•
The cloud computing story for the iPad will fill out as more applications become available. The first few applications we've seen give a glimpse into how the cloud plays a role in the iPad's future, especially with collaborative services such as online meetings. Cisco is launching a WebEx client for the iPad . Cisco is one of the more experienced companies for developing cloud-based products through its hosted service. It's beefing up that strategy, too, as mobile plays a more significant role in the workplace, especially as video is concerned. Sponsor Cisco is building a number of data centers throughout world, with the latest rolling out today, said Grace Kim of Cisco. The network gives Cisco flexibility in developing its client software for multiple platforms. WebEx is available on most smart phones through the browser. The app is available on the iPhone and the iPad. It is available on the Blackberry. WebEx does not as of yet have an app for the Android, With the data centers in place, Cisco gets some flexibility in how it structures pricing for clients, which it can extend to new platforms. A catalyst for that strategy may be the iPad itself. The iPad's form factor allows customers to view meetings on a screen that is simply much bigger. That's where the iPad has value. That, too, comments on how cloud computing becomes more important. The iPad makes video more logical to use. It's not available yet on the WebEx app. Cisco developed the app in the 50 days since Apple announced the iPad. Like a lot of other apps. we notice that WebEx is lacking some features. Cisco, though, is fully focused on video as a focal part of its collaboration strategy. You can expect that we will see video as part of the iPad app in future versions. The iPad is the right device for meeting collaboration. Far more so, we would say, than the iPhone. Customers will take advantage of this, fueling the need for more data centers that are designed for tasks that require elasticity, a key tenant of the cloud computing movement. Will Cisco offer more elasticity in its pricing models? Online conferencing has its roots in the ancient history of cloud computing. That's a time that dates back more than 10 years ago, (chuckle), when we first saw the glimpses of a per use model. Kim said they are always exploring new pricing structures which you can see in new products such as its hybrid offering that allows a large enterprise to use an on-premise client for data critical sessions and the hosted service for meetings that require lesser levels of security.
See the rest here:
The Cloud's Important Role for WebEx on the iPad
Tags:
apple,
application,
browser,
Cisco,
cloud computing,
data,
important-role,
iPad,
iphone,
phone-customers,
time,
voip
•
What are the security issues with the iPad and how is it suited as a device for developing enterprise scale applications? Those are the questions we posed to Ken Westin, the founder and CEO of ActiveTrak . Westin is a a security expert. His company develops a software and a service to track the location of a device if lost or stolen. In June, the company is introducing an enterprise version of its technology that will also go by the name ActiveTrak. Sponsor The iPad will become a device that we will undoubtedly see in the enterprise. It fits into the same space as a smartphone or social computing technology, applicable to personal and work life. Neville Hobson on the NextWeb cites a survey by Sybase about the interest in smart phones for the workplace and its correlation to the iPad. But Westin says the iPad does have its own set of limitations that makes it an issue for development of enterprise security grade applications: The iPhone and iPad software has built-in PPTP, IPSec, Cisco VPN software . But more companies are moving to SSL VPN, which is not supported by the iPad. In time, though, a client should be developed for the product. The device may be able to access the domain, however it is different from being a domain member as an administrator cannot manage it, enforce group policies or push patches or apps to it. Westin is supported by other security experts who cite Apple's lack of interest in security issues: "The general consensus is that Apple continues to do only the absolute minimum to address enterprise security and supportability requirements," noted Andrew Storms, Director of Security Operations for nCircle. `We haven't seen any new enterprise iPhone security features from Apple since the summer of 2009 when they introduced their new hardware level encryption, which was almost immediately subverted. This is not the kind of behavior security professionals want to see in vendors.' Recent events seem to illustrate that point. Security researches were able to compromise a fully-updated iPhone 3GS at the recent CanSecWest Pwn2Own competition. Storms warned me "If the iPad has the same OS as the iPhone then enterprises are going to be even more concerned about the data on this device.' " Westin said it is the background processing in particular that makes the iPad less appealing for ActiveTrak. For instance, its application runs in the background on an Android device. An iPad, and for that matter an iPhone, does not provide that capability. His company does provide a free application for the iPhone. It's free but it can only be activated if someone turns it on. To maneuver around the issue, Westin said they disguise the app button as a Safari icon, which activates the application. That's when the tracking starts by triangulation techniques using WiFi and GPS. Westin is a fan of Apple. He uses a MacBook Pro. He says developer tools are better on the iPhone and it has a great community. But, Apple wants it all. It controls the hardware, the software and the content. That's a concern for the enterprise that wants to adopt the iPad. Such control over content is a problem as it gives Apple the power to wipe an application off a device without permission. That may seem unlikely in an enterprise setting but the possibility does lead to hesitation. Further, Apple may make great high end products for consumers but it does not have the equivalent of a Blackberry server that can control the device and its content. Instead, the individual must have a MobileMe account. This can become a coordination nightmare for IT if the enterprise has 5,000 people who need an iPad. Westin said ActiveTrak will wait until the iPad platfrom opens up more before developing. Discuss
Go here to see the original:
Is the iPad Secure Enough for the Enterprise?
Tags:
background,
Cisco,
device,
director,
enterprise,
iPad,
location,
mobile,
nyt,
power,
summer,
tracking
•
At 1:00 a.m. on Sunday morning I was doing routine maintenance on my personal Amazon Web Services account and instead found myself looking at something I had no right to be seeing: A database with 800,000 user accounts to the e-card site CardMaster.com . Along with that were the database passwords and back end of a major U.S. Public Broadcasting Service news show website ( Gwen Ifill's Washington Week ), including daily updates from panelists on the stories they cover. I wish I wasn't the person to find this. I founded one of Amazon's earliest dashboards. My consultancy is on Amazon's European Customer Advisory Board. But this highlights a significant issue in the cloud today: There is a whole new user profile acting as developer and administrator. We are becoming empowered with amazing tools - and being given enough rope to really hang ourselves. Sponsor Guest author Jonathan Siegel is a serial entrepreneur and founder of the cloud applications consultancy ELCTech.com as well as a handful of cloud startups. Jonathan's book, Electric Connections , is due out in June of this year. I am an early adopter, business builder and owner of a cloud consultancy. On Sunday morning I went to clear out my personal Amazon Web Services account of excess files after seeing huge usage numbers from a report by CloudSplit. For those technically inclined, I was clearing out my S3 buckets and moving the few files that I wanted to save into an EBS disk instead. My EBS disk ran out of space and I went to use a feature called EBS Snapshots. Snapshots are like a tape backup of your EBS disk drive. That's when I noticed something odd: My EBS Snapshot account was filled with hundreds of snapshots, when I knew I had only made a handful. I wondered, Why do I have access to these backups? Were these backups made by my teammates? Shared snapshots from Amazon? Or something else... What I saw were backups of Enron emails, a genomics database and then two made my stomach turn - a database for 800,000 user accounts to CardMaster.com and the database and site files for the Washington Week website. Yeah, the Enron emails are a non sequitur and the genomics database was likely meant to be public. But the other two, there's no way they were intended for the public, yet here they were - marked as public and available to me or any other Amazon cloud user. How Did This Happen? Amazon is the largest and longest running public cloud computing platform. It has pushed the boundaries of technology infrastructure for us users. In fact, it has given us tools that are more powerful than anything we previously had available in our own small datacenters. This is great, because before we needed to hire trained Cisco or NetApp administrators in order to do basic tasks as our websites scaled. This was expensive and added another step - a delay - to our deployments. Amazon's infrastructure commoditizes much of this technology into simple Web calls; paste some XML to Amazon and your website gets a full incremental backup to live-networked NAS. But as Stan Lee has warned us: With great power comes great responsibility. By giving programmers control of the network and storage, we've empowered developers to take on system administration chores. This power has come too quickly or is being digested too lightly - as my discovery has shown. In the case of PBS's Washington Week there was quick acceptance of the issue. "It was human error and nothing personal was exposed," said Kevin Dando, PBS's Director of Digital Communications. "Although we weren't aware of the issue initially, it was easily corrected. Because of Amazon's strong audit capabilities we could pinpoint the error and fix it quickly." Despite numerous attempts we were unable to reach CardMaster.com. This highlights a deeper issue in the cloud today: Despite what you may think, cloud security is not sexy. We are seeing products that address the baseline needs of cloud functionality, like Amazon's dashboard and the support sites for the cloud. They focus on the sexy: deploying mobile apps, auto-scaling, grid processing and other buzz-word-friendly features. But the dirty truth is that the cloud has a whole new user profile acting as administrator and needs a new set of tools and expectation management to ensure that little mistakes make little problems and not big ones. Remember: This is not something that Amazon did wrong. This is an intentional switch thrown by Amazon's users that allowed their data to be public to any other Amazon user. The users did not mean to hit that switch and it's unclear whether those users would have found this issue without my notification. This is the switch in Amazon's Web Console. It can be more subtle when packaged deep within cloud-assisting tools: And Why Me? A spokesperson for Amazon pointed out that snapshots were private by default and users must choose to share them. According to Amazon, "users understand this feature very well as this is no different than users explicitly choosing to share their data by any means." However, as