There is some way to go

Friday, June 03, 2011 Category : 2

A quick little rant on an article I read this morning, "Interview: Wadeson opens up on Government IT". The lead of the article describes who Wadeson is

The Australian Government's longest-serving, most influential CIO reveals all on his retirement.

John Wadeson, one of the longest-serving CIOs in the Australian Government, will retire on September 9 after 40 years of public service.

The day he started, Bill McMahon was Australia’s Prime Minister. He’ll finish up just after his 61st birthday, and midway through one of the largest IT challenges an Australian Government agency has ever faced.
Given that Wadeson is no light weight so I was really interested to his comments on Cloud. They were brief;
Wadeson has followed with interest discussions on cloud computing in government, but feels it offers little to advance Centrelink – and now Department of Human Services.

“No one is ready to put customer data offshore,” he noted. “Not yet. It won’t happen in my time.

“The trouble is that you split our architecture and then nothing connects,” he said.

“Our staff want it all to work in a whole system that integrates. So there’s not a lot in it, for us.”
Really. They are certainly brief statements and he may have said a lot more and often people can be quoted out of context ... but even so.

Do we still need to live with the perception that utilising Cloud means to "put customer data offshore"? Sure, Australia does not yet have the diversity and scale of Cloud services that exist in other countries but there are services and more are being delivered every month.

Why does Cloud adoption mean you "split ... architecture and then nothing connects"? With the growing capability of hybrid models, storage tiering and other architectures there is no split or loss of connection. How Cloud utilisation results in not having "whole" or "integrated" systems is a wonder. Is the perception that Enterprise Architecture and Cloud are incompatible?

The only way I can may any sense of this is that the definition of Cloud being referred to is a narrow alignment with specific and standalone SaaS offerings, for example the adoption of Google Mail to replace or augment a departments existing mail systems. But Cloud is so much more than that!

Is this really the depth of innovative thinking that exists within IT leadership in this country? Maybe its a good thing that Mr Wadeson is retiring in September. If Cloud is not going to happen "in my time" at least that time is short!

This speaks to show just how much work there is to do in education, discussion and working through the models and use cases for the ever increasing expanse of what Cloud means and what Cloud can deliver.

Rodos

P.S. The views expressed as usual are my own and my own madness and not related to anything or anyone else.

UPDATE : Here is a video from ZDNet with John that's interesting to watch.



Where it all began, 1994

Monday, May 23, 2011 4

Just had to share the crazy stuff I just found.


Here is the text of a web page I created in 1994 when I was first starting to use this thing called the Internet. Its a scream!

Remember when you cared if your serial card had a 16550 uart for less interrupts? The computers at work had 2G disk drives, luxury. Remember having a PPP account to connect to the net? What about when windows did not come with a TCP/IP stack and you had to go and pay for one! What about recommending that people look into this thing called Linux.

For those from Australia, that DEC Alpha machine which was connected to the net only via email was set up by none other than Simon Hackett, founder of Internode.

Looking back at the site I had all these tips, technical notes and FAQs on the technology that I worked on. Obviously the seed to a future blogging career.

How technology has changed (but my spelling has not improved).

Enjoy this blast from the past. I hope it brings back some memories of your own!

My stuff!

  • Hardware
  • Internet software
  • Creating my pages
  • Providers of PPP connections in Sydney, Australia
  • Test your browser

There is a lot of software and hardware that I have come accross, especialy when it comes to surfing the net, so here is bit of a description of what I have and how I use it.

Hardware

At home I am running a 486DX2-66 with 8mb of RAM, an Adaptec SCSI with a 512Mb SCSI drive and a NEC 3Xi SCSI CD-ROM drive. For communications I use a QuickComm Spirit II modem that does 14.4K. A while ago I used a serial board with 16550 uarts for extra speed and less interupts but it seams to have died so I am back to the 8250. Still haning around is my old 386SX-16 with 4mb of RAM and a 80mb drive. Its so slow it drives you nuts, especially in windows, however I did run Linux (click to hear Linus Torvalds prounance it) on it for a few months and was able to get ghostview, a postscript viewer to run under x-windows on it, not bad for such a dud machine, of course I had a 16mb swap partition. If you are interested in unix at home you should give Linux a try.

