Private-vs.-Public-vs.-Hybrid-Cloud

2013 brought about even higher adoption of cloud based services across nearly every technology industry. From accounting software to streaming music to video conferencing and collaboration, the cloud has clearly come of age. What can be confusing about cloud-based services is the different ways they are deployed both internally and externally. The three types of cloud deployments are public clouds, private clouds and hybrid clouds. To help you understand the differences, here are the definitions and examples of the three types:

Public Cloud
Public Clouds provide services over the public Internet. These types of clouds provide access to a significant amount of shared resources and can more easily provide scalable capacity. As an example, if a website is having a special event and expects a spike in traffic, public clouds can be configured to provide that needed capacity at the right time and then be scaled back. Additionally, public clouds make it easy to collaborate with other people and organizations, as the service is accessible to all.

Examples of public cloud services included Salesforce.com (one of the first commercial available public cloud services) as well as IVCi’s own Cloud Video Experience (CVE).

Private Clouds
Private clouds provide services over a private network. In these deployments, organizations must make the investment in the infrastructure and technology, negating a significant portion of the cost savings associated with public cloud based services. Private clouds are preferred when organizations want complete control over security and customization.

Examples of private clouds include financial organizations that provide secure systems to their employees in order to maintain compliance with federal privacy regulations.

Hybrid Clouds
Hybrid clouds deliver services via a combination of public and private clouds. There are a number of reasons an organization would want to create an environment like this. For example, a company might want to leverage a public cloud service (in this case let’s use Rackspace’s Public Cloud Storage service as an example) for older archived data while building and maintaining a private cloud for more timely and current business data. A secure VPN connection could then be established to allow data to move from the internal cloud to the archive in the public cloud at the appropriate time.

The cloud has come of age, as has its ability to be molded to fit the particular needs of many different types of organization. While it can be somewhat confusing to understand all of the deployment models, one thing is for certain: the cloud has truly redefined the way technology is deployed and consumed.

Video conferencing security continues to make news every now and then. Last year, it was HD Moore who hacked into conference rooms around the globe and this year German magazine Der Spiegel said the NSA hacked into the United Nations video conferencing system. In the wake of these events, many users of video conferencing get worried and some get downright paranoid.  However, video can be extremely secure if it is configured properly.

All standards-based video conferencing systems include 128-bit AES encryption which secures the audio and video data being sent between users. Encrypting the audio and video packets prevents hackers from seeing where the data is going or what the contents are. According to an article from the EE Times, it would take one quintillion (1018) years to crack AES encryption using a brute force attack meaning the data is highly protected.

So if AES encryption is so strong, and most video systems support it, why do there continue to be stories of systems getting hacked? Because faults in configuration create weaknesses that leave systems vulnerable to attack.

The most common, which also happen to leave systems the most vulnerable, are leaving systems outside of a company’s firewall and having systems configured to automatically answer calls. This allows virtually anyone to dial into the video conference system undetected because there is no firewall to prevent unwanted access and the only visual evidence that a call has been connected is a tiny light on the camera.

While these are the most severe configuration issues, a recent post on No Jitter mentions other common faults that can leave video systems vulnerable. These include:

  • Using outdated video systems that don’t support encryption
  • Failing to use the most current software on video systems and other devices
  • Connecting to other devices like gateways or video bridges that either don’t support or have encryption turned off
  • Failing to use proper passwords, not changing passwords often enough, or failing to keep those passwords secure

So, what can be done to help keep video conferencing environments secure?

One of the best things to do is  invest in a firewall traversal device such as a Cisco VCS Expressway or Polycom VBP. This allows devices to remain behind a firewall but retain the ability to connect to the public internet. As a result, members located on an internal company network can connect with other participants located outside the network without compromising the network’s security.

An alternative to investing in hardware is to subscribe to a cloud-based managed service. These services provide access to a team of highly trained video professionals that will ensure every call is connected in a secure manner, as well as, confirm all endpoints are configured to security standards.

Additional security options include:

  • Change encryption settings from On (If Available) to On (Required) to require encryption for every call
  • Disable auto-answer functionality
  • Disable far end camera control on the system
  • Close camera shutter when the system is not in use

As with anything, there is a balance between increased security and added functionality. Restricting access to only users located on the internal network provides the highest security but is not very functional. Leaving video systems on the public internet makes it easy to connect with users outside the network but presents numerous security and privacy risks. Every organization is different and the best video networks fall somewhere in between. The bottom line is there is a way to have a highly functional video conferencing environment while mitigating many of the risks that leave a network vulnerable.

Security Consultation

As cloud services pick up speed in the private sector, questions about security, cost savings, implementation and best-practice models have emerged in concert with its rapid growth and adoption. But are institutions of higher learning following suit? Cambridge, MA-based Forrester Consulting turned their focus on 12 universities in the U.S., the U.K., Australia, India, and New Zealand, surveying CIOs and IT directors for their July 2012 report “Cloud Bursts Into Higher Education.”

They found out how and why these schools are employing the cloud; plus they give some suggestions as to where the partnership between higher education and the cloud is headed.

So, how do schools who adopt the cloud compare with businesses?

