Indeed, it was reported that 68% of IT leaders have a hybrid cloud strategy, which leads to a faster, more secure, and more affordable cloud solution for the business compared to private and on-premises infrastructures.

However, there are still many challenges, such as cybersecurity threats, lack of integration between new and old infrastructure technologies, governance and compliance requirements, and managing company spending. IT leaders also raised the issue of solving and mitigating cybersecurity protection concerns, the inadequacy of skilled IT staff, and the lack of cloud standardization.

Moreover, the study showed that more than 70% of the IT leaders have increased their overall cloud spending in the last year. This was a direct result of the pandemic as they realized that it was critical to their operations. Besides, 70% of IT leaders have increased the use of public cloud platforms, such as AWS and Microsoft Azure.

Organizations rely on cloud computing for scalability and flexibility, as well as to develop, test, and launch products and services. It can also be used for their built-in and tested cybersecurity protection features.

The post Cloud management to be critical for IT teams appeared first on DevOps Online North America.

The study reported that almost 90% of organisations were using fewer than 5% of permissions granted. Indeed, for AWS, more than 95% of identities were using fewer than 2% of permissions granted; for Azure, 90% for less than 2% respectively; while for Google, it was 90% for less than 5%.

The report called this the ‘cloud permissions gap’, which is due to misunderstandings over shared responsibility, and how cloud providers only have responsibility ‘of’ the cloud, and its associated infrastructure.

Moreover, the study also showed that it is almost impossible for identity and access management or cloud infrastructure teams to manually manage everyone who is accessing cloud infrastructure as well as using particular permissions. Hence, organisations are obliged to properly implement the principle of least privilege to ensure the best defense.

Thus, the report recommends companies to leverage activity-based authorisation in order to right-size permissions of identities as well as identify, improve, and monitor identity and access management hygiene regularly. It was also advised to implement automated, continuous compliance and reporting.

The post New report reveals dubious permissions gap for enterprise hybrid and multi-cloud appeared first on DevOps Online North America.

Indeed, according to a survey of 300 Federal, state, and local IT leaders, 77 % of Federal, state, and local government IT leaders stated that their organization has developed a formal cloud strategy, but only 30% believe that it is working well with accelerated hybrid adoption.

However, 85% declare that the pandemic pushed many of them to migrate to a hybrid cloud environment, hence resulting in some gaps in public sector cloud strategies.

It was reported that 3/4 of IT leaders think that their organization should have developed a more thoughtful data strategy before migrating data to the cloud. Besides, the majority of Federal and state, and local IT managers stated that their organizations didn’t benefit entirely from their hybrid cloud investments.

Thus, this has led to many challenges for governments including managing and securing data across environments.

In order to tackle these problems, public sector IT managers gave three solutions to optimize hybrid cloud environments: design a comprehensive data strategy, reinforce security, and partner with cloud specialists.

The post Government hybrid cloud strategies to face challenges appeared first on DevOps Online North America.

The report showed that 86% of financial services stated that hybrid cloud is their ideal IT operating model, and many financial services seek to run more applications in private cloud. Indeed, the financial sector is using private cloud more than any other industry except IT, tech and telecoms.

Moreover, the financial services sector has also stated plans to reduce reliance on traditional, non-cloud-enabled data centers from 14% to 4% in one year. It was reported they planned to increase their deployment of hybrid cloud to about 54% penetration within five years.

This is mainly due to the sanitary crisis, which pushed these enterprises to increase their investment in hybrid cloud. By doing so, they are trying to gain greater control of IT resource usage and to get more speed and flexibility to meet business requirements. Besides, another key factor is cost savings.

The report also revealed hybrid cloud is the only IT model that will demonstrate positive growth among financial companies and that it is expected to increase by 39% within a five-year frame.

However, financial services organizations have shown their concerns about security, privacy, and compliance when running applications within public cloud solutions.

Yet, almost half of the financial sector respondents stated their trust in private cloud as they are either fully deploying HCI or are in the process of doing so. Indeed, HCI is said to reduce the time it takes to build the necessary software-defined, scalable infrastructure to support private cloud.

The report revealed that many financial industries needed more people with skills to manage their mixed private/public cloud environments and more expertise in cloud-native technologies and containers, including Kubernetes.

The post Global financial services to increase their private cloud investments in 2021 appeared first on DevOps Online North America.

