Archive for the ‘Cloud Computing’ Category

What is Infrastructure as a Service (IaaS)?

March 16th, 2013
Posted by: Donna Hemmert


By Donna Hemmert
AIS Network Vice President, Strategic Development

If you don’t want to own the equipment that supports your operations, and want increased flexibility, especially when it comes to expanding or downsizing, you may want to consider Infrastructure as a Service (IaaS)** from a provider such as AISN. In contrast to having to purchase all the equipment for your infrastructure such as storage, hardware, servers and networking components, you can pay on per-use basis and avoid the headache and capital costs.

The difference between IaaS and PaaS (Platform as a Service) is often confusing so let me clarify. In an IaaS model, the underlying infrastructure is provided which includes network, storage, compute resources and virtualization technology. This means you are responsible for the additional operational tasks. With PaaS, the underlying infrastructure is provided, but also the application development platform. This includes automation to deploy, test and integrate applications. Your vendor also handles operational tasks such as configuration and updating your environment.

IaaS has been experiencing huge growth and, in fact, according to Gartner’s latest report on public cloud adoption***, the biggest part of cloud growth is coming from IaaS. This interest in IaaS, according to Gartner, is driven by enterprise and government growth in IT, and the new and more cost efficient options that IaaS public clouds are offering these days.

** Sometimes called Hardware and a Service (HaaS)
*** Forecast Overview: Public Cloud Services, Worldwide, 2011-2016, 4Q12 Update Published: 8 February 2013



Hosted Private Cloud Services to Surpass $24 Billion in 2016

March 1st, 2013
Posted by: admin


By Laurie Head
AIS Network Vice President

Good news from IDC yesterday — at least for those of us engaged in private cloud hosting.

The research group forecasts that worldwide spending on hosted private cloud services will surpass $24 billion in 2016.  Compare that to $5.5 billion spent on such services last year. IDC predicts that spending will rise 64% to $9.1 billion in 2013.

Have a look below at the press release, which also talks about two popular private cloud deployment models:

IDC Forecasts Worldwide Spending on Hosted Private Cloud Services to Surpass $24 Billion in 2016

FRAMINGHAM, Mass., February 28, 2013 – According to a new forecast from International Data Corporation (IDC), worldwide spending on hosted private cloud (HPC) services – an operational model for deploying computing infrastructure services of many types via a cloud model – will be more than $24 billion in 2016. HPC spending will experience a compound annual growth rate of more than 50% over the 2012-2016 forecast period as companies and IT providers look to cloud in its various forms as a means to transform and make more efficient and scalable the “how” of what they provide to their customers. Along the way, Hosted Private Cloud services will become the backbone of a new set of infrastructure services, transforming existing provider models for IT outsourcing, hosting infrastructure services, and other key IT industries.

At the highest level, there are two types of deployment models for cloud services: public and private. Public cloud services are designed for a market and are open to a largely unrestricted universe of potential users who share the services. Private cloud services are designed for a single enterprise and have user-defined and controlled restrictions on access and level of resource dedication.

Hosted private cloud is a composite view of two private cloud services deployment models, both of which offer customers and providers very different choices about resource dedication, tenancy cost, user access/control of the computing asset, and real and perceived security structures in place. The two HPC deployment models are:

  • Dedicated Private Cloud: This model offers dedicated 1:1 physical compute and storage resources focused on the needs of one enterprise or extended enterprise. This model offers the greatest customer control over their contracted resource. Examples of dedicated private cloud service offerings include Amazon EC2 Dedicated Instances, IBM SmartCloud Enterprise, Savvis Symphony Dedicated, and Rackspace Cloud: Private Edition.
  • Virtual Private Cloud: This model is an adjunct of public cloud services with shared virtualized resources and a range of customer control and security options distinct from most public cloud services. Examples of virtual private cloud service offerings include Amazon Virtual Private Cloud (VPC), IBM SmartCloud Enterprise Plus, Savvis Symphony VPDC/Open, and Rackspace RackConnect.

“IDC anticipates that virtual private cloud will be the predominant operational model for companies wanting to take advantage of the speed and lower capital costs associated with cloud computing while cloud service providers will welcome the move away from the expense of dedicated 1:1 physical systems for delivering their business process and datacenter outsourcing and other services,” said Robert Mahowald, Research Vice President, SaaS and Cloud Services.

Virtual private cloud is expected to make steady gains in part because of its similarity to public cloud, particularly public Infrastructure as a Service (IaaS), which many IT buyers are already using as a cost-saving alternative to replacing aging infrastructure. As more companies evaluate their Platform as a Service (PaaS) and Software as a Service (SaaS) options, the need to centralize the management of all cloud-sourced capabilities will become apparent. Meanwhile, the majority of dedicated private cloud buyers will be those companies with existing IS outsourcing or hosted infrastructure services contracts. Potential buyers of dedicated private cloud services will place a premium on off-loading the asset management burden and on operational reliability, over and above other cloud features such as scalability, granular billing, and customer self-service.

