December 9, 2013
Volume XLVI, Issue 4
Internet Firms Step-Up Efforts to Stop Spying
Excerpted from NY Times Report by Nicole Perlroth and Vindu Goel
When Marissa Mayer, Yahoo's chief executive, recently announced the company's biggest security overhaul in more than a decade, she did not exactly receive a standing ovation.
Ordinary users asked Ms. Mayer why Yahoo was not doing more. Privacy activists were more blunt. "Even after today's announcement, Yahoo still lags far behind Google on web security," said Christopher Soghoian, a technology analyst at the American Civil Liberties Union.
For big Internet outfits, it is no longer enough to have a fast-loading smartphone app or cool messaging service. In the era of Edward J. Snowden and his revelations of mass government surveillance, companies are competing to show users how well their data is protected from prying eyes, with billions of dollars in revenue hanging in the balance.
On Thursday, Microsoft will be the latest technology company to announce plans to shield its services from outside surveillance. It is in the process of adding state-of-the-art encryption features to various consumer services and internally at its data centers.
The announcement follows similar efforts by Google, Mozilla, Twitter, Facebook, and Yahoo in what has effectively become a digital arms race with the National Security Agency (NSA) as the companies react to what some have called the "Snowden Effect."
While security has long simmered as a concern for users, many companies were reluctant to employ modern protections, worried that upgrades would slow down connections and add complexity to their networks.
But the issue boiled over six months ago, when documents leaked by Mr. Snowden described efforts by the NSA and its intelligence partners to spy on millions of Internet users. More than half of Americans surveyed say NSA surveillance has intruded on their personal privacy rights, according to a Washington Post-ABC News Poll conducted in November.
The revelations also shook Internet companies, which have been trying to reassure customers that they are doing what they can to protect their data from spying. They have long complied with legal orders to hand over information, but were alarmed by more recent news that the NSA was also accessing their data without their knowledge.
"We want to ensure that governments use legal process rather than technological brute force to obtain customer data — it's as simple as that," said Bradford L. Smith, Microsoft's General Counsel, in an interview.
Mr. Smith said his company would also open "transparency centers" where foreign governments can inspect the company's code in an effort to assure them that it does not plant back doors for spy agencies in its products.
Already, the Snowden revelations threaten to erode the market share of American technology companies abroad.
In India, government officials are now barred from using email services that have servers located in the United States. In Brazil, lawmakers are pushing for laws that would force foreign companies to spend billions redesigning their systems — and possibly the entire Internet — to keep Brazilian data from leaving the country.
Forrester Research projected the fallout could cost the so-called cloud computing industry as much as $180 billion — a quarter of its revenue — by 2016.
"The world is quickly being divided into companies that are secure and companies that are not," said Bhaskar Chakravorti, a dean of international business and finance at the Fletcher School at Tufts University.
One by one, technology companies have been scrambling to plug security holes.
The best defense, security experts say, is using Transport Layer Security, a type of encryption familiar to many through the "https" and padlock symbol at the beginning of web addresses that use the technology. It uses a long sequence of numbers — a master key — that scrambles sensitive data like passwords, credit card details, intellectual property, and personal information between a user and a website while in transit.
Banks and other financial sites have used such security for years, and Google and Twitter along with Microsoft's email service made it standard long ago. Facebook adopted https system wide this year. And Ms. Mayer said Yahoo would finally allow consumers to encrypt all their Yahoo data in January.
But as many sites move to https, security experts say more advanced security measures are needed. If a government can crack the master key — or obtain it through court orders — it could go back and decrypt past communications for millions of users.
That's why companies like Google, Mozilla, Facebook, and Twitter have added another layer of protection, called Perfect Forward Secrecy. That technology adds a second lock to each user's transmissions, with the key changed frequently. Microsoft plans to add the encryption method next year, but Yahoo has not said whether it will add it.
"Perfect Forward Secrecy is a billion different secrets, and it's not protected by one central secret," said Scott Renfro, a Facebook software engineer who works on the company's security infrastructure.
So even if an outsider obtained the master key, it would still have to crack the other keys, over and over again.
"This type of protection should have been engineered into all web systems and all Internet systems to begin with," said Jacob Hoffman-Andrews, an engineer at Twitter.
The technology has existed for two decades, but companies were slow to adopt it because it added complexity and introduced a delay to Internet transactions, which can encourage impatient users to flee for faster sites. But many of those issues were resolved by Google when it applied Perfect Forward Secrecy in 2011, said Adam Langley, a software engineer at the company. Google shared its improvements with the broader tech community.
Still, technical solutions can be trumped by law. While https and Perfect Forward Secrecy protect the data transmission, law enforcement agencies can still compel companies to hand the data over from their servers, where it is stored.
So Internet companies are trying to ensure they are at least blocking unauthorized access by addressing other security issues, including a hole that leaves users vulnerable at the very beginning of a site visit. When users want to log into, say, Google's Gmail, their Internet browser checks the site's security certificate to make sure it's not an impostor.