we've seen, users are obviously making their data inadvertently public. Amazon said they were updating their documentation "to provide more explicit guidance on this feature," and that they would be "reaching out to the few who may be unknowingly sharing their snapshots." The question, though, is: Is it too easy to accidentally make your data public - and whose role is it to play data cop? This leads to me, at 1 a.m., and finding security leakage with Amazon's cloud customers while doing unrelated housekeeping. Look, I'm anything but an IT Security guy; I've got enough on my plate to worry about. For god's sakes, I have 6 kids! Moreover, I'm an outspoken supporter for moving companies to the cloud - and I exclusively recommend Amazon's cloud because of its reliability and features. Why is it me that finds this security issue - one that has been open since January of this year if the Snapshot dates are accurate. This tells me that there is a pattern about to be replayed: That the users on the cloud today are a motley crew. That we need more supervision and hand-holding - whether we like it or not. That powerful services like CloudKick and CloudSplit need to be encouraged to add security as a top-priority feature. And we need to budget for their services and embrace their boring, yet hyper-important role as perimeter guard and security inspector. If I were to try to keep this security problem in the bag - and avoid alerting the community - I would be fostering a sense of complacency that is antithetical to the marketplace needs. The cloud is so young that when we find a problem we need to admit it and find real, workable solutions. Since the cloud represents new ways of doing things, it gives us new ways of getting in trouble, and we need a lively forum for nipping these issues in the bud and laying a framework for ongoing success. What Now? If you are on Amazon's cloud, I can't stress enough that you need to immediately go to your AWS Management Console. Check at a minimum that your Snapshots, for every Region, are marked PUBLIC only if you mean them to be available to ALL other Amazon Web Services users. I've already checked mine. If you find data that you did not intend to make public, you need to engage your security team to remove the snapshots from the public and mitigate any data exposure. Hopefully this gets chalked on the wall as a lesson learned - and we continue our march to the cloud with a deeper appreciation of our security support needs. This isn't about calling people out. I work in the cloud and am passionate about its development. These mistakes could very well have been ones I made - or any other cloud user. To move the cloud forward we need to encourage a dialog about our new found power, new paradigms and new needs in the cloud. Discuss
Read the original here:
User Ignorance Causes Cloud Security Leak; Accounts, Passwords Revealed
Tags:
amazon web,
Cisco,
cloud,
data,
database,
digital,
director,
european,
Jonathan Siegel,
network,
person,
personal,
public broadcasting service,
security,
snapshots,
technology
•
Alfresco Software reported record revenues today, providing a signal that open-source technologies are a top choice for the enterprise as the economy moves out of the recession and cloud computing becomes more prevalent. Alfresco reported both record fourth quarter earnings and record revenues for 2009. Growth is up 61% compared to last year. We look at these results with a grain of salt but in Alfresco's case it increased its staff 29 percent and also added 300 customer, including companies such as Cisco, Merck and the U.S Department of Housing and Urban Development. Sponsor In an interview today, Alfresco's Ian Howell said the growth is coming from companies making the switch from document management platforms. Most of these document management companies have been acquired. And since most of those acquisitions, the market has changed. Open-source content management systems and Sharepoint have disrupted the market, providing a web oriented alternative to document-based, enterprise applications. The customer is also adapting to an open-source culture. Before, a customer would ask: Do i get source code? Do you support it or do I have to go the forums? Do you scale in an enterprise? Now, customers ask; How do I roll out? Do you offer 24/7 customer support? The infrastructure is there. The ISV market and partner networks for open-source companies is growing as are content applications for open-source enterprise technologies. Service organizations are a core part of the open-source ecosytsem. Further, how can proprietary technology have any role in a cloud environment? It's the economics that drive open-source adoption in the cloud. That factor alone is drawing the enterprise to open-source. And that means a bright future for open-source enterprise technologies from companies like Alfresco. Discuss
See more here:
Open-Source Success: Alfresco Software Reports Record Revenues
Tags:
Alfresco,
Cisco,
enterprise,
fourth quarter earnings,
housing,
Ian Howell,
interview-today,
open source companies,
open source technologies,
recession,
record,
reported-record,
