The Cloud and the Fourth Amendment: What You Should Know

A judge’s ruling last week that a user’s data is not protected by the Fourth Amendment concerns some businesses who use cloud hosting services. The ruling essentially states that consumers and organizations aren’t protected by the amendment that requires a warrant to be in place before a search and seizure can be conducted.

Cloud-Hosted Data

The ruling is primarily an effort to protect American servers against terrorism. Yet, for businesses concerned about the safety of company secrets, the fact that officials could sift through those secrets brings with it many reasonable questions. Who are these entities? How can a business be sure only authorized officials have access to any retrieved information?

Interestingly, at the same time, a Washington, D.C. judge ruled that the NSA phone surveillance program was very likely in violation of the Fourth Amendment, making it clear that this is a discussion that will continue for some time. Meanwhile, businesses are wondering if they’re likely to be impacted by one of these searches.

Borrowing Trouble

For the vast majority of businesses, there is little likelihood that government officials will ever take an interest in sifting through their data. Most cloud service providers will never be confronted with one of these searches, making cloud storage much safer than taking the risk of a hacker infiltrating on-site data that isn’t properly secured.

While lawmakers iron out the details, businesses can protect themselves by staying aboveboard with activities. Government officials aren’t likely to issue a subpoena to search data unless there’s a reason. A business that is operating honestly and legally isn’t likely to encounter an issue related to search and seizure, just as an honest, forthright citizen is unlikely to get a visit from the police at 8:00 on a Friday night.

The Fourth Amendment exists to protect consumers from unreasonable searches and seizures. Since officials generally conduct seizures because there is a reason, most businesses will never be impacted by a search and seizure of their cloud-hosted data. However, it’s important to note that whether a business is storing data in the cloud or not, officials can still obtain a subpoena and demand access to data if a reason exists to do so.

Virtual Desktops: The Future of Business?

We’ve all heard plenty about the growing popularity of Cloud computing, but in many workplaces, employees are still connecting to servers via a traditional desktop or laptop PC. Mobile device use allows employees to connect directly to the Cloud, but there are still many employees chained to a desk all day. Think of the many receptionists, call center operators, customer service technicians, and similar workers for whom a tablet doesn’t make sense. For those employees, the future is likely in the virtual desktop.

The Basic Concept

The concept makes more sense than the current mode of operation in many businesses. Instead of purchasing a $600-$1,000 PC and associated software for each PC, businesses run everything off one central server, assigning each worker a designated piece of space. It’s an internal Cloud that centralizes everything. Instead of moving from PC to PC to install, update, and troubleshoot software, IT professionals can control operations from one central place, potentially even offsite. Security is also a benefit to virtual desktops, since workplaces no longer have to worry about desktop malware.

So what’s stopping all of this innovation? Believe it or not, expense. The software that powers all of this technology, VMWare, is notoriously expensive, prohibiting most enterprises from deploying it. The good news is, VMWare seems to realize this limitation, having announced recently that they’re working to streamline costs in order to make the technology available to the masses.

Cloud-Based Virtualization

Cloud service providers are also catching on to the potential of virtualization. These much larger companies are able to deploy the software directly to users, without an on-site server required. Virtualizing desktops can allow them to work side-by-side with the same mobile devices a business’s traveling employees are using to access those same servers. As Cloud providers race to be the first to offer these solutions to businesses of all sizes, those companies that aren’t yet Cloud-based will continue to gradually migrate operations to the Cloud. This migration will prepare them for the day virtualization becomes a part of their business model.

Cloud Services Need More Data Security Transparency for Better Risk Management

Customers of commercial cloud computing services, notably SaaS (software as a service), are realizing serious data security holes in the contractual provisions of what is acclaimed by many as a practical cost-cutting IT solution. The IT market analyst Gartner has released a comprehensive report pointing out some discomforting oversights in cloud computing contracts which it characterized as containing “ambiguous terms” involving the maintenance of data integrity, confidentiality, and data recovery after a system failure leading to loss or compromised data housed in remote cloud computing servers.

