Career Evolve is your partner in online learning and career development. Search our catalog of 28,000+ courses from over 21,000 top colleges and universities. Our partners have helped over 2 million students and continue to enroll over 30,000 students each month. Career Evolve provides you with access to free and affordable online training.
You can take courses in subjects varying from Philosophy to Computer Science or even Advanced Fiction Writing to Becoming a Physical Therapy Aide. Learn at your pace anytime and anywhere. Career Evolve also integrates with LinkedIn to profile your achievements to potential employers.
Whether you are searching for micro learning from providers, such as Coursera, EdX or courses from leading Universities like MIT, Stanford and Peking University, Career Evolve is the answer for affordable learning and shrinking training budgets.
Many cloud providers now offer a shared responsibility model for their customers. Expert Dave Shackleford looks at the major providers' models and what they might be missing.
As the use of cloud computing has grown, so has the concept of the shared responsibility model for data protection and cybersecurity in general. While not a new concept -- we've shared security responsibilities with most outsourcing arrangements for many years -- the nature of shared security responsibilities has changed with the advent of the cloud. In a recent whitepaper, Microsoft made it clear that it supports shared responsibility in the cloud, but not all shared responsibility models are created equal. Microsoft stated that defining data classification and protection controls are the responsibility of the customer, and progress down through the cloud computing stack, describing application and operating system controls, network capabilities and the underlying host infrastructure that includes hypervisors, storage components, redundancy and scalability tools and more. The following breaks down the basic responsibility model Microsoft describes in its paper:
Data protection and classification: Customer responsibility in all models;
Endpoint and client protection: These are the responsibility of the customer except in software as a service environments, where the responsibility is shared. An example would be mobile device security when using Microsoft InTune;
Identity and access management: With SaaS and platform as a service (PaaS) offerings, identity and access management is shared, but is the responsibility of the customer entirely in IaaS environments;
Application level control: Naturally, application level controls within SaaS offerings are secured by the providers. PaaS offerings are shared, and infrastructure as a service (IaaS) requires the customer to secure the application stacks they deploy;
Network control: This is very limited, and only partial network configuration is available within IaaS; the provider controls everything else; and
Host infrastructure: Much like the network, the underlying computer stack is largely managed by providers entirely -- only in IaaS environments will consumers have any access to or control over some of these capabilities.
Shared responsibility models in other cloud providers
Amazon Web Services follows a similar model. AWS breaks down the responsibility model into two primary categories: security in the cloud, and security of the cloud. Security in the cloud is the responsibility of the customer, and this includes data protection, identity and access management, operating system configuration, network security -- access controls -- and encryption. AWS is responsible for the underlying pieces of the infrastructure, including the compute elements, storage infrastructure, databases and networking.
Most other cloud providers follow a similar model to Microsoft's and Amazon's. CenturyLink has a published shared responsibility model that also includes secure coding as one of its core responsibilities. Google does not have a public site or document describing its shared responsibility model for the Google Cloud platform, but it does have a document specifically outlining shared responsibility in its cloud for meeting PCI DSS compliance. All cloud providers are wholly responsible for physical security of their data center environments.
What's missing from the shared responsibility model?
One area that shared responsibility models rarely cover is in security processes and workflows. For example, who is responsible for what aspects of incident response in the cloud? Microsoft attempts to address this in another recently published whitepaper that describes its concept of shared responsibility for incident response. For any areas of customer responsibility -- within a VM running in the Azure IaaS cloud, for example -- Microsoft does not perform intrusion monitoring or incident response. For Microsoft's areas of responsibility, it details the roles and responsibilities of all team members, as well as notifications and communications for each stage and steps taken within the internal incident response teams.
Currently, most other providers offer little guidance in the way of security process responsibilities, leaving this somewhat of a mystery to many until contracts are reviewed. Hopefully, more large providers will follow Microsoft's lead and document all responsibility aspects of both security controls maintenance and security processes and workflows in the near future.
Have you lately been confronted with questions like:
How can technology help us to differentiate ourselves and create that much needed competitive edge?
Are new technology-solutions the answer to cost saving and efficiencies?
What is needed for IT to become a trusted technology partner to the business?
The technology landscape is changing too quickly, how do we keep up and stay relevant?