In the office I use a variety of machines. There is a DEC VAX 4000/60 running OpenVMS with 24mb of RAM and about 2.1Gb of disk, the DEC Alpha running OpenVMS with 80mb of RAM and about 2Gb of disk and a HP running HP-UX with 64Mb RAM and 1Gb disk space. They all have huge workstation screens which I love to work on and are all networked (TCP/IP). The Alpha is connected to the Internet by mail only.

Internet software

These days I am really into the Word Wide Web (the WEB or W3) and have lots of utilities and software etc to do this. My connection to the net comes from Magnadata who provide PPP and shell accounts. Its around AUS$40 a month for PPP access. The good thing about their charging is its not time baed but transmission size. Therefore I can stay connected and not worry about how long it takes me to read something or if I am FTPing something from the US I don't care how slow the link is. The monthly charge incluses 20mb and each extra mb isa dollar or something.

On my PC I run PC/TCP from FTP Software Inc. and use their PPP connection. It loads as a VBX for Windows but I am not sure I have it installed right and think there still might be a TSR floating around somewhere. Its very good and its dialer program which you use to make the serial connection is simple.

On top of all TCP/IP I then run lots of client programs, the most important of which is my W3 browser, Virtual Library/CyberWeb of WWW Development. I create my images by capturing them from other pages or pieces of software with Paint Shop Pro.

Creating my pages

Like a lot of people as soon as I started using the W3 I had an urge to create my own documents; after all who can resist the idea of having your ideas accessable by anyone in the world, what a medium! My first page was a simple home page that I placed on my providers server in Hong Kong (where I was living at the time). This linked to another page which had information on my son Samuel with his picture. Once these were created I started to place my URL into the signature of my home page and have done so ever since.

Today I am a little more experienced but few things have changed. All of my pages are created locally on my PC and I use the file: URL to load them, therefore they all load very fast, hense the number of images in my pages. To write them I simply use a text editor SuperPAD that comes as an example with MS Visual C++, it's basically notepad but has an MDI interface. I have tried HoTMetal bySoftQuad Inc. and HTML Assistant by Howard Harawiz but find that they really don't make the creation of a page any easier. I just write in the editor and then frequently load it into Following is the dialog for my conversion program.

Rodos

Save the date for IIIS event in August

Thursday, May 19, 2011 Category : , , , , , , , , 0

If you are based in Australia then put a note in your calendar for August 2nd and 3rd. This is the date of the first Implementing Information Infrastructure Symposium (IIIS) which will be held at the Hilton Hotel in Sydney. The event is partnership between Storage Networking Industry Association for Australia and New Zealand (SNIA ANZ) and IDG Australia.


The first round of vendors have signed up as premier partners for the event, being :
  • Cisco
  • Dell
  • EMC
  • HDS
  • HP
  • IBM
  • NetApp and
  • Symantec
There means there is going to be some great information and speakers available. However don't think this is just going to be a vendor fest. Onwards from here
IIIS is now embarking on signing up the Technology and Channel sponsorship partners. Altogether, some 40 vendors and partners will present to delegates as well as speakers from large Australian corporations, subject matter experts, and the leading industry analyst from the USA.
If you are not lucky enough to get to overseas events such as the recent EMC World or the upcoming VMworld, I think you are going to find this event very useful. Storage and information management is a massive are of interest and development at the moment.

Hopefully I will see you there!

Rodos

P.S. Note that I am a board member of SNIA ANZ so I probably have a vested interest in people attending this. But I am a geek first and still think this is a great event anyhoo!

Congrats to Channel vChampions

Thursday, April 07, 2011 Category : , 0

Congratulations to all the VMware Channel Champions which were announced at the VMware Partner Exchange in Sydney yesterday.

The announcement was made by the new Channel Director for VMware ANZ John Donovan during the opening session.

Here is the list of 26 people that were named, which includes yours truly.



