Welcome!

Cloud Security Authors: Elizabeth White, Liz McMillan, Pat Romanski, Zakia Bouachraoui, Yeshim Deniz

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Cloud Security, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Cloud as Delivery Vehicle – The Next Wave of the Internet

Meet FireHost at Cloud Expo New York

"While cost has traditionally been a foundational benefit of the cloud, we believe that other factors can play a more important part in defining the cloud of tomorrow," said Todd Gleason, Vice President of Technology at FireHost, in this exclusive Q&A with Cloud Expo conference chairs Larry Carvalho and Vanessa Alvarez. "We believe that the generalist cloud provider - those low-cost commodity clouds that created price competition and insecure clouds - are going to either be gobbled up or beaten up as the industry evolves from this generalist mentality to focus on specialist clouds that have a particular focus."

Cloud Computing Journal: How are cloud standards playing a role in expanding adoption among users? Are standards helping new business models for service providers?

Todd Gleason: Standardization is important, but we're concerned because security desperately needs to be part of this effort. It is not addressed enough, if at all. Much of the open standards work in cloud and other IT technologies traditionally is not security-conscious, making adoption riskier than many want to admit or truly understand. So, while standards are a good thing, we believe security should be baked in at their inception. We advocate for innovation, but it's important that the innovative spirit is not blind to the need to protect vendors and customers.

Cloud Computing Journal: How are hybrid clouds evolving to allow the coexistence of private and public clouds? What are the challenges to meeting a true hybrid cloud scenario?

Gleason: Too much attention and marketing real estate has been paid to debating the merits of public, private and hybrid clouds. Definitions of what's public, what's private and what's hybrid are wide-reaching and are often created to suit a vendor's point of view rather than an educational, objective delineation for the industry. From where we sit, use cases and security are key to disarming this debate. The conversation needs to shift from which model is best in general to which one is appropriate for an individual vendor, provider, or customer, and it must address and incorporate security because regardless of the model chosen, a cloud is insecure unless it's built secure. Use cases vary for industries and individual companies, but security is a common denominator and applicable for all of them. This is where the industry discussion needs to shift.

Cloud Computing Journal: Are on-premise software vendors successfully migrating their business model to a SaaS model? What are the challenges faced in this journey?

Gleason: Most are and the bigger question is how effective will they be at delivering from the cloud and will it be secure. Will they expand their business model and provide infrastructure, or will they stay in their niche as software only players? And for those who do not migrate, will they become more inefficient and outdated?

Cloud as a delivery vehicle is the next wave of the Internet, especially as automation, software techniques, and infrastructures adapt toward applications and servicing their performance more and more. The efficiencies of today are miles ahead of an insulated, on-premise software solution - a situation that gets much sweeter when security is architected into the infrastructure. However, we are not even close to being a truly application-centric world.

Truthfully, though, we need to focus on what the customer wants. Every model will be viable to various customers, so some software vendors may become irrelevant due to the cloud providing a better way to service the customer's needs. The cloud industry can be too hung up on terms such as hybrid, public, SaaS or PaaS. Instead, we have to focus on the customers' needs and their applications that run their business and give them competitive advantages operationally and provide a truly seamless experience.

Cloud Computing Journal: What are the challenges for end users to adopt a new model for application development using Platform as a Service? Are vendors doing enough to meet their needs?

Gleason: Platforms are important to reduce time-to-market for SaaS or internal use cases, and it's good to see the industry shifting from infrastructures being the center of the universe to how they can be architected to service applications in a more on-demand, dynamic, intelligent manner. But, again, where is security in the discussion? It's not anywhere to be found in the majority of industry conversations and vendor communications. It badly needs to be.

In addition to security, there are two other big to-dos that need to be addressed: orchestration and inter-cloud technology. To make applications work well across infrastructures, those infrastructures must work well together in an inter-cloud fashion. This brings us back to security. Businesses will have many clouds, as will their customers. The weakest link is the most insecure cloud, so change must happen to bring security into the larger, strategic conversations rather than focusing so much on architecting an infrastructure or specific software techniques.

Cloud Computing Journal: With several vendors lowering costs for infrastructure, is there a way for new cloud service providers entering this space to make money?

Gleason: While cost has traditionally been a foundational benefit of the cloud, we believe that other factors can play a more important part in defining the cloud of tomorrow. We believe that the generalist cloud provider - those low-cost commodity clouds that created price competition and insecure clouds - are going to either be gobbled up or beaten up as the industry evolves from this generalist mentality to focus on specialist clouds that have a particular focus. For FireHost, that's security. We evolved out of the need for security and have created an infrastructure that provides an advanced security architecture, top security personnel and compliance expertise for customers that are security- and compliance-driven.

•   •   •

Todd Gleason, Vice President of Technology at FireHost, is a central figure in continuously innovating and architecting the secure cloud infrastructure for FireHost and its customers. He brings 15 years of global IT and R&D experience, including deep knowledge of security, cloud, networking, compute, virtualization, storage, and application delivery technologies.

Gleason is driven by the notion that customers ultimately care about servicing their applications to perform efficiently in a secure environment. With this in mind, Gleason has displayed a knack for understanding the latest technology trends in the industry, synthesizing what is applicable for FireHost's customers, and incorporating relevant technology into the company's cloud infrastructure to ensure businesses' applications and data are protected in a cutting-edge, secure cloud. Gleason has helped redefine industry expectations about performance, security, and compliance in the cloud. His creative approach to architecting FireHost's secure cloud proves that security can be incorporated without compromising infrastructure performance, which improves customers' risk management while maintaining thrifty usage of infrastructure resources.

Prior to his role with FireHost, Gleason worked as director of information technology at Panini America, formerly Donruss Trading Cards, which is now a subsidiary of the global Panini conglomerate. There he implemented a high-performance infrastructure and unique business applications enabling rapid high-quality production workflows and integration into the Panini global business. Gleason holds a degree in computer information systems from Remington College.

More Stories By Pat Romanski

News Desk compiles and publishes breaking news stories, press releases and latest news articles as they happen.

Comments (1)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City.
OpsRamp is an enterprise IT operation platform provided by US-based OpsRamp, Inc. It provides SaaS services through support for increasingly complex cloud and hybrid computing environments from system operation to service management. The OpsRamp platform is a SaaS-based, multi-tenant solution that enables enterprise IT organizations and cloud service providers like JBS the flexibility and control they need to manage and monitor today's hybrid, multi-cloud infrastructure, applications, and wor...
The Master of Science in Artificial Intelligence (MSAI) provides a comprehensive framework of theory and practice in the emerging field of AI. The program delivers the foundational knowledge needed to explore both key contextual areas and complex technical applications of AI systems. Curriculum incorporates elements of data science, robotics, and machine learning-enabling you to pursue a holistic and interdisciplinary course of study while preparing for a position in AI research, operations, ...
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
Tapping into blockchain revolution early enough translates into a substantial business competitiveness advantage. Codete comprehensively develops custom, blockchain-based business solutions, founded on the most advanced cryptographic innovations, and striking a balance point between complexity of the technologies used in quickly-changing stack building, business impact, and cost-effectiveness. Codete researches and provides business consultancy in the field of single most thrilling innovative te...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...