premises data center, the move must be staged in a sensible manner driven by an inventory of the systems and applications under consideration for migration. In some cases, it may be better to replace legacy applications with cloud offerings rather than move them. The decision on what will be relocated should be made before developing a migration plan.

Systems should be prioritized with candidates chosen for the initial moves based on complexity, security concerns, and importance to the business. Best practices recommend identifying specific applications to lead the way and then thoroughly testing them to ensure that they perform up to expectations after being relocated. Moving too quickly can result in dissatisfaction with the migration process that could have been avoided with a more methodical approach. 

Misunderstanding Security and Compliance Responsibilities

Security and compliance with data privacy and other regulatory standards is a responsibility shared by customers and cloud providers. The cloud model under which the systems are running dictates who has the bulk of the responsibility for keeping them secure. SaaS solutions demand less customer involvement than platform or infrastructure as a service offerings. 

A failure to understand who is responsible for configuring and implementing security can lead to a breach of enterprise data or failed compliance audits. At that point, the customer will incur damage no matter who was at fault for the security flaw. Customers need to have complete knowledge of their roles and service level agreements that define security responsibilities.

Enabling Shadow IT

Shadow IT refers to any applications or infrastructure components that are used outside of the scope of organizational oversight. The cloud makes it easier for departments or individuals to subvert corporate policies and adopt SaaS offerings to facilitate their jobs. While this may appear to be a good use of cloud resources, shadow IT introduces security and compliance concerns that can result in data breaches or other major problems. Some organizations welcome the innovative nature of shadow IT while others reject it due to the security complications it presents. 

These three mistakes can have a tremendous impact on the success or failure of a cloud migration initiative. A viable plan and the full understanding of the security and compliance issues of cloud computing are essential ingredients of a successful migration. Don’t skimp on these essential aspects when considering a move to the cloud. 

Although there have been fears about issues such as reliability and security, companies are increasingly moving their applications and services to the cloud. This migration is going to change organizations in big ways. Despite the concept of cloud computing being there since 60’s it was not widely known by consumers until decades later. With the launch of Amazon Web Services (AWS) by Amazon in 2006 and other cloud solutions that followed, cloud computing became a household name. Microsoft, Google, and Apple among others are today some of the famous cloud service providers in the world. These companies offer different cloud experiences such as storage, computing space, and other services that are usually metered. They have consequently changed how businesses are conducted and lifestyles in general. Here are some ways in which cloud computing is making “as a service” a reality:

1. Infrastructure-as-a-service

Infrastructure-as-a-service (IaaS) is one of the most important components of the cloud. It is where cloud service providers supply their customers with compute space along with control, and new forms of storage. Most of what is provided are not available on-premise or are too expensive if one decides to invest in them. Although the services began with enterprises lacking knowledge on the IaaS paradigm that eventually lead to data breaches, it later made the security of assets in the cloud a shared responsibility that must be carried out by both the customer and the cloud service provider. Unlike the on-premise systems that you can surround with the firewalls at the edge, the cloud is different. The presence of a single vulnerability can be exploited across the internet leading to a large-scale data breach. An example of an attack on cloud service is the one on AWS carried out in 2019, taking advantage of Capital One. The cloud service providers and their customers must work hand-in-hand to adapt to the changes, ensure configurations are up to standards and ensure they are up to the task to the changing threats. 

2. Platform-as-a-Service (PaaS)

This is another service provided by the cloud whose security implications are still not well understood by the customers. Each of the services offered here ranges from storage to analytics stacks, each with its complexities. While these services can be of great use to your organization, the IT team must understand security best practices ranging from preventive to detective security measures. This starts from proper configuration to role-based access controls (RBAC). Since PaaS is still new, the challenge faced by the security professionals is the lack of pre-existing models that can be used to show how secure an embedded service in an application is without using a secure network. 

1. Software-as-a-service (SaaS)

This is perhaps the most broadly adopted cloud service by organizations. It allows organizations to add new applications within a short time without worrying about things such as software upgrades, support tasks, and backups among other things. Although useful, SaaS applications do not give adequate insight into network and security controls. Although customers have the authority on various things such as who can access their applications, permissions that they have, what they can access and others, there is a massive complexity in the configuration that may impact security. 

Generally, there is no doubt that a change is coming and it brings disruption with it. Companies must therefore prepare their IT workforce to face the new shifts. Some IT professionals fear that the cloud will commoditize their work and the cloud will result in the outsourcing of the majority of their operations. Although most of these are true, organizations and institutions of learning must prepare people to make a difference and fill gaps that remain.

Data privacy regulations are becoming more prevalent and stringent in many parts of the world. Led by the EU’s General Data Protection Regulation (GDPR), nations and other jurisdictions such as U.S. states have developed and implemented standards regarding the use of their citizens’ personal information. Organizations risk substantial financial penalties and the loss of customer confidence if they fail to comply with data privacy standards.

There are benefits and challenges associated with using the public cloud for compliance with data privacy regulations. While the activities performed to keep data safe and demonstrate compliance are shared between the customer and provider, an important fact to remember is that the organization that owns the data is responsible for keeping it secure. The customer will face more serious consequences than the cloud provider if there is a data breach or failed compliance audit.

Benefits of Cloud Compliance 

Some of the same reasons for the general interest in cloud computing apply to enterprises concerned about data privacy compliance. The benefits of using a cloud provider include: 

• Access to cutting-edge technology that may be beyond the means of individual customers to provide by themselves;
• Experienced teams of security and compliance specialists who may have substantially more knowledge than that of in-house personnel;
• The ability to quickly build secure systems to cope with evolving regulatory standards.

Implementing a compliance program can stress an organization’s technical and human resources. The cloud offers a simplified path that enables companies to rapidly embrace regulatory compliance. 

Challenges of Cloud Compliance 

Companies that operate in more than one jurisdiction can be faced with being subject to multiple sets of data privacy guidelines. This can be challenging for any organization and the challenge can be exacerbated when using a cloud provider to protect enterprise data resources. 

Many data privacy regulations have restrictions on where personal data is stored. It may have to physically remain in the jurisdiction in which the citizens live and transferring it to other geographical areas may be prohibited without proper consent. 

This can cause problems when a cloud provider is adding capacity or failing systems over to address an outage. Data that had been stored under a specific privacy regulation can be inadvertently moved to a restricted location at the risk of a failed compliance audit.

Questions for Your Cloud Provider

Effective data privacy compliance is possible with a cloud provider as long as some conditions are met and the roles of all parties are fully defined and understood. Some questions that an organization should ask its prospective cloud providers are: 

• Who controls the encryption keys used to secure personal data?
• What type of data oversight such as intrusion detection and security audits will be performed?
• In which geographic location is my data being stored and can it be guaranteed that it will remain there?
• What types of reporting are available to demonstrate compliance to regulatory auditors?
• Who will have access to sensitive corporate data?

If an enterprise is not satisfied with the answer to these questions, they probably should continue the search for the right vendor. Large cloud providers are making custom configurations available that help address the challenges of complying with data privacy standards. Make sure your company’s sensitive data is handled appropriately by all third-parties, including your cloud providers. 

Almost every organization today seems to have embraced cloud computing. This has been occasioned by the advancements that have been made in this area. While the cloud has shown tremendous opportunities, there are various benefits and risks of cloud migration, that you need to consider. Here are the risks and benefits:

Benefits

• Scalability

Cloud services are offered based on demand capacity taking advantage of the pay-as-you-go model. This means that when your company grows due to seasonality, operations will not be affected. Unlike the on-site systems, that depend on the infrastructure that has already been installed, you can increase or downsize any time. For instance, when a business experience high levels of traffic in their existing plan, they can change their plan to accommodate the new traffic.

• Reduced cost

Another major benefit of migrating to the cloud is the reduced costs that can be experienced by organizations. By moving to the cloud, companies can significantly save a lot of money, especially in the long-term. Remember that the cloud does not involve purchasing any on-premise hardware or any upfront investment. Instead, you just buy a specific plan, and you are done. With this, you avoid costs such as those associated with the purchase and operating of servers, electricity costs, and management.

