According to Getronics, HeleCloud is one of the fastest growing start-ups in the UK.

Together, the pair will focus primarily on European customers in the retail, tourism and transport, financial services and healthcare sectors.

With HeleClouds technical knowledge and experience with AWS, both firms will create solutions designed for each vertical sector. Offerings include Technology Consulting, Managed Services, and Technology Training.

Technology offering will be delivered from the new Cloud Centre of Excellence, which is organised to seven areas of competence, including – cloud roadmap and migration, cloud security, compliance and governance, business continuity and disaster recovery. Services for data analysis, infrastructure, and technical design are also among the services offered.

Microsoft Azure

In addition to offering the AWS services, the company remains a partner of Microsoft Azure, serving customers committed to Microsoft technologies or intent on establishing a multi-vendor presence.

Getronics also provides private and hybrid and cloud solution its own private cloud platforms in 19 data centres in Europe.

The post Getronics and HeleCloud partner to deliver AWS appeared first on DevOps Online North America.

The company said in a press release last Friday (April.26th) that the AWS DevOps Competency program recognises SAIC’s commitment to helping customers automate cloud infrastructure management functions and simplify continuous integration and delivery processes.

DevOps teams help transform software development life cycles to deliver secure application lifecycles to deliver secure applications, instill collaborative software and IT teams, and automate continuous integration and continuous delivery pipelines using AWS and AWS developer tools.

“We are excited to achieve AWS DevOps Competency status, which recognises our continued commitment to helping our clients adopt cloud technologies and DevOps practices with a combination of our process know-how and AWS reliable services,” said Coby Holloway, SAIC vice president of Enterprise IT.

“We help our customers achieve their digital transformation goals by providing some of the best cloud technology solutions using AWS cloud services.”

SAIC, a member of the AWS Public Sector Partner program, is an authorised and government reseller and has previously secured AWS Government Competency status.

The post SAIC secures AWS DevOps Competency appeared first on DevOps Online North America.

AWS Outposts platforms will bring AWS cloud software on-premises.

AWS Outposts will allow customers and enterprises to run compute and storage on-premises, using the same native infrastructure used in the AWS cloud.

The company said that there will be two options available at launch in 2019, including a version that will operate AWS cloud services natively, while the second option will run the VMware Cloudon AWS.

The VMware Software Defined Data Centre (SDDC) will deliver compute, storage, and networking infrastructure on-premises, and is managed as a service from the same console as VMware Cloud on AWS.

In 2017, AWS collaborated with VMware Cloud to introduce the VMware cloud on AWS, giving a number of companies who are on virtualised VMware the ability to use VMware tools and “manage their infrastructure on AWS”.

For customers who prefer to use the same API, and the same hardware on-premises, they will be able to use a AWS native variant of AWS Outposts, the statement read.

“These customers will have the opportunity to run other software with native AWS Outposts, starting with a new integrated offering from VMware called VMware Cloud Foundation for EC2, which will feature popular VMware technologies and services that work across VMware, and Amazon EC2 environments, like NSX, VMware AppDefense, and VMware vRealize Automation,” the company explained in a statement.

“Customers are telling us they don’t want a hybrid experience that attempts to recreate a stunted version of a cloud on-premises, because it’s perpetually out of sync with the cloud version and requires a lot of heavy lifting, managing custom hardware, different control planes, different tooling, and manual software updates.”

It went on to further explain: “There just isn’t a lot of value in that type of on-premises offering and that’s why these solutions aren’t getting much traction.”

The post Amazon web services brings on-premises IT with AWS Outposts appeared first on DevOps Online North America.

Data from Link11’s Security Operation Center (LSOC) shows that a quarter of all DDoS attacks in Europe in the 12 months from July 2017 to June 2018 used public cloud server-based botnets, compared to 18.5% in the previous 12 months – a 35% increase.

During the 12 months to June 2018, Microsoft Azure was the cloud service most exploited for DDoS attacks, with 38.7% of such attacks using Azure servers on average.

Amazon Web Services (AWS) was used in 32.7% of attacks on average, and Alibaba servers used in 17.9% of attacks. Google servers were abused much less often, used in only 10.7% of attacks.

Cloud server-based botnets

According to Link11, public cloud server-based botnets are the ideal platform for launching DDoS attacks.

