Januar 2019 - Seite 84 von 89 - Cloud Computing Köln

You probably already set some goals for yourself for 2019, but what about for your cloud architecture? We’ve assembled some New Year’s resolutions to guide the way toward operating a faster, more efficient cloud infrastructure. Whether you tackle one or all of these this year, you’ll come away better for it.1. Lose some data weight.This will be more fun than cutting out carbs, we promise. It’s data weight that lots of cloud and data center operators have to lose. For example, you might have unaccounted-for VMs or Compute Engine backups you don’t need anymore. Consider taking inventory and finding workload owners to reclaim capacity and save costs.2. Exercise your data more.The cloud is opening up lots of new avenues to explore all the data you collect. BigQuery is our serverless alternative to on-premises data warehousing and analytics, and its interface will be familiar to anyone who knows SQL. Try it out with our publicly available datasets, then check out BigQuery solutions from our partners on the GCP Marketplace.3. Save money to stretch your IT budget.The pricing model for cloud is a lot different from on-premises, and it can involve a learning curve when you’re getting started. Our GCP pricing calculator can help guide you through estimated costs for our range of products, so you can understand how pay-as-you-go works, whether it’s for Compute Engine or Cloud Functions—then start budgeting for the year ahead.4. Learn a new technology skill.If you want to hone your cloud technology skills, there are some pretty intriguing areas to explore right now. See how AutoML works, experiment with AI, or get to know serverless with this quick start guide to Cloud Functions.5. Make new friends, online and in-person.Lots of cloud tools entering the mainstream are largely based on the concept of openness and a community-driven mindset. Open-source tools mean your fellow developers are building the product in real time, and you can contribute code and improve products too. You can be part of a Google Cloud community, whether it means joining Github, becoming cloud certified with your peers or attending Next ‘19.6. Get more sleep while monitoring watches your cloud.With a cloud foundation in place, your next step is managing all these instances and applications. Stackdriver monitoring and logging lets you set up alerts and use collected data to make changes and improvements to your GCP systems. To keep making your infrastructure more reliable, learn more about what SRE is and how you can implement its principles.Let us know how you’re doing sticking to your resolutions!
Quelle: Google Cloud Platform