The Problem Uncovered by the Garner Report

The situation has highlighted risks to data security that has led to jitters among cloud service customers while making it more difficult for service providers to rationalize the risk they expose their clients to without any clear contractual provision that can allay their data security fears. According to the Gartner report, 80% of IT professionals overseeing the contractual purchase of cloud services will remain dismayed over the inadequacy of data security protection in SaaS agreements with providers up to the year 2015.

The analysis section comprising the main body of the Gartner Report has sub-section titles that clearly indict the current state of SaaS contracts in the area of data risk management. It cautions cloud users not to use SaaS contracts as a “Hedge against Risks,” and not to be complacent in assuming that these contracts provide the company with “Risk Transparency” or the “Adequate Service Levels for Security and Recovery.”

At the moment, there is no standard or consensus among cloud service vendors on how best to provide the proper data security commitments. SaaS vendors would naturally want to expose themselves to as little commitment as possible. Among them, a single failure that compromise data security could affect several hosted customers so that even modest compensation costs could easily rack up. As a result, most cloud providers deliberately avoid such contractual obligations, some preferring to provide less expensive penalties in the form of services in kind in the event they fail to live up to any part of the SLA.

Putting in the right SLA provisions

According to Alexa Bona, VP of the prestigious firm, cloud service users are getting frustrated over the lack of transparency provided by current and prospective cloud service providers in risk management. She added that at the very least, cloud users should ensure that the SaaS agreement they enter with providers contain a provision that allow for an annual 3rd party security audit and certification, as well as the option for a unilateral termination of the contract should the provider fail to perform such measures.

Cloud customers should demand that SaaS providers respond to audit assessment as required in mitigating the risks. Bona refers to the Cloud Security Alliance (CSA) whose “Cloud Controls Matrix” in spreadsheet form effectively provides a comprehensive model listing the necessary control objectives considered by CSA participants as having high priority in cloud computing security. The more users demand this level of commitment, there is a higher chance that service level standards will improve, and covering data protection risks can become common practice among vendors through regular assessments as simple as service questionnaires, responses to 3rd party audit assessments, and client’s own on-site audit checks.

The report’s analysis section ends with the admonition that users should not assume that SaaS contracts have enough data security and recovery provisions in their service levels. This has obviously been the case so far and users reviewing their contracts with cloud service providers are recognizing the loopholes that expose them to the risk of data losses and recovery problems they didn’t have before going into cloud computing.

IT professionals responsible for procuring cloud services must ensure that their SLAs contain specific provisions that contractually obligates service provides to meet company expectations in protecting data from external attacks, theft and implementing data recovery. The Gartner report recommends that SLA provisions should include data recovery objectives, recovery time thresholds, and data integrity measures with sufficient penalties if missed. IT service procurement executives should ensure that there is enough security commitments in writing which, at the bare minimum, provide for regular penetration assessments by 3rd party security auditors, and an obligation to correct any potential problem uncovered by such audits. Needless to say, failure to act on the audit assessments should give customers the option to cancel the contract as well as demand a meaningful monetary compensation for any failure to address shortfalls in the security audit.

The risk implications to the business have driven IT professionals in the areas of data recovery, security, business continuity, and standards compliance to voice their concerns in the purchasing process when getting into commercial cloud services. Bona sees their active participation from here on in reviewing contracted SLAs to ensure that such agreements hold up to the company’s data security standards by having sustainable deals for adequate risk management on the part of cloud service providers. Lastly, Bona advises that cloud customers should seriously consider 2-3 year fee liability limits, instead of the usual 1-year period, along with procuring added risk and liability insurance policies whenever possible.

More Than 84 Percent Of Organizations Use Or Plan To Use Cloud Storage – Find Out Why!

The notion of “Cloud Storage” has been intensely debated over the past months, as research suggests that five out of six businesses either use or plan to use cloud storage in the near future. At the same time, a study conducted by TwinStrata, Inc. has revealed that one out of three businesses has already been using cloud storage for more than three years.

In addition to this, the same study suggests that the number of companies that have implemented SaaS, PaaS or IaaS has also increased over the past several years. More than 84% of the total number of businesses either use or consider using cloud storage in the future, due to its numerous benefits. This study was conducted at the beginning of 2013 and it was aimed at cloud-friendly respondents.

