Infection with ransomware is a problem that can impact any type of computing environment. With more companies opting to house major infrastructure components in the cloud, protecting these resources from infection with ransomware has become a high priority for IT security teams. 

The malicious actors behind ransomware have refined their methods to concentrate on high-value systems when choosing a victim. Attacks are often customized in an attempt to increase the chance of success. Phishing emails, one of the most common methods of injecting ransomware into an environment, are tailored to appeal to the prospective victim and tempt them into clicking on an infected link.  

 Cloud resources are an attractive target for ransomware gangs for several reasons. 

• The tremendous volume of information stored in the cloud means there is the potential to hold valuable data for ransom, forcing the victim to pay.
• The business-critical nature of many cloud services means that companies cannot afford to be without them for an extended amount of time.
• Cloud resources are often shared by clients, making it possible to carry out attacks on multiple entities with a single incursion. 

Strengthening Defenses Against Ransomware

Major cloud providers are providing resources to help their customers avoid the perils of a ransomware attack. An example is a recent security blog post by Amazon Web Services (AWS) that offers the following suggestions for protecting data in the cloud. 

• Ensure you can recover data and applications promptly. This entails a robust backup strategy and a vetted and tested disaster recovery plan. Cloud providers have multiple backup and disaster recovery solutions available that can be customized to meet the business objectives of any company. 

• Encrypt data to protect it in the event that a company is successfully attacked with ransomware. In addition to holding data for ransom, the malicious actors often threaten to exfiltrate sensitive data and release it on the web. If the data is encrypted, this tactic will not work, as no usable information will be available to be released by the cybercriminals. 

• Automate the installation of critical security patches to avoid gaps that can be utilized to gain access to enterprise systems. It may not be enough to simply install patches on a weekly or monthly schedule. Cybercriminals can act quickly when a common vulnerability exposure (CVE) is announced and take advantage of any delay in addressing the issues with the appropriate patches.  

• Implement a strong security standard that includes industry best practices like enforcing least privilege policies regarding access to enterprise data. This will minimize the potential damage caused by an employee who gets tricked by a phishing email. 

• Monitor your environment and automate responses to discovered issues. For instance, failed backup jobs need to be identified and rerun to provide the necessary protection in case systems are compromised. The environment should also be monitored for any suspicious activity that may indicate an intrusion has already occurred. 

It is virtually impossible to eliminate the possibility of a ransomware attack on cloud resources. Fortunately, with the right defensive strategy in place, the damage can be minimized. Take advantage of the resources available from your provider which are designed to help you protect your valuable data in the cloud.

Cloud computing is growing exponentially. It continues to get into many industries without signs of slowing down. With the pandemic, the global public cloud infrastructure has grown even faster than initially expected. As predicted by Forrester research, the global COVID-19 pandemic has led to increased uptake of cloud computing by about 35% in 2021 alone. Companies are seeking to invest more in this new paradigm in 2021 and beyond. Here are some cloud computing trends you should expect in 2021.

1. Edge computing will continue gaining momentum

Edge computing is indeed the new cloud, and as we advance, it will become increasingly popular with the rising demand for decentralization. It allows cloud users to store data and perform computing closer to where it is generated and used, unlike the centralized approach where data is store far away. This new approach reduces latency and enables faster responsiveness and optimization of bandwidth. In 2021, we will see more adoption of edge computing to enable faster storage and retrieval. We have already seen effort being made by large edge computing vendors like IBM and Intel to double down deployable cloud-like edge solutions. This is a sign of better things to come.

2. Artificial intelligence

AI is fast becoming an important part of cloud computing and 2021 is likely to see this technology merged with cloud services more than before. Organizations will be looking for a strong AI engineering strategy to ensure their projects remain relevant. According to Gartner, the lack of the right investment in AI projects will lead to performance, scalability, and reliability issues. However, with the right cloud technologies such as containers, Kubernetes and ML frameworks, organizations will establish responsible DevOps, DataOps and ModelOps.

