Quite simply, Cloud computing is a different way of getting technology services. There are two basic types of Cloud Computing, Public Cloud and Private Cloud. With the Private Cloud, all systems are owned by the same company receiving the cloud services. With a Public Cloud, the Cloud provider owns all the systems.

So with this background let’s get back to the question. What is the difference between Cloud Computing and Hosting? There are three major differences.

1) Hosting provides an infrastructure that typically does not scale easily. A company can run out of capacity (cpu, storage) and it would take several weeks to procure and install additional capacity. With cloud computing, the infrastructure scales to meet demands dynamically. (Yes Cloud computing does have limits to how much it can scale but it scales much easier than legacy hosting environments).

2) Cloud applications can be accessed from anywhere an internet connection is available. Legacy hosting applications typically are not Internet friendly and perform poorly over the internet.

3) As mentioned by others on this thread, applications are provided as a service. You pay for what you use. If you have 100 users, you only pay for 100 users. You don’t pay for any extra storage or extra servers in the data center that are not being used. You also don’t pay for staff to keep your data secure, you don’t pay to keep the servers patched and updated. You don’t pay for system monitoring or backups. All this is included in your base rate.

The three major advantages for using cloud services are scalability. If you need 20 development and QA servers for 3 months, the cloud can provide those to you within hours. Pay for them while you use them and when you are done, shut them down and you stop paying for them.

The second advantage is convenience. Users can access the applications from anywhere, from home, the office or while traveling.

The third advantage is financial. Companies don’t have to invest the financial capital to host their systems and pay for a large technical staff to maintain them. They could use that capital to invest in their core business to grow their core competencies instead. Additionally, their Technology budget is far more predictable. They know what their monthly charge will be and they won’t be hit with unexpected and unbudgeted costs.

I have seen this go both ways. If one leader who fully supports a project is replaced with a leader who has no interest in the project, you know your project is destined for problems and delays. Leaders who are not fully committed to a project are less likely to address obstacles or respond to escalations in a timely manner.

On the other hand, when an existing leader who is not fully committed to a project is replaced, I’ve seen where the leadership change put new life into a struggling project.

The key is to communicate (sell) the benefits of the project to the stakeholder and get their backing. Whether you are working with a leadership change or desiring one, you’ve got to sell the value of the project so that it becomes a high priority for them. Projects that have full leadership support are most likely to succeed.

First, let’s recognize that an outsourcing provider coordinates many diverse teams who work in a cooperative manner. Additionally many of these teams operate from different countries, time zones and languages. That being said we can start to understand the importance of this question. We must also recognize the business impact if the outsourcing arrangement fails. One doesn’t easily switch providers.

So how do you know which provider you can trust?  Here are my thoughts;

1) How long has the provider been providing outsourcing services? Is this a relatively new company or are they well established in the industry?

2) How many clients do they support and what is their contract renewal rate? (Do you have offices overseas that need support? If so, how many global clients does the outsourcing provider support?)

3) What is the process for your leadership team to engage the provider? Will there be a person assigned to respond to you or do you call an “escalation” number? How many clients is this person responsible for?

4) Do you have access to the providers Executive Leaders?

When it comes to trusting an outsourcing provider it boils down to two things.  First, there will be delivery problems. In many cases the low-cost providers that are so attractive will have staff located around the globe. Coordination and communication among these teams will affect the quality of service you get. The reality is that the lower cost provider will result in support problems down the road. Depending on the reduced cost to your company the support issues may be worth the savings.

Secondly, the trust issue will be determined by the people you interface with when problems arise. How responsive are they and how quickly can they deliver results?

If you have selected a provider who is well established and has a large client base with high renewal rates, and you have access to individuals including Executive Leadership, you should get speedy resolution to problems.  It’s through quick resolutions to issues where their trustworthiness will be determined.

I’m sure the Network Guru’s will cry foul at my comments here but basically both Ethernet and Leased Lines provide the same functionality. They both move data and voice from one site to another.
There are two serious considerations when choosing one over the other. Ethernet is a layer 2 network and for it to run across a WAN Transport Network additional integration is required. Nortel has products to do this. I’m not sure who else does.
The second consideration is availability of Ethernet. Ethernet is not readily available like Leased Lines are.
Your best bet is to get quotes for both. Each option has a sweet spot where one provides the better value over the other.
One final thing to consider when sizing circuits is WAN Optimization appliances. These devices compress the data before it gets transmitted across the WAN which means you may be able to get a smaller circuit. Wan optimization appliances can pay for themselves in less than a year by reducing the amount you pay for monthly circuit fees. This is something you should take a look at.

