At any point in time on any day of the week, Microsoft’s cloud computing operations are under attack: The company detects a whopping 1.5 million attempts a day to compromise its systems.
Microsoft isn’t just fending off those attacks. It’s also learning from them.
All those foiled attacks, along with data about the hundreds of billions of emails and other pieces of information that flow to and from Microsoft’s cloud computing data centers, are constantly being fed into the company’s intelligent security graph.
It’s a massive web of data that can be used to connect the dots between an email phishing scam out of Nigeria and a denial-of-service attack out of Eastern Europe, thwarting one attack for one customer and applying that knowledge to every customer using products including the company’s Azure computing platform, Windows 10 operating system or Office 365 productivity service.
Those security threats have heightened substantially in recent years, as criminals have built lucrative businesses from stealing data and nation states have come to see cybercrime as an opportunity to gain information, influence and advantage over their rivals. That’s led to potentially catastrophic attacks such as the WannaCrypt ransomware campaign that’s made headlines in the past few weeks. This evolving threat landscape has begun to change the way customers view the cloud.
“It was only a few years ago when most of my customer conversations started with, ‘I can’t go to the cloud because of security. It’s not possible,’” said Julia White, Microsoft’s corporate vice president for Azure and security. “And now I have people, more often than not, saying, ‘I need to go to the cloud because of security.’”
Customer Story: Matson uses AWS to enable fast analytics
Matson uses AWS for IT that enables fast analytics and precise tracking of assets and shipments as they move around the world, they moved their applications from its on-premises data centers to the AWS Cloud and are enjoying faster performance, increased reliability and security, and IT infrastructure cost savings of at least 50 percent.
Why wait, check out pricing now here or call 800-208-3617
Digital transformation is being driven by Indian companies such as Flipkart (the country’s leading marketplace) and Tata Motors, as well as Korean companies such as LG Electronics, Samsung Electronics and Asan Medical Center, through the leveraging of Microsoft cloud.
Azure is available from two new cloud regions in Korea, part of 38 Azure regions around the globe which is more regions than any other cloud provider. 13 of those regions are in Asia which gives customers across the region the opportunity to leverage the Azure cloud platform’s ability.
Across industries, including finance and health care, Korean companies are putting local Azure services to use in their organizations. LG Electronics is sending real-time data and using the scalability of virtual machines in order to better serve their customers and Asan Medical Center is able to collaborate with the industry & academia in order to supply anonymous clinical notes through Microsoft's hybrid cloud.
Other Korean companies, such as Samsung Electronics, are leveraging the Internet of Things (IoT). Using its remote energy reduction solutions (S-Net Cloud), Samsung is able to monitor energy use and deliver efficiencies to customers in order to save them money on energy costs.
Data center regions in India opened in September 2015 have provided the immense computing power of Microsoft cloud for the purposes of growth and innovation. Flipkart has adopted Azure as its exclusive public cloud platform to do just this, grow and innovate. The collaboration between Microsoft and Flipkart has marked the process towards providing customers with the best online shopping experience possible, aided in addition by Flipkart's use of Azure Artificial Intelligence (AI) and analytics to optimize the areas of merchandising, marketing, and customer service. This partnership comes on the heels of Microsoft's cloud collaboration with Tata Motors – India’s leading auto manufacturer – to provide connected driving experiences with Azure.
The goal is noble: Empower people to lead healthier lives. And yet, few industries in the world face more complex problems than health care. Disparate and disconnected information systems, the uncertainties within regulatory environments around the world and the inevitable disruptions in core business models all pose perplexing and interlocking challenges.
As we look at some of the challenges in health care, a natural question we ask ourselves is, How can Microsoft bring its capabilities to bear to solve some of these problems?
It’s a big challenge. But we believe technology – specifically the cloud, AI and collaboration and business optimization tools – will be central to health care transformation.
Making a difference in health care will require all that Microsoft can bring, fused with the industry expertise and experience from our partners: leading health care organizations and the companies that serve them.
We are incredibly energized about the opportunities to make a difference in health care. We’ve been listening carefully to our customers and partners within the health care sector, and we’ve heard their message: Let’s work together, innovate together and create solutions that can empower people to lead healthier lives.
Today, we are expanding our commitment to building a healthier future with new initiatives and solutions, making it easier for health industry partners and organizations to use intelligent technology to improve the lives of people around the world.
Healthcare NExT: Fusing research, AI and industry expertise through partners
Healthcare NExT, a new initiative to dramatically transform health care, will deeply integrate greenfield research and health technology product development, as well as establish a new model at Microsoft for strategic health industry partnerships. Through these collaborations between health care partners and Microsoft’s AI and Research organization, our goal is to enable a new wave of innovation and impact using Microsoft’s deep AI expertise and global-scale cloud.
