The Cloud Act and What it means for you, or more importantly, me!

The CLOUD Act, or to give it full nomenclature, the Clarifying Lawful Overseas Use of Data Act, has been passed into law by POTUS 45. This little act has been touted as an update to the ECPA, or Electronic Communications Privacy Act, and ostensibly, this is the case. What is worrying, though, is the way that it has been signed into law as a part of the Omnibus Spending Bill, without the oversight that a base privacy law should have been given. It feels like it has been smuggled through.

The Cloud Act: it’s MAD (Mutually Assured Data Access)

THE CLOUD ACT: IT’S MAD (MUTUAL ASSURED DATA ACCESS)

This is an act that has been praised by technology companies. The below is an outtake from a joint letter from Apple, Google, Facebook, Microsoft, and Oath (the new name for Yahoo).

The new Clarifying Lawful Overseas Use of Data (CLOUD) Act reflects a growing consensus in favor of protecting Internet users around the world and provides a logical solution for governing cross-border access to data. Introduction of this bipartisan legislation is an important step toward enhancing and protecting individual privacy rights, reducing international conflicts of law and keeping us all safer.

And vilified by privacy and civil rights organizations. This is an outtake of what the ACLU thinks of the law.

The CLOUD Act represents a major change in the law — and a major threat to our freedoms. Congress should not try to sneak it by the American people by hiding it inside of a giant spending bill. There has not been even one minute devoted to considering amendments to this proposal. Congress should robustly debate this bill and take steps to fix its many flaws, instead of trying to pull a fast one on the American people.

The Electronic Frontier Foundation also had a list of objections:

  • Includes a weak standard for review that does not rise to the protections of the warrant requirement under the 4th Amendment.
  • Fails to require foreign law enforcement to seek individualized and prior judicial review.
  • Grants real-time access and interception to foreign law enforcement without requiring the heightened warrant standards that U.S. police have to adhere to under the Wiretap Act.
  • Fails to place adequate limits on the category and severity of crimes for this type of agreement.
  • Fails to require notice on any level – to the person targeted, to the country where the person resides, and to the country where the data is stored. (Under a separate provision regarding U.S. law enforcement extraterritorial orders, the bill allows companies to give notice to the foreign countries where data is stored, but there is no parallel provision for company-to-country notice when foreign police seek data stored in the United States.)
  • The CLOUD Act also creates an unfair two-tier system. Foreign nations operating under executive agreements are subject to minimization and sharing rules when handling data belonging to U.S. citizens, lawful permanent residents, and corporations. But these privacy rules do not extend to someone born in another country and living in the United States on a temporary visa or without documentation.

It seems that there are two sides to this story, and they are diametrically opposed. Why would the technology companies be on one side of the fence, and the civil rights organisations on the other? Especially considering Google’s mantra of “Do no Evil.” The wordings of legal documents often cause this type of result. Their intention is to be clear and leave little to no wriggle room for interpretation, but as you can see, the act has been read completely differently.

This post was previously published on http://www.tvpstrategy.com

—– Read More —–

Is Traditional IaaS Cloud a Dead Man Walking

Traditional IaaS cloud—whether AWS’s EC2, Azure’s offering, or even a private IaaS cloud running vCloud Director, vRA, or OpenStack, to name a few—is in trouble. Now, that sounds like quite a contentious statement to make, but I feel the writing is on the wall. “What?” you may ask. “How can you say that? There are many companies that have not even started their cloud journey, and surely IaaS is the first baby step in their travails.” Well, the answer to this is “yes and no.”

Early movers headed out on their journey unprepared, bright-eyed and bushy tailed, walking into their cloud migrations thinking only of up-front cost savings and believing the patter of the snake-oil salesmen. What is worrying is that, according to an IDG and Datalink survey in 2016, up to 40% of those early adopters have had buyer’s remorse and returned to their cozy data centers or colo sites. Why? Traditional IaaS is expensive. Moving to an infrastructure only–based cloud is very expensive, and companies are used to being always on. They are comfortable with instant access to their data from anyplace, at any time, from effectively anywhere. You really can not move to a subscription-based cost model on that basis.

