Microsoft announce new ‘cloud readiness tool’, London gets cloud incident management system, cloud is future for security say Qualys, shift in cloud use say Lufthansa
Microsoft has announced a new tool which they have developed in order to help enterprises test their readiness for deployment to the cloud. The Cloud Security Readiness Tool is a free resource for IT professionals to use and asks a number of questions designed to test compliance, security and transparency.
The tool was announced at this year’s RSA Conference Europe in London by Adrienne Hall, general manager of Trustworthy Computing at Microsoft.
According to Hall, many companies who have already adopted cloud have found that it is much more secure and provides better transparency than their previous, on-site solutions. This contravenes concerns expressed by many IT departments as most cite the above reasons as why they are not taking up cloud services.
"This shows companies are more concerned than they should be,” Hall said.
The tool has been developed in collaboration with the Cloud Security Alliance (CSA) and ISO in order to better share information and many of the questions required to be answered by the tool come from CSA’s Cloud Controls Matrix.
"The aim of the tool is to simplify the process and cut through the clutter to help organisations take a step-by-step look at cloud adoption based on their environment,” Hall explained.
At the moment, the tool, which generates a report on the best way for a company to proceed, “steers” companies towards using SaaS services. Of course, users are then nudged in the direction of using Microsoft’s own products.
Questions are presented in a multi-choice format and concentrate on security and compliance policies and how these are implemented within the business.
The tool is intended to help SMBs with employees of between 1000-50,000 and also covers risk management.
London gets cloud incident management system
The Greater London Authority (GLA) has implemented a new cloud-based incident management system designed to help it deal with major traffic accidents, protests, fires and possible terrorist attacks.
Xactium Incident Manager will allow the authority to effectively track, manage and report incidents as they occur in the capital, using cloud to help local authorities to track issues. Workflows ensure that incidents are reported in real time, allowing for better response times.
The SaaS management system works through a browser, doing away with the need to install additional hardware and therefore saving Londoners cash on their taxes (in theory anyway). All of the data is stored on Salesforce’s secure public cloud and is built upon the company’s Force.com platform, although the application itself belongs to Xactium.
Vincent Fihosy, city operations programme director at Greater London Authority, said: "The Xactium system provides the GLA and its partners with a flexible and resilient information management solution, facilitating effective issue management, monitoring and reporting across multiple service areas."
Extensive testing has been carried out using iTrinegy’s INE for Windows to ensure users get the best performance across web apps, client/server systems, Citrix apps and VoIP.
Cloud is future for security, says Qualys
Phillipe Courtot, chairman and CEO of IT security company Qualys, has said that cloud computing should be embraced by security professionals as it’s an opportunity not to be missed.
Speaking at the RSA Conference Europe, London this week, Courtot said that cloud presented a fantastic opportunity for IT professionals to “help build security into the cloud”.
He urged listeners to join the Cloud Security Alliance and said that “cloud computing can no longer be dismissed as a marketing gimmick”.
He went on to say that whilst cloud presents more security challenges, these can be dealt with by looking at different ways to secure major components through things like automated patching in the data centre.
"It is also easy to build a fortress around datacentres and restrict what goes in and out," Courtot said.
He continued by saying that regular audits could help to ensure that applications are kept up to date and that web applications are the “soft underbelly” of the web. Devices, he said, should also be regarded in the same manner and organisations needed to ensure that they can identify access to their networks at all times.
"Scale is probably only something the cloud itself can solve," he said, talking about the current problems which enterprises experience around flexibility of their systems.
This means that security organisations should be looking to build cloud-based intelligence platforms to meet the concerns of businesses.
"Real-time big data is a key element of tomorrow's security, because once an organisation has created one platform, it can be cloned easily and used globally," Courtot added.
Shift in cloud, according to Lufthansa Systems
Jorg Leibe, head of Lufthansa Systems spoke recently at VMware Europe 2012 and said that a shift has taken place when it comes to companies running public, private and hybrid cloud.
The German company deals with a variety of apps for airlines and travel companies, including German airline Eurowings, who recently chose the company to provide their data centre operations and SAP application management and hosting.
Liebe said: “The vCloud approach is somewhere in the middle of the private and the public. Instead of running the cloud of our datacentre in Germany, we can deploy near the airline customer and still maintain security and management.
“It’s about provisioning the datacentres to where the pilots are so they can grab their data from a datacentre that’s closer to them.”
VMware’s chief operating officer and co-president Carl Eschenbach said that essentially the company are providing a “private cloud but don’t have datacentres all around the world, so can deploy a public cloud in a customer’s datacentre and access those services through VMware tools.”