This initiative includes investments in resources for our partners to capture new opportunities to apply AI to healthcare, such as the Microsoft AI in Health Partner Alliance, an expanding group of partners focused on advancing health technology. Alliance members will receive unique training and access to Microsoft technologies, engineering expertise and data sets.
Transforming patient and clinician empowerment with UPMC
The first planned strategic research partnership for Microsoft’s Healthcare NExT initiative is with UPMC (University of Pittsburgh Medical Center), one of the largest integrated health care delivery networks in the United States. The $13 billion Pittsburgh-based system, comprising more than 25 hospitals, a 3 million-member health plan and 3,600 physicians, will be a core partner in our efforts to improve health care delivery through a series of projects, beginning with a focus on transforming clinician empowerment and productivity. With UPMC’s long track record of clinical and commercial innovation and Microsoft’s expertise in advanced AI capabilities, the two organizations plan to work together to bring innovative new solutions to market, beginning with implementation at UPMC.
“Despite UPMC’s efforts to stay on the leading edge of technology, too often our clinicians and patients feel as though they’re serving the technology rather than the other way around. With Microsoft, we have a shared vision of empowering clinicians by reducing the burden of electronic paperwork and allowing the doctor to focus on the sacred doctor-patient relationship,” said Steven D. Shapiro, M.D., chief medical and scientific officer of UMPC and president of UPMC’s Health Services division.
Additional collaborations from Healthcare NExT include partners applying the cloud, AI and research to some of the biggest problems in health care:
HealthVault Insights is a new research-based project designed to allow partners to generate new insights about patient health, drive adherence to care plans and encourage patient engagement powered by the latest scientific advances in machine learning. Tribridge and System C & Graphnet Care Alliance are building on HealthVault Insights to create innovative solutions for patient adherence to provider care plans.
Microsoft Genomics is making the sample-to-answer process fast and easy through an Azure-powered genome analysis pipeline and an orchestrated ecosystem of innovative partners including BC Platforms and DNAnexus.
Microsoft’s AI health chatbot technology is also a research-based project that will enable partners to build AI-powered conversational health care tools. MDLIVE intends to use our health bot technology to help patients self-triage inquiries before they interact with a doctor via video. Premera Blue Cross, the largest health plan in the Pacific Northwest, plans to use our health bot technology to transform how members can look up information about their health benefits. Health Navigator’s symptom checker brings best practices to other customers and partners.
Project InnerEye is a research-based, AI-powered software tool for radiotherapy planning. The goal of the project is to allow dosimetrists and radiation oncologists to achieve 3D contouring of patients’ planning scans in minutes rather than hours. The assistive AI technology gives experts full control of the output accuracy while enjoying high levels of consistency and potential cost savings.
Enabling 21st-century house calls powered by the Microsoft cloud
Microsoft Office 365 Virtual Health Templates provide new functionality to connect people and providers through voice, video and messaging in any interface or application, powered by Skype for Business. The open source templates make it easy for industry partners, developers and enterprises to build solutions to provide care wherever patients may be.
RingMD, Careflow, Cambio and GE Healthcare have built from Office 365 Virtual Health Templates compelling and easy to use experiences.
Addressing health care business optimization with SaaS apps
New services from our partner ecosystem, powered by the Microsoft cloud, help address business process challenges outside of the clinic. Available today is CGI ProperPay for claims analytics. ProperPay provides predictive analytics, rules management and best practices for reducing health care claims fraud, waste and abuse, a $450 billion-plus problem driving up health care costs around the globe. CGI ProperPay for claims analytics joins a growing number of business and engagement applications in the Microsoft AppSource catalog like Tribridge’s Health360 Care Coordination.
Looking to the future
With any significant advance in technology it’s important to consider the unintended consequences, as well as the benefits. At Microsoft, we’re grounding our efforts in a set of core design principles that focus on the human benefit of AI, transparency and accountability. We believe that ethics and design go hand in hand.
Further, we understand that security, privacy, and compliance remain a top priority for health organizations. Microsoft Chief Information Security Officer for Health Hector Rodriguez recently reinforced our commitment to customers highlighting key investments across these core principles of trust in technology.
At the intersection of health, technology and people lies great promise. Our mission is to empower every person and organization to achieve more, and we’re excited to meet many of you next week at HIMSS17 and continue our close partnership in health care to achieve more together. If you’re at HIMSS17 next week in Orlando, Florida, be sure to stop by our booth No. 2509 to see our solutions in action. Follow our HIMSS17 story on @Health_IT to learn more.