Planning and Execution are the two key disciplines in IT. We plan deployments and then we execute those plans.  During the holiday season these activities take a twist in many non-retail companies.  The only project “executions” that occur are the ones scheduled specifically for the slowest business cycle. All non-essential deployments are postponed due to year-end change freezes. However, in many companies, the Holiday season is the perfect time for IT Leaders to get their Roadmaps refined or developed.

In North America the Holiday season officially kicks off with Thanksgiving Day which is held the last Thursday of November. This is when things begin to slow down and continue to get slower and slower the closer Christmas Day approaches. Many non-retail businesses shut down altogether the week of Christmas. This is the time many employees take vacation, take longer lunch breaks to shop and many are at work but shopping online. Anyone who tries to get work done during the holiday season knows how difficult it is to make contact with fellow employees, vendors or sales reps. If they are not out of the office on vacation, they are out of the office otherwise.

For IT, the holiday season presents a change in attitude and deliverables. There is a moratorium for most project activity.  Only critical systems (those that cannot be shut down for long periods of time) are scheduled for upgrades or maintenance during the long Christmas Holiday. As the Holiday approaches, these project plans have been finalized and they are preparing for the execution of their critical projects.

For non critical projects implementation during the holiday season is almost impossible. Most non-retail companies have a system “change freeze” enacted during this time of the year. No changes are permitted to the infrastructure unless they are emergency changes. This it to ensure no changes are made that can inadvertently disrupt the systems during the critical year-end closure of the financial records. i.e. closing the books.

Since most employees are distracted with office parties, gift giving and other holiday festivities, IT leadership has two options, throw up their hands and count the holiday season as lost productivity, or they can engage in some productive activity such as assessment and planning for their IT organization. Ironically, the slow time for non-retail business is also the slow time for Technology Advisors and Consultants. There is no better time than the holiday season to engage your outside technology experts. Sit down with them and discuss what new and emerging technology is available to help your company. If you don’t have a Technology Roadmap, they can help you put one together. If you have one, they can help you refine it based on current trends, technologies and best practices.

As the Holiday season kicks into gear you don’t have to spend another season unproductive.  These next week’s can become the most productive time of the year as you develop and/or refine your direction for the upcoming year.

Merry Christmas and Happy Holidays to all.

Part 2: The technology

Technology is what enables IT to flex and adapt to ever changing business needs. Flexibility or agility, as it is often referred to, is the ability for IT to adapt quickly to changes. For example, if a company needs to add more functionality to an existing enterprise environment, the upgrade may exceed the capacity of existing hardware; you may need additional servers, storage and possibly additional tape backup capacity. There would be major technology purchases to support the uplifted systems. Plus there may be migration costs to migrate the existing application to the new hardware. Your company could spend thousands of dollars in systems, implementation and migration costs. And it would take months to implement between hardware delivery times, migration timelines, new application install/configuration and then turn over to operations.

In an Agile environment, additional hardware (processing, memory and storage) can easily be added to Blades/Virtual server environments. Additional storage can easily be added to storage arrays. This additional hardware would be significantly less than a full system upgrade and can be accomplished much quicker than with a legacy IT Infrastructure.

For IT to adapt quickly to changing business needs, IT must have an infrastructure that supports agility.

Today there are many IT options for new businesses. They can build their own IT systems in-house, they can Outsource and buy IT services from service providers or they can get services through cloud computing providers… Or they can do any combination of the three.

It all starts with defining business requirements and understanding the options available. Once this is done, it’s a matter of matching requirements to the available options.

One of the biggest factors to consider is the startup costs. Building your own IT systems require proper staffing (System designers/consultants, installers, System Administrators, etc) plus infrastructure costs such as hardware, software, maintenance, networking, security, redundancy, etc. By outsourcing to 3^rd party service providers you pay a monthly fee for the services provided. There is minimal capital investment…which can be very appealing to new companies.

Part 1:

The biggest challenge for IT to adapt to business changes is to change the IT culture in that company.  Too many IT organizations are “stuck” in a legacy mindset of providing traditional IT services. These services are rigid and in many cases unable to flex as business needs change.

For those who are open to adapting their IT to an Agile IT organization, it all starts with a plan. To be an Agile IT business partner you have to build an IT infrastructure that supports agility. That means you stop spending money upgrading legacy systems and redirect IT spending toward technologies that enable flexibility (agility).  Some key technologies that companies should be investing in are virtualization, blade server technology, SAN/NAS storage, Cloud Computing and I’ll even include Wan Optimization as key agility technologies.

But before you spend any money on new technologies, start with a plan.  Determine what technology your company can most benefit from and put together a plan that would take you there. It will take a few years to transform into an “agile” IT so a plan is absolutely necessary. Get that Agility Roadmap defined before you spend any more IT dollars.

