Moving to the Cloud

Cloud can save you time and money, it also has the potential to change the way you do business.

View this infographic to know more…
For more informaiton, http://www.imaginea.com/cloud/index.html

 

Key highlights related to Mobile Technology

Here are a few highlights that are related to Mobile Technology. You will see some interesting statistics in this infographic.

Read on…

http://www.imaginea.com/technology/Mobile

 

Key Cloud Computing Statistics

 

In the infographic, we find some key cloud computing statistics that highlight the growth and adoption trends of this strategic technology.

Learn more about Cloud spending, Cloud adoption, Cloud data and Cloud impacts from this infographic.

http://www.imaginea.com/cloud/index.html

Cloud Computing

Thanks to http://meship.com/Blog/2014/03/10/key-cloud-computing-statistics/

 

Android App development – 5 points to consider

Read some cool tips and tricks in Android App development from our experts in the following infographic.

We worked with a social shopping company to create an Android app to accompany their already successful iPhone version. Working with their amazingly talented team, we guided them towards creating an app that genuinely adapted to the Android platform instead of being a mere copy of the iPhone version.

5 points for developing Android App

http://www.imaginea.com/mobile-app-android/

Using PaaS and going beyond

In this infographic, you will find information about the details of a survey which suggests a high growing demand for PaaS architecture from organizations looking for faster development and deployment circles.
Please go through the infographic in detail …

 

Using PaaS - results from a Survey

For more details on the solution, you can visit www.imaginea.com

 

Test Link setup on Windows:

Prerequisites:

 

Configuration Setup:

           

Old path:

$tlCfg->log_path = ‘/var/testlink/logs/’;

$g_repositoryPath = ‘/var/testlink/upload_area/’;

 

To be updated path:

$tlCfg->log_path = ‘D:/xampp/htdocs/testlink-1.9.7/logs/’

$g_repositoryPath = ‘D:/xampp/htdocs/testlink-1.9.7/upload_area/’;

 

 

 

 

 

 

 

 

 

 

 

Cloud Security – Part 2: “Security with multiple tenants sharing same infrastructure”

Welcome to the part 2 of the blog series ‘Cloud Security’. In Part 1 of the series, we raised some important questions about the security in the cloud. Now, in this blog post, we would like to answer one of the most important questions that we encounter when we talk about Cloud Security.

“How secure is my data when multiple tenants share the same infrastructure?”

Well, this is a tricky question that keeps cropping up again and again. In this blog post, we place a few of the different components in perspective to see which areas need to be addressed. First of all, a question arises, why do multiple tenants share the same infrastructure? The answer is, organizations want to gain price and performance advantages, and thus end up sharing the same infrastructure.

Let us understand the term ‘multi-tenancy’. It simply means, many tenants share same resources and this turns out to be very efficient and scalable. In IaaS, tenants share infrastructure resources like hardware, servers, and data storage devices. In SaaS, tenants source from the same application (for example, Salesforce.com), which means that data of multiple tenants is likely stored in the same database and may even share the same tables. When it comes to security, the risks with multi-tenancy must be addressed at all layers.

 

Shared Premises / Shared Data centers:

In a ‘shared premises’ context, a dedicated rack is the safest unit you can own. However we need to ensure that the power cables are secure and redundant paths are available for power. Also, we should check whether the network cables are secure and whether the redundant paths are available for network. A point to be noted here is that the rack is always locked and cameras monitor the rack and are capable of a playback for a determined period of time.

infrastructure.png

 

Whereas in a ‘shared racks’ context, there is always an element of risk as multiple tenants have access to the Rack. An ideal condition would be to make it a managed service and provide access only to the service provider. Doing so ensures that the untrained / semi-trained hands may not affect the services of a co-tenant.

Shared Hardware:

In an instance where one cannot afford dedicated hardware, one has to settle in for one of the following:

Out of the above, a separate VM is the next best secure element. In order to ensure that the VM is secure, we first need to encrypt the VM image and ensure that the bios password is in force so no one can tamper with the boot order. For additional security, we need to ensure that a boot loader password is in force.

 

As we look upon the Shared Hardware scenario, we encounter that there are other elements where we need to be careful about, such as, Disks, Processors, Memory, Hypervisors etc.

Let us look at each one of them in detail:

Disk

We first need to ensure that the disk should be encrypted with a key recorded by the administrator and no user-end encryption should be enabled. Many a times, we find this feature and it is done to facilitate data recovery in case the employee is not available to recover sensitive / important data. Another important security measure would be to dispose or reassign the disk after due cleanup.