3. Serverless cloud is the new marvel

2021 will see increased adoption of serverless computing. According to a 2020 State of the Cloud report by Flexera, serverless is one of the fastest-growing platform-as-a-service (PaaS) cloud services. This paradigm will help developers code freely while allowing infrastructure management to be performed online by the PaaS infrastructure provider. The market is expected to grow by over 25% between now and 2026. The ease with which the serverless architecture allows organizations to come up with and deploy applications within a short time is the main reason behind its increased adoption. Startups that have little resources will find this very attractive.

4. Containerization

This is another area that is growing rapidly. Containers are simply software packages with code and the necessary components that are needed to run an application. Applications in containers can run anywhere, whether in a private data center, personal computer, or cloud. A report by Gartner projects that more than 75% of all big organizations will be running containerized applications by 2022, giving a glimpse of how fast this trend is being adopted. The popularity of containerization has been made possible by its potential to allow more rapid delivery, agility, easy life-cycle management and scalability, all of which are desired by organizations that want better service delivery. 

5. Many organizations will deploy Multi-cloud

We cannot end the list of trends without talking about multi-cloud. As private clouds continue coming up, 2021 is a year we should expect more of it than ever. Many organizations will deploy a combination of on-premise, public and private clouds as they look for better ways of becoming efficient due to the disruptions caused by the pandemic. Due to the flexibility and improved disaster recovery that this combination promises, you should expect investment in multi-cloud to reach a new high this year.

Although the term “cloud computing” is often used to the extent that one may think cloud computing platforms are the same, the truth is that not all clouds are created equal.  Despite the difference that may exist, all clouds depend on the same server hardware that forms the backbone of any computer network. The difference between the traditional and the advanced cloud is the processing power and storage capacity of the available hardware over the internet.

Every cloud computing service provider wants to call itself an advanced cloud computing provider or call its services advanced cloud services. In the real sense, this is often more in theory than in practice because some of these services do not fit into the description. In a world where organizations need to fulfill their need to connect various departments, divisions, different locations, and personnel together, the problem emerges with the fragmentation that spans multiple global locations.  Therefore, advanced cloud services exist in virtual entities- like other clouds- with a final form built upon a shared infrastructure. Furthermore, advanced clouds allow us to change their shape more easily, unlike many cloud services sold in unchangeable form. Therefore, they are highly scalable upwards and downwards.

Unlike the traditional clouds, customers have more say on precisely what services they need and how they want them in advanced clouds. For instance, you can have an office in location A served with high-performance cloud services optimized for heavy transactional data throughput. At the same time, you can have offices in locations B, C, and D, given more storage power, more data analytics engine capabilities, and increased memory performance for B, C, and D, respectively.

Unlike most of today’s cloud services, advanced clouds offer a choice of fast and cheap storage in combination with virtual machines. These clouds are also easy to understand and manage, something that is critical in running modern organizations that need secure and robust operations. In today’s landscape, where remote work seems to be gaining ground, the services offered by cloud service providers have come into sharp focus while the providers always claim to be offering advanced cloud services.

No matter how vendors claim the abilities of their solutions, an advanced cloud should be able to provide simple access to the latest technology that is delivered, supported, maintained, and monitored by a qualified team of professionals. You are always assured of top performance, security, and availability of your network, unlike the traditional on-premise networking solutions that may not be sufficiently agile. With the advanced hardware and software, the advanced clouds deliver business-critical applications. If you have business-critical applications or sensitive data, advanced cloud focuses on keeping them secure within the network.

Choosing the right advanced cloud platform means you are benefiting from built-in redundancy and resilience. You get high availability, and the network is often built in a well-designed architecture and infrastructure. This makes a difference in aspects such as secure access to data and necessary applications and ensuring high performance and cost-effectiveness. These are the things that every organization needs to relate to its customers and adequately offer high-quality services.

In addition to offering you the ability to build experience state-of-the-art security in your business when accessing data and applications, advanced cloud eliminates the need to invest in the IT infrastructure and per usage like. For small businesses, this offers you the opportunity for growth. It allows them to compete with large organizations in the market while the employees only focus on other things. In short, advanced cloud is transforming the way in which businesses, regardless of their size conduct their operations in ways that people may not realize.