The statistics are impressive, but what is the fuss all about? In a nutshell, cloud storage refers to a model of enterprise storage where all the data is kept not just on the computer, but also in virtualized pools where it can be easily accessed by other users. This new and innovative form of data storage has numerous benefits, this is why it has become very sought-after in the business industry.

Given these impressive statistics, it’s perfectly fine to ask yourself why are businesses so interested in this innovative type of storage? The answer is very simple: the most notable benefit of cloud computing is the expansion of the storage space. Otherwise stated, organizations have more space to store important data, the information is safe and secure and it can be accessed on a 24/7 basis. Besides this, another important advantage is that users can access the platform regardless of their location, given the fact that the data is stored in a virtual pool on the Internet, rather than on a physical computer. This improves scalability and it facilitates access to information.

A Closer Look At The Statistics

Another reason that has determined the migration of businesses from traditional storage to cloud storage is the fact that storage capacity demands are outpacing the storage density growth. Statistics show that the storage density grows by no more than 20% a year, while the demand grows by up to 60% a year, which is three times faster. In other words, enterprises face the risk of running out of space where they can safely store their data.

This is where cloud storage steps in and offers business owners the peace of mind they need. The same statistics reveal that in the past year, the use of cloud services has increased steadily: the use of software as a service and platform as a service has increased by 10% as compared to the previous year.

The Bottom Line

In conclusion, these encouraging statistics reveal a promising future for cloud services. Businesses all around the world are the ones that benefit the most from the expansion of cloud storage, as this is a safer, more reliable, more efficient and more convenient alternative to traditional means of storing the information.

CFOs and CIOs can keep up with Business’ growth with Cloud Computing, discovers Deloitte report

The latest issue of CFO Insights from Deloitte investigates the role of cloud computing and focuses on the benefits and decision-making concerns offered by transitioning to this new technology environment.The assessment from Deloitte’s report addresses technology decision-makers, notably the CIOs and CFOs, who will soon need to face the reality that they need to transition their organization’s computing technology, it services, and data to “the cloud”. As cloud computing technology attains wider usage, more businesses will soon have to deal with the decision to shift from an on-premises technology setting to a cloud based one.The idea of cloud computing has prevailed for a long time. The basic premise behind it is that the business can outsource daily management of resources on a need-only basis, identical to buying utility services, such as water and power. However, one crucial factor is that the cloud computing resources are delivered over the Internet.

The Deloitte report underlines the need to have a productive working relationship between the CFO and CIO. The decision to embrace cloud computing is broader in scope than just the information technology department. The CFO can strategize cloud computing to execute financial objectives, and at the same time create a risk intelligent culture. The CIO can increase the visibility of the technology department as an esteemed part of the organization.

Cloud resources can broadly be classified into these four categories: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a service (IaaS). Most individuals assume SaaS to be the only cloud computing resource, which involves the administering of software applications on demand. The software applications can range from email, backup and file storage solutions to customer relationship management (CRM) and financial applications.

However, there are other use cases for cloud computing. For example, PaaS is used a software development platform to develop new applications, whereas IaaS is used an on-demand hardware resource platform.

The Deloitte report advocates the introspection of relative costs and benefits of different cloud resources before taking the decision. Most organizations reserve the use of cloud computing to low-risk projects, or tasks ideally unsuitable for on-premises technology.

The most cited benefit by various CFOs and CIOs in their interviews is the flexibility that cloud computing offers; it can scale and react to technology changes very quickly. Significant reduction in infrastructure costs and IT support staff requirements are also a few of the other benefits cited.

However, the CFOs and CIOs also raised a few concerns in their interviews regarding the safety and reliability of using cloud computing. Is the data safe? Where is it stored? Is the data backed up? What should a business do when it needs to shift from one cloud technology provider to another? These are all the questions that are asked frequently an organization before embracing cloud computing.

Nevertheless, the CFOs and CIOs also reported that cloud vendors are more likely to provide higher levels of performance and better security. The vendors have to perform as their business depends on it; if they fail to provide a good service, then they will lose all their clients and reputability.

