Story first appeared on USA Today -
Data storage shift helps companies' bottom line
Cloud computing is exploding and growing faster than a swirling funnel crossing the Oklahoma plains. The next generation of computing lowers information technology costs while increasing corporate profits at the same time. And what's not to like about that?
That one-two punch was revealed in a study obtained by USA TODAY conducted by England's Manchester Business School. The study, which was commissioned by San Antonio-based hosting company Rackspace, is expected to be released Wednesday.
The Manchester study indicates that cloud computing allows U.S. businesses to slash information technology costs by about 26%. What's more, 62% of those same American companies say that deploying in the cloud improved their bottom lines.
"The results are finally showing what we've known all along," says Rackspace Chief Technology Officer John Engates. "It's not just about moving workloads from your data center to our data center."
The rise of cloud computing has much bigger ramifications. It's a tectonic shift in how we work, live and play. iTunes is in the cloud. Ford's cars are connected to the cloud. Google's Gmail is based in the cloud. But those are largely consumer examples; now corporate computing is also shifting to the cloud.
"The move to the cloud can't happen fast enough for some companies," says Engates, who has been on the ground floor of the cloud computing movement.
Cloud computing has myriad definitions, but in the most general sense it means devices linked to data centers located just about anywhere over a combination of wireless and wired networks. There are "private clouds," where companies own and control the data centers, which are usually centrally located in lower-cost geographies. And then there are "public clouds," in which companies use computing power delivered from servers they don't own, which are usually shared with other corporate customers.
Big companies tend to use a combination of private and public clouds, reserving their high-security functions and digital record keeping for the data centers they control. But the growing acceptance of public clouds foreshadows a trend in which computing power will be delivered similarly to the way electricity is distributed by utility companies. In fact, tech geeks refer to the long-term public cloud concept as "utility computing."
We are a long way from when most companies no longer own servers, or operate so-called on-premise data centers, and rely solely on public clouds. There are a number of reasons, including security concerns, control and reliability. But the Manchester survey suggests that enterprise computer customers are embracing the shift enthusiastically.
In addition to the cost-efficiency of cloud computing, the study found that 68% of U.S. firms are plowing the cash they saved back into their businesses. They are using the cost savings to improve and expand product lines, services and other offerings. More than 60% of the companies surveyed say they are using the money to hire new employees, give raises and offer bonuses. Employment at the American companies surveyed increased 28%.
While existing companies are transitioning to cloud computing at their own pace, start-ups unsurprisingly are totally embracing the change -- especially software and social-media concerns and online retail outfits.
More than half of the start-ups surveyed said they wouldn't have been able to afford on-premise data centers at the time of their launch.
Of course, it is self-serving for a cloud-service provider to hire a study that supports its case, but the numbers are the numbers, and Manchester interviewed some 1,300 companies in both the U.S. and the United Kingdom.
Intel's general manager of cloud computing, Jason Waxman, isn't surprised by the findings. Server, storage and networking sales have been booming at the chip giant in recent years. Intel pegs the compounded growth rate for servers at about 25% to 30% a year based largely on expansion of private and public clouds.
"The more companies can save on computer infrastructure, the more they can spend on infrastructure," Waxman says. "All of these new opportunities represent a huge build-out."
Waxman thinks that public cloud providers, including Rackspace, Seattle-based Amazon.com (yes, that Amazon) and San Francisco-based GoGrid, could grow as much as 70% a year.
Gartner, the industry research consultant, predicts that the total public cloud market could swell to more than $206 billion in 2016, roughly double what it is now.
Says Intel's Waxman, "It's an astronomical opportunity."
Showing posts with label information technology. Show all posts
Showing posts with label information technology. Show all posts
Tuesday, February 26, 2013
Tuesday, April 17, 2012
IT Security Breaches a Major Concern
Story first appeared in the Wall Street Journal
A recent wave of information-security breaches at high-profile companies has many executives on heightened alert. They're trying to figure out everything they can do to prevent breaches, limit the damage if one occurs, and be prepared to rebound quickly from whatever harm is done.
