Posts

Channel Partners buzz: security, cloud education and wholesale cloud

FullSizeRender_CP15
The team is back from Las Vegas from the annual Channel Partners Conference and our heads are spinning with ideas from all of the great discussions we had with service providers and colleagues.

channelpartnersmarch2015_shengDuring our panel session, on the exhibit floor, and during show related events we heard a lot of chatter about various cloud related topics. Here are just a few of our takeaways from the event:

  • Security and compliance are still top concerns – during our panel session Moving Clients’ Apps to the Cloud at the Channel Partners Conference, security and compliance were hot topics. There is still a lot of apprehension when it comes to the cloud, but it becomes apparent that we need to look at both the application and infrastructure layers individually to determine the proper division of responsibility. In our recent blogpost we discussed security and the misguided notion that on-premise solutions are inherently safer. The bottom line: the cloud is a secure place to be, it really is just a matter of looking at the whole picture and understanding how your stack is built to effectively address vulnerabilities and implement an ongoing strategy that will keep data safe.
  • White label wholesale cloud is a game-changer for channel partners – after numerous demos and discussions of our wholesale cloud platform and the benefits our ground-breaking Cloud 2.0 architecture engender, it was clear that many attendees were unaware that an option like OrionVM even existed. This exemplifies how service providers today really are trapped between the cost and complexity of either building their own cloud (typically via legacy stacks e.g. VMware, Cisco, EMC etc.) or resigning themselves to using a public retailer like AWS. A light bulb literally goes off when they realize they can have the advantages of both approaches, minus any of their drawbacks. Wholesale white label cloud continues to garner traction amongst telcos, MSPs, SIs, and VARs alike as these clients discover the ease and speed at which they can brand and deploy their own Private, Public and Hybrid cloud solutions. No other CSP at the expo offered an out-of-the-box, turnkey platform like OrionVM, making us a unique opportunity for the channel to truly differentiate and gain a competitive advantage in the market.
  • The need for education around cloud innovation – cloud is still a relatively new concept for a wide range of service providers previously focused on selling hardware, colocation, or telecom products. We are seeing a huge need for education on emerging tech, data center advancements, and recent cloud innovations. Other companies, along with OrionVM, represent an IT transformation that can liberate from legacy approaches as the brave new world of cloud is cluttered with spin, hype, and a complex array of vendors and services.  In the spirit of this IT transformation, we attended the very cool Renegade Trust launch party during the conference, and are excited to collaborate/participate with this consortium in the future to help educate the market and evangelize some of the new tools and technologies now available. The current cloud ecosystem is populated by many who are unaware of the cost-savings and options now possible, or still simply view the industry through the biased lens of a particular vendor, agent, or outdated infrastructure allegiance. Whether someone uses OrionVM or not, it really all is about building community and helping peers and colleagues make better informed purchasing decisions that best match their specific requirements.

Did we miss you at the show? No worries, our expo special promo is still available to eligible channel partners until June 30th, 2015. Find out more here.

The OrionVM Wholesale Cloud Platform gives any service provider a tremendous opportunity to quickly and profitably deliver enterprise-grade cloud services for their users and organizations.

Advisory: OrionVM Platform Not Affected by Xen Hypervisor Vulnerability – XSA-108

To address any customer concerns in regards to the recent, well publicized Xen vulnerability, we want to let you know that the OrionVM platform was not affected by this issue. The following bulletin was shared with OrionVM customers while the Xen hypervisor vulnerability (XSA-108) was under embargo this past week. The embargo was lifted October 1st.

As you may have heard companies (such as Rackspace, IBM and AWS) have already rebooted customer instances over the last week, proactively responding to the information of this potential security breach.

OrionVM was part of a limited set of vendors approved for pre-disclosure access and received details about the issue, which would have allowed us to patch our systems before the issue was made public by Xen.

The good news is that our platform was not affected by this issue, so no action was necessary.

We take customer security extremely seriously. Immediately upon learning the issue existed, our operations team worked diligently to bring extra compute online in anticipation of migrating customer instances to patched hypervisors, and also began testing an upgrade path. Given our preparation and quick action, an effective process was in place to handle the situation if a patch update had been required.

Now that the issue is no longer under embargo, we are now learning just how vulnerable customer data may have been with other cloud providers that were impacted by this issue. Per a recent article Olivier Lambert of the Xen Orchestra Project said the flaw could be used to read the memory of other guest virtual machines or crash them. Disgruntled users of other cloud providers forced to reboot their instances has led to a call for a set of industry patching best practices  to better handle these types of security updates in the future.

If you have any further questions or concerns, please do not hesitate to contact us by emailing support@orionvm.com