The report recommends the business to assess its technology needs in the context of its purpose and needs. As the business changes and evolves, the technology also needs to keep up with it. By evaluating the business’ administrative concerns and how the availability of cloud technology will influence the organization, the CFOs and CIOs can make sure that their business transits fluently into a cloud computing environment.

If you’re interested in learning how can help your business save money by utilizing cloud services, be sure to reference our cloud computing consulting services.

IT Service Trends for 2013

Each year it sees like business processes, even for the smallest of enterprises, become more deeply enmeshed with technology. Here are three trends you’ll want to stay on top of this year.

1. Devices. Technology research firm Gartner predicts worldwide spending on devices—including PCs, smartphones, tablets and printers—will jump 6.3 percent to $66 billion in 2013, after only growing 2.9 percent last year. That’s especially significant since Gartner also points out the prices of devices like tablets are falling fast—it means people are going to be buying a whole lot of them. Smartphones are also on the cusp of overtaking PCs as the way most people get online. Questions about bring-your-own-device policies, company-owned computers and tablets, and accessibility of work systems from phones and tablets are bound to grow, and IT management companies will need to have answers.

2. The Cloud. Gartner also says the global market for public cloud services rose 20 percent in 2012 to $109 billion and it will grow to $206.6 billion in 2016. In particular, this looks like the moment for infrastructure-as-a-service (IaaS), the type of cloud service that allows companies the maximum flexibility in designing their own systems on remote servers. IaaS will grow from faster than other sorts of cloud computing in coming years, according to Gartner. Migrating data and infrastructure to the cloud is going to be big business for IT service firms.

3. Big Data. This one is bound to be on trend lists for many years to come, but 2013 will surely see increasing focus on the management of the ever-growing mounds of information piling up on corporate servers. Already, major IT companies have whole divisions devoted to figuring out how to make sense of reams of customer transactions, social media interactions and security camera footage. These ideas are bound to trickle down and become something that businesses and IT firms of every size find themselves considering.

Hurricane Isaac and Disaster Recovery

Article first published as Hurricane Isaac and Disaster Recovery on Technorati.

As Tropical Storm Isaac threatens to hit the Florida shore, there’s no doubt some business owners in the area are scared. They’re worried about their safety and that of their employees, of course. And they’re worried about damage to their buildings and vehicles. But many are surely also concerned about their data—customer information, sales records, payroll and budget information, and everything else they keep on their computers.

Safety and property damage will always be an issue when major storms roll in. But in 2012, there’s no reason why the threat of data loss should cause anyone additional headaches. Remote backup solutions and cloud storage are available to businesses of every size at every price point.

Yet many companies aren’t taking advantage of what’s available. A study released earlier this year found that less than 40 percent of small to mid-sized businesses use any kind of cloud data storage.

The start of hurricane season should serve as a powerful reminder of why more companies should shift to remote backup. Last year, the season brought 19 tropical storms, including seven full-fledged hurricanes, to the U.S. Insured losses from the season came to about $5 billion, according to Risk Management Solutions Inc.

Of course, those losses were mostly physical property. But data loss can be even more devastating than a wrecked office. Seventy percent of small firms that have a major data loss go out of business within a year, according to a report by HP and the small-business advisory organization SCORE.

Even if you live far from Florida, there’s good reason to make sure your data is backed up in the cloud. According to the HP report, only 40 percent of data loss is caused by the destruction of hardware. Nineteen percent is the fault of software problems or viruses, and a full 38 percent is caused by human error or theft.

A good backup or cloud storage system can protect you against all those issues. It can also offer other advantages, like access to all your information when you’re away from the office. That means that, whether a flood sweeps your server away or an ice storm keeps your employees stuck at home, work can continue without missing a beat.

What Does Oracle Foresee in the Clouds?

In the world of IT, 35-year-old Oracle Corp. is one of the veterans. It also continues to be a big player, with $37 billion in revenues in its 2012 fiscal year.

But the company knows that if it wants to remain a big player, it needs to be big in the cloud. So, this June, the company announced Oracle Cloud, with online applications for customer relationship management, human relations and enterprise social networking. The Oracle cloud includes both platform as a service (PaaS), with online operating systems and network setups, and software as a service (SaaS), with applications and software that live on the company’s servers.

