Click here to close now.




















Welcome!

OpenStack Journal Authors: Liz McMillan, Glenn Rossman, Elizabeth White, Dennis Griffin, Trevor Parsons

Blog Feed Post

Building Secure Cloud SaaS Applications – VMware special, part 3

vmware2This post  is sponsored by the VMware Online Forum 2013.

This part three of our VMware series will build on the second article that introduces Rackforce, one the Cloud providers implementing VMware technologies.

Enterprise SaaS Enablement

With this platform in place we can look in more detail at how organizations might approach the apps strategy that they run in these environments, under a headline banner of ‘Enterprise SaaS Enablement’, referring to transforming traditional software apps to run in a Software-as-a-Service mode.

Typically this is when it is for a commercial venture, to literally sell the software as a service, but increasingly it will also become a new practice within enterprise architecture, a means of improving how corporate IT delivers apps to users.

This is because the enterprise adoption of Cloud computing can mean both outsourcing to third party suppliers like Amazon, but also via their Private Cloud strategy internal adoption of the architectures of Cloud computing as well.

This means SaaS and PaaS, as well as the infrastructure/virtualization aspects of IaaS that are common to most Private Cloud scenarios. These layers are less common, where they impact more upon how software programmers work through new shared service architectures at the app layer.

From virtual appliances through full SaaS-enablement toolsets there are a range of ways enterprises can improve their software practices, with the core idea being benefiting from the best practices SaaS vendors have developed through running very large-scale, high availability web applications.

VMware has a comprehensive PaaS strategy built on their Cloud Foundry platform, and culminating in the launch of a dedicated joint venture with EMC called Pivotal. (learn more at the VMware Online Forum 2013.)

This two-pronged approach is key to unlocking the full transformational power of Cloud Computing, where the organization leverages both i) scale: using Cloud providers like Amazon to tap into a new low-cost capability for IaaS, and also ii) utilizing principles like SaaS enablement to re-architect applications to better make use of this resource.

Cloud Security and service catalogue standardization

One simple way to adopt this powerful business improvement is via the ongoing development of the enterprise service catalogue, introduced in the previous articles.

Not only does this provide for the core IT automations that are one of the benefits of Cloud, but this automated deployment is achieved through templates of repeatable IT configurations. Building up this inventory can be driven by a process of setting enterprise-wide standards for Private Cloud SaaS. Which authentication modules to use, and so on.

This kind of standardization effort can better consolidate and manage the IT estate, and also can manage the use of third-party vendors as part of this process, so that these standards can address key areas like Cloud Security.

vmware-vapp3VMware has an extensive partner portfolio who add value to the core suite – For example Canadian supplier AFORE offers a range of tools for Cloud Security Management, specifically intended to address securing sensitive cloud data in a multi-tenant environment when customers share application and server infrastructure, and how can security deployment be simplified so applications, virtualized workloads and hardware don’t need to be modified – often this is onerous if not impossible in cloud environments.

AFORE’s CloudLink® Secure VSA encrypts mission-critical data in motion and at rest across public, private and hybrid clouds by providing a secure software-defined storage layer between virtual machines and cloud storage infrastructure.

  • Agentless, storage infrastructure agnostic security solution – no need to modify applications or workloads

  • Full control by enterprises over security policy and key management of encrypted data in the cloud

  • Enable multi-tenant security by creating per tenant virtual storage and encrypted with tenant controlled encryption keys.

  • Unsurpassed deployment flexibility including multi-tenant virtualized private, hybrid and public cloud environments and the ability to span heterogeneous storage servers with one CloudLink management console

  • Easy adaptability for ANY IaaS clouds (VMware, CA, Amazon, Microsoft, OpenStack, CloudStack, etc) and support self-service and elastic nature of these cloud services.

  • AFORE’s CypherX secures sensitive data in hosted VDI and application stacks from cyber attackers, malicious insiders and cloud administrators. It seamlessly and efficiently places apps in secure virtual containers, encrypting and managing access to all data.

