Cloud Security Is In Decline – What Are Your Options?

Cloud Encryption is in decline

Have you ever felt that awful feeling that the ship you’re on is slowly and steadily sinking, and no one’s telling you a thing about it? If you are in the cloud, then you should know the feeling, because while your captain is reassuring you that everything is A-OK, new holes start appearing in every new version of the product every day, allowing more water to seep in above the keel.

Cloud security has been in a steady decline ever since the cloud existed. It’s just too juicy a target not to try to hack. Imagine yourself as a hacker. You’re a 30-something-year-old geek who’s trying to get a name for himself. One of the quickest ways to do that is to exploit some vulnerability found in an enterprise. You see, hacking individuals is fun and all, but it’s not going to get you kudos among other hackers. Take down an entire enterprise, and you’ve earned yourself a badge. You hear about this “cloud thing” and it piques your interest, not because it’s one of the coolest booms of innovation to ever hit the internet, but because lots of enterprises park their sensitive stuff right there.

This kind of mentality has lead to a constant struggle between cloud providers and hackers, and guess who’s losing? It’s not those college kids or basement dwellers living with their moms. It’s the company that’s giving you the services you depend upon, and I guarantee that you’ll experience the wrath of a compromise one day if you’re not careful.

What makes this security problem worse is what is known as the identity and access management (IAM) gap. Basically, as the Cloud Security Alliance puts it, your employees have as much access to the cloud as you do, and activities happen without the knowledge of your IT staff. This creates a snowball effect where little pieces of information about your enterprise fall bit-by-bit into the hands of companies you don’t know you can trust. Essentially, you’re exposing yourself to a vulnerability without even being equipped to know about such vulnerabilities. Added to this, managers are prone to making mistakes in their adjustments of access management, which in most businesses is currently based on the honor system as opposed to being based on something more concrete, such as a database of users and access groups that can be transparently managed.

This, and your inability to take action quickly, spells an embarrassing future for you!

When the cloud first came into existence, some very smart people were warning everyone about possible security vulnerabilities that might exist in some applications. Now, enterprises on average run about one-third of all their mission critical applications on the cloud. There seems to be no turning back for these businesses, and if you are running one, it’s time you learned what you have to do in order to prevent yourself from getting into a mess that’s difficult to climb out of.

The Road to Iron-Tight Cloud Security

It’s very difficult to give up on a product that’s making you more revenue and producing less headaches. But you can’t ignore the fact that migrating over to the cloud, coupled with the bring-your-own-device (BYOD) phenomenon, can present new challenges for IT departments that have very little to no knowledge of what goes on outside their spheres of influence within the enterprise. For this very reason, you need to do a few things:

1) Adopt a BYOD policy and enforce it!

If you’re going to have BYOD, don’t just let people do what they want on their devices. Be serious about the threats that come with BYOD and address them. Have employees use your applications to bring their work onto their mobile devices. Use a security solution that allows you to track said devices and wipe them if they’re lost.

There’s another way around BYOD, though. Simply forbid employees to use their devices for work, but offer them company devices that are either partially or fully subsidized by you. This way, they will be able to compartmentalize life and work while still being able to maintain a high level of privacy and comforton their own personal devices.

2) Doing backups? Rely on yourself!

It is immensely difficult to set up a backup solution that will be able to store files in a central repository and synchronize folders efficiently. That’s why you don’t have to do it. No, we’re not talking about sticking to the cloud. Instead, you can move the cloud to you. Just use a private cloud backup solution with end-to-end encryption. Make sure it doesn’t “phone home” in any transaction. In other words, as long as you have a private cloud server that doesn’t communicate with the outside world, but backs up via intranet, you could end up with a secure backup method that won’t put your company at risk. Of course, you have to set it up correctly, too.

3) Use a transparent, concrete, and highly-secure identity management solution.

If you’re not taking care of your identity infrastructure, anything else you do for security is worthless. The biggest problem in identity and access management is making sure that your employees are not using cloud apps all willy-nilly without any supervision, right? What if you could have an environment that shows you detailed audits of application access and stores all of the identities in your infrastructure in a safe location? What if that environment allowed everyone to keep the encryption keys in their hands rather than storing it on the server?

