Thursday, August 6, 2009
- access from anywhere with an internet connection
- minimizes capital investment (hardware, facilities, etc.)
- potential for quick scalability (if applications are capable)
- temporary computing capacity (staging, development, DR, migrations)
Most of us in the industry also know about some of the security risks (CIA) associated with cloud computing too. An example of the availability risk recently occurred on August 6th, 2009 when Twitter, YouTube, and LiveJournal were all impacted by a DDoS attack (see NYTimes article). Unlike some of these areas, the legal implications of the cloud are still "To Be Determined" (TBD).
What are some of the legal areas that need to be considered when you begin to seriously consider Cloud Computing for your enterprise?
Jurisdiction: How do you determine where the data is being stored? This is important because it will determine what courts have jurisdiction and what law governs the use and treatment of that data.
Privacy: What legal access rights do law enforcement organizations have over personal information stored in the cloud? Remember that privacy laws vary considerably between countries and also between states within the US.
Licensing and Contractual Issues: What controls are in place for fee increases and service levels. How do you transfer from one cloud provider to another? (Are you locked in to a technology if your utilizing Microsoft's Azure or Google's App Engine?) What intellectual property protections are in place for the solution, the stored information, the hosted applications, etc.
I'm not suggesting these legal issues are important to everyone, or even enough of a reason to avoid the cloud in it's current state. What I am suggesting is, you want to be sure and consider these areas and understand the risks involved for your organization before you decide to jump on the cloud computing bandwagon.
Don't be Another Statistic!
Thursday, July 9, 2009
Friday, April 10, 2009
While I don't drink the MS kool-aid, I believe there are some advantages to the Windows 7 release for enterprises to consider.
For enterprise level endpoint OS management, MS has the most mature stack out there. If you're a doubter, look at how Red Hat and SUSE are playing catch-up on the Linux enterprise management front and Apple on the Mac front. Because its a mature stack you will likely continue to see incremental improvements as opposed to ground breaking advances. (the reality of mature products)
The incremental security functionality provided by BitLocker to Go and AppLocker, if it's not administratively burdensome, will help IT organizations to narrow the threats introduced by end user ignorance of maleware\spyware (which according to some security surveys is the #2 security incident within enterprises) and their propensity to leave intellectual property unprotected (especially when traveling - mobile device theft is the #3 most often occurring security incident). DirectAccess could help to protect the corporate network\infrastructure from the proliferating use of open WLAN access points that enterprise employees utilize when working remotely. If BranchCache improves MS's implementation of DFS (which still isn't ready for enterprise use), it could help to eliminate the capital outlays required for WAN acceleration and\or WAN bandwidth. All of these features, if they work well, could result in real capital savings for IT organizations. Desktop search - we'll see if they can beat the performance of the google search appliance.
Wednesday, April 8, 2009
The way Google (along Amazon, IBM, Microsoft, etc) is much more efficient and cost effective than most of us can provide\justify for our own organizations. This is an example of why cloud computing begins to make sense and maybe the realization of Carr's vision of IT just being similar to the power grid - it just works.
Friday, December 19, 2008
To get around this I did the following:
1) enable Postfix utilizing the "Activating Postfix on OS X 10.4 (Tiger)" from David Reitter's web site (works on 10.5 too) -
Utilizing the setup he outlines will allow you to send to test smtp servers you utilize internally but most properly configured external smtp servers will reject your smtp servers connection as I mentioned earlier.
2) setup postfix to utilize gmail or other publicly available smtp servers (if you have a gmail account of course...) by following these steps:
- add the following lines in "/etc/postfix/main.cf" by using the following command:
sudo pico /etc/postfix/main.cf
Add These Lines:
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes
3) create the file "sasl_passwd" referenced in the main.cf you just edited using the following command:
sudo pico /etc/postfix/sasl_passwd
Add this line:
[smtp.gmail.com]:587 email@example.com:password (if your using gmail)
4) restrict file permissions with:
sudo chmod 400 /etc/postfix/sasl_passwd
5) convert the password file (sasl_passwd) into the correct format for postfix:
sudo postmap /etc/postfix/sasl_passwd
6) download a copy of "cacert.pem" that you trust and install into:
7) start postfix:
sudo postfix start
send a test email from php using sendmail and it should work.
I've also used information from Christer Edwards on his Ubuntu Tutorials site.
Thursday, September 18, 2008
- Applications in the cloud - can you say SaaS, which was sexy along with web 2.0 until cloud became sexier (why does this remind me of the fashion world or Hollywood)
- Platform in the cloud - wasn't this originally called PaaS when SaaS was still sexy?
- Infrastructure in the cloud - this is your little brothers "Cloud"
With all seriousness, its amazing how portions of the technology field gravitate towards the next cool thing and then marketing organizations tag right along, renaming their products to sound sexy. Along with this mania, some techies will find a reason to use this technology whether its a fit or not. Some of the latest crazes that also follow this model are Ruby on Rails, Open Source, and VoIP. Just a few that quickly come to mind. These technologies aren't the panacea of their related technology areas. They are a tool in a tool belt of technologies we have available to us.
Cloud computing is great and offers a lot a benefits but it's not the end all, be all for IT. Many people such as Nicholas Carr and technology marketing departments like to make it out to be the killer app. They rally behind it because it helps to sell the books or technologies they happen to be pushing at the moment.
For those of you that make technology decisions for organizations - don't get caught up in the hype. Cloud computing has plenty of value but don't over subscribe to utilizing it. Be sure to analyze the appropriateness of it within the context of your overall architecture and business needs.
Wednesday, April 30, 2008
Am I right to assume that most people struggle with the question: "What type of work should I do for a living?"?