As they consider their options, two questions loom large: How much should they spend to protect their companies' information? And how can they get the most for their money?
Our research suggests they should spend substantially less than the expected loss from a breach, and perhaps spend it differently than many might think. Investing in a managed IT service is a good way to go, as they typically offer security solutions, backup solutions, and disaster recovery solutions in the case of a breach.
The One-Third Mark
We developed a model to help executives determine the optimal level of investment to protect a given set of information—whether it's customers' personal information, company financial data, strategic-planning documents or something else. The model weighs the potential loss from a security breach, the probability that a loss will occur, and the effectiveness of additional investments in security.
One key finding from the model: The amount a firm should spend to protect information is generally no more than one-third or so of the projected loss from a breach. Above that level, in most cases, each dollar spent will reduce the anticipated loss by less than a dollar.
A second key finding: It doesn't always pay to spend the biggest share of the security budget to protect the information that is most vulnerable to attack, as many companies do. For some highly vulnerable information, reducing the likelihood of breaches by even a modest amount is just too costly. In that case, companies may well get more bang for their buck by focusing their spending on protection for information that is less vulnerable.
Working It Out
The following four-step approach has proved useful in helping executives sort all this out:
Step 1. Estimate the potential loss from a security breach for each of the company's various sets of information. For starters, it's useful to simply categorize information sets as having either Low Value, Medium Value or High Value.
Step 2. For each set of information, estimate the likelihood that it will be stolen, by examining the probability of an attempt to steal the information and the vulnerability of the information to attack. Again, broad categories are useful: Designate each set of information as either Low Threat/Vulnerability, Medium Threat/Vulnerability or High Threat/Vulnerability.
To combine the two factors, assign each a numerical rating—say, on a scale from 1 to 10—and multiply the two numbers by each other.
Using that scale, you might consider any combined ranking below 30 to be Low Threat/Vulnerability, and any ranking above 70 to be High Threat/Vulnerability; different people will draw those lines in different places.
A key point: Information that is highly vulnerable to attack but unlikely to interest a hacker (think of a banged-up old subcompact parked with the keys in the ignition, in a high-crime neighborhood), or that is very attractive to a thief but is very well protected (a brand-new luxury car on the White House grounds), would fall into the Low Threat/Vulnerability category.
Step 3. Create a grid with all the possible combinations of the first two steps, from Low Value, Low Threat/Vulnerability up to High Value, High Threat/Vulnerability. Then plot each set of information on the grid. This gives a clear view of where the greatest potential losses lie—not just in terms of the cost of a breach, but also in terms of its likelihood.
Step 4. Focus spending where it can reap the largest net benefits—where a given amount of money will produce the biggest reduction in potential loss.
Security investments should continue to be made as long as the incremental benefits are greater than the incremental costs—which usually stops being the case where the costs are roughly one-third of the total expected loss from a security breach.
Security breaches can have a substantial negative effect on corporations. However, contrary to conventional wisdom, the overwhelming majority of security breaches have little economic impact on corporations—all the more reason to use this kind of cost-benefit analysis to allocate finite information-security resources.
However, this approach is best thought of as a framework, not a panacea, for making sound information-security investments. It is not a magical formula that can be used to churn out exact answers. Rather, it should be used as a complement to, and not as a substitute for, sound business judgment.
For more technology and electronics related news, visit the Electronics America blog.
For national and worldwide related business news, visit the Peak News Room blog.
For local and Michigan business related news, visit the Michigan Business News blog.
For healthcare and medical related news, visit the Healthcare and Medical blog.
For law related news, visit the Nation of Law blog.
For real estate and home related news, visit the Commercial and Residential Real Estate blog.
For organic SEO and web optimization related news, visit the SEO Done Right blog.
A recent wave of information-security breaches at high-profile companies has many executives on heightened alert. They're trying to figure out everything they can do to prevent breaches, limit the damage if one occurs, and be prepared to rebound quickly from whatever harm is done.
As they consider their options, two questions loom large: How much should they spend to protect their companies' information? And how can they get the most for their money?
