How Secure is the “Cloud in Your Pocket?”

Jacqueline Vanacek

HANOVER, GERMANY - MARCH 05:  A woman speaking...

HANOVER, GERMANY – MARCH 05: A woman speaking on a mobile phone walks past a cloud computing presentation at the IBM stand at CeBIT 2012, the world’s largest information technology trade fair. (Image credit: Getty Images via @daylife)

“The biggest cloud security problems are not with the data center – they’re with the cloud in our pocket.”

On every device we carry, from home to work to Starbucks, we’re glued to social media apps.

And that’s part of the problem, according to Simon Crosby, founder of XenSource and now Bromium, a stealth start-up seeking to fix the cloud security problem once and for all.

As he explained, “The enterprise private cloud, which we believe to be more secure, is unwittingly made less secure by us – the enterprise employees.”

It is attacks on the client — the “poison email” or false link we access — that invites “the bad guys” into the data center and proliferates widespread damage. And “the bad guys” will get in no matter what.

Breakthrough thinking is what we need to solve the problem – on both the technology side and the policy side.

One of the greatest challenges to strengthening cyber security is that new technology has been reactive rather than preventive. We build new solutions to fix problems that have already occurred.

Think how often we download security “updates” to our PCs and other devices to prevent a previous problem from recurring.

But malware is constantly morphing and metastasizing like cancer. Old threats are easily replaced by new ones even more damaging. It’s a catch-22.

On the policy side of cyber security, legislation has been written around legacy technologies that are no longer relevant.  That is slowly catching up as well – and just in time.

An early call to arms to make cyber security a national priority was made by former U.S. Senator Robert Bennett (R-UT) during Y2K. That’s over a decade ago, before US start-ups sparked today’s cloud phenomenon.

It was Senator Bennett’s foresight that if a global disaster could result from an unintended computer glitch, then the results could be hugely catastrophic if something similar were executed intentionally.

The prospects perceived back then are a reality today, in that some data breaches are too sophisticated to not be state-sponsored with malicious intent against the United States and other nations.

So how are we addressing both the technology and policy sides of cyber security to advance the global cloud computing opportunity?

Simon Crosby gave an enthusiastic sneak preview into Bromium’s open source approach to anticipate and prevent future occurrence of data breaches, not just react to them.

Since Moore’s Law advances technology at a staggering pace, keeping up with Moore’s Law is not enough. New security solutions need to anticipate and leap beyond malware that is also advancing with Moore’s Law.

Bromium is shoring up enterprise security via new hypervisor software that creatively expands the concept of Byzantine fault tolerance software design principles.

What Byzantine fault tolerance refers to is designing “failure-tolerant software algorithms” so that networked computer systems can cope, self-correct and keep working during hardware failures, network congestion or malicious attacks.

Bromium promises a solution that anticipates attacks and shrugs them off – delivering security by design rather than detection.

Software threats of any kind will be terminated before they can do damage – and it will not matter how they might have morphed in form and function.

Since Bromium is in stealth mode, we are anxious to hear more details about how the new hypervisor will work and its potential to dramatically reduce or eliminate threats to cloud security.

That’s the technology side of the story.

For the policy side, cyber security is a hot topic in Congress as well.

Last week’s “Cyber Week” in the House of Representatives resulted in passage of 4 bills on cyber security, including the Cyber Intelligence Sharing and Protection Act of 2011 (CISPA) to enhance information sharing between government and industry about cyber threats and eliminate legal barriers that might interfere.

In the Senate, the Cyber Security Act of 2012 proposed a process for Homeland Security to assess cyber risks to critical infrastructure, including proactive plans around notification, response and restoration.

Finally, this week launches the Congressional Cloud Task Force to spearhead advancement of cloud policy issues by members of the Congressional High Tech Caucus.

All eyes are on the cloud in Silicon Valley and Washington DC.

And they need to be, because when we consider the scope of how cloud computing can

the possibilities for new business creation are limitless.

We need side-by-side advancements in technology and policy to further unify and transform our world.