• Increased collaboration

In the modern business environment, collaboration is fast becoming an area of competitiveness that every organization seeks efficiency. Due to this, many companies have increasingly started investing in cloud computing to boost their collaboration efforts. Cloud can be accessed over the internet from anywhere, and employees can work together regardless of the location constraints. Documents and files and be accessed simultaneously and can also be updated in real-time.

• Security

Security is one of the biggest misconceptions of the cloud. In reality, however, one of the benefits of moving to the cloud is improved security. Cloud service providers have the best and strictest security infrastructure and expertise needed in the current era. Cloud providers make cybersecurity their main priority, making the cloud more secure than on-site systems.

Risks

• Speed

For any modern organization, speed is a highly critical factor. As such, a business must never lose speed to be efficient. Unfortunately, speed is a limiting factor for some organizations when it comes to cloud computing. If your organization has applications, databases, or software that requires fast speeds that are above average, the cloud might not meet these needs. The good thing, however, is that cloud service providers often allow testing before migrating your operations.

• Lack of expertise and adequate knowledge

Migrating to the cloud requires the right expertise and people with adequate knowledge. Without this, you will not be able to realize the full potential of the cloud, and migration itself might not be a success. Proper migration requires putting the right systems in place and the right knowledge of these systems. Although the team in your organization may have the necessary expertise on physical hardware, the cloud technology might be too complicated.

• Legal issues and restrictions

The next risk to migrating to the cloud is legal restrictions. Before moving to the cloud, one must first understand if any legal restrictions may deny them an opportunity to migrate. For example, government contractors may not be allowed to put their data in the cloud, making it necessary for them to use on-site solutions for their operations. Some of the common regulations include PCI and HIPAA. Although some cloud service providers have been certified to handle PCI and HIPAA, it still presents a significant risk that cannot be denied.

Whether you are a techie or a professional in a different area that is not related to IT, cloud computing is impacting your job one way or another. This technology has been praised by tech evangelists as a solution to many business problems. It has been tipped to possess the capabilities of turning fortunes of many organizations, both small and big around. Since this technology will impact work in different ways, knowing more about it and becoming savvy can advance your career and may earn you more salary and respect.

Here is what you need to know about cloud computing if you want to land our dream job.

1. Skills of innovation and vision

This is the most critical and often overlooked area by cloud computing enthusiasts and experts. Unlike what many people believe, cloud computing is more than simply changing storage from in-house to a remote location or monthly charges that come with doing so. Instead, it starts with understanding the needs of the business and the potential of this technology on your operations. You need to understand how to embrace this technology and run simulations on new promotions to find out what suits you. Compare what the technology brings and how it compares with using on-site methods.

2. Possess business communication, project management, and leadership skills

The primary reason for choosing cloud over on-site is to enhance operations and improve the business in general. For this reason, anyone working in a cloud company must learn and understand critical business communication skills needed to run operations in an organizational setup. Also, you should have leadership and management skills because these are crucial in pitching and selling cloud services to the customers and managing projects across the organization. Leadership skills allow you to handle projects, both simple and complex, and provide direction in high priority and special projects. With the right business skills, you will be able to recommend the best technological alternatives to clients and evaluate developments in the cloud in comparison with the changes in the business landscape.

3. Have negotiation skills

In the modern business landscape where the customer has the final say, negotiation skills are no longer an option. This is also the case in the cloud computing world where customers must be convinced into accepting to use the services of a given vendor. As an enthusiast who would like to join the industry, you must have the right skills. As an employee, you will be responsible for negotiations, managing relationships with the customers, tracking issues, troubleshooting, and reporting various things. These skills are crucial in explaining to the customer service-level agreements, answering questions on service interruptions, and asserting the advantages of investing in your company’s solutions.

4. Planning skills, and be analytical

Cloud computing solutions are always required to address the needs of each business. This can be achieved by developing flexible solutions that will fit into the needs of each customer regardless of the industry. As a person planning to find a job in a cloud service providing firm, you must have analytical, planning skills and architectural skills, which will enable you to understand problems that a customer needs to be addressed and come up with a viable solution. The same skills will allow understanding of the business needs and translate them into technical requirements.