such-as-cisco,
the-open-source,
U.S. Department,
urban
•
Today, Cisco announced the CSR-3 product , a game-changing system to managing the network core. But for CEO John Chambers, the news is about market transition forces and being ready for the next generation of the Internet. The company invested $1.6 billion research and development in CRS-3 to be ready for the next phase of market growth that merges video, cloud, and mobile trajectories. When asked, he said when his team looks out 3-5 years that network growth may be 300 to 500%. Cisco is investing that another revolution is on the way for consumer access and enterprise productivity. Sponsor Getting a handle on scale Cisco's fabric offers network speed never seen before. According it's' own estimates the CRS-3 could offer bandwidth for: Every man woman and child in China the ability to make a simultaneous video call. All movies ever made to be downloaded in 4 minutes (if you had enough disk to store them). 1 GB link to every household in San Francisco. Virtualization and Cloud: Moving from Plumber to Business Architecture The network has many touch points. Chambers said that this has been moving Cisco from being a technology partner to a trusted business partner for nearly all its enterprise and service provider accounts. He views this as a tipping point in how Cisco engages customers and innovates. To that end, the major market transformation underway in the cloud, and Cisco has positioned its network, including the CRS-3 to offer tight linkage between data center and virtualized services. Chambers mentioned "It's all about the cloud, the CRS-3 family talks directly to the UCS in the data center." To that end, it's nice to consider the end-to-end network being prepared for the connections in the data center, especially for physically distributed environments that benefit from fast links between them. Chambers continued: "We kept our partners VMware and EMC in mind in this solution, to be ready to fulfill our vision in the data center". Here it is a summary diagram on CRS-3 connects data centers. Service provider: Critical Network Backbone Keith Cambron, President and CEO, AT&T labs added. "AT&T was the first user of CRS-1 with it's 40 GB interfaces and have been using them to manage their network growth. We are testing the 100GB interface in the labs and real production environments." Chambers mentioned that Cisco's goal is to have long-term partners and to never compete with pervice provider. With a company like AT&T, Cisco's product goals are to help be ready for where things are headed, to be there when it's needed. Cisco does not want to be the bottleneck for the Internet. He continued "Service providers are our partners, if our goal is to bring this technology to everyone in the world, we must work in a tight fashion and follow the market transitions with them" Q&A Some of the best parts of this dialog was the question and answer session, a few excerpts below show the depth of thinking Cisco is moving forward with the intelligent network. Q : How does this impact the mobile data flow? A : The team was asked about how this innovation impacts consumers and the mobile data flow. Chambers added, "As a consumer, I want any video any time. To share it on any device in the living room and to bring it with me when I'm on the go. The network has an important role in enabling that future" Cambron spoke from AT&T's goals with this technology "It provides a single network design for around the globe. Particularly important for important customers who are using private networks and deploying mobile applications. A common network design that is highly video centric is central to our business" Q : Is Cisco an on open vs. closed company, will core innovations from CSR-3 be open source? A : Chambers responded "Interoperability is one thing we don't debate in Cisco. We believe we need to bring together all of these protocols into one network. We will of course be an open architecture." Q : What do you think about Google's service provide announcement? A : Chambers responded "Google is a great company. We love anyone who adds loads to networks. We think the question here is how do we find the "and" here and find ways to build load and also built great networks with the right partners." Q : Why is Cisco building in silicon? A : Chambers was excited to talk about how important silicon was to the company in the products. "Cisco's investments in ASICS has been a key part of many of the core products. The reason that Cisco does our own, is that silicon ties all of the key components together. Cisco had to change the way its working style to have a collaborative team to build this next generation of silicon." Cisco is in a unique position to see the future of bandwidth better than anyone. We wonder if Cisco will be rewarded for avoiding future network bottlenecks and propel the network forward with CRS-3? Discuss
Continue reading here:
Cisco in the Core: Preparing for the Next Generation Internet
Tags:
Business,
chambers,
Cisco,
innovation,
internet,
Keith Cambron,
mobile,
network,
news,
open-source,
plumber,
question,
technology