Author Archive for Kevin Van Mondfrans

Page 2 of 2

Facing the Facts: How to Avoid Cloud Security Risks

Published on September 20, 2012 in Cloud Computing and Security. Closed
Posted by Kevin Van Mondfrans

Cloud Security Risks Despite increasing adoption in cloud computing, many companies are still hesitant about making the leap to the cloud due to concerns about security. In fact, a recent cloud computing survey revealed that security and compliance are the top inhibitors for cloud adoption.

But when you take a look at some of the statistics around security and compliance, it’s hard not to blame them:

69% of cloud providers do not feel that security is their responsibility
The cost of non-compliance is 2.65 times higher than the cost of compliance
More than 22.9 million records were exposed in 2011 due to external hacking (ITRC)
80% of unplanned outages are due to ill-planned changes made by operations staff or developers

These type of numbers make it all the more understandable why many companies are still under the perception that clouds are not secure enough for demanding e-business applications, especially ones handling sensitive client data.

However, as the last stat above reveals, much of the risk comes from a lack of expertise or dedicated resources to fully commit to knowing the ins and outs of not just cloud computing, but security and compliance as well.

Looking to fill that gap, we recently launched a next-generation suite of secure eBusiness Cloud Services, so that companies no longer have to worry about compliance and security in the cloud. We’ve seen too many companies risk noncompliance as a result of lacking standard security best practices and tools to manage their cloud environment. On the other hand, there are also companies spending unnecessary amounts of time, money, and resources to manage compliance when they should be focusing that attention towards innovation and growing their business.

Different companies have different needs, which is why we realize the importance of flexibility as well. Whether a customer needs just one server with iron-clad security or a robust and scalable enterprise wide system, our eBusiness Cloud Services are designed to provide a solid foundation of protection for a wide range of use cases. By using standard builds, we find it helps minimize risk of unintentional errors or noncompliance. Of course, spending time to understand various vertical markets, and making sure we understand the unique industry challenges and regulations (such as PCI and HIPAA) also play an important role in accomplishing that as well.

Compliance is a daunting task in itself. And when you add cloud computing to the equation, it can get even more complicated, time-consuming, and in turn, expensive. If you’d like to learn more about what options exist to secure a cloud and how you can ensure compliance in the simplest, most cost-effective way possible, check out our latest white paper: “Riders on the Storm: How to Reduce Risk and Ensure Compliance in the Cloud.”

Image Credit: FutUndBeidl

About the Author: As Vice President of Product Management at Layered Tech, Kevin Van Mondfrans (@VANMONDFRANS | +Kevin Van Mondfrans) is responsible for driving the Layered Tech portfolio of infrastructure as a service (IaaS) and managed service offerings. With more than 20 years of experience product development and marketing, Kevin has been delivering innovative computing, storage, cloud and service offering with companies such as HP, Dell, and Savvis.

Evolving Cloud Services for Changing e-Business Needs

Published on September 11, 2012 in Cloud Computing. Closed
Posted by Kevin Van Mondfrans

We will shortly launch Layered Tech’s new eBusiness Cloud Services, designed to guarantee compliance and deliver managed security in a range of cloud computing environments. Over the course of developing these new solutions, there were a number of lessons learned that we believe led us to build a better cloud for complex e-business applications. Here are a few we’d like to share:

Leverage best practices. Looking back three or even just two years ago, it completely made sense to build your own cloud operating system – there was nothing mature in the marketplace. But today, companies like VMware, Citrix, and a handful of others have eliminated that need by developing the cloud OS for you. Companies that choose to build their own cloud end up stuck, spending much of their time maintaining and managing that cloud; whereas others who leverage industry best practices and proven technologies have a lot more agility and time to develop more value beyond simply making the cloud work.

Listen to the customer. Having a cloud portal for the sake of having one will not get you anywhere. Providing the ability to provision compute, storage, and virtual firewall protection is nothing special. To really create a valuable cloud portal with market-leading capabilities, you need to understand specific customer use cases – whether that’s providing custom development capabilities or additional layers of security for customers that are especially sensitive about their mission-critical production environments. We spent a lot of time talking to our customers to make sure our cloud portal addresses each and every one of their needs.

Make it portable. Rather than build out a new set of tools and processes each time you prepare for an audit, we’ve learned that the best way to ensure compliance and keep costs down is to develop a standard set of rules and templates that can be used in similar audit situations. By eliminating all of the discovery that typically needs to take place during the initial stages of an audit, this helps the customer save money and makes the audit go smoother.

Experience pays off. The more you do something, the better you get at it. This may seem like an obvious one, but it’s something that rings true the longer we’re in this business. Over the last eight years, Layered Tech has continued to expand its client base. As a result, we’ve dealt with the majority of assessments and auditors out there; and in all instances, we’ve passed every audit, which is why we feel confident when we say that we’ll give customers a 100% compliance guarantee.

We have applied what we’ve learned towards building the next generation of our secure cloud offerings. Building on our core competencies in complex managed hosting and secure, compliant hosting services, the Layered Tech eBusiness Cloud portfolio is designed to provide greater cloud benefits and more robust support for our customers’ mission-critical applications. This new cloud platform extends what we have been doing for years to create a more agile and responsive model for our customers.