As we await exciting news from Bromium, what uniquely captures their passion to transform computing permanently is what Simon Crosby shared with me at the end of our talk – that for him,

“XenSource was fun.  But Bromium?  It’s personal.”

Follow Jacqueline and Cloud at Twitter @JacquelnVanacek




Recommended for you:

13 Scary Statistics On Employee Engagement [INFOGRAPHIC]

Jacob Shriar

There is a serious problem with the way we work.

Most employees are disengaged and not passionate about the work they do. This is costing companies a ton of money in lost productivity, absenteeism, and turnover. It’s also harmful to employees, because they’re more stressed out than ever.

The thing that bothers me the most about it, is that it’s all so easy to fix. I can’t figure out why managers aren’t more proactive about this. Besides the human element of caring for our employees, it’s costing them money, so they should care more about fixing it. Something as simple as saying thank you to your employees can have a huge effect on their engagement, not to mention it’s good for your level of happiness.

The infographic that we put together has some pretty shocking statistics in it, but there are a few common themes. Employees feel overworked, overwhelmed, and they don’t like what they do. Companies are noticing it, with 75% of them saying they can’t attract the right talent, and 83% of them feeling that their employer brand isn’t compelling. Companies that want to fix this need to be smart, and patient. This doesn’t happen overnight, but like I mentioned, it’s easy to do. Being patient might be the hardest thing for companies, and I understand how frustrating it can be not to see results right away, but it’s important that you invest in this, because the ROI of employee engagement is huge.

Here are 4 simple (and free) things you can do to get that passion back into employees. These are all based on research from Deloitte.

1.  Encourage side projects

Employees feel overworked and underappreciated, so as leaders, we need to stop overloading them to the point where they can’t handle the workload. Let them explore their own passions and interests, and work on side projects. Ideally, they wouldn’t have to be related to the company, but if you’re worried about them wasting time, you can set that boundary that it has to be related to the company. What this does, is give them autonomy, and let them improve on their skills (mastery), two of the biggest motivators for work.

Employees feel overworked and underappreciated, so as leaders, we need to stop overloading them to the point where they can’t handle the workload.

2.  Encourage workers to engage with customers

At Wistia, a video hosting company, they make everyone in the company do customer support during their onboarding, and they often rotate people into customer support. When I asked Chris, their CEO, why they do this, he mentioned to me that it’s so every single person in the company understands how their customers are using their product. What pains they’re having, what they like about it, it gets everyone on the same page. It keeps all employees in the loop, and can really motivate you to work when you’re talking directly with customers.

3.  Encourage workers to work cross-functionally

Both Apple and Google have created common areas in their offices, specifically and strategically located, so that different workers that don’t normally interact with each other can have a chance to chat.

This isn’t a coincidence. It’s meant for that collaborative learning, and building those relationships with your colleagues.

4.  Encourage networking in their industry

This is similar to number 2 on the list, but it’s important for employees to grow and learn more about what they do. It helps them build that passion for their industry. It’s important to go to networking events, and encourage your employees to participate in these things. Websites like Eventbrite or Meetup have lots of great resources, and most of the events on there are free.

13 Disturbing Facts About Employee Engagement [Infographic]

What do you do to increase employee engagement? Let me know your thoughts in the comments!

Did you like today’s post? If so you’ll love our frequent newsletter! Sign up here and receive The Switch and Shift Change Playbook, by Shawn Murphy, as our thanks to you!

This infographic was crafted with love by Officevibe, the employee survey tool that helps companies improve their corporate wellness, and have a better organizational culture.