If so, you are not alone. These are the questions facing management more than ever today. Asking the right questions is absolutely critical in leading change and truly understanding the value proposition of technological developments. Perhaps even more so is facing the truth of why these questions exist in the first place. We have seen way too many instances where it is often the very person or department that is supposed to lead the charge of keeping up with game changing new technologies that can be the very thing that is hindering businesses to change quickly with the times.
The truth is that in general, we find a large adversity to change, coupled with an attachment to legacy systems and traditional ways of doing business. This phenomenon can be contributed largely to the vast amounts of money and time invested in legacy or in-house developed systems, the complacency to learn and introduce new processes, and hypersensitivity around control, or perhaps just the fear of the unknown. Venturing into areas where weaknesses could be exposed is quite daunting. So coupling the glaring lack of skill and capability, coupled with the speed at which change is happening and it’s understandable why IT management and departments are struggling to find its “Uber” moment and keep up with modern business demands.
Over and above, complex legacy systems and IT environments, limited budgets, security threats and keeping abreast of day to day operations – the skills crunch is finally rearing its head, especially when it comes to new game changing emerging technologies.
Cloud computing is one of these technologies that have already changed the game of business and it affects every organisation in some way. There is an upward trend in organisations utilising Cloud-based solutions, but most of them do not have the skills to optimise their solutions for maximum return on investment or to deliver differentiating value.
There is a large Cloud skills gap in the market and this trend is widening.
Cloud related skills are listed on the top of the skills shortage list to be recruited by CIO’s.
LinkedIn just released that Cloud and Distributed computing has moved to the number 1 hottest and most difficult skill to find in 2017.
Up until now the problem has been that this “new skill” requirement comes at a top dollar cost and an even greater threat of limited return on investment (mostly because job hopping is the order of the day).
What is the real problem you may ask? There is a massive scarcity of Cloud skills in our current market.
At Mariana Carroll Consulting we’ve seen the needs in the market and with our global partnership with the Cloud Credential Council (CCC), we are bringing to Africa, an industry first. Our Cloud Certification portfolio is based on globally accepted, vendor neutral content that is practical and highly relevant to close this skills gap. We pride ourselves in delivering value-added services. For us, practical applicability and relevancy are key. We want to put something of value into your hands and help you accelerate, not only your career, but the value you deliver to your organisation.
So where to from here?
As a first step, it’s worth exploring and testing your current Cloud skills. You can take the quiz here: https://cloudcredential.typeform.com/to/Abl2Hq (Or why not, for a yet even bigger challenge, get your entire team to take the test and compare your Cloud Skills aptitude).
Secondly, explore our very exciting 2017 training catalogue and commit to differentiate yourself and your team by enrolling to one of our Cloud Certifications.
Thirdly, let us know your requirements. We would love to come alongside you on this exciting journey of exploring the “art of the possible”, differentiating yourself to create that much needed competitive edge, cost savings, efficiencies and productivity, and to truly become that trusted technology partner to your organisation.
We look forward connecting with you. Contact us today at mariana@marianacarroll.com.
Cloud migration presents unforeseen challenges for those that fail to prepare. In hindsight, companies often realize that preparation for cloud migration is more of a strategic endeavor that allows organizations of all sizes and verticals to adopt their approach and mindset in a way that best suits their unique requirements. Following are five cloud migration strategy tips your organization should follow:
Cloud Migration Strategy Tip 1 – Develop a Realistic Plan
The migration team and the vendors must discuss all the possible details regarding the legacy system. This will help to minimize the unknown variables that may exist and uncover issues that may emerge in the future. This approach will allow your organization to create, keep, migrate or remove different aspects.
During this phase you should define a realistic scope of your migration plan by explaining your definition of success. Do you want everything to be functioning exactly the way it did or does your legacy system need enhancements? Do you need a specific process or application to run first?
A good definition of success will help you narrow the scope of the project, allowing you to create a realistic migration plan that works well the first time.
Cloud Migration Strategy Tip 2 – Manage Timelines & Deliverables
Time is money. Effective time management of all the resources of the project will help you control the budget and reduce overheads. Review and confirm your time and scope estimations for all tasks and activities defined in the project structure. Test network speeds to estimate data transfer time and allow plenty of time for testing and validation.
Cloud Migration Strategy Tip 3 – Minimize Security Risks
To minimize security risks and avoid breaches to sensitive information you should review compliance requirements, firewall policies, and add multiple layers of security such as intrusion detection systems, web-application firewalls and logs. This is especially important considering a recent White Hat Security report, which suggests 85 percent of all websites have at least one serious vulnerability, and most of the time, more than one.