5. Be technically proficient

This is the last and the most critical skill you should possess to land a job in a cloud company of your choice. Every professional who consumes, manages, or provides cloud services must be technically savvy. You must be proficient in areas such as software engineering and specifically in the development of cloud applications. You must also be knowledgeable in network administration and management and, at the same time, possess cybersecurity skills.

Though only in its nascent stages, the value of cloud infrastructure to robots is key for both deployment (encompassing development, configuration, and installment) and operation (maintenance, analytics, and control). With the popularization of mobile robotics in a wide range of verticals, it will become necessary to utilize the computing power of cloud infrastructure to store and manage the vast troves of collected data as well as to train more advanced algorithms used to power robot cognition.  ABI Research, a global tech market advisory firm, forecasts the robot-related services powered by cloud computing will reach US$157.8 billion in annual revenue by 2030.

“Since 1961, most commercial robots have been wired or tied to external infrastructure for movement. The next generation of robot deployments will be increasingly mobile, tied to cellular and WIFI connectivity, will consume vast troves of data in order to operate autonomously, and will need effective management through real-time measurements for performance, status and operability,” said Rian Whitton, Senior Analyst at ABI Research. Several cloud service providers, including AWS, Microsoft Azure, and Google Cloud, have begun collaborating with robotics developers, while start-ups like InOrbit target cloud-enabled operations for the first major deployment of mobile service robots.

“The journey of the robot industry from one of individual vehicles and units, to fleets and larger systems, is being driven by its wider incorporation into the IoT ecosystem. However, it would be a mistake to suggest robots will simply fit in with devices, individual sensors, and stationary machines as part of the wider IoT ecosystem,” Whitton points out. Robots are increasingly sophisticated systems themselves, with multiple sensors and highly advanced Artificial Intelligence (AI)/Machine Learning (ML) competencies, and are also expected to move around and act within the world, generating huge amounts of data relative to other machines. “To suggest the cloud alone can provide the computing power to operate these machines is naïve, especially during the slow transition to 5G. Onlookers should instead conceive of adaptable edge-cloud systems that focus on quality over quantity when it comes to robotics operation, data processing, and analysis,” Whitton adds.

The cloud robotics opportunity, defined as Robotics-as-a-Service (RaaS) and Software-as-a-Service (SaaS) revenue for robotics operations combined, will grow from US$3.3 billion in 2019 to US$157.8 billion in 2030, accounting for 30% of the robotic industry’s total worth. On its own, this represents a huge opportunity for start-ups, many of which are beginning to expand on their mission to enable developers to accelerate their go-to-market strategy and to help end-users and operators’ access and manage the ever-increasing fleets of robots. This new robotics ecosystem will be dominated by three subcategories of companies, namely robot developers that move up the value chain and become solution providers, third-party IoT and cloud platform providers focused on best-in-class software solutions, and Cloud Service Providers (CSPs) like Microsoft Azure, Amazon Web Services (AWS), and Google Cloud. Those focusing strictly on hardware will lose relative worth and will require partnerships or bold strategies to become solution providers. This can be exemplified by companies like Universal Robots and Fetch Robotics, who have incorporated software and maintenance services into their offering.

“The market is incredibly nascent at present. ABI Research expects consolidation with the most successful robot solution providers and the CSPs expanding their relative influence on the market to take place within the next decade,” says Whitton. The cloud robotics technology is split between vertical innovations, such as developing superior navigation systems, which increase the possibility of what robots can do, and horizontal innovations that expand access and scalability. “Cloud computing represents the most important horizontal innovation for the robotics industry, to date, and will further enable vertical innovations like swarm-based intelligence, autonomous mobility, and advanced manipulation to be deployed at scale,” Whitton concludes.

These findings are from ABI Research’s Cloud Robotics application analysis report. This report is part of the company’s Industrial, Collaborative & Commercial Robotics research service, which includes research, data, and ABI Insights. Based on extensive primary interviews, Application Analysis reports present in-depth analysis on key market trends and factors for a specific technology.