[vc_row][vc_column][vc_column_text]
Complexity Will Drive Demand For Managed Services Providers
Technology has changed a lot over the years. Back in the mainframe days we had very standard architectures that were driven by a few vendors and managed by a few people. Developers had few choices when it came to infrastructure and programming languages. When we moved to the client server era, infrastructure configurations became much more dynamic and many enterprises adopted a three tier architecture. Developers could now choose from a variety of programming languages and specialists emerged within each layer of the architecture (web, application, database, middleware, etc.). This increase in complexity came with trade-offs. We now had greater flexibility in the types of applications we could build and the ability to deliver software with more velocity and at a lower cost. However, managing these n-tier architectures created more operational overhead and required a diverse set of skills to support the various layers.
As we enter the cloud era, complexity is at an all-time high and our trade-offs are more extreme than ever before. We can build incredible solutions at amazing scale. Both the software and infrastructure components of our architectures can be highly automated. We live in the world where everything can be delivered as a service and is available online, all the time. In order to support the “always on” and auto scaling requirements that users have come to expect, the underlying architectures have become extremely complex.
Balancing agility and complexity
At the same time our architectures are increasing in complexity, the business is demanding speed to market like never before. Large ecosystems around cloud computing, mobile computing, big data solutions and the Internet of Things allow us to connect highly abstracted building blocks together and build highly available and extremely robust solutions in a fraction of the time. The architectures of cloud, mobile, and big data are highly distributed and the underlying infrastructure is both virtual and immutable. That is a radical change from when previously large, inflexible, physical architectures supported the software we built.
Today’s distributed architectures are made up of many moving parts. These architectures are elastic, meaning that they scale up and down horizontally by adding and subtracting virtual resources automatically. Building architectures of this nature is much more involved than in the vertical scaling world of mainframes and client server architectures where scaling meant adding bigger physical machines and components. Many engineers within today’s enterprises have years of experience dealing with vertical architectures, but very little experience in building horizontal architectures. Enterprises are traditionally very good at managing back office applications and building n-tier software. But when it comes to architectures that require high scalability and massively parallel processing, very few enterprises have the experience required to build those types of applications.
This creates the following dilemma. The business sees an opportunity, whether it is a new revenue stream, a competitive advantage, or possibly a competitive threat, and requests that IT implements a new cloud, mobile, or big data solution. IT has very little expertise in this space yet still decides to build it themselves. They go through a long period of prototyping and learning. Many of these enterprises will fail to deliver or will deliver something subpar or very late. While IT is trying to wrap their arms around these new technologies, the business opportunity sits there idle and the opportunity costs start accumulating rapidly over time. To make matters worse, IT is spinning their wheels and consuming valuable time and money just to stand up clouds, mobile platforms, or big data databases before they can even begin to focus on building the applications and services that will provide the greatest value to the business. Much of the work that IT is trying to figure out is already a commodity that a whole host of vendors already provide out of the box as a service, or even as a completely managed service.
Giving up control to acquire value
IT traditionally wants to be in control of everything. Developers frequently want to build many things that are not a core competency. The problem I see in IT is they prioritize things like control and manageability far more than things like speed to market, customer satisfaction, agility, etc. We live in an era where time to market is one of the most critical value propositions in business. Get something to market quick, acquire customers, learn from those customers, and advance the product or service based on customer feedback. Going dark for 12-18 months as IT ramps up its skillset for the new technologies is not a winning formula. IT needs to understand that they should focus on delivering business value instead of trying to control every technology under the sun.
Where does IT add value?
The real value of IT is its deep understanding of the business and enabling business partners by providing them with cost effective technology solutions that can be delivered quickly and adjusted frequently. Building and managing commodity technologies adds time and costs to each project and ties up precious IT resources on tasks that add little to no value to the business. No wonder IT is often considered a cost center! My advice is to take a step back and build a business architecture diagram that lays out the core business services that your company offers. Then draw up a reference architecture that depicts all of the different IT services that are required to support those business services. Then, identify which of those IT services are core to your business and build those. Everything else should be outsourced to managed service providers or to various external services and products.
Summary
IT needs to stop being a control freak and figure out how to add value by quickly delivering on the company’s core services. IT should be focusing on being the best provider of the services that their customers demand. If that service happens to be providing data center services, then by all means focus on that. If not, don’t spend time building datacenters. The same goes for big data, mobile, and IoT. If the company’s core service is to be a provider of database services, mobile platforms, or sensor technology, then build those technologies. If not, find the vendors who deliver those services as a core competency and spend your time building your business services on top of it
Looking for a partner in your business' managed services needs? Call us at 800-790-1524 to learn about all that we offer!