    • App Lockdown creates a secure virtual container for applications, protecting network, storage and inter-process communications with application-level granularity

    • CypherZones extend data security between groups of protected applications, allowing a complete application stack or workgroup environment to be protected.

    • Centralized control of security policy and encryption key management across many virtual machines

    • Complete end-user transparency

    • Traceability via tamper-proof audit logs that detail who/what accessed protected data, when and from where

Conclusion – Securely enabling Enterprise Agility

The key to any strategy intended to unlock better ‘enterprise agility’ is to empower employees and partners more and more.

A twin strategy of PaaS standardization and improved Cloud Security will enable IT development teams to work faster and do so by leveraging a wider range of productivity boosting Cloud services, all in a manner compliant with the organizations information security policies.

vmware2This post  is sponsored by the VMware Online Forum 2013.

The post Building Secure Cloud SaaS Applications – VMware special, part 3 appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

@ThingsExpo Stories
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
Akana has announced the availability of the new Akana Healthcare Solution. The API-driven solution helps healthcare organizations accelerate their transition to being secure, digitally interoperable businesses. It leverages the Health Level Seven International Fast Healthcare Interoperability Resources (HL7 FHIR) standard to enable broader business use of medical data. Akana developed the Healthcare Solution in response to healthcare businesses that want to increase electronic, multi-device access to health records while reducing operating costs and complying with government regulations.
SYS-CON Events announced today that the "Second Containers & Microservices Expo" will take place November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevOps to advance innovation and increase agility. Specializing in designing, imple...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes about through a Communications Platform as a Service which allows for messaging, screen sharing, video...
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
In his session at @ThingsExpo, Lee Williams, a producer of the first smartphones and tablets, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. He will explain how M2M controllers work through wirelessly connected remote controls; and specifically delve into a retrofit option that reverse-engineers control codes of existing conventional controller systems so they don't have to be replaced and are instantly converted to become smart, connected devices.
The Internet of Things is in the early stages of mainstream deployment but it promises to unlock value and rapidly transform how organizations manage, operationalize, and monetize their assets. IoT is a complex structure of hardware, sensors, applications, analytics and devices that need to be able to communicate geographically and across all functions. Once the data is collected from numerous endpoints, the challenge then becomes converting it into actionable insight.
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and analyzed? As an area of investment, how might a retail company move towards an innovation methodolo...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Treloar, President and COO of Bebaio, will explore examples of brands transforming their businesses by t...
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of technology leadership, Micron's memory solutions enable the world's most innovative computing, consumer,...
Contrary to mainstream media attention, the multiple possibilities of how consumer IoT will transform our everyday lives aren’t the only angle of this headline-gaining trend. There’s a huge opportunity for “industrial IoT” and “Smart Cities” to impact the world in the same capacity – especially during critical situations. For example, a community water dam that needs to release water can leverage embedded critical communications logic to alert the appropriate individuals, on the right device, as soon as they are needed to take action.
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on demos and comprehensive walkthroughs.
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
With the Apple Watch making its way onto wrists all over the world, it’s only a matter of time before it becomes a staple in the workplace. In fact, Forrester reported that 68 percent of technology and business decision-makers characterize wearables as a top priority for 2015. Recognizing their business value early on, FinancialForce.com was the first to bring ERP to wearables, helping streamline communication across front and back office functions. In his session at @ThingsExpo, Kevin Roberts, GM of Platform at FinancialForce.com, will discuss the value of business applications on wearable ...
As more intelligent IoT applications shift into gear, they’re merging into the ever-increasing traffic flow of the Internet. It won’t be long before we experience bottlenecks, as IoT traffic peaks during rush hours. Organizations that are unprepared will find themselves by the side of the road unable to cross back into the fast lane. As billions of new devices begin to communicate and exchange data – will your infrastructure be scalable enough to handle this new interconnected world?
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of IoT applications and projects. Business operations, IT, and data scientists need advanced analytics t...