Most Consultants will tell you that business drives technology. They’ll say IT must change and adapt to business needs.  Although there is an element of truth here it is not the complete truth.

There must be two-way direct communication between business and IT. Business must communicate their upcoming needs to IT. Notice I say upcoming needs and not immediate needs. Business has to realize it takes time to develop the right solution for the business and time to design, test and build the solution to support the business needs.

However, IT must also communicate to business the capabilities of new technologies. Some technologies of the past were cost prohibitive for small and mid-sized companies. Today they are quite affordable and should be presented as options for business.

One example would be site replication or simple clustering of virtual servers. These redundant systems that once were unaffordable with older technology, is now easily justified. Unless IT communicates what technology is available (and affordable) to business the business will not adapt to utilize the new, affordable capabilities.

The best way I have found for business and IT to communicate is through Steering Committees. These committees can meet monthly or quarterly to review upcoming business needs. At these meetings, IT should present new technologies available to support the business. Together they can define priorities and work together to support common business goals.

The CBS Evening news recently broadcast a story called “Copy Machines a Security Risk?” The information presented in the story was alarming to say the least but CBS only scratched the surface of the story. For companies who rely on securing confidential and proprietary information from competitors or hackers, there’s much more you need to know about the inconspicuous digital copier. In this article we’ll look at five areas where confidential information may be compromised.

If you haven’t seen the CBS story please click on this link and view the five minute broadcast before you continue with this article.
www.cbsnews.com/video/watch/?id=6412572n&tag=api

In addition to the risks presented by the CBS story here are 5 additional areas where copiers can compromise your security.

1. Many digital copiers are also network printers that store network information such as IP addresses, subnet masks and gateway IP’s. These settings are not stored on the hard drive and are not cleared by the digital copier “Purge” feature. Network settings must be manually cleared. Security experts will tell you to keep your network configuration private. You don’t want competitors or hackers to know your internal network configuration. The more information about your network infrastructure that’s accessible to hackers the less they have to figure out on their own and the sooner they can compromise your network.

2. Many digital copiers store the IP addresses of your DNS servers and/or Domain controllers. Depending on the type and model of your copier, this information may not be cleared by your copier “purge” function. You definitely don’t want competitors or hackers knowing the IP addresses of your Name Servers or Domain Controllers.

3. Many digital copiers store email addresses and some even download your entire Email Global Address List to the copier. Again, you don’t want this to be accessible to those outside your company.

4. The “purge” function used by older digital copy machines doesn’t delete any data from the copier hard drive. It only renders the data inaccessible to the copier software. It either deletes a file we techies would call a “file allocation table” or it will use other tactics to render the data unreadable to the copier software. The “Purge” button merely gives an allusion the disk has been cleaned. However, the data is still there and can be removed as shown on the CBS story. Most copier security policies rely on this built-in Purge function and think their data is cleared. It is not cleared. It can still be accessed with free scanning tools available on the internet.

5. If your copier has a fax capability, the copier also stores all the phone numbers it dialed and numbers that dialed it along with any information you provided in your Fax phone book. Again, the “Purge” function will not clear this information.

One of the biggest obstacles surrounding this whole issue of Copier Security is the apathy and ignorance of the manufacturers. Most copier technicians today still believe the built-in Purge function deletes all information on the copier. To make matters worse, most copier technicians don’t know where the different type of information is stored. Some data is stored on the hard drive, some data in flash memory, and some data is stored in firmware. Sensitive information is stored in different places depending on the manufacturer and model of copier. Just when you think it can’t get worse. Let me drop the final shoe. There are no utilities that will scan a copier and certify that it has been completely purged for older digital copy machines.

As I mentioned earlier, this CBS news story only scratched the surface of the real risks associated with digital Copier Security. The Copier Security pioneers who were interviewed in the CBS story, Digital Copier Security inc., have done extensive research on these security risks and are working to provide services and resources to help companies thoroughly purge their older copy machines. I applaud Digital Copier Security for bringing this issue to the attention of Corporate America and for working diligently to address this significant security hole.

I encourage the Copier industry to take responsibility for ensuring new copiers have the capability to purge themselves of all sensitive information and to provide a certification report indicating what has been purged. This should be a standard feature on all Digital Copiers and not an add-on feature that comes at an additional cost. Additionally copier technicians should be trained to thoroughly purge all Digital Copiers.

Until such a time, Corporate America must take necessary steps to ensure their own safety. They must ensure they are not exposing themselves to unnecessary security risks or even breaking Privacy Laws. Digital copiers must have processes defined (and documented) that ensure appropriate actions are taken before copiers are released to third parties.