Categories
Newss

Hosting Provider WorldStream Announces Phase 2 Expansion at Its Flagship Data Center

WorldStream, a fast-growing hosting provider delivering security-focused solutions including dedicated servers and colocation as well as global connectivity and DDoS protection through their proprietary global network with 10Tbps (!) of bandwidth available, today announces a 268-rack expansion at its company-owned, flagship data center in Naaldwijk, the Netherlands. This 2nd phase expansion means that WorldStream, within the course of a year will be doubling its facility capacity to 536 data center racks at this location.

As an Infrastructure-as-a-Service (IaaS) hosting provider serving clients globally with unmanaged IaaS hosting solutions, WorldStream currently owns two data centers. Both located in Naaldwijk, the Netherlands, these facilities are home to WorldStream’s fast-growing number of servers for clients worldwide. The number of dedicated servers installed in WorldStream’s two data centers currently adds up to 15,000 dedicated servers in total. The 2nd phase expansion in WorldStream’s flagship data center allows the hosting company to further grow its dedicated server capacity in its data centers to 20,000 servers, but WorldStream is already eying another greenfield data center build nearby.

“Over the last year, demand for our unmanaged hosting services grew significantly. As a result our flagship data center is filling up quickly, requiring us to expand the capacity at this location a bit earlier than initially planned,” said Lennert Vollebregt, CEO and co-owner of WorldStream. “We commissioned the first phase of development at this flagship data center in June 2018, so exactly a year ago. This initial building phase has a capacity of 268 racks as well, so the expansion plans announced today means we’re now doubling the capacity in this data center.”

“The fast growth in customer demand even forces us to accelerate WorldStream’s plans to construct another data center build at close distance in Naaldwijk,” added Mr. Vollebregt. “We expect to be able to announce these new data center expansion plans quite soon. It will enable us even further to support strong demand for our hosting services from customers worldwide.

N+2 Data Center Setup

The current 268-rack data center expansion at WorldStream’s flagship facility is expected to be ready for commissioning in Q4 2019. This data center features a highly energy-efficient design, using indirect adiabatic cooling technology as well as hot-aisle containment. According to WorldStream’s calculations, it results in a Power Usage Effectiveness (PUE) of 1.15, which is an extremely energy-efficient figure. The energy-efficiency and sustainability of this facility is confirmed by third-party audits and awarded with an ISO 14001:2015 certification, specifying its environmental performance.

WorldStream’s flagship data center features a highly redundant design with an N+2 setup. The facility is also equipped with a fully modular UPS system to facilitate hot-swappable maintenance and avoiding any downtime. Today’s facility expansion includes an investment in two extra 93PM 500kVA Uninterruptable Power Supplies (UPSs) and three new generators (2500kVA each). WorldStream utilizes a mix of leading brands for its data center designs – to aim for maximum efficiency and uptime, catering to ‘enterprise-grade’ requirements. These brands include Eaton, FläktGroup and Zwart Techniek (a Dutch provider of generator sets).

The high interest for WorldStream’s hosting services from clients worldwide is partly due to the extremely large volume of bandwidth available in WorldStream’s global network and the associated DDoS protection capabilities it brings, added Nick de Jong, Sales Director at WorldStream. “The 10Tbps of bandwidth volume with 5Tbps utilization attracts cloud service providers, managed service providers and broadcasters alike from countries all over the world – companies with the highest uptime requirements looking for ultimate bandwidth scalability,” he said. “We deliberately invested more than 3 million euros in this global network over the past three years. Now it obviously pays of. This bandwidth volume not only attracts new customers, it also supports existing customers in their high-growth international network requirements.”

Categories
Cloud Cloud News Web Security

Symantec and Fortinet join forces to secure endpoint, network and cloud environments

Leading cybersecurity services providers Symantec and Fortinet are joining forces to provide strong security solutions across endpoint, network and cloud environments.

As a part of the partnership, the companies will integrate their respective solutions to form comprehensive and robust security solutions. The solutions which will come into integrations include Symantec’s Web Security Service (WSS), Symantec Endpoint Security for the Cloud Generation, Fortinet’s Next-Generation Firewall (NGFW), and Fortinet Security Fabric platform.

Symantec WSS

Symantec WSS is an easy to use cloud-delivered network security service which is used to protect enterprises against advanced threats. It offers access control, and secures critical business information. The solution also enables secure and compliant use of cloud applications.

Symantec Endpoint Security for the Cloud Generation

This solution is aimed to safeguard the confidential data through secure access. Customers can detect and respond to threats, and visualize threat data along with other security information.

Fortinet NGFW

It provides high threat protection performance with automated visibility to stop attacks. The solution uses security processors and threat intelligence security services from FortiGuard labs to provide protection and encrypted traffic.

Fortinet Security Fabric

Security Fabric’s security spans a broad range of applications, from internet of things (IoT) to the cloud. It provides real-time visibility across devices and applications, streamlines communications among various security solutions, shrinks detection, and remediate attack windows.

Fortinet NGFW + Symantec WSS

The companies mentioned that the integration of Symantec WSS and Fortinet NGFW will result in the most comprehensive set of cloud-delivered threat prevention capabilities in a single service.

“As the first step in this technology partnership, we plan to deliver best-of-breed security through the combination of enterprise-class advanced firewall controls to Symantec’s industry-leading network security service,” said Art Gilliland, EVP and GM Enterprise Products, Symantec.

“Through this partnership, we hope to provide joint customers the power of Symantec’s Integrated Cyber Defense Platform bolstered by Fortinet’s leading NGFW in an integrated solution that’s easy to use and deploy.”

Fortinet Security Fabric + Symantec Endpoint Security

This integration will provide real-time, actionable threat intelligence, and automated response for exploit-driven attacks and advanced malware.

“With today’s announcement, two industry leaders are coming together to provide enterprise-class capabilities across cloud, network, and endpoint security,” said John Maddison, SVP of products and solutions, Fortinet.

“Upon completion of the integration, Symantec cloud web gateway customers will be able to benefit from Fortinet’s enterprise-class advanced firewall controls, and for the first time ever, Fortinet customers will be able to purchase the industry-leading FortiGate Next-Generation Firewall via FWaaS. With the addition of Symantec as a Fortinet Fabric-Ready Partner, Symantec’s endpoint security solution will be validated to seamlessly integrate with the Fortinet Security Fabric platform to provide more consistent and effective protection for joint customers.”

Also read: Fortinet sees Bradford acquisition as key factor to secure expanding multi-vendor wired and wireless environments

The companies are also planning to engage in joint go-to-market activities. Integrated NGFW and WSS solution will be available in the first half of 2019.

Categories
Articles Cloud Cloud News Newss

Organizations have 14 misconfigured public cloud services running at any given time: McAfee study

On average, an organization experiences over 2,200 misconfigured incidents every month in their public cloud instances, according to a report by McAfee. These cloud instances include infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS).

For the report, titled Cloud Adoption and Risk Report, McAfee analyzed billions of events in anonymized cloud production use to find the current state of cloud deployments and expose risks.

“Operating in the cloud has become the new normal for organizations, so much so that our employees do not think twice about storing and sharing sensitive data in the cloud,” said Rajiv Gupta, senior vice president of the Cloud Security Business, McAfee.

“Accidental sharing, collaboration errors in SaaS cloud services, configuration errors in IaaS/PaaS cloud services, and threats are all increasing. In order to continue to accelerate their business, organizations need a cloud-native and frictionless way to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS.”

Key findings of McAfee’s Cloud Adoption and Risk Report:

  • 21% of data in cloud is sensitive

According to the report, organizations consider around a quarter of their data in the cloud as sensitive. This shows that putting sensitive data in cloud has increased by 53% year over year. Organizations are at risk of the sensitive data being stolen or leaked in case a misconfigured cloud incident occurs.

Today, more and more organizations are using public cloud for providing new digital experiences to their customers. But the organizations that haven’t adopted a cloud strategy are at risk of losing their most valuable asset. A right cloud strategy can include data loss protection, configuration audits, and collaboration controls.

Further, organizations without cloud strategy are also exposing themselves to risk of noncompliance with internal and external regulations.

  • 20% of sensitive data in cloud runs through email services

No doubt, the cloud services help organizations accelerate their business by making the more agile with resources, offering ability to scale and opportunities for collaboration.

Cloud services like Office 365 increase the effectiveness of collaboration, that involves sharing. However, uncontrolled sharing can result in data exposure. The report found that 22% of cloud users share files externally, an increase of 21% YoY.

Sharing of sensitive data with an open, publicly accessible link has increased by 23%, whereas, sensitive data sent to personal email address has increased by 12% YoY.

Top collaboration and file sharing services

For last five years, an Office 365 application is dominating the list of top 10 collaboration services, followed by G Suite services.

  • Enterprises using IaaS and PaaS had 14 misconfigured services running at any given time

Currently, 65% organizations globally are using some form of IaaS, while 52% are using PaaS.

Since, it is costly to buy and maintain servers, organizations go for IaaS and PaaS. It gives IT teams the ability to spin up virtual machines, containers or functions as a service, as per the need.

For IaaS and PaaS, organizations are trusting Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) the most. AWS clearly leads the pack with 94% of all IaaS usage share. Azure and GCP account for 3.7% and 1.3% shares respectively.

Additionally, 78% of organizations are using a multi-cloud strategy, leveraging both AWS and Azure together.