These are not the only options you have but take them as a starting point to make sure you’ve less to worry about. As they say, get back to the basics and look at the fundamentals.

Have any more options to add to this list? Let me know in the comments and I might update the article.


This article was first published on PerfectCloud Blog. Visit the blog to read more about cloud computing, security and privacy.

Advertisements

Omnichannel Urgency: Retail at the Customer Experience Tipping Point

By Bob Elliott, managing director, SAP Canada

This is today’s retail reality:Bob Elliott

  • 79% of consumers spend at least 50% of total shopping time researching products online
  • 82% of consumers will substitute and switch brands due to an out-of-stock product
  • 59% of consumers are willing to try a new brand to get better customer service

A vast majority of all purchases begin online. The expectations have never been higher for retailers to deliver shopping experiences through their website, a mobile app or their social networks.  Although the brick-and-mortar store still accounts for most purchases, the beginning of the transaction starts elsewhere.

Innovative retailers are dramatically changing their business model to stay ahead by shifting their storefronts to the digital world. They’re building apps, integrating social media and ensuring a complete omni-channel experience for the customer at every touch point.

Being visible and available to your customer through every channel is highly important for competitive retailers, but how do you retain your customer? What can you do to stop them using another brand or service that’s equally available? The most competitive brands are turning to loyalty management strategies to create a consistent customer experience that provides incentives, and rewards customers for their loyalty.

The beauty of a rewards program is that they entice consumers to repeat their shopping experience. The benefit to retailers is that these programs are often more effective in increasing revenue over the long run than one-time price promotions and can help move stock that might otherwise sit on the shelves.

A smart loyalty program, backed up with high end software, allows you to gather all the information you need from your customer to provide them with personalized, tailored offers to keep them loyal to your brand. Combine real-time personalized promotions with the weight of your shoppers’ point-of-sale transaction history, and we’re talking about a serious market advantage. Your shoppers’ transaction history (easily recorded and assigned to a loyalty account) contains every scrap of detail you can imagine, including:

  • The time, date, location, and frequency of store visit
  • The size and value of each visit
  • The value and frequency of coupon usage
  • The individual items purchased (brand name versus store brand)

With the power of technology like SAP HANA, this data could be loaded and accessed today, in real-time, to trigger personalized promotions through smart phones. Imagine walking into a grocery store to stock up on your weekly staples. As soon as you pick up a carton of eggs, your smartphone chimes as you pass a digital marketing sensor. You check your phone and find out that your favorite brand of breakfast sausages are 50 cents off for the next hour – what luck! Of course, there’s no luck involved whatsoever.

The in-memory analytics engine studied your transaction history, identified a product related to eggs for which you have an existing affinity, and priced it just right to entice you to purchase a high-markup item you didn’t plan on buying. This all happened without human intervention in a fraction of a second. Scale this model to several interaction points throughout your stores, and you begin to see the impact precision retailing can have on your top line.

Juniper Research forecasts retail payment values on NFC-capable smartphones upwards of $180 billion globally by 2017. Mobile spending in general will reach $1.3 trillion globally and account for 35 percent of the technology economy by 2016, according to Forrester Research. Retailers of all shapes, sizes, and markets will be investing in ways to own a piece of this pie. It’s not a question of if but when.

Why Cloud Security Should Focus on Identity Management

Identity and Access Management system diagram

(Source)

Despite the woes of many that the cloud may not be secure enough for real business to take place on it, many people are hopping on the gravy train. The growth of the cloud has become immense, an inevitable result of the large piles of money corporations and small businesses throw at it. Whether you like it or not, the cloud has become today’s chief business infrastructure and there’s no sign that it will go anywhere.

History’s Lessons

Historically, a correlation can be made between the popularity of a product and its likelihood to become a target for wrongdoers. Technology products are no exceptions. As Microsoft Windows grew more popular, hackers became more interested in swindling unprotected users of their money and computing resources.

Alas, the same thing shall happen in the cloud if we’re not careful enough. Some services are already starting to feel the pressure to become more robust against these threats. However, one service doing the right thing just isn’t enough. We need a tough policy on security, and we need it soon. Otherwise, the hordes will show up at the gates and we might as well have just thrown them the key and run away.

