Blog by Mike Small

Blog
CESG Draft Cloud Security Principles and Guidelines
by Mike Small
UK CESG, the definitive voice on the technical aspects of Information Security in UK Government, has published draft versions of guidance for “public sector organizations who are considering using cloud services for handling OFFICIAL information”. (Note that the guidelines are still at a draft stage (BETA) and the CESG is requesting comments).  There are already many standards that exist or are being been developed around the security of cloud services (see: Executive View: Cloud Standards Cross Reference – 71124 ) so why is this interesting? Firstly there is an implied prerequisite...
Read More
Blog
Microsoft OneDrive file sync problems
by Mike Small
A number of users of Microsoft’s OneDrive cloud storage system have reported problems on the Microsoft community relating to synchronizing files between devices. So far, I have not seen an official response from Microsoft. This can be very disconcerting so, in the absence of a response from Microsoft, here are some suggestions to affected users. These worked for me but – in the absence of a formal response from Microsoft – I can offer no cast iron guarantees. What is the problem? It appears that files created on one device are synced to another device in a corrupt state. This only...
Read More
Blog
Cloud Provider Assurance
by Mike Small
Using the cloud involves an element of trust between the consumer and the provider of a cloud service; however, it is vital to verify that this trust is well founded. Assurance is the process that provides this verification. This article summarizes the steps a cloud customer needs to take to assure that cloud a service provides what is needed and what was agreed. The first step towards assuring a cloud service is to understand the business requirements for it. The needs for cost, compliance and security follow directly from these requirements. There is no absolute assurance level for a...
Read More
Blog
EU Guidelines for Service Level Agreements for Cloud Computing
by Mike Small
In a press release on June 26 th , the European Commission announced the publication of new guidelines “help EU businesses use the Cloud”.  These guidelines have been developed by a Cloud Select Industry Group as part of the Commission’s European Cloud Strategy to increase trust in these services.  These guidelines cover SLAs (Service Level Agreements) for cloud services.  In KuppingerCole’s opinion these guidelines are a good start but are not a complete answer to the concerns of individuals and businesses choosing to use cloud services. Cloud services are important as they...
Read More
Blog
AWS: Great Security but can you Trust a US Owned Cloud Service?
by Mike Small
Cloud computing provides an unparalleled opportunity for new businesses to emerge and for existing businesses to reduce costs and improve the services to their customer.  However the revelations of Snowden and the continuing disclosure of state sponsored interception and hacking undermine confidence in cloud service providers.  In this environment CSPs need to go the extra mile to prove that their services are trustworthy. In general there are two kinds of customers that are adopting cloud computing.  The first kind is the so called “born on the cloud” customers who are starting new...
Read More
Blog
IBM’s Software Defined Environment
by Mike Small
In IBM’s view the kinds of IT applications that organizations are creating is changing from internal facing systems to external facing systems.  IBM calls these kinds of systems “systems of record” and “systems of engagement” respectively.  The systems of record represent the traditional applications that ensure that the internal aspects of the business run smoothly and the organization is financially well governed.  The systems of engagement exploit the new wave of technology that is being used by customers and partners and which takes the form of social and mobile computing.  In IBM’s...
Read More
Blog
Card Clash on the London Underground
by Mike Small
Recently there have been posters in London Underground stations warning users of Oyster Cards - the Transport for London (TfL) NFC enabled electronic travel wallet - that there is a risk of “card clash”.  These posters warn that they need to keep other contactless NFC payment cards separate from their Oyster Card when they “touch in” on a bus to avoid the risk that the wrong card would be charged.  TfL will be rolling out the ability to use NFC enabled payment cards on the Tube (London Underground), Overground and DLR later in 2014, and this could lead to further problems.  The charges...
Read More
Blog
IBM Bets on the Cloud
by Mike Small
IBM has recently made a number of major announcements and these are linked.  In December 2013 IBM announced the acquisition of FiberLink a privately held mobile management and security company.  Then on January 23 rd it announced that Lenovo plans to acquire IBM’s x86 server business .  Lastly on February 24 th it made a series of announcements around its cloud offerings.   These announcements illustrate the changing way in which IT services are being delivered.  This is shifting from an in house model focused on improving the efficiency of internal processes to a more flexible one...
Read More
Blog
Cyber Security for the Citizen and SME
by Mike Small
This week the UK government launched the Cyber Street programme to improve the cyber security of UK residents and SMEs.  This is complemented by a Cyber to the Citizen initiative from the BCS – (The UK Chartered Institute for IT). The background to this is the continuing concern that most cyber-crime is opportunistic and could be prevented if people consistently took simple measures.  For example UK GCHQ estimates that 80 per cent of all cybercrime could be prevented by basic cyber hygiene measures, saving the UK economy billions of pounds annually. The campaign aims to increase...
Read More
Blog
Cloud Standards – Complex but not a Jungle according to ETSI!
by Mike Small
In September 2013 the European Commission (EC) published the strategy to “to create single set of rules for cloud computing and increase EU GDP by €160 billion annually by 2020”. This strategy identified a number of key actions one of these being “Cutting through the Jungle of Standards”.   Following a request from the European Commission, the European Telecommunications Standards Institute (ETSI) launched the Cloud Standards Coordination (CSC) initiative.  In November 2013 ETSI published its final report from the CSC initiative .    According to this report “the Cloud Standards...
Read More
Previous 4 5 6 7 8 9 10 Next