As businesses continue discovering the benefits that cloud computing can present with regard to efficiency and profitability, the use of cloud technologies continues to skyrocket. In the US for example, at least 70 percent of companies, whether public, private, or hybrid use cloud computing according to research done by IDG in 2016.

Owing to the evidence of the impact of cloud computing which has been seen over time, people are no longer talking about why cloud computing should be adopted. Rather, they now talk about how they can move operations and services to the cloud. These are the issues you need to consider before migrating to the cloud:

1. Make sure your cloud applications are an improvement to the on-premise applications you already have

Every business’ intention is to have systems that are better than what they already have in order to compete favorably in a highly competitive business landscape. This is no exception when migrating to the cloud. Your new cloud systems must give you the competitive edge you need as you cannot afford to lose anything when migrating to the cloud.  Ensure that you only pay for what you will use to avoid duplication and costs. You should ensure that you change everything to meet the shifting demands by improving the efficiency of your systems.

2. Decide where and what processes to start with

Moving to a cloud is not something you start and finish once. Rather, you need to have a concrete plan that involves moving operations in phases to avoid total disaster in case of a failure. Since it is new technology, it requires a phased approach where simple business processes are moved first and lessons learned from the previous phase applied to the next one. For a company that has subsidiaries or branches, you can start with one branch and scale your deployment to other branches.

3. Manage compatibility and interoperability with other vendors

Interoperability is perhaps one of the leading areas of concern when migrating to the cloud. As you select your cloud vendors, one of the leading areas you should investigate is compatibility of architecture and applications with other vendors. Incompatibility can cost your business a lot and can be the cause of problems when you want to migrate to another cloud service provider. You should also address integration issues that can create separate silos and affect operations.

4. Ensure the strategy of your vendor aligns to your company’s business strategy

Failure to align cloud strategy to business strategy remains the single most challenging area for many organizations and ends up jeopardizing everything. Before you commit to a cloud vendor, take your time to acquaint yourself with the architectural requirements of the service provider. Ensure that the service provider you choose offers all the capabilities that a company needs such as reporting options, budgeting features, and planning options as well as regulatory compliance. Most importantly, ensure that the vendor has integration and security strategies that can be verified by other businesses. Furthermore, inquire the investment of the vendor on future technologies such as blockchain, machine learning and IoT all of which signify intentions of the company to adapt to the future as you would always want your company to do.

Unit4, a leader in enterprise cloud applications for mid-market services organizations, today announced that Americares is the first global non-profit to select Unit4 ERPx, delivering a new standard of efficiency and effectiveness.

Americares is a health-focused relief and development organization that saves lives and improves health for people affected by poverty or disaster. Each year, Americares reaches 90 countries on average, including the United States, with life-changing health programs, medicine, medical supplies and emergency aid. Since it was established more than 40 years ago, U.S.-based Americares has provided over $19 billion in aid to 164 countries.

Announced in October, Unit4 ERPx delivers fully integrated Enterprise Resource Planning (ERP), Human Capital Management (HCM) and Financial Planning & Analysis (FP&A), on a unified architecture, with rapid deployment and industry-specific innovations out-of-the-box. Americares requires a flexible, future-proof system to support the strategic and operational needs of a global non-profit. Its aim is to better understand, plan, and optimize across the organization to improve efficiencies and reduce manual processes.

Working with Unit4 to implement its Non-profit Model for Cloud ERP, Americares seeks to benefit from Unit4’s unique combination of industry expertise and use of the latest tech innovations to improve workflow.

• Unit4’s non-profit implementation model is designed to ensure rapid time-to-value, and delivers pre-configured processes developed specifically for the needs of project-based non-profits.
• Industry-specific capabilities and extensibility provides the most scalable and adaptive ERP on the market, allowing the system to connect all the organization’s data and easily adapt to any changes clients need to make, now or in the future.
• Intuitive functionality empowers all users to complete administrative tasks, from time entry and expenses to procurement approvals and grant reports, quickly and efficiently through automated workflows and natural language interactions on the platforms they already use, like Teams, Slack, Outlook.
• Easy access to data across multiple devices for the people and volunteers working in the field.

