AMAZON SPECIAL JULY - 14 - 2017 CIOAPPLICATIONS.COM
COMPANY OF THE MONTH
NICOLAI BEZSONOFF, GM & VP, NEUSTAR
AWS THE “NEW” NORM
$15
Andy Jassy, CEO
JULY 2017 CIOAPPLICATIONS.COM
1
The Road to Remarkable Digital Experiences Starts Here Mozu was designed with the modern consumer in mind, and built to give both marketers and developers complete control over their content and commerce in the most intuitive and efficient way possible. Commerce without compromise, that’s Mozu. Learn more at mozu.com
The Modern Cloud Commerce Platform
2
JULY 2017 CIOAPPLICATIONS.COM
Join the Performance Driven Merchandising Movement ™
Powered by Quri Improve Display Execution Increase on-shelf availability More effectively sell to retail customers Continually optimize trade spend
Quri provides a new data asset of continuously collected in-store merchandising measures as seen from the shopper’s perspective, empowering CPG companies optimize field labor resources, engage in more strategic conversations with retailers, and drive higher trade spend ROI. Request a demo today | 888-886-8423 | quri.com
JULY 2017 CIOAPPLICATIONS.COM
3
10
PG COVER STORY
AWS “NEW” THE
Andy Jassy, CEO
AMAZON TOP 25
SOLUTION PROVIDERS-2017
COMPANY OF THE MONTH
Featured Solution Providers
40
17 Allgress Systems
Counterpunching :
20 Annese & Associates 24 censhare
Neustar is Thwarting Security Threats and Frustrating Attackers
27 CloudHesive
Nicolai Bezsonoff, GM & VP, Neustar
31 Cloudvisory 34 Linkbynet
IN MY VIEW
38 Modus 42 Resource IT Solutions 46 Wylei
08
49 Zettaset
Selling on Amazon without the Growing Pains
4
JULY 2017 CIOAPPLICATIONS.COM
Leo Castro, VP, Product Marketing and Brand, BigCommerce
NORM
Smarter, Better, Faster Business with the Cloud & Mobility Daniel M. Horton, CIO,
21
21
50
Michael Baker International Collectively Advancing Information Technology through Collaboration Jack Suess, CIO, University of Maryland Baltimore County (UMBC)
50
Embracing Hybrid Cloud with AWS
52
Joe Fuller, VP/CIO, Dominion Enterprises
18
25
28
52
Unexpected Upsides of Outsourcing Your Fraud Protection 18 The Rafael Lourenco, VP - US Operations, ClearSale in Hybrid Cloud 25 Trends Luke Norris, CEO and Founder, Faction
32
Pitfalls of the New Hybrid Cloud 28 Avoiding Justin Giardina, CTO, Iland Cloud Infrastructure the AWS Pricing Model for Enterprises: 32 Converting How Business Email Breaks the Mold Jonathan Levine, CTO, Intermedia
You Underestimating the Cost and Effort of 35 Are Cloud Management? Jason McKay, SVP/CTO, Logicworks
39
Changing the Status Quo through Hybrid Cloud Strategies Mark Clayman, President and CEO, TriCore Solutions
43
Change and the Cloud Lee Atchison, Senior Director, Strategic Architecture, New Relic
47
Application Containers-Increase DevOps Agility and Gain Efficiencies Jim Bugwadia, Founder, Nirmata
54
Accelerating Application Deployment through the Cloud John Landwehr, VP & Public Sector CTO, Adobe
35
39
43
47
54
JULY 2017 CIOAPPLICATIONS.COM
5
Editorial Powering the Startup Ecosystem
U
ntil a decade back, nobody would have imagined that an e-commerce company struggling with its scale problems will acquire such immense growth, that too in a time, when the market was already abuzz with leading players like Microsoft and Google. This can be better described in AWS CEO, Andy Jassy’s words, “When we wrote the business plan for AWS, I don’t think any of us had the audacity to predict that it would become this big this fast.” And here it is today, a trillion dollar company, sitting atop the cloud computing space with over 30 percent of market share. AWS, in past decade, has brought a seismic shift in cloud computing. Through all these years, AWS has grown by leaps and bounds through its innovative line of over 70 services and products, giving it an edge over other players in the market. A reason that has helped the company stand out is it has built volume at a very low operating margin, consequently building an extensive client base. AWS has consistently been an ideal partner for startups. Owing to the easy to use infrastructure and low costs, the company has been opted by the most renowned startups such as Airbnb, Slack, Spotify, and the most recent one being Netflix. The kind of names it has added to its clientele in the past few years speak volumes for the kind of expertise it holds. The company clearly believes that the startups are the future and hence, it doesn’t leave a stone unturned to ensure it extends continuous support to them through its offerings. However, it doesn’t take away the fact that AWS is a global company catering to companies of all sizes, directly and through its partner network. While other players like Microsoft, Google, and Oracle continue to devise strategies to beat Amazon in the cloud computing business, Amazon will continue to retain its position in the cloud computing space. In such a scenario, we are featuring a list of AWS partners and technology companies to help businesses make the right choice while associating with these companies to avail AWS products and services.
JULY - 14 - 2017 AMAZON SPECIAL
Managing Editor
Joe Phillip
Assistant Managing Editor
Shivali Sharma
Senior Writers
Royce D'Souza Justin Smith Rachel Clark Peter Jones
Editorial Staff
Graphics & Art
Sales
Ben Jackson Daniel Holmes Ezra Benjamin James Smith Leah Jane Mensholong Lepcha Naomi Dale Sudeshna Mazumdar John Connor Declan Cole Shravan Kashyap
Alison Samuels alison@cioapplications.com George Thomas george@cioapplications.com 510.757.1040
Mailing Address:
ValleyMedia, Inc. 44790 S. Grimmer Blvd Suite 202, Fremont, CA 94538 T:510.757.1040
Volume 02 - 10 Published by ValleyMedia, Inc.
To subscribe to CIO Applications Visit www.cioapplications.com
Do let us know your thoughts.
Joe Phillip Joe Phillip Managing Editor editor@cioapplications.com
6
JULY 2017 CIOAPPLICATIONS.COM
Copyright © 2017 ValleyMedia, Inc. All rights reserved. Reproduction in whole or part of any text, photography or illustrations without written permission from the publisher is prohibited. The publisher assumes no responsibility for unsolicited manuscripts, photographs or illustrations. Views and opinions expressed in this publication are not necessarily those of the magazine and accordingly, no liability is assumed by the publisher thereof.
JULY 2017 CIOAPPLICATIONS.COM
7
IN MY view
SELLING ON AMAZON
WITHOUT THE GROWING PAINS LEO CASTRO, VP, PRODUCT MARKETING AND BRAND, BIGCOMMERCE
service standards and dealing with additional inventory can be taxing for small business owners, many of whom already feel as though they are being pulled in a hundred different directions. Keeping track of inventory and resolving shipping problems across multiple channels takes a lot of time to get right. So how do you capitalize on the world’s largest marketplace without adding operational costs? It all comes down to strategy. Here are three tips on growing your business on Amazon without compromising:
1. Know Your Marketplace Selling on Amazon is not like selling on your own website. Competition is much higher and sellers tend to Leo Castro win on price. Despite the tighter margins, competitive pricing can lead to greater sales volume, ith more than 200 million active shoppers and over $100 ultimately resulting in a higher ROI overall. billion in gross sales during Understanding differences in 2016, Amazon is by far the between retail channels, and world’s largest marketplace. approaching each in a way that In fact, according to BloomReach, in the U.S. 55 is best suited for its users, is key percent of all online product searches begin on to succeeding on Amazon. Sellers Amazon, representing a huge opportunity for retailers looking to broaden their product visibility. also should not feel obligated to sell every product through every For small businesses that have yet to begin channel. The beauty of multichannel selling on Amazon, often there is a reticence selling is that each channel can be to begin selling in the marketplace due to the tailored with a product offering added burden of managing Amazon listings and that makes sense for that particular orders. I get it. Meeting Amazon’s high customer
W
8
JULY 2017 CIOAPPLICATIONS.COM
audience. For example, retailers may choose to sell high margin goods on Amazon, trading exposure for net profit while keeping lower margin inventory for their branded storefront. Retailers must also learn how to cope with ceding control over their own brand, marketing and promotions, all of which are limited when selling through another channel that you do not fully control. In some highly-competitive product categories, your unique branding and positioning may not be as apparent in a marketplace where the lowest price typically wins. If you have a unique, hard-to-find product, you might find those are best reserved for your own site. However, there may be other products in your catalog that are suited for Amazon’s immense scale that will allow you to pull in new customers, then encourage repeat purchases through your product branding and customer service. Knowing how to best leverage the strengths of both Amazon and your own storefront will help you form the best strategies, and achieve maximum ROI, for each.
2. Simplify Inventory Management Or rather, find a reliable ecommerce platform or technology that can help you manage inventory at scale.
Most retailers cite logistical challenges as a primary reason for not expanding into more channels. Managing inventory used to be a stressful experience involving spreadsheets, physical logs, and juggling skills to prevent shortages and overselling. Nearly every seller has a horror story about generating demand, only to find themselves unable to fulfill the orders in a timely fashion. But today this need not be an issue—modern ecommerce platforms and inventory management systems have made this process far more efficient for merchants, regardless of how many sales channels they choose to add. Omnichannel retail no longer has to mean Excel hell. Ecommerce platforms designed for multichannel merchants will do 90 percent of the work for you, and using inventory management software that natively integrates with Amazon drastically reduces operational overhead for expanding into new channels. Make no mistake, inventory mistakes can cost you a sale - or worse, a customer. If you are consistently out of stock, you won’t feature in Amazon’s Buy Box. The Buy Box accounts for 90 percent of Amazon sales, so you don’t want to miss even a minute of eligibility. Secondly, inventory missteps might result in selling an out of stock item. For example, if you have one backpack left to sell in your warehouse and two customers on your branded site and Amazon click purchase at the same time, who gets the backpack in such a
SEO, great product reviews, and high customer satisfaction are just as important on Amazon as they are for your store situation? Trying to sell something you can’t actually deliver is a poor customer experience and one that might dissuade even the most loyal customer from returning. Finding an inventory management system that works for your business helps prevent omnichannel growing pains and allows you to never miss an opportunity to convert.
3. Don’t Forget the Basics While the Amazon marketplace is a different playground, the basic rules still apply. SEO, great product reviews, and high customer satisfaction are just as important on Amazon as they are for your store. For example, Amazon has a keyword tool similar to Google’s. Pay attention to the keywords that are used by your customers and your competitors. Attributes like title, subtitle, and product description—all factor into your
Amazon search ranking. Having professional product photography will help boost your click through rate. If you’re unsure where to begin, evaluate competitors that rank highly for target keywords, then start by replicating what they get right in their product titles and descriptions. Great reviews also boost your search ranking. Accurate descriptions, addressing questions on Amazon in a timely fashion and rapid order fulfillment are all effective ways to organically encourage positive reviews. As more and more shopping moves online, customers will continue to value brands that deliver an exceptional experience. Start by learning what they are looking for and how your products fit into this. What drives them to purchase and what questions can you answer proactively to overcome barriers to the sale? Keeping your customer’s needs first and foremost, even on channels you don’t own, will skyrocket conversions.
Bend, Don’t Break Incorporating an omnichannel strategy into your business model requires some flexibility. Not all marketplaces are equal. Adjusting your retail tactics for new channels can take time and experimentation to get right. Remember, success online is a marathon, not a sprint. But if you do it right, the returns from growing on Amazon are certainly worth it. JULY 2017 CIOAPPLICATIONS.COM
9
COVER STORY
AWS
THE “NEW” NORM By Peter Jones
O
ne of the major milestones achieved in the cloud computing timeline was the development of Amazon Web Services (AWS) in 2002, offering IT infrastructure services to businesses in the form of web services, now commonly known as cloud computing. Today, cloud computing has become the new normal in the tech industry wherein it sets a stage for a fresh approach to IT. Manifesting itself as the descendant of several other computing research areas such as service-oriented architecture, distributed and grid computing, and virtualization, cloud computing inherits their advancements. As such, cloud computing provides many key benefits and the opportunity to replace up-front capital infrastructure expenses with low variable costs that scale with businesses. AWS also emphasizes on bolstering its security infrastructure to mitigate the job of hackers and provide a high-shield protection network. “There’s so much security built into these cloud computing platforms today. “For us, security is our top-notch priority—it’s not even close, relative to anything else,” states Andy Jassy, CEO, AWS.
10
JULY 2017 CIOAPPLICATIONS.COM
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Andy Jassy, CEO
JULY 2017 CIOAPPLICATIONS.COM
11
Disrupting the Cloud Computing Market Amazon Web Services is a dynamic business unit within Amazon.com that has grown quickly. AWS essentially started with their Simple Storage Service (S3). Amazon S3 can be used to store any amount of data, from anywhere on the web, and at any time. “We think that in the fullness of time AWS could be the largest business in Amazon. Part of that is because, if you look at the market segments AWS addresses— infrastructure software, hardware, and data center services to stack up its capability. It’s a very large opportunity and we’re very optimistic about where AWS will be in the long term,” says Jassy. After years of providing storage in the cloud, AWS enabled “computing” in the cloud with Amazon Elastic Compute Cloud (EC2). It forms a central part of AWS, and allows users to run their computer applications in the cloud on a scalable basis. EC2 encourages flexible deployment of applications by providing a web service through which a user can boot an Amazon Machine Image to configure a virtual machine, and is known as an “instance”, containing any software desired. A user can create, launch, and terminate server instances as needed. EC2 further provides users with control over the geographical location of instances that allows for latency optimization and high levels of redundancy.
AWS: The Total Package The platform provides the building blocks that can be assembled quickly to support any workload, can be adjusted according to the needs of the business and there is no upfront cost or ongoing commitments. AWS’ set of infrastructure services are delivered through the internet with pay-as-yougo pricing model. AWS also enables organizations to use the programming models, operating systems, databases, and architectures with which they are already familiar. In addition, the flexibility of the services helps organizations mix and match architectures in order to serve their diverse business needs. It allows organizations to quickly innovate, experiment, and iterate. In contrast, the AWS cloud computing platform
12
JULY 2017 CIOAPPLICATIONS.COM
provides the elasticity to launch applications regardless of its use case or industry. Likewise, AWS cloud-computing platform delivers end-to-end security and privacy in accordance with industry-recognized certifications and audits. The firm’s services and data centers have multiple layers of operational and physical security to ensure the integrity and safety of the customer’s data. Besides, AWS’s features such as a wide range of database engines, server configurations, encryption, and powerful big data tools allow organizations to stay focused on their core business, and not on corralling or cooling infrastructure.