The Chaotic Cloud

In the corporate world, IT management is in chaos. Cloud services are services that fall outside of the company’s scope of control. Therefore, they have to enforce strict policies and assign roles to users that are subject to change at any time. They need a way to get new people on board and people who leave the company off the system.

For each employee, this might mean adding and/or deleting several accounts at once. What a nightmare! Some companies may even get lazy and put the same password on all the accounts for that particular user. Once a company goes down that road, it will one day crash and burn like every ordinary fellow does when he sets the same password for everything. (Learn How To Create Strong Passwords Without Forgetting Them)

To add insult to injury, many solutions that are meant to help with this issue tend to turn it into even greater a problem. Each cloud product developer has a different way of making their login system. Because of all the different conventions, security software providers find it difficult to provide a definitive way to secure every identity. As a consequence, companies continue to create identity silos that become increasingly difficult to manage as they grow.

Today, security providers are trying (mostly unsuccessfully) to catch up with the variety of cloud services out there, making sure that they can remain ahead of the curve. But these cloud services have now become a vital part of our infrastructures and we simply cannot renounce to them so easily. How do you make sure that your presences on the cloud are iron-clad?

The Solution

The overall cloud infrastructure is in desperate need of a knight in shining armor. Who will that be? Cloud security isn’t exactly the most developed sector of the IT sector, but it holds a lot of promise. One of these promising solutions is identity and access management (IAM), which solves virtually every aforementioned issue here.

The market for IAM is growing, with Gartner predicting its 2017 numbers to be somewhere around $4 billion. This means the technology is evolving and will continue to make face to the challenges that lie ahead. The road to a completely secure cloud won’t be easy, but tech innovation inevitably trumps all of the things standing in its way just in the nick of time. We expect that IAM will become one of the principal solutions for cloud security, chiefly because of the way it accounts for basically everything a company needs to manage its IT infrastructure with peace of mind.

IAM seems to hold the key to the future of IT security, as companies migrate more into the cloud and create more accounts for their employees. It makes IT management processes a breeze and allows companies to enforce policies more easily with virtually no chances for making mistakes. It not only lowers the costs involved in paying for wasted time managing tons of accounts, but it also raises the bar significantly in the reliability of your security.

Before you pop out the champagne and celebrate the fact that such an awesome solution exists, however, you ought to know that there’s more to your security than simply signing up for the first IAM your eyes land on.

How “Good” IAMs Manage Data

One question we must ask ourselves is: Who is watching the watchers? Well, IAM watches after your accounts and provides role-based security in a firm. But who makes sure that IAM providers aren’t peeking into your data? Businesses entrust a lot of information to their providers without questions. Perhaps it’s time they asked what exactly is being done to make sure that the company providing the services has no access to the data.

Maybe, just maybe, it’s time to ask how encryption is managed on the server side and on the client side. Do you have any control over the cryptographic functions of anything you use? It would be kind of scary to put all your passwords into a service that offers only promises but no concrete evidence that they’re actually storing your data behind lock and key.

Just imagine for a second what kind of nightmare it would be if a hacker managed to tap into an IAM service’s database and decrypt all of its data. That would mean that the hacker has every one of the provider’s client accounts, and the accounts of each employee. The damage that this person can do is extensive and ultimately fatal to even the most big-budget firms. How do you determine whether this will ever happen?

With our solution at SmartSignin, at least, you’ll be able to create your own encryption key, which means that we delegate control of half of the encryption process to you. In this manner, any breach would only succeed to gather a bunch of gibberish. Your key is safely tucked inside your brain and the hacker won’t know how to crack your safe open.

The next time you look for a proper security provider, don’t forget to ask yourself this question: How much control do they give me over my data? You’ll find yourself surprised at how much you were willing to trust to someone else without any concrete assurance that your data is safe!

Is Your IDaaS Vendor Really Securing Your Identity?

One major problem with Identity as a Service

With no huge capital investment, and almost equal operational expenditure, organizations all across the globe are rapidly moving to a cloud based infrastructure.

The benefits of moving to cloud may be plenty, but where sensitive corporate data is involved, adopting cloud leaves the enterprise in a fix. Reason being, that almost all the cloud based applications are in a public domain, and the maximum level of security offered by all of the cloud application providers is a secure channel of communication between the SAAS vendor and the consumer.