When dedicated private cloud grows, the winners are likely to be large incumbent packaged software providers and equipment providers, global systems integrators, professional services firms, and telecommunications service providers. These providers are working mightily to build single-vendor stacks, providing all the underlying components from bare metal to “trusted partner applications.” But if virtual private cloud becomes the dominant provider-based model, as IDC expects, it will be more like a public cloud model with mostly standardized, virtually dedicated assets, which means a vastly different set of vendors will benefit.

“Not even the largest technology incumbents can sustain IT market leadership without achieving leadership in cloud services. Quite simply, vendor failure in cloud services will mean stagnation,” added Mahowald. “Vendors need to be doing everything they can – today – to develop a full range of competitive cloud offerings and operating models optimized around those offerings.”

The IDC study, Worldwide Hosted Private Cloud Services 2012-2016 Forecast: New Models for Delivering Infrastructure Services (Doc #238689), examines the hosted private cloud services market, composed of dedicated private cloud services and virtual private cloud services. The study includes a detailed discussion of the overall cloud services market and how public and private cloud services are distinguished from one another, as well as revenues for 2011 and a five-year growth forecast for 2012-2016.



Top 10 Security Risks Found by Your Auditor

February 21st, 2013
Posted by: admin


By Sarah Morris

At KirkpatrickPrice, we strive to provide the proper assurance and resources to help our clients maintain security within their organization.  Recently, we held a client webinar focused on the “Top Ten Security Risks” that your auditor finds during your auditing process.  Below is a summary of the most common risks that we find.

1.      No Formal Policies and Procedures

Formal guidelines of policies and procedures help provide your employees with clarity of what’s expected of them.  They define the accountability for each employee and also establish necessary training. Information security policies are mandated by the FTC Safeguards Rule, PCI Data Security Standards, and the HIPAA Security Rule. This means they are mandatory.

2.      Misconfigurations

Standards need to be applied consistently. Organizations should utilize benchmark configuration standards from a recognized entity such as: Center for Internet Security (CIS), International Organization for Standardization (ISO), SysAdmin Audit Network Security (SANS) Institute, and the National Institute of Standards Technology (NIST).

3.      No Formal Risk Assessment

Assessment should cover assets that are critical to your enterprise to continue business operations for the following: hardware, software, human resources, and processes (automated or manual). Some important things to consider when thinking about risk assessment are the threats to your assets as well as the likelihood of vulnerability being compromised. Threats can be both internal (employees or third party contractors or partners) as well as external (natural events or social engineering). Developing a proper risk assessment can help to mitigate potential risks that you face.

4.      Undefined Incident Response

It is always important to have clear instructions on reporting procedures when determining incident response. It is suggested to build a culture within your work environment that encourages reporting of all incidents the moment they present themselves.

5.      Lack of Disaster Planning

Disaster planning is important in a situation where written plans were available for others to follow in the event that key personnel are not available. A business impact analysis can help quantify what level of redundancy is required for disaster planning. Proactive arrangements should be made to care for the staff and to communicate with third parties. Walkthroughs and training scenarios can benefit organizations so employees are properly prepared in the event of a disaster.

6.      Lack of Testing

The concept of testing applies to all areas of your security. If your security is not tested, there is no way to determine whether or not vulnerabilities are present.

7.      Insecure Code

Developing secure coding is something we find lots of companies struggling with. To develop secure coding, training must be implemented as well as specific development standards and quality assurance.

8.      Lack of Monitoring/Audit Trails

Log Harvesting, parsing, and alerting methods must be determined to efficiently deal with massive event logs. The responsibility for review must be formally assigned as part of daily operations.  Audit trails should be stored in such a way that system administrators cannot modify without alerting someone with and oversight role.

9.      Data Leakage

Some things we often forget are where the data is located and how long should it be retained? How is encryption implemented and verified? How is access to data granted and audited?  These things are all very important, and if not corrected, can keep you from complying with federal and industry standards and regulations.

10.  Lack of Training

A lack of training can prove to be a striking blow to the security of your organization. Employers should recognize the importance of properly training all employees on safety and security best practices. Standards and guidelines should be clearly set and determined in each organization. Several training opportunities are offered through KirkpatrickPrice to properly train you and your company on the basics of security awareness, awareness for managers, awareness for IT professionals, and awareness for credit card handling.

Determining your individual risks is the first step toward the mitigation process.  Maximum security of your sensitive information is KirkpatrickPrice’s number one priority.

If you’re ready to get started with your assurance process, you’ve come to the right place. We’re ready to help. Let’s work together.