Comments on the news:

“We have a deeply ingrained culture of resourcefulness and efficiency that promotes quick action and getting more done with less,” said Americares Chief Financial Officer, Treasurer and Senior Vice President of Gift-in-Kind Operations Richard Trowbridge. “With ERPx we aim to reduce manual operations and improve reporting capabilities while keeping costs under control. Unit4 also expressed a willingness to work with us to expand system functionality, which would allow the system to grow with us.”

“ERPx is designed to deliver exactly what organizations need to succeed,” said Claus Jepsen, CTO at Unit4. “New to the market this year, Americares will be the first customer to benefit from our new approach to ERP, which combines our mid-market experience, with a focus on people, and an industry-leading cloud platform designed to be ‘right for your business’. Americares prides itself on efficiency, which is why it is trusted by donors and consistently receives high marks from charity evaluators. We’re proud to deliver the systems Americares and non-profits around the world need to deploy aid to those communities most in need.”

According to Dark Reading, cyber criminals have a new target, the cloud. Your company could be cloud jacked.

Those with their finger on the pulse of emerging cybersecurity threats are already aware that there's a new danger in town: cloud jacking.

Read the article on Dark Reading

Will the cloud bring the end of mainframe computers, reports Forbes. 

If you use a bank account, the healthcare system, various government services and insurance, then there’s a pretty good chance that the transactions were processed through mainframes. 

Read the article on Forbes

According to CIO, higher education institutions are moving their computing to the cloud. 

When it comes to capitalizing on the latest computing technologies, higher education institutions have always been at the front of the class.

Read the article on CIO

Taking advantage of the benefits of cloud computing is not restricted to organizations operating in the private sector. In the United States, local, state, and federal governments make extensive use of public cloud resources. As is customary for all types of government contracts, some assessments and approvals must be obtained before the offerings of a cloud service provider (CSP) can be used by specific agencies. Government contracts can be very lucrative and service providers who want a piece of the business need to demonstrate that their products meet all requirements surrounding security and functionality.

All CSPs that wish to do business with the U.S. federal government need to be assessed and approved by the Federal Risk and Authorization Management Program (FedRAMP). The program’s goal is to protect the data of U.S. citizens when it is in the cloud and is the most rigorous security framework in use by the government. 

FedRAMP was created to address the problem of different and potentially conflicting requirements for each agency working with cloud providers. FedRAMP provides standard security baselines and processes that simplify the process of obtaining cloud services for both providers and government agencies. Once a CSP achieves FedRAMP approval for an offering, it is listed in the FedRAMP Marketplace to gain visibility across the government.

Navigating the FedRAMP Authorization Process

CSPs that want authorization to provide services to federal agencies need to follow a process comprised of three complementary phases.

In the pre-authorization phase, CSPs should complete FedRAMP training which includes modules that define the baseline security plan. Education can be accessed via online courses, webinars, or in-person training events. A request from the CSP will result in a consultation with government subject matter experts set up by the FedRAMP Program Management Office (PMO). To successfully get through this phase of the authorization process, a CSP needs to: 

• Document agency interest in their offering and establish partnerships with agency customers.
• Establish a partnership with an approved third-party assessment organization. 
• Ensure that the service implements the required security controls.

During authorization, a CSP is responsible for developing a package that includes the completion of the System Security Plan. The plan is then assessed by the third-party assessment organization and findings are presented to the CSP for remediation. When all risks have been successfully addressed, the CSP attains authorization and status as a FedRAMP authorized vendor.

In the post-authorization phase of the process, the CSP is required to provide monthly monitoring deliverables to the agency using its service. Failure to provide these documents can result in the service losing its authorization.

The purpose of FedRAMP is to eliminate any confusion regarding the ability of individual agencies to use cloud services. By publishing authorized services on the FedRAMP Marketplace, the authorization process only needs to be done once for each offering. Once approved, it can be used with confidence by any federal agency that wants to use the service. 

This appears to be an example of government working efficiently by reducing the duplicate work that would ensue from individual agencies or departments authorizing CSPs. In a subsequent post, we will take a closer look at the FedRAMP Marketplace and the agencies that use its authorized services. 