McAfee study found that on average, enterprises using IaaS and PaaS had 14 misconfigured services running at any given time, resulting in an average of 2,269 misconfiguration incidents per month.

  • 80% organizations experience at least 1 compromised account threat per month

As per the report, most of the threats to data in cloud results from compromised accounts and insider threats. On average, an organization generates over 3.2 billion threat events per month in the cloud. These threat events include compromised account, privileged user, insider threat etc. Such events have increased by 27.7% YoY.

80% of all organizations report that they experienced at least one compromised account threat per month. Whereas, 92% of organizations has stolen cloud credentials for sale on the Dark Web.

Also read: 25% of businesses had their data stolen from public cloud: McAfee Study

For security of sensitive data in cloud storage, file-sharing and collaboration applications, enterprises will need to first understand the cloud services they are using. Further, they must identify which services hold sensitive data, and how that data is being shared and with whom.

When they know these things, they can push suitable security policies to prevent highly sensitive data from being stored in unapproved cloud services. They also need to continuously audit and monitor their IaaS and PaaS configurations.

Download the full Cloud Adoption & Risk Report here.

Categories
Acquisition Cloud Cloud News

Cisco acquires Duo Security for multi- and hybrid-cloud security

Cisco is acquiring the leading cloud-based two-factor authentication services provider Duo Security for $2.35 billion in cash and assumed equity awards.

Headquartered in Ann Arbor (Mich), Duo Security’s multi-factor authentication solution verifies the identity of users and health of their devices before providing access to applications. It strengthens the application security and prevents the cybersecurity breaches.

Customers, partners and employees nowadays access the business-critical data and applications from multiple locations and networks using company-issued and personal devices. The cybercriminals can compromise the passwords and devices to access enterprise systems.

By acquiring Duo Security, Cisco will integrate Duo’s zero-trust authentication and access products with its networking, device and cloud security platforms. The integration will help Cisco customers to securely connect users to applications on any networked device.

“In today’s multicloud world, the modern workforce is connecting to critical business applications both on- and off-premise,” said David Goeckeler, executive vice president and general manager of Cisco’s networking and security business.

“IT teams are responsible for protecting hundreds of different perimeters that span anywhere a user makes an access decision. Duo’s zero-trust authentication and access products integrated with our network, device and cloud security platforms will enable our customers to address the complexity and challenges that stem from multi-and hybrid-cloud environments.”

Cisco will further integrate Duo’s software-as-a-service (SaaS) model with Cisco Identity Services Engine (ISE) to extend intent-based networking into multicloud environments. Cisco is also bringing Duo’s trusted identity awareness to Cisco Secure Internet Gateway, Cloud Access Security Broker, Enterprise Mobility Management, and more cloud-delivered products.

Lastly, Cisco will augment endpoint visibility coverage of over 180 million managed devices with Duo’s visibility of mobile and unmanaged devices.

“Our partnership is the product of the rapid evolution of the IT landscape alongside a modernizing workforce, which has completely changed how organizations must think about security,” said Dug Song, Duo Security’s co-founder and chief executive officer.

“Cisco created the modern IT infrastructure, and together we will rapidly accelerate our mission of securing access for all users, with any device, connecting to any application, on any network. By joining forces with the world’s largest networking and enterprise security company, we have a unique opportunity to drive change at a massive scale, and reshape the industry.”

Also read: Arista, Cisco and Juniper lead Gartner’s Magic Quadrant for Data Center Networking

Dug Song will continue to lead Duo Security that will join Cisco’s Networking and Security business. The acquisition will close in Cisco’s first quarter FY19.

Categories
Cloud Cloud News

Google Cloud Next 2018: Google Cloud boosted with 10 new security capabilities

At Google Cloud Next 2018 conference, the search engine giant has announced no less than 10 security enhancements for its cloud services.

Google said that customers need to trust their cloud providers on keeping their data safe and prevent threats. They also expect the cloud providers to keep everything transparent and in control.

“As threats increase in complexity, trust requires a cloud provider that is always working to create new ways to protect you by being on the forefront of security innovation,” said Jennifer Lin, Product Management Director, Google Cloud.

One of the most exciting announcement is the Titan Security Key. It is a FIDO (Fast Identity Online) key used along with the two-factor authentication. It will allow customers to enable a strong and phishing-resistant authentication for critical assets of cloud, like cloud admin panel.

As of now, these keys are available to Google Cloud customers, and will be soon available on Google Store for all users.

Along with physical security, Google has announced context-aware access capabilities that make access to apps and services more secure and convenient. Enterprises want access to business apps on mobile devices on the go, but traditional access management solutions don’t offer the same security for mobility.

The context-aware access capabilities leverage Google’s BeyondCorp vision for apps and services on Google Cloud and beyond, and enhances the security and flexibility. These capabilities enforce granular access to GCP APIs, G Suite, and third-party SaaS applications on the basis of user identity, location, and context of request. These capabilities are currently in beta.