When cloud computing is mentioned, many people immediately think of public cloud software as a service (SaaS) and platform as a service (PaaS) offerings available from major vendors like Microsoft and Amazon. These large providers offer any company a wide variety of computing solutions including the ability to obtain virtually limitless storage capacity. The popularity of these products is evident in the number of companies that are migrating systems to the cloud and taking advantage of new services rolled out by providers.

But not all business requirements can be met through the offerings of the public cloud. In some cases, organizations opt to implement a private cloud storage solution to meet their needs or desires. Let’s look at how these two forms of cloud storage differ and what each solution offers to customers. 

Comparing Public and Private Cloud Storage

Some characteristics differentiate public and cloud storage solutions that may make them more or less applicable for meeting specific business objectives. Companies need to weigh the benefits of each alternative when selecting the right type of cloud storage for their needs. 

Public cloud storage

The defining characteristic of public cloud offerings is that they share computing resources among multiple customers. A public cloud solution is hosted by a third-party provider who may provision its hardware as it sees fit to address the needs of its tenants. The benefits that accompany this type of cloud storage model include:

• A low initial cost of entry - Public cloud services can be obtained inexpensively and offer businesses an economic method of taking advantage of extended storage capacity. 

• Enhanced scalability - One of the most appealing aspects of the cloud is the ease with which capacity can be scaled up or down to meet fluctuating business needs while minimizing costs and avoiding paying for unused resources.

• Access to cutting-edge technology - Cloud providers have tremendous technical resources and regularly introduce new technologies into their offerings. Customers can take advantage of these improvements without development and implementation costs. 

Private cloud storage

Private cloud storage offers a different set of benefits for companies who are not comfortable with the shared model of the public cloud. A private cloud implementation employs the same basic technologies as its public alternative but is designed to be used by a single tenant. Its advantages include:

• Enhanced control - Private clouds offer companies complete control over the hardware and software products used to provide the storage infrastructure. The solutions can be customized to fit unique business requirements.

• Improved security and access control - All access to private cloud storage will be achieved behind the customer’s firewall, giving them more visibility and control over who can access their data.

• Better regulatory compliance - Customers can tailor private cloud storage solutions to meet any regulatory standards applicable to their industry. 

Making the Choice 

When faced with a choice between public and private cloud storage, many companies are opting for a hybrid approach that uses both models where they are most appropriate for specific business situations. By segregating sensitive data and information subject to regulatory compliance from less critical resources, companies can enjoy the overall benefits of cloud storage designed for their exact requirements. 

Cloud migration is an important activity, which entails moving things from the on-premises to the cloud. It may also refer to moving from one cloud to the other and can involve moving all or just a few assets. Although these are the main activities in cloud migration, it sometimes consists of many other things. Regardless of the things involved in cloud migration, it requires an in-depth understanding and strategy to be done successfully. Here are some strategies that you may use in your cloud migration.

1. Re-hosting

As implied by the name, re-hosting entails lifting the stack and moving it from the on-premises hosting to the cloud. Also called lift and shift, this approach is cheap and requires minor refactoring compared to other approaches. It involves transporting the exact copy of the current hosting environment without making changes for a fast return on investment. This strategy is suitable for companies that have conservative culture or those that have no long-term strategy to harness the advanced cloud capabilities. This approach, however, has some downsides. One of these disadvantages is that you can miss out on the benefits because lifting and shifting require bare minimum changes.

2. Replatforming

Unlike re-hosting, re-platforming involves making some adjustments that optimize the cloud. The core architecture in this strategy, however, remains the same. This is a good strategy for conservative organizations that require building trust in the cloud while at the same time achieving benefits such as increased performance. It is also called move-and-improve because it involves moving the stack and making some updates to the application. An example is introducing scaling or automation without overhauling the whole thing. This strategy is a superior option to re-hosting.