In older days, enterprises used to manage security by putting big bad firewalls to keep the data within the premises. If the data was to move outside the firewall, there were VPNs. With cloud, all the data residing with the vendor is in clear text and god forbid if the notorious hacker is to get hold of it.

This inherent problem with cloud SAAS has followed organizations in the identity domain as well. But identity is a different beast altogether and the security aspect must not be overlooked when adopting IAAS (identity as a service).

SAML, the protocol to establish trust between two different identity systems, will be the answer provided by many cloud identity providers, but is SAML really the answer? Not so much! SAML just take cares of the establishing a secure channel for transporting identity, but the actual data residing with identity providers may not be secure. This is the question that really needs be to be answered before adopting a cloud based identity provider. Why? Well digital persona theft exposes the organization to plenty of hazards both monetary and reputation wise.

In older days, the organizations used to get rid of the incompetency in the data breach by making a change in the organizational structure of the team responsible for managing security. With cloud, in case of security risk, moving to a different cloud IAAS vendor is harder to do because the digital personas reside with the provider, and replicating those records along with roles and policies would be a nightmare, both in terms of time and cost.

So what to look for in a cloud IAAS vendor if not SAML? Yes, you got it right! The answer is: what is the IAAS vendor doing to protect sensitive data?

1. Are they putting firewalls?

2. Are they getting security audits done for their infrastructure?

3. Or are they doing real-time encryption?

1 & 2 are the norm and comes by default with IAAS vendors. However, encryption is the trickiest part, because simple encryption is nothing without carefully crafted key management system. IAAS providers for a non-collaborative way of providing SSO, the key management is usually poor. Either the keys reside with data that it is being stored with, or the keys generated are through an algorithm, making the encrypted data exposed to rainbow tables.

The Smart-Key Algorithm developed by SmartSignin and its inferred system architecture make possible a new class of security and trust for cloud based identity and access management. One can think of this as perfect trust because it is based on the principle of mutual distrust of all elements in the system.

By using key splitting, mutual authentication of client and server, and ensuring that an actual encryption key used for entity/password protection is never stored or used on a server (encrypted or otherwise), it gives absolute assurance that even if an attacker was to penetrate that said server they would never have enough information (even if actively stealing data out of memory) to ever reconstitute a key or steal an online identity. By ensuring decryption and use of credentials exclusively on the client it renders cloud servers (which are the single point of security failure and highest risk element in any system) immune to any attacks associated with account compromise.

In summary beyond the Smart-Key Algorithm offering a high level of security with the right implementation, it also offers cloud based security and identity management a significant forward evolution that is very compelling and worthy of broad use and deeper integration (i.e. direct use of the algorithm rather than just encryption of regular passwords) into various web services.

SmartSignin takes security very seriously. With its patent pending Smart-key algorithm & carefully crafted key generation and management architecture, it leads the way and stands apart from all the players in the cloud.

Don Tapscott – Welcome to the Digital Economy

Don-Tapscott3This Thought Leadership blog is kindly contributed by Don Tapscott, author of Wikinomics and also The Digital Economy, first published in 1995.

As you will see his ideas are almost twenty years old but yet as important if not more so today, when Canada faces an ongoing challenge as a technology innovator and player in the global Digital Economy.

Answering our call for help for our campaign to collectively write a Digital Economy strategy for Canada, Don kindly agreed to contribute this excerpt to be included as part of our launch message:

Welcome to the Digital Economy

Excerpts from The Digital Economy (1995) by Don Tapscott.

Today we are witnessing the early, turbulent days of a revolution as significant as any other in human history.  A new medium of human communications is emerging, one that may prove to surpass all previous revolutions – the printing press, the telephone, television, the computer – in its impact on our economic and social life.  Interactive multimedia and the so-called the information highway, and its exemplar the Internet, are enabling a new economy based on the networking of human intelligence.

Call it The Digital Economy.  In this new world individuals and enterprises create wealth by applying knowledge, networked human intelligence, and effort to manufacturing, agriculture, and services.  In the digital frontier of this economy, the players, dynamics, rules, and requirements for survival and success are all changing.