4. Januar 2019

da Agency

App migration checklist: How to decide what to move to cloud first

[Editor’s note: This post originally appeared on the Velostrata blog. Velostrata has since come into the fold at Google Cloud, and we’re pleased to now bring you their seasoned perspective on managing your cloud migration journey. There’s more here on how Velostrata’s accelerated migration technology works.]When you’re considering a cloud migration, you’re likely considering moving virtual machines (VMs) that may have been created over many years, by many teams, to support a huge range of applications. Moving these systems without breaking any team’s essential applications may seem daunting. It’ll require some knowledge of the applications in question to classify those apps before setting your migration plan.In a recent blog post, we talked about the four tiers you can use to help organize how you migrate your applications to the public cloud. We had a number of requests from that post, asking us to go a bit deeper on two important considerations: the application’s status and the application’s integrations and dependencies. In this post, we’ve put together a few more app-related questions that IT should be asking, alongside some of the likely answers. Of course, every enterprise and cloud migration is different. But the highlighted answers (or notes) are likely to yield a stronger candidate for migration than others.If you find yourself in a situation where you don’t know (and cannot obtain) the answers, that might be a sign that this app isn’t a good candidate for migration. Sometimes knowing what you don’t know is a helpful gauge when deciding on a next step.What’s the application status?Here, we’re looking at all the components that factor into an application’s status within your organization’s landscape. These are some of the most important questions to evaluate.What is the criticality of this application?For example: How many users depend on it? What is the downtime sensitivity?Tier 1 (highly important, 24×7 mission-critical)Tier 2 (moderately important)Tier 3 (low importance, dev/test)What is the production level of this application?In productionIn stagingIn developmentIn testingWhat are the data considerations for this app?Stateful dataStateless dataOther systems reliant on this data setHow was this application developed?Third-party purchase from major vendor (still in business?)Third-party purchase from minor vendor (still in business?)Written in-house (author still at company?)Written by a partner (still in business? still a partner?)What are this application’s operational standards?For example: what organizational, business, or technological considerations exist?Defined maintenance windows?Defined SLAs?Uptime-sensitive?Latency-sensitive?Accessed globally or regionally?Deployed manually or via automation?Guidance: Avoiding sensitive apps is often most desirable for a first migration.What are the specific compliance or regulatory requirements?ISO 27000?PCI/DSS?HIPAA?EU Personal Data Protection?GDPR?Guidance: The fewer compliance or regulatory requirements, the better for a first migration.What kind of documentation is readily available, and is it up-to-date?System diagram?Network diagram?Data flow diagram?Build/deploy docs?Ongoing maintenance docs?Guidance: The more docs that exist, the better!What are the migration implications?Easy to lift-and-shift as-is into the cloudMay require some refactoringNeed to modernize before migratingCan wait to modernize after migratingNeed to rewrite in the cloud from scratchAny business considerations?Is this system used year-round or seasonally?Is there a supportive line-of-business owner?Does this app support an edge case or general use case?Is this app managed by a central IT team or another team?Would a downtime window be acceptable for this app?Guidance: having more supportive owners and stakeholders is always crucial to the success of initial migrations.What are the app integrations and dependencies?Here, we’re going one step deeper, looking at how this application ties into all your other applications and workloads. This is hugely important, since you might want to group applications into the same migration sprint if they’re coupled together tightly through integrations or dependencies.What are the interdependent applications?SAP?Citrix?Custom or in-house apps?Guidance: Fewer dependencies are ideal.What are the interdependent workflows?Messaging?Monitoring?Maintenance/management?Analytics?Guidance: Fewer dependencies are ideal.Where is the database and storage located?Separate servers?Co-located servers?Is storage block- or file-level?Any other services to analyze?Web services?RPC used either inbound or outbound?Backup services (and locations) in effect?Guidance: None of these are more or less ideal, simply something to be aware of.Other questions to ask:Unique dependencies?Manual processes required?Synchronized downtime/uptime (with other apps)?Guidance: The goal for first apps to migrate is to minimize complexity and labor.Taking the time to truly understand your applications is a big part of success when migrating to the cloud. Picking the right applications to migrate first is key to building success and confidence within your organization in your cloud and migration strategy. Analyzing these details should help you and your IT team pick the right order for migrating your applications, which will be tantamount to achieving migration successFind out more here about how cloud migration works with Velostrata.
Quelle: Google Cloud Platform