Our research suggests they should spend substantially less than the expected loss from a breach, and perhaps spend it differently than many might think. Investing in a managed IT service is a good way to go, as they typically offer security solutions, backup solutions, and disaster recovery solutions in the case of a breach.
The One-Third Mark
We developed a model to help executives determine the optimal level of investment to protect a given set of information—whether it's customers' personal information, company financial data, strategic-planning documents or something else. The model weighs the potential loss from a security breach, the probability that a loss will occur, and the effectiveness of additional investments in security.
One key finding from the model: The amount a firm should spend to protect information is generally no more than one-third or so of the projected loss from a breach. Above that level, in most cases, each dollar spent will reduce the anticipated loss by less than a dollar.
A second key finding: It doesn't always pay to spend the biggest share of the security budget to protect the information that is most vulnerable to attack, as many companies do. For some highly vulnerable information, reducing the likelihood of breaches by even a modest amount is just too costly. In that case, companies may well get more bang for their buck by focusing their spending on protection for information that is less vulnerable.
Working It Out
The following four-step approach has proved useful in helping executives sort all this out:
Step 1. Estimate the potential loss from a security breach for each of the company's various sets of information. For starters, it's useful to simply categorize information sets as having either Low Value, Medium Value or High Value.
Step 2. For each set of information, estimate the likelihood that it will be stolen, by examining the probability of an attempt to steal the information and the vulnerability of the information to attack. Again, broad categories are useful: Designate each set of information as either Low Threat/Vulnerability, Medium Threat/Vulnerability or High Threat/Vulnerability.
To combine the two factors, assign each a numerical rating—say, on a scale from 1 to 10—and multiply the two numbers by each other.
Using that scale, you might consider any combined ranking below 30 to be Low Threat/Vulnerability, and any ranking above 70 to be High Threat/Vulnerability; different people will draw those lines in different places.
A key point: Information that is highly vulnerable to attack but unlikely to interest a hacker (think of a banged-up old subcompact parked with the keys in the ignition, in a high-crime neighborhood), or that is very attractive to a thief but is very well protected (a brand-new luxury car on the White House grounds), would fall into the Low Threat/Vulnerability category.
Step 3. Create a grid with all the possible combinations of the first two steps, from Low Value, Low Threat/Vulnerability up to High Value, High Threat/Vulnerability. Then plot each set of information on the grid. This gives a clear view of where the greatest potential losses lie—not just in terms of the cost of a breach, but also in terms of its likelihood.
Step 4. Focus spending where it can reap the largest net benefits—where a given amount of money will produce the biggest reduction in potential loss.
Security investments should continue to be made as long as the incremental benefits are greater than the incremental costs—which usually stops being the case where the costs are roughly one-third of the total expected loss from a security breach.
Security breaches can have a substantial negative effect on corporations. However, contrary to conventional wisdom, the overwhelming majority of security breaches have little economic impact on corporations—all the more reason to use this kind of cost-benefit analysis to allocate finite information-security resources.
However, this approach is best thought of as a framework, not a panacea, for making sound information-security investments. It is not a magical formula that can be used to churn out exact answers. Rather, it should be used as a complement to, and not as a substitute for, sound business judgment.
For more technology and electronics related news, visit the Electronics America blog.
For national and worldwide related business news, visit the Peak News Room blog.
For local and Michigan business related news, visit the Michigan Business News blog.
For healthcare and medical related news, visit the Healthcare and Medical blog.
For law related news, visit the Nation of Law blog.
For real estate and home related news, visit the Commercial and Residential Real Estate blog.
For organic SEO and web optimization related news, visit the SEO Done Right blog.
Monday, September 20, 2010
U.S. Tech Probe Nears End
The Wall Street Journal
Several of the U.S.'s largest technology companies are in advanced talks with the Justice Department to avoid a court battle over whether they colluded to hold down wages by agreeing not to poach each other's employees.
The companies, which include Google Inc., Apple Inc., Intel Corp., Adobe Systems Inc., Intuit Inc. and Walt Disney Co. unit Pixar Animation, are in the final stages of negotiations with the government, according to people familiar with the matter.
