Vulnerabilities / Threats // Insider Threats
1/18/2011
09:31 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Verizon To Continue Rapid Cloud Ramp

The firm will rapidly expand its cloud offerings, with platform-based services, customer relationship management, and enterprise resourcThe telecom provider will expand its cloud computing offerings with platform-based services, and upcoming CRM and ERP apps.e planning launching in 2011.

Top 10 Cloud Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Cloud Stories Of 2010

Verizon Business rapidly expanded its cloud capabilities last year, and plans to do the same in 2011. It's not previously been seen as a prominent name in cloud computing, but its enhanced capabilities indicate that may be about to change.

It started out in 2009 offering simple infrastructure as a service, like Amazon's EC2. Later this year, it will move beyond infrastructure into platform-based services and start offering customer relationship management (CRM) and enterprise resource planning (ERP) applications online as software as a service (SaaS). Not only is it bringing increased capabilities, but its customers are bringing increased demands, as they broaden the role Verizon's Computing-as-a-Service (CaaS) plays in their operations.

"We are seeing very broad use-cases," said Patrick Verhoeven, Verizon manager of cloud services, as business workloads become more production-oriented and less dominated by Web site applications or software test and development.

Verhoeven doesn't look under the lid of customers' workloads, but he suspects a few are making use of Verizon's ability to guarantee Payment Card Industry (PCI)-compliant infrastructure to customers. PCI-compliant architectures in the cloud are gaining new credibility as Amazon Web Services announced it had achieved PCI compliance on Dec. 7, which would allow credit card transactions to take place there. Verizon had its own audited and compliant infrastructure in place as of Aug. 18.

"Customers still have to undergo a third-party audit to ensure their systems connected to the cloud are compliant. But knowing the (cloud) infrastructure is already compliant makes that easier," said Verhoeven.

Verizon's CaaS cloud is managed following IT Infrastructure Library guidelines and is audited for SAS 70 compliance. Part of Verizon's approach to cloud users this year will give them not only fast, automated provisioning of servers, but also the ability to conduct secure transactions in an environment managed to established standards. One result is that Verizon moved out of the also-ran category on Dec. 22 into the Gartner "Leaders" so-called magic quadrant. Other leaders include Rackspace, Terremark, Savvis, and AT&T, according to Gartner. Amazon Web Services with EC2 is shown as leading the pack in the "Visionaries" quadrant.

In addition, Verizon is one of a handful of suppliers named a first-tier implementation partner by VMware, which means Verizon had adopted VMware's vCloud compatibility software and can run VMware ESX Server virtual machines. Since VMware is the most widely distributed virtualization software in the enterprise, a VMware-compatible cloud might have a broader market appeal than ones that run only their own brand name.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0993
Published: 2014-09-15
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file.

CVE-2014-2375
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

CVE-2014-2376
Published: 2014-09-15
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2377
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.

CVE-2014-3077
Published: 2014-09-15
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant