Posts Tagged ‘cloud computing’

Some really poor password choices…

For better or worse, passwords are the basis of much of the security we use in the cloud.

SplashData put out there “worst password of 2011” report, based on a blind review of their database of common passwords.  If you use any of these on any accounts you wish to protect, clearly a good idea to think about changing them soon.

  • password
  • 123456
  • 12345678
  • qwerty
  • abc123
  • monkey
  • 1234567
  • letmein
  • trustno1
  • dragon
  • baseball
  • 111111
  • iloveyou
  • master
  • sunshine
  • ashley
  • bailey
  • passw0rd
  • shadow
  • 123123
  • 654321
  • superman
  • qazwsx
  • michael
  • football

A few simple guidelines for good passwords, from around the web:

  • Use at least eight characters
  • Use a random mixture of characters, upper and lower case, numbers, punctuation, spaces and symbols.
  • Don’t use a word found in any dictionary, English or foreign.

 

Stuff that just doesn’t work well, at least not anymore, because common hacker tools know them well:

  • Don’t merely add a single digit or symbol before or after a word. e.g. “password1″
  • Don’t double a single word. e.g. “kittykitty”
  • Don’t just reverse a word. e.g. “drowssap”, or just remove the vowels. e.g. “psswrd”
  • Avoid Keyboard sequences that can easily be repeated. e.g. “qwerty”,”zxcvf” etc.
  • Don’t garble letters into numbers as the only thing between you and the dictionary, e.g. converting e to 3, L or i to 1, o to 0. as in “z3r0-10v3″

Read more about the Splashdata report in full here: http://splashdata.com/splashid/worst-passwords/index.htm

Tags: , , ,

This entry was posted on Wednesday, December 7th, 2011 at 9:58 am and is filed under cloud, privacy, Risk Management, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Cyber Security Gets the DOD Cloud Treatment

eWeek.com did a nice piece, quoting extensively from recent NSA public statements, on how both cloud and data security strategies in general are starting to move into extended pilot modes.  Here is a link to the General’s presentation - below is an except from the eWeek summary.

 

U.S. Counts on the Cloud to Boost Cyber–Security

 By: Fahmida Y. Rashid, eWeek.com

Army Gen. Keith Alexander, head of the National Security Agency (NSA), discussed the cloud and how to defend against increasingly sophisticated cyber-threats at a recent Information Systems Security Association conference in Baltimore and in a follow-up interview with eWEEK. As commander of U.S. Cyber Command, he also discussed rules of engagement for the military in cyberspace.

The cloud is a key part of the intelligence community’s IT strategy, Alexander said, because cloud computing gives defense and intelligence agencies more visibility over hackers who are trying to breach government networks.

Within the NSA and Department of Defense (DoD), there are more than 7 million pieces of IT infrastructure and systems and 15,000 different network enclaves, according to numbers provided by the general. With each enclave protected by its own firewall, network administrators have little to no insight into what is happening in isolated and segmented networks, he said.

“Collapsing the enclaves” would provide administrators with a better end-to-end view of their networks and situational awareness, said Alexander. He added that it’s not a perfect solution, but “it is more defensible.”

In a pilot program, the NSA has reduced the number of applications it is running from 5,000 to 250 cloud applications and slashed the number of help desks from 900 to 450, according to Alexander. The agency plans to keep shrinking the infrastructure to just two help desks and 20 data centers, as well as adopt more open-source software, he said, noting that the military is already using Apache Hadoop and OpenStack.

Read the full piece here.

Tags: , , , , , ,

This entry was posted on Monday, November 28th, 2011 at 3:07 pm and is filed under Risk Management, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

CloudSleuth

Worth a visit is the Gomez-driven BI-based reporting tool on real time cloud performance called CloudSleuth here.  This Compuware tool provides a global window into response time and up-time by Rackspace, Google, Microsoft, and a few dozen more.  Here is an example of the response time chart, as this blog is written.  Fastest 3 are shown in the circle = click on the image to read it correctly:

 

Tags: , , , , ,

This entry was posted on Monday, October 10th, 2011 at 8:39 am and is filed under cloud, Google, Monitoring. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Google, Microsoft Suffer Cloud Computing Outages

Even the big guys have not get it down quite right yet at scale:

by Clint Boulton

Cloud Computing News

Google and Microsoft both watched their cloud computing systems choke this past week, with Google Docs going dark for an hour and Microsoft Hotmail, Office 365 and SkyDrive knocked offline for three hours.

Google Sept. 7 saw its Google Docs word collaboration application [act] up for one hour, shutting out millions of users from their document lists, documents, drawings and Apps Scripts. Microsoft, meanwhile, watched its online services, including Hotmail, SkyDrive and Office 365 software, go kaput for three hours Sept. 8.

