Have you heard about the new CLOUD Act data regulation?

Have you heard about the new CLOUD Act data regulation?

new CLOUD Act data regulation

Have you heard about the new CLOUD Act data regulation?

The new CLOUD Act data regulation became law as part of the recent $1.3 Trillion (USD) omnibus U.S. government budget spending bill passed by Congress on March 23, 2018 and signed by President of the U.S. (POTUS) Donald Trump in March.

CLOUD Act is the acronym for Clarifying Lawful Overseas Use of Data, not to be confused with initiatives such as U.S. federal governments CLOUD First among others which are focused on using cloud, securing and complying (e.g. FedRAMP among others). In other words, the new CLOUD Act data regulation pertains to how data stored by cloud or other service providers can be accessed by law environment officials (LEO).

U.S. Supreme court
Supreme Court of the U.S. (SCOTUS) Image via https://www.supremecourt.gov/

CLOUD Act background and Stored Communications Act

After the signing into law of CLOUD Act, the US Department of Justice (DOJ) has asked the Supreme Court of the U.S. (SCOTUS) to dismiss the pending case against Microsoft (e.g., Azure Cloud). The case or question in front of SCOTUS pertained to whether LEO can search as well as seize information or data that is stored overseas or in foreign counties.

As a refresher, or if you had not heard, SCOTUS was asked to resolve if a service provider who is responding to a warrant based on probable cause under the 1986 era Stored Communications Act, is required to provide data in its custody, control or possession, regardless of if stored inside, or, outside the US.

Microsoft Azure Regions and software defined data infrastructures
Microsoft Azure Regions via Microsoft.com

This particular case in front of SCOTUS centered on whether Microsoft (a U.S. Technology firm) had to comply with a court order to produce emails (as part of an LEO drug investigation) even if those were stored outside of the US. In this particular situation, the emails were alleged to have been stored in a Microsoft Azure Cloud Dublin Ireland data center.

For its part, Microsoft senior attorney Hasan Ali said via FCW “This bill is a significant step forward in the larger global debate on what our privacy laws should look like, even if it does not go to the highest threshold". Here are some additional perspectives via Microsoft Brad Smith on his blog along with a video.

What is CLOUD Act

Clarifying Lawful Overseas Use of Data is the new CLOUD Act data regulation approved by Congress (House and Senate) details can be read here and here respectively with additional perspectives here.

The new CLOUD Act law allows for POTUS to enter into executive agreements with foreign governments about data on criminal suspects. Granted what is or is not a crime in a given country will likely open Pandora’s box of issues. For example, in the case of Microsoft, if an agreement between the U.S. and Ireland were in place, and, Ireland agreed to release the data, it could then be accessed.

Now, for some who might be hyperventilating after reading the last sentence, keep this in mind that if you are overseas, it is up to your government to protect your privacy. The foreign government must have an agreement in place with the U.S. and that a crime has or had been committed, a crime that both parties concur with.

Also, keep in mind that is also appeal processes for providers including that the customer is not a U.S. person and does not reside in the U.S. and the disclosure would put the provider at risk of violating foreign law. Also, keep in mind that various provisions must be met before a cloud or service provider has to hand over your data regardless of what country you reside, or where the data resides.

Where to learn more

Learn more about CLOUD Act, cloud, data protection, world backup day, recovery, restoration, GDPR along with related data infrastructure topics for cloud, legacy and other software defined environments via the following links:

Additional learning experiences along with common questions (and answers), as well as tips can be found in Software Defined Data Infrastructure Essentials book.

Software Defined Data Infrastructure Essentials Book SDDC

What this all means and wrap-up

Is the new CLOUD Act data regulation unique to Microsoft Azure Cloud?

No, it also applies to Amazon Web Services (AWS), Google, IBM Softlayer Cloud, Facebook, LinkedIn, Twitter and the long list of other service providers.

What about GDPR?

Keep in mind that the new Global Data Protection Regulations (GDPR) go into effect May 25, 2018, that while based out of the European Union (EU), have global applicability across organizations of all size, scope, and type. Learn more about GDPR, Data Protection and its global impact here.

Thus, if you have not heard about the new CLOUD Act data regulation, now is the time to become aware of it.

Ok, nuff said, for now.