Cloud instances generally offer bandwidths of between 1 and 10 Gbps, enabling attack volumes which can be as much as 1000 times higher than is possible with individual compromised devices such as home routers or IoT cameras.

The LSOC reported that the peak attack volumes of these cloud-based attacks exceeded 150 Gbps in May. Cloud servers provide memcached or SSDP services, which amplify attack volumes.

Aatish Pattni, Regional Director UK & Ireland, Link11, comments:  “The people behind DDoS attacks are embracing the use of public cloud services for the same reasons as legitimate organisations: the services provide flexible, on-demand capacity and resources, and can be provisioned in just a few minutes.

Threat actors

“For threat actors, the benefits are even more compelling because they will often use stolen credit card details and false identities to pay for the services. This makes the perpetrators almost impossible to trace, even though providers such as Amazon are taking strong action against misuse, and asking users to report any suspected abuse of their services.”

To protect against DDoS attacks launched using public cloud services, blocking traffic from these services is not an option for many organisations because they will already be using the public cloud as part of their own IT infrastructures.

Data traffic

Instead, organisations should analyse in detail the communication between public cloud services and their own network, and monitor for malicious or unwanted traffic.

Ongoing analysis of data traffic, using machine-learning techniques, enables legitimate traffic to be profiled and fingerprinted, so that any changes can be detected quickly and reliably.

The malicious traffic can then be filtered out in a granular manner before it can impact the organisation’s business, without blocking legitimate traffic.

Written from press release by Leah Alger

The post DDoS attackers increasingly abuse public cloud services appeared first on DevOps Online North America.

Olson estimates Amazon’s ad business to grow US$16billion in 2021 while believing Amazon Web Services will reach US$15billion.

He also says the American electronic commerce and cloud computing company’s market share is “well above 50%”, according to CNBC. This theory came to light over Amazon’s ad business sales growing 72% in its second quarter.

“While the Street has been focusing on the trajectory of core retail, the growth of AWS and new categories such as grocery and pharma, Amazon’s advertising business has been quietly growing into a massive driver of current and future profitability,” Olson said in a note to clients Monday.

“By 2021, we believe it is likely that advertising operating income will exceed AWS. Investors should be focused on Amazon advertising now; this is a major driver of results and valuation today and continuing in the coming quarters and years.”

He also notes to CNBC that “advertising will be a driver to watch, as the retail industry continues to live or die by the shift to direct-to-consumer and digital channels”.

Written by Leah Alger

The post Amazon adverts to excel cloud computing market share appeared first on DevOps Online North America.

For Varma, a typical work day is packed with governance meetings and working towards managing stakeholder expectations and solution options to address customer requirements. Most of his clients use different cloud offerings from Microsoft and AWS.

“When it comes to productivity, Microsoft takes lead with their office 365 cloud offering. AWS is generally used when it comes to Linux and Java combination of deployment. When using Windows.Net and SQL server, clients tend to use Microsoft Azure because they are basically Microsoft offerings – deploying them in Azure gives an edge in terms of cost, ease of deployment, upgrades, etc.,” says Varma.

In the last 5 years, Cloud has evolved a lot and service providers have implemented a lot of controls to secure client services in the cloud. By opting for cloud-based IaaS, PaaS, SaaS solutions, customers are able to keep their infrastructure up-to-date and upgrade/migrate the same with ease

Useful tips for implementing the cloud

“One very important thing is to not implement solutions on the cloud with a traditional mindset. Many clients are surprised when they see their first bill because they ‘lift and shift’ the infrastructure,” comments Varma.

“Remember, the cloud is highly elastic in nature and you can scale up and when you require. So, implement the minimum infrastructure needed and scale it based on load. That’s the secret to success in the cloud!”

According to Varma, the following tips help secure data in the cloud:

• Focus on entry and exit points in terms of network connectivity. Wherever possible, use private connections such as Microsoft express route, AWS direct connect.
• In terms of cloud application connectivity, always encrypt the data in transit using SSL.
• Ensure you implement least privileged and conditional based access to cloud administrative portals such as the Azure portal and AWS management console.
• Implement RBAC access in providing access to cloud resources. Segregation and isolation of the resources using resource groups, virtual networks is key!
• Utilise the security monitoring tools provided by cloud services provider to monitor the solution. Most of the basic functionality is free, such as Azure’s security centre.
• In general, always divide the security focus areas into a matrix where rows are networks, compute, storage, applications, databases and columns are data encryption at rest, encryption at transit, authentication and authorisation etc; this will allow focussing on each security cell.
• Carry out security risk assessment during the design phase to ensure the design has the appropriate security controls in place to mitigate possible risks.