Google’s outage was caused by a memory management bug software engineers triggered in a change designed to “improve real time collaboration within the document list,” the company explained in a corporate blog post.

Microsoft’s outage was more serious. Beginning around 9:30 PDT Sept. 8, the company’s Hotmail, SkyDrive and Office 365 services went down, owing to a Domain Name System (DNS) issue.

Read the rest at http://www.eweek.com/c/a/Cloud-Computing/Google-Microsoft-Weather-Cloud-Computing-Outages-779302

 

 

Tags: , , ,

This entry was posted on Monday, September 12th, 2011 at 10:25 am and is filed under cloud, Risk Management, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Feds idea seekers can advance their cloud stragegy with FedPlatform.org

The federal government continues to take a leading role in promoting and adopting cloud strategies.
Kevin L. Jackson did a nice blog piece of Fedplatform.org, worth a look here.  It’s a commercial site, but pulls together some useful pieces, like Amazon’s government specific cloud, the Federal Cloud Computing Strategy and the Federal CIO’s 25-Point Federal IT Reform Plan, and some other cool stuff

There will be lots more stuff out there, as the federal moves to the cloud continue, I suspect.

Tags: , , , , , ,

This entry was posted on Saturday, August 27th, 2011 at 4:00 pm and is filed under cloud, IT Service Management, Project Management, Risk Management, security, virtualization. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Windows HPC Server 2008 R2 Bursts Into the Cloud

Had the chance to spend the better part of the week last week with Microsoft drinking deeply from the Redmond kool-aid cup in LA at WPC2011.  To be honest, I was impressed with their technology moves on many fronts.  I guess a $9B/year R&D budget can push out some impressive stuff, when focused right.   They are no-joke serious about the cloud, although their vision is a hybrid world as far as the eye can see, and you’d expect.  Hard to argue with that, near term, I’d say.

One random item that impressed me was progress they’d made on public and private cloud integration with the high performance computing tools (Windows HPC Server 2008 R2).   Four things stood out.  First, was the ability to burst to Azure, now central to the product.  Second, was the ability to leverage unused Windows 7 desktop PC CPU power, which for an Enterprise or a University or some other facility with lots of systems that do little at night could be huge . Third, MSFT has tied HPC fully into Excel 2010, allowing the building of some impressive front ends with even more impressive backends.  Lastly, they had some algorithms to keep up with Mapreduce.

Here is a glimpse of the pieces and how they go together:

 

 

Tags: , , , ,

This entry was posted on Tuesday, July 19th, 2011 at 11:19 am and is filed under Cool and from Redmond, databases, HPC, Hyper-V, virtualization. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Coyboy Data Doggies Ground Zero Moves to Google Apps

Wyoming Completes Google Apps Migration

Days prior to Microsoft’s Office 365 launch, the first state government to drop its in-house software in favor of Google’s cloud-computing offering announced that all 10,000 employees have made the move.

By Elizabeth Montalbano InformationWeek

June 22, 2011 04:16 PM

Wyoming has completed a migration of 10,000 employees to Google Apps for Government for collaboration and unified communications, the first state government to drop its in-house software in favor of Google’s cloud-computing offering.

“Our entire state government has gone Google,” Wyoming Governor Matt Mead said in a guest appearance on the Google Enterprise Blog. “Wyoming is the first state in the country to make this transition.”

Read the full story here.

 

Tags: , , , ,

This entry was posted on Thursday, June 23rd, 2011 at 2:46 pm and is filed under cloud, Cost Cutting, Disaster Recovery, Google. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Microsoft tidies up its cloud licensing programs

After a long two years of wondering, the Redmond team finally cleats up some of the uncertainty around how its Windows products and related tools function in the cloud environment, such as Amazons.  All I can say is, about time the guesswork ended.  Here’s a snippet from Carl Brooks with the details.

 

———————————–

Microsoft formalizes cloud computing enterprise licensing

Carl Brooks, Senior Technology Writer, SearchCloudComputing .com

Nearly two years after enterprise customers were given sanctioned Windows Server virtual machines to run in Amazon Web Services, Rackspace Cloud and other services, Microsoft has adjusted its enterprise volume licensing to allow for “license mobility.”

We’re trying to do this in a way that’s very straightforward to let people know where they are.

Andrew Wolfe, worldwide licensing project manager for Microsoft

Microsoft applications bought through volume licensing agreements — such as SQL Server, Exchange, SharePoint, Microsoft Lync Server, System Center and Dynamics CRM — can now move to dynamic virtual environments like Amazon Elastic Compute Cloud if enterprises purchase Software Assurance (SA) for those licenses.

There are also updates to Service Provider License Agreements (SPLA) for Microsoft. The company said the licenses will provide “confidence” when contemplating using cloud services. Customers call it playing catch-up.

 

Read the rest at: http://searchcloudcomputing.techtarget.com/news/2240036188/Microsoft-formalizes-cloud-computing-enterprise-licensing

Tags: , , , , ,

This entry was posted on Thursday, June 2nd, 2011 at 8:23 am and is filed under cool & from redmound, Disaster Recovery, Hyper-V, Risk Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

The cloud and OSS are indivisible?

 

Major early cloud implementations were built on the strength of Linux and related systems.  These technologies offered ease of porting and licensing, as well as intrinsic power and flexibility. Certainly Amazon owes a pretty huge debt to the OSS community.

But many raise valid concerns about how SaaS / PaaS / Iaas solutions can lead to vendor lock-in, despite the OSS root that many of these technologies have.  Eric Knorr recently published a blog on-point to this issues, here is a piece of it below, read the full piece here.  I call attention especially to the Apache Hadoop notes near the bottom of the piece, this technology is riding high on the Gartner hype curve just now, as a way to deal with the challenges of Big Data.

 

Why the cloud can’t be separated from open source

By Eric Knorr
Published on InfoWorld (http://www.infoworld.com)

Created 2011-05-16 03:33AM

Open source wouldn’t exist without the Internet — so perhaps it was inevitable that open source would get mashed up with cloud computing.

It’s been that way from the start. Since the very beginning of cloud computing, SaaS providers have tended to prefer the LAMP stack (or some variation) to deliver Web applications. But over the past few years, there has also been a precipitous rise in the number of open source cloud projects.

According to Black Duck, which maintains a huge open source knowledge base, the number of open source cloud projects rose from a handful in 2005 to 470 by the end of 2010. That’s a tiny percentage of the half-million projects out there, but their influence vastly outweighs their number.

…[lots of good stuff here on many OSS tools in this space, go to his full blog entry to read about it]…

Finally, there’s Apache Hadoop, a software framework for data-intensive distributed applications inspired by Google MapReduce. Hadoop is ushering in a revolution in mining gobs of unstructured data, from Web clickstreams to security event logs. Although Hadoop is not restricted to the cloud, it’s certainly the perfect bursty application. Amazon EC2, for example, offers a hosted Hadoop framework dubbed Amazon Elastic MapReduce; upload the data, use scores of EC2 servers, and walk away with the results without having to pay a dime for infrastructure.

This article, “Why the cloud can’t be separated from open source,” originally appeared at InfoWorld.com. Read more of Eric Knorr’s Modernizing IT blog.

Read the whole piece here:  http://www.infoworld.com/t/cloud-computing/why-the-cloud-cant-be-separated-open-source-077

Tags: , , , , , , , , , , , ,

This entry was posted on Monday, May 16th, 2011 at 9:07 am and is filed under cloud, databases, FOSS and friends, outsourcing builds. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Things are finally starting to “open up” a bit for the mobile computing user

Mobility is one of ways to enjoy the power of cloud, anywhere. For those who believe competition and technology openness are vital to advancing our industry, the reign of Apple as the sole provider of viable cutting edge tablets has been a tense time. Perhaps we are seeing some open and competitive light at the end of long night. Finally.

Meet the ASUS Eee Pad Transformer. This is the first Honeycomb tablet I have seen with a release date I can find in this month’s day planner (shipped in UK last month, instant sell out there they say, ships in US next Tue through Best Buy) that does some stuff that the ipad2 does not yet do, as far as I know. And for less than the iPad by a few dollars, the Wi-Fi model runs $399.

Early review here: http://www.slashgear.com/asus-eee-pad-transformer-first-impressions-video-30143387/, and ship dates here: http://www.unwiredview.com/2011/04/21/asus-eee-pad-transformer-to-hit-us-stores-april-26th-for-399/

What I thought was novel about this (besides its running an open platform as opposed to a closed one) was the smart docking station. This thing it plugs into is more than a keyboard, it contains lots of extra ports and storage and things, and interestingly, also an extra battery, so that the tablet only battery life of 9 hours gets moved to a very nice 16 hours.

The big concept here is that the device can handle content creation chores, and as well as the content display stuff that the current Apple generation does so well. It lacks a 4G option, which is a big hole; though they say they will be adding it.

One silly thing I saw that is cool enough to close with: when the weather report changes from cloudy to sunny, the wallpaper changes from clouds to sunny too. Let that light shine on me!

 

 

 

 

 

 

[Photo credit: David Lienhard, "blue sky over st. gallenkirch"]

Tags: , , ,

This entry was posted on Thursday, April 21st, 2011 at 10:15 pm and is filed under cloud, FOSS and friends, Google. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.