Previously Published on TVP Strategy (The Virtualization Practice)

 

—– Read More —–

PERTH IS LOVELY TO VISIT, BUT IT’S NOT CLOUDY: SD-WAN TO THE RESCU

On February 19, my colleague Edward Haletky wrote a piece on scale. In it, he highlights that scale is not just about 20,000 desktops and 3,000 virtual hosts. Rather, there are many other metrics that could and should be considered with regard to scale.

I am currently living in Perth in Western Australia. Perth holds a rather dubious record in that is it is the most remote capital city in the world. “Wait, Canberra is the capital of Australia,” you might say, and you would be correct. However, Australia operates in a federal manner and is made up of states and territories, and Perth is the capital of Western Australia. Why am I saying all this? One word, really: cloud. Living in Perth, our nearest AWSAzure, and GCP zones are in Sydney, 3,300 kilometers (2,000 miles) away on the east coast. Oracle Cloud? Again, Sydney. OVH? Yes, Sydney. Softlayer? Wait, it has a zone in Melbourne, but that is still 2,700 kilometers (1,700 miles) from Perth. As you can see, we are quite isolated. Physics rather than doctrine limits Perth’s access to public cloud.

Previously Published on TVP Strategy (The Virtualization Practice)

—– Read More —–

PURE STORAGE DOUBLES DOWN ON VVOLS AND A FEW OTHER THINGS

For a long time, VVols have appeared to be a solution looking for a problem. For the uninitiated, we will first give a brief outline of what VVols are and identify the problem that they purport to solve. On the face of it, it is nothing more than the ability to do one VM to one datastore. However, it is much more than that. VVols are the logical extension of this paradigm in a modern environment. VVols allow for policy-based metrics to be applied to individual virtual machines rather than at a datastore level. Why could this not be done with traditional datastores? Quite simply, the ESXi is limited to 256 LUNs per host. Now, this might sound like a lot, but consider that this would limit you to 256 guests per cluster if you wished to utilize vMotion or Storage vMotion. Not exactly optimal.

Previously Published on TVP STrategy (The Virtualization Practice)

—– Read More —–

BIG SWITCH NETWORKS EXPAND THEIR REACH, NOW WITH HCI INTEGRATION

Big Switch Networks, the Santa Clara–based software-defined networking company, has just released a new version of the Big Cloud Fabric product. Big Cloud Fabric, a software-defined networking product that has been on the market for over four years, is heavily integrated into VMware. For the uninitiated, its core pitch is that with its product, you can cut out proprietary networking gear, and that by using its software-based controller, coupled with low-cost white-box servers and switches, networks can be provisioned, orchestrated, and configured programmatically.

Out of the box, it has many advanced features. Unlike NSX, it has a real physical presence. Unlike ACI, it has a real virtual presence. It plays nicely with both. Its data layer can be deployed on Open Networking Dell EMC Edgecore white boxes and the HPE Altoline family of equipment. Its Big Monitoring Fabric product is a Womble product; it monitors “overlay, underlay—so your packets roam free.”

Role-based access can give VM admins and storage admins the ability to push VMs directly on the network. Yes, you can do this with other products, but there are no Band-Aids™ or shoehorning of square pegs into round holes.

Previously Published on TVP Strategy (The Virtualization Practice)

—– Read More —–

 

Managing a Multicloud

There is no denying that the future of cloud is not just with a single provider, capable as AzureAWS and the other public providers are. For true data protection, your information needs to be in three separate locations, and with the rise of data sovereignty, there is a need for data to be kept within the boundaries of a nation-state. GDPR will place other obligations on companies and their data compliance. Smaller countries will suffer more than larger ones, with their multiple regions and zones per country per cloud provider. Smaller countries like the UK will have problems, as a single provider will not have three regions for true resiliency. Microsoft, for example, will have two regions in the UK for Azure (London and Cardiff) and two for Office 365 (Durham and London). Amazon will only have a single AWS zone: London. (Europe retains Frankfurt, Ireland, and Paris.) The other public cloud providers do not fare much better. Post-GDPR, data sovereignty will be front and center. So, what exactly can you do if you want, need, or desire to be totally in the public cloud: sell your customers in Europe and the world and not fall foul of transnational data-protection laws? A multicloud may be the answer.