The talks are still fluid, these people said, with some companies more willing to settle to avoid an antitrust case than others. If negotiations falter, both sides could be headed for a defining court battle that could help decide the legality of such arrangements throughout the U.S. economy.
Still, there are powerful incentives for both sides to settle the potential civil case before it reaches that stage.
The Justice Department would have to convince a court not just that such accords existed, but that workers had suffered significant harm as a result.
The companies may not want to take a chance in court. If the government wins, it could open the floodgates for private claimants, even a class action by employees. A settlement would allow the Justice Department to halt the practice, without the companies having to admit to any legal violations.
Spokespeople for Google, Apple, Intel, Adobe and Intuit all declined to comment. Pixar had no immediate comment. A Justice Department spokeswoman also declined to comment.
The Justice Department's probe of hiring practices could reach beyond Silicon Valley.
During the course of its more than year-long investigation, the agency has uncovered evidence of such agreements in other sectors, according to the people familiar with the matter.
A settlement with tech companies—or a court fight—could therefore help determine what kinds of agreements are acceptable in other industries as well.
At stake are dueling visions of how far companies should be able to go in agreeing to limit the kind of headhunting that can help valuable employees increase their compensation.
The companies have argued to the government that there's nothing anticompetitive about the no-poaching agreements. They say they must be able to offer each other assurances that they won't lure away each others' star employees if they are to collaborate on key innovations that ultimately benefit the consumer such as improved Google SEO.
Some economists believe that banning such agreements could harm Silicon Valley's open, collaborative model.
"The effect of the lawsuit would be to reduce innovation because companies would worry about exposing their employees to each other," said Paul Rubin, an economics professor at Emory University, who isn't involved in the case.
For the Justice Department, such agreements amount to an effort by companies to limit competition for talent, harming employees' ability to get the best jobs and wages and reducing the incentives for people to enter professions in high demand, according to people familiar with the matter.
The government could argue that the agreements constitute an effort by companies to fix the price of labor, and are therefore just as harmful as price-fixing or bid-rigging—automatic violations of antitrust law.
"In a free market economy, you want the best people getting the best positions, and presumably all the rewards that come with that," said Spencer Waller, a law professor at Loyola University Chicago, who has no connection to the case. "This agreement, if the government has the facts, suggests that market for talent is being depressed by collusion."
The agreements under investigation varied in their scope and details, according to the people familiar with the matter. In conversations with the Justice Department, some companies have maintained they didn't have agreements not to hire each others' employees, only agreements not to "cold-call" partners' employees.
However, people familiar with the matter say the Justice Department believes that cold-calling is an important way in which people are hired in the sector. Even if the employees don't end up moving, their employer often has to sweeten their pay and conditions to make sure they stay.
After more than a year of investigation, the Justice Department antitrust division has concluded that many of these agreements have harmed people's ability to get better jobs or improve their conditions.
But proving that in court may be tricky, some antitrust lawyers said.
During the course of the investigation, more than a dozen tech companies have been questioned by the Justice Department, people familiar with the matter said. Those include Yahoo Inc., Genentech Inc. and IAC/InterActiveCorp.
However, some companies said they are no longer in the government's cross-hairs. "After a thorough investigation, the [Justice Department] antitrust division has advised IBM that it will not pursue a case against IBM," an International Business Machines Corp. spokesman said.
Microsoft Corp. also said it is no longer a target of the investigation. A Genentech spokeswoman said the Justice Deparment had relieved the biotech firm of the obligation to hold on to relevant information.
A Yahoo spokeswoman said the company fully cooperated in the investigation and believed its responses were sufficient. IAC didn't respond to requests for comment.
The agency has decided not to pursue charges against companies that had what it believes were legitimate reasons for agreeing not to poach each other's employees, said people familiar with the matter. Instead, it's focusing on cases in which it believes the non-solicit agreement extended well beyond the scope of any collaboration.
Subscribe to:
Posts (Atom)