Such a shift in economic and social relationships has occurred only a handful of times before on this planet.  It is causing every company to think far beyond the likes of “reengineering” to transform itself.  A new enterprise is emerging – the internetworked business – which is as different from the corporation of the twentieth century as the latter was from the feudal craft shop.

Whereas business people are inundated with information, ideas, and theories on new technologies and new organizational forms as well as changing business conditions and strategies, there has been little success in developing a coherent view that synthesizes these factors.  This book sets out to explain the new economy, the new enterprise, and the new technology, and how they link to one another – how they enable one another.  If you and your organization understand these relationships – the role of the new technology in creating the new enterprise for a new economy – you can be successful.  The Digital Economy attempts to answer the question on every business executive’s mind:  What does it all mean for my business?

The Age of Networked Intelligence is an age of promise.  It is not simply about the networking of technology but about the networking of humans through technology.  It is not an age of smart machines but of humans who through networks can combine their intelligence, knowledge, and creativity for breakthroughs in the creation of wealth and social development.  It is not just an age of linking computers but of internetworking human ingenuity.  It is an age of vast new promise and unimaginable opportunity.

Think about scientific research.  In the past, scientists would work with a powerful supercomputer to, say, simulate mechanisms of a biological cell membrane as a way to understanding the structure of biological molecules.  But as networking permeates the planet, computers everywhere can be marshaled concurrently to attack the problem.  Rather than a single expensive computer supporting a single group of scientists, a global network of computers can be internetworked to support distributed teams of scientists.  The network becomes the computer – infinitely more powerful than any single machine.  And networked human intelligence is applied to research, thus creating a higher order of thinking, knowledge – and maybe even internetworked consciousness – among people.

The same networking can be applied to business and almost every other aspect of human endeavor – learning, health care, work, entertainment.

Networking can change the intelligence of a business by bringing collective know-how to bear on problem solving and innovation.  By dramatically opening the channels of human communication, consciousness can be extended from individuals to organizations.  Unconscious organizations, like people, cannot learn.  Through becoming conscious, organizations can become able to learn – and that’s a precondition for survival.  Networked intelligence is the missing link in organizational learning and the conscious organization may be the foundation for the elusive learning organization.  And perhaps networked intelligence can be extended beyond organizations to create a broader awakening – social consciousness – in communities, nations and beyond.

But the Age of Networked Intelligence is also an age of peril.  For individuals, organizations, and societies that fall behind, punishment is swift.  It is not only old business rules but governments, social institutions, and relationships among people that are being transformed.  The new media is changing the ways we do business, work, learn, play, and even think.  Far more than the old western frontier, the digital frontier is a place of recklessness, confusion, uncertainty, calamity, and danger.  Some signs point to a new economy in which wealth is even further concentrated, basic rights like privacy are vanishing, and a spiral of violence and repression undermine basic security and freedoms.

Pervasive evidence exists that indicates the basic social fabric is beginning to disintegrate.  Old laws, structures, norms, and approaches are proving to be completely inadequate for life in the new economy.  While they are crumbling or being smashed, it is not completely clear what should replace them.  Everywhere people are beginning to ask, “Will this smaller world our children inherit be a better one?”

Unfortunately, when people look at the new age, they tend to focus on one side or the other – the promise or the peril.  Two camps have emerged:  those exhilarated by the promise and those terrified by what the new technology and economy are bringing.

I have attempted to present both sides and some new directions, perhaps to break down walls between these two extremes.  My goal is to equip you – today’s emerging business leader – with the insights you need to transform your business for success in the new economy.

If you accept the mantle of leadership, you can participate in achieving for yourself and all of us a world of unrequited peril and promise fulfilled.  If we all do it right, and do the right thing, the Age of Networked Intelligence can be an age of unprecedented wealth, fairness, true democracy, and social justice.  Read on.

Prime Minister Harper, why no Minister of Innovation?

harper1Stephen Harper just shuffled his cabinet and — surprising no one — he did not place any increased focus on our digital economy, or on Canadian innovation or productivity. This is another missed opportunity.