AWS provides many key benefits and the opportunity to replace up-front capital infrastructure expenses with low variable costs that scale with businesses Growing from Strength to Strength The firm constantly hones its operational expertise to ensure ongoing dependability, and continues to incorporate both industry best practices and proprietary advances into the cloud infrastructure. Recently, the company launched its Greengrass software that is capable of enhancing the edge computing capabilities for IoT devices. This software empowers customers to have flexibility on devices and act locally on the data they generate while using the AWS Cloud for management, analytics, and storage – all using a single, familiar AWS programming model. In the near future, AWS is also looking to expand its global infrastructure with at least ten new Availability Zones in new geographic regions that include India, Montreal in Canada, Ningxia in China, Ohio in North America, and the United Kingdom.
TAKE YOUR GLOBAL OPERATIONS LOCAL Yext puts business on the map with the award-winning Location Cloud. We enable companies of all sizes to manage location data across their websites, mobile apps, internal systems, and the industry’s largest ecosystem of maps, apps, social networks, directories, and search engines including Google, Apple, Facebook, Bing, and Yahoo. Our products — Listings, Pages, and Reviews — enable the world’s millions of businesses to drive faceto-face and digital interactions that boost brand awareness, drive foot traffic, and increase sales. yext.com Map shows Yext-managed location data as of November 1, 2016
JULY 2017 CIOAPPLICATIONS.COM
13
AMAZON TOP 25
C
SOLUTION PROVIDERS-2017
loud computing has unlocked new doors of efficiencies for organizations assuring high agility and reduced costs. This breed of technology has enabled organizations to reduce the work of the physical servers and run applications through the cloud. While the above points spell out the benefits of cloud computing, moving to cloud is not really an easy job. Assisting organizations to enact this shift is Amazon Web Services (AWS). As a subsidiary of Amazon.com, AWS brings forth a cluster of on-demand cloud computing platforms to individuals, companies, and governments. AWS comprises of more than 70 services spanning across a wide array including computing, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools, and tools for the Internet of Things. Their most prominent products are Amazon Glacier and Amazon Simple Storage Service (S3) for storage and Amazon Route for networking. As an infrastructure that empowers companies to comply with the evolving market trends, AWS allows companies to maintain applications, store videos, preserve humungous data shelf, and run various analytical operations. These developments bring forth enormous benefits and agility for on-premise solutions, many SMEs still find it difficult to move to the cloud. To assist CIOs maneuver in the right direction while adopting AWS, a distinguished panel of CEOs, CIOs, VCs, and analysts along with the CIO Applications’ editorial board has selected the leading AWS solution providers. The companies featured in this edition demonstrate the ability to develop innovative technologies combined with outstanding customer service. We present to you “Top 25 Amazon Solution Providers 2017”.
14
JULY 2017 CIOAPPLICATIONS.COM
Top 25 Amazon Solution Providers - 2017 Company
Management
Description
Allgress Systems Livermore, CA allgress.info
Jeff Bennett President & Co-Founder
Enables enterprise risk, security, and compliance professionals the ability to efficiently manage their risk posture
Annese & Associates Clifton Park, NY annese.com
Raymond H. Apy CEO & President Rus Healy Chief Technology Architect
A technology solutions integrator backed by four decades of expertise and relationships, with a continual focus on innovation
appReef Coppell, TX appreef.com
Vijay Reddy Founder & CEO
The firm provides PaaS and SaaS solutions simplifying data design, security, user interface, administration, and delivery of complex solutions
AWS Seattle, WA aws.amazon.com
Andy Jassy CEO
Provider of a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers businesses around the world
Cascadeo Seattle, WA cascadeo.com
Michael Norring CEO
Assists businesses in cloud migrations, DevOps, professional services, and managed services through its specialization in AWS Microsoft Workloads Competency
censhare Denver, CO censhare.com
Dieter Reichert CEO
Delivers all-in-one digital experience platform that helps customers meet the specific requirements in their entire digital journey
CloudHesive Fort Lauderdale, FL cloudhesive.com
Jim Walker CEO
CloudHesive is an Amazon Web Services Managed Service Provider that offers consulting, DevOps, and managed services with a focus on security, reliability, availability, and scalability
Cloudnexa Philadelphia, PA cloudnexa.com
Joel Davne Founder & CEO
Specializes in Cloud Computing, Cloud Managed Services, Cloud Design and Deployment, and Amazon Web Services
Cloudvisory Dallas, TX cloudvisory.com
Lisun Kung CEO
A service provider that delivers real-time visibility, centralized security policy automation, intelligent micro-segmentation, and continuous compliance enforcement for AWS, Azure, OpenStack, Kubernetes
Cooperative Computing Dallas, TX cooperativecomputing.com
David HT Kramer Executive Chairman
Helps organizations create demonstrated business value through the use of technology
DoubleHorn Communications Austin, TX doublehorn.com
Tab Schadt CEO
Provides multi-cloud management platform , empowering organizations to monitor and manage the cloud solutions
Engine Yard San Francisco, CA engineyard.com
Andy Tryba CEO
A cloud orchestration platform ethat empowers developers and DevOps to provision, manage, monitor, and control applications in the public and private cloud
JULY 2017 CIOAPPLICATIONS.COM
15
Top 25 Amazon Solution Providers - 2017 Company
16
Management
Description
Evident.io Pleasanton, CA evident.io
Tim Prendergast Founder & CEO
Renders fastest security and compliance automation for public cloud in a friendly and consumable manner
GeoMarvel Alexandria, VA geomarvel.com
Jon Nordling Founder & Solutions Architect
A geographical software development company that focuses on application development strategy, design, and innovation
Hosting Denver, CO hosting.com
Joel Daly CEO
Offers a complete unified cloud solution on the AWS and Microsoft Azure cloud platforms
Linkbynet Buffalo, NY linkbynet.com
StĂŠphane Aisenberg, Co-founder Patrick Aisenberg, Co-founder & Director Julien Trassard, CEO North-America
Managed Services provider for cloud computing, high security business hosting, IT performance management, and IT outsourced services
MediaNet Software Miami, FL medianet.es
Pablo Angulo Senior Manager
An Amazon Web Services partner that helps designing system architectures for businesses
Modus Washington, D.C. discovermodus.com
Steven Horan Executive Chairman & CEO
Offers a broad range of eDiscovery services tailored to meet the needs of law firms
Neustar Los Angeles, CA neustar.biz
Nicolai Bezsonoff GM & VP
Global information services provider providing solutions in marketing, risk, security, registry, and communications
Nuvitek Herndon, VA nuvitek.com
Venkat Veeramneni CEO
System integrator and technical service provider for efficient IT operations
Resource IT Solutions Miami, FL resourceit.com
Paulo Marcelo CEO
An IT services company specialized in digital Integration and digital transformation solutions
Solid Commerce Marina del Rey, CA solidcommerce.com
Eran Pick CEO
Assists online sellers increase their revenue streams with software, training, and direct assistance
VistaraIT San Jose, CA vistara.io
Varma Kunaparaju CEO & Co-founder
Specializes in IT Operations Management, Hybrid Cloud Management, Software as a Service, and DevOps Enablement
Wylei Jersey City, NJ wylei.com
Meg Columbia-Walsh CEO
Predictive AI innovator in the cloud-based machine learning and marketing automation space
Zettaset Mountain View, CA zettaset.com
Jim Vogt President & CEO
Provides proven enterprise-class data security software solutions that are optimized for petabyte data center and cloud deployments
JULY 2017 CIOAPPLICATIONS.COM
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Allgress Systems Compliance Partner for AWS
C
onstantly changing cyber security risks environment, regulations, and the momentum of cloud computing has put pressure on organizations of all sizes to more effectively manage risks from within and their partners. However, a major hurdle for organizations regardless of verticals migrating to the cloud is adhering to the shared responsibility model resulting in complex uncertainties. Moreover, companies are in need of solutions to manage the shared responsibility model associated with the cloud or hybrid environments. Allgress has provided a comprehensive IT risk management solution since 2008. Late year, Allgress introduced a GetCompliant Portal specific to AWS that identifies and reports on the shared, inherited, and customer specific controls so an organization can see a complete view of their compliance posture. Being customer driven, the firm has blended on-premise cloud solutions with the AWS environment making it a hybrid solution. “We were the first vendor to provide automated assessment solutions for IT Risk Management buyers within the AWS environment using their APIs, before they realized they were going to need it,” says Jeff Bennett, President and Co-founder of Allgress. The tool simplifies compliance, enabling security and risk professionals to analyze, comprehend, and regulate corporate risks quickly and efficiently. The Allgress GetCompliant Portal for AWS assesses compliance against regulations including HIPAA, CJIS, NIST, and FISMA to eliminate risk, and
cuts down the timeframe to accomplish compliance. Moreover, the tool guides organizations through the compliance process, providing an automated process through the entire process. To provide more comprehensive security and compliance capability within the AWS customer environment, Allgress provides the Continuous Compliance Monitoring and advancedreporting module (CCM). This add-on module supports on-going compliance efforts, which include real-time monitoring of changes within the AWS customer environment, remediation workflows, dashboards, and advanced reporting. With the combination of assessment and CCM, customers can comprehensively manage their risk posture in an AWS environment. In addition to the GetCompliant Portal for AWS, Allgress introduced the Regulatory Product Mapping Tool (RPM). Allgress designed this tool specifically for customers deployed within AWS who want a trustworthy way to easily identify AWS services, solutions in AWS marketplace, and APN technology partner that will help them reach specific regulatory requirements (such as ISO, NIST, and PCI-DSS controls). An example of a third-party tool integrated with RPM is Allgress partner CloudCheckr—a Cloud Management Platform (CMP). The partnership enables AWS customers utilizing the CloudCheckr CMP to make compliance even easier for customers so they can easily check and verify the compliance and security of their cloud infrastructure in a unified view. Allgress also provides its patented Business Risk Intelligence solution
Jeff Bennett, President and Co-Founder for IT security, compliance, and risk management across enterprise networks that automates entire IT GRC management process. “Our IT GRC management platform provides organizations’ information security and compliance professionals the control they need to manage risk posture inclusive,” expounds Bennett. Allgress, a global provider of award-winning cost-effective solutions (GRC) for end-user organizations and third party vendors is one such organization. Down the road, Allgress will continue to augment the mapping of various compliance standards to help customers reduce their risk posture by complying with additional regulations and best practices. The organization plans to incorporate AI into its compliance process to make it more seamless for its customers. Allgress’ ITRM and GetCompliant solutions for the AWS environment have elevated the interest of adding support for an additional capability that will take Allgress to new heights. JULY 2017 CIOAPPLICATIONS.COM
17
cXo insights
THE UNEXPECTED UPSIDES OF OUTSOURCING YOUR FRAUD PROTECTION RAFAEL LOURENCO, VP - US OPERATIONS, CLEARSALE
E
very business that sells online has to be concerned with fraud prevention, because worldwide incidents of online fraud rose by 30 percent from 2015 to 2016. Just as online and mobile shopping are increasingly popular with consumers, these channels are gaining ground among fraudsters, too. In part, that’s because point-of-sale fraud is getting harder to commit as US retailers switch to chip-and-PIN card readers in stores. It’s also because criminals have found ways to use botnets and vast caches of stolen consumer data to test stolen card numbers, hijack or create customer accounts, and make multiple purchases quickly from large numbers of retailers. Ignoring the problem isn’t an option, because fraud can quickly put a company out of business due to lost revenue and goods, chargeback fees, and merchant account closure. Many companies try to manage fraud prevention in-house, but that has some potential drawbacks, too. One is cost. Javelin Strategy and Research recently found that companies can spend up to 23 percent of their operational budgets fighting fraud. Another drawback is that in-house screening can have serious logistical limitations. It may work for a small company with a low volume of orders but break down when order
18
JULY 2017 CIOAPPLICATIONS.COM
volume rises. Companies that sell across borders must be able to verify orders in a way that takes into account multiple time zones, languages, and consumer habits. Sellers that err on the side of caution by rejecting lots of orders can lose more money to falsely declined orders than to fraud itself. Add in the fact that fraud tactics are always changing, and you have a blueprint for an expensive, overtaxed, and underperforming inhouse fraud prevention program. Turning fraud screening over to an outside provider may seem like a dramatic step, but the benefits often go beyond a drop in fraud. Here are some of the outcomes businesses have documented after moving from in-house to fully outsourced fraud screening.
Fewer False Declines Mistakenly rejected orders cost merchants more than five times as much as actual fraud, according to the latest industry research. Many of those rejected customers will take their business elsewhere, meaning lost future sales, too. By hiring experts to use precision screening techniques rather than the blunt instrument of automatic denials, sellers can approve more sales and retain Rafael Lourenco more customers over the long term.
Higher Revenues With less completed frauds and fewer mistakenly rejected
Faster Order Responses Customers expect instant results. While an in-house fraud team may not always be able to decide an order in real time, dedicated fraud protection services can usually do so. That allows sellers to confirm and fulfill those orders faster for better customer satisfaction.
More Time to Grow the Business
orders, companies often see an increase in revenue after outsourcing their fraud prevention—especially if the new service also helps them sell into more markets.
More Cross-border Sales Many sellers reject all cross-border orders, either because they fear fraud or because they don't have the in-house resources to verify orders properly. A good outsourced fraud protection service will provide accurate screening tools for international sales and customer service experts who speak your customers’ languages to verify orders. The result can be more sales in more markets.
Elimination of Fraudrelated Chargeback Costs By choosing a fraud screening provider with a chargeback guarantee, businesses can avoid paying chargeback fees to their processors. If the fraud prevention service approves a fraudulent transaction, it covers the cost of the chargeback to spare the merchant a loss.
Reduced Chargeback Ratio For businesses that have a fraud problem, reducing the ratio of chargedback orders to total transactions is
a must. If the ratio climbs too high, account cancellation can quickly follow. Even if the problem never gets quite that bad, a high chargeback ratio means the seller will pay higher transaction processing fees. A lower chargeback ratio not only keeps the business running, but also reduces costs over the long run.
With less completed fraud and fewer mistakenly reject orders, companies often see an increase in revenue after outsourcing their fraud prevention
When a big chunk of in-house resources and attention are dedicated to fraud management, product development can slow or stop. By relieving its people of the responsibility to prevent transaction fraud, businesses can focus on their core goals of innovation, quality, and growth.
Customized, Cuttingedge Fraud Prevention Strategies A good fraud-protection provider will work with each business to tailor a prevention program to the company’s industry, location, customer base, and other factors. And because the service screens all of the client company’s orders, rather than just those the company flags, it builds a comprehensive set of evolving data on that particular company’s fraud-attack patterns and valid customer behavior. That makes screening more accurate and faster over time. Finally, outsourcing fraud prevention gives a company access to the latest technology and human intelligence in the fraud field. That means that when new types of fraud arise, or there’s a spike in fraud attempts, or consumer behaviors change, the company is still fully protected. That peace of mind is yet another benefit to outsourcing fraud prevention. JULY 2017 CIOAPPLICATIONS.COM
19
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Annese & Associates Successful Cloud Solutions Leveraging AWS
“C
loud solutions have reached a level of maturity that makes them not only viable but also imperative to fold into business strategies,” says Rus Healy, Chief Technology Architect of Annese & Associates. It was in the year 2014, Annese integrated with the Amazon Web Services’ Partner Network and became an authorized AWS channel reseller, officially launching its Cloud Practice to the next level. Two years later, when The AWS Public Sector Partner Program recognized companies with strong overall AWS practices, demonstrating their expertise in serving clients, Annese made it straight into the list. This shows the journey of Annese as an Amazon partner and the trust that their clients have shown in the firm. Perceiving the potential of the cloud to break down geographic and business barriers, Annese offers valuable services to its customers through guidance and consultative practices—developing long-term cloud strategies.
Their customer intimacy strategy allows Annese to anticipate their customers’ needs and develop their practices to provide desired solutions and products Annese’s cloud practice includes consulting, architecture, implementation, and managed services. By leveraging AWS for a large portion of its cloud services and management portfolio, the firm offers enterprise customers fast and flexible access to the cloud, and moreover, the ability to run their applications on the AWS Cloud, leveraging its shared security model. The company has also done a lot of
20
JULY 2017 CIOAPPLICATIONS.COM
architecture and deployment work related to security environments, including PCI and HIPAA environments. Annese’s disaster recovery and business continuity services cater to multiple markets of different sizes. Serving medium-sized and large scale enterprises alike, Annese delivers storage for backup, archive, and video surveillance via cloud technology. One such instance was when Annese aligned with CloudEndure to help one of their healthcare clients with migration and disaster recovery. They had three hospitals, a primary data center Rus Healy, with 600 servers in it, and a Chief Technology Architect secondary data center that was undersized and outdated. Annese proposed a CloudEndure disaster recovery solution on AWS which gave them a two minute recovery point objective and 1-hour recovery time objective—showing the viability of six stage servers solution. Annese’s active cloud practice has an excellent track record, and many cloud-based solutions, especially IaaS and PaaS. “Our partnership with AWS is of great significance as it encourages our clients to adopt additional AWS services apart from AWS Direct Connect which adds unique value to our customer base,” Healy says. Using AWS WorkSpaces products for desktops in the cloud, Annese allows customers to connect from any part of the world via high-speed connectivity from their desktop. Moreover, the company has also made an ongoing consulting connection with their clients, helping them understand how AWS works. The company conducts whiteboard sessions with customers to help them understand how cloud solutions work in the field of compliance and security, and how Annese has architected their solutions. Working with customers across New York State and the Northeast, Annese plans to expand its cloud-based practice significantly.
CIO INSIGHTS
SMARTER, BETTER, FASTER BUSINESS WITH THE CLOUD & MOBILITY DANIEL M. HORTON, CIO, MICHAEL BAKER INTERNATIONAL
E
very day, businesses of all types confront the ever-present challenge of working more efficiently and effectively toward continuous improvement and standing out among their peers. Companies constantly ask themselves: “What differentiates us?”, “How are our products and services perceived?”, and “What sets us apart from the others?” Technology can and should be a cornerstone for answering these “looking in the mirror” questions, and Information Technology (IT) departments across the world are increasingly embracing their role as a solutions provider that can help steer organizations toward greater success and profitability. Advancements such as cloud computing and mobility are enabling companies to work smarter, better and faster. For IT departments, maximizing the benefits of these advancements requires a commitment to consistent methods of analyzing needs and implementing technology solutions. “The number one benefit of information technology is that it empowers people to do what they want to do. It lets people be creative. It lets people be productive. It lets people learn things they didn't think they could learn before, and so in a sense, it is all about potential.” –Steve Ballmer As an IT leader, you may be putting your company at major competitive and financial disadvantages if you haven’t acted on the game-changing innovations introduced over the past five years. Even if you have planned and positioned yourself for these changes, developing consistent approaches of implementing solutions is crucial to success. This means being agile and adaptable to change in real time. It also means integrating vendor partnerships as true extensions of your internal team, enabling it to respond appropriately to unexpected increases in workload without having to restructure. Cloud offerings and Everything-as-a-Service (XaaS) are on the rise, which provides us with more solution and implementation options. The world is adopting a “Cloud First” approach for centralization, scalability on-demand, increased mobility, standardization, simplification and more. Incorporating the cloud into infrastructure at varying levels
Daniel M. Horton
JULY 2017 CIOAPPLICATIONS.COM
21
maximizes investment and achieves more with less. Eliminating or reducing a hardware footprint focuses efforts on real-world operational solutions rather than maintaining, upgrading and replacing equipment at regular intervals. A cloud-based infrastructure also minimizes downtime and planned after-hours outages during hardware improvements. Best-of-breed IT operations are implementing solutions that deliver greater flexibility on readily available platforms, all with an eye on how the workforce gets the job done. For an IT department, the benefits of increased mobility are palpable whether that department is supporting a single office or hundreds of offices and project sites globally. Modernizing our processes and applications to compliment this trend contributes to increased productivity. Creating workflows that users can initiate on a mobile device drives efficiencies and speeds processes;
22
JULY 2017 CIOAPPLICATIONS.COM
The number one benefit of information technology is that it empowers people to do what they want to do which encourages employees to stay connected. As we continually evaluate the workforce model and establish new methodologies, we can streamline our work lives when coupled with the right technology. We are equipping field personnel with the ability to connect to corporate networks and collaboration tools from their trucks and job sites. Remote monitoring of job sites helps
maintain a high level of oversight and reduction in travel costs. With the power of the cloud and the increased mobility options, businesses can tailor processes and applications to support portability and working on the go. These are exciting times for IT professionals. The value of the support and service we deliver has never been higher. Investing time to review processes, procedures, and technologies at regular intervals ensure IT teams are not maintaining a stagnant framework just because “it still works.� Constantly analyzing the needs of the enterprise and implementing smart technology solutions can empower a company to push the envelope when it comes to working smarter, better and faster. When you put all three together and consistently produce results on each front, you make it easier for your employer to answer that crucial question of what makes your company different.
AMAZON TOP 25
SOLUTION PROVIDERS-2017
censhare All-in-One Digital Experience Platform
A
s the global economy is at the center of digital transformation, organizations regardless of the sectors they cater, have adopted new business models to provide a holistic digital experience to their customers. Yet, most of the organizations’ endeavors towards this end have not been fruitful as they continue to work with the legacy architecture of web IT fragmentation, and silos of content and engagement system that limits them from being agile and transformative. Therefore, to keep up with the ever-changing consumer requirements and demands, organizations need to bridge the gap between the trusted old industry niches of Digital Asset Management, Product Information Management, Marketing Resource Management, and Web Content Management and should integrate those with consolidated content platforms that would deliver relevant content along the entire customer journey. Fortunately, this approach has been made readily available to customers by censhare. By proffering a digital experience platform that pools all content within one information-centric network with a consistent user interface, the company has been able to address the niche requirements of clients striving to provide a top-notch digital experience across all touch points. It includes features such as multi-channel delivery, manage complex content, integration to creative tools, manage rich media, workflow, and governance, and resource and reporting. Rather than following a strategy defined by an industry niche, which would compromise capabilities in certain areas, censhare has built a quintessential solution that helps its
24
JULY 2017 CIOAPPLICATIONS.COM
customers meet their specific business needs. Incorporating a semantic database technology that is similar to technology that powers advancements in artificial intelligence and virtual assistants, the company has been able to deliver a flexible relationship based data model that enables its clients to drive revenue and build a competitive advantage in the market. “A semantic database means that the system can understand and map relationships between assets and create new relationships easily,” expounds Dieter Reichert, CEO of censhare. Today, censhare has become the choice of customers not only to deliver an engaging customer experience across all their touch points but also to obtain
Dieter Reichert, CEO with integration and the consolidation of experience in real time. In one instance, Vitra—an international high-design furniture brand approached censhare with very specific needs for delivering a top-notch customer experience. By implementing censhare’s digital experience platform,
censhare’s non-silo approach to building digital experience platforms is helping its clients to solve the underlying real business challenges effortlessly a single, consistent user experience that is intuitive and essential for the business users. Coupled with the flexibility of provisioning the solution through Amazon, the company’s non-silo approach to building digital experience platforms is helping its clients to solve the underlying real business challenges effortlessly. To ensure faster and better communications with every customer via every touch point, organizations use censhare to manage and optimize content consistently for all channels from one central platform. Powered by semantic database technology, this platform not only ensures flexibility but also arms its clients with the ability to retrieve data and deliver dynamic content efficiently and quickly. Moreover, it eliminates the concerns associated
the client could communicate seamlessly across all platforms—from print publications, price lists, and websites to social media in one orchestrated campaign. “As a European company, the software was built for addressing the needs of multiple languages including the complexity of language variants, multi-byte characters, translation workflow,” comments Reichert. In the coming years, the company will be focused on stationing censhare as the hub for organizations’ digital experience platform strategy and marketing infrastructure. Strengthening resource management and reporting capabilities to better respond to the growing Marketing Resource Management (MRM) is also on the top of Censhare’s charted roadmap.
CXO INSIGHTS
TRENDS IN HYBRID CLOUD LUKE NORRIS, CEO AND FOUNDER, FACTION
W
hen organizations decide to deploy cloud services, the technology they choose matters tremendously. While pilot projects will tend to start small, with limited functionality, it’s important to choose a technology foundation that offers room for expansion—both in terms of functionality richness and hybrid cloud interoperability for the future.
The Efficacious Usage of Hybrid Cloud Hybrid cloud is hot buzzword and a key tool in your cloud tool belt, but many organizations have little experience with coherently implementing it. Hybrid cloud is the deployment of computing resources across both public and private cloud infrastructure; some definitions extend that to include mixing physical gear in colocation into cloud environments. Applications are at the heart of the drive to hybrid cloud, because the best hybrid cloud architectures blend applications running on a private cloud environment with the tools and options of hyperscalar public clouds. The public cloud appeal causes problems for some traditional IT workloads. The typical enterprise has not only their IT crown jewels – ERP systems, databases, CRM systems, and so on–but hundreds of line-ofbusiness applications that deliver enormous value every day, but without the resources for developers to prepare them to run in the public cloud.
This creates a challenge for IT departments; how can you enable developers to utilize public cloud in areas where it makes sense, while preserving those other enterprise applications? Moreover, how do you enable these applications in the public cloud to access the other applications of the enterprise—because in today’s world, no application is an island. This bifurcation between the need for stability in existing applications and agility in new applications led to a new term to describe the curation of those two halves of the IT world: Bi-Modal IT.
Bi-Modal IT: The Application-centric driver for Hybrid Cloud Gartner coined the term “Bi-Modal IT” to describe an application deployment strategy where IT departments maintain a more traditional IT environment for their “Type 1” applications–those that require stability over agility and thrive in the traditional high-SLA, high-uptime world of traditional enterprise IT. The “Type 2” applications are those focused on delivering agility, and leverage Devops deployment models, cloudnative application development tools like NoSQL databases, and horizontal scaling models. This fits perfectly into the first phase of a hybrid cloud model because existing Type 1 workloads can remain in a private cloud environment or transitioned to a hosted private cloud environment, typically VMware-based while providing a platform to blend those private cloud
Luke Norris applications with public cloud resources. Hybrid cloud allows organizations to keep their people, processes, and technology to maintain their existing applications, while having a tight network integration to the public cloud, enabling interaction between private and public cloud applications. A significant driver for this is the shift towards new application architecture: microservices.
Microservices Microservices is a new paradigm for deploying applications that relies on each tier of an application being its own
JULY 2017 CIOAPPLICATIONS.COM
25
horizontally scalable layer. The servers in each tier typically have a single job, for example, an authentication service. With microservices, each tier scales out independently and the services become building blocks that can compose more complex services. Composability is a hallmark of cloud native applications, which are driven by application programming interfaces (APIs), even for intercommunication. Composability via APIs is the object-oriented programming of cloud native applications - it allows isolation, scalability, and re-use. Because microservices depend heavily on networkbased API calls for communication between services, the components are highly sensitive to latency between services. That typically means all the services need to be in a local or metro network area. This is a key factor driving the adoption of hybrid cloud: the need to maintain a private cloud environment, but a desire to have fast, low-latency connectivity to public cloud resources to take advantage of public cloud as well.
Hybrid Cloud to the Rescue Hybrid cloud is meant to solve both the traditional IT environment and the next-gen agile application environment, and help them thrive in harmony. In a hybrid cloud environment, IT teams enable deployment of both traditional applications–using the people, processes, and technology they already know and rely on–as well as the “Type 2” applications, using that high-speed cloud-attached networking. This is a powerful combination, allowing the “lift and shift” of the traditional application environment, so it can be proximate to the new generation of application. Most IT departments have a VMware-based environment that runs their traditional applications. They rely on this VMware layer to allow non-disruptive maintenance via vMotion, as well as the resiliency provided by VMware’s HA technology. Many leverage it for features such as snapshots or changed-block tracking in order to make backups and recovery easier. Some utilize security features to ensure the security of the guest virtual machines. Some utilize it for virtual desktop environments.