Google also announced Shielded VMs, which are available in beta. The Shielded virtual machines allow monitoring of VMs and helps admins to react to changes in VM baseline and current runtime state. These VMs make use of advanced platform security capabilities so that enterprises can ensure security of virtual machines.

In addition to VM security, enterprises can also ensure that only trusted containers get deployed on Google Kubernetes Engine by using newly announced Binary Authorization.

The Binary Authorization can be combined with new Container Registry Vulnerability Scanning tool to prevent deployment of images containing vulnerable packages.

The search engine giant has updated its Cloud Armor service with new geo-based access controls. Google uses Cloud Armor to protect its services including Gmail and YouTube. The update will allow admins to control access to services on the basis of geographic location of clients connecting with them.

The new Cloud HSM service will enable customers to host encryption keys and perform cryptographic operations. It is a managed cloud-hosted hardware security module (HSM) service that protects the most sensitive workloads without customers having to worry about operational overhead of managing HSM cluster.

Also read: Google Chrome now displays ‘not secure’ warning for all HTTP websites

Additionally, Google has announced Access Transparency (expected to be available soon), G Suite security center investigation tool (available via Early Adopter Program), as well as G Suite data regions (generally available).

Categories
Articles Web Security

Top 6 emerging cybersecurity and risk management trends: Gartner

One of the main security objective of all the organizations is to protect information confidentiality. The organizations must consider IT security and IT risk management as a part of the executive business planning. According to Gartner, the IT security objectives must be defined for the organization as a whole.

The analyst firm identified the emerging trends in cybersecurity and risk management that security leaders should harness to enhance the resilience of organization while uplifting their own position.

Top cybersecurity and risk management trends:

1. Business leaders realizing importance of cybersecurity for successful business

The senior business executives rarely considered IT security a board-level topic or a key part of digital business strategy. But the recent major cyberattacks like WannaCry and NotPetya that caused financial/brand damage and customer churn for organizations, have changed the sentiment of business leaders.

Finally, they are becoming aware of the impact of cybersecurity to achieve business goals and protect the reputation of organization.

2. Mandatory data protection practices impacting digital business plans

Personal information of customers is the lifeblood of all digital businesses. But, in the US alone, the number of companies that faced data breaches grew from nearly 100 in 2008 to over 600 in 2016.

With the rise in number of data breach incidents like Cambridge Analytics scandal or Equifax breach, the governments are issuing regulatory and legal data protection practices like Europe’s GDPR. These practices impact the digital business plans and demand more emphasis on data liabilities.

3. Cloud-first services becoming norm with advent of modern technologies

The modern technologies that require large amount of data are driving the adoption of cloud-delivered security products. These products provide more agile and adaptive solutions and can use the data in near real-time.

4. Machine learning to solve security issues

As per Gartner, machine learning will become a normal part of security solutions by 2025.

ML can efficiently address a number of security issues like adaptive authentication, insider threats, malware and advanced attackers.

5. New geopolitical risks in software and infrastructure buying decisions

Gartner identified that decisions of buying software and infrastructure are based on the geopolitical considerations of partners, suppliers, and jurisdictions. The trend is driven by rise in levels of cyber political interference, cyber warfare and government demands for backdoor access to software and services.

6. Centralized networks increasing the security risks

While there are numerous benefits of centralized networks, however, it is seriously threatening the organizational goals. Gartner said that if centralized ecosystem significantly affects the organization, then the decentralized architecture should be considered.

Suggested reading: Public cloud services revenue in India will reach $2.5 billion in 2018: Gartner

Gartner will discuss these trends at the Gartner Security & Risk Management Summit.

Categories
Articles Cloud Cloud News

Cryptojacking becoming a serious emerging threat to businesses: Cloud Security Trends report

Around 25% organizations experienced cryptojacking activities in their cloud environment in 2018, up from just 8% in last quarter, according to Cloud Security Trends report by RedLock.

RedLock’s Cloud Security Intelligence (CSI) team published the report to shed light on the cloud security trends in 2018.

  • Cryptojacking becoming mainstream

The report highlighted that cryptojacking, a cyber-attack where hackers hijack processing power of target to mine cryptocurrency, is becoming a serious emerging threat to the businesses.

Organizations are aware of the attacks against cloud and use several practices to prevent from attacks, but still the attack vectors are on the rise. The cryptojacking increased by more than thrice this year.

The cryptocurrency mining requires a lot of computing power, and hence the attackers are stealing cloud computing resources to mine it. CSI team found that some attackers were using advanced evasion techniques for cryptojacking.