Multicloud Puppet Master

Let’s look quickly at the main market providers: India, China, and the US. How they can remain compliant?

Previously Published on TVP Strategy (The Virtualization Practice)

—– Read More —–

WHAT EXACTLY IS ARTIFICIAL INTELLIGENCE?

The world is abuzz with rhetoric about artificial intelligence and machine learning. These terms appear to be used interchangeably, and the perception that they are both the same side of the coin can lead to confusion. So, what are the differences?

First, let’s consider what AI is not. It is not Skynet (yet), and it is not HAL 9000 (yet), although sometimes IBM Watson appears to be getting there.

Will you take the Red pill or the Blue Pill

Will you take the Red Pill or the Blue PillIn the broader sense of the term, artificial intelligence is the concept of computers dealing with situations related to data and figuring out for themselves the best way to do something or improving on a method for undertaking a task. Machine learning is the current top of the pile in AI techniques.

So, basically, AI is an all-encompassing term for algorithms that look at data. However, this is too simplistic an idea.

Previously Published on TVP Strategy (The Virtualization Practice)

—– Read More —–

OVERLY, UNDERLAY, PACKETS FLOW FREE. IS SDN GOING TO TAKE OVER THE WORLD?

A software-defined network: is it an evolution or a revolution in networking? The hype of SDN has been around for several years, but as yet it doesn’t seem to have managed to get much traction outside of the MSPs and Fortune 500 companies with regard to SDN, and telcos with regard to SD-WAN. When, if ever, will the SDN meltwater reach the fertile plains of the LME?

VERLAY, UNDERLAY, PACKETS ROAM FREE. IS SDN GOING TO TAKE OVER THE WORLD?

For this, we really need to look to history.

Previously Published on TVP Stragegy (The Virtualization Practice)

—– Read More —–

Are We Ready for SDN?

SDN, or software-defined networking, is taking over the world—or at least if you listened to the marketers for the main purveyors of SDN and its cousin SD-WAN, you would think so. In fact, if you just listened to the marketers, you would be feeling pretty inadequate with your local data center; your physical network with its physical firewalls, load balancers, and VPN endpoints; and the rest of the vast plethora of networking tools that keep your corporate IT running smoothly. OK, maybe not smoothly, but well enough to make sure that your company can keep the lights on and pay your salary at the end of the month.

There is no denying that SDN products like NSX from VMware, ACI from Cisco, and those from Big Switch Networks are fully capable of delivering value and simplifying administration, but the fact remains that SDN is not ubiquitous in the networks of businesses around the world.

Previously Published on TVP Strategy (The Virtualization Practice)

—– Read More —–

I HAVE A DREAM, A JOURNEY INTO SETTING UP A STARTUP COMPANY TODAY

“I have a dream” is what Martin Luther King Jr. said, and admittedly, his was at least an order of magnitude larger than the dreams of an average company founder. But all companies start with a dream. Dreams are great: in them, you can invariably be invincible, conquer every challenge. However, such dreams can quickly turn to nightmares, if you are not careful. A startup is like a dream.

What follows is an idea or a series of ideas: a roadmap, perhaps. Not a freeway, but more of a winding country lane that is hopefully a joy to drive down. Still, it is not without danger—perhaps a mudslide is caused by a sudden deluge, or a deer, alpaca, or kangaroo suddenly runs out into the road. This is a journey into setting up a startup technology company, from the perspective of technology. Do you buy on-site infrastructure, move wholly into public cloud, or perhaps do a mixture of both? If cloud, what particular ’aaS do you partake of—platform, infrastructure, software, or any number of the other flavours that now abound?

The first mistake that the average founder makes when starting a company is to rush headlong into the making of things, be that widgets to fit a sprocket, consultancy days, or what ever else is used to generate revenue. This is expected; you are suddenly the master of your own destiny, and cash flow reigns. However, and this is important, before you even start to earn, there are many things that you should complete, apart from the obvious things like opening your business bank account, getting a good accountant, and incorporating your company. Things like choosing and setting up email, office applications, collaboration software. Timesheets, bookkeeping software, payroll. Customer records database and management.

Previously Published on TVP Strategy (The Virtualization Practice

—– Read More ——