3. Repurchasing

This strategy involves moving applications to a new cloud-native product. In most cases, it entails moving applications to a SaaS platform, such as moving a CRM to Salesforce. The challenge that this approach has is losing the familiarity of the existing code and the need to train the team on the new platform. Even though it entails the movement of applications to a new cloud, it can be cost-effective in the end if you are moving from a highly customized legacy system.

4. Refactoring

Also called rearchitecting, this strategy means rebuilding applications from scratch. This strategy is often used when there is a need for a business to leverage cloud capabilities that are not available in the current environment. It is an expensive option but is also compatible with future versions. This approach requires an investment in skills development and time, but its benefits after proper application are unique.

5. Retiring

Retiring involves turning applications off after they are no longer needed. This is done after assessing the portfolio of applications for cloud readiness, after which the applications that are no longer needed are turned off. This is often done to cut costs and boost the case for the need to migrate applications.

6. Retaining

For some organizations, adopting the cloud makes no sense. This is mostly due to compliance challenges that force them to keep data on-premises. Another reason can be a lack of preparedness to prioritize an app that was recently upgraded. In such instances, the existing storage can be retained and cloud computing revisited at a later date. Migration is only good if it makes sense to your organization.

At a basic level, migrating to the cloud has various advantages. Some of the key reasons you might benefit from include decreased hosting costs, agility, improved disaster recovery, and decreased footprint. Regardless of the benefits, you are looking to attain, implement the right cloud adoption strategy that suits you.

COVID-19 has changed how we do business and the way consumers approach the market. The burden is increasingly on business leaders to adjust to the demands of the market and consumer behavior. How? Besides embracing cloud computing, it’s important to question whether things are actually working - if your tools and processes align with delivering for the customer.

Be an Iconoclast

Technology is only one component of business growth. Attitude is everything. We need to keep leveling up our value to the customer by enhancing how we deliver brand values. We do this by continually seeking to improve the organization. This involves assessing what’s actually working, what tech is effective, or at least what can improve key processes.

COVID-19, more than any other event, forced us to question how we work. It’s made us re-evaluate the framework for success, and how we accomplish our goals. Success during the pandemic required leaders to adopt an iconoclast mindset to adapt and succeed. Despite COVID-19 causing standstills and even drops in sales or activity in some industries, business kept moving.

Organizations pivoted their strategies and harnessed the could to remain active and even prosper during the pandemic. They were iconoclasts because they had to break traditions and even alter the way they functioned or were supposed to run their business. An iconoclast is an individual who challenges the prescribed way of doing things, designs a better way, and executes a plan for change. When it comes to harnessing the best technology to speedtrack your growth past COVID-19, these are critical steps.

Question Your Tech

Are your current tools really doing what you need them to do? Or are you struggling to manage too many apps?  Is your automation sufficient or is your team struggling to make deadlines and must reconcile data more than interact with customers? These are all essential questions to ask about your IT tools. Assess what’s working, what isn’t, and what you need. This is how you can begin to fill the technology gap. This is done by using reliable technology and a tailored approach to fulfill business objectives. You can’t just look for an immediate fix, but an investment for your future. Adaptability is the way of the future, so this must be a core staple in your IT.

Define Your Digital Workplace

The idea of ‘an app for that’ just doesn’t cut it anymore - despite it being a long-standing accepted idea. There are too many! Lack of flexibility and customization features will inhibit your ability to adapt to changes and new business goals. Consider how technology will scale and enable you to build on top of it as you pivot and grow.

This is why IT platforms are a stronger investment than one-off applications. IT platforms provide high-level flexibility and a host of other interconnected solutions equipped to work together to consolidate data and increase efficiency. This also eliminates the problems and costs of IT integration. Quality over quantity, remains a strong virtue in the iconoclast mindset.

Define and Execute Your Solution

Cloud computing technology on its own is not the answer. Business leaders must take ownership of said technology and use it to create their own solutions. Being an iconoclast doesn’t just mean questioning how things are working or whether they’re working. You must engineer your own means of success. When it comes to business tools, prioritize flexibility, consolidation, and scalability. If the tech is sufficient with these, you can pivot and adjust however you need.