4. Januar 2019

da Agency

Security trends to pay attention to in 2019 and beyond

Software security requires good hygiene and constant diligence to protect your organization and users from known threats; it also requires working proactively to identify and address emerging risks.Here at Google Cloud, we help you do both. We build products that make security easy—from automatic protections that keep you safe behind the scenes, to tools and recommendations that help you tailor your security posture to your organization’s specific needs (check out our “taking charge of your security” posts for some best practices). We’re always hunting for, and thinking about, how to protect against new and emerging threats, as demonstrated by the “Spectre” and “Meltdown” CPU vulnerabilities that our Project Zero team revealed earlier this year.As we kick off 2019, here are some security trends to watch, from some of the people here at Google Cloud who think about security every day:Attacks that skirt two-step verification will push high value targets to adopt stronger 2SV methods.Two-step verification (2SV), also known as two-factor authentication (2FA), goes a long way to help protect user accounts, and has become standard for most modern applications. However, not all 2SV methods are created equal; attackers are finding new ways to circumvent weaker 2SV methods, such as intercepting one-time-passwords like SMS codes through phishing attacks and phone number takeover. Typically, these are targeted attacks against high-value users such as executives, political figures, or cloud admins. With increased risks ahead, we predict more services will adopt stronger phishing-resistant 2SV methods, utilizing FIDO standards. This will allow users to authenticate with security keys, gaining stronger protection against phishing attacks and account takeovers.— Christiaan Brand, Product Manager, Google CloudWe’ll see broader strides toward a true “passwordless” era, due to mainstream adoption of new standards.We will see secure passwordless login experiences start appearing in the mainstream in 2019. This will mark the start of a broader “passwordless” era, enabled by W3C and FIDO APIs which will appear in major browsers and OS platforms. To start, websites will begin to offer the ability to re-login by just presenting a biometric such as a fingerprint. Comprehensive adoption of passwordless first-time logins will take more time, but in the future, we can expect simple and highly secure login experiences such as the ability to log in to a website on your computer simply by unlocking your phone nearby.— Sam Srinivas, Director, Product ManagementZero-trust architectures move from idea stage to implementation stage.“Zero Trust” architectures, and how to implement them, have been an increasingly hot topic in security as organizations embrace more business-critical cloud services and face increasing employee demands for anytime, anywhere, any device access to business resources. Google’s BeyondCorp model was the original enterprise implementation of this concept. Expect this to change in 2019 as more providers and vendors make packaged commercial solutions available and the concept is implemented at an architectural level in projects like Istio.— Jennifer Lin, Director, Product ManagementSelf-managed cloud encryption gets more visibility.Self-managed encryption keys can provide additional control over data access, provide additional audit clarity, help meet policy or regulatory requirements, or provide a measure of control over provider access. However, in the coming years, there will be cases of customer-managed key mishandling that lead to high-profile data loss. Cloud providers will continue to build out native key management capabilities, extending provider-key-managed coverage across more services and offering customers more granular control options. These options can provide a good balance between customer control and robust durability and availability. So while self-managed key options will continue to evolve, customers will increasingly look to leverage provider-key-managed services to manage their keys.— Scott Ellis, Product Manager, Google CloudAttackers will turn their attention to more sophisticated attacks on cloud-native environments like containers.We’ve seen public attacks on container deployments, but most of them went after “low-hanging fruit” or mimicked attacks that you would be just as likely to see on a VM — e.g. misconfigurations, credentials and secrets in public code, etc. Think of them as doors that were accidentally left open. As container adoption increases, we’ll start to see more advanced attacks that are specific to container architectures and container vulnerabilities. Many admins will look for strong Cloud-managed services that offer best practices on container security by default.— Maya Kaczorowski, Product Manager, Google CloudVulnerabilities in open-source software will become increasingly common, requiring more rigorous testing.Introducing vulnerabilities into open-source software via source-code repositories is an effective attack method, since many downstream users use open-source software without inspecting it or testing it themselves. A widespread compromise of this manner is not unlikely, and might be just the thing that drives more companies to use continuous vulnerability scanning tools.— Matthew O’Connor, Product Manager, OCTOThere will be more than double the reported data incidents on legacy systems from the previous year as a result of GDPR.The EU’s GDPR requires organizations to report data incidents involving EU personally identifiable information (PII) to data protection authorities or risk large fines. In the UK alone, there were 30% more self-reported data breaches in the first half of 2018, compared to the whole of 2017. The first fines issued under GDPR are likely to be issued in 2019, and the increased transparency resulting public and regulatory scrutiny may highlight the fragility of legacy systems, and ultimately drive cloud adoption, where enterprise privacy management tooling and processes have been specifically developed to support GDPR.— James Snow, Customer Engineering Manager, Security & ComplianceHighly-regulated enterprises will select for cloud providers who provide real-time monitoring and controls for access to their workloadsWhile one of the major benefits to being in the public cloud is having your infrastructure managed for you, customers often have had limited visibility and control over activity conducted by their cloud provider. In 2019, companies—especially those in highly regulated industries—will increasingly expect full visibility and control over what actions cloud administrators can take on their data. These customers will expect more assurance that they are in control of their data and workloads.— Joseph Valente and Michee Smith, Product Managers, Google Cloud
Quelle: Google Cloud Platform