Canada has, at time of writing, 51 positions in our Canadian Ministry, including that of the Prime Minister. (The full list is here; the just-announced cabinet shuffle changed some names and a few specifics.) And reflecting our agrarian, resource and food-production history, we have ministers for Agriculture and Agri-Food, the Canadian Wheat Board, Minister of State (Agriculture), Fisheries and Oceans, and Natural Resources.

A number of other ministers have a role in these areas, but this rough list is sufficient for my point: we have five ministerial positions for an industry segment that, in total, contributes approximately $29 billion to our GDP. (According to Industry Canada figures from 2011, “GDP in the Agriculture, Forestry, Fishing and Hunting sector increased…to $29.1 billion in 2011.”)

So, five positions responsible for $29 billion in GDP.

Let’s compare that to the ICT (Information and Communications Technology) sector. In 2012, it contributed $62.3 billion to Canada’s GDP, according to a report from Canadian Government Executive. Or, to use Industry Canada’s figures, in 2011 ICT was responsible for $155 billion in national revenue.

Two ministers can be said to be responsible for this vast economic sector: the Minister of Industry and the Minister of State (Science and Technology). While Treasury Board is often associated with technology implementation, this is not part of the government’s official description of the position: “The Treasury Board is responsible for accountability and ethics, financial, personnel and administrative management, comptrollership, approving regulations and most Orders-in-Council.”

So, two (maybe three) ministerial positions for $62 billion in GDP. See the disparity?

And if we look at results delivered within those positions, the picture becomes dimmer. In 2009, then Industry Minister Tony Clement promised to deliver a national ICT action plan within a year. It never arrived. On August 28, 2012, Christian Paradis said: “I will launch a Canadian-made digital economy strategy by the end of the year.” Seven months after the end of 2012, there is still no plan.

Our list of ministers is reflective of our history: we put people in charge of critical areas that define us as a nation. To this point, we also have ministers of Aboriginal Affairs and Northern Development, the Economic Development Agency of Canada for the Regions of Quebec, the Atlantic Gateway, La Francophonie, Canadian Heritage and Official Languages, and others. And we should have those positions; these are important concerns that do reflect our nation.

At the same time, ICT is a huge sector of our economy, twice the size of Agriculture, Forestry, Fishing and Hunting combined. So why aren’t we concentrating on it? While I am pleased that James Moore was named Industry Minister, taking over from Christian Paradis, if he operates within the same framework of expectations and mandate then nothing will improve.

Again, we put people in charge of critical areas that define us. ICT is the defining industry of the future, worldwide. Other countries understand that. The Harper government has failed to deliver a national ICT strategy — despite repeated promises to do so — and today Harper missed an opportunity to put innovation on the national agenda.

Mr. Harper, if you want Canada to truly be a leader in the economy of the future, put someone in charge of innovation specifically and make him or her responsible for improving our sliding international ICT standing.

How The Cloud Can Keep Canadian Business Afloat

Canada’s been seeing a slight recovery from its recession recently, with bankruptcies declining slightly from one year to the next. Still, there are companies that can’t keep up with the excessive challenges that are appearing as a result of the harsh climate. How can we keep businesses in Canada, particularly domestic ones, solvent?

300px-Canada_flag_halifax_9_-047

One way to cure the illness is by introducing more businesses to the cloud. This includes providing cloud-based services that bring accessible and affordable enterprise-class services to them. Put simply, the cloud will save businesses money, in most cases. But it’s not just about money. In the business world, time is also an asset. The cloud also helps increase their productivity and get more done in less time. This essentially translates to less man hours necessary to pull off a project. In the end, less employees can get more work done. Or, when seen through other lenses, that same amount of employees can get even more work done.

Aside from that, organizations such as the Canada Cloud Network can provide avenues to better promote products and services on the Internet that would help businesses succeed. This creates “hubs” that businesses can use to get in touch with new and innovative Canadian cloud vendors that create the products they love the most.

In addition to all of these things, there’s one that should take center stage: The advocation of a framework that would allow businesses to do what they do best. In the current economic climate, a lot of businesses have been leaving Canada because of its inability to attract investment. When trying to find what’s causing this problem, people like to look through a microscope and examine small details of the bigger picture. Perhaps it’s time we actually stand back and look at the elephant in the living room. The country is riddled with problems that have created a quasi-hostile environment for businesses.