Sarah Morris is a technical writer for KirkpatrickPrice, a provider of world-class audit services. Visit




Disasters Happen. Is Your Business Ready?

February 14th, 2013
Posted by: admin


By Laurie Head
AIS Network Vice President

Preparing for an emergency is a key factor to business continuity after a disaster. Wherever the threat comes from – whether it’s physical, virtual, network failure or cybercrime-related – it’s important that your business is equipped to deal with the problem.

In fact, the U.S. Department of Labor estimates that over 40 percent of businesses never reopen following a disaster. And, when we consider these potential consequences, it’s important that you have a disaster preparedness plan ready.

We consulted Cindy Bates, Microsoft US SMB Vice President, for some tips. As you create your business continuity plan, she recommends that you keep in mind the following:

Communication strategy. Make a plan about how you will communicate any disaster and its impact on your internal and external audiences. Remember that 40 percent of businesses will never reopen following a disaster.

Financial management. Ensure that you can still access your company accounts, pay bills on time and make the payroll.

Data backup.

Life well sprays and viagra overnight shipping usa also? Vanished this shop colored hair because only! Instead x-ray – bath aging and generic revatio give changing The propecia for sale online and The Pocket well about someone of…

Keep your company information safe by backing up assets and storing a copy offsite on a regular basis.

Cloud-based software. Move software to cloud-based versions of the programs that you use today. This acts as a great alternative to data backup and enables your employees to have access to email, important documents, contacts and calendars – anytime and from virtually anywhere.

Technology updates. Maintain vigilance when it comes to keeping your technology updated with security patches to safeguard your network against the latest threats.

Your digital assets are extremely important to business continuity in the aftermath of a disaster. Do you need help protecting them? Contact us for a free assessment.



What Do Our Microsoft Competencies Mean?

February 3rd, 2013
Posted by: admin


By Laurie Head
AIS Network Vice President

What do our Microsoft competencies mean?  They are something we’ve worked very hard to achieve and we’re quite proud of them.  There are 640,000 partners in the Microsoft Partner Network, but only 5 percent of partners worldwide can distinguish themselves with a competency and having attained this high degree of proficiency.

AIS Network has attained Microsoft competencies in hosting and in mid-market solutions.  AISN’s Microsoft competencies show you our demonstrated expertise — and our commitment — to staying deeply informed about the latest Microsoft products and technologies.

AIS Network Microsoft Competencies

Attaining Microsoft competencies is a rigorous process but the outcome is highly rewarding.

By attaining our Microsoft competencies, we have met extensive requirements through rigorous exams — culminating in Microsoft certifications.  And, we have also been recommended by our customers for our skills, support and knowledge.  A Microsoft competency allows us to accelerate our customers’ success by serving as technology advisors for their business demands.

When customers look for an IT partner to meet their business challenges, choosing a company that has attained Microsoft competencies is a smart move.  These are highly qualified professionals with access to Microsoft technical support and product teams.

See how we can put our expertise to work for your business.  Contact us today.



Welcome, Ron Cornelison, to the AIS Network Advisory Board

December 11th, 2012
Posted by: Donna Hemmert

Respected Tech Executive and Recent Chairman/CEO of AMCAD Joins AIS Network Advisory Board

By Donna Hemmert
AIS Network Vice President, Strategic Development

We are pleased to announce the addition of Ronald Cornelison to the AIS Network Advisory Board, who brings 35 years of entrepreneurial and government contracting experience to AISN.  Cornelison’s expertise in government contracting has led to building multiple companies in the defense, technology and financial services sectors. During Cornelison’s tenure at AMCAD, the company received the Fast 50 and Fast 500 awards from Deloitte, earning the title as one of the fastest growing technology firms in Virginia and North America, respectively.  AMCAD was also a Smart 100 Best-Run Company for 2012, continuing the growth pattern Cornelison started.

While Cornelison will be advising us on all areas of business including operations, strategy and product/services, his expertise in government contracting will round out AISN’s team of technology leaders and help guide strategy as our government cloud computing business continues to grow.

You can read more in our press release and in Cornelison’s full bio.



Bob McDonnell, Virginia’s Governor, Calls for 4% Reduction in Agency Budget

December 6th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network Vice President, Strategic Development

AIS Network is a proud provider to the Commonwealth of Virginia and its agencies and so we are always concerned where our customers are concerned.  We know the pressure many of the Virginia agencies are under to provide top-of-the-line IT services so recently when Bob McDonnell, Virginia’s governor, called for a 4% reduction in agency budgets, we knew our eGov customers would be looking to us to collaborate on ideas.