  • Majority of resources do not restrict outbound traffic

85% of the organizational resources related to security groups didn’t have any firewall restrictions on outbound traffic, up from 80% a year before. This could lead to accidental data loss and data exfiltration in data breach incidents.

RedLock suggested that organizations should implement a ‘deny all’ default firewall policy, monitor network traffic to identify suspicious activities, and monitor the user activity as well for any abnormal behavior.

  • 43% of access keys not rotated in last 90 days

Another key finding of the report was that 43% of organizations had not changed their access keys and credentials in last 90 days. It’s a big concern because despite the past issues like leaked credentials in GitHub repositories, a majority of organizations left themselves open to attack vectors.

Around 17% organizations suffered from potential account compromises, and 51% organizations publicly exposed one or more cloud storage service.

  • 20% organizations allowing root user activities

A positive finding of the report was that only 20% of organizations allowed root user account to be used for performing the activities, down from 73% last year. The root user accounts should not be used for regular operations. The multi-factor authentication should be enforced on root user accounts, and should be monitored for any suspicious behaviors.

  • 49% of databased not encrypted

With the growing trend to encrypt databases because of cybersecurity standards like GDPR (general data policy regulation), the database encryption has increased. Last year, 82% databases were found unencrypted, which has now decreased to 49%.

CSI team further revealed in the report that 24% of organizations had hosts missing critical patches in public cloud. This left the host vulnerable to suspicious traffic from internet.

Also read: 25% of businesses had their data stolen from public cloud: McAfee Study

“We understand why there might be fatigue with endless reports on IT infrastructures that lack adequate security, and there are signs that corporations are stepping up initiatives to minimize vulnerabilities, but there’s definitely more to do,” said Gaurav Kumar, CTO of RedLock and head of the CSI team. “That’s why this report not only shines a light on emerging dangers but also offers concrete advice on how best to ward off attacks. Cloud computing environments bring tremendous flexibility and great economies of scale, but those advantages are meaningless without top-level security. This is a constant and shared responsibility.”

Categories
News

Acquisition of SiteLock by ABRY Partners strategically positions it for growth and product innovation

Global leader in cloud-based website security solutions – SiteLock, has announced that it has been acquired by the leading private equity firm – ABRY Partners.

SiteLock’s CEO and President – Neill Feather, considers this acquisition an opportunity to accelerate the company’s growth and increase its cybersecurity product portfolio.

SiteLock provides cloud-based website security solutions and protects more than 12 million websites around the globe. Its primary mission is to protect organizations from the ever-increasing cyberthreats and attacks.

St. Jean, Partner at ABRY Partners, considers Acquisition of SiteLock by ABRY Partners  as a strategic step towards supporting their innovation across new products, both organically and inorganically.

He said, “As threats become more complex and frequent, organizations need a comprehensive and reliable solution to protect their online presence. We believe SiteLock is well positioned to continue to be the go-to partner for website security needs.

Cyberattacks are becoming more and more hazardous these days with the high-risk probability of data breach, loss and theft.

During the fourth quarter of 2017 the average website experienced more than 44 attacks per day, and there was a 90 percent rise in the number of businesses targeted by ransomware for a total $5 billion financial impact. We are excited to work with the team at ABRY to continue to develop new products and solutions to support and protect our customers.” – said Feather. More such findings were revealed in the SiteLock Website Security Insider Q4 2017 report.

Tomas Gorny – CEO of UnitedWeb Inc. (former parent company) also commented on the acquisition and said, “We’re proud to have supported SiteLock for more than 10 years as it has grown to become the leading provider of website security solutions.

SiteLock was also named as the fastest growing software company in Arizona by Deloitte.

On the other hand, ABRY Partners, with an expertise of almost 30 years in media, communications, business services and information sector, stands as one of the most experienced private equity firms investing in North America and Europe regions.

Acquisition of SiteLock by ABRY Partners will help SiteLock extend its services in the small and medium sized business (SMB) market.

The financial terms of the deal have not been revealed yet, though the deal was closed on 5th April 2018, as per the market reports.

Categories
Articles Cloud Cloud News Hosting Legal News Technology Web Security

The U.S. Cloud Computing Industry Stands to Lose $22 to $35 billion as a Result of PRISM Exposé

The recent revelations about the extent to which the National Security Agency (NSA) and other U.S. law enforcement and national security agencies have used provisions in the Foreign Intelligence Surveillance Act (FISA) and USA PATRIOT Act to obtain electronic data from third parties will likely have an immediate and lasting impact on the competitiveness of the U.S. cloud computing industry if foreign customers decide the risks of storing data with a U.S. company outweigh the benefits, according to the statistics revealed by the latest report of the Information Technology and Innovation foundation (ITIF).

If European cloud customers cannot trust the United States government, then maybe they won’t trust U.S.cloud providers either. If I am right, there are multibillion-euro consequences for American companies. If I were an American cloud provider, I would be quite frustrated with my government right now.
– Neelie Kroes, European Commissioner for Digital Affairs.

The United States has been a global leader in providing cloud computing services globally and a big chunk of the US Cloud industry’s revenue comes from companies outside the North America. Of late, however, other countries, especially Europeans, are trying to play catch-up to the United States’ early success, and are even taking their governments’ help to do so. France, for example, has invested €135 million in a joint venture in cloud computing.

As shown in table 1 below, the global enterprise public cloud computing market will be a $207 billion industry by 2016. While much of this projected growth was until recently up for grabs by U.S. companies, the disclosures of the NSA’s electronic surveillance may fundamentally alter the market dynamics.

“Whoever fears their communication is being intercepted in any way should use services that don’t go through American servers,” declared Hans-Peter Friedrich, German Interior Minister publicly. German Justice Minister Jörg-Uwe Hahn has also called for a boycott of U.S. companies.

How much do U.S. cloud computing providers stand to lose from PRISM?

The Cloud Security Alliance conducted a survey in June and July of 2013 amongst its members who are industry practitioners, companies, and other cloud computing stakeholders, about their reactions to the NSA leaks.

10 percent of non-US respondents indicated that they had cancelled a project with a U.S.-based cloud computing provider; 56 percent said that they would be less likely to use a U.S.-based cloud computing service. 36 percent of the U.S. residents indicated that the NSA leaks made it more difficult for them to do business outside of the United States.

Cloud Security Alliance PRISM Survey
Soruce: Cloud Security Alliance

Thus given the current conditions, on the low end, U.S. cloud computing providers might lose $21.5 billion over the next three years. This estimate assumes the U.S. eventually loses about 10 percent of foreign market to European or Asian competitors and retains its currently projected market share for the domestic market.

US Cloud Industry Share Post-Prism
Table 1: Low estimate of losses from NSA revelations, in $ billions.

On the high end, U.S. cloud computing providers might lose $35.0 billion by 2016. This assumes the U.S. eventually loses 20 percent of the foreign market to competitors and retains its current domestic market share.

US Cloud Industry Share Post-Prism-1
Table 2: High estimate of losses from NSA revelations, in $ billions.

What should the U.S. government do?

The economic consequences of national security decisions should be part of the debate, and this cannot happen until more details about PRISM have been revealed. The U.S. government needs to proactively declassify information about the PRISM program and allow companies to reveal more details about what information has been requested of them by the government.

Also, the U.S. government should make it is clear what information U.S.-based and non-U.S.-based companies are disclosing to both domestic and foreign governments. U.S. trade negotiators should work to include transparency requirements in trade agreements, including the Transatlantic Trade and Investment Partnership (TTIP) currently being negotiated with the EU.

If the U.S. government continues to impede U.S. cloud computing providers, other nations are more than willing to step in to grow their own industries at the expense of U.S. businesses.

To see the full report by Daniel Castro, a Senior Analyst with the Information Technology and Innovation Foundation and Director of the Center for Data Innovation, click here.

Categories
Cloud Cloud News Hosting Interviews News Start-Ups Technology

“We Make it Easy, Fast and Economical for SMBs to Move to the Cloud”- Steve Zimba, Mural

Cloud has of late been marketed heavily as the panacea to every potential business problem. Lured by the ease-of-use and agility moving to the cloud brings in the business processes, SMBs are very eager to buy cloud services. This creates an enormous opportunity for service providers in the market, and they try to exploit it very aggressively. Only, it’s not as easy as it seems.

Most SMBs find cutting through the fog and hype surrounding the cloud very difficult and struggle to get to grips with the new concept. They’re intrigued by the cloud, but also confused and wary of it. Moving to the cloud involves a very large, expensive and difficult set of problems, and SMBs simply don’t have the skill, resources and most importantly, time to understand every nuance and permutation of the whole process. Even if they buy into it, dealing with the technical issues that come with migrating to the cloud is too uphill a task for them, and they simply end up abdicating the services they bought.

This is where a little more effort needs to be put in by the service providers. A vast majority of SMBs qualify as, and are staffed with, IT novices. When they try to adapt to a new technology, they need help and guidance. However, providing constant quality support is a laborious and time-intensive process, which most service provides are not adept enough to provide.

This is where customer on-boarding platforms and services provider Mural steps in. It works with service providers and small businesses in tandem to accelerate the cloud implementation process.

Steve Zimba, President of Mural, spoke to us at length on how Mural educates SMBs about the cloud and helps them relieve the pain points they most often experience. Support is however a very small subset of the services that Mural provides. Read away as Steve talks about the rest of them.

As we on-board customers, we work to capture deeper profile information about them and we reach a point where we actually understand a lot more about the service provider’s customers than the service provider does, and we use that data to work with the service providers on product planning, engagement programs and up-selling activities.

– Steve Zimba, Presiden, Mural.

Steve Zimba, President, Mural
Steve Zimba, President, Mural.

Q: Let’s begin with a broad overview of Mural and the entire ecosystem of solutions it provides.

A: We see that a lot of SMBs want to move from traditional IT into the cloud, and they clearly see the benefits of doing so, and they don’t feel that there is any risk or downside of moving to the cloud. However, they find it very difficult to make the move. They lack the internal IT skills, and frankly they don’t have a lot of time.

We at Mural work with SMBs, and help make it easy, fast and economical for them to move to the Cloud. We provide our Platform MaaX and integrate our on-boarding capabilities to a cloud or managed IT service provider’s offerings.

As an example, a service provider selling a Hosted Exchange solution to a small business also adds on our on-boarding services. After the customer buys Hosted Exchange, we take over and help them migrate. We move all the data, set up all the clients, software, service configurations and we also do all the end user training, on-boarding and adoption.

Q: Many SMBs have a multitude of concerns related to the costs of moving to the cloud, flexibility and data safety. Since you happen to be in the Cloud Industry since long and provide customers with end to end cloud service implementation platforms now, can you tell us some of the most common concerns you come across?

A:I think over time we are actually encountering very few concerns. If you were to look back just a couple of years, some of the main concerns SMBs had about moving to the cloud were around security, reliability etc.

Now SMBs are concerned with having to upgrade or change their existing technologies because a lot of them are quickly becoming outdated. With all the promotions and expansions in the cloud capabilities, communications, collaborations, security, backups, servers etc., what we’re finding is that the SMBs now don’t really care about some of the concerns they might have had in the past, and frankly, they are just ready to get to the cloud and their biggest concern is – “who can help me get there because I don’t have the skills internally to be able to do it myself.”

Q: Do you think that there is a significant lack of awareness in the industry regarding the role post-sales customer support plays in customer retention?

A:Since we are working with service providers of all shapes and sizes, we come across two different approaches.

Some service providers give a very basic customer service, they help SMBs figure out how to get moved over and give them a little bit of direction, via knowledge base, instructional documentations etc., but in the end SMBs are pretty much on their own to get everything set up and working for them. Most of the SMBs contract an IT guy who they think can help them, and that IT resource takes a lot of time, costs a lot of money, and finally he or she either doesn’t get the job done or doesn’t get it done the right way. This is where they throw their hands up in the air and say -“you know what, real nice that we bought it but we can’t get it up and running so we’re quitting,” and they drop the service and the service provider never ends up making any money off them. So this approach has poor activation rates.

Second scenario we often see is that service providers try to do what we do. They offer support and on-boarding but theydon’t have the right platform and resources needed, and they’re not properly trained and certified to do so, hence they make at least one, two or maybe three attempts at it and they fail.

In both scenarios, this is where they contact us and say – “this is what you guys specialize in, you do this day in and day out in a uniform way, so we’ll just work with you on it.” This is one of the main reasons why our business has grown so fast.

Q: Can you tell us the whole modus-operandi of Platform MaaX ,as in how exactly it helps cloud and managed IT providers maximize customer engagement, drive growth, reduce churn, increase future sales etc.?

A:The platform is made up of several components.

The first major components are our programs. We’ve developed very unique programs for:

  • on-boarding customers for cloud services,
  • educating customers on how to use and manage those cloud services,
  • and helping service providers up-sell the same customers through additional cloud services.

When we go to market with a service provider partner, we bring all three of those programs to create a full life-cycle experience for customers.

The second component we have are methods. We’ve invested significantly to create very specific workflows, dialogues and scripts, which are unique to individual cloud products, and are used on a repetitive basis to on-board customers to cloud service with all set-ups done, data migrated and end-user training completed.

The third components are our tools. We have invested in several applications, like an ‘activation scheduler’ which enables end-customers to schedule their activation appointment. We have a very elaborate workforce management system which aligns people who have the right skills to the right appointments. We have remote log-in tools which allow us to take control of the end-user devices and to do their configurations for them. We also have data migration tools, advanced multi-mode communications, customer interaction tracking etc. So our investment in these tools and platforms is pretty significant from the customer interaction point of view.

Beyond that, we also have our Analytics platform. As we on-board customers, we work to capture deeper profile information about them and we reach a point where we actually understand a lot more about the service provider’s customers than the service provider does, and we use that data to work with the service providers on product planning, engagement programs and up-selling activities.

The last piece is our content platform where we have a really rich, user-centric knowledge base that any of the users who’re on-boarding can access and learn about the services and how to use them better. We have also built a lot of sales and marketing content that our service provider partners can use to position their solutions in the marketplace effectively and try to drive demand creation for them.