The thirst for convenient and scalable computing power has led many organizations to make use of cloud delivery models. This has resulted in a booming worldwide market for cloud computing that is expected to top $350 billion by 2022. With this kind of money in play, the competition to attract customers among cloud providers is fierce. 

Artificial intelligence (AI) and machine learning (ML) are two transformative technologies that are gaining traction in many areas of scientific research and business analytics. The cloud offers a platform from which organizations of all sizes can access the level of computing power necessary to conduct research and make effective use of these disciplines. Consequently, major cloud providers have bolstered their portfolios with cutting-edge products designed to attract companies interested in AI and ML.

Developing new solutions or delivering advanced functionality to popular platforms is one way a vendor can stand out against its rivals. A method of gaining a competitive advantage that is enjoying increased popularity among large providers is the use of custom-built hardware that is designed to optimize their software offerings. Let’s take a look at some of the hardware solutions and innovations that cloud vendors are employing to provide enhanced capabilities to their customers. 

Google’s tensor processing units (TPUs) are a prime example of hardware dedicated to processing the workloads demanded by AI applications. These are custom-built chips designed specifically to provide the power required by AI systems. The chips are often favored over more traditional graphics cards for the higher speeds they offer. 

Google has developed an infrastructure option called Cloud TPU Pods that use server racks packed with TPUs. They are configured with either 256 or 1,024 TPUs and the larger configurations offer speeds that approach those of supercomputers. The company powers its popular search engine and Google Translate with TPU pods. 

Amazon Web Services’ Graviton processors are custom built by the company using 64-bit ARM Neoverse cores. The processors offer cost-efficient scalability for general-purpose, compute-optimized, and memory-optimized EC2 instances. Second-generation Graviton processors provide an improved price-performance ratio over x86 chips for diverse workloads such as video encoding and CPU-based machine learning. Security is enhanced with always-on 256-bit DRAM encryption, allowing developers to run native cloud applications securely.

Microsoft’s Project Olympus is an open-source solution that incorporates hardware and software modules to create a holistic rack architecture. Project Olympus is part of the Open Compute Project which is releasing technical information to the developer community that may help even the playing field in the server industry. 

The schematics offer a well-defined starting point upon which manufacturers can build custom hardware solutions. Servers built under the auspices of Project Olympus will be infused with high debugging and testing capabilities that will help isolate intermittent and hard to duplicate problems. 

As the computing world’s requirements for faster and more efficient processing continues to grow, the cloud-tech giants will continue to evolve their solutions to meet the demand. The immense resources they wield ensure that when the need calls for it, the financial cost of employing custom hardware will not be an obstacle.

The coronavirus pandemic has altered the strategies of many companies, including their spending. This change has tipped the scale in favor of remote technologies, that are now being adopted massively as work turns from office to working from home. With the revenues of many businesses now suffering from the virus, many organizations are trying their best to limit costs as much as possible. This has seen most of them opting for remote work solutions, changing shifts, and putting some staff on unpaid leave to reduce the cost of business. With all these, the cloud appears to be seeing an increase in expenditure as the acquisition of cloud-based solutions increases. Cost is always a major driver for many migrations, but most companies poorly understand it in the beginning.

For startups, it is okay for them to see the value of cloud when they have used non in the past, but when they are still using old systems and legacy software, finding out the potential cost of moving to the cloud is not that easy. However, with the speed of modern business and the rapid response to the coronavirus pandemic, that is aimed at enabling millions of employees to work remotely, it is now clear that living in the world without cloud technology will not be easy in the modern era.

No time in history has exposed many industries than what we are experiencing today. The pandemic has shown the need for IT resources, that are always available led by the cloud. Even with the virus affecting most operations, the cloud has continued to show the reason why people are finding it useful for businesses. As the damage of coronavirus continues affecting office-based operations in different companies, cloud computing is turning out to be the refuge that these businesses look for at such a time of need. Companies are now relying heavily on technology to keep going. According to a report by Flexera, more than 20 percent of companies spend more than $1 million every month on the cloud. This is expected to double in the next 12 months, where projections found that companies will spend up to 47% on average to grow cloud. The report by Flexera based on a survey of 750 decision-makers and users also point out that companies are 23% over the budget. The respondents, however, noted that they are wasting 30% of their cloud expenditure.