Tony Zorc is an Iconoclast, Founder and CEO of Accounting Seed, technology entrepreneur, ForbesBooks author, and CPA for 20+ years. He embodies iconoclasm, the idea of challenging the prescribed way of doing things and coming up with a better, more innovative solution. Accounting Seed – the world’s first accounting platform – is disrupting the cloud accounting industry and has over one thousand customers and fourteen thousand users, and has sustained double digit growth for over ten consecutive years. A father, leader, person of faith, and avid CrossFitter, Tony brings a rare mix of personal and professional experience to the table and seeks to inspire other leaders to create innovation in places where innovation is scarce. Tony has a degree in accounting from Hope College. His new book, Iconoclasm: A Survival Guide in the Post-Pandemic Economy, is available on Amazon, and through all major booksellers.

You can connect with Tony via TonyZorc.com, or on Instagram, Facebook, LinkedIn and Twitter.

As the internet of things (IoT) and smart home devices become increasingly popular, the number of security issues and attacks on IoT devices are also on the rise. Over the recent years, there are many incidences involving consumer IoT devices that have seen malicious actors gaining access to home networks by taking advantage of vulnerabilities in devices. According to analysts, IoT devices will be over 20 billion by 2025. That is an awful lot of devices. This means that these devices will be everywhere around us. With this large number of devices, the security incidences will be high. Here are a few tips that will help you keep your IoT connections safe.

• Be careful of on devices you buy

Although smart devices are helpful, they collect large amounts of personal data. Before purchasing any smart device, learn many things about the device, including what type of data it collects, how the data is stored and protected, and who it is shared with. Also, understand what it will be used for and if it is shared with a third party or parties. In short, do thorough research before buying devices to see the protections you have and possible data breaches.

• Understand your data and apply protection measures

According to Zscaler, 91.5% of transactional data from IoT devices is plaintext. This means it is easy for hackers to intercept, read and manipulate data and send it back without you even noticing it. As such, you must protect the physical devices that collect, store, and process data and protect data at rest, in transit, or in use across the IoT ecosystem. The parties involved in the value chain must ensure data is safe and cannot be manipulated to avoid the possibility of being hacked. The process involves understanding the data, encrypting it, and tracking and tracing data to protect networks and identify changes.

• Ensure you have the latest firmware

Firmware updates are an important aspect of the security of any system. For the IoT devices, make sure you have the latest security patches to reduce the chances of attackers breaching the systems successfully. Keep your firmware fully updated by making sure you are aware of new updates and updating it as soon as possible. Updates will fix vulnerabilities as they emerge. Therefore, IoT devices and your home routers need to be regularly updated. Wherever possible, automate updates or set a schedule such as every three months or so.

• Take a holistic security approach

To secure IoT solutions, companies must have a holistic approach to security which entails the technologies, people, and processes. Begin by considering some key approaches, including end-to-end ecosystem security and aligning the organization to IoT security. The security must be managed from device to end-user service (horizontally) or hardware to applications (vertically). Also, the IoT ecosystem, which is made up of manufacturers, app developers, network service providers, and end-users, must be adequately managed and involved in securing IoT devices.

• Avoid device defaults

Just like the routers and other devices, do not use a device with its default settings. Hackers know these defaults and easily access your devices if it is not reconfigured with strong security measures. The default settings in IoT devices and networks make you a soft target for malicious individuals. Therefore, change the defaults as soon as you purchase a smart device to reduce the risk.

To sum it up, if you are dealing with sensitive data, you might need to take more stringent measures. Have a look at the IoT devices you are considering, the security protocols they support, and the ease of securing them. One thing that you should keep in mind is that you should never assume that you are safe.