Q: What are some of the cloud services that Facilitated Adoption supports as of now?

A:It’s a board range of services. To name a few, we do Microsoft Hosted Exchange, SharePoint, Lync, Office 365, WebEx, Mozy, McAfee, Symantec, Asigra, GoMobi etc., and we’re constantly adding more services. We just recently launched on-boarding services for Infrastructure as a service(IaaS) with one of our partners. We are also beginning to look into on-boarding services for Desktop-as-a-Service, which we think will be a really big opportunity for us.

Q: And earlier this year you launched Mural’s Parallels APS package too.

A: Yes, now we are part of the Parallels marketplace and ecosystem. We have done two implementations with Parallels so far and through that we have developed our Parallels APS package. Now anybody can just install the APS package from the Parallels marketplace, integrate our on-boarding service with their product catalogue, and quickly get it up and running.

Q: Can you tell us how EduSelling™ and Campaign of One™ help organizations up-sell and cross-sell their products and how Hypus™, Knowus™, and Relatus™ complement these marketing platforms?

A:EduSelling and Campaign of One are our core up-selling programs. After bringing customers through our Facilitated Adoption and Onboarding, we collect and profile their data, which we put through our up-selling programs. We do up-selling right at the point of activation. For instance, through our activation process, SMBs become pretty open with us about their other needs, and if we happen to have immediate solutions for some of those through our other partners, we try to add those on to the initial sale at the point of activation.

We also run a whole series of educational programs like email campaigns, landing pages, webinars and even events, where we take our educational approach to the market, and teach the SMBs about what other cloud services they could be taking advantage of, and through that we continue to collect more and more profile data. We mine that profile data to the point where we see a point of interest, which we call the ‘Interest code’. Once we see the interest codes we make a concerted pitch and offer that customer one of our partners’ products.

Q: What is the process that you go through to recruit quality workforce at Mural’s Customer Experience (CX) Lab?

A:We’ve built a training certification program. We pride ourselves on providing a customer experience rather than customer service. We are working to drive a certification for customer experience professionals throughout the industry. And we believe that we’ve created an industry leading program to do that. We’ve invested heavily in training and creating technical content.

We’ve also developed pretty unique profiles for the different types of people that we recruit, with respect to their skill sets and backgrounds. We tend to focus on hiring college kids who’re either in an IT profession or are seeking an education to enter the IT profession, and who ‘get’ the cloud and really understand it.

So we are sticking to combinations of hiring profiles together with our training certification program to create a whole generation of customer experience professionals in the marketplace, who can on-board and up-sell customers in an innovative, helpful way.

Q: Let’s talk about the recent case study you published on how a big telecommunication company in the United States implemented Mural’s Facilitated Adoption™ platform to reduce churn rate and increase activation rate.

A:Yes, they’re a large US Telco who sells a bundle of SMB Cloud services together with their voice and broadband services. We handle the on-boarding work for all of the Cloud services in that bundle, like Microsoft Hosted Exchange, SharePoint, Lync, data backup, security, web hosting, and web commerce services, for about 5,000 SMBs every month at this point, and we’ve had some great results.

The early focus with this partner was on churn reduction. They had a problem, where they were selling the bundle to a lot of customers but nobody was activating the services. Shortly thereafter they were seeing a very high churn rate, because the customers thought that since they were buying something, they’ll get a whole lot of help getting it up and running, and when they didn’t, they just left.

So mission ONE was to get that churn under control and drive up the activation rates. We’ve seen great results, their customer churn has decreased by up to 80 percent, the activation rates have gone up over 200%, and interestingly enough, the support costs have also gone way down.

What we found is that if we set the customer up right to begin with and get their services up and running, they don’t need to call the help desk.

Also, we just recently started our up-selling campaign with them, and we are currently up-selling to about 40 percent of the customers that come for activation, and we are driving about a 20 percent uplift in ARPU from the original sale. Our Net Promoter Score (NPS) on that activation activity is over 80.

We’re very encouraged by the early results of the up-selling program and we are going to do a lot more as we go forward.

Q: What are some of the developments at Mural we can look forward to in the coming months?

A: We are in deep discussions with our first couple of partners regarding some exciting opportunities and I certainly hope that together we will make news about that soon.

We are looking to expand into Asia-Pac and Europe. We are also continuing to invest heavily in the platform and I think you will hear more about extended capabilities in the Analytics area and the Content area soon.

Also, traditionally we have been offering our service as a turnkey managed service out of our operations facility in Tucson, but we have just signed our first licensing deal, where we are licensing our platform to another provider. We’ll be training and certifying all the staff of that provider to deliver the customer experience just like we do out of our center in Tucson. So we think the licensing side of our business is one that’s going to grow quite a bit.

Page 1 of 2
1 2