Processor

We need to ensure that the processor should have a secure ring architecture so that the hypervisor operates in a higher security zone than the VMs.

OS

When multiple tenants share the same infrastructure, we need to check the OS specially for extra security. We need to facilitate jails / chrooted environment for different tenants, so one can not see the other’s data.

Hypervisor

A hypervisor or virtual machine monitor (VMM) is a piece of computer software, firmware or hardware that creates and runs virtual machines. Hypervisors main job is to map traffic from VMs to the underlying VM host hardware so that it can make its way through the data center and out to the Internet and vice versa.  As the  hypervisor intercepts all traffic between VMs and VM hosts, it is the natural place to introduce segmentation for the resources of IaaS tenants where VMs might be housed within the same VM host or VM host cluster. We should not share direct access to any devices to the VMs.

 

Also another major security concern in the virtualized infrastructure is that the machines are owned by different customers. These machines can escalate the risk for many types of breaches such as unauthorized connection monitoring, unmonitored application login attempts, and malware propagation.

VM segmentation and isolation is an absolute requirement for VMs containing regulation and compliance intense data like employee details, customer information, etc. Most regulatory mandates such as ISO 27001, SAS 70, Payment Card Industry Data Security Standard (PCI DSS), SSAE 16 and Health Insurance Portability and Accountability Act (HIPAA) require that access be limited to a business’ need to know, and that control policies be set in place to enforce blocking of unwarranted access.

Hope this post has answered the question completely. If you have any further queries, do not hesitate to contact us. You can also comment / share your observations about the topic here.

We are waiting…

Security in the Cloud – Part 1

Security in the Cloud 

We will publish a series of blog posts on Cloud Security. This is the first blog post in the series.

One of the ‘security-as-a-service’ providers conducted a survey of their 2,200 customers about cyber-attacks. The results are startling, they reveal that cyber-attacks on cloud environments are increasing at an alarming level as more and more enterprises move their data to the public cloud.  According to the report, as more and more enterprises transfer their data and processing activities to the cloud, traditional on-premises cyber-attacks have also moved to the cloud. The report highlights a 14 percentage points year-on-year increase in brute force attacks while vulnerability scans on cloud setups have risen by 17 percentage points year-on-year. More info about the report can be found here.

 

Truly, enterprises and businesses have always been reluctant to move away from traditional IT to adopt cloud model. They always were skeptical about data security, and their doubt is genuine whether the data is protected to the same levels as in an on-premises setup.

 

This topic brings us to a very important point: Who controls the data that is hosted in the cloud? Before the Public Cloud came into the picture, enterprise data was safe within the premises and IT could have complete control over it. Now with the cloud, data is under the organizational control, but it rests elsewhere physically and is managed by someone else.

 

Questions such as the following arise:

 

You  can share your answers / ideas / solutions in the comment box.

We are waiting for your response…

 

Top CIOs concerns about Cloud Deployment

In this infographic, you will find more about the top challenges for cloud deployment for CIOs across the globe.

You will also find out some interesting facts about Cloud.

Go on and view the infographic…

 

 

 

Leveraging Devops Automation to Achieve Maximum Benefits!

What if… you could reduce standard infrastructure setup and configuration time from 8 hours to 15 minutes?

What if… you could achieve YoY engineering cost reduction of 37 percent?

What if… you could reduce time to market for new features by 20 percent?

Aren’t these stats interesting? Here’s how a San Francisco-based IT Company leveraged Devops Automation and achieved this (Download Case Study)!

The company looked to increase its market share by lowering the subscription prices and offer more product features while maintaining profitability. This was quite a challenge where developers and architects struggled in order to achieve this goal. They spent too much time migrating code between local, development, user acceptance testing, and production environments. Without much success, they lost 20% of development time in fine tuning.

The company then approached Imaginea Cloud Services team to look into the problem and suggest solutions that could shorten the development cycle duration and improve asset utilization. They also wanted to cut Opex and CapEx.

Imaginea’s unique solution helped developers to achieve continuous delivery and continuous integration to automate and improve the software delivery process, thus accelerating the build, deploy, test, and release processes.

Imaginea helped the company automate much of their development grunt work and significantly reduced operational rework. This IT team completely redefined its existing perception of “how much can be done in how much time”.

Interested in reading more about this. You can visit us and know more.

You can also download the complete case study here.

 

A staggering fact, but true! A Gartner survey estimates that downtime caused by incorrect manual configurations cost small and medium sized businesses $42,000 an hour, with figures in the millions for larger enterprises.