Gs

Greg Schulz – Microsoft MVP Cloud and Data Center Management, VMware vExpert 2010-2017 (vSAN and vCloud). Author of Software Defined Data Infrastructure Essentials (CRC Press), as well as Cloud and Virtual Data Storage Networking (CRC Press), The Green and Virtual Data Center (CRC Press), Resilient Storage Networks (Elsevier) and twitter @storageio. Courteous comments are welcome for consideration. First published on https://storageioblog.com any reproduction in whole, in part, with changes to content, without source attribution under title or without permission is forbidden.

All Comments, (C) and (TM) belong to their owners/posters, Other content (C) Copyright 2006-2024 Server StorageIO and UnlimitedIO. All Rights Reserved. StorageIO is a registered Trade Mark (TM) of Server StorageIO.

Are social media and networking a waste of time?

Are social media and networking including twitter, blogs, google+ and linkedin among other venues and mediums a waste of time or only for those who have nothing else to do?

As with most things, the answer is it probably depends.

However IMHO the answer is NO, social media and networking when incorporated as a part of doing business is not a waste unless like anything else you let it become a waste of time.

I have chosen to leverage social media networking along with traditional mediums, venues, news letters, in person events, and other means of communicating, learning and doing business vs. ignoring it.

Does that I mean I jump on or join in every new social networking medium or venue? Nope, however I’m always watching to see where to invest time and effort and find the return or benefit.

 

Some observations about social media and networking include:

You get out of social media and networking what you put into it: When it comes to LinkedIn, Michael Naylor told me several years ago to get involved with and you will get out of what you put into LinkedIn (or other venues for that matter). Now about eight or nine years later, even despite the spam, I completely agree how true Mikes advise has been and remains.

Engagement, interaction, discussion (or debate) are all part of the discourse in and around social media and networking. Louis Gray who got me hooked on twitter and some other mediums years ago has a great blog post that unless you are engaging or interacting, you are not social networking. What that means is simply using social networking media and mediums as a broadcast or one way communication platform is just that, talking at vs. talking with or too people. Thus get out of your comfort zone, step out from behind your pulpit or podium and engage with audiences or participants vs. talking at them to get out of what you put into it.


Dont be afraid of joining different groups or venues, listen, lurk, observe, learn from others in the same or adjacent areas online, however also keep time in perspective to get other tasks completed. This also means you can build your own castle or venue for people to come to or you can do a hybrid including your own site(s) as well as taking discussions and conversations to where other audiences are.

Let me put this a different way, I like to fish and catch. Sometimes I know where the fish are based on experience and when they might bite, then there are other times when they move. This means knowing when and where to go to different locations to catch a fish or catch a conversation.

Going where the fish are, fall on the St. Croix river

Building on the above, don’t be afraid to get involved or start a conversation.

Sure on some venues you will get spammed and a bunch of responses that you might not like particular if venturing out away from the safety of your own castle or site. However use those conversations and engagements to learn and interact, see what is on people’s minds or that they are interested in vs. what you want to tell them.

Where wasting time can come into play is trying to be part of every discussion, watching what everybody is doing or saying in all the various venues. For the trick has been to pick which venues are useful for where I want to invest time along with what I will get out of them in addition to using different tools to help find the applicable conversations and discussions. If you are not using things as basic as Google alerts you are probably spending too much time out looking for conversations or discussions, or, you are missing out on them altogether.

I have also noticed that there tends to be a correlation between those who are involved in one way communication and comment diminishing or dismissing social media and networking as a waste of time or not practical, hmm, go figure.

Otoh, I have also noticed those who tend to be involved in one way or non interactive discussions or that limit comments and discourse tend to also have lower numbers of followers, appear on fewer lists or get shared by others, hmm, go figure.

I have also noticed that some who do very well in cyberspace may not do as well in person and vise versa, however there are many who can do both. Likewise there are those who do well in columns that support interactive comments and those who do not.

Perhaps there is a hadoop big data analytics algorithm out there for someone who has lots of time to do some research on all of this?

In the meantime, for those interested, check out Johnny Bentwood (@JonnyBentwood) and some of the things he has done around analytics and social media and metrics if so interested.


What this all means is that to each their own, that is comfort zones. If your comfort zone and sphere of influence is in one way communication via print, online, video or what ever, then play to your strengths. Likewise, if yours is as a commentator or something else, go with it.