The services business is to become a public company, with $19 billion in revenue, managing enterprise-owned IT. Regarding the rest of IBM, it will continue to develop as a business focusing on Cloud IT – including hybrid cloud – outside of the customer. Its operations will be based around OpenShift while IBM’s remaining hardware business stays with the main company.

The split should be complete by the end of 2021.

The division will allow the rest of IBM to grow into the cloud sector and catch up with Amazon and Microsoft. IBM will be focusing on its open hybrid cloud platform and AI capabilities. It will aim for digital transformation journeys.

The services business will have then better agility to design, run, and modernize the infrastructure of organizations. Both companies will continue to develop and aim for new opportunities by creating value for clients and shareholders.

Hybrid cloud seems to be the future of IBM.

The post IBM splits to focus on Cloud appeared first on DevOps Online North America.

Leaseweb USA, a hosting and cloud services establishment, discovered the results in its “Developer IaaS Insights Study,” based on an examination conducted at DeveloperWeek Austin.

Understanding migration

“As companies evolve, their hosting needs and capabilities also evolve,” said Lex Boost, CEO of Leaseweb USA. “Understanding why companies choose to migrate to an IaaS solutions vendor provides insight to not only the marketplace, but what value vendors can bring to the businesses.”

The CEO added that the report reflects on business developments: “This survey is a microcosmic example of the current industry trend. The power, speed, flexibility and functionality of dedicated, hybrid and private cloud infrastructure environments are undeniable. Companies are shifting back to custom solutions designed to fit their exact needs, in this precise moment of their company lifecycle. The mettle of metal cannot be ignored.”

Other findings include:

• 51.7% plan on migrating in the next two years while 26.7% have not yet decided on this point.
• Less than 20% of respondents believe they are using the industry standard and have no plans to change their infrastructure.
• 37.5% of companies noted migration costs to the top barrier while 24.2% of respondents identified cost alone as the top barrier
• 15% aren’t sure what to outsource, whilst 8.3% say they are not finding the right partner
• 3.3% is held ransom by public cloud providers

These results show that developers looking for the right cloud fit need to consider both time scales and cost to avoid unnecessary barriers.

The post Firms believe hybrid or private cloud to be the future, research shows appeared first on DevOps Online North America.

Last Thursday (April.4^th), Alcide, a cloud-native security provider of the first Microservices Firewall, announced a Fabric-Ready partnership with Fortinet.

The joint hybrid cloud security offering seeks to provide advanced threat detection and mitigation for complex cloud environments to ensure business continuity.

The integrated hybrid cloud security solution was created on top of FortiOS, the system that connects security devices together for effective and comprehensive security, while also ensuring full control over all security and networking capabilities.

FortiGuard Labs & Alcide

The security offering also leverages FortiGuard Labs’ threat intelligence with Alcide’s high-resolution reputation hit detection capabilities, such as crypto-mining, command & control, etc.

Combined together, Fortinet blocks threats at the network perimeter, while Alcide uses its patent-pending microservices behavioural-based anomaly engine to detect east-west attacks across and within the different clusters.

The Alcide platform also “programs FortiGate Next-Generation Firewalls to enforce a deeper security inspection for Amazon Elastic Container Service for Kubernetes (EKS), which results in an end-to-end security solution with a unified security policy enforcement across and with multiple Kubernetes clusters and hybrid-cloud deployments,” Alcide said.

Benefits

Alcide also pointed out that customers of the integration can benefit from the following:

• unified threat hunting and management
• high-resolution triage of anomalous microservices network activity
• combining North-South threat intelligence reputation with deep East-West traffic inspection
• continuous control and visibility.

“We are excited to partner with Alcide to help customers apply consistent and broad security to their cloud-based application deployments. Leveraging the joint solution, customers can benefit from security tailored for their container and serverless environments working in concert with trusted and true network security for their cloud networks,” said Lior Cohen, senior director, product marketing, cloud security at Fortinet.

“We are thrilled to collaborate with Fortinet,” said Gadi Naor, co-founder, and CTO, of Alcide. “By leveraging industry-leading security portfolio and integrating with FortiGate NGFW and FortiGuard Labs’ threat intelligence, which enables customers to easily harness deep security controls on public and hybrid cloud deployments.”

The post Alcide partners with Fortinet to provide hybrid cloud network security solution appeared first on DevOps Online North America.

