itestro - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Cybersecurity policies take center stage at RSA 2017

This week, bloggers look into cybersecurity policies presented at RSA 2017, how to confront hybrid cloud challenges and the meaning of the SMS-Curvature merger.

Dan Conde, an analyst at Enterprise Strategy Group in Milford, Mass., said he noticed two different ends of the spectrum regarding cybersecurity policies at last week's RSA 2017 conference. On one end, Autodesk, a software company, is working to provide security while adopting cloud computing, open source, SaaS and continuous integration-continuous deployment methods. At the other, Conde sees the U.S. federal government struggling to deliver a coherent cybersecurity strategy.

Autodesk, Conde said, is working hard to retool its security strategies, particularly in an era of open source when few groups are delivering "shrink-wrapped" software that has been tested to ensure it is safe. As a result, companies need to look at everything to deliver security. That may include everything from technology to a company's culture -- and making sure that old ways of doing things don't interfere with new development and deployments.

Michael Daniel, former special assistant to President Obama and cybersecurity coordinator under his administration, focused more heavily on cybersecurity policies in his speech. "There is a tremendous tension between providing security while ensuring the freedom that the citizens of the United States expect, Conde said, summarizing Daniel's remarks. In Conde's view, Daniel's presentation made it clear that the U.S. government faces an even more complex set of challenges creating cybersecurity policies than a software company like Autodesk, particularly because so much of government is connected by networks and the stakes are higher in terms of national security risks. "They can't hide in a box and move slowly. Society demands immediate action (often to world events), adapting to fast rates of innovation, and ultimately delivering on a responsibility of the government to provide frameworks that guide other departments as well as private industry," Conde said.

Dig deeper into Conde's thoughts on cybersecurity policies.

Confronting hybrid cloud challenges

Torsten Volk, an analyst at Enterprise Management Associates, in Boulder, Colo., reflected on EMA estimates that suggest IT organizations waste 50% of their budgets on inefficient application workload placement. This can lead to high operational risk, particularly related to security, compliance and reliability. Volk explored what he calls the "four horsemen" of hybrid cloud failure: making a mistake, being stuck with the mistake, not noticing the impact of the mistake, and not understanding what the mistake means to your business.

Many initial problems stem from mismatching application workloads to their infrastructure environments. Oftentimes, organizations may select servers or rely on a network infrastructure based on reviews or vendor specifications that don't give a sense of how the infrastructure will respond to network latency or CPU contention.

Errors are then compounded when a company doesn't realize how those wrong moves will affect other operations. Network management is one area that is particularly vulnerable.

"You will have applications on different bare-metal, virtual, private and public cloud platforms. But what you do not have is a single pane of glass to see if a storm is brewing and, if so, what this could mean for your business," Volk said.

In the end, organizations using a complex hybrid cloud environment with a myriad of deployment and management options must align their data center goals to their business goals. According to Volk, the "secret sauce" needed to transform software-defined data centers into hybrid clouds that serve a business's needs will need to come from a "brain" overseeing the network operations center, the DevOps group, storage and networking teams.

Explore more of Volk's thoughts on hybrid cloud. 

What the Curvature and SMS merger means for cost-cutting customers

Drew Conry-Murray, writing in Packet Pushers, discussed the recent merger of Curvature LLC, a Cisco-gear reseller on the secondary market, and SMS Systems Maintenance Services Inc., which provides maintenance services and storage equipment. The new group, SMS | Curvature, intends to boost the number of third-party maintenance options available by offering a range of services, including replacement, repair and on-site engineering as well as the resale of networking gear. Conry-Murray cited a 2016 Gartner report that found third-party maintenance costs 60% less expensive than repairs charged by the initial vendor; some organizations saw a 95% drop in their repair costs.

According to Conry-Murray, SMS | Curvature views as its sweet spot servicing equipment three years after its initial purchase -- when original warranties tend to expire. But challenges exist, he said.

"While companies like SMS | Curvature can offer compelling savings, they also face significant perceptual hurdles. For instance, customers may be concerned that they will get inferior-quality products, or even counterfeit equipment," Conry-Murray said. "And some customers worry about souring relationships with key vendors by going to the secondary market," he added.

Read more of Conry-Murray's thoughts on SMS | Curvature.

Next Steps

Looking into RSA 2017 predictions

Tackling hybrid cloud management challenges

Curvature grows network support services

Dig Deeper on Network Security Monitoring and Analysis