Cloud Migration Strategy Tip 4 – Test, Validate and Test Again
Allow enough time for testing, especially before the final cutover approaches. You should run your test plan multiple times throughout the different phases of the project, before cutover and post-cutover.
Cloud Migration Strategy Tip 5 – Communicate Expectations
The most common mistake in migrations is lack of communication that results in unmet expectations. Oftentimes, the client may expect the migration team to do everything with almost no involvement on their part or perhaps the migration team assumes that the client knows exactly their role in the project.
Make sure all parties the details that can change the approach of how the data is migrated, such as, cutover expectations, allowable downtime, length of windows and specific deadlines. Other important factors for consideration include the assignment of roles and responsibilities, approval of maintenance windows, communication with end users during outages and execution/assignment details of test plans.
Successful cloud migration is inherently dependent upon your risk assessment, cloud migration strategy, and the ability and time to address technical or business challenges that may arise. This can be achieved with proper planning, sufficient time for multiple tests in throughout the project and most importantly, an effective communication between all members of the migration team, where expectations between each other are thoroughly addressed.
As more and more IT systems are externalised, making sure you pick the right cloud providers has become critical to long-term success.
However, the available market is vast, with a myriad of providers offering an even larger number of services. From market giants like Microsoft, Amazon and Google through to smaller niche players offering bespoke services.
So how do you select the right cloud provider from so many? The answer is a defined selection and procurement process appropriately weighted towards your unique set of needs.
We’ve distilled the key factors into a definitive list of 8 consideration areas.
For a complete and comprehensive cloud adoption guide, including how to assess cloud service providers – see our online e-learning courses
Timing – When to select a cloud provider?
Before you can effectively select a suitable provider you need to understand your specific business needs. This sounds pretty obvious, but clarifying your specific requirements and minimum expectations, in advance of assessing providers ensures you are comparing them all against your checklist, instead of comparing one against the other. This is the quickest way to move from long list to short list.
Armed with clarity on technical, service, security, data governance and service management requirements, you can more effectively interrogate your select group of potential providers.
It’s also worth noting, when migrating applications and workloads to the cloud, the specific environments you choose and the services offered by your cloud service provider will determine the configurations needed, the work you need to do and the help you can get from the provider in doing it.
Ideally, therefore, you should choose your providers after you have identified your cloud migration candidates but in parallel with analysing and preparing these workloads for migration.
How to pick a cloud service provider? Use these 8 key areas for consideration.
When it comes to selecting a cloud provider, the requirements you have and evaluation criteria you use will be unique to your organisation. However, there are some common areas of focus during any service provider assessment.
We have grouped these into 8 sections to help you effectively compare suppliers and select a provider that delivers the value and benefits your organisation expects from the cloud.
Providers that comply with recognised standards and quality frameworks demonstrate an adherence to industry best practices and standards. While standards may not determine which service provider you choose, they can be very helpful in shortlisting potential suppliers.
For instance, if security is a priority, look for suppliers accredited with certifications like ISO 27001 or the government’s Cyber Essentials Scheme.
Extract from CIF E-learning module 8 – Cloud Service provider selection.
There are multiple standards and certifications available. The image above illustrates some of the more common organisations that provide standards, certifications and good practice guidance.
More generally, look out for structured processes, effective data management, good knowledge management and service status visibility. Also understand how the provider plans to resource and support continuous adherence to these standards.
Technologies & Service Roadmap
Technologies
Make sure the provider’s platform and preferred technologies align with your current environment and/or support your cloud objectives.
Does the provider’s cloud architectures, standards and services suit your workloads and management preferences? Assess how much re-coding or customisation you may have to do to make your workloads suitable for their platforms.
Many service providers offer comprehensive migration services and even offer assistance in the assessment and planning phases. Ensure you have a good understanding of the support on offer and map this against project tasks and decide who will do what. Often service providers have technical staff that can fill skills gaps in your migration teams.
However, some large scale public cloud providers offer limited support and you may need additional 3rd party support to fill the skills gaps: ask the platform provider for recommended 3rd party partners that have experience and extensive knowledge of the target platform.
Service roadmap
Ask about the provider’s roadmap of service development – How do they plan to continue to innovate and grow over time? Does their roadmap fit your needs in the long term?
Important factors to consider are commitments to specific technologies or vendors, and how interoperability is supported. Also can they demonstrate similar deployments to the ones you are planning?
For SaaS providers in particular a features, service and integration roadmap is highly desirable.
Depending on your particular cloud strategy, you may also want to evaluate the overall portfolio of services that providers can offer. If you plan to use separate best of breed services from a broad mix of provider then this is not as relevant, but if your preference is to use only a few key cloud service providers, it is important for those service providers to offer a good range of compatible services.
Data Governance and security
Data management
You may already have a data classification scheme in place that defines types of data according to sensitivity and/or policies on data residency. At the very least you should be aware of regulatory or data privacy rules governing personal data.
With that in mind, the location your data resides in, and the subsequent local laws it is subject to, may be a key part of the selection process. If you have specific requirements and obligations, you should look for providers that give you choice and control regarding the jurisdiction in which your data is stored, processed and managed. Cloud service providers should be transparent about their data centre locations but you should also take responsibility for finding this information out.
If relevant, assess the ability to protect data in transit through encryption of data moving to or within the cloud. Also, sensitive volumes should be encrypted at rest, to limit exposure to unapproved administrator access. Sensitive data in object storage should be encrypted, usually with file/folder or client/agent encryption.
Look to understand the provider’s data loss and breach notification processes and ensure they are aligned with your organisation’s risk appetite and legal or regulatory obligations.
The CIF Code of Practice framework has some useful guidance to help identify relevant security and data governance policies and processes as part of a provider assessment.
Information security
Ensure you assess the cloud provider’s levels of data and system security, the maturity of security operations and security governance processes. The provider’s information security controls should be demonstrably risk-based and clearly support your own security policies and processes.
Ensure user access and activity is auditable via all routes and get clarity on security roles and responsibilities as laid out in the contacts or business policies documentation.
If they are compliant with standards like the ISO 27000 series, or have recognised certifications, check that they are valid and get assurances of resource allocation, such as budget and headcount to maintain compliance to these frameworks.
Ask for internal security audit reports, incident reports and evidence of remedial actions for any issues raised.
Service Dependencies & Partnerships
Vendor relationships
Service providers may have multiple vendor relationships that are important to understand.
Assessing the provider’s relationship with key vendors, their accreditation levels, technical capabilities and staff certifications, is a worthwhile exercise. Do they support multivendor environments and can they give good examples.
Think about whether the services offered fit into a larger ecosystem of other services that might compliment or support it. If you are choosing a SaaS CRM for instance – are there existing integrations with finance and marketing services? For PaaS – is there a cloud marketplace from which to buy complimentary services that are preconfigured to integrate effectively on the same platform?
Subcontractors and service dependencies
It’s also important to uncover any service dependencies and partnerships involved in the provision of the cloud services. For example, SaaS providers will often build their service on existing IaaS platforms, so it must be clear how and where the service is being delivered.
In some cases there maybe a complex network of connected components and subcontractors that all play a part in delivering a cloud service. It’s vital to ensure the provider discloses these relationships and can guarantee the primary SLAs stated across all parts of the service, including those not directly under its control. You should also look to understand limitations of liability and service disruption policies related to these subcomponents.
In general, think twice before considering providers with a long chain of subcontractors. Especially with mission critical business processes or data governed by data privacy regulations.+
The Code of Practice requires explicit clarification of service dependencies and the implications on SLAs, accountability and responsibility.
Contracts, Commercials & SLAs
Contracts & SLAs
Cloud agreements can appear complex, and this isn’t helped by a lack of industry standards for how they are constructed and defined. For SLAs in particular, many jargon-happy cloud providers are still using unnecessarily complicated, or worse, deliberately misleading language.
This is being addressed to some degree with the latest revision of the ISO standards for Service level agreements ISO/IEC 19086-1:2016, this revision is a useful framework to use when assessing providers’ agreements.
In general, agreements range from out of the box “terms and conditions”, agreed online, through to individually negotiated contracts and SLAs.
The size of CSP vs the customer is a factor here. Smaller CSPs are more likely to enter into negotiations but may be more likely to agree custom terms that they might not be able to support. Always challenge providers that are prepared to offer flexible terms to provide details on how they plan to support this variation, who is responsible for this variation and what are the processes used to govern this variation.
We cover contracts, SLAs and cloud law in module 10 of our online training programme. Key factors to consider with contracts are:
Service delivery
Look for a clear definition of the service and deliverables. Get clarity on the roles and responsibilities relating to the service (delivery, provisioning, service management, monitoring, support, escalations, etc.) and how that is distributed between customer and provider. How is service accessibility and availability managed and assured (Maintenance, incident remediation, disaster recovery, etc.). How do these policies fit with your requirements?
Data policies and protection
Assess a provider’s security policies and data management policies particularly relating to data privacy regulations. Ensure there are sufficient guarantees around data access, data location and jurisdiction, confidentiality and usage /ownership rights. Scrutinise backup and resilience provisions. Review data conversion policies to understand how transferable data maybe if you decide to leave.
Business terms
There are a myriad of terms covered in the training module and your circumstances will dictate which are important, but key considerations include:
Contractual and service governance, including to what extent the provider can unilaterally change the terms of service or contract.
What are the policies on contract renewals and exit or modification notice periods.
What insurance policies, guarantees and penalties are included and what caveats accompany them.
And to what extent is the provider willing to expose their organisation to auditing operations and compliance to policies.
Legal Protections
Specific terms relating to Indemnification, Intellectual property rights, Limitation of liability and warranties should be standard terms in providers’ contracts. However, the parameters relating to each should be scrutinised. Typically these protections are often the most hotly contended as customers look to limit their exposure to potential data privacy claims following a breach and at the same time providers look to limit their liability in cases of claims.
Service level agreements
SLAs should contain 3 major components:
Service level objectives
Remediation policies and penalties/incentives related to these objectives
Exclusions and caveats.
Service level objectives (SLOs) typically cover: accessibility, service availability (usually uptime as a percentage), service capacity (what is the upper limit in terms of users, connections, resources, etc.), response time and elasticity (or how quickly changes can be accommodated). There are often others depending on how terms are distributed between contract and SLA.
Look for SLOs that are relevant, explicit, measurable and unambiguous. They should also be auditable if possible and clearly articulated in the service level agreement.
SLAs should also specify how issues should be identified and resolved, by who and in what time period. They will also specify what compensation is available and the processes for logging and claiming, as well as listing terms that limit the scope of the SLA and list exclusions and caveats.
Close scrutiny of these terms is important, as often service credit calculations are complex – ask for worked examples or better still give all shortlist providers the same imaginary downtime scenario and compare the difference in compensation.
Cloud commercials
Each cloud service provider has a unique bundle of services and pricing models. Different providers have unique price advantages for different products. Typically, pricing variables are based on the period of usage with some providers allowing for by the minute usage as well as discounts for longer commitments.
Extract from CIF E-learning module 8 – Cloud Service provider selection
The most common model for SaaS based products is on a per user, per month basis though there may be different levels based on storage requirements, contractual commitments or access to advanced features.
PaaS and IaaS pricing models are more granular, with costs for specific resources or ‘resource sets’ consumption. Aside from financial competitiveness look for flexibility in terms of resource variables but also in terms of speed to provision and de provision.
Application Architecture that allows you to scale different workload elements independently means you can use cloud resources more efficiently. You may find that your ability to fine tune scalability is affected by the way your cloud service provider packages its services and you'll want to find a provider that matches your requirements in this regard.
Reliability & Performance
There are several methods you can use to measure the reliability of a service provider.
First, check the performance of the service provider against their SLAs for the last 6-12 months. Some service providers publish this information, but others should supply it if asked.
Don’t expect perfection: downtime is inevitable and every cloud provider will experience it at some point. It’s how the provider deals with that downtime that counts. Ensure the monitoring and reporting tools on offer are sufficient and can integrate into your overall management and reporting systems.
Ensure your chosen provider has established, documented and proven processes for dealing with planned and unplanned downtime. They should have plans and processes in place documenting how they plan to communicate with customers during times of disruption including timeliness, prioritisation and severity level assessment of issues.
Be aware of remedies and liability limitations offered by the cloud provider when service issues arise.
Disaster recovery
Look to understand the provider’s disaster recovery provisions, processes and their ability to support your data preservation expectations (inc. recovery time objectives). This should include criticalness of data, data sources, scheduling, backup, restore, integrity checks, etc.
Roles and responsibilities, escalation processes and who has the burden of proof, all must be clearly documented in the service agreement. This is vital, as in many cases, your team may be responsible for implementing some of these processes.
Consider purchasing additional risk insurance if the costs associated with recovery are not covered by the provider’s umbrella terms and conditions.
Migration Support, Vendor Lock in & Exit Planning
Vendor lock-in, is a situation in which a customer using a product or service cannot easily transition to a competitor. Vendor lock-in is usually the result of proprietary technologies that are incompatible with those of competitors. However, it can also be caused by inefficient processes, or contract constraints, among other things.
Cloud services that rely heavily on bespoke or unique proprietary components may impact your portability to other providers or in-house operations. This is especially true if applications have to be re-architected in order to run on a service provider platform.
Avoid the risk of vendor lock in by ensuring your chosen provider has minimal use of proprietary technology or you minimise the use of services that limit your ability to migrate or transition away.
Extract from CIF E-learning module 8 – Cloud Service provider selection
Ideally select value added services that have competitive and comparable alternatives in the market and put policies in place to periodically review the options to minimise lock-in risk.
Also be wary of “enhancement creep”, where service providers modify configurations, policies, technologies etc, and in doing so introduce lock-in factors as part of your service.
Finally, while there are some compelling benefits in working with one or a few key providers you should balance these benefits with the risks of becoming too entangled with any one supplier.
Exit provisions
Similarly, ensure you have a clear exit strategy in place at the start of your relationship. Moving away from a CSP’s service isn’t always an easy or smooth transition, so it’s worth finding out about their processes before signing a contract.
Furthermore, consider how you’ll access your data, what state it will be in and for how long the provider will keep it.
Business health & Company profile
Assessing the technical and operational capabilities of a potential supplier is obviously important, but take time to consider the financial health and profile of your shortlisted providers.
The most compatible or most competitive cloud service is immaterial if the provider doesn’t have a sound business. Make sure your main providers are a good fit for the long term.
As Microsoft say in their short guide on provider selection: ‘The provider should have a track record of stability and be in a healthy financial position with sufficient capital to operate successfully over the long term”. If a service provider gets into trouble it may not have the financial resources to refund your losses, regardless of good intentions and contract assurances.
Try and establish if the organisation has had any past legal issues, has been, or is being sued and how they respond to legal challenges - ask directly or do your own research.
Ask about any planned corporate changes, mergers and acquisitions, or business aspirations.
Get a good handle on the competitive position and aspirations of the provider, use analyst profiles, online reviews and market research to get a sense of their market status.
Sometimes looking at the history of the management team via networks like LinkedIn can be very revealing – do previous roles show consistent performance and good corporate governance.
What type of customers do they have and what markets do they count as important – vertical emphasis may prompt investment in valuable niche offerings.
Summary
Include hard and soft factors in your assessment of prospective providers: recognise and validate both the certifications and standards they adhere to, but also what their customers say about them in case studies and testimonials.
Think long-term to avoid lock-in – avoidance of proprietary technologies and a clearly defined exit strategy will avoid a lot of headaches down the line.
Take time to establish workable SLAs and contractual terms – they’re the main form of assurance you have that the services will be delivered as agreed.
Once your Small Business has decided to make the move to cloud computing, your next step is to select a cloud service provider. It’s vital to assess the reliability and capability of a service provider that you plan to entrust with your organization’s applications and data. Some things to consider are the following criteria:
Business health and processes
Financial health. The provider should have a track record of stability and be in a healthy financial position with sufficient capital to operate successfully over the long term.
Organization, governance, planning, and risk management. The provider should have a formal management structure, established risk management policies, and a formal process for assessing third-party service providers and vendors.
Trust. You should like the company and its principles. Check the provider’s reputation and see who its partners are. Find out its level of cloud experience. Read reviews, and talk to customers whose situation is similar to yours.
Business knowledge and technical know-how. The provider should understand your business and what you’re looking to do and be able to match it up with their technical expertise.
Compliance audit. The provider should be able to validate compliance with all of your requirements through a third-party audit.
Administration support
Service Level Agreements (SLAs). Providers should be able to promise you a basic level of service that you are comfortable with.
Performance reporting. The provider should be able to give you performance reports.
Resource monitoring and configuration management. There should be sufficient controls for the provider to track and monitor services provided to customers and any changes made to their systems.
Billing and accounting. This should be automated so that you can monitor what resources you’re using and the cost, so you don’t run up unexpected bills. There should also be support for billing-related issues.
Technical capabilities and processes
Ease of deployment, management, and upgrade. Make sure the provider has mechanisms that make it easy for you to deploy, manage, and upgrade your software and applications.
Standard interfaces. The provider should use standard APIs and data transforms so that your organization can easily build connections to the cloud.
Event management. The provider should have a formal system for event management that’s integrated with its monitoring/management system.
Change management. The provider should have documented and formal processes for requesting, logging, approving, testing, and accepting changes.
Hybrid capability. Even if you don’t plan to use a hybrid cloud initially, you should make sure the provider can support this model. It has advantages that you may wish to exploit at a later time.
Security practices
Security infrastructure. There should be a comprehensive security infrastructure for all levels and types of cloud services.
Security policies. There should be comprehensive security policies and procedures in place for controlling access to provider and customer systems.
Identity management. Changes to any application service or hardware component should be authorized on a personal or group role basis, and authentication should be required for anyone to change an application or data.
Data backup and retention. Policies and procedures to ensure integrity of customer data should be in place and operational.
Physical security. Controls ensuring physical security should be in place, including for access to co-located hardware. Also, data centers should have environmental safeguards to protect equipment and data from disruptive events. There should be redundant networking and power and a documented disaster recovery and business continuity plan.
Experts say blockchain has a bright future, much like the optimistic predictions the industry had for the cloud 10 years ago.
HALF MOON BAY, Calif. – Experts at a recent technology conference agreed that blockchain has a bright future, but warned it may be a rocky ride until that future arrives. Blockchain is a distributed database that uses a secure digital ledger of transactions that users can share across a computer network. It’s also the technology behind virtual currency bitcoin.
“When you are at the leading edge there will be mistakes. People will get a lot wrong in the next five years. I think of it kind of like running with scissors,” says Constellation Research analyst Steve Wilson at the Oct. 26 Connected Enterprise conference hosted by his company.
But blockchain enthusiast Richie Etwaru, chief digital officer at IMS Health, had a different take. He started by pointing to the colorful pair of sneakers he was wearing and noted he bought them using bitcoin, the controversial digital currency that’s been plagued by security issues.
“I think blockchain is the biggest thing I’ve seen in my life,” says Etwaru. “I work in healthcare and bitcoin to blockchain is like what AOL chat was to the internet, and bitcoin is only one substantiation of blockchain.”
Blockchain can help the healthcare industry build trust
In the healthcare industry Etwaru says blockchain can help establish new business models that overcome what he describes as the massive absence of trust that exists today among patients, doctors, the pharmaceutical industry and the government.
“We started thinking of how we can engineer trust into the network and the distributed ledger (i.e. blockchain) is a great way to solve the trust issue because the information is owned by everyone and no one, and can be seen by everyone and no one,” he says. “It’s immutable, you can’t reverse it, it’s pretty decently encrypted and it can be permissions-based.”
One example Etwaru points to is that trials for new drugs are often flawed because patients don’t trust how their information is going to be used. “With blockchain you could do things like citizen research for healthcare. There could be autonomous organizations like a Wikipedia of research on cancer based on an abundance of trust enabled by blockchain,” said Etwaru.
Blockchain can disrupt the cybersecurity landscape
Mike Kail,chief innovation officer at Cybric, a company that’s looking to “disrupt the cybersecurity landscape” with new services, says blockchain has got people thinking differently about what’s possible.
Kail says blockchain technology promises to change the status quo of having to trust a broker to complete financial transactions to a system of automated, verifiable transactions that eliminates the middleman. Speaking more broadly, he says blockchain can bring more efficiency to every company with a supply chain challenge.
For companies looking to test the blockchain waters he suggests figuring out a small use case where you can apply blockchain methodology and monitor the results.
Another speaker, Shawn Wiora, cofounder and CEO of Maxxsure, a cybersecurity and cyber insurance company, is using blockchain to offer new kinds of services. “We’re able to offer things like variable premiums for a cyber insurance policy that changes as your cyber profile changes,” said Wiora. “Does anyone else offer that?” he asked rhetorically.
But even with some companies already innovating, veteran Silicon Valley product executive Chirag Mehta says blockchain’s best days are clearly ahead of it. “Blockchain looks like what the cloud looked like 10 or 15 years ago,” says Mehta, a former executive at SAP and adjunct professor at Santa Clara University where he teaches such topics as web services and cloud computing to graduate students.
One difference he sees vs. the cloud though that’s surprised him, is that companies big and small seem to be interested in exploring blockchain’s potential. “Big companies weren’t as interested in the cloud in the early days,” says Mehta. “They weren’t as ready to jump in.”
What blockchain does really well, he adds, is provide the technical integrity necessary to let you trust a series of events. “But don’t confuse that with security,” he emphasized.
If blockchain needs a blue chip, big name advocate it has one in IBM. Aron Dutta, global head of blockchain at IBM, says he’s already running blockchain technology globally across industries. He sees blockchain as giving companies a way to rethink business models and make more money.
Dutta says he has over 4,000 PhDs and 100,000 consultants he can call on to aid his work at IBM, so stay tuned. “It’s not about use cases,” he emphasizes. “It’s about business models.”
The Health IT Workforce Curriculum was developed for U.S. community colleges to enhance workforce training programmes in health information technology. The curriculum consist of 20 courses of 3 credits each. Each course includes instructor manuals, learning objectives, syllabi, video lectures with accompanying transcripts and slides, exercises, and assessments. The materials were authored by Columbia University, Duke University, Johns Hopkins University, Oregon Health & Science University, and University of Alabama at Birmingham. The project was funded by the U.S. Office of the National Coordinator for Health Information Technology. All of the course materials are available under a Creative Commons Attribution-Non Commercial-ShareAlike 3.0 License.
Component 1 - Introduction to Healthcare and Public Health in the US
Component Overview: This component is a survey of how healthcare and public health are organized and services delivered in the US. It covers public policy, relevant organizations and their interrelationships, professional roles, legal and regulatory issues, and payment systems. It also addresses health reform initiatives in the US.
Unit Title Meaningful Use of Health Information Technology
Unit Overview: The Health Information Technology for Economic and Clinical Health (HITECH) Act of the American Recovery and Reinvestment Act (ARRA) legislated incentives for the meaningful use of health information technology. This unit describes the meaningful use program of HITECH, eligibility for incentive payments, and the criteria for achieving those payments in Stage 1 of the program. It also describes the standards specified for Stage 1 of meaningful use, including those devoted to privacy and security.
After being a Stock Photographer on Many different stock sites , every site has it's ups and downs. Dreamstime has many perks! They Accept almost everything. They have wonderful Media Sharing Options. Which helps with exposure and linking to other free sights like Facebook that can help your exposure.
there are many things I love about dreamstime , so even if you don't see the money rolling in right at the beginning don't get discouraged. Stock sites are about Time+number of Uploads+Quality+Keywording=MONEY
So first step. Subject matter and Keywords. They go hand in hand.
A Good Subject will be Easy to Keyword and will be searched often.
That is my top Downloaded Filed. 19 downloads , 753 views...
Seems like Water Reflections like this always sell. Any city , any lake , any river , any water source , as long as its still and a good mirror Image , it will eventually sell. But still , you want to be the best image of your keyword phrase. For every sunset or sunrise , try to match it with the same location with a DEEP BLUE SKY and SUN. SUN SUN SUN .
Energy. Energy is always a good subject matter. If you are like me , I don't really like taking pictures of Humans or Kids , I simply enjoy getting away from everything and having that Peace and Quiet. I love taking colorful sunset and sunrise shots when the light makes a once in a lifetime picture that is hard to replicate. ALL ENERGY PICTURES SELL , but I enjoy shooting Solar and Wind Energy the most so that is what I do. But recently I have felt a need to Expose Pollution and Climate Change by exploiting it through Photography. Photography captures moments that will last a generations, just like the Oil Pollution and Carbon We release.
Can't go wrong with a Bridge. Unlike Donald J Trump I am not a fan of WALLS , more of a Bridge Photographer. I like helping people. I like coming together and spanning across two different styles. In Austin , Texas we have the Pennybacker Bridge and it is one of the Most Popular Photos of Austin Texas. Landmarks and Good Locations are good starts. Austin Texas sells Better than Corpus Christ , Texas , but Dallas Texas sells better than San Antonio Texas. Location Location Location.
And one last thing... Always go with your heart. As long as your having fun , and motivated to Take good quality pictures and at the same time enjoy what you are doing. You will be Successful.
Take steps toward a new career in game development by building a foundation to design games in a wide variety of genres for different audiences and platforms.
Whether you want to learn conversational Japanese for travel or just for fun, you'll find this course makes it easy and enjoyable for beginners to master the essentials of the
Japanese language.