Direct feedback is welcome. Our cloud developers and I are eager to listen. Please join our LinkedIn discussion to share questions, concerns and ideas.

Should you redesign an app for the Cloud?

Published on August 28, 2012 in Cloud Computing. Closed
Posted by Kevin Van Mondfrans

I recently visited with SearchCloudProvider’s Dina Gerdeman about 3 important factors to consider when weighing the options of migrating/redesigning for the Cloud. Read the full article here: Cloud application architectures: When to redesign an app for the cloud

Take a Sneak Peek at our Next-Gen Secure Cloud

Published on August 23, 2012 in Cloud Computing, Compliant Hosting and Security. Closed
Posted by Kevin Van Mondfrans

We will be announcing a next generation secure cloud platform shortly. I want to give you some insight of our thoughts around cloud and security.

Secure Cloud Platform Sneak Peek Customers are often faced with choosing between greater business agility or highly secure and compliant-ready environments. We do not think this is a fair trade-off. No customer should be forced to forgo the full promise of cloud to achieve running in a secure and compliant environment. Nor should a client need to sort through piles of log data to keep themselves compliant when outsourcing to a cloud service provider. We are addressing this very quandary.

Our next generation Cloud Data Center enables customers the full benefit of running critical workloads with sensitive personal information and financial data in a self-service secure cloud environment. Security and transparency is inherent in what we do. The Layered Tech cloud platform supports customers desiring to run in a cloud that is managed to accommodate PCI DSS and HIPAA compliant hosting requirements. Our cloud makes it easy to add the necessary tools, processes and management to run in a secure environment and to achieve and pass compliance, guaranteed. We have automated over 200 steps to deliver full compliant cloud data center environments and virtual machines, in just a few mouse clicks.

Despite the focus on security, you do not need to have a compliant application or workload to run in the Layered Tech Cloud Data Center. Our next generation cloud will enable a variety of production and test/development use cases. Customers will be able to choose managed services that range from basic server and URL monitoring/alerting to proactive managed support. We built this flexible management model to enable customers with transient workloads and elastic capacity to add compute resources on an hourly basis in completely self-service model. We also enable cloud for clients who desire a managed support model to assist with complex and hybrid environments and we can provide managed support up the stack including web servers, middleware and databases. While the customer has self-service controls and visibility, Layered Tech offers layers of management to help maintain and manage client environments.

There has been significant development focus on automation of security and compliance; there has also been an equal focus on delivering a secure portal and API that will enable a breadth of self-service capabilities well beyond cloud data center provisioning and VM life-cycle management. All of this automation along with our managed services offers customers the ability to achieve a higher level of assurance and agility to run their important workloads in a cloud.

Stay tuned for more details upon our launch of this next generation secure cloud platform.

CA Announces AppLogic 3.0

Published on July 27, 2011 in Cloud Computing, Grid Computing, Hosting Industry, Industry Events, Infrastructure and Strategic Partners. Closed
Posted by Kevin Van Mondfrans

This week CA Technologies announced Applogic 3.0. This comes after VMware announced vCloud Director 1.5 and Citrix acquired Cloud.com. This was an exciting month of events for the leading Cloud OS platforms. This is interesting to Layered Tech and our customers because this illustrates the rapid maturing of cloud platform technologies. It exemplifies that these technologies initially targeted to service providers like Layered Tech are also adopting many of the capabilities enterprises are looking for to build out private, hybrid and secure multi-tenant cloud environments.

Today, Layered Tech utilizes both CA Technologies AppLogic and VMware vSphere to provide unique multitenant and private cloud services to our customers. We have long standing relationships with both companies and are one of the original adopters of 3Tera AppLogic before server virtualization, orchestration and automation was called Cloud. As one of the early adopters of the AppLogic 1.0 platform, we have a unique insight and relationship with CA Technologies. I would like to share a few thoughts regarding the latest release.

The CA AppLogic 3.0 cloud computing platform continues its focus to innovate on the application deployment layer with its intuitive drag and drop application deployment interface. The visual interface, which is the hallmark of AppLogic, continues to differentiate this platform from the others. AppLogic enables complete deployment of entire application environments including virtual load balancers, firewalls, web servers, application server and databases in a single motion.

Among significant new enhancements, AppLogic has added the capability to support:

1) vLAN tagging to further enable private networking and VPN;

2) Role-based user access to further separate observers, operators, admins and owners access levels and to improve security;

3) Support of OVF (Open Virtualization Format) standard to facilitate the import of Xen and VMware workloads from outside the Cloud;

4) Enhanced cloud operation with the global fabric controller to further automate the maintenance and addition of resources and the enrichment of usage metering capabilities

These are interesting enhancements, and enable a broader set of use cases for our customers with privacy requirement and who want to migrate VMware and Xen environments to the cloud.

Our broad portfolio of managed hosting services includes on-demand multi-tenant cloud services, dedicated virtual and physical environment, and compliance services. With the AppLogic platform we offer Virtual Private Servers (VPS) which is a multi-tenant public cloud with on-demand user portal, and Virtual Private Data Centers (VPDC), which are dedicated cloud environments and give you complete customization and admin access. In addition, we offer additional cloud services to meet enterprise high availability and compliance challenges.

Layered Tech applauds the advancements by CA Technologies, VMware and Citrix and we remain dedicate to offering the latest best of breed technologies with excellent service and support.