Even with the pressure from the coronavirus, companies must devise a way of managing their cloud expenditure. There is a need for a balance between responding to the effects of the pandemic and keeping the expenditure reasonable. Although spending on all other IT categories will go down this year due to the suspension of operations, cloud technologies will still make the most. Companies will need a way of supporting their on-premise resources and improve the working experience of remote employees. The problem, however, is what is needed, and for how long since the time that the pandemic is expected to be over is not known. However, companies must use data from mid-March up to now and project what is required and what is not. Also, this information can help the forecast of what goes up and what will go down.

With the costs going up, companies must employ new tactics to stay on top of the expenses, most of that are unpredictable. Despite the cost management being challenging, as shown by Flexera because of the complexity and difficulty in usage forecasting, businesses should consider monitoring their spending usage and spending daily. They should also ensure that unused workloads are taken down to reduce the cost of operations in such a time when spending needs to be limited as much as possible.

As many industries reevaluate their go-to-market strategies amid the pandemic - not every business is suffering. Take for instance streaming video on-demand (SVOD) subscriptions like Netflix and Disney+ who have seen an increase in viewership as people are mandated to stay home due to Covid-19. But will streaming services see a depletion of subscribers once people venture outdoors again and are all SVODs doing well in this time of uncertainty?

Where other SVOD services have failed to grow (I’m looking at you Quibi), Disney+ wasted no time -amassing nearly 55 million subscribers in just six months. The streaming service that rolled out in November already has more subscribers than Hulu who clocks in at around 32 million.

Netflix which is still the leader in streaming services has a whopping 182.8 million subscribers. During their earnings call in April- Netflix reported that they had 23% more subscribers than this time last year earning $5.7 billion dollars in revenue. While many analysts wonder if these new subscribers will stay once the pandemic is over – at least one Bank of America analyst doesn’t think they should be worried. Nat Schindler told Yahoo Finance,  “We anticipate the step-up will result in a permanent increase in penetration for Netflix's subscriber model and see its low price-point and staple nature supporting healthy fundamentals performance in a recession, even after stay-home orders are lifted.”

While many SVOD services have seen a rise in viewership – what happens when the pandemic is over? Does it really make sense for a family of four to keep subscriptions to all of the available services? The market is getting tight and eventually families will have to make sacrifices as to which streaming services to keep.

In a survey of 1,000 viewers who have more than two SVOD subscriptions, FLIXED found that out of the main streaming services (Amazon Prime, Netflix, Hulu, Disney+, and Apple TV+), viewers would most likely drop Apple TV+ over any of their other memberships. Like Disney+ - Apple TV+ debuted in November 2019 but unlike Disney+ met little to no fanfare. The platform that costs just $4.99 doesn’t seem to resonate with viewers as 36% of those surveyed said that they would most likely not renew their subscription to Apple TV+. While Apple has yet to reveal how many subscribers they actually have – analysts put the number at around 30 million – but many of those subscribers are getting it free for the first year. Analyst Toni Sacconaghi of Berstein told the Financial Post that one of the reasons Apple TV+ has fallen short is because it was "failing to resonate with customers, perhaps due to its limited content offerings."

Like Apple TV+ - Quibi – a much hyped streaming services that delivers shows that are 10 minutes or less to a subscriber’s phone has also failed to resonate with audiences. Debuting in March- Quibi only has 3.5 million subscribers (1.7 million who are considered “active”). While many could blame the series of blunders (not allowing users to share clips online, only available for Android phones)-  owner Jeffrey Katzenberg blames the pandemic – the same pandemic that is helping other SVOD services excel. "I attribute everything that has gone wrong to coronavirus,” he told The New York Times. 

As Covid-19 continues to keep people at home – subscribers will flock to Streaming Video On-Demand services for entertainment. In a convoluted market – not all streaming services will succeed. If the current number of subscribers are any indication - Netflix will continue to reign while SVODs like Apple TV+ and Quibi could be in big trouble.