Digital technologies have played a crucial role in keeping things working during the COVID-19 pandemic. It has ensured the economy and society are running through remote working and contactless payment while at the same time supporting communication and ecommerce. In 2020 alone, many businesses suffered because most of them were not prepared to handle a massive disruption occasioned by the coronavirus. However, many responded by accelerating digital transformation and ensuring operations are running and production ongoing thanks to remote work and online collaboration tools.  

Cloud computing was a true game-changer during the pandemic. It enabled ecommerce and collaboration to thrive. The cloud-based platforms allowed billions of ecommerce purchases and teleconferences each day to be held. This has been a critical element that has fueled the survival of many businesses.

According to research by Global Data, more than 80 percent of business executives say that cloud computing and networks are crucial in aiding businesses to withstand the effects of the pandemic. For those in retail, for example, the cloud, whose adoption accelerated during the pandemic, has helped them bring together customers and their businesses when no in-store purchases were allowed. According to Deloitte, the online sales of grocery rose by 233 percent during the pandemic in March 2020 compared to back to the same month in 2019.

The need to respond to the coronavirus pandemic with agility has renewed the emphasis on adopting cloud-based applications. These applications will support modern technologies such as robotics, big data, and digital channels of distribution. It will also support the increased adoption of digitization post-pandemic. Expect crucial aspects of workplaces such as communications and core business applications to be moved to the cloud to help improve availability, reliability, and resilience, all of which are critical in keeping operations running in changing times post-COVID. With the computational needs expected to fluctuate from one time to another, the cloud will immediately scale to adjust to the increase or reduction in business requirements every day, which will minimize losses.

For healthcare, cloud computing and AI have become famous in the past two years in research and in helping medical professionals and researchers fight the pandemic. Researchers have resorted to cloud computing-based AI technologies to analyze vaccines and find potential cures for the disease. In the US, Europe, and Asia, these efforts have succeeded in shortening the vaccine development process. This has saved millions of dollars in time that would have been wasted and investments that would have been used in research. The advanced communication technologies will help patients to access the healthcare cloud anytime, regardless of the location. In short, cloud computing is helping build value-driven and patient-centric care.

The transport industry is also benefiting immensely from cloud computing. The rise of connected cars or buses requires massive storage of data. This means that things such as traffic management will depend on the cloud, which would have been difficult for the traditional methods to solve. The cloud-based traffic management systems will ease the coordination of traffic signals and tracking of emergency traffic cases.

Besides helping in medical, transport, and commerce, cloud computing will be beneficial for small and medium-sized businesses. It promotes operational efficiency, improves innovation, and expands financing and markets. Digital transformation is helping SMEs bring significant benefits, which are critical for local economic development.

After the pandemic, businesses will have to strictly focus on digitizing their operations because that is the right thing to do in this era. Technologies such as cloud computing will help companies become independent, reduce cost of operations, and ensure intelligent and effective service delivery.

According to TechCrunch, Google Cloud will now give users a carbon footprint report. 

Google Cloud today announced a new (and free) feature that will provide its users with custom carbon footprint reports that detail the carbon emissions their cloud usage generates.

Read the article on TechCrunch

WhatsApp is now allowing customers to encrypt their chat history in the cloud, reports TechCrunch. 

WhatsApp is beginning to roll out a new feature that will provide its two billion users the option to encrypt their chat history backup in iCloud or Google Drive, patching a major loophole that has been exploited by governments to obtain and review private communication between individuals.

Read the article on TechCrunch

According to Market Watch, companies switching to multiple cloud computing systems is lessening Microsoft’s hold on the industry. 

The digital clouds are parting, and shining new light on once-fledgling cloud-computing efforts.

Read the article on Market Watch

Companies planning to migrate to the cloud can avoid these common pitfalls, reports Information Week. 

According to Hosting Tribunal, 94% of companies have a cloud presence, but only 20% have undergone cloud transformation.

Read the article on Information Week

According to the Register, Microsoft testified to a House Committee that it receives numerous secrecy orders per day.

The US House Committee on the Judiciary met on Wednesday to hear testimony on the government's practice of secretly subpoenaing cloud service providers, and Microsoft was happy to oblige.

