If you aren’t familiar with the Cisco IT eStore and Cisco Prime Service Catalog, this intro video provides a great overview:
Now we are very proud to announce that Cisco IT has won not just one more, but four new honors: the 2014 “Stevie” Awards from International Business Awards.
The Stevie Awards, which honor and generate public recognition of achievements and positive contributions of organizations and working professionals, feature some of the most exciting work in business and information technology.
This year, the team behind the Cisco IT eStore was recognized with a Gold Stevie Award for Information Technology Team of the Year. As this internal implementation of Cisco Prime Service Catalog grows in scale, this team has been working to rapidly deploy new services (whether desktop applications or data center infrastructure) and new capabilities (e.g. a new mobile interface) to provide a single, one-stop shop for all IT services at Cisco. It’s effectively the internal “IT app store” within Cisco for all employees.
For more information on the Cisco IT eStore initiative, you can check out the case study here, my write-up on the eStore here, Adel du Toit’s blog post on the Cisco IT initiative here, and a great overview session from our recent Cisco Live conference here.
Cisco IT also took home a Silver Stevie Award for their innovative work on our internal Lightweight Application Environment (LAE) – an innovative platform-as-a-service deployment that’s also powered by Cisco Prime Service Catalog as well as other tools including Jenkins and OpenShift.
Within Cisco, we have a private cloud – dubbed the Cisco IT Elastic Infrastructure Services (CITEIS) – that offers infrastructure-as-a-service with ready-to-go server, storage, and network resources for development teams. Together, CITEIS and the Lightweight Application Environment allow Cisco application developers to focus on application coding and testing, not on the underlying infrastructure or platform. The LAE is called “lightweight” because the ordering and provisioning processes places very light demands on developers.
For both and CITEIS and LAE, the eStore (Cisco Prime Service Catalog) gives developers an easy-to-use, self-service portal for ordering and provisioning their application environment – providing on-demand access to the infrastructure as well as the required operating system, middleware, and system functions without manual provisioning by Cisco IT. All the resources they need are delivered just a few minutes after the developer orders them. Here’s an example screenshot:
You can read more about how Cisco IT enabled this Lightweight Application Environment in this blog post here.
The final two Stevie Awards for Cisco IT this year were a Silver & Bronze medal for the Information Technology Executive of the year – awarded to our very own V C Gopalratnam (Cisco IT Vice President) and Michael Myers (Cisco’s Senior Director of Information Systems for Cloud Orchestration and Platform Service) respectively.
V C and Michael have played key roles in both the aforementioned CITEIS and LAE initiatives, enabling IaaS and PaaS via the Cisco IT eStore and Cisco Prime Service Catalog. We’re excited that these executives are being recognized for their leadership, and we look forward to what lies ahead for the Cisco IT and eStore team going forward.
You’ll want to learn how Cisco’s John Manville leveraged an internal, private, infrastructure-as-a-service cloud to drive business value.
View John Manville’s Cloud Insights Video Podcast
John Manville is responsible for Cisco’s Global IT infrastructure – which includes the data centers, networks, platforms and more. Overall, John’s role is to implement Fast IT, which is really about being adaptable and responsive to business needs.
What technology helps drive this responsiveness and adaptability? “There are many solutions that can help, but if I had to sum it up in one word, that word is cloud” replied John .
Cisco uses internal cloud technology for several important business imperatives. Through the cloud, we are balancing internal IT workloads and providing our engineering team the tools needed for OS development. We are also using the internal cloud for external capabilities. For example, Cisco Smart Services uses our internal cloud to offer services to external customers.
Recently, John had the chance to participate in a new Cloud Insights Video Podcast to discuss the challenges his team faced prior to cloud implementation. Like most IT teams, they were challenged by speed of delivery of business capabilities, driving Total Cost of Ownership (TCO) down and completing maintenance on the underlying infrastructure with minimal impact on the business users or applications they need on a daily basis.
To offset these challenges, his team developed and deployed CITEIS (Cisco IT Elastic Infrastructure Services), an internal, private, infrastructure-as-a-service cloud. CITEIS started off as a way to provision virtual machines, but the team quickly realized that it wasn’t enough so they added on more middleware and database capabilities . Now, it’s a rich service that John’s team offers to their clients.
As I start to explore more and more information about Software-Defined Networking and Programmability in the Nexus portfolio, I’ve been fortunate that there have been a lot of people helping me learn along the way. I thought I’d share some of these as it gave me a bit more insight into some of the more holistic perspectives that I’ve been trying to get my head wrapped around lately.
I’m still starting off at a rather high level, though I’m spending more and more time getting deeper into the tech. Every once in a while, though, I need to look up and make sure that I’m swimming in the right direction. It’s really easy to get mired in the details and forget the bigger picture. Read More »
Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers for managed security and what to look for in a cloud provider can be found here.
In today’s workplace, employees are encouraged to find the most agile ways to accomplish business: this extends beyond using their own devices to work on from anywhere, anytime and at any place to now choosing which cloud services to use.
Why Bring Your Own Service Needs to be on Infosec’s Radar
In many instances, most of this happens with little IT engagement. In fact, according to a 2013 Fortinet Survey, Generation Y users are increasingly willing to skirt such policies to use their own devices and cloud services. Couple this user behavior with estimates from Cisco’s Global Cloud Index that by the year 2017, over two thirds of all data center traffic will be based in the cloud proves that cloud computing is undeniable and unstoppable.
With this information in mind, how should IT and InfoSec teams manage their company’s data when hundreds of instances of new cloud deployments happen each month without their knowledge?
Additionally, what provisions need to be in place to limit risks from data being stored, processed and managed by third parties?
Here are a few considerations for IT and InfoSec teams as they try to secure our world of many clouds:
The first blog of this series discussing the role of data security in the cloud can be found here.
In 2014 and onward, security professionals can expect to see entire corporate perimeters extended to the cloud, making it essential to choose a service provider that can deliver the security that your business needs.
While organizations can let business needs trade down security we’ve begun to see how a recent slew of data breaches are encouraging greater vigilance around security concerns. For example, a recent CloudTweaks article highlights the need for organizations to be confident in their choice of cloud providers and their control over data. IT leaders have the power to control where sensitive information is stored. They also have the power to choose how, where and by whom information can be accessed.
An important driver in mitigating risk and increasing security is to ask the right questions.
Institute Control By Asking the Right Questions
However, adding to fears about ceding the control of data to the cloud is lack of transparency and accountability about how cloud hosting partner/ providers secure data and ensure a secure and compliant infrastructure. Cloud consuming organizations often don’t ask enough questions about what is contained in their service-level agreements, and about the process for updating security software and patching both network and API vulnerabilities.
Organizations need reassurance that a cloud provider has a robust set of policies, process and than is using automated as well as the latest technologies to detect, thwart and mitigate attacks, while in progress as well as be prepared to mitigate after an attack.
An important driver in mitigating risk and increasing security is to ask the right questions. When evaluating cloud service providers, IT leaders need to ask: Read the full blog here.