Vulnerabilities / Threats // Insider Threats
1/18/2011
09:31 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Verizon To Continue Rapid Cloud Ramp

The firm will rapidly expand its cloud offerings, with platform-based services, customer relationship management, and enterprise resourcThe telecom provider will expand its cloud computing offerings with platform-based services, and upcoming CRM and ERP apps.e planning launching in 2011.

Top 10 Cloud Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Cloud Stories Of 2010

Verizon Business rapidly expanded its cloud capabilities last year, and plans to do the same in 2011. It's not previously been seen as a prominent name in cloud computing, but its enhanced capabilities indicate that may be about to change.

It started out in 2009 offering simple infrastructure as a service, like Amazon's EC2. Later this year, it will move beyond infrastructure into platform-based services and start offering customer relationship management (CRM) and enterprise resource planning (ERP) applications online as software as a service (SaaS). Not only is it bringing increased capabilities, but its customers are bringing increased demands, as they broaden the role Verizon's Computing-as-a-Service (CaaS) plays in their operations.

"We are seeing very broad use-cases," said Patrick Verhoeven, Verizon manager of cloud services, as business workloads become more production-oriented and less dominated by Web site applications or software test and development.

Verhoeven doesn't look under the lid of customers' workloads, but he suspects a few are making use of Verizon's ability to guarantee Payment Card Industry (PCI)-compliant infrastructure to customers. PCI-compliant architectures in the cloud are gaining new credibility as Amazon Web Services announced it had achieved PCI compliance on Dec. 7, which would allow credit card transactions to take place there. Verizon had its own audited and compliant infrastructure in place as of Aug. 18.

"Customers still have to undergo a third-party audit to ensure their systems connected to the cloud are compliant. But knowing the (cloud) infrastructure is already compliant makes that easier," said Verhoeven.

Verizon's CaaS cloud is managed following IT Infrastructure Library guidelines and is audited for SAS 70 compliance. Part of Verizon's approach to cloud users this year will give them not only fast, automated provisioning of servers, but also the ability to conduct secure transactions in an environment managed to established standards. One result is that Verizon moved out of the also-ran category on Dec. 22 into the Gartner "Leaders" so-called magic quadrant. Other leaders include Rackspace, Terremark, Savvis, and AT&T, according to Gartner. Amazon Web Services with EC2 is shown as leading the pack in the "Visionaries" quadrant.

In addition, Verizon is one of a handful of suppliers named a first-tier implementation partner by VMware, which means Verizon had adopted VMware's vCloud compatibility software and can run VMware ESX Server virtual machines. Since VMware is the most widely distributed virtualization software in the enterprise, a VMware-compatible cloud might have a broader market appeal than ones that run only their own brand name.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: nice post
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1750
Published: 2015-07-01
Open redirect vulnerability in nokia-mapsplaces.php in the Nokia Maps & Places plugin 1.6.6 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the href parameter to page/place.html. NOTE: this was originally reported as cross-sit...

CVE-2014-1836
Published: 2015-07-01
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.

CVE-2015-0848
Published: 2015-07-01
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.

CVE-2015-1330
Published: 2015-07-01
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vecto...

CVE-2015-1950
Published: 2015-07-01
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report