Category: Cloud

MGM Resorts Ransomware Attack: Disaster Recovery as a Malware Defense

This article was authored by me and posted on my company’s website. Please read the full article there.

MGM Resorts reported an active Ransomware incident starting on September 11th, and as of September 17th, it had not fully recovered. Rumors are that the company did not pay the ransom and is “recovering” its systems.

It makes you wonder, if a company like MGM Resorts, with all of its available resources, is struggling with a ransomware attack, what does that mean for the everyday company, not on its scale? After all, cyber criminals attack companies of all sizes.

I previously wrote about the concept of using the cloud to test and perfect your malware defenses. The main point is that the cloud could be a safe way to test your preventative measures in a live sandbox environment without the risk of actual contamination.

Why didn’t MGM switch to its Disaster Recovery (DR) system? You would think it would have a mirror of its production systems, and it could “switch over” in such events. Most DR systems are designed to switch over in minutes or hours, but not days or never. There are a few possibilities. One might be that its DR system was also impacted by the attack. The other is that its DR model likely did not include shared components essential to its overall operation, which seems unlikely.

Continue to the full article at this link.

The Rise of the Super Cloud and What it Means for Specialized Workloads

This article was authored by me and posted on my company’s website. Please read the full article there.

First came “the cloud,” and IT embraced and consumed it. For many companies, this evolved into hybrid-cloud due to business requirements such as meeting regulatory and data sovereignty requirements, leveraging paid-for on-premises technology investments, and addressing requirements for low latency, especially when communicating to legacy architectures.

Then came “multi-cloud,” as described by Vmware and others. Where “the cloud” usually means using the services of a single cloud provider, which most of us have done, “multi-cloud” describes using multiple cloud providers’ services in a heterogeneous way. More complex than the single cloud, multi-cloud is helpful for organizations needing to pick and choose services from various cloud vendors or requiring high-end redundancy. Today, 61% of businesses use one or two clouds and are considered to be “multi-cloud.” The drawback of multi-cloud is that each cloud operates in a more isolated operational model, and the customer has to integrate them. Concerns about specialized skill sets, greater complexity, and increased security concerns are often cited as the challenges of multi-cloud.

Continue to the full at this link.

Leveraging the cloud to accelerate mergers, acquisitions, divestitures

This article was authored by me and posted on my company’s website. Please read the full article there.

Companies engage in mergers, acquisitions, and divestitures. In most cases, a lengthy due diligence process happens. At some point in the process, “technological compatibility” between the impacted organizations is considered.  What happens when the companies merging have entirely different IT architectures?

Continue to the full article at this link.

How to “Float” on the Multi-Cloud.

There is a lot of talk about “multi-cloud,” but trying to achieve that level of cloud diversity might be challenging for many organizations. If you are starting out in the cloud, instead of building cloud-specific expertise across multiple cloud providers, try to “float” across multiple clouds as much as possible. Here is how.

First off, “What is Multi-cloud?”

Continue reading

Southwest needs a lift-and-shift to the multi-cloud, then refactor.

Most of us have heard about the crisis Southwest Airlines had over the Holidays. Most articles cite “problems related to legacy systems…” and “outdated scheduling software called SkySolver.” And, of course, there will be a huge financial impact as they try to make everything right with their customer base.

Most likely, the CEO, CFO, COO, CIO, and CTO of Southwest are receiving many calls and emails from vendors offering to “Let us fix it. We will convert everything to be cloud native…” This path sounds like the old saying, “No one ever got fired for buying IBM…” Southwest has a stated multi-cloud strategy, but legacy applications like SkySolver were obviously not priority cloud-native candidates. Though there will be pressure from investors, the industry, and the press to convert legacy applications like SkySolver to cloud-native, I would not initially recommend this approach.

Continue reading

Don’t have a Cloud Strategy? You should still migrate one app to the Cloud.

“Cloud computing is in its beginning stages and will only continue to grow, Amazon Web Services CEO Adam Selipsky told CNBC’s Jim Cramer on Tuesday.” (June 28th, 2022)

Even if you currently don’t have a comprehensive cloud strategy, regardless of the reason, there is a justification for doing a “proof-of-concept” in the cloud for at least one application of significance in your app portfolio.

Here are a few top reasons companies cite why they don’t move to the cloud. Of course, there could be many others, but these are popular.

  1. Costs (cost of the cloud service, plus implied costs like network connectivity)
  2. Your applications are antiquated and based on mainframe or mid-range servers.
  3. Security
  4. “If it isn’t broken, don’t fix it.”
Continue reading

“Lift and Shift” doesn’t mean “No Re-Factoring Required.”

If you have legacy applications and are moving to the cloud, one popular pattern is to do a simple “Lift and Shift.” That means you don’t architecturally change the application but simply move it to your cloud of choice and run it just like you did before. This approach lets you more quickly “get out of the data center” and doesn’t initially imply that you have to refactor any part of the application to use native services provided by your cloud vendor.

In fact, if the application is stable but just legacy, your valid strategy might be to let it run forever in an “as-is” state. Nothing changes. Just get it running in the cloud and out of the data center.

This approach’s major downside is that Lift-and-Shift also carries forward all the Technical Debt accumulated for that application.

Continue reading

In the near future, you will administer your IBMi LPAR by putting on your headset and entering the Metaverse…

This is just a late-night “riff” of creative writing. A very raw draft of a storyline of one possible version of the future……

===================================

It’s about 8:30 AM, and my work day begins. As a system administrator for a large insurance company, I’m responsible for keeping everything running in our various data centers. Typically I login to my laptop and scan various dashboards and trouble ticket systems that report when something isn’t working right. There would be an alert or log entry describing some problem. The problems could come from any of our data centers around the world. I login to those remote systems and try to figure out is was wrong and attempt to fix it. When needed, other co-workers assist depending on the problem and what skill set might be needed to fix it. Sometimes an application breaks, or maybe a network connection stops working. Occasionally some piece of hardware goes bad. I spend my whole day looking at log files and error messages, emailing, talking, or chatting with other co-workers using collaboration tools like Slack and Microsoft Teams, emailing, and calling hardware and software vendors whose products my company uses. 

Continue reading

“My application can’t be moved to the cloud!”

My company provides the ability to host IBM Power AIX and IBMi application workloads in the cloud. We partner with two of the world’s largest technology companies to provide this service. During my daily activities as a Cloud Solutions Architect (aka Pre-Sales Engineer), I listen to many customers tell us about their “hopes and dreams” regarding moving legacy workloads to the cloud. These are definitely “Cloud Stubborn”. But when it comes to legacy applications based on IBM Power one of their common responses is:

“It is impossible to move my IBM Power-based application to the cloud.”

Of course, that begs the question “Why not?” The answer is often one of these:

  1. “My application is based on IBM’s AS/400 or more recently called IBMi, or IBM AIX.”
  2. “My application has hard-coded IP addresses compiled into the source code.”
  3. “There is no longer anyone around who knows about the code or applications that are still running.”
Continue reading