26
JULY 2017 CIOAPPLICATIONS.COM
IT departments rely on their VMware skill sets to enable all this functionality. Consequently, many successful shifts to hybrid cloud look to utilize VMware-based environments that have connectivity to the public clouds. There are three significant challenges to this shift, however: • Many organizations do not have the experience, technology, or scale for simple or cost-effective connectivity into the public cloud from their private cloud environment • Managing hardware, colocation, network gear, and so on means IT departments are stuck handling the world of capital budgets and hardware procurement cycles - but also have to deal with the billing, budgeting, and performance challenges of public clouds • Many hosted private cloud environments force a shift on an IT team toward a managed services platform, even if they have the expertise to manage the environment, because hosted private cloud providers are often loathe to “co-manage” gear and provide true administrative access—which also interferes with their desire to sell additional managed services The end result is that many IT departments don’t like either option: managing a hardware platform and datacenter space is time-consuming, costly, and doesn’t fit with the agility and economics of cloud adoption; but they also aren’t keen on throwing away the people, process, and technology they rely on for their “Type 1” traditional workloads.
Microservices depend heavily on networkbased API calls for communication between services—highly sensitive to latency between services
Do you get a cloud for your applications, or fit your applications to the cloud? This dilemma is resulting in a new generation of hybrid cloud options being rolled out by forward-thinking providers. Discerning IT departments are demanding hybrid cloud environments that allow them to continue to use their people, processes, and tools to manage their private cloud environment, while simultaneously having tight integration to public cloud environments. Some hosted private cloud offerings now come with turnkey public cloud connectivity options; other IT shops may turn to a network provider or datacenter provider to help solve that problem. Either way, IT professionals are realizing that having the best of both worlds maximizes their agility and minimizes their cost, and we can expect demand for hybrid cloud to increase as microservices-based architectures become more prevalent.
AMAZON TOP 25
SOLUTION PROVIDERS-2017
CloudHesive End-to-End Managed Cloud Services & Solutions
C
loudHesive is an Amazon Web CloudHesive believes usability and Services Managed Services functionality do not have to be mutually Provider that offers consulting, exclusive, nor should they be. That is DevOps, and managed why they performed their due services with a focus on diligence to compile an managed security, expert team of dedicated reliability, availability, engineers to architect, and scalability. They implement, and help companies reduce manage environments their operating costs in the most efficient and increase productivity way possible. “Our while improving their employees are the Jim Walker, cloud security posture by foundation of our success, CEO migrating their missionand we invest in them, so critical workloads onto the AWS they can provide our customers platform. The main priority is to with superior service,” CloudHesive CEO, consistently facilitate clients’ success by Jim Walker says. “Every team member introducing them to the best practices in undergoes in-depth technical training and the cloud. participates in partner events, community involvement, and mentoring.” CloudHesive maintains a versatile CloudHesive helps client base from numerous industries— alleviate the uncertainty many with an international footprint— including travel, high-tech IT, health associated with cloud care, retail, government, and financial migration, so customers services. They understand the specific can focus on their more operational and compliance needs of each vertical—allowing them to provide the pertinent everyday expertise to not only migrate customers business processes out of their data center environment, but To do this, CloudHesive partnered also increase their capacity and global with some of the most reputable security presence. This includes migrating big providers with controls designed to data environments, OLAP databases, and increase visibility into environment mission-critical applications. activity. As a managed services provider, CloudHesive helps alleviate the they constantly monitor new threats uncertainty associated with cloud and provide 24/7 support. They also migration, so customers can focus on provide MSP customers with their their more pertinent everyday business free proprietary scheduling tool processes. They also help companies called CloudPoxee—a secure, reliable, implement a reliable, cost-effective and affordable way to manage cloud disaster recovery plan, so they are computing networks and turn down protected in the event of an outage instances while not in use. or breach.
The CloudHesive team works with the clients to ensure compliance regulations are met by aligning with their annual audit schedule and providing commonly requested supporting documentation in an agreed upon timeframe. CloudHesive also utilizes an OpEx strategy so that the customers only pay for the cloud services they need. “Our team makes sure the clients won’t have to deal with IT emergencies or regular maintenance, so their internal technology teams can focus on the core initiatives of the business,” Walker points out. CloudHesive also recently received certification as an AWS Public Sector Partner, which extends its services and solutions to government, public education, and non-profit organizations. In the firm’s long list of satisfied clientele is Radixx, which offers an e-commerce platform for the airline industry on a global scale. They faced challenges in scaling their applications, increasing performance, and strengthening data security, while maintaining excellent customer support. CloudHesive helped Radixx build an OpEx cloud strategy, and migrated their entire workload onto IBM-Softlayer and AWS, thereby managing the Radixx environment end to end—including managed security monitoring and maintenance in compliance with regulatory standards. “Not only do we have a lot of money coming through our network, but because of that, we are subject to some intense auditing regimes. CloudHesive has put together a network that is secure and is always in compliance with those regimes,” adds Mike Barrera, CIO, Radixx.
JULY 2017 CIOAPPLICATIONS.COM
27
CXO INSIGHTS
AVOIDING PITFALLS OF THE NEW HYBRID CLOUD JUSTIN GIARDINA, CTO, ILAND CLOUD INFRASTRUCTURE
C
ompanies are no longer asking if they should move to the cloud. The answer is now a resounding, “Yes.” In fact, Gartner projected that 2015 spending on Infrastructure-as-aService (IaaS) alone would hit $16.5 billion, an increase of 32.8 percent from 2014. Naturally, the primary question about cloud adoption has evolved to be, “Which cloud should we move to?” For many, the answer is, “More than one.” EMA Research polled more than 400 IT decision makers in the US, EMEA, and APAC and found that, on average, companies are using three IaaS providers. The trend introduces yet another interpretation of the term “hybrid cloud,” where the infrastructure is comprised of multiple cloud vendors instead of a mix of on-premise and cloud or private cloud and public cloud. While some companies end up with this type of hybrid cloud environment due to Shadow IT or departmentlevel fragmentation, companies are increasingly turning to multiple vendors as part of a strategy to: • Capitalize on varying benefits of cloud providers based on project needs • Diversify to avoid vendor lock-in • Protect business by running applications on one vendor and relying on another vendor for backup and disaster recovery When evaluating cloud platforms – whether initially or when moving to a multi-cloud strategy – it is important to fundamentally assess business and technical needs and then match them to the provider. While some view cloud infrastructure as a commodity and pricing wars make for
28
JULY 2017 CIOAPPLICATIONS.COM
intriguing headlines, the reality is providers offer varying levels of native functionality, ecosystem extensions, and support. Here are some of the key questions to consider when moving to the cloud or expanding a cloud environment:
What tools are available to monitor and manage my cloud environment? Cloud gives teams the ability to quickly spin up environments to satisfy rapidly emerging business needs – whether it be deploying a new product offering, launching a new application, or executing test and development. That said, perhaps one of the biggest complaints about the cloud is that users do not get the same level of visibility and control as they are accustomed to form their own infrastructure. As such, it is difficult for the IT team to optimize resources and anticipate potential issues. Most cloud vendors – even market leaders – point customers to a vast third-party ecosystem to address the problem, often resulting in additional costs and resource expenditures. For teams that need to limit man hours and budget spent on managing the cloud infrastructure, cloud platforms that include a comprehensive management console are most attractive. However, it is critical for teams to actually get a demonstration of the tool and clarity on what functionality is included and what costs extra.
Beyond Commerce
From manufacturing to distribution, companies of all sizes are transforming their business with Insite Software.
Built for B2B™
InsiteCommerce® Cloud is the most powerful and flexible eCommerce platform in the marketplace. Insite’s scalable platform extends your complex B2B business logic, processes and core business systems to drive smart commerce via web and native mobile solutions. We power over a million unique customer experiences each day. Transform your business with Insite Software. Visit: www.insitesoft.com
Call: 866-746-0377
JULY 2017 CIOAPPLICATIONS.COM
29
How can we predict, control, and allocate costs? Cost efficiency is one of the biggest promises of cloud, but that benefit is quickly diminished by clouds that do not provide insight into projected spend. Many times, users spin up environments and forget to turn them off which can quickly accrue unexpected costs. Once again, a native management console is the key to addressing the problem. And what about billing? Organizations that need to easily understand costs and allocate them to specific projects or teams should ask their providers for an example bill.
Cloud gives teams the ability to quickly spin up environments to satisfy rapidly emerging business needs
What security is included as part of the platform? How easy is it to extend those capabilities? We have found that many companies we speak to believe they have taken proper precautions when it comes to cloud security, but they are really flying blind. Because vendors do not typically provide detailed security reports or integrated security solutions, cloud customers are left struggling to figure out what is protected, where the gaps are, and how to fill those gaps with a host of technologies that do not always play nice with each other. When evaluating a cloud vendor, companies should take security seriously and not settle for a simple assurance that the cloud is secure.
How easy is it to address corporate, industry, and government compliance? As industry, corporate, and government regulations evolve, it is critical for companies to stay ahead of compliance considerations. The purpose of compliance is to mitigate risks for a company and its customers. Security plays a large role, but just because a cloud is secure does not mean it is compliant. Do not assume a cloud provider is bound by Business Agreements to handle data to the same standards as your organization.
Is the platform truly designed to meet enterprise needs, or was it an afterthought?
Justin Giardina
30
JULY 2017 CIOAPPLICATIONS.COM
Today, many vendors tout they offer enterprise cloud platforms, but customers should take a closer look to ensure expectations can be met. The networking setup is one of the biggest indicators of whether a cloud was designed for enterprise. For web companies or teams that do not have major security concerns, there is no real issue with having a cloud that uses a public IP address on the internet. This is a common practice for some of the low-cost clouds that play the biggest roles in pricing wars. However, for most enterprises, this approach is not sufficient. Enterprise clouds should put networking considerations first, starting with a secure firewall and enabling customers to leverage network topologies that are very similar to what they used to in on-premise environments. It is easy to stick the “commodity� label on the cloud, but industry survey numbers consistently show that cloud customers will not settle for environments that do not fully meet their business and technical requirements. The reality is, even within a single organization, one cloud platform may not fit all needs. By asking cloud providers these questions, teams can get a significant head start in getting the cloud benefits they seek. And it’s important to note that cloud providers should have fast, straightforward answers to these questions. The vetting process should not be a barrier; it should be validation your cloud strategy is the right one.
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Cloudvisory Centralized Security Management for Cloud Environments
I
n most organizations, multiple teams use cloud across different units for various workloads and applications. However, this freedom and agility provided by a cloud infrastructure always come along with security concerns, triggering organizations to look for centralized control over their resources along with the flexibility that departments and employees need. Founded by a group of industry veterans who had earlier essayed key roles in renowned organizations, Cloudvisory is a firm that aims to address critical issues such as security, policy management, and compliance associated with virtualized environments. The Cloudvisory Security Platform (CSP) offered by this Dallas, Texas-headquartered firm has been instrumental in the identification of organizational risks associated with hybrid and multi-cloud environments. Cloudvisory is predominantly a specialist in effective implementation of AWS, but the firm also offers assistance in the utilization of other cloud platforms such as the Microsoft Azure, Kubernetes, and OpenStack for its clients in an enterprise-specific manner. The firm’s flexible solutions integrate seamlessly with APIs of all these leading cloud service providers. “The adoption of current public cloud infrastructure options over legacy systems poses several challenges for businesses. Of these, vendor lock-in is the foremost concern for most enterprises, which has prompted several enterprises to seek the services from at least two cloud providers to meet their requirements,” says Lisun Kung, CEO of Cloudvisory. Most enterprises rely heavily on virtual platforms for the storage of enormous datasets, mainly due to cost-effectiveness and scalability. However, security is a thought plaguing most of them. Traditional security control tools such as operating system firewalls are not cloud compliant, which has heightened a sense of distress across enterprises globally. The CSP Platform provides continuous visualization, automated security policy enforcement, audit, and Lisun Kung, compliance. Moreover, CEO the essential security
controls provided in AWS and orchestrated by this platform, encapsulates critical data much more efficiently from cyberattacks as compared to traditional host-based tools. The sophisticated cloud-native security controls reside outside of the attack zone, whereas legacy preventive measures are situated inside the operating system, which can make critical data vulnerable to malicious attacks. The advantage of cloudnative security controls is that malicious attacks won’t be able to change or disable the cloud security controls, thus keeping data and critical resources secure.
The Cloudvisory Security Platform (CSP) has been instrumental in the identification of organizational risks associated with hybrid and multicloud environments An additional challenge for organizations looking to revamp their data management mechanism by migrating to a virtual public platform is seamless integration with their legacy control systems. “The reality is that these legacy controls are not required because the public and private cloud providers have very robust and granular native security controls. These cloud controls need to be configured for the applications to work in the cloud,” adds Kung. From a business operations perspective, Cloudvisory had observed that compliance is a common issue, which most organizations that have chosen public cloud infrastructure models have encountered. Lisun Kung opines that many organizations do not inspect the scope of a cloud model in fulfilling their requirements. The Cloudvisory CEO also adds that his organization discovered the repercussions of these deployment threats early on. Hence, they considered these cloud deployment hurdles as an opportunity to tailor their solutions, make them enterprise specific, and eventually thrive. JULY 2017 CIOAPPLICATIONS.COM
31
CXO INSIGHTS
CONVERTING THE AWS PRICING MODEL FOR ENTERPRISES: HOW BUSINESS EMAIL BREAKS THE MOLD JONATHAN LEVINE, CTO, INTERMEDIA
T
he Amazon Web Services (AWS) infrastructure has aided over a million businesses in making the shift from hosting the services they need on-premises, to using cloud-based infrastructure. It’s proven effective in providing infrastructure for such a broad array of services that customers have been decommissioning entire data centers in favor of AWS. However, AWS pricing is not ideal for the use case of business email.
32
JULY 2017 CIOAPPLICATIONS.COM
Under the AWS pricing model, customers pay based on their utilization of the AWS infrastructure. IT is in control of a company’s usage, requiring customers to be able to predict the compute, storage, and other infrastructure required for a given workload. This allows customers to finely calibrate the amount of infrastructure used to match the demand on applications. Customers even have the ability to further control costs by adjusting their infrastructure on an hour-
by-hour basis, increasing and decreasing capacity to meet end-user demand. While this approach works well for many applications, it doesn’t work well for business email, especially for Microsoft Exchange, the most popular business email system. In the following, we’ll explain why running Microsoft Exchange in the cloud is so challenging, and then present an approach to business email for enterprises to consider as they look to eliminate their data centers.
Why is Email Different?
Jonathan Levine
Why the Cloud? Because AWS charges for infrastructure based on usage-per-hour, customers can reap large benefits in several areas. In traditional data centers, the many weeks that are required to select, purchase, install, and configure new servers means that data center operators need to buy enough equipment to handle peak loads. Under-provisioning a data center risks system slowdowns or even system failures during the most critical, heavyuse periods. The “elastic” nature of AWS means that administrators can quickly respond to increase in customer demand by quickly adding resources without the significant capital outlays needed for traditional data centers. The trade-off administrators make for this flexibility increase cost in steadystate workloads. The economics are similar to those in real-estate: renting a hotel room is quick and easy, and for a short visit, is much more economical than renting an apartment. However, for a year-long visit, renting an apartment is a much better deal. Just as you need to check out of a hotel room or return a ZipCar when you aren’t using it, in order to save money, when using AWS applications you need to practice dynamic scaling to automatically release resources in off-peak periods.
Services like websites or video streaming, with their near-linear scaling of resources requirements as usage increases, are ideal for AWS. Microsoft Exchange’s infrastructure requirements don’t fit in well with the AWS metered pricing model because it has not been written with dynamic scaling in mind. Exchange assumes that it “owns” its servers: it has high memory, computation and I/O requirements, improving user performance through sophisticated caching and indexing techniques, and expecting high-performance storage area networks. Most importantly, business email does not expect to have servers turned off when load decreases, nor does it quickly take advantage of new resources when they are added.
keep it on site. This is the big reason why Amazon Web Services and Intermedia recognized the importance of offering a different usage model to AWS customers when it comes to business email.
A New Way of Doing Business in the AWS Cloud Email presents a need among AWS customers for a new business model. As the world’s largest independent provider of Exchange, we have addressed that need by repackaging the AWS cloud with business email on a unique per user, per month basis. Businesses can reap the benefits of Software-as-a-Service– reliable, scalable and secure service with flexible, per-user/per-month pricing, without the need to make significant capital and staff commitments.
Email presents a need among AWS customers for a new business model Microsoft is continuously improving Exchange: Exchange 2013 and especially Exchange 2016 have lower resource requirements and are friendlier to the use of commodity servers and commodity storage. Unfortunately, managing Microsoft Exchange is still complex and still requires expertise. Especially in a public cloud environment, taking advantage of the pay-for-what-you-use model for Microsoft Exchange not only requires IT staff to carefully monitor for shifting capacity needs, but requires great skill to add or remove capacity without putting the entire installation at risk. So, while business users would prefer to save money on email and to pay for it on a per-user/per-month basis, moving Exchange into AWS will cost most businesses more than it would to
Additionally, enterprises can move to the cloud in days versus weeks or months. This fast deployment period is critical for many companies because very frequently, the move to the cloud is fueled by a storage emergency, or a recognized reliability failure such as an ailing onpremises Exchange server.
Conclusion Customers love the reliability of AWS, but know that managing Exchange is complex. For a per-user, per-month business model keeps costs predictable while maintaining high performance and reliability. This unique pricing and service management approach accommodates the way AWS customers want to buy business email. It’s time for your onpremises email environment to join your other services in the AWS cloud. JULY 2017 CIOAPPLICATIONS.COM
33
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Linkbynet Serving Business Line Objectives with AWS
I
n a decade’s time, Amazon Web Services has proved to be Linkbynet’s flagship Cloud Management Platform— so successful at an operational and cost efficiency level SelfDeploy—is based on AWS technology. The platform makes that the rate of technology adoption among enterprises it easy to manage and monitor AWS deployed server instances has accelerated immensely. However, and pay-per-use services. Anticipating market trends, successful migration to AWS largely depends the company has also developed a DevOps based on factors such as the complexity of the consulting solution to assist customers, who application and the manner in which it are already on AWS, to optimize their is coupled. In most cases, enterprise platform and rationalize cost. applications are rigid, and enterprises Linkbynet’s approach is to provide need support from cloud specialists IT-as-a-Service to meet the business to make a guided landing into demands. Models are built in a modular AWS. A prominent player in the way so that they can be broken down AWS and managed services space, into specific work units to fit the Linkbynet assists enterprises to customer’s needs. When a multinational migrate to the cloud, and manage group from infrastructure sector their IaaS and PaaS based platforms. was looking to migrate its on-premise Through the years the partnership applications to the cloud, the company Julien Trassard, with AWS has helped the company reached out to Linkbynet for deployment CEO North-America develop unique services and support many and management of their corporate portal and continuous integration and continuous delivery ticketing system. Linkbynet delivered a PaaS based (CI/CD) initiatives around application monitoring services. Stéphane and Patrick Aisenberg, Co-Founders of the company add, “Linkbynet benefits from a high level of expertise from AWS.” The company provides web hosting, management, and supervision services on AWS. AMAZLINK is Linkbynet’s PaaS based service. It empowers IT departments to focus on their business applications by offering data and configuration back up and retention services. Integrated monitoring and real-time graphs go beyond AWS’s present services. Continuous monitoring service helps maintain active communication even in case of a crisis or service outage. Its emphasis on DevOps, CI/CD oriented processes fosters innovation though automation, and reduces time-to-market. AMAZLINK guarantees 24/7 incident support. solution built on AWS and heavily leveraged AutoScaling, As an early adopter of AWS, the Chicago based company security, and business continuity features of AWS. boasts of an AWS Center of Excellence. Monthly meetings Because of its unwavering commitment towards clients’ between AWS and Linkbynet enable the company to integrate success, Linkbynet has won some of the most coveted awards newly released AWS features and keep the team members to in the industry, such as ‘Amazon Web Service Customer remain abreast of AWS developments. So far, Linkbynet has Obsession’ partner award 2015’, ‘Best of VmWorld 2014’, and served close to 850 clients worldwide including Sodexo, Saint ‘TrophieInnovationIT’, among others. The company’s technical Gobain, Sage, Michelin, Schneider Electric, Veolia, Rexel, foresight and focus to achieve goals have led to investments Renault Nissan, L’Oreal, and many more. “Four out of the of 50 million Euros—which the company plans to utilize for 1000 certified professional architects worldwide are within expansion in the international markets and develop technical Linkbynet’s ranks,” claims Julien Trassard, CEO of Linkbynet expertise in other areas to enrich its portfolio—opening up a North-America. huge growth potential for Linkbynet.
Linkbynet’s flagship Cloud Management Platform—SelfDeploy— is based on AWS technology
34
JULY 2017 CIOAPPLICATIONS.COM
CXO INSIGHTS
ARE YOU UNDERESTIMATING THE COST AND EFFORT OF
CLOUD MANAGEMENT? JASON MCKAY, SVP/CTO, LOGICWORKS
T
he vast majority of enterprises plan to migrate more workloads to the cloud in 2016 but IT teams may not be prepared to maintain cloud resources, according to a new report. A survey by Logicworks and Wakefield Research found that 80 percent of IT decision makers feel that leadership underestimates the cost and effort of managing cloud systems. As a result, IT leaders do not effectively plan for the staffing and resources IT requires to achieve highly available, scalable cloud systems.
Ad Hoc Cloud Management A cloud platform like Amazon Web Services provides built-in tools to facilitate migration and simplify ongoing management. However, this can lead IT leaders to mistake “simplified” migration and maintenance for “little to no” maintenance; in other words, they think to migrate and maintaining their cloud systems will be easy. While moving to the cloud means you have outsourced racking and stacking servers, your IT team still needs to do things like configure networks, maintain
permissions, lock down critical data, set up backups, create and maintain machine images, and dozens of other tasks AWS does not perform. This is a potentially dangerous misconception – and one that we run into often. When leadership thinks of the cloud as easy, IT planning suffers. According to another recent survey of 6,159 executives conducted by IDC, just three percent of IT executives have an “optimized” cloud strategy with nearly half (47 percent) saying their cloud strategy is “ad hoc”. JULY 2017 CIOAPPLICATIONS.COM
35
Ad hoc planning can have serious consequences for the long-term success of cloud projects, and can result in: a) Isolated cloud projects without common, shared standards b) Ad hoc security configurations, either due to lack of common benchmark or inconsistent application of that benchmark c) Lack of cross-team shared resources and learnings, which could lead to further efficiencies d) Lack of consistent financial data for tracking purposes When you combine a lack of cloud planning and the increasing pressure to deliver infrastructure faster and more reliably, you can see why IT teams are struggling to keep up. These pressures sometimes cause cloud projects to falter and stagnate after the first wave of migration; they have one or two moderately successful projects, but do not know how to expand usage with the proper controls across the enterprise. The company usually gets some cost benefits from migrating but does not get the agility benefits they expected.
The Right Cloud Strategy To succeed in the cloud, you need to plan for some degree of central control and consistent standards. While projectby-project IT planning has grown in popularity, many IT leaders realize that complex cloud systems require reimagining central IT’s role. The first step towards a comprehensive cloud strategy is usually an external audit of current cloud systems to understand the current state, common goals, and operational challenges. Then central IT must decide on a common set of availability, security, and cost standards. In the old world, central IT had to enforce standards manually. Systems changed more rarely, so central IT could (for the most part) keep up. In the cloud, when your resources change every day and many developers and engineers can
36
JULY 2017 CIOAPPLICATIONS.COM
touch the environment, a manual approach is not an option. Instead, these standards need to be built into templates and enforced with configuration management. In other words, build a standard “baseline” in AWS CloudFormation for what your security, availability, and cost tagging configurations should look like, and then maintain that template rather than creating a hundred custom configurations for each new cloud project. The template gets changed, not individual virtual instances or networks. For central IT teams, this is revolutionary. Rather than spending months testing and reviewing each new cloud environment, central IT spends time upfront collaborating with systems teams to build a common standard, and then only needs to be involved when that standard changes and at other key points. You know exactly how every system is configured at any point in time, and you reduce the time and cost of deploying future systems; you do not have to rebuild security configurations or get them approved by security teams. The main question is whether or not enterprises will have the time to set up these processes as they migrate to the public cloud. CM requires training, a team of advanced DevOps engineers and Puppet/Chef experts, and months of work. By far the easiest way to do this is to hire a consulting company that already has a common set of standards and a well-developed CM framework, who can assess your current AWS deployments and/or build a solid foundation for future deployments based on those standards.
The Future of Cloud Management Clearly, enterprises have some work to do—not just to develop a strategy around where and when the cloud is adopted, but how to manage and govern these cloud deployments going forward. In most
Jason McKay
As cloud matures, expect to see a mature, flexible framework for cloud management, automation, and large-scale DevOps
cases, a strong central IT and automationdriven cloud management is the answer. For companies that do not have operational maturity on cloud platforms to develop a comprehensive cloud migration and management plan, supplementing their internal team with external experts can be the answer. But whether they choose to do so in-house, with a short-term strategic consultant engagement, or with a long-term cloud management solution, enterprises will certainly move away from an “ad hoc” cloud strategy. As the cloud matures, expect to see a mature, flexible framework for cloud management, automation, and large-scale DevOps as the next must-have for enterprise IT teams.
Born Open Source, Cloud driven.
capside.com Picture by Alessandra Pezzotta
JULY 2017 CIOAPPLICATIONS.COM
37
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Modus Bringing to Light the Compelling Story of Data
B
ased in Washington D.C, Modus has been catering to the eDiscovery needs of around 400 law firms and 170 corporate clients since its inception. In particular, it is widely known for providing business intelligence services, which enhances better communication between people, processes, and technologies or products of an enterprise. The motive is achieved by Modus’s suite of services and solutions, which also includes consulting, managed services, and Modus 4C ECA, apart from eDiscovery.
The movement towards cloud is becoming much more accepted, the legal profession as a whole, is not as progressive on the technology front as other industries, but there’s clearly a positive change eDiscovery Reporting, Data Collection and Forensics, eDiscovery Processing, Early Case Assessment, eDiscovery Production, and providing hosting options are the various services Modus offers in this domain. Reporting is a pivotal part of eDiscovery which is a measure of a firm’s efficiency. The metrics involved in tracking an enterprise’s progress are Task Type and Frequency, Matter Type and Frequency, Time and Cost, Case Management as well as Quality Control. Data collection for legal studies is another set of services which Modus provides to its clients. Precisely, this discipline assists customers with Evidence Identification, Data Harvesting
38
JULY 2017 CIOAPPLICATIONS.COM
& Forensic Collection, Forensic private cloud service providers Imaging, Preservation, in the market. Apart from Analysis as well as Live & its storage and backup Targeted Data Acquisitions. facilities, being powered In addition, Modus also by Amazon has helped provides a suite of eDiscovery Modus encapsulate data Processing services which from threats and other relieves its clients from vulnerabilities plaguing hassles of processing large many enterprises. Horan Steven Horan, chunks of data which may Executive Chairman and CEO indicates that “there is possess different properties no eDiscovery Company and formats. that is going to out-invest Amazon with According to Steven Horan, Executive respect to scalability and security. Chairman and CEO of Modus, utilizing Talking about the work culture Amazon’s S3 cloud platform was probably at Modus, Steven claims that there one of the smartest decisions made by has been a sea of change in the Modus in recent times, since it offers company’s style of functioning in the several advantages. Primarily, it relieved last twelve months. Transparency and Modus from the concern of upgrading accountability among employees have its hardware resources frequently to improved significantly in recent times, accommodate massive volumes of data. resulting in increased efficiency. There is The management of Modus believes a more team-orientated mindset and that relying on Amazon has given the working environment. organization an advantage over many of The firm intends to upgrade shortly its competitors in the market, who must and provide its clients advanced upgrade their data centers frequently. searching, advanced analytics, and Since data storage and security are expanded data capabilities. integral aspects of eDiscovery, leveraging “The movement towards cloud is the benefits of Amazon’s cloud services becoming much more accepted, the legal seemed to be an optimal solution for profession as a whole, is not as Modus. Since the data volumes of clients progressive on the technology front as are continually expanding, scalability other industries, but there’s clearly a and cost often become critical challenges, positive change. The research is showing which Amazon’s S3 manages effortlessly. with an overwhelming amount of Tasks that would have probably evidence that a well-done cloud like consumed a little more than three Amazon is a more secure environment months with Modus’s old infrastructure than the private clouds that exist out get accomplished in a matter of a day, there. Our Industry is about access, thanks to Amazon’s sophistication. Thus, relevance, and cost, and our Amazon relying on Amazon helps Modus provide solution enables us to deliver on those its clients services that are agile and critical expectations,” says Horan, about flexible to changes. the trend of traditional businesses Also, Amazon is widely considered embracing eDiscovery and cloud to be much secure as compared to most technology in general.
CXO INSIGHTS
CHANGING THE STATUS QUO THROUGH HYBRID CLOUD STRATEGIES MARK CLAYMAN, PRESIDENT AND CEO, TRICORE SOLUTIONS
Accelerating Time to Market CIOs, CXOs, and CEOs are faced with significant challenges in today’s environment, including: • Achieving year over year revenue growth while expanding operating margins at the same time • Enabling the business to innovate, but doing so within the same budget constraints that currently exist • Finding, hiring, and retaining individuals that can leverage new technologies are open to changing the status quo of how the business is managed and operated and that can bridge the gap between the business users and an organization’s technology investment • Accelerating the time to bring product and services to market
Managing Environment in AWS In the end, security and compliance for an organization is not significantly different when managing an internal data center versus managing an environment in AWS. Organizations will still need to: • Implement a governance model • Maintain the appropriate controls and policies • Implement a structured change management program • Establish roles and responsibilities and the associated access that mitigates security risks • Segregate application tiers, where necessary, to control and mitigate access from end users and the public internet where required
• Leverage security, compliance, audit, logging and alert tools to identify and react to threats AWS has established that it can support audit and compliance requirements from FedRAMP to HIPAA to PCI, and has a tool set that some organizations may not have implemented internally that provide an increased level of oversight and monitoring. There is no reason an environment in AWS should be less secure. It will come down to the way it is managed.
IoT: A Game Changer As many companies are aware, the Internet of Things (IoT) promises to be a game changer for the industry. Though this may seem like a new concept for some, it has been around for a significant amount of time–in different forms. For industries with complex supply chains like retail and manufacturing, however, tapping into the IoT is already underway–but more can be done with the technology available today to make operations smarter, more flexible, and more cost-effective. Other industries are beginning to understand what IoT promises: to unlock value, create new products and services, and rapidly transform how organizations manage, operationalize, and monetize their assets. With IoT, physical assets become liquid, easily indexed, reported on, and tracked, enabling businesses to significantly improve their understanding of everything from the operations of their business to the user of their products and services. It is clear that organizations understand the value of IoT data, but it is unclear how to actually go from
Mark Clayman
collecting the data to deriving value from the data. We expect the IoT will continue its accelerated implementation in 2016 and the associated adoption of cloud solutions as the platform to enable its effectiveness.
Major Trends in Cloud Services There has been a significant increase in cloud adoption and outsourced cloud services within the past year. According to the Rightscale 2015 State of the Cloud Report, 82 percent of enterprises have a hybrid cloud strategy, up from 74 percent in 2014. Additionally, 88 percent of enterprises are using public cloud while 63 percent are using private cloud. As more companies choose to move more enterprise applications and production workloads to the cloud, what becomes important is architecting the environment to meet the requirements and needs of the application environments and the business. In particular, the decision to move production enterprise workloads to the cloud requires significant and skilled planning. Without this planning, organizations will miss out on the value that cloud platforms provide.
JULY 2017 CIOAPPLICATIONS.COM
39
Company of the Month
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Counterpunching Neustar is Thwarting Security Threats and Frustrating Attackers By Sudeshna Mazumdar
O
Nicolai Bezsonoff, GM & VP
ne of the most essential and inherently most vulnerable services used by organizations is the Domain Name System (DNS). This not only allows an organization to connect to the online world but also allows that world to find them. By its very nature, this service is a bit exposed in order to properly perform its mission and help conduct company business, but being exposed makes DNS both valuable and vulnerable. As the world saw last year, Distributed Denial of Service attacks (DDoS) of unprecedented size emerged; cyber assaults designed to saturate and render network infrastructure components inoperable, were leveled against critical DNS infrastructure and took down major service providers. These incidents inflicted tremendous havoc and impact on worldwide commerce. The systems in place for those service providers failed under the stress and ferocity of attacks that exceed peak sizes of 1 Tbps (that’s one TRILLION bits of transmitted data per second). In fairness, the large internet service providers blown offline by these storms were hit with attack sizes and attack types using compromised Internet of Things (IoT) devices on a scale never seen before. Better anticipation of these types of threats would have gone a long way to minimizing disruption and impact
40
JULY 2017 CIOAPPLICATIONS.COM
as the ease of marshaling disastrous forces went mainstream. Emboldened by these successes, cyber attackers soon picked up the pace in using DDoS attacks as part of their arsenals to go after infrastructure elements beyond DNS. In a recent global research report from Neustar, a global security services provider, of more than 1,000 organizations across 13 different major industries, 84 percent reported being hit at least once with a DDoS attack. More troubling, 86 percent of those attacked acknowledged suffering multiple attacks and nearly half attributed a network breach occurred in concert with a DDoS attack. The intensity and maliciousness of DDoS use grows every day and it is forcing organizations to shift their strategic thinking as traditional network firewalls, overreliance on ISPs, and in some cases, living in denial of attack risks are all proving to be ineffective against sophisticated attacks. Nicolai Bezsonoff, GM and VP of Security, Neustar says, “No one is immune, if your company is online, it’s a target. The question facing business leaders today is no longer ‘if’ they will be attacked with DDoS, not even ‘when’, but about how often and how bad.” Neustar is a company that knows this threat well. It has provided global DNS and DDoS services for over a decade to many of the world’s top brands and is a frequent target of attackers. This has put the company in a forward-looking position in which the anticipation and deployment of resilient services, and the means to put down ferocious DDoS attacks, which keeps its customers up while bad actors try to bring them down.
Smooth Sailing in Rough Uncharted Waters The complexity in monitoring client sites, accelerating and maintaining their performance, and defending them from attacks is growing exponentially. In fact, the size of attacks has increased substantially in the recent times. Neustar neutralizes such attacks by deploying backup DNS services, which ensures that client systems are still accessible in the event of an attack. “We help clients by monitoring, assisting, and defending their website,” assures Bezsonoff. Towards the end of 2016, Neustar put down a half dozen 500+ Gbps (gigabits per second) attacks that culminated with a month-long battle against a sustained
attacked that peaked at 700 Gbps. The company handles such frequent, high magnitude attacks by leveraging an astute defense infrastructure spanning across the globe. Being a DNS provider targeted often by DDoS attacks, Neustar has invested heavily in capacity, capability, and expertise to keep its defenses ahead of emerging threats so that Neustar and its clients stay up and running no matter what comes its way. Since January of this year, the company has quadrupled its attack defense capacity in the deployment of what is fast becoming the world’s largest, most capable DDoS mitigation platform. Soon to complete its latest expansion, Neustar will finish the first quarter of 2018 with more than 10 Tbps of mitigation network capacity that will include new, innovative methods and management disciplines to handle attacks of all types, sizes, and duration. “We are growing our capacity by a factor of 10 because we see exponential demands from our clients,” confirms Bezsonoff. The Sterling, Virginia, based company will ultimately handle DDOS attacks using 27 globally distributed scrubbing centers comprised of massive nodes. These large nodes, some nearing 1 Tbps in capacity, provide an architectural advantage that help maintain optimal customer network performance. Distributed infrastructure allows for local scrubbing as in most cases malicious, local traffic can be neutralized faster, avoiding core network being bogged down for legitimate traffic. “An impatient internet public demands that companies not simply survive security threats, but that they thrive in spite of them. Massive, strategically located scrubbing capability and efficient management enables us to put down malicious traffic closer to source and target resulting in minimal customer network latency during attacks,” adds Bezsonoff. Neustar’s managed DNS infrastructure is defended by its DDoS mitigation technology to build a highly flexible and secure infrastructure. In addition, the company monitors client sites from multiple points to see if they are performing as desired during both normal operations and while under attack. Neustar also offers professional services on security assessments and load testing. Bezsonoff explains, “We make preparation for holiday seasons, and perform load testing and attack simulations to ensure that our clients are covered. We also get them ready for big events such as elections, Thanksgiving, Black Friday, and end-of-the-year holiday seasons.” The company supports clients with infrastructure readiness and real-time monitoring and IP intelligence solutions. Its IP GeoPoint and IP Reputation services empower client systems to analyze traffic patterns such as identifying the origin and destination, type of traffic, and whether the traffic is coming from an unintended area. This
helps organizations quickly determine the difference between performance anomalies and actual security events that require remediation – a huge advantage during what is the busiest time of year for most companies. The company’s solutions are platform-agnostic. Customers using Neustar products are defended across their technology deployments. The company supports both onsite and onpremise data centers, with support for multi-cloud and hybrid environments. AWS and other cloud providers are used for load-testing services. Recently, Neustar assisted one of the leading American dailies in building their defense solution by using both AWS and company's SiteProtect cloud. “Our SiteProtect cloud not only protects but also compliments AWS infrastructure. Our clients often take pride after successfully mitigating attacks on their existing AWS infrastructure and other web-facing, external sites,” explains Bezsonoff. Neustar understands that fast-ramping DDOS attacks can overwhelm Elastic Load Balancers (ELBs) as well as extend beyond AWS, especially in multi-cloud environments. It can be difficult, daunting, and dangerous to try managing DDoS protection in multiple cloud silos and ISP services across the enterprise. Neustar is distinctly capable to deliver security services that monitor, defend, and accelerate entire infrastructures and augment defense portfolios in place, 24/7.
The more the attacks come our way, the stronger our intrinsic, instinctive defenses get at mitigating them
Passion Driving the Growth Technology and passion play a crucial role in the success of an organization and Neustar’s investments and pro-active threat management strategies are paying off. An industry veteran, Bezsonoff brings the right mix of passion and knowledge to Neustar. He believes in guiding start-ups to success, a practice that fosters new ideas and opens up a new possibility in technology space. “Our engagements with start-ups allow us to stay aligned with new and emerging technologies,” states Bezsonoff. Neustar is looking at new ways to defend its customers from rising cyber-attacks as it plans to build secure infrastructure to meet their growing expectations. This year the company is busy widening its scrubbing centers. Next year, it intends to develop a unique anti-fragile technology, which, at the core, is a collection of intelligent systems that can automatically identify and mitigate attacks quickly. Staying ahead means seeing ahead and having the experience, expertise, and passion to put the right investments in place. With the world only getting more dangerous and complex, Neustar is continuing to evolve defense technologies and strategies that help keep organizations ahead of trouble.” JULY 2017 CIOAPPLICATIONS.COM
41
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Resource IT Solutions Facilitating Digital Transformation for Businesses
D
igital transformation has sparked the trending democratization of technology and data driven business initiatives. Business leaders and new market entrants today are significantly invested in upending their existing business models through technological disruption. Something as simple as combining mobility with an ingenious idea reinforced by advanced analytics to determine the customers’ needs has a potential of disrupting the IT industry. Sprouted from a similar theory of leveraging advanced digital technology to enhance the customer experience, Resource IT Solutions marked its foundation. Established as one of the leading IT services company, Resource IT Solutions holds an extensive experience of over two decades in the industry. The company, with specialized expertise in digital integration, has been facilitating the digital transformation journey for a multitude of organizations across Latin America and the United States.
Amazon constitutes a key role in the company’s cloud strategy enabling it with the implementation of solutions on the cloud platform Resource IT’s clients leverage their digital platform to serve the internal and external costumers better. Their solutions are also widely acceptable over several industries, including banking, where the company has instigated the trend of digital wire channels within
42
JULY 2017 CIOAPPLICATIONS.COM
the mode of payment. The applications of these channels, mobile, and portals, along with the adoption of Artificial Intelligence and Chat Bots have further enabled these sectors to deliver extraordinarily. Resource IT Solutions has formed strategic partnerships with the major technology suppliers such as Amazon to support companies with digital integration and cloud implementation requirements. Amazon constitutes a key role in the company’s cloud strategy enabling it with the implementation of solutions on the cloud platform. Combining Amazon’s Cloud platform with a diverse portfolio of solutions such as Development, CRM, Business Analytics, and SAP, Resource IT is offering a complete end-to-end solution, from the infrastructure as a service to the application. Robotic Process Automation and User’s Experience Monitoring inspires a significant part of Resource IT Solutions’ offerings in the enterprise operations segment. With the help of their proprietary BringTo platform, the company strives to bridge critical complexities involved in monitoring and normal manual intensive workloads through automation. By deploying advanced robotics in the operational model, repetitive processes can be automated and manual effort can be optimized to the next level and cost of human resources can also be reduced. This model provides the company with an extensive scope and resources to understand its customers better. The company follows a client-centric approach in the delivery of its solutions. Paulo Marcelo, CEO, Resource IT
Paulo Marcelo, CEO Solutions adds, “Our unique clientcentric approach involves digital accelerators and solutions, supported by people for addressing the business needs of our clients.” Resource IT Solutions propagates innovation through its digital solutions portfolio. The company with its qualified professionals follows an innovation driven, people-centric, and work agnostic culture. The organization’s strategy not only focuses on driving financial outcomes but also promoting the career and improvement of its resources and people. Continuing with the trajectory, Resource IT Solutions operates in four different locations in the United States including Sunnyvale (CA), Miami (FL), Dallas (TX), and Chicago (IL). In the near future, the company expects to generate about 20-25 percent of its revenue from the American market alone and also plans to join hands with other entities that complement its digital integration endeavors. “As a leader, I believe in the crossbreed of different trends of innovation and to better serve our clients and create opportunities for our people,” concludes Marcelo.
CXO INSIGHTS
CHANGE AND THE CLOUD LEE ATCHISON, SENIOR DIRECTOR, STRATEGIC ARCHITECTURE, NEW RELIC
W
e know the cloud is changing the way we think about computing. The cloud is changing the way we run our applications. The cloud is even changing the way we pay for our applications. The cloud is changing everything. “If we focus on using the cloud as a core infrastructure component, and not as a critical component of our application, we begin to see how we can jump on this moving target.” We know that we are supposed to move our applications to the cloud. We know that the cloud is good. We know that the cloud is the next big thing. But, as the cloud has changed the way we think about computing, the cloud itself is changing, and the way we think about the cloud is changing as well. As we examine our plans for moving our applications to the cloud, we find the cloud looks like a moving target. The longer we wait, the further away the target becomes– the further away the cloud itself becomes. The cloud is forcing us to change.
So, what are the biggest changes the cloud is bringing to us and our applications? Here are some key changes. Change 1: Acceptance of Micro-service Based Architectures As companies look towards moving their applications to the cloud, more and more they are moving to the cloud as part of an overall product modernization strategy. This modernization strategy includes moving to state-of-the-art application architectures. In recent years, this state-of-theart application architecture involves using micro-services and other service based architectures as part of that strategy. Technologies such as Docker have made micro service-based
What Has Changed in the Cloud? The cloud has matured over the last decade. Cloud service providers have gone from providing simple “server fleet management,” to providing a much richer set of services and offerings. At last count, AWS provided over fifty unique service offerings, each providing a specific managed capability on which our applications can take advantage. This has caused us to rethink our entire application architecture and infrastructure requirements.
JULY 2017 CIOAPPLICATIONS.COM
43
applications. Additionally, they have increased their focus on regulatory and compliance issues. Cloud companies such as AWS have added security assurances in the form of regulatory compliances such as PCI, SOC, and HIPPA. These assurances, along with a visible security track record, have allowed security to be largely removed as an obstacle for cloud migration. Additionally, security service offerings such as AWS Inspector and AWS WAF provide us important tools to support application and company-specific security policies and requirements. We even have begun to think of the cloud as safer than our own data centers. After all, if Amazon doesn’t understand how to keep a data center secure, who else does?
Lee Atchison architectures a viable technology for application development. Realizing this, cloud providers have started to provide higher value managed offerings, such as the EC2 Container Service, for our use in managing our micro service-based containers. Change 2: Smaller, More Specialized Services As we modernize our applications and move them to the cloud, we start looking at cloud services and how they can be utilized as extensions to our application’s services. Capabilities historically provided within the applications themselves are now capabilities that can be provided by the cloud itself. The major cloud providers have seen this and a whole host of cloud managed features and capabilities have become available. This includes features such as queuing services, logging services, CDN capabilities, transcoding services, caching services, and managed search services. Change 3: Greater Focus on the Application The cloud has created a shift in focus away from the creation and management of the infrastructure needed to run our applications and allowed us to spend our time on more critical aspects of the application and the application environment. In essence, the cloud has largely removed a major hurdle in application management. The cloud allows us to focus our attention on higher-value aspects of running our applications. Change 4: Security and Compliance has Matured In the early days of the cloud, security issues were often cited as one of the primary reasons why enterprises could not move their applications to the cloud. Cloud providers heard that concern, and they have stepped up to provide more and better capabilities for securing cloud
44
JULY 2017 CIOAPPLICATIONS.COM
Micro compute technology is also seeing resurgence as technologies such as AWS Lambda provide just-in-time compute cycles without tying us to servers at all The Cloud is Changing The cloud is changing out from under us. As we are looking to move our critical applications to the cloud, we see the cloud as a moving target. This makes the prospect of moving to the cloud even more daunting. But it doesn’t have to be. The cloud is full of the new glitz and glamor that are prevalent in technologies such as AWS Lambda. But the cloud also has its core infrastructure base. EC2 is here to stay. S3 is here to stay. This is the key. If we focus on using the cloud as a core infrastructure component, and not as a critical component of our application, we begin to see how we can jump on this moving target. We can jump on the cloud by utilizing the core infrastructure base offerings the cloud provides, without being swept up into all the glitz and glamor of the newer technologies that are higher up the food chain. It is possible to use EC2 now, and consider technologies like AWS Lambda down the road. Yes, we are forced to change how we operate because of the cloud. But we can control how much we change and what speed we change by focusing on the aspects of the cloud that are most critical to our business success. Taking this controlled step is not only an acceptable way to use the cloud but is a prudent first step for many of us in using the cloud.
Introducing StorSelect from Lenovo 100% S3-Compatible Object Storage Powered by Cloudian HyperStore®
Standards-Based, Tested & Certified 100% S3 Enterprise Storage Compatible Built on Lenovo’s On-premise, market leading public and private servers cloud storage
Easy-to-Scale Software-Defined Storage Capacity Storage for 1¢/GB per month
For more information, visit: www.cloudian.com #bettertogether
#smartdatastorage
JULY 2017 CIOAPPLICATIONS.COM
#softwaredefinedstorage
45
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Wylei Predictive Content at the Heart of Personalized Marketing
W
hen the third wave of digital transformation hit the marketing landscape, the boardroom conversations between CIOs and marketers stirred toward delivering personalized content to customers. Though personalization was adopted for increasing customer engagement, customer loyalty, and brand relevancy, a recent study commissioned by PwC revealed that only 38 percent of firms achieved their goals and are optimized to deliver realtime offers and campaigns across all touchpoints. To add to the amazement, nearly 87 percent of the firms provide personalized experiences primarily through e-mail, with social media, mobile, and video marketing segments largely unperturbed.
Wylei’s one-to-one marketing tools aid the shift from a generic ad creation approach to the novel digital asset creation Fixing these major shortcomings in digital marketing by adopting predictive technology over adaptive, is the New Jersey-based company Wylei. Wylei’s one-to-one marketing tools aid the shift from a generic ad creation approach to the novel digital asset creation. Powered by machine learning and cloud technology, Wylei’s Artificial Intelligence (AI) engine uses predictive algorithms to optimize content in real time and across all channels. The patented predictive engine’s ability to go
46
JULY 2017 CIOAPPLICATIONS.COM
beyond simple segmentation and utilize an 86 percent increase in revenue lift pattern matching eliminates the need and a 30 percent re-watch rate. for A/B testing and enables Founded in 2013, the company continuous learning and is now headed by Meg Columbiaautomation. Due to Walsh, one of the most its capacity to provide eminent authorities in the hyper-optimization, digital marketing industry. hyper-segmentation, and Her specialty of taking new personalization at scale, technology to large marketing Wylei is a trusted partner to clients and building a company Meg Columbia-Walsh, to scale was extensively Fortune 500 companies like CEO Adidas, Dell, Marriott, utilized for taking Wylei out and Time. of the incubation period. The The company provides Predictive company’s foundation is now set up Content–incorporated in e-mails, in a traditional way, with systematic videos, and web content–by leveraging documentation, the hiring of seasoned Amazon Web Services (AWS) PaaS leaders, and a diverse work culture offering. Wylei is not only able being the reasons for its higher level to decrease time-to-market and of productivity. Meg asserts, “Wylei operational costs but is also able to is ready to run, serve, and scale in the provide its customers with a high market and we know how to do performing infrastructure and negligible that successfully.” latency. With AWS, the firm can scale up Reacting to the marketers’ needs, dynamically supporting massive usage the company is relentlessly developing increases. Apart from delivering on in the predictive intelligence - AI space. the promise of personalization at scale Its expansion plans include serving the through its SaaS offering, Wylei also mid-central Chicago region as well as provides managed services. the West Coast region. Presently, the Being the prominent predictive company is working toward providing a video solution provider in the market, complete reporting data analytics Wylei catered to the upgradation needs structure for its clients. Moreover, it is of a well-known hair care brand—Fairy working towards strategically Tales Hair Care. Modifying the existing partnering with platform integrators campaign video and running the pilot and providing SaaS-Facebook and video on Wylei’s platform and then on SaaS-Salesforce integration. Educating Facebook, Fairy Tales achieved a 35 and serving the market, the venturepercent lift in customer engagement and backed firm’s continual efforts towards a 20 percent increase in year-over-year enhancement yielded them the New sell. In another customer success story, Jersey Economic Development Grant. Wylei helped Marriott, the leading At the forefront of the AI-coupled global hospitality company, in delivering marketing arena, Wylei delivers tailored, real-time assembly video for its phenomenal engagement and increased 3.4 million members. The firm received ROI, in a cost-effective way.
CXO INSIGHTS
APPLICATION CONTAINERSINCREASE DEVOPS AGILITY AND GAIN EFFICIENCIES JIM BUGWADIA, FOUNDER, NIRMATA
A
recent survey across 4,976 respondents showed that highperforming IT organizations deliver changes to production 30 times more frequently and 200 times faster. As software munches through industries, fast delivery is a huge competitive advantage. However, it is not just delivering faster; rather its high quality delivery with 60 percent fewer failed deployments and a Mean Time to Recover (MTTR) that’s 168 times faster! Not surprisingly, a key differentiator for these top performers was their adoption of DevOps practices and comprehensive automation. This article will focus on a technology that is rapidly becoming the cornerstone for successful DevOps initiatives—application containers.
A Brief Introduction to Containers Containers are not a new way to provide secure segmentation and share an operating system’s resources. Sometimes referred to as OS Virtualization, they act as a single host operating system.. . Traditional platforms, such as Heroku and Cloud Foundry, have always used containers internally. What’s different now is that the industry is moving
towards standardizing containers, and that enterprises can freely choose the best tools and services built around these standards. Interestingly, as part of the launch of its cloud services, Google revealed that they have been running most of their applications in containers for the last 10 years.
Key Benefits Containers provide several benefits and lead to DevOps best practices.
1. Immutable Images: With containers, application code is packaged into a binary image, as part of the build process. This image can be versioned, tagged, and pushed to an image repository. They can then be pulled and executed, without any change, on any container host. Immutable images are a key to fast recovery and other DevOps best practices such as blue-green deployments and canary launches.
2. Portability: Once built, a container image can be run on any host, enabling basic portability. Multi-cloud Container services, like Nirmata and Tutum is build on this basic portability and enable fully automated deployment of entire applications on any cloud provider, with a single click or API request.
Jim Bugwadia
3. Standard Units of Operations: Since all applications are packaged in a common format, automation tools doesn’t have to deal with the complexity and varying needs of different languages and runtimes. A great analogy here is related to shipping container and transportation industries—imagine the lack of productivity before shipping containers became an international standard!
4. Fast Deployment Times: Containers are lightweight and typically start in milliseconds. Since, release cycle application developers do thousands of launches, decreasing deployment times directly translates to huge productivity gains for the team. One of our customers JULY 2017 CIOAPPLICATIONS.COM
47
at Nirmata, a large Enterprise IT applications team, estimated a 30 percent increase in agility by moving to containers for automated deployment of their dev- test environments.
containers are poised to quickly become the first choice for packaging and deploying applications
5. Increased Utilization: With containers, you can decouple applications from the underlying infrastructure. This makes it possible to share infrastructure across applications and environment types. Taking a step ahead, containers fully automate the placement and scheduling of application containers. These tools can help increase server utilization from the typical 10-15 percent to a 60-80 percent range. For instance, another Nirmata customer has leveraged AWS Spot Instances and saved 60 percent on server costs, by relying on automated recovery and demand-driven scheduling.
6. Enabler for Microservices: High performers have architected, enablinge DevOps to become mainstream, as Microservices. With Microservices style architectures, large monolithic applications are decomposed into smaller runtime components that can be independently versioned and delivered.
Challenges As with any new technology, application containers do introduce new challenges that need to be considered.
1. Security: Application containers running on the same server share a host operating system. This may be a concern for some applications. Most deployments today deploy containers on Virtual Machines and use existing tools to secure the virtual machine. This can impact utilization, but helps provide security and isolation where needed. Another security concern is ensuring that container images, especially those used in production environments, are pulled from a trusted source with approval and verification for use by the security team.. Both of these issues have been addressed by Docker and startups like Illumio, Twistlock, and Apcera to provide comprehensive security and compliance solutions for containers.
2. Orchestration and Lifecycle Management: While deploying a small set of containers is easy, managing containers for different environments and applications can be complex. Container deployment and lifecycle management is best left to automated services which can continuously monitor, tune, and optimize deployments. The good news is that startups like Nirmata and Tutum are providing easy-to-use multi-cloud container services designed for enterprise DevOps teams.
3. Monitoring and Troubleshooting: With the shift towards Microservices style applications using containers, the requirement is to manage new approaches for monitoring and troubleshooting applications. Once again a healthy ecosystem has rapidly emerged, with startups like Sysdig, SignalFx, and DataDog filling in the void.
Summary Application Containers are a key enabler for
48
JULY 2017 CIOAPPLICATIONS.COM
DevOps agility and automation. While no single technology is a silver bullet, containers can be a game-changer for enterprise DevOps! There is a common misconception that containers are only good for certain types of applications, such as stateless microservices style applications. This is not the case and almost any application that can run in a Virtual Machine can also run in a container. Also newer storage services, as well as container storage plug-ins are available for the few cases that cannot be handled. Much like the adoption curve for VMs and cloud instances went from “cool, but my application has special needs” to “cloudfirst!” containers are poised to quickly become the first choice for packaging and deploying applications. By adopting containers, enterprises can immediately leverage several best practices that high-performing IT teams have in place. At Nirmata, the advices we give our customers are as follows:
1. Containerize: Containerizing existing applications provides immediate value with agility and portability. The process will also bring best practices, such as separating configuration from code, and other principles for 12-factor applications. For instance, a 3-tier application is best containerized as three separate containers images, one for each tier.
2. Automate: Containers can now fully automate application delivery and lifecycle management. Early adopters had to build their own tools, or cobble together several different tools. Now enterprise-grade solutions are available for mainstream use.
3. Transform: Lead towards a DevOps culture and organization. Also consider transforming monolithic applications into microservices style applications for increased agility and benefits. These transitions take time, and should not be rushed into.
AMAZON TOP 25
SOLUTION PROVIDERS-2017
Zettaset Encryption for Big Data in the Cloud
T
he world is swiftly changing, and the pressure in the software industry has ramped up, toeing the line where cloud is being touted as everything and the greatest disruptor. While cloud adoption is modernizing business, providing organizations with superior agility and unprecedented economies of scale, data security remains a major concern for organizations moving their application or infrastructure to the cloud. Peripheral security approaches like firewalls can only do so much. Once a firewall is breached, the unprotected database is open to attack. To truly protect a database and storage environment, you need to adopt data-centric security approach like encryption. Mountain View, CA-based Zettaset provides big data encryption, access-control, and policy management solutions that help organizations take total control of encryption key access and management while using Amazon or other cloud services. “We deliver enterprise-hardened software solutions that not only provide data protection, but also maintain the integrity of secured data,” says Jim Vogt, President and CEO at Zettaset. Data has rapidly become the world’s most valuable resource and the primary asset of many organizations. In a cloud environment, the most efficient way to secure databases is to use software-based solutions that share the elasticity of virtual machines and cloud computing. As part of its Big Data Encryption Suite, Zettaset delivers software based encryption solutions that are designed to scale to the dynamic needs of virtual machines and cloud computing. It ensures that the data remains protected and that operational processes are simplified.