I know quite a few people on that list and have been working with many of them in the virtualisation industry for many years. Even though we are competitors I have always found a great spirit of shared mission and values with these guys where our business competition is left to the side where appropriate.

The people are called vChampions and all come from the partner community which is different from the vExperts. To be honest we don't really know much about it yet, there is a special event to reveal more details. There is a website (yet another one) http://www.vmwarechampions.com.au/ which states that
Welcome to the VMware Champions community.

The Champions community is a new initiative that will bring together the most dedicated supporters of VMware products, like yourself, and reward you with exclusive events and updates. We look forward to building a great future with you.
From what I have heard its intended that the program gives you access to some special events and more access to VMware staff. Time will tell.

Great that VMware is working to look after its community of people who participate from the Partner community and recognise leaders. Again, my congratulations to all who have been recognised!

Rodos

Cloud Contracts

Tuesday, April 05, 2011 Category : , 0

One area of the Cloud space that is not well covered to date has been the contracts around services.


I have been raising the profile of contracts and organisation legal teams since a presentation I did earlier this year on Cloud adoption. My premise was that many organisations are focused on educating the technical staff or IT teams within their business. Yet there is a great need to skill up both the legal and finance teams too. As organisations look to adopt (or deliver) Cloud services their legal and finance teams are going to be reviewing contracts and models that might be very new to them. Smart companies are going to prepare these groups alongside their IT staff.

Hence I was really pleased to see that Brett Winterford, editor at ITNews, put together an event discussing Cloud computing Contracts.

Some background on the event.
  • The room was full, standing room only, so there is certainly a need within the market for information on contracts.
  • The event was sponsored by VMware, but it was in no way a VMware sales pitch which was great.
  • The main presentation was by Mark Vincent, Technology and Intellectual Property Law Partner at Truman Hoyle Lawyers.
  • Mark presented a white paper titled "Cloud Computing Contracts - White Paper - A Survey of Terms and Conditions". The paper reviewed 25 Cloud contracts to understand whats on offer in the market. Okay, you might think these things are a dry read, but its really very interesting if you deal with this stuff day to day!
Now to some details on this great white paper and my thoughts on it.

The survey covered providers of SaaS, PaaS and IaaS which are focused on the corporate rather than the consumer space. The issues that were covered in the review were
  • choice of law jurisdiction and dispute resolution
  • variation in terms
  • privacy laws and transborder data flows
  • security and backup
  • service level agreements
  • transition out arrangements
  • warranties and liability limitations and
  • multiple parties in the cloud stack
An item that stood out the most to me as I read was the repeated reference throughout the document to the benefits of larger providers. For a 21 page paper (with only 17 of those being content) there are 7 different references to large providers.
  • In relation to contracts overall "For the small to medium enterprise ("SME") procuring any entry-level cloud service, the opportunity to negotiate may, in some cases, be more limited. Choice of vendor requires not just an assessment of contractual terms but requires a relationship of trust and confidence, which larger providers with global scope will frequently demonstrate."
  • In relation to variations in terms "Contracting on terms that can be amended without notice involves an element of trust on the part of the customer that the provider will not change its terms in a way that is detrimental to the customer. This underlines the importance of selecting a vendor with an established reputation which it is unlikely to put at risk by a capricious use o the discretion."
  • In relation to Security, Encryption and Backup, "A key concern for a business considering cloud services is the security and integrity of its data. The concern is equally held by service providers who recognise that the future lies in the cloud and with it, their reputation." ... "White the customer can control some aspects of security and data integrity, such as maintaining independent back-ups and using data encryption, many aspects of data security in a cloud based environment are out of the customer's control (or even knowledge). This includes the physical security of the data centre, virus protection, protecting against external attacks and maintaining security of data as it is transferred between data centres. Again, this underlines the importance of choosing a reputable service provider with strong data protection policies and procedures." ... "In this area, the importance of choosing a vendor which shares a customer's reputational risk may be one of the most important aspects of vendor choice. The assessment of impact on the vendor of a security breach should form part of the commercial assessment involved in procuring cloud offerings."
  • In relation to Consequential Loss, "The contract will not act as insurance against all loss and many providers will be keen to avoid the reputational damage caused by a failed service. When accessing this issue, it is important to consider the differing impacts of outages for major global providers as opposed to small start up companies providing cloud offerings."
  • Last, the final sentence in the conclusion "this focus highlights the importance of confidence in the cloud and demonstrates the benefits that engaging a trusted provider who is at the forefront of development of best practices in the area and whose reputation both relies on and supports the principles of data protection and security, can bring."
Wow, when you put all of those together its a strong message.