Recommended for you:

Supply Chain Fraud: The Threat from Within

Lindsey LaManna

Supply chain fraud – whether perpetrated by suppliers, subcontractors, employees, or some combination of those – can take many forms. Among the most common are:

  • Falsified labor
  • Inflated bills or expense accounts
  • Bribery and corruption
  • Phantom vendor accounts or invoices
  • Bid rigging
  • Grey markets (counterfeit or knockoff products)
  • Failure to meet specifications (resulting in substandard or dangerous goods)
  • Unauthorized disbursements

LSAP_Smart Supply Chains_graphics_briefook inside

Perhaps the most damaging sources of supply chain fraud are internal, especially collusion between an employee and a supplier. Such partnerships help fraudsters evade independent checks and other controls, enabling them to steal larger amounts. The median loss from fraud committed
by a single thief was US$80,000, according to the Association of Certified Fraud Examiners (ACFE).

Costs increase along with the number of perpetrators involved. Fraud involving two thieves had a median loss of US$200,000; fraud involving three people had a median loss of US$355,000; and fraud with four or more had a median loss of more than US$500,000, according to ACFE.

Build a culture to fight fraud

The most effective method to fight internal supply chain theft is to create a culture dedicated to fighting it. Here are a few ways to do it:

  • Make sure the board and C-level executives understand the critical nature of the supply chain and the risk of fraud throughout the procurement lifecycle.
  • Market the organization’s supply chain policies internally and among contractors.
  • Institute policies that prohibit conflicts of interest, and cross-check employee and supplier data to uncover potential conflicts.
  • Define the rules for accepting gifts from suppliers and insist that all gifts be documented.
  • Require two employees to sign off on any proposed changes to suppliers.
  • Watch for staff defections to suppliers, and pay close attention to any supplier that has recently poached an employee.

About Lindsey LaManna

Lindsey LaManna is Social and Reporting Manager for the Digitalist Magazine by SAP Global Marketing. Follow @LindseyLaManna on Twitter, on LinkedIn or Google+.


Recommended for you:

Innovation Without Boundaries: Why The Cloud Matters

Michael Haws

Is it possible to innovate without boundaries?

Of course – if you are using the cloud. An actual cloud doesn’t have any boundaries. It’s fluid. But more important, it can provide the much-needed precipitation that brings nature to life. So it is with cloud technology – but it’s your ideas that can grow and transform your business.USA --- Clouds, Heaven --- Image by © Ocean/Corbis

Running your business in the cloud is no longer just a consideration during a typical use-case exercise. Business executives are now faced with making decisions on solutions that go beyond previous limitations with cloud computing. Selecting the latest tools to address a business process gap is now less about features and more about functionality.

It doesn’t matter whether your organization is experienced with cloud solutions or new to the concept. Cloud technology is quickly becoming a core part of addressing the needs of a growing business.

5 considerations when planning your journey to the cloud

How can your organization define its successful path to the cloud? Here are five things you should consider when investigating whether a move to the cloud is right for you.

1. Understanding the cloud is great, but putting it into action is another thing.

For most CIOs, putting a cloud strategy on paper is new territory. Cloud computing is taking on new realms: Pure managed services to software-as-a-service (SaaS). Just as legacy computing had different flavors, so does cloud technology.

2. There is more than one way to innovate in the cloud.

Alignment with an open cloud reference architecture can help your CIO deliver on the promises of the cloud while using a stair-step approach to cloud adoption – from on-premise to hybrid to full cloud computing. Some companies find their own path by constantly reevaluating their needs and shifting their focus when necessary – making the move from running a data center to delivering real value to stakeholders, for example.

3. The cloud can help accelerate processes and lower cost.

By recognizing unprecedented growth, your organization can embark on a path to significant transformation that powers greater agility and competitiveness. Choose a solution set that best meets your needs, and implement and support it moving forward. By leveraging the cloud to support the chosen solution, ongoing maintenance, training, and system issues becomes the cloud provider’s responsibility. And for you, this offers the freedom to focus on the core business.

4. You can lock down your infrastructure and ensure more efficient processes.

Do you use a traditional reporting engine against a large relational database to generate a sequential batched report to close your books at quarter’s end? If so, you’re not alone. Sure, a new solution with new technology may be an obvious improvement. But how valuable to your board will you become when you reduce the financial closing process by 1–3 days? That’s the beauty of the cloud: You can accelerate the deployment of your chosen solution and realize ROI quickly – even before the next full reporting period.