Nevertheless, problems can arise when storing data in the cloud. “Services & data in the cloud is accessible from the internet. Unless proper controls in place, your users can access and download the data from anywhere in the world,” warns Varma.

Cloud storage security

“The majority of clients require their data to be encrypted in the cloud. Although cloud supports ‘bring your own key’ options, these encryption keys are stored in cloud providers key vaults. So, there is a very narrow chance that cloud providers can access those keys and decrypt the data. It’s also vital to note that cloud providers have very strict governance and accreditations in place to mitigate the same.”

Cloud providers generally keep their cloud services up-to-date with advancements in technology, according to Varma. “On the other end, many of the clients’ data centres he has worked with in the past have out-of-date IT infrastructure systems & applications which takes a lot of time and money to replace and are prone to attacks”, he adds.

Varma also advises that you must ask your service provider the following questions about cloud storage security:

• What is the authentication and authorisation approach to cloud services?
• How do you implement access controls for cloud services?
• What’s the approach to secure transit and rest data?
• What is preventive security monitoring are in place against risks and threats?
• Are their solution adheres to such as cyber essentials, cloud security principles, ISO 27002?

Written by Leah Alger

The post Secrets to securing data in the cloud appeared first on DevOps Online North America.

Earlier this year, Spotify signed a contract saying it is to spend a minimum of US$447million on Google’s Cloud Platform in its first three years of service.

The music, podcast, and video streaming service also revealed last month that it’s to move all of its data to Google Cloud.

Cloud revenue

Similarly, last year, Snap said it would spend US$2billion over five years on Google’s Public Cloud services, or around US$400million per year.

Despite this, Spotify said it will pay Google up to US$149million per year, or US$37.25million per quarter – 3.7% of Google’s quarterly cloud revenue figure.

Before adopting Google Cloud, Spotify used Amazon Web Services.

Written by Leah Alger

The post Spotify to spend US$447million on Google’s Public Cloud appeared first on DevOps Online North America.

Beaumount has warned that writable S3 buckets accessed by the public could be used by cyber criminals for ransomware attacks.

This is because of the large amount of data that can be stored in S3 buckets.

In the past six months, documents have been exfiltrated from unprotected S3 buckets belonging to Verizon, NSA, the US Military and Octoly, according to Tech Republic.

‘Painstaking security development’

Josh Mayfield, director at enterprise security firm FireMon, wrote in a statement: “AWS will likely see a sizable ransomware attack in the coming months, not due to any flaws in AWS security, but because of misconfigurations.

“There is a persistent belief that since the infrastructure is a ‘service’ (IaaS), then the responsibility falls to the IaaS provider to secure their systems.”

He also noted to Tech Rebulic that AWS has gone through “painstaking security development to bring the most robust controls you can have with a public cloud”.

Written by Leah Alger

The post Researcher finds misconfigured S3 buckets are a common problem for AWS users appeared first on DevOps Online North America.

According to The Wall Street Journal, the data centers will be in the United States, Canada, Asia, the Netherlands and Switzerland.

The tech giant will be partnering with Tencent in its new data center in China, according to the report.

This new development could help the company better compete with market leaders, including Amazon Web Services and Microsoft Azure.

The post Oracle pushes into cloud computing appeared first on DevOps Online North America.

IPAWS provides integrated services and capabilities to federal, state, territorial, tribal, and local authorities that enable them to alert and warn their respective communities during an emergency.

eGT, an AWS advanced consulting partner, has successfully migrated other mission-critical FEMA emergency systems to the cloud using their DevOps service framework and open source cloud orchestration toolset.

Peter Warren, Vice President of Business Development for eGT, said: “We are very excited to help IBM and FEMA with this very critical mission application.

“We believe our agility, DevOps framework and tools, and technical expertise gained from migrating dozens of federal applications to AWS will be a valuable asset to this project.”

Written from press release by Leah Alger

The post eGlobalTech and IBM supports cloud migration appeared first on DevOps Online North America.