How DevOps and hybrid cloud are delivering digital transformation

Digital transformation has been heavily promoted as a way for businesses to stay relevant and keep ahead of the curve by adopting technologies to make every day working life more efficient or effective.

But rather than just use technology to replicate an existing service, the intent is to use it to completely transform that service.

According to IDC, spending on digital transformation will reach $1.7 trillion worldwide by the end of this year, a 42% increase from 2017.

But, while the objective of digital transformation to use digital technologies to speed up business change is common to all organisations, the means of achieving it differs for every company –because businesses are so diverse.

By this stage of the process, the digital transformation success stories of companies using technology to drive their business forward are fairly well-known.

There are a number of hugely successful companies that have become household names by operating with a digital business model, such as Airbnb, Facebook and Uber.

Cloud computing is transforming business

A big factor in these successes is cloud computing. The agility and flexibility of cloud computing is helping to transform businesses, making it possible to easily add resources to servers and move applications.

It is also hugely cost-effective because users only pay for the resources they use, as and when they require them.

Cloud computing helps businesses to meet the growing need for services and applications that are easy to access, navigate and use on any device.

It allows users to work remotely and collaboratively from anywhere, an essential for modern businesses.

It has also provided a platform for two significant innovations that are playing a major role in delivering digital transformation: DevOps and hybrid cloud.

The benefits of the DevOps model

DevOps is gaining a lot of traction in software development because it helps teams to be innovative, deliver applications and services quickly and eliminate the gap between development and operations.

It creates a stable operating environment by drawing all of the processes together, enabling organisations to create code faster, reduce human errors and optimise costs.

To borrow the vocabulary of digital transformation, DevOps transforms people, processes and tools into a single entity.

There are a number of examples of tools being used in a DevOps environment, such as Git for source code repositories and VMware vCloud for virtual infrastructure.

Cloud has emerged as a major enabler for DevOps because it works so harmoniously with the processes of a DevOps environment. It provides the platform to boost developer productivity and efficiency while automating processes, eradicating human error and making code repeatable.

But the shift to a DevOps model isn’t always straightforward.

While businesses can see instant improvements from the changes DevOps brings, scaling up is still a major obstacle and needs to be monitored.

To try and alleviate this issue, organisations need to have a standard that everyone follows for DevOps.

Why hybrid cloud is important

Hybrid cloud, a combination of private and public clouds, can play a major role in helping a business to transform its services.

In addition to addressing the scalability challenge, hybrid cloud promises significant cost savings, increased flexibility and the ability to meet compliance requirements.

By incorporating a number of hosting models, hybrid cloud gives CIOs the flexibility and versatility to utilise the IT infrastructures they already have while integrating new services and eliminating old technology when they have to.

Workloads can be moved between the different hosting models to meet specific goals and to ensure resources are used effectively.

A common example would be for businesses to retain critical data on-premise (or in a private cloud environment), while storing less critical data in a public cloud.

While the benefits are indisputable, they are not guaranteed.

As with everything, the service is only as good as the provider. Businesses need to ensure they choose the right hosting partner to advise them on the best way to control all cloud resources and manage services for a successful transition to hybrid cloud.

Digital transformation can be complicated

But while DevOps and hybrid cloud are acknowledged as major contributors to business transformation, that doesn’t mean it is plain sailing for companies embarking on their digital transformation voyage.

The first difficulty lies in trying to lock down what digital transformation means. The term is so broad, nebulous even, that it can be hard to define it.

Digital transformation can mean so many different things to different businesses, leaving a lot of companies confused about how to approach their projects.

Stripped down to its basics, the aim of any transformation is for companies to make their services more accessible and easy to manage.

But where do they start?

And how far do they go when ‘true digital transformation’ – whatever that means – can be something that takes years to conclude. Assuming the transformation can ever be completed.

As with anything, it helps to have a clearly defined strategy in place to reduce the risk of time and money being wasted, while ensuring that digital services are deployed and used effectively to improve the way the business works.

Understandably, some businesses are still reluctant to change, particularly given the uncertainty of the digital transformation process and the risks involved.

But the cloud has given them a platform to digitally transform their services and the innovation provided by DevOps and hybrid cloud gives them the mechanisms and means to achieve that goal faster, more efficiently and more effectively.

Jon Lucas, Co-Director, Hyve Managed Hosting

The post How DevOps and hybrid cloud are delivering digital transformation appeared first on DevOps Online North America.

The role of DevOps in capitalising on these benefits has become increasingly important, with developers and IT operations now working together closer than ever in an effort to continuously plan, develop, deliver, integrate, test, and deploy new applications and services in the hybrid cloud.

However, as the deployment pipeline continues to gather speed, so too does the risk of potentially harmful flaws and vulnerabilities going unnoticed until it’s too late.

In some organizations, security assessments are carried out towards the end of the development process. If these organizations use the waterfall development methodology with infrequent software deployments, any delays due to application security vulnerabilities that were discovered during the verification and validation phase would have a manageable impact on the overall program. However, with agile development methodologies and with some DevOps teams deploying new releases almost every day, any holdup is unacceptable.

Application security requirements need to be considered as development begins, to ensure that as many issues as possible are identified early on, rather than at the end of the process, when taking remedial action would only cause delays. These include software development life cycle (SDLC) security requirements, such as eliminating trap doors, backdoors and covert channels during the initiation and development phases; conducting static, dynamic, fuzz and interface testing for the relevant use case during the assessment phase; and conduct perform vulnerability and penetration testing, as well as conduct Continuous Monitoring during the maintenance phase. To better protect against potential security risks in this way, and thereby innovate more quickly, DevOps teams must culturally evolve into full-fledged DevSecOps teams, and obtain an end-to-end visibility across the entire service delivery infrastructure with Continuous Monitoring.

Meaningful and actionable insights

Through having visibility as part of the SDLC, developers can achieve a common situational awareness and view the situation and take appropriate action as soon as an issue is identified, instead of relying on operations teams to highlight problems. This creates numerous developmental advantages in areas of application performance and security, such as making anomaly spotting and root-cause analysis processes more efficient.

This level of visibility relies on the use of smart data; metadata based on the processing and organisation of wire data, aka IP Traffic Flows, at its point of collection, optimised for analytics at the highest possible speed and quality. Unlike log data, which needs to be collated and analysed before it can be acted upon, smart data analyses every IP packet that traverses the network during a development cycle and beyond, in real time, and uses that information to deliver meaningful and actionable insights, which create a common situational awareness for all parties. By providing condensed, actionable and intelligent datasets on events as they happen, smart data enables all teams – from developers to operations, security, QA and everything in between – to work closely together as parameters continue to evolve throughout the development process.

Creating more secure applications

This visibility becomes increasingly important with regard to security as part of a DevSecOps organisation, in which a security engineer works alongside developers, QA and Operations teams to assure the security of applications and services. Analysing data after a breach will help troubleshoot the problem, but knowing about flaws in an application in real time will allow developers, operations, and security teams to deal with any issues with more agility. When combined with automation, this process will help to create more secure applications and will, in turn, save time, money, and reduce the risk of potential damage to an organisation’s reputation.

Digital transformation is integral to the innovation and ongoing success of today’s businesses. Capitalising on the opportunities it offers, however, doesn’t come without risk, particularly with DevSecOps teams required to produce quality and secure code at speed. To save costly delays in deployment time, security can no longer be an afterthought and must be built-in from the start and throughout the SDLC process. With the complete visibility across and Continuous Monitoring afforded by smart data, DevSecOps can now maintain the necessary speed and agility, with the situational awareness they need to prevent potential flaws in performance and security becoming a problem long before they start impacting customers.

Written by Michael Segal, Area VP Strategy, NETSCOUT

The post How DevOps can use smart data to protect against security risk appeared first on DevOps Online North America.

VMtech, a popular Australian IT provider, delivers and manages enterprise-grade hybrid cloud, connectivity and security solutions.

Telstra’s executive director for business technology services, Christopher Smith, said VMtech’s end-to-end approach to designing and managing secure hybrid cloud solutions complements the existing suite of technology consulting services Telstra offers across public cloud, networks, security, and applications, according to ARN.

‘A secure hybrid cloud approach’

Smith added to ARN: “As organisations digitise their business they are increasingly moving from a basic cloud-first model to best-fit solutions that often involve a secure hybrid cloud approach.

“As a result, customers are looking to us to provide hybrid solutions for their network, security and cloud infrastructure, as well as support for defining, architecting, implementing and managing these solutions.”

Smith also noted cloud services in Australia and Asia are growing, so growth will continue as more organisations adopt hybrid cloud solutions.

Written by Leah Alger

The post Telstra acquires VMtech to secure network applications appeared first on DevOps Online North America.