Security has always inhibited the take-up of cloud. I believe in most cases fears are overstated, but data security in the public cloud cannot be taken lightly. Data remains the responsibility of the organization that owns it, regardless of where it is stored. Your data may be held in an external cloud, but you cannot abdicate your own security responsibilities.
Your choice of cloud service should be based on what your organization can do and your appetite for risk. If you have limited resources, you will be more reliant on your cloud provider, but it is up to you to ensure they offer the security you need and continue to provide it throughout the contract.
When choosing a service, be aware that different types of public cloud include different levels of security. Very simplistically, with Infrastructure as a Service (IaaS), the service provider will secure access to the underlying host and provide good general security up to and including the host and hypervisor patching. They may also provide proactive infrastructure security monitoring, often as a chargeable additional service, but you will still be responsible for securing access to the instance(s) and everything inside them, plus security of integration between instances unless you contract the provider or another third party to do it for you.
With Platform as a Service (PaaS) you also get a secured OS and service platform, plus normally patching of this, but you have to take responsibility for access and authentication to the service plus application patching and code updates for your service running on the platform.
With Software as a Service (SaaS) the provider is responsible for overall security of the service including securing any data hosted in their environment, so your responsibility is primarily authentication to the service and data transfer between service providers.
If you have very specific security needs, public cloud may not be right for you. The major public cloud providers have defined, standard processes and services, which is one of the major benefits of cloud and key to its cost effectiveness. If you need the provider to tailor its processes to suit you, you will be better off talking to private and virtual private cloud providers.
Having chosen public cloud, you need to find the right provider – which I believe is more about risk management than security. You must carry out effective due diligence, evaluating potential cloud providers as you would any other supplier and seeking independent verification of their capabilities and financial security.
It is the cloud provider’s responsibility to ensure your data is secured and protected within their environment, and their SLA should offer appropriate guarantees. However, it is your responsibility to ask them to deliver the appropriate levels of information security, and you must measure and audit them yourself to ensure they apply what has been agreed.
Agreements do not normally include backup unless you specify it in the contract, but all data you host with the provider should be recoverable and returnable at the end of the agreement.
To ensure data sovereignty, you should ask the cloud provider where it will be stored. You need to ensure this is in a jurisdiction with the correct safeguards in place and which does not contravene the Data Protection Act (GDPR from May 2018) or comparable legislation in other jurisdictions. Many providers who previously hosted offshore are setting up UK data centers to meet this requirement. Remember to ask where both primary and backup sites are located. If the provider cannot guarantee this, walk away.
I recommend asking your potential service provider:
Who is the ultimate holder of the data?
Where is the data held?
Do you operate good processes and can you prove it?
What specific security standards and levels of security are you applying to my data?
How can you guarantee no-one else can get access to my data unless I specifically want them to?
Organizations should check this information for themselves and manage it as they would for every other corporate risk.
Finally, consider how to manage your cloud supply chain. In many cases the organization you contract with is not the ultimate provider of the service, so you need to ensure they have suitable underpinning agreements or back-to-back contracts with their providers. Multiple providers may be necessary to deliver core services.
Risks arise when it is not clear where responsibility lies, which can lead to a blame culture. I recommend developing an operational agreement whereby suppliers commit to a code of conduct designed to remove any barriers to effective relationships and interworking and which operates alongside SLAs. This helps suppliers work together and removes any gaps or overlaps between contracted boundaries of responsibility, with mechanisms to resolve disputes in a collaborative and effective manner. It can be formalized in a Customer Service Charter.
Looking for a partner in your business' managed services needs? Call us at 800-790-1524 to learn about all that we offer!
[vc_row][vc_column][vc_cta_button2 h2="Find Your Best Path To A Truly Consistent Hybrid Cloud" title="COST BENEFIT ANALYSIS" size="lg" position="bottom" link="url:http%3A%2F%2Fwww.managedsolution.com%2Faws-azure-compare%2F||" accent_color="#f4c61f"]
Achieve IT infrastructure cost savings of at least 50%
Call Southern California’s most trusted name in cloud at 800-208-3617 for real time pricing and a cost benefit analysis for Microsoft’s Azure and Amazon’s AWS.
[/vc_cta_button2][/vc_column][/vc_row]
Contact us Today!
Chat with an expert about your business’s technology needs.
By Richard Blanford as written on www.infosecurity-magazine.com