5. The cloud opens the door to new opportunity in a secure environment.

For many companies, moving to the cloud may seem impossible due to the time and effort needed to train workers and hire resources with the right skill sets. Plus, if you are a startup in a rural location, it may not be as easy to attract the right talent as it is for your Silicon Valley counterparts. The cloud allows your business to secure your infrastructure as well as recruit and onboard those hard-to-find resources by applying a managed services contract to run your cloud model

The cloud means many things to different people. What’s your path?

With SAP HANA Enterprise Cloud service, you can navigate the best path to building, running, and operating your own cloud when running critical business processes. Find out how SAP HANA Enterprise Cloud can deliver the speed and resources necessary to quickly validate and realize solid ROI.

Check out the video below or visit us at

Connect with us on Twitter: @SAPServices



Recommended for you:

5 Reasons You'll Embrace Digital Transformation In 2016

Dinesh Sharma

Without a doubt, the lives of everyone on this planet has been impacted by the digital economy. Approximately 2 billion of us don’t leave our homes without a smartphone in hand. We shop online for almost every conceivable product. And for the 57% who are still unconnected, they are benefiting from a growing social community that is exchanging ideas, influencing governments worldwide, inspiring change, creating awareness of injustice, and coordinating aid to those in need.

At the same time, a growing number of companies are extending the possibilities of hyperconnectivity. Kaeser Kompressoren is embedding sensors in its systems to predict potential breakdowns and generate revenue by tracking the volume of compressed air consumed by its customers. Haier Asia is doubling up its digital platform to get closer to its customers and give them exactly what they want. Even Europe’s second-largest port found a way to increase capacity by 150% without physically expanding its bustling facility.

For these companies, digital transformation is not just a strategic move – it’s a fundamental part of their survival and overall business model. In fact, a recent study by the Economist Intelligence Unit (EIU) revealed that 59% of executives view the failure to adapt to hyperconnectivity is their organization’s biggest threat.

2016: The year of real digital transformation

Despite all of this change, we have yet to scratch the surface of the possibilities the digital economy offers. Mark my words: 2016 will further prove the transformational power of the digital economy.

As we prepare to usher in a new year, here are my top predictions of how the digital economy will continue to revolutionize everything:

1. Digital masters will emerge – and win every time.

Companies that digitally transform everything they do and touch will further differentiate themselves from those that just dabble in digital services. Although the EIU reports that 19% of companies are radically changing their business model to seize the opportunities hyperconnectivity offers, they are becoming powerful brands.

Take Nike, for example. The well-known sports apparel company has transformed itself into a fitness and lifestyle brand. By actively engaging with customers through social media, mobile technology, and embedded sensors, it is fostering an empowered community. From tracking diet, activity, and fitness progress to sending reminders to get their customers moving, Nike is making sure that their customers have the support they need – whenever and wherever they need it. 

2. Digital Darwinism will become a significant threat.

Technology and society are evolving at a pace that is simply too difficult for many organizations to keep up with.  In fact, according to some predictions, 40% of the Fortune 500 are expected to no longer exist within 10 years if they do not evolve soon.

To survive, companies must be not only the strongest and the most intelligent, but they also must adapt to change.  We have all seen this firsthand as we spent the last 20 years saying goodbye to brand leaders that resisted the call and opportunity to digitize. So for the 81% that are not taking digital transformation seriously, make 2016 the year you start to get serious.

3. Digital transformation will be pervasive across every area of the business. 

To be truly transformed, companies must go beyond window dressing the customer experience, embedding a few sensors to monitor production, and monetizing a service with digital technology. They must reach deep into the bare bones of the company, going as far as human resources and finance and as high up as the executive boardroom.

