Great challenges can bring great opportunities to any business, and with the inevitability of cloud on the horizon, IT organizations will need to embrace this change. Taking the first, second or even third step can be scary, but the return on taking such risks will pay off so long as the IT organization champions the deployment.
Cisco itself has also had to face these risks of deploying cloud, and has already embarked on the private cloud (IaaS) journey —all the way from virtualizing the compute, network, and storage resources to integrating change management, and metering services for “pay as you use”.
Some of the challenges that we encountered typical that other IT organizations could face in cloud adoption were:
• Ensuring security. Each cloud solution has to be matched to appropriate security capabilities. The new capabilities may include centralized management (vs. trying to manage firewalls on ever-changing edges or trying to manage security on each endpoint), scalable multi-tenant architectures, real-time threat analysis and dynamic mitigation delivery.
• Navigating the required steps. Even the public cloud model is never one-size-fits-all. A successful cloud initiative requires several best practice steps, which occur in three phases:
Plan, including aligning the business and architecture strategies, planning and design, and security.
Build, including staging, testing, and implementing solutions and systems integration.
Manage, including network assurance, remote monitoring/diagnostics/alerts, optimization, and support.
• Establishing the business justification. Calculate the projected and actual ROI from cloud project expenses for equipment and services.
It’s very rare for any IT organization to already have all the in-house expertise and experience that’s required for a cloud project. This will eventually happen, but IT organizations can fast-track their cloud initiatives by partnering with a company that understands the cloud journey.
Cisco Services has a proven methodology for implementing private clouds that can help ensure your agency makes a smooth and effective transition to cloud. It starts with the Cisco Domain TenSM discussion to identify where you need to focus among ten crucial areas:
New cloud platforms are rapidly transforming government IT—just as client/server and mainframe/terminal platforms did in decades past.
If you embark on the cloud journey, you’re committing to an exciting and long-term opportunity. And when you step out your door to head to work each day, you’ll be an agent of change for your organization and your career.
I’m curious, what do you see as the biggest challenges to a government entity adopting a cloud model?
Stay tuned to view upcoming installations of the Cloud for Local Government blog series or click here to register and reserve your copy of the complete compilation of the blog series, including this blog as well as a variety of cloud resources, which will be available in May.
Often it is quite surprising how long old, well-known vulnerabilities continue to be exploited. Recently, a friend sent me an example of a malicious script used in an attempted attack against their server:
The script attempted to exploit the Horde/IMP Plesk Webmail Exploit in vulnerable versions of the Plesk control panel. By injecting malicious PHP code in the username field, successful attackers are able to bypass authentication and upload files to the targeted server. These types of attacks could be one avenue used in the DarkLeechcompromises. Although not as common as the Plesk remote access vulnerability (CVE-2012-1557) described in the report, it does appear that this vulnerability is being actively exploited. Read More »
The Common Vulnerability Reporting Framework (CVRF) is a security automation standard intended to make your life easier by offering a common language to exchange traditional security and vulnerability bulletins, reports, and advisories. You can read more about it on the official ICASI CVRF 1.1 page, in my CVRF 1.1 Missing Manual blog series, or in the cvrfparse instructional blog. CVRF 1.1 has been available to the public for almost a year and we would like to know how its helped and how we can improve it. Please take a moment to take the poll and please feel free to share it with any interested parties. Comments are encouraged and welcomed. The more feedback we get, the more we can improve CVRF.
Many network security administrators are struggling to keep their network “up-to-date” with the constant release of new vulnerabilities and software fixes. At the same time, they’re under pressure to provide near 100% availability of key business services and systems. Every time a vendor discloses a security vulnerability, network security administrators must identify affected devices and (in numerous cases) upgrade such devices. These activities can take hours, days, or even weeks depending on the size of the organization. For instance large enterprises and organizations may have thousands of routers and switches that need to be assessed for the impact of any given vulnerability. Cisco is helping customers by adopting cutting-edge security automation standards such as the Open Vulnerability and Assessment Language (OVAL) and the Common Vulnerability Reporting Framework (CVRF).
In the following blog posts, I’ve provided details about how security automation is helping customers:
Webcast took place on Tuesday, April 23rd at 10:00 a.m. EST (14:00 GMT). Over 150 customers from 29 countries learned about security automation; Cisco’s machine readable content strategy; and vulnerability assessment using OVAL. We discussed how customers can use OVAL to quickly assess the effects of security vulnerabilities in Cisco IOS Software devices. The recording is now available:
At 10:30 UTC one of the botnet spam campaigns we discussed yesterday took a shift to focus on the recent explosion in Texas. The miscreants responded to the tragic events in Texas almost immediately. The volume of the attack is similar to what we witnessed yesterday with the maximum volume peaking above 50% of all spam sent. We’ve seen 23 unique sites hosting the malware. This is an attempt to grow the botnet.