We deliver enterprise-hardened software-based security solutions that not only provide superior data protection, but also ensure the integrity of encrypted data Zettaset big data encryption solutions also help organizations maintain regulatory compliance while preventing hackers and malicious insiders from stealthily modifying Access Control Lists and stealing sensitive data. Optimized for multi-node Big Data distributed computing architectures and databases like Relational, Object, NoSQL, and Hadoop, the Zettaset Big Data Encryption Suite offers unique capabilities not found in
competitive products, like ultra-secure authenticated encryption using associated data (AEAD) that protects encrypted data from unauthorized cipher Jim Vogt, text modifications. President and CEO Being proactive against data breaches and security infringements are the key fundamentals to avoid harm to revenue and reputation. Financial, healthcare, retail, and government organizations are primary targets for cybercriminals, as they deal with vast quantities of sensitive data including highly valuable personal customer information on a daily basis. Amazon Simple Storage Service (S3) offers object-based storage through a web services interface, and is one of the most widely adopted cloud storage services in the world. XCrypt, Zettaset’s advanced cloud encryption data protection platform specifically designed for Amazon’s S3 storage, provides users with exclusive control of encryption keys and eliminates the need for Amazon or any third-party to have access to the keys. “With the XCrypt Cloud Encryption Gateway, Zettaset is extending its advanced Big Data encryption capabilities into the cloud, providing organizations with complete control over cloud encryption services, including key management,” notes Vogt. He adds, “We believe this will accelerate cloud infrastructure adoption, particularly among organizations with strict compliance requirements.” The XCrypt Cloud Encryption Gateway enables 360-degree client-side control of all the data moving between the local and cloud data stores. Unlike traditional legacy encryption technologies, Zettaset has optimized its encryption software to support the most demanding enterprise applications without introducing any noticeable lag or latency. “Our distinctive encryption process is transparent to the end user and has negligible impact on database performance, making it perfect for enterprise environments where application efficiency and database scalability are paramount,” explains Vogt. Database breaches continue unabated, forcing vulnerable organizations to re-evaluate their data security strategies and look more closely at ways to protect their corporate digital assets, on-premises and in the cloud. Zettaset foresees greater opportunities in big data and cloud security, and continues to invest in technology developments that will optimize data security for its customers. JULY 2017 CIOAPPLICATIONS.COM
49
CIO INSIGHTS
COLLECTIVELY ADVANCING INFORMATION TECHNOLOGY
THROUGH COLLABORATION JACK SUESS, CIO, UNIVERSITY OF MARYLAND BALTIMORE COUNTY (UMBC)
Collectively Developing a Cloud Strategy A major challenge in HigherEd is to increase our agility without increasing costs or limiting future flexibility. For that to happen we have to take advantage of cloud services Many HigherEd institutions have been in existence for more than 100 years and tend to be risk-averse when it comes to the cloud. In addition, most institutions expect to be around for hundreds of years in the future, requiring a long-term view in developing their cloud strategy that presumes cloud vendors will be replaced or go out of business. As a result, it is important that institutions develop a cloud strategy that includes the full life cycle: from acquisition through exiting the contract, including a consistent model for service integration, security, privacy, and full access to important data. Through a well-defined strategy it is possible to exit a SaaS contract when other options prove more viable.
HigherEd has a long history of institutions collaborating with each other and we have funded organizations to support that collaboration. One such organization is Internet2, founded in 1996 to support development of an advanced network serving research universities. It now has almost 300 members and operates a 100 GB network linking universities and national research labs. This network regularly allows universities to exchange terabytes of data each day and is now being extended to data intensive cloud services such as AWS and Microsoft Azure. In 2011, Internet2 worked with its members to collectively develop a strategy to cloud computing. When we started this initiative the major barriers our institutions had were unacceptable contract terms from vendors, lack of transparency in security practices of cloud vendors, and custom integration strategies for authentication and authorization. By working together as a community we have developed model contracts that work for all parties, partnered with the cloud security alliance to develop a more robust version of the cloud control matrix, and standardized on a federated identity management approach that simplifies provisioning and authentication.
Collectively Working to Improve Educational Outcomes Improving education outcomes, such as the number of students graduating and/or lowering the time it takes to complete a university degree, have taken on increased importance in HigherEd. This is increasing both advances in educational technology to improve teaching and adopting data analytics to help institutions determine what interventions work best with students. Increasingly more institutions are looking at developing predictive analytics that can identify the interventions and provide advice most appropriate for a specific student based on their data and risk factors. Jack Suess In concept, this is much the same as personalized medicine and is still in its very
50
JULY 2017 CIOAPPLICATIONS.COM
early stages. We are beginning to have universities partner with each other to collect data across universities so that we can leverage the benefits that large data sets can provide in predictive modeling.
Collaborating to Create Standards in Education Technology One way to improve learning outcomes is to redesign some of our high-demand courses that have higher failure rates. Usually this entails moving away from a lecture model to courses that require students to be active-learners without the professor lecturing all class. Many of the advances in educational technology tools are making this more viable and cost-effective. interoperability and making it easier for vendors to innovate.
Users not only want choice around what device they use and when, but what software and services they use to collaborate The EdTech boom is providing many more innovative technology tools allowing faculty to customize their class. For this to work well requires well-defined standards. In the educational technology space, higher education is working closely with our K-12 partners and industry suppliers through IMSGlobal, our standards development organization. IMSGlobal brings stakeholders together to define the standards and develops conformance tests to make sure supplier’s products meet the standard. Through this collaboration, we are increasing
Creating the BYOE Revolution BYOE means bring you own everything and is the evolution of bring your own device (BYOD) to also include software and services. Increasingly, users not only want choice around what device they use and when, but what software and services they use to collaborate. As a result, giving people more choice in how they learn or do their work is important. Through a well defined cloud strategy, and through the use of standards, it can be easy to add additional cloud services that give user’s choice. At my institution we offer people the ability to use both Google Apps and Microsoft O365. In addition, we are working with other universities to enable flexible learning environments that allow faculty and students more choice in the tools they use, especially around collaboration and educational applications.
Driving Innovation and Process Transformation In my role as Vice President, I work very closely with the other senior leaders to use technology as a catalyst for driving innovation and increasing efficiency.
A significant part of my work involves working across stakeholders in support of change management. As a result, IT works closely with our business units on improving business processes through a combination of providing robust business intelligence solutions to support reporting and through the aggressive use of SaaS solutions to streamline business processes. The use of SaaS solutions is enabled by our cloud strategy that the business units understand and support. In addition, through our IT governance process all the business units have a seat at the table in deciding which SaaS solutions we will implement.
Building the Right Solutions Collaboratively My IT organization focuses on collaboration in two dimensions – externally and internally. Externally, we actively engage with our higher education associations like EDUCAUSE, Internet2, and IMSGlobal to identify innovative solutions and best practices that we can bring back to my institution. Internally, we collaborate within the university to implement these innovative solutions in support of the organization’s overarching goals. As a result, IT is viewed as a strategic business partner for organizational success. JULY 2017 CIOAPPLICATIONS.COM
51
CIO INSIGHTS
EMBRACING HYBRID CLOUD WITH AWS JOE FULLER, VP/CIO, DOMINION ENTERPRISES
A
s CIO, I’m responsible for maintaining a reliable hosting infrastructure for Homes.com, ForRent.com, Boattrader.com, and 23 other classifieds portals. We operate two data centers. One is in our home office in Norfolk, VA and the other is leased in Ashburn, VA, where 75 percent of U.S. Internet traffic flows daily. My team’s job is to help 39 separate operating units leverage our own facilities and the public cloud. We have significant operations in Microsoft Azure and Amazon Web Services. AWS probably snuck into your business as Shadow IT. I was introduced to Shadow IT during the late 2010 budget season. A developer in our employment advertising business told me he would not be hosting their new web applications in our data center the next year. He said he had used his company credit card to purchase platform-asa-service computing from Heroku. He planned to host greenfield apps there during development and move them into production there as they grew. I asked if he had included my team in his planning and he deadpanned, “why would I?” I explored the reasons behind his decision and found them to be rational and compelling. This new way of developing, testing and deploying applications was cheap. It deferred capital investments and allowed development teams to go fast. I understood this new computing paradigm would change the way my IT group did business and I wanted to embrace it. At the time, I didn’t know whether Ruby or Heroku or Google App Engine was best for our company (my colleagues will tell you that I didn’t earn my CIO role because I was the smartest technical head in the room). But I’m pretty good at recognizing important trends and Software as a Service was an important trend. If developers could easily acquire whatever computing they needed without asking my group to stand up servers, load OS’s, open ports and write firewall
52
JULY 2017 CIOAPPLICATIONS.COM
Joe Fuller
rules, then my group might become obsolete. I and my infrastructure team needed to get educated, and we started with industry leading AWS. My top 3 lieutenants and I went to the AWS re:Invent conference in Las Vegas. I attended sessions on costs and change management. There was a huge buzz; AWS was on a roll. We came away from the
trip understanding that our roles as systems administrators had to morph into roles as systems architects with a strong emphasis on cloud architecture. We made a conscious effort to get closer to our internal customers and offered to broker services such as Content Delivery Networks to combine purchasing power. We persuaded all the AWS users to consolidate
their separate bills into one that we would manage. They didn’t give up their administrator rights. We just took over the clerical task of paying and allocating the bill. But the biggest change we made was modeling our chargeback model after AWS. We changed our computing offerings to mimic the line items offered by AWS. For example, we offered small, medium, and large virtual machines and charged different rates for slow and fast storage. We even matched the AWS pricing. That accomplished three goals. One, our internal customers could not claim that moving to the cloud was cheaper. Two, it made us more aware of our operating inefficiencies so we could improve them. And three, it made everyone operate in a “pay-asyou-consume” mode, which provided incentives to reduce costs and increase efficiency. Our next big integration with AWS was providing a Direct Connect to AWS in our leased data center in Ashburn, Virginia. We knew that development, testing, and disaster recovery were the “killer apps” for the public cloud. A number of our internal customers were already using AWS for these functions. But we needed to provide a more seamless way for the servers to connect
The Direct Connect makes security and network administration almost as easy as if we housed the servers ourselves between our internal network and the AWS network. Equinix, in partnership with Amazon, offers an AWS Direct Connect. With AWS Direct Connect, we have private and public IP access to resources in the AWS cloud but can keep them separate. We get the security benefits of private cloud along with the economies of scale of public cloud. Our internal customers can now easily stand up development, testing or disaster recovery servers in AWS while privately connecting to their databases in our cages.
There have been lessons learned as we have used our hybrid cloud setup with AWS. Our internal customers have learned that not all applications are cheaper to run in the public cloud. For example, large databases processing millions of records and images daily can be expensive to operate in AWS. There have been some “noisy neighbor” performance lessons too. Not all AWS instances are the same. Spinning up additional servers when performance takes a dip was not as easy as we first thought. Finally, it looks like the AWS downward pricing trend has reached bottom, as they have recently increased pricing of some of their virtual machine offerings. Overall, the AWS hybrid experience has been great. Workloads that vary can be augmented by AWS servers and we know if a disaster takes out our production sites, we can quickly spin up all the web servers we need. Being able to stand up large development and test environments as needed in AWS also saves us capital expense. The direct connect makes security and network administration almost as easy as if we housed the servers ourselves. We are big fans of the hybrid cloud model, particularly with AWS. JULY 2017 CIOAPPLICATIONS.COM
53
CXO INSIGHTS
ACCELERATING APPLICATION DEPLOYMENT THROUGH THE CLOUD JOHN LANDWEHR, VP & PUBLIC SECTOR CTO, ADOBE
How Adobe Met Amazon Applications Go Live: The business owners are anxious to deploy their newly acquired enterprise software solutions. The boxes of software DVDs sit idle for months as the server hardware and network infrastructure is carefully planned to meet all future needs of application scalability and reliability. Meanwhile, the organization’s datacenter is checked for corresponding rack space, power, cooling, and bandwidth needs. The new dedicated hardware eventually arrives at the loading dock, and enterprise software and hardware finally meet at the datacenter. All three elements are critical to bring the applications online - but the authority to operate is still months away, because the hardware still needs operating systems, other pre-requisite software, lots of configuration, testing, and especially security assessments. Eventually the applications go live, and the team already begins to dread the future hardware refresh, and hopes to have enough scalability to meet the forecasted demand. The business owners now have spreadsheets full of line items to monitor all the ongoing operational expenses. As organization’s datacenters become overcrowded, the cloud arrives just in time with Infrastructure as a Service (IaaS), virtualization, elastic computing, and multiple availability zones – significantly reducing the infrastructure costs while increasing scalability and reliability. Tracking cost of ownership is greatly simplified, as hardware and datacenter expenses are consolidated, but every new software acquisition still requires significant configuration and testing of the infrastructure for new
54
JULY 2017 CIOAPPLICATIONS.COM
software to be deployed. As months go by, business owners increasingly become impatient as they feel the promise of the cloud was supposed to significantly streamline the go-live process in addition to saving infrastructure costs. By the time the first application is deployed, it’s already out of date and newer vendor software is available that would greatly support the business mission. The planning for application refreshes on the infrastructure remains hazy.
Tracking cost of ownership is greatly simplified as hardware and datacenter expenses are consolidated Streamline Go-Live Process Reduced IT Backlog: Software as a Service (SaaS) arrives. Infrastructure dial tone becomes application dial tone, as new software capabilities are quickly provisioned through a single service acquisition. Infrastructure is perfectly matched to the software, and continuously delivered with security controls, end-to-end monitoring, and ongoing maintenance, upgrades, and support – from a single solution provider. The IT backlog is now reduced, so enterprise resources can focus on bringing new services online more quickly, with better digital experiences for internal and external users. This is where Adobe and Amazon met in 2008 to deliver industry leading
John Landwehr enterprise solutions for commercial and government customers globally. Given the infrastructure benefits of AWS, Adobe has been able to quickly expand its SaaS portfolio and change the way value is delivered to customers with greater scalability, reliability, and global availability. Public sector enterprises are especially driven to the cloud by data center consolidation efforts and the need to reduce budgets; however, this transition also has an increased responsibility - security. To consistently address cloud security requirements for government, the Federal Risk and Authorization Management Program (FedRAMP) was developed, and has been viewed as the highest bar for commercial and government cloud security around the world. In 2015, Adobe attained FedRAMP authorization for its first wave of SaaS and PaaS applications delivered through the AWS cloud and became the first FedRAMP authorized cloud service provider to deliver: web content management and digital asset management, electronic forms with esignatures, digital rights managements, web-conferencing, and eLearning.
JULY 2017 CIOAPPLICATIONS.COM
55
56
JULY 2017 CIOAPPLICATIONS.COM