Some other interesting points
  • More than half the companies surveyed had their choice of law based outside of Australia. Ten give an Australian state as a choice of law for venue. According to Marks comments in is not an exercise you want to start in a US based court based on his experience. I suppose the message here is look for an appropriate choice of law where your organisation has a legal presence to execute on.
  • In the variations on terms there is a propensity to use T&Cs which are updated on a web-site and that a customer must review as required. This was one of those comments around trusted providers who either have good experience with this (or maybe a bad experience with the ACCC and hence now better) or have a reputation that they need to keep through good behaviour.
  • Transborder Data Flows, sending of data across country boundaries received a lot of discussion. The take away here was that it can be really hard to get clarity on where your data might be and that you must have a good understanding of your requirements in the "National Privacy Principals under the Privacy Act". There is some good information about "an Exposure Draft of the Australian Privacy Principals ("APPs" that are proposed to replace the current NPPs. Under that exposure draft, APP 8 and a proposed new Section 20 of the Act will regulate cross-border disclosures of personal information". So if you are going to place any personal information into the Cloud best be prepared to know where all of your data is located, including back-ups.
  • No surprisingly there is a reference to the APRA statement, mentioning that "Accordingly cloud based services may need to be subject to the same rigour as any other outsourcing arrangement and risk management frameworks as outlined in applicable ARPA Prudential Standards and Prudential Practice Guides."
  • There is some discussion and comments in the presentation around the challenges of security. Such as "Cloud service providers can assist customers to perform the appropriate risk assessments by being open about the security regimes they have in place to protect data stored within their cloud service and by contractually committing to specified levels of security. The risk assessment should fairly compare the arrangements that are currently in place to secure data on existing IT systems with the protection proposed by the cloud vendor. Often cloud vendors will be in a position to offer very sophisticated approaches to security beyond the capability of many individual businesses."
  • The review of SLAs was interesting. An example was given of a contract that stated "... [We] guarantee one hundred percent (100%) uptime ..." and then goes on to only consider outages which have a duration over 30 minutes for credits. Another area of interest is where providers "make representations about their security and service they provide, either on their web-sites, or during negotiations for the provision of the services, such as: [...] your critical information is safe and secure [...] [The services are] designed to provide you with a secure and reliable platform for your data." but then exclude these representations from the terms of the agreement that is ultimately entered into!
  • Transit Out is discussed as an area where many of the contracts lack clarity and that there is a big differences in what is provided. This is most important for SaaS consumption so that "the data can be retrieved in a vendor neutral format so that it can be imported to an application provided by a new third party software provider". It was interesting to "Note that virtually all contracts surveyed allowed the vendor to terminate the agreement immediately for cause in at least some circumstances. Of these only 1 specifically gave the customer the right to retrieve its data in those circumstances." Another good pointer is "that of the vendors who terms and conditions were surveyed very few provided for destruction of customer data after the contract has ended. It may be important for some customers to have certainty as to the destruction of their data when a contract ends."
Some good elements to ponder there. I recommend you read it yourself. You can access the paper here.

As the paper states in the conclusion "As the cloud evolves we can expect to see a corresponding evolution in the terms and conditions applying to the delivery and use of cloud services". This is certainly true. The paper does a good job of starting the discussion around a topic that to date has been very quiet but needs to be occuring more in our industry.

Rodos

P.S. As usual this is all my personal view. I do just happen to work for a company that provides Cloud services, they were not one of the providers who's contract was reviewed.

Powered by Blogger.