The move puts Oracle in line with longtime competitors like Microsoft, SAP and Google and also lines it up against Salesforce and other SaaS players. InfoWorld has an interesting interview with Oracle Senior VP Abhay Parasnis in which Parasnis emphasizes that the company’s cloud will offer an easy transition for large enterprises that have invested heavily in the way they work with their IT and now want to take it into the cloud.

Aside from moving its existing offerings into the cloud, Oracle has been on a buying spree lately, snapping up companies that offer various cloud services. Among its acquisitions this year are network virtualization provider Xsigo Systems, social media manager Involver, and cloud-based talent management company Taleo Corp., social marketing platform Virtue and social media and text analysis company Collective Intellect.

This is the sixth in a series of blog posts on major cloud computing players. and Cloud Software

So far, our series of posts on major cloud computing players has focused on companies involved in the infrastructure-as-a-service market, the fast-growing business of providing raw computing power that customers can use to store their data and run their systems as they see fit.

Another smaller but still very significant part of cloud computing is software as a service (SaaS), and one of the most important companies in that area is Analyst firm Gartner predicts that spending on SaaS will rise 18 percent in 2012 to $14.5 billion. Meanwhile, Salesforce says it will reach close to $3 billion in annual revenue in its fiscal 2013. The company’s market share is especially significant since it’s one of the few big players that focuses exclusively on SaaS rather than doing it as an offshoot of other business areas.

As its name might suggest, Salesforce is largely focused on helping businesses work with customers. Its customer relationship management, or CMR, system lets users access data on clients and prospects from anywhere and keep track of interactions with them. The company also offers a “platform as a service” product known as, which lets a company build its own applications on Salesforce’s infrastructure and integrate them into

Like many cloud computing companies, Salesforce also hosts a marketplace for applications built by outside developers that are compatible with the company’s own offerings.

The benefits of using a plug-and-play system like Salesforce’s CMR are probably obvious to anyone who’s thought about getting someone to build them a complicated system from scratch. But some experts say there’s also a downside to SaaS, as demonstrated in a late-June outage at Salesforce. Companies that run on that kind of virtual software depend on their vendor to make sure everything is properly backed up and constantly available. Those that use IaaS have a bit more ability to create their own redundant systems or otherwise build in failsafe mechanisms.

Which goes to show that, with SaaS even more than with IaaS, it’s important to evaluate vendors thoroughly before buying in to any system.

This is the fifth in a series of blog posts on major cloud computing players.

Microsoft Goes Further Into the Cloud

For as long as most of us have been using computers at work, we’ve been using Microsoft products. Aside from a few handfuls of creatives on Macs and geeky types using Linux, being an office worker has usually meant being intimately familiar with Word, PowerPoint and Excel.

But, at least by many accounts, a new era is dawning. We’re no longer tethered to the programs installed on our hard drives. It’s often easier to collaborate with colleagues by sharing a Google Doc than by emailing a Word attachment. And more and more work gets done entirely outside of the constraints of an office computer, by coworkers accessing a shared company platform on the web.

In this environment, Microsoft is well aware that it needs to compete where its customers are working—in the cloud. In 2010, it rolled out Windows Azure, a computing platform that lets users run programs, store data and analyze information on remote Microsoft servers. That first generation of Azure is classified as a platform as a service product. It works together with the company’s software-as-a-service offering, which lets businesses use the familiar Microsoft programs in the cloud through Office 365.

Now, though, Microsoft is aiming squarely at the market for raw computing power currently dominated by Amazon. The most money in the cloud computing world today lies in that raw power, known as infrastructure as a service. The new Windows Azure offering, currently only available in “preview” allows users to rent virtual machines on the company’s servers by the hour or by the month.

Google also recently unveiled an infrastructure-as-a-service offering, which means the market is getting much more crowded with big-name players. That means customers may be able to find good deals as companies vie for their business. But it also means more to consider for anyone looking to sign up with a cloud provider, from making sure any given company will keep data safe and accessible to figuring out how to compare prices in an apples-to-apples fashion.

This is the fourth in a series of blog posts on major cloud computing players.