A Forrester survey from 2011 asked 920 companies which were the most important factors in choosing to deploy SaaS. The top 4 were:

  1. Improved business agility (72%);
  2. Allows us to focus resources on more important projects (66%):
  3. Speed of implementation and deployment (64%);
  4. Faster delivery of new features and functions from SaaS/as-a-service providers (60%).*

*“Lower overall costs” actually tied for 4th place with 60%

As previously noted, Forrester found that universities were adopting cloud services to boost productivity. Plus, speed, budget and scalability were the top three features universities valued most about the cloud. When it comes to the cloud, universities are aligned very closely with businesses.

Forrester also found that cloud-forward schools have three commonalities. First, a common corporate-to-education talent migration means schools’ CIO or IT directors often have firsthand experience of successful cloud implementation, and are endeavoring to bring knowledge and practices up-to-date at their universities. Second, schools with big technology components—academic programs that need and/or can get the most use out of cloud services, like IT training, animation, and fashion—are the most enthusiastic about adopting cloud technology.

Third, U.S. schools are ahead of the pack, with, Forrester estimates, international universities lagging behind by about 12 months. Forrester cites “lack of knowledge and understanding” as the biggest barriers to cloud adoption, noting the while these universities are turning more to the cloud, they’re doing so much slower and more carefully than their U.S. counterparts.

In the future, expect to see more inter-departmental collaboration between IT and academic departments. Additionally, funding will move from IT to academic departments as those departments take on more IT autonomy, and team up on projects.

New realities are driving more direct control of technology by leaders of non-IT organizations, internal users, and customers—empowered by their own technology use. These changes herald an IT organization in which CIOs build agile and nimble teams that enable empowered employees and customers to be successful directly using technology for education.” – Head of Information Technology at a New Zealand University

Related Articles:
Learning the Cloud Way – Part I

The ABA TECHSHOW is taking place April 4-6, 2013 in the Windy City (Chicago, IL). Visit us at booth #614!

IVCi is partnering with Blue Jeans Network to showcase how video collaboration solutions can help law firms meet today’s legal challenges, such as geographically dispersed clients and timely access to subject matter experts, while helping minimize expenses.

In a previous article, we discussed how firms can use video to build client relationships, as well as, manage their ever growing case load by keeping in touch with traveling clients effortlessly through video enabled smartphones or tablets. Additionally, firms can use video conferencing to depose remote witnesses or interview difficult to reach subject matter experts without the time and cost associated with business travel.

Firms can also use video conferencing solutions to attract and retain top associates. Partners can interview potential candidates remotely so that only the most qualified candidates are brought in for further discussion. Plus, law firms can help differentiate themselves by utilizing the latest technology and making the firm more attractive to new recruits.

Additionally, partners and associates can attend meetings with remote offices and confer on any range of topics that would typically be discussed in a face-to-face environment.  Plus, attorneys can attend classes and seminars over video as part of distance learning courses to satisfy CLE requirements. This frees up valuable time and resources by avoiding travel to various firm or seminar locations.

Stop by our booth at ABA TECHSHOW for a demonstration and learn how video collaboration solutions can help your firm. Click here for registration information.

Additional Resources:
Video Conferencing Hits Legal Age

As cloud services pick up speed in the private sector, questions about security, cost savings, implementation and best-practice models have emerged in concert with its rapid growth and adoption. But are institutions of higher learning following suit? Cambridge, MA-based Forrester Consulting turned their focus on 12 universities in the U.S., the U.K., Australia, India, and New Zealand, surveying CIOs and IT directors for their July 2012 report “Cloud Bursts Into Higher Education.”

They found out how and why these schools are employing the cloud; plus they give some suggestions as to where the partnership between higher education and the cloud is headed.

So, how is Higher Ed approaching cloud services?

The Forrester study found that universities are adopting cloud services to boost productivity, and speed, budget, and scalability were the top three features university interviewees valued most about cloud services. But the study uncovered an interesting dynamic: professors and department staff are leading the way with cloud services at their universities, implementing cloud applications as needed, and circumventing the IT department. One side benefit of this autonomy is that IT departments can then focus their resources on other, critical IT tasks.

Echoing concerns coming from the private sector, universities are concerned about security. In fact, the report states “security is the No. 1 roadblock to cloud service adoption.” For schools, the two primary concerns are keeping research (intellectual property) and private student information confidential and secure.

The most common cloud adoption right now is the private cloud, with many of these schools keeping private information, like emails and research, on their private cloud, and “student-related information” on the schools’ servers. The report does note, however, that hybrid clouds are in use, and expected to increase. Additionally, as academic institutions partner up to offer expanded learning experiences, often online, expect to see a growth in the use of community clouds for sharing research and course materials.

Lastly, schools are looking to the cloud for cost savings; however, as cloud usage goes up so do costs. While several interviewees claimed significant cost savings with adoption of various cloud models, in one example the “expanded use of the services over three to seven years raised the cost of SaaS to nearly even with the cost of a perpetual license and on-premises deployment.” In other words, as academic staff and students become more familiar and comfortable with using cloud services, related costs increase, thereby erasing some of the gains.

Related Articles:
Learning the Cloud Way – Part II