Read the article on The Register

Organizations that choose to take advantage of public cloud services often find themselves with their resources spread amongst multiple vendors. This situation can arise for several reasons including:

• The evolution of enterprise workloads and the search for the most cost-effective solutions;
• Sprawl resulting from the ease with which departments can migrate systems;
• New offerings not available from current vendors;
• Simply being dissatisfied with a service or vendor and riding out the length of the contract.

Regardless of the underlying factors that led to a multi-vendor cloud environment, its management presents decision-makers and technical support staff with additional layers of complexity. Adopting a set of best practices will help organizations successfully implement a hybrid and multi-vendor computing environment. 

The following best practices will assist in the successful management of a multi-cloud environment.

• Use hybrid cloud management tools - Make use of hybrid cloud management tools to address multi-cloud environments. These tools can provide features such as self-service functionality for end users, service aggregation, deployment orchestration, and cost management. 

• Optimize costs across vendors - Companies should regularly review the comparative costs of their various vendors and be willing to migrate if a move is dictated by the economics. Cloud service brokers may be able to evaluate resources and suggest ways to optimize spending. 

• Focus on disaster recovery and reliability - Recovering a diverse multi-cloud environment in a disaster scenario demands a well-planned and documented strategy. Leveraging cloud vendors may be possible by backing up resources from one to the other. 

• Prioritize security and compliance - Ensuring data security and compliance is more challenging in multi-cloud implementations. Identity and access management (IAM) tools are necessary to ensure only authorized users can get to data resources. Customer and vendor roles regarding maintaining regulatory requirements need to be fully understood to avoid gaps and failed audits.  

Concentrating on these four areas will help organizations manage their multi-cloud environments.  

Using the Right Tools Matters

Commercial and open source software tools are available to assist in the management of multi-cloud environments. These applications focus on big picture items that affect the entire cloud infrastructure and help decision-makers identify the right solution from among the alternatives and keep the complex environment running smoothly. 

Morpheus is a commercial product providing integration and automation functionality across multiple clouds and on-premises environments. It is designed to facilitate compliance, cost optimization, and application modernization.  

OpenStack is an open source solution that offers a set of software components providing common services for cloud infrastructures. It enables large pools of cloud resources to be managed centrally through dashboards or APIs. 

On a more granular scale, dedicated tools can help minimize the strain on technical support teams when systems are spread across multiple on-premises and cloud platforms. A case in point is an application like Idera’s SQL Diagnostic Manager for SQL Server. It employs a unified interface from which to monitor SQL Server performance on physical and virtual machines located on-premises or housed with major cloud vendors. 

The potential benefits of multi-cloud environments can outweigh the challenges of dealing with their complexity. Following some basic best practices and deploying the right tools will enable organizations to take advantage of the offerings of multiple cloud vendors without incurring any undue risks. 

Taking advantage of the benefits of cloud computing is not restricted to organizations operating in the private sector. In the United States, local, state, and federal governments make extensive use of public cloud resources. As is customary for all types of government contracts, some assessments and approvals must be obtained before the offerings of a cloud service provider (CSP) can be used by specific agencies. Government contracts can be very lucrative and service providers who want a piece of the business need to demonstrate that their products meet all requirements surrounding security and functionality.

All CSPs that wish to do business with the U.S. federal government need to be assessed and approved by the Federal Risk and Authorization Management Program (FedRAMP). The program’s goal is to protect the data of U.S. citizens when it is in the cloud and is the most rigorous security framework in use by the government. 

FedRAMP was created to address the problem of different and potentially conflicting requirements for each agency working with cloud providers. FedRAMP provides standard security baselines and processes that simplify the process of obtaining cloud services for both providers and government agencies. Once a CSP achieves FedRAMP approval for an offering, it is listed in the FedRAMP Marketplace to gain visibility across the government.

Navigating the FedRAMP Authorization Process

CSPs that want authorization to provide services to federal agencies need to follow a process comprised of three complementary phases.

