Welcome!

@ThingsExpo Authors: William Schmarzo, Pat Romanski, Liz McMillan, Elizabeth White, Yeshim Deniz

Related Topics: @CloudExpo, Cloud Security, @ThingsExpo

@CloudExpo: Article

Iron-Clad Cloud Networks By @JamesCarlini | @CloudExpo #IoT #Cloud

‘In the Age of Nanokrieg© and cyberattacks, hardening Intelligent Infrastructure and Mission Critical Networks is a must’

Iron-Clad Cloud Networks and Defending Against Nanokrieg©

Today, most enterprises have some type of cloud-based solutions or are looking at cloud-based infrastructure for some of their enterprise applications. What is lacking in many organizations is the strategic design focus and sophisticated implementation for very secure infrastructure which not susceptible to cyberattacks.

Hardening data centers as well as enterprise networks (and clouds) is a critical step to ensure an organization's business continuity. Forget "disaster recovery" as it is a dated term and dated concept. Disaster recovery refers to the organized shutdown of systems and then when the disaster (event) is over, a systematic restart of the total application is initiated.

In today's business environment, many organizations cannot survive if their applications are out-of-service for a couple of days. Business continuity, where enterprise operations continue through the episode of the disaster, is a more robust design approach to system and network resiliency.

Disaster recovery is a dated term like data processing. More resilient systems, which are not susceptible to disasters and outages, are what should be planned and designed, especially for any organization's mission critical applications.

The Internet of Things (IoT) Is Only as Good as the Internet of Reality
I have said this in previous columns, "The Internet of Things is only as good as the Internet of Reality: the Network Infrastructure." Too many IT executives buy off on glossy brochures and catchy buzz-phrases about the "Internet of Things" spun out by the "P.T. Barnum-like", vendor evangelists in their corporate-logo golf shirts.

IT execs, who are not asking hard questions as to the "resiliency and robustness" of some of the inter-workings these cloud products, will be the first ones suffering when their organizations is exposed as having a data leak, a network failure, or a loss of all customer records and credit card information due to a cyberattack. Of course, this also applies to government systems and networks as well.

If the corporate (or government) network infrastructure is not fully protected or resilient from cyberattacks and other threats, the functionality of its cloud will be compromised whether it is a public or private cloud.

Why is this so important? If you are looking at any cloud-based computing, it better be bulletproof especially if it is carrying time-sensitive mission critical applications for your enterprise or information deemed private and confidential (like customer credit card information or health records).

One cloud feature missing in financial networks which I have pointed out in the past is Cloud Transaction Synchronicity ©. Basically, this is the total traffic synchronization of ALL transactions being sent across within a cloud. This should be a traffic monitoring service available in any cloud application.

This would guarantee a much higher and comprehensive level of compliance within the boundaries of the SEC (Securities and Exchange Commission), FINRA (Financial Industry Regulatory Authority) as well as other regulatory bodies within the financial and brokerage area. By having this timing synchronization embedded into the total network infrastructure of a cloud, it would guarantee the ability to re-construct the transaction sequence in any major drop or jump in the velocity and value of transactions processed. It would be able to provide exact sequencing of transactions and where they originated from, which in today's cloud networks is not a functional capability of any network utilizing HFT servers (High Frequency Trading).

Without having this type of diagnostic capability, no cloud network offers what is really needed to be able to re-construct and diagnose the sequence of transactions occurred in a market crash scenario like the one that happened in 2010. (The 1000 Point Drop of the Dow)

Testing the Design for Resiliency: Have You Really Thought It Out?
Many senior executives talk about building network clouds and using them to offer various applications to users in both closed networks (private clouds) and open networks (public clouds).

Have these clouds been thoroughly tested and thought through? One of the major networks being discussed today is the First Responder Network, FirstNet. It is supposed to be a government network that has many capabilities for municipalities. One of its flaws that I see is there is no mention of being EMP-proof throughout the network. They need to incorporate that capability into their RFP and the design spec.

EMP attacks are a real possibility. With the rise in terrorist attacks and a country's national economy viewed as a viable target, it makes sense to harden both data centers and their networks to a standard where EMP attacks are nullified (http://www.thefederalistpapers.org/us/emp-attack-on-us-power-grid-could-kill-9-in-10-americans):

As the Heritage Foundation has reported, an EMP attack with a warhead detonated 25 to 300 miles above the U.S. mainland "would fundamentally change the world:"

"Airplanes would fall from the sky; most cars would be inoperable; electrical devices would fail. Water, sewer and electrical networks would fail simultaneously. Systems of banking, energy, transportation, food production and delivery, water, emergency services and even cyberspace would collapse."

Is your data center susceptible to an EMP attack? (Electro-Mechanical Pulse bomb) Are your network EMP-proof? If you are dealing with a third party supplying a data center capability and/or a private cloud, are they EMP proof?

These are questions to have fully answered before you embark on building out any enterprise or third party-supplied, cloud network or data center supporting any mission critical application.


Carlini's upcoming book on Military Infrastructure, Strategies & Tactics for the War on Terrorism, Nanokrieg Beyond Blitzkrieg, will be out in 2016.

His visionary book, Location Location Connectivity is available on AMAZON.

Follow daily Carlini-isms at www.TWITTER.com/JAMESCARLINI

Copyright 2015 - James Carlini

More Stories By James Carlini

James Carlini, MBA, a certified Infrastructure Consultant, keynote speaker and former award-winning Adjunct Professor at Northwestern University, has advised on mission-critical networks. Clients include the Chicago Mercantile Exchange, GLOBEX, and City of Chicago’s 911 Center. An expert witness in civil and federal courts on network infrastructure, he has worked with AT&T, Sprint and others.

Follow daily Carlini-isms at www.twitter.com/JAMESCARLINI

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
In today's enterprise, digital transformation represents organizational change even more so than technology change, as customer preferences and behavior drive end-to-end transformation across lines of business as well as IT. To capitalize on the ubiquitous disruption driving this transformation, companies must be able to innovate at an increasingly rapid pace.
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...