Some security experts believe that hackers are nearly capable of cracking the 1024-bit encryption keys that protect the certificates. But an industry standards group is requiring that, starting next year, all new and renewed certificate keys use 2048-bit encryption, which is far more difficult to break.
Ultimately, however, every security advance is met by new threats. "Attacks don't get worse," Mr. Langley said. "They only get better."
Report from CEO Marty Lafferty
In addition to supporting technological advances and improved business practices that will bolster online security, following up on action items from our Town Hall Meeting at CLOUD COMPUTING WEST 2013, there is an important step for you to take now.
As industry participants and Internet users, each of us shares concerns about National Security Agency (NSA) surveillance, related threats to privacy on the web, and compromises to security in cloud computing data centers posed by over-reaching government agencies.
The recently much publicized NSA scandal is but one indicator of the problem.
An outdated law says the Federal Bureau of Investigation (FBI), Internal Revenue Service (IRS), and hundreds of other US federal agencies can access our communications, including email and data in the cloud without a warrant.
That law, called the Electronic Communications Privacy Act (ECPA), was written over 25 years ago, before the services we use today were even contemplated.
As reported previously, The DCIA is one of more than two dozen organizations supporting the Digital Due Process (DDP) initiative to reform ECPA and its informational website.
Right now, several bills in Congress would fix this by updating ECPA to require a warrant, but regulatory bodies are blocking reform in order to gain new powers of warrantless access.
As previously discussed here, the Securities and Exchange Commission (SEC) is of particular concern, and its lobbying efforts have encompassed the executive as well as legislative branches for an exemption.
Our immediate concern is uncertainty regarding this issue at the White House.
We must now call on the Obama Administration to support ECPA reform and to reject any special rules that would force online service providers to disclose our electronic communications without a warrant.
Between now and December 12th, we need you to sign this Petition to the Obama Administration to protect citizens from government spying without due process and to ask everyone you can to do so as well.
The First Amendment of the US Constitution prescribes that "Congress shall make no law… prohibiting… or abridging the… right of the people… to petition the Government for a redress of grievances."
The idea of petitioning the White House or the government isn't new, but the online platform to facilitate it is.
If a petition gets enough support — currently defined as 100,000 signatures — White House staff will review it and ensure that the appropriate policy experts seriously examine the issue.
And they will publicize an official response.
A step-by-step walk through of the process is available here.
Of course, there is also the more immediate option of contacting the White House through its switchboard at 202-456-1111 and conveying your message directly.
If your contacts extend to White House Counsel Kathryn Ruemmler, who decided to stay in her position until spring, or any of her deputies, this is certainly a valid approach.
Obama administration support for the SEC position would be extremely harmful to ECPA reform, the continuing advancement of our industry, and to the interests of Internet users generally.
A viable alternative is to enable agencies to compel compliance by subscribers or users without going to third-party service providers, and that is one that we support.
The article immediately following this report provides more background information on the issue.
Besides electronically signing the petition, here's how else you can help.
Share the above petition-signing information with everyone you know and/or support the related seasonal consumer advocacy campaign called "Stop Spying on Santa."
To do that, send an email to your address list linking here.
Please underscore the urgency of acting by December 12th.
Share the website on Twitter with tweets such as these two samples —
Stop spying on Santa! Government agencies can read our electronic communications without a warrant.
More at: http://www.stopspyingonsanta.com #ECPA.
#ECPA (written 25 years ago) says the FBI, IRS & others can read our email w/out a warrant. Sign the petition now:
Share the website on Facebook. Here are two sample descriptions to accompany the shared link —
Did you know an absurdly outdated law says the police, FBI, IRS, and hundreds of other agencies can read your email and other electronic communications without a warrant? Learn more: http://stopspyingonsanta.com.
ECPA, an outdated law that says the police, FBI, IRS and hundreds of other agencies can read our communications without a warrant, was written over 25 years ago before the services we use today even existed. Sign the petition for reform today:
Share wisely, and take care.
SEC Already Has Ample Authority to Obtain Data
Excerpted from CDT Report by Greg Nojeim
In a letter dated April 24, 2013, the SEC Chairman proposed a major new idea: to create a court order process enabling civil regulatory agencies to obtain electronic communications from an ISP for use in a civil proceeding "upon satisfying a judicial standard comparable to the one that governs receipt of a criminal warrant."
The proposal from the SEC raises a host of new questions. Importing the probable cause standard into the civil context is something that would have to be thoroughly examined through hearings and in the light of actual legislative language.
In the meantime, the SEC letter understates the powers already available under the existing ECPA to the SEC and other regulatory agencies. This report outlines three concerns, all of which are already addressed under current law:
1) Persons who violate the law frequently do not retain copies of incriminating communications; 2) they may choose not to provide emails in response to Commission subpoenas; and 3) individual account holders sometimes delete responsive emails.
Current law already has authorities to deal with these issues.
To begin with, ECPA authorizes any governmental entity, including a regulatory agency, to require an ISP or other service provider to preserve any evidence in its possession. 18 USC 2703(f). These preservation demands can be issued by any agency, in any kind of matter, without even a showing of need or relevance, and they can be issued at the earliest stages of an investigation, thereby preventing the deletion of data.
In addition, ECPA already allows any regulatory agency to issue administrative subpoenas to any ISP or service provider to compel disclosure of account information (not the contents of communications). The information that can be obtained with an administrative subpoena includes dates of service, types of service utilized, and records of session times and durations.
With this information, the agency can get a good picture of what services an individual or entity used and during what time periods, including when the person accessed his account, making it impossible for the individual to claim, in response to a subpoena, that he has no responsive records in his possession or control.
Armed with data preservation plus evidence of the usage of an account, the government can then use the same methods it uses to compel compliance with any of its subpoenas.
As one former SEC enforcement attorney now in private practice representing those facing SEC investigations has written, "Although it is possible to challenge SEC subpoenas, rarely are such challenges successful or advisable." Stanley C. Morris, "You Said What to the SEC?!!!".
Obama Praises NSA But Promises to Rein It In
Excerpted from Slashdot Report by Hugh Pickens
"Josh Gerstein writes on Politico that President Barack Obama told Chris Matthews in an interview recorded for MSNBC's 'Hardball' that he'll be reining in some of the snooping conducted by the NSA, but he did not detail what new limits he plans to impose on the embattled spy organization.
'I'll be proposing some self-restraint on the NSA. And... to initiate some reforms that can give people more confidence,' said the President who insisted that the NSA's work shows respect for the rights of Americans, while conceding that its activities are often more intrusive when it comes to foreigners communicating overseas.
'The NSA actually does a very good job about not engaging in domestic surveillance, not reading people's emails, not listening to the contents of their phone calls. Outside of our borders, the NSA's more aggressive. It's not constrained by laws.'
During the program, Matthews raised the surveillance issue by noting a Washington Post report on NSA gathering of location data on billion of cell phones overseas. 'Young people, rightly, are sensitive to the needs to preserve their privacy and to retain Internet freedom. And by the way, so am I,' responded the President. 'That's part of not just our First Amendment rights and expectations in this country, but it's particularly something that young people care about, because they spend so much time texting and-- you know, Instagramming.'
With some at the NSA feeling hung out to dry by the President, Obama also went out of his way to praise the agency's personnel for their discretion. 'I want everybody to be clear: the people at the NSA, generally, are looking out for the safety of the American people. They are not interested in reading your emails. They're not interested in reading your text messages. And that's not something that's done. And we've got a big system of checks and balances, including the courts and Congress, who have the capacity to prevent that from happening.'"
IT Execs Stay with Cloud Computing Despite NSA Scandal
Excerpted from InfoWorld Report by Juan Carlos Perez
Explosive revelations in the past six months about the US government's massive cyber-spying activities have spooked individuals, rankled politicians, and enraged privacy watchdogs, but top IT executives aren't panicking — yet.
So far, they are monitoring the issue, getting informed and taking steps to mitigate their risk in various ways. But the alarming reports haven't prompted them to roll back their decisions to host applications and data in the cloud.
That's the consensus from about 20 high-ranking IT executives interviewed in North America and Europe about the effect that the US National Security Agency's (NSA) snooping practices have had on their cloud computing strategy. The news broke in June, after former NSA contractor Edward Snowden began leaking the earth-shaking secrets to the media.
Many of the IT executives interviewed say that they're not thrilled with the situation, and that it has made them more careful about cloud computing plans and deployments, prompting them to review agreements with vendors, double-check best practices and tighten security controls.
However, these IT executives haven't been completely surprised by the revelations. Whether by overt means or through covert operations, it's well known that governments engage in surveillance of telecommunications and Internet traffic.
"Government surveillance hasn't changed our opinion about cloud computing. The cloud model is attractive to us, and I was never that naive to think that this type of government monitoring wasn't going on," said Kent Fuller, Director of Enterprise Infrastructure Services at BCBG MaxAzria Group, a Los Angeles-based women's fashion designer and seller that uses Microsoft's Office 365 public cloud suite primarily for employee email.
Stealthy monitoring of computer systems and communications by governments currently doesn't rank among the top IT security concerns for many IT leaders. "Every CIO will tell you we worry every minute of every day about security, privacy, redundancy, operational continuity, disaster recovery and the like," said Michael Heim, Whirlpool's Corporate Vice President and Global CIO. "We're probably the most paranoid guys on the planet."
Jacques Marzin, Director of Disic, France's Interministerial IT and Communications Directorate, said the NSA scandal confirmed the known risks associated with the use of public cloud services. "We are of course concerned about any third party access to our data although we have limited usage of public clouds," he said.
However, having everything behind the firewall also carries risks. CIOs worry about the cost and complexity of running servers on their own premises and the potential loss of competitiveness if rivals are taking advantage of the benefits of cloud computing.
"At the end of the day, the capabilities and economics around the cloud computing model are so compelling that when you artificially try to not take advantage of them you impact your ability to compete, because others will take advantage of them," Heim said. Whirlpool recently decided to move about 30,000 employees from an on-premises IBM Lotus Notes system to the Google Apps public cloud email and collaboration suite.
"We believe we have a very good plan in place to make sure we're just as compliant and secure, if not more so, than we were before," Heim said.
There are ways to mitigate risks associated with cloud computing, as well as precautions, safeguards and best practices that can be adopted, IT executives said. For example, companies should examine what prospective cloud vendors offer in terms of data center redundancy, IT and physical security, risk mitigation, operational practices, and government and industry certifications. IT executives can also complement cloud vendor offerings in these areas with best practices and security wares on their end, like systems that encrypt data before it's transmitted to the public cloud servers.
More than government snooping, IT chiefs appear to consider insider threats a more concrete and likely danger, including disgruntled employees or contractors like Snowden who out of malice or in retaliation expose confidential data or damage IT systems.
In fact, Snowden should serve as a reminder to CIOs to take precautions when hiring IT staffers and to put in place monitoring systems to alert them about rogue system administrators, said Alex Gorbachev, Board Member of the Independent Oracle Users Group and CTO of remote database administration company Pythian Group.
For example, email administrators may have unfettered, unaudited access to all mailboxes, he said. That means they could potentially browse through the CFO's messages and take a peek at preliminary financial reports. If such information were to leak, it could become a dicey situation for publicly traded companies.
Many database administrators have similar power. "Most organizations don't have a mechanism to track their activities 100 percent," Gorbachev said.
IT executives also worry about careless employees who may inadvertently compromise company systems in a variety of ways.
"Personally, I am more concerned about safe data handling practices by our users — flash drives, use of public Internet access, lost or stolen tablets, phones and laptops, passwords on sticky notes — than I am about the security capabilities of cloud service providers and the intrusion of governments or other entities," Brandon Robinson, Network Services Director at ACES, a power management company in Carmel, IN said. ACES uses cloud services for payroll, purchasing, expense reporting and some line-of-business transactional systems.
Another risk that shows up prominently on CIOs' radar screens are external threats, like malicious hackers and malware.
Government surveillance could become a bigger concern if a large company got burned by it — for example, if a government had surreptitiously collected a considerable amount of confidential data from a company, and a malicious hacker broke into the government's system and exposed the data. But there hasn't been a high-profile case of that sort yet.
"If something like that happened, it would change the picture and have a profound impact," said Jay Heiser, a Gartner analyst. "Otherwise, it's premature for organizations to forgo the benefits of cloud computing, but it's also an opportunity to revisit security concerns in general."
At Needham Bank in Needham, MA, IT Vice President James Gordon, said the NSA scandal hasn't horrified enterprise IT leaders because "I don't think there's been a relevant connection to how it impacts an organization yet."
"Until they have a material loss or one of their peers has an accidental information disclosure, it won't hit home," Gordon said.
The level of concern about leaks due to government spying also hinges on the type, size, and industry of a company. "I'm not aware of any instances of this happening to a mid-size wholesale company like us," said Hal Greene, Vice President of IS at Composites One, a distributor of plastic and glass products in North America that uses Google Apps.
But Paul Grewal, CEO of Sage Human Capital in San Bruno, CA, an executive search and recruitment firm, worries about a nightmare scenario in which government snooping on his company's data could result in a leak. "We are definitely concerned. It creates a liability," he said.
A leak could be extremely harmful to the candidates seeking jobs, their current employers and the companies that are hiring. "Our data is extremely confidential," he said.
The company would find itself potentially liable for breaching confidentiality agreements with clients, and it would also see a major trust breakdown.
Sage Human Capital deployed a business intelligence tool from Jaspersoft on the Amazon EC2 cloud service about six months ago to give clients a granular analytics view of how a search is going. "The reason we went to the cloud was ease of implementation and deployment," Grewal said, adding he doesn't plan on rolling back that decision.
He's confident Amazon will provide top-notch encryption and security, but he's also aware that "NSA has a heavy hand and can make offers people can't refuse."
Analysts say CIOs need to weigh risks and rewards and adhere to best practices, whether the government is snooping on their systems or not.
"The answer to whether the risks outweigh the benefits will be different for different companies and CIOs," said Scott Strawn, an IDC analyst.
"Our advice to organizations is to recognize the sensitivity of their data, and if it's highly sensitive, they should take very careful precautions about where they put it, and place heroic levels of protection around it," Gartner's Heiser said.
For starters, companies need to decide which applications and data can be put in a public cloud service, which can go in a private cloud service and which should remain behind the on premises firewall.
"You must be observant and think about data integrity before putting sensitive, mission-critical information in the cloud," said Lars-Goran Eklof, CIO at construction company Lindab in Sweden.
"We only use cloud services on a limited basis, and the information stored in the cloud, including sales statistics, doesn't have a very high security classification," Eklof said.
Criteria that CIOs can use to calculate appropriate levels of security include how critical data is, and what the applicable laws and regulations for privacy and data security in their country and for their industry are.
IRB Services, an Ontario, Canada-based company which conducts independent reviews of clinical research involving humans, choose a software-as-a-service product from Intralinks for secure collaboration on review files because Intralinks can house the data outside of the US.
IRB Services customers in Europe have for some time not wanted their data stored in the US, according to Simon Corman, the company's director of business operations. Before the NSA scandal, "we were just getting that question from compliance groups. Now we're getting it more from an operational level," he said.
IRB customers have always been concerned about the privacy of their data but the NSA controversy has "absolutely amplified the issue," Corman said.
It's also essential for companies to have clear, detailed usage guidelines for employee use of IT systems and handling of data. Companies should use stringent criteria for choosing their cloud computing vendors, examining their track record, security policies, data protection technology and service-level agreements.
In particular, CIOs should watch out for opportunistic and hyperbolic claims from vendors claiming to have technology that can completely shield data from government snooping.
"Vendors have absolutely no ability to make those claims," IDC's Strawn said. "They can't execute on them. The NSA has a lot of power to do what they do. You can't do much about it."
If an agency like the NSA wants to monitor a particular system, it will, and if it can't, it will get a court order to get the access it needs.
Also, just because data, systems and applications are hosted on premises doesn't mean that government snoops can't get to them. In fact, it's likely harder for government spies to break into data centers run by Google, Microsoft, IBM, Salesforce.com and Amazon than to tap into the average enterprise network.
"I'm more comfortable with Microsoft's security for our email than with handling that internally," BCBG MaxAzria's Fuller said. "We're a fashion company, not a tech company. We need to focus our resources on producing great dresses people want to buy."
Still, the NSA scandal worries cloud computing vendors, as they sense concern from current and prospective customers. "It's not having a material impact. But it's certainly causing people to stop and then rethink decisions, and that is, I think, reflected in our results," said Rob Lloyd, Cisco Systems' President of Development and Sales, during the company's most recent quarterly earnings call.
The level of security offered by cloud vendors is mixed; from vendors that are new and inexperienced, to others that are outstanding and provide a better and safer environment than many organizations could afford themselves, according to Jos Creese, head of Information, Corporate Resources, and IT Services at the Hampshire County Council in the UK.
"We need to be prudent as to who we select in cloud providers," said Brian D. Kelley, CIO at Portage County government in Ravenna, OH.
Portage County is dipping its toes in cloud computing, and the NSA revelations made him and his team more aware of the cloud risks. "In IT, we've always had control of our systems and data, and with the new cloud model, we're now relinquishing that control," Kelley said.
"We certainly need to engage ourselves much more to know where our data is, how it is accessed and who can access it, and what to do when the cloud bursts," he said.
GOVERNMENT VIDEO IN THE CLOUD Now Online
Tune-in to the DCIA CEO interview on the BuZZ or read the transcript to learn more about GOVERNMENT VIDEO IN THE CLOUD (GVIC).
The archival website for this DCIA Conference within the Government Video Expo 2013 (GVE) at the Washington Convention Center, including the Conference Program, Photo Album, and Keynote Presentations, is now available here.
CONNECTING TO THE CLOUD at CES Coming Soon
The DCIA will present CONNECTING TO THE CLOUD (CTTC), a Conference within the 2014 International Consumer Electronics Show (CES), on January 8th in the Las Vegas Convention Center, Las Vegas, NV.
The CCA is handling sponsorships.
CTTC at CES will highlight the very latest advancements in cloud-based solutions that are now revolutionizing the consumer electronics (CE) sector or — as ABI Research's Sam Rosen referenced that category at CLOUD COMPUTING WEST — the "cloud electronics (CE) sector."
An opening panel moderated by Tanya Curry-McMichael, VP of Strategy and Marketing, Verizon Digital Media Services, will examine "Millennials, Online TV, and Gaming: Now and Tomorrow."
What are the implications of the digital revolution in the way Millennials discover, access, and consume video, music, and gaming content online?
Hear it first-hand from young voices representing leading companies in the digital, social, and tech arenas.
Bhavik Vyas, Media & Entertainment Partner Eco-System Manager, Amazon Web Services (AWS), will further examine this issue in "Who's Connecting What to the Cloud?"
And Sam Rosen, Practice Director, TV & Video, Consumer Electronics, ABI Research, will address, "Where Are There Problems Connecting to the Cloud?"
Next, in two back-to-back presentations, Robert Stevenson, Chief Business Officer & VP of Strategy, Gaikai, will explore "Consumer Benefits of Cloud-Delivered Content: Ubiquity, Cost, Portability Improvements." And Reza Rassool, Chief Technology Officer, Kwaai Oak, will expose "Consumer Drawbacks of Cloud-Delivered Content: Availability, Reliability, Scalability Issues."
The follow-on panel with Jay Migliaccio, Director of Cloud Platforms & Services, Aspera; Andy Gottlieb, VP, Product Management, Aryaka; Larry Freedman, Partner, Edwards Wildman Palmer; David Hassoun, Owner & Partner, RealEyes Media; Jay Gleason, Cloud Solutions Manager, Sprint; and Grant Kirkwood, Co-Founder, Unitas Global, will discuss "The Impact on Telecommunications Industries of Cloud Computing."
Then two sessions will delve into "Telecommunications Industry Benefits of Cloud-Delivered Content: New Opportunities" with Doug Pasko, Principal Member of Technical Staff, Verizon Communications. And then "Telecommunications Industry Drawbacks of Cloud-Delivered Content: Infrastructure Challenges" with Allan McLennan, President & Chief Analyst, PADEM Group.
The next panel will address "The Impact on Entertainment Industries of Cloud Computing" with Mike King, Dir. of Mktg. for Cloud, Content & Media, DataDirect Networks; Venkat Uppuluri, VP of Marketing, Gaian Solutions; Mike West, Chief Technology Officer, GenosTV; Arnold Cortez, IT Consulting Specialist, IBM; Kurt Kyle, Media Industry Principal, SAP America; Adam Powers, and VP of Media Technology & Solutions, V2Solutions.
Two solo presentations with Les Ottolenghi, Global CIO, Las Vegas Sands Corporation, and Saul Berman, Partner & Vice President, IBM Global Business Services, will highlight "Entertainment Industry Benefits of Cloud Computing: Cost Savings & Efficiency" and "Entertainment Industry Drawbacks of Cloud Computing: Disruption & Security" respectively.
Additional sessions will introduce the subjects "Consumer Electronics Industry Benefits of Cloud-Based Services: New Revenue Streams" with Mikey Cohen, Architect & Principal Engineer, Netflix, and "Consumer Electronics Industry Drawbacks of Cloud-Based Services: Complexity" with Tom Joyce, SVP & GM, HP Converged Systems, Hewlett Packard.
The closing panel will draw on all the preceding sessions to more deeply analyze "The Impact on the Consumer Electronics Industry of Cloud Computing" with Michael Elliott, Enterprise Cloud Evangelist, Dell; David Frerichs, President, Media Tuners; Thierry Lehartel, VP, Product Management, Rovi; Russ Hertzberg, VP, Technology Solutions, SoftServe; Guido Ciburski, CEO, Telecontrol; and Scott Vouri, VP of Marketing, Western Digital.
Top program topics will include case studies on how cloud-based solutions are now being deployed for fixed and mobile CE products — successes and challenges; the effects on consumers of having access to services in the cloud anytime from anywhere — along with related social networking trends.
Also featured will be what broadband network operators and mobile Internet access providers are doing to help manage — and spur — the migration to interoperable cloud services.
Some in traditional entertainment industries find this technology overwhelmingly threatening and disruptive — others see enormous new opportunities; and the value proposition for CE manufacturers will also continue to evolve substantially to providing cloud-based value-adding services — rather than conventional hardware features.
Please register now for CTTC at CES.
CLOUD COMPUTING EAST 2014 in Washington, DC
CLOUD COMPUTING EAST 2014 (CCE:2014) is coming to Washington, DC on May 13th and 14th.
The DCIA is responsible for the agenda and speakers at this event. The CCA is handling exhibitions and sponsorships.
CCE:2014 will focus on three major sectors whose use of cloud-based technologies is revolutionizing business processes, increasing efficiency, and streamlining costs.
More than 100 thought-leaders will have the opportunity to bring their industry knowledge, technological savvy, and strategic insight to our in-depth exploration of the ways cloud computing is streamlining government, revolutionizing healthcare, and providing for the safe and secure functioning of the financial services sector.
How can local, state and federal governments improve services and protect citizens with cloud-based tools?
The explosion of data, advances in security and reliability, the need for redundant storage, and putting it all to meaningful use present challenges to natural resource management, transportation and utility grid monitoring, public safety, law enforcement, and emergency responsiveness.
The government at all levels has been mandated to move into the cloud, and billions are being allocated to these purposes.
We will provide a forum for public-sector adopters and private-sector providers alike to discuss their views of how the cloud is transforming the way government performs its essential functions.
With deepening ties to the government in an increasing number of ways, there is perhaps no financial sector that is larger — and at the same time, more fragmented and technologically disconnected — than the American healthcare industry.
This sector — more than any other — has both the resources and the imperative to benefit from adopting cloud-based solutions to help it become more efficient, collaborative, and interactively connected.
Managing private patient records, collecting clinical research data, and big-data imaging are just three of the many healthcare functions for which the cloud is not only uniquely suited — it is urgently needed.
Speakers representing hospitals, clinics, multi-physician practices and more will be welcome to present their perspectives, along with providers of cloud-based solutions that serve every part of the healthcare ecosystem.
International financial transactions and currency exchange; domestic banking and insurance services; as well as timely and efficient investment decision-making are also being impacted by cloud computing.
The cloud is becoming the most advanced platform for an industry that makes up over one-fourth of our economy.
How are banks, insurance companies, and private equity and hedge fund investors making use of cloud-computing?
Business and technology leaders from the financial services industry will be joined by executives and innovators from cloud-computing solutions providers to examine the ways in which the cloud is being put to use by the global financial services industry.
The conference will open on Tuesday morning with a continental breakfast followed by keynote addresses on the "The State of Cloud Computing Adoption for Government, Healthcare, and Financial Services (gCLOUD, hCLOUD, and fCLOUD)."
Next we'll explore "Leading Industry Trends and the Emergence of Standards Impacting gGLOUD, hCLOUD, and fCLOUD Use Cases."
After a mid-morning networking break, our focus will advance to "Common Regulatory Frameworks and Pending Legislation Affecting the gGLOUD, hCLOUD, and fCLOUD Sectors," and then "Outstanding Obstacles and Issues Still To Be Overcome for Continued Advancement."
After the conference luncheon, followed by dessert and coffee service in the exhibit hall, we'll examine current developments in "gGLOUD, hCLOUD, and fCLOUD Service Models, Deployment Models, Architectures, and Management."
Then, following a mid-afternoon networking break, we'll address "Data Storage, Software Applications, Workflow Processes, and Implementation Strategies."
At day's end, we'll enjoy an evening networking reception.
On Wednesday morning, after a continental breakfast in the exhibit hall, we'll take a closer look at "Vendor Criteria, Task Prioritization, Performance Metrics, and Economics."
Our mid-morning networking break will be followed by "Application Development/Programming Challenges/Opportunities for gGLOUD, hCLOUD, and fCLOUDs."
We will close the conference with "Final Considerations for Selecting, Deploying, and Evaluating Cloud Solutions."
Please click here for more information or to apply for a speaking slot on any of our topics.
Cloud Computing Guru Offered to Fix Healthcare.gov
Excerpted from Business Insider Report by Julie Bort
It's no secret that the White House called in a bunch of Internet gurus from big US tech companies to help them fix the floundering HealthCare.gov website.
But they could have gotten a lot more help than that.
Salesforce.com Founder and CEO Marc Benioff, known for his close ties to the Obama Administration, actually offered to fix the website at no charge, and run it for free for five years, Benioff told the Washington Post.
But the White House couldn't accept.
Benioff made the offer because he considered President Obama to be a friend. He was among 35 people to be "co-chairs" of President Obama's re-election campaign and continues to help with fund raisers. He just hosted the President at his San Francisco home last week.
Benioff told Post reporters Juliet Eilperin and Amy Goldstein:
"A friend in need is a friend indeed. Silicon Valley is a friend of President Obama's, and we're going to help the government get through this," Benioff said. Benioff said he had "offered to rebuild the entire HealthCare.gov site for free and run it for five years at no charge" in direct talks with the White House, but the administration declined the offer.
A White House official said the administration could not have accepted the offer, because it ran afoul of federal contracting rules.
So instead, he assigned two employees to help fix the website, doing what he described as "coaching and mentoring." He didn't charge the White House for their work, he said.
Employees from other big US tech companies also helped out including IBM, Google, and Rackspace.
Benioff is considered one of the fathers of cloud computing. The site he founded, Salesforce.com, is a website that helps large companies interact with their customers and is one of the biggest "software-as-a-service (SaaS)" cloud computing companies around.
Cloud Computing Will Exceed $100 Billion in 2014
Excerpted from WomenCitizen Report
Yesterday International Data Corporation (IDC) announced its top ten technology predictions for 2014.
IDC hosted a webinar to present the research firm's predictions for 2014 including the research firm's latest cloud computing market forecast. You can see a replay of the webinar and get the predictions documents at IDC Predictions 2014. They are briefly summarized below.
Emerging markets will return to double-digit growth of 10%, driving nearly $740 billion or 35% of worldwide IT revenues and, for the first time, more than 60% of worldwide IT spending growth. IDC also predicted that in 2014 the number of smart connected devices shipped in emerging markets will almost double that shipped in developed markets.
In addition, IDC predicts that over the next seven years emerging markets cloud spending will grow seven-fold versus three-fold in developed markets. IDC is predicting IT spending in Western Europe will be marginally up, with US and Japan spending marginally down.
Worldwide IT spending will grow 5% year over year to $2.1 trillion in 2014. Spending will be driven by 3rd Platform technologies, which will grow 15% year over year and capture 89% of IT spending growth.
Smartphones and tablets will lead 2014 growth, accounting for over 60% of total IT growth. Excluding mobile devices, IT growth will only by a modest 2.4%. The graphic shown to the right was shared during the webinar today, explaining the 3rd platform and its contribution to market growth.
Within the 3rd Platform, value will start to migrate "up the stack", from infrastructure-as-a-service (IaaS) to platform-as-a-service (PaaS) and from generic PaaS to data-optimized PaaS. The latter will be most evident as Amazon Web Services rolls out an avalanche of PaaS offerings for developers and higher value services for businesses.
This will force incumbent IT suppliers — the companies that won market leadership in the 2nd Platform era — to urgently reconfigure themselves to fight for position in the 3rd Platform marketplace.
The mobile device onslaught will continue in 2014 with sales of tablets growing by 18% and smartphones by 12%. The Android community, led by Samsung, will maintain its volume advantage over Apple, while Apple will hold onto its value edge with higher average selling prices and an established ecosystem of apps.