In the pre-authorization phase, CSPs should complete FedRAMP training which includes modules that define the baseline security plan. Education can be accessed via online courses, webinars, or in-person training events. A request from the CSP will result in a consultation with government subject matter experts set up by the FedRAMP Program Management Office (PMO). To successfully get through this phase of the authorization process, a CSP needs to: 

• Document agency interest in their offering and establish partnerships with agency customers.
• Establish a partnership with an approved third-party assessment organization. 
• Ensure that the service implements the required security controls.

During authorization, a CSP is responsible for developing a package that includes the completion of the System Security Plan. The plan is then assessed by the third-party assessment organization and findings are presented to the CSP for remediation. When all risks have been successfully addressed, the CSP attains authorization and status as a FedRAMP authorized vendor.

In the post-authorization phase of the process, the CSP is required to provide monthly monitoring deliverables to the agency using its service. Failure to provide these documents can result in the service losing its authorization.

The purpose of FedRAMP is to eliminate any confusion regarding the ability of individual agencies to use cloud services. By publishing authorized services on the FedRAMP Marketplace, the authorization process only needs to be done once for each offering. Once approved, it can be used with confidence by any federal agency that wants to use the service. 

This appears to be an example of government working efficiently by reducing the duplicate work that would ensue from individual agencies or departments authorizing CSPs. In a subsequent post, we will take a closer look at the FedRAMP Marketplace and the agencies that use its authorized services. 

The thirst for convenient and scalable computing power has led many organizations to make use of cloud delivery models. This has resulted in a booming worldwide market for cloud computing that is expected to top $350 billion by 2022. With this kind of money in play, the competition to attract customers among cloud providers is fierce. 

Artificial intelligence (AI) and machine learning (ML) are two transformative technologies that are gaining traction in many areas of scientific research and business analytics. The cloud offers a platform from which organizations of all sizes can access the level of computing power necessary to conduct research and make effective use of these disciplines. Consequently, major cloud providers have bolstered their portfolios with cutting-edge products designed to attract companies interested in AI and ML.

Developing new solutions or delivering advanced functionality to popular platforms is one way a vendor can stand out against its rivals. A method of gaining a competitive advantage that is enjoying increased popularity among large providers is the use of custom-built hardware that is designed to optimize their software offerings. Let’s take a look at some of the hardware solutions and innovations that cloud vendors are employing to provide enhanced capabilities to their customers. 

Google’s tensor processing units (TPUs) are a prime example of hardware dedicated to processing the workloads demanded by AI applications. These are custom-built chips designed specifically to provide the power required by AI systems. The chips are often favored over more traditional graphics cards for the higher speeds they offer. 

Google has developed an infrastructure option called Cloud TPU Pods that use server racks packed with TPUs. They are configured with either 256 or 1,024 TPUs and the larger configurations offer speeds that approach those of supercomputers. The company powers its popular search engine and Google Translate with TPU pods. 

Amazon Web Services’ Graviton processors are custom built by the company using 64-bit ARM Neoverse cores. The processors offer cost-efficient scalability for general-purpose, compute-optimized, and memory-optimized EC2 instances. Second-generation Graviton processors provide an improved price-performance ratio over x86 chips for diverse workloads such as video encoding and CPU-based machine learning. Security is enhanced with always-on 256-bit DRAM encryption, allowing developers to run native cloud applications securely.

Microsoft’s Project Olympus is an open-source solution that incorporates hardware and software modules to create a holistic rack architecture. Project Olympus is part of the Open Compute Project which is releasing technical information to the developer community that may help even the playing field in the server industry. 

The schematics offer a well-defined starting point upon which manufacturers can build custom hardware solutions. Servers built under the auspices of Project Olympus will be infused with high debugging and testing capabilities that will help isolate intermittent and hard to duplicate problems. 

As the computing world’s requirements for faster and more efficient processing continues to grow, the cloud-tech giants will continue to evolve their solutions to meet the demand. The immense resources they wield ensure that when the need calls for it, the financial cost of employing custom hardware will not be an obstacle.