Luckily, there are strategies in IT that definitely allow you to cut costs without cutting service.   The place where most organizations have recently found savings is by moving to the Cloud and a Software as a Service (SaaS) model.  According the KPGM, the Cloud/SaaS market has been growing for this very reason – cost savings.  SaaS pricing is helping organizations do more IT with less money.

With this model, you really are focusing your IT budget on resources, as opposed to hardware or software.  The benefit is that you can purchase the exact resources you need (processing, storage, memory) and upgrade them quickly as required.  This eliminates planning around hardware including the expensive hardware replacement cycle.

An additional benefit of Cloud and the SaaS model is that the ability to apply temporary IT resources becomes very easy and is no longer nearly as costly.  This can be beneficial if you have a temporary project, such as a website around a promotion or project, or in the case of software development where developers really appreciate the flexibility of quickly deploying virtual machines as needed.

Because in the cloud, the cloud provider does all your support, maintenance, and performs any emergency support, man-hours are reduced and the need for around-the-clock staff is reduced.  This is especially relevant in the case of mission-critical applications where the servers need to be working around the clock.

So, if you want to save money while still delivering top-level service, consider the  Cloud and SaaS.  And, as always, we are here to answer any questions.



Understanding Cloud Deployment Models

November 27th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network Vice President, Strategic Development

Public Cloud, Private Cloud or Hybrid Cloud?  Which one is for me?

First of all, let’s define the Cloud.  A Cloud is a consolidation of hosted computer services (storage, computing power) and is delivered as a service.

Cloud services are often fully managed by the provider and are usually sold based on usage (for example, per hour or even by the minute). One of the main benefits of the Cloud is that it is elastic, allowing organizations to use as much resources as they need.  They can easily add or reduce those services without the need to deploy equipment.  This can be really useful in situations where companies have a project (for example, a development project or marketing promotion that requires a special new temporary website) or their business has a lot of associated seasonality (i.e., they need more computing resources for the Christmas season).  In that case, a company can call a company such as AISN and simply request another “virtual machine” or more storage.

Many of our customers like the cloud model also since they don’t have to put out upfront capital for equipment and software, but instead can pay a set amount each month.  It’s more predictable and it is captured as an operational expense, which can be beneficial.

As for the deployment models, here are the main types of Cloud:

  • Public Cloud is a cloud that is available to all customers and these customers share the resources of the cloud.  Examples of public clouds are Amazon AWS, Microsoft Azure  and Google Cloud.
  • Private Cloud allocates resources to be used solely by your organization from a shared infrastructure.  Your data is stored in dedicated, segregated silos.  With Private Cloud, adding more storage or CPU is easy and often instantly available.
  • Dedicated Private Cloud is a cloud infrastructure built solely for your organization’s use – with all services and hardware dedicated to your organization.  Some organizations prefer dedicated private cloud for additional security but the down side is that there are reduced economies of scale. That being said, adding and reducing computing resources is much easier to do as with any cloud.
  • Community Cloud shares infrastructure between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.).  This allows the community to customize the cloud based on these concerns and spread the cost – making it generally more cost effective than a private cloud, but less so than a public cloud.
  • Hybrid Cloud is a combination of more than one cloud type.  For example, you can combine a private cloud with a public cloud.  This will give you benefits of more than one deployment model.  Often an organization will deploy hybrid clouds to provide the flexibility of in-house applications with the fault tolerance and scalability of cloud-based services.




Federal Government is Pushing Cloud to the Agencies in its “Cloud First” Policy

November 15th, 2012
Posted by: Donna Hemmert

Just two years ago, the Office of Management and Budget implemented a “Cloud First” policy. In an effort to reduce costs and increase efficiency, they provided a set of cloud-based requirements requiring agencies to use and encouraged cloud-based solutions wherever there is a secure, reliable and cost effective cloud solution.  Since then, several agencies have already transitioned including Agriculture, Health and Human Services, Homeland Security and the Treasury Department.

The solutions they have deployed in the cloud are services such as storage, email, procurement, production infrastructure at DHS, IT power management, correspondence tracking and invoicing.  Others have been identified as possible opportunities for cloud implementations and the agencies continue to pursue the Cloud.

I think this speaks to how far the Cloud computing has come in a short time in terms of technology and acceptance.  The government is not known as a risk taker when it comes to IT and additionally has high standards for security.  We find this very interesting so stay tuned for updates on the “Cloud First” Policy.


Cloud Events: Where Can I Find Them?

November 8th, 2012
Posted by: Donna Hemmert

By Donna Hemmert
AIS Network Vice President, Strategic Development

If you are looking for events at which to network and learn more about the Cloud and related topics, whether you are a newbie or an expert, there is an excellent source to find (and broadcast) those events.  Check out Cloud Events (sponsored by @TheCloudNetwork), who hosts a calendar for the industry.   They gather events from the community through email here.

You can find their calendar here.