We can no longer afford to ask, “What can we do to solve these problems?” Instead, we must ask, “How can we work around these problems and provide an untampered medium by which businesses can peacefully operate?” The answer to the question, as always, is to make the cloud more known. We must raise awareness of the cloud, SaaS, and IDaaS services that can seriously slash their costs to fractions of what they used to be. We have to take advantage of the fluidity and flexibility of the Internet as a framework by which businesses will survive.

The one thing that Canada’s starting to lack in is innovation. New ideas don’t pop up as frequently as they do in other countries, and it’s mainly because people are afraid to get their feet wet. We must promote a strategy that will inspire people to create. Businesses often feel the need to get creative when they adopt new solutions that help them multiply their productivity and explore new methods for managing tasks.

How do we get businesses to adopt cloud solutions? The biggest barrier is security. Corporations feel rather vulnerable when thinking of the cloud because of the fact that they’re sharing it with many other concurrent users. They need to feel convinced that everything is safe. Sweet-talking them into a sale isn’t enough. We have to ensure that they have the facilities necessary to prevent attacks from happening. Another common fear is downtime. Cloud servers need to be more robust and the lines they operate on need to be ultra-stable. Otherwise, dissatisfied customers will refrain from ever again touching the cloud.

With these goals in mind, we can form a proper strategy:

  • Raise Canadian cloud vendor awareness through organizations like CCN.
  • Make Canadian cloud based services enticing to businesses looking for savings.
  • Participate in discussions regarding business innovation.
  • Enhance cloud security and entice businesses looking for security.
  • Enhance server and line stability.

It’s easier said than done. Most of the items on this list are nearly impossible to accomplish on an individual basis. It’s time for cloud vendors to organize and develop a concrete plan of action that would better give Canadian businesses the proper push they need to keep themselves alive. More investment in the cloud will one day be translated as more investment in Canada’s future.

The cloud can provide a resource more valuable than any commodity, reaching out to everyone from entrepreneurs to small businesses, and then to large conglomerates of corporations. Each of them can benefit from this great resource and share in its joy. What’s best for business is best for Canada’s national interest. By improving public and private sector operations, we improve the economy and, as a consequence, improve the lives of the country’s citizens.

Building a Culture of Innovation Through Cloud

As more organizations start planning for 2013 IT initiatives, a new ambiguous focus has started to emerge from the executive offices. IDC recently surveyed 135 North American CIOs and IT leaders, and found that while there was a huge interest in investing in mobile/wireless, SaaS, Cloud, social media and collaboration, the key driver for these investments was innovation.

Why has innovation suddenly become so important that it increased by a margin of 11% over last year’s results? Additionally, why has the focus on datacenter innovation increased from 52% to 61% from 2011-2012? The main reason is that with cloud, the datacenter has suddenly become the “foundational core” of an innovation strategy, comparing it to the “mainframe of yore but with easier access from a wider variety of devices.” Quite simply, executives see the datacenter and cloud as a way to redesign key systems while spurring new ways of doing business.

Most large organizations, especially those who have existed for over 20 years are burdened with legacy systems and inefficient workflows. These are the key reason why many of these organizations cannot make relatively quick decisions or design and launch new products and services in short timeframes. They are tied to large back-office systems that require maintenance simply to continue working, or require a significant investment to replace.

Executives have seen some of the changes that come with adopting new technology, especially through datacenter investments, and believe that by making investments in providing new technology platforms such as SaaS, they can ignite innovation in their organizations to help provide new streams of revenue through service and product innovation, while reducing back-end operating costs.

The problem is that outside these groups, the rest of the organization is not aligned. They do not see how these new investments will help other departments such as operations or marketing innovate. Additionally, many organizations provide an environment that shuns innovation because traditionally it was too cumbersome to listen to new ideas that required change to business workflows. This is a universal problem, not just limited to a specific sector, geographic region or organization size.

By allowing for more open platforms through cloud and virtualization, and leveraging mobile/wireless and business intelligence, organizations can not only empower employees to create new innovative ways to drive more business, but can also help reduce internal operating costs, promote collaboration and innovation, and adapt to market changes faster than through legacy business operation models.