Digital transformation is just the enabler – real change happens when the business culture, leadership, and processes of profit centers and cost centers embrace it and evolve with it. The cloud, mobile technology, networks, and analytics present every business area with a unique opportunity to gain greater efficiency, perform instant data analysis, and achieve better collaboration. Not only does digital transformation help companies modernize and become an attractive employer brand for younger talent, but it also creates a seamless customer experience, promotes more effective collaboration, and empowers the entire workforce.

One brand that shows the power of such an undertaking is Burberry. Famous for its digital retail experience online and in physical stores, the luxury retailer has taken its personalization strategy to its employees too. By making it easier for employees in all areas to sell the brand to customers, Burberry is experiencing increased engagement across its workforce. And in the end, that means a better customer experience – anytime, anywhere, and through any channel.

4. The sales funnel will disappear – for good.

For decades, the sales funnel has been used as a visual representation of separating qualified buyers from the rest of the prospect pool. However, thanks to the Internet and social network, the sales process has accelerated to the point where the funnel is no longer relevant.

CEB recently uncovered that the average buyer is 57% through the purchase decision process before their first interaction with a sales representative or channel. Plus, companies only have 12% of their customer’s mindshare through the buying experience.  As a result, customers tend to fall through the funnel undetected and without a defined journey.

Through digital transformation, sales and marketing can better address this issue by providing multiple touch points that can make the brand accessible to every existing and potential customer – no matter the path taken. Along the way, data should be collected, consolidated, and distributed across the enterprise to provide insight and power decisions at the moment of the interaction.

5. Cryptocurrency will pave the way for better data security. 

Bitcoin. Drones. Virtual reality. Cloud. All of these emerging technologies has drawn a fair amount of press lately. However, there are always naysayers fearful that these innovations will not measure up in terms of protection from cyberattacks and data breaches. And probably the most eyebrow-raising one of all is cryptocurrency. However, Bitcoin has included a level of security into its ecosystem: The blockchain.

Through redundancy, computational compliance, and high-speed processing, all transactions are logged on a publicly available general ledger and copied across thousands of servers. When a transaction is initiated, every one of those servers must agree that the information given is accurate. Should someone try to cheat or hack into the ecosystem, it will be rejected as soon as the new account identifier is detected to be unidentifiable.

Is it possible that someone can work faster than these servers? According to The Economist, it is nearly impossible to generate a new version of the blockchain quick enough to overtake more than half of the servers controlling it. As computing power and speed increases, so will the servers’ ability to process information faster than the most-competent blockchain miners.

What do you think of these predictions? Dust off your crystal ball and share how you foresee the digital economy evolving!

Learn more about what’s possible for your business in the digital economy. Check out these reports detailing the Economist Intelligence Unit’s research:



About Dinesh Sharma

As Vice President of Marketing, Internet of Things (IoT), Dinesh Sharma is charged with driving thought leadership, awareness and adoption of SAP’s solutions for IoT across industries and lines of business. He is responsible for go-to-market plans across the IoT portfolio, as well as providing detailed analysis of industry and market trends, customer needs, competitors, economic environment and emerging business opportunities. Prior to his current role, he was the global VP leading cloud and cloud platform marketing, where he successfully launched the industry’s first in-memory cloud platform-as-a-service (PaaS), SAP HANA Cloud platform. Dinesh is senior technology executive with over 20 years experience in the industry: His domain experience spans from semiconductors, software design, product marketing and business strategy. He has managed worldwide business units for large technology companies and also has founded technology start-ups, including Dynamic Pictures, Inc., which he sold to 3Dlabs. While at ATI and AMD he drove an increase in market share from 12% to 47% in less than 2 years, while also delivering a 5X growth in revenue by delivering innovative products, driving direct sales engagement and marketing programs that reinvigorated enterprise sales. Prior to joining SAP he has been in leadership roles at startups in virtualization, big data and distributed computing with a heavy emphasis on building Cloud infrastructure and platforms. He has captured over $30MM in venture funding in his entrepreneurial career. Dinesh holds a Bachelor of Engineering degree in Electronic Engineering from University of Liverpool, UK. He lives in the San Francisco Bay Area with his wife and two small children.

Recommended for you: