Get a demo

OneKloud - Blog

The End of Cloud Provider Monogamy

[fa icon="calendar'] Mar 30, 2017 4:07:00 PM / by Sarah de Castro posted in Security, AWS, agile, Cloud service providers, IaaS, Risk, Outage

[fa icon="comment"] 0 Comments

It’s best to share the love when it comes to Cloud-infrastructure providers...

 

“In the financial markets, investors protect themselves from volatility by diversifying. The same might hold true for companies and organizations that rely on the cloud.”

                                                                                                            -said  first in this article, by Tom Coughlin.

Read More [fa icon="long-arrow-right"]

Cloud Resistance: Why cloud Migration is a Big Deal for Traditional Companies.

[fa icon="calendar'] Jan 15, 2017 11:11:00 AM / by Sarah de Castro posted in migration, Security, AWS

[fa icon="comment"] 0 Comments

 

 

Moving computing power to a cloud infrastructure provider offers an ever-growing list of advantages. Importantly, these are exactly in line with the shift many traditional companies need to make to remain competitive in today’s digital landscape, no matter what industry they are in. We are talking about things like scalability, mobility and despite noise to the contrary, reliability, cost and security.

Yet, migration to the Cloud is seen by many companies as an option: A big investment, with an uncertain short-term impact. Like any transformation in a big corporation, resistance is based on a very human factor: fear of change.

 A rocky road

Given the hierarchical nature of many decision-making processes in big corporations,  the road to adoption of cloud infrastructure can be long and winding. It’s made even more cumbersome by the fact that many Iaas providers don’t seem ready to make things easier. Take this article by David Linthicum, 3 barriers between AWS and businesses written all the way back in 2013. He cites the main barriers to companies adopting AWS. Specifically, companies are used to making deals… and AWS doesn’t give an inch. And that AWS isn’t really into enterprises rewriting standard contact. Naturally this doesn’t sit well with clients who are used to having some negotiating room. These needs for negotiation to be a part of the process when partnering with outside providers is as much about establishing a relationship, read trust, as anything else. So despite the Monster migration trucks on show at AWS re:Invent 2016, how much has that situation evolved?

The change resistant person

Within your company, where would the recommendation to move to Cloud infrastructure come from? Someone in the IT department, the VP of Engineering? the CTO… The people who have worked so hard to implement, adapt and maintain the current IT technology? Could it be the same person who recommended you invest tens of thousands in hardware just a few years ago? The leader of a team whose collective skill sets are potentially becoming obsolete? And whose job security is potentially diminishing? Let’s face it, Cloud computing concepts, tools, structures and methodologies can be very challenging. So no! It's not likely to be one of these people. In fact, probably for many long-standing companies the very technology stalwarts that need to champion change will be the ones to block it.

Whirring vs. fluffy

Externalising computing power to a very abstract Cloud from a tightly-guarded concrete bunker represents a transition that is primarily physical. But at a deeper level it represents a psychological shift in terms of understanding what computing is and about how it relates to company data. This kind of dematerialization can represent a loss for IT teams, and transferring to someone else's servers requires trust.

False security

As hacks are a widely publicised aspect of the Cloud, resistance also comes from a perceived lack of control and vulnerability. While security is a critical aspect of Cloud Iaas, in-house IT set-ups are only seemingly more secure,  like air crashes featuring more in the news than car crashes, the reality is that the true risks are the other way round.  On premise hardware is vulnerable to breakdown, obsolescence and even intentional interference from disgruntled employees. But these whirring boxes certainly gave the the impression of security, with their own locked room and fan in the basement, which could be checked up on at regular intervals.  

Read More [fa icon="long-arrow-right"]

Cloud Cost Control? Your 2017 Checklist.

[fa icon="calendar'] Jan 7, 2017 11:11:00 AM / by Sarah de Castro posted in Tips, Checklist, Security

[fa icon="comment"] 0 Comments

Gain control of your Cloud Infrastructure Budget.

Only a few days into the New Year and no surprise: in-house technology infrastructure is quickly becoming (except in a few exceptional cases) the hallmark of a company stuck in the past. Today’s market demands the agility and flexibility of Cloud computing. This means the migration to Cloud or hybrid infrastructure power is simply a no-brainer. Check out last year’s growth of the Iaas sector highlighted in this article, where Mike Wheatley dubs “2016 the year that cloud started to dominate many IT market segments.”

Yet, there remains a dark stormy center to this ever-growing silver-lined Cloud: cost. And more specifically cost control and predictability. Too many companies aren’t sticking to budget, if they have one at all, due to lack of Cloud Infrastructure visibility, accountability and security.

Check in with your VP of engineering or CTO and make sure your company isn’t leaking money through Cloud computing services with this Cloud infrastructure cost control checklist for 2017.

The 6 Costly Crimes Against Cloud Infrastructure Efficiency...

 

1.Over-Provisioning

While it’s heartening to see developers enthusiastic about the importance of their latest project, their tendency to overestimate the need for enterprise applications and resources is costly. And unfortunately  it won’t be your Cloud Service provider that puts a stop to this situation. Yes, Servers can be scaled back but …. this isn’t usually a sustainable solution (check out the next point on this list). Lucky there are solutions like this platform we’ve been working on (a little self-promotion… check)  to allow management to prioritize projects or client related costs and limit resources accordingly.

2.Under-Provisioning

This is what can happen if you try to solve the above over-provisioning issue without the right tools… i.e. by simply scaling back. Problems encountered due to under-provisioning may appear less costly than massive overspending from over-provisioning, but the inefficiency and time wasted by under-provisioning are also extremely debilitating. A false economy. Finding a way to allocate the appropriate amount of resources, ie. money  to the right project is key to using Cloud infrastructure services in a way that is beneficial to your company.

3.Access, Admins & Chaos

Too much access, too many admins, a lack of hierarchy, as well as permissions given out too lightly create a very expensive mess. Maybe server instances are spun up for a particular project or client dedicated set of instances, then the project gets killed and they are never actually used. Cloud service providers aren’t especially good at alerting you to this kind of situation, as the server isn’t costing them anything to spin up idle VMs that they just keep on charging you for. You got it…. you end up paying for something you’re not using.

4.Hacker Attacks

If a hacker gets hold of your access keys they’ll have the potential to launch hundreds of instances and send your cloud costs skyrocketing. We covered how to avoid cloud credential theft pretty extensively in this article. But stolen keys are certainly not the only risk to Cloud Infrastructure out there. A denial-of-service attack will flood your server with illegitimate requests with the objective of crashing it, or at least slowing it down. While a brute force attack ramps up the load on your cloud resources, as it systematically tries different sequences of characters to decode encrypted passwords. The easiest way is to retrieve your keys from your github... and you all know plenty of stories about publicly exposed master keys!

Because hacker attacks are one of many potential causes of consumption spikes it is important to not only monitor but also restrict access to Cloud infrastructure resources, which stops these kinds of attacks in their tracks… a pretty reasonable solution if you consider the massive potential harm to your business, in the form of website downtime, loss of data or data theft.

5.Bad Coding and Architecture

Just because a system works, doesn’t necessarily mean it does so optimally. While the already-established nuts and and bolts (so to speak) of your architecture may be tempting to ignore, you may be paying for extra Cloud services because of inefficient coding and system architectures… for a very long time.

Rehosted applications are susceptible to operational inefficiencies because they’re not configured to take full advantage of products and features available in AWS, so they’re at greater risk of incurring high data transfer charges. But those that have been re-architected can take advantage of modern Cloud features. Re-architected applications that make use of services such as CloudFront ensure data follows the least expensive route.

6.Shadow IT projects

Another control issue: rogue IT projects. Are departments in your company are taking the initiative to run software-centralized projects without the oversight of your IT department? Even if this  may appear to be the fastest way to drive a project, this  is not an efficient way to work! And it also makes Cloud infrastructure budget forecasting impossible, as no one can be sure exactly what is included in the bill. Non-centralised IT projects also mean company security and compliance is compromised, creating risks.  And if do you identify a shadow IT project as the root cause of a cloud cost spike, you should view it as a potentially more serious problem because as these projects are not directly monitored by your specialized department they are more vulnerable to outside interference. Either shut it down or find the right methodology and tools that provide flexibility while allowing your IT department to hold the reins.

Read More [fa icon="long-arrow-right"]

What re:Invent 2016 Really Says About The Cloud Computing Industry.

[fa icon="calendar'] Dec 9, 2016 11:11:00 AM / by Sarah de Castro posted in Security, AWS, Events

[fa icon="comment"] 0 Comments

What we now know about the near future of the cloud-infrastructure industry, fresh off the heals of re:Invent 2016: Cloud computing has become everyone’s business!

 

Read More [fa icon="long-arrow-right"]

How to Avoid Cloud-Credential Theft

[fa icon="calendar'] Dec 6, 2016 4:04:00 PM / by Sarah de Castro posted in Security, Cloud Credentials

[fa icon="comment"] 0 Comments


Quit paying for AWS that’ve been hijacked using stolen cloud credentials.

Hacks like data breaches and stolen keys are the result of: bad access administration, credentials that aren’t carefully chosen and mismanagement of key certification.  Companies are now realizing this lack of control is too costly to ignore.

Read More [fa icon="long-arrow-right"]