But Google Play (Android) app downloads and revenues are making dramatic gains and the "app ecosystem value gap" will be significantly narrowed in 2014. And the clock will be ticking louder for Microsoft , which needs to quickly double mobile developer interest in Windows. Cloud spending, including cloud services and the technology to enable these services, will surge by 25% in 2014, reaching over $100 billion.
IDC explained the $100 billion figure includes software, services, and cloud infrastructure. IDC also expects to see a dramatic increase in the number of datacenters as cloud players race to achieve global scale.
This will be accompanied by a similar expansion in the variety of workload-specialized cloud infrastructure services, leading to new forms of differentiation among cloud service providers.
Finally, a pitched battle will be joined for the developers that can create the cloud-based applications and solutions that will fuel the market's growth. IDC predicts that by 2017, 80%+ of new cloud apps will be hosted on six PaaS platforms.
Spending on big data technologies and services will grow by 30% in 2014, surpassing $14 billion as demand for big data analytics skills continues to outstrip supply. Here the race will be on to develop "data-optimized cloud platforms", capable of leveraging high volumes of data and/or real-time data streams.
Value-added content providers and data brokers will proliferate as enterprises (and developers) look for interesting data sources as well as applications that help them to understand their customers, products, and the markets in which they exist. IDC is also predicting that big data analytics services 2014 spending will exceed $4.5B, growing 21% over 2013.
Social technologies will become increasingly integrated into existing enterprise applications over the next 12-18 months. In addition to being a strategic component in virtually all customer engagement and marketing strategies, data from social applications will feed the product and service development process. IDC expects enterprise social networks will become increasingly available as standard offerings from cloud services providers.
This will enable enterprises to further embed social into the workflow, rather than having a separate "social layer." IDC also predicts that by 2017, 80% of Fortune 500 companies will have an active customer community, up from 30% today. By 2016, 60% of the Fortune 500 will deploy social-enabled innovation management solutions.
Datacenters represent the physical foundation underneath the cloud, and are thus a crucial component of the 3rd Platform. As cloud-dedicated datacenters grow in number and importance, the market for server, storage, and networking components will increasingly be driven by cloud service providers, who have traditionally favored highly componentized and commoditized designs.
The incumbent IT hardware vendors, who have struggled to sell into this market, will be forced to adopt a "cloud-first" strategy, designing new innovations for initial release and widespread adoption in cloud service provider datacenters.
The 3rd Platform will deliver the next generation of competitive advantage apps and services that will significantly disrupt market leaders in virtually every industry. A key to competing in these disrupted and reinvented industries will be to create industry-focused innovation platforms (like GE's Predix) that attract and enable large communities of innovators — dozens to hundreds will emerge in the next several years.
IDC predicts that most of these industry platform players will not reinvent the cloud underpinnings they need, but will build on top Amazon, Microsoft, IBM, Salesforce, and others' platforms. In 2014, it will be critically important for these IT leaders to find these emerging industry platform players and win their business.
The 3rd Platform will continue to expand beyond smartphones, tablets, and PCs in 2014 to the Internet of Things (IoT). With IoT momentum building in 2014, IDC expects to see new industry partnerships to emerge as traditional IT vendors accelerate their partnerships with global telecom service providers and semiconductor vendors to create integrated offerings in the consumer electronics and connected device spaces.
This kind of collaboration and coordination will be necessary to reach the 30 billion autonomously connected end points and $8.9 trillion in revenues that IDC believes the IoT will generate by 2020.
Coming Events of Interest
International CES - January 7th-10th in Las Vegas, NV. The International CES is the global stage for innovation reaching across global markets, connecting the industry and enabling CE innovations to grow and thrive. The International CES is owned and produced by the Consumer Electronics Association (CEA), the preeminent trade association promoting growth in the $209 billion US consumer electronics industry.
CONNECTING TO THE CLOUD - January 8th in Las Vegas, NV. This DCIA Conference within CES will highlight the very latest advancements in cloud-based solutions that are now revolutionizing the consumer electronics (CE) sector. Special attention will be given to the impact on consumers, telecom industries, the media, and CE manufacturers of accessing and interacting with cloud-based services using connected devices.
CCISA 2013 – February 12th–14th in Turin, Italy. The second international special session on Cloud Computing and Infrastructure as a Service (IaaS) and its Applications within the 22nd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.
NAB Show - April 5th-10th in Las Vegas, NV. From broadcasting to broader-casting, NAB Show has evolved over the last eight decades to continually lead this ever-changing industry. From creation to consumption, NAB Show has proudly served as the incubator for excellence — helping to breathe life into content everywhere.
Media Management in the Cloud — April 8th-9th in Las Vegas, NV. This two-day conference provides a senior management overview of how cloud-based solutions positively impact each stage of the content distribution chain, including production, delivery, and storage.
CLOUD COMPUTING EAST 2014 - May 13th-14th in Washington, DC. Three major conference tracks will zero in on the latest advances in the application of cloud-based solutions in three key economic sectors: government, healthcare, and financial services.