Leverage and get involved, don’t be scared, find your voice, engage, take part, however also be ready to be challenged while increasing your network of contacts, ability to learn and get out of what ever you put into it. Otherwise, stay in your comfort zone or within your sphere of influence.

As to if social media and networking are a waste of time and only for those who have nothing to do, well, if that is the case, last year was a banner year for me and my business. That is both in terms of activity, contacts, coverage, awards and accolades not to mention increasing discussions and experience in other areas as well as being involved in traditional media and venues or activities. I guess if that is the result of being involved or investing in social media and networking it is an honor to be among those who waste time and have nothing better to do.

Why do I take time out of my busy schedule to share this?

Simple, you get out of things what you put into it, and granted some will simply take advantage as opposed to contributing back, maybe they too will evolve to give back what they take out.

Feel free to engage or simply read and lurk, that option is all yours.

Ok, nuff said for now, have to get some other work projects done now.

Cheers
Gs

Greg Schulz – Author Cloud and Virtual Data Storage Networking (CRC Press, 2011), The Green and Virtual Data Center (CRC Press, 2009), and Resilient Storage Networks (Elsevier, 2004)

twitter @storageio

All Comments, (C) and (TM) belong to their owners/posters, Other content (C) Copyright 2006-2012 StorageIO and UnlimitedIO All Rights Reserved

SPC and Storage Benchmarking Games

Storage I/O trends

There is a post over in one of the LinkedIn Discussion forums about storage performance council (SPC) benchmarks being miss-leading that I just did a short response post to. Here’s the full post as LinkedIn has a short post response limit.

While the SPC is far from perfect, it is at least for block, arguably better than doing nothing.

For the most part, SPC has become a de facto standard for at least block storage benchmarks independent of using IOmeter or other tools or vendor specific simulations, similar how MSFT ESRP is for exchange, TPC for database, SPEC for NFS and so forth. In fact, SPC even recently rather quietly rolled out a new set of what could be considered the basis for Green storage benchmarks. I would argue that SPC results in themselves are not misleading, particularly if you take the time to look at both the executive and full disclosures and look beyond the summary.

Some vendors have taken advantage of the SPC results playing games with discounting on prices (something that’s allowed under SPC rules) to show and make apples to oranges comparisons on cost per IOP or other ploys. This proactive is nothing new to the IT industry or other industries for that matter, hence benchmark games.

Where the misleading SPC issue can come into play is for those who simply look at what a vendor is claiming and not looking at the rest of the story, or taking the time to look at the results and making apples to apples, instead of believing the apples to oranges comparison. After all, the results are there for a reason. That reason is for those really interested to dig in and sift through the material, granted not everyone wants to do that.

For example, some vendors can show a highly discounted list price to get a better IOP per cost on an apple to oranges basis, however, when processes are normalized, the results can be quite different. However here’s the real gem for those who dig into the SPC results, including looking at the configurations and that is that latency under workload is also reported.

The reason that latency is a gem is that generally speaking, latency does not lie.

What this means is that if vendor A doubles the amount of cache, doubles the number of controllers, doubles the number of disk drives, plays games with actual storage utilization (ASU), utilizes fast interfaces from 10 GbE  iSCSI to 8Gb FC or FCoE or SAS to get a better cost per IOP number with discounting, look at the latency numbers. There have been some recent examples of this where vendor A has a better cost per IOP while achieving a higher number of IOPS at a lower cost compared to vendor B, which is what is typically reported in a press release or news story. (See a blog entry that also points to a CMG presentation discussion around this topic here.

Then go and look at the two results, vendor B may be at list price while vendor A is severely discounted which is not a bad thing, as that is then the starting list price as to which customers should start negotiations. However to be fair, normalize the pricing for fun, look at how much more equipment vendor A may need while having to discount to get the price to offset the increased amount of hardware, then look at latency.

In some of the recent record reported results, the latency results are actually better for a vendor B than for a vendor A and why does latency matter? Beyond showing what a controller can actually do in terms of levering  the number of disks, cache, interface ports and so forth, the big kicker is for those talking about SSD (RAM or FLASH) in that SSD generally is about latency. To fully effectively utilize SSD which is a low latency device, you would want a controller that can do a decent job at handling IOPS; however you also need a controller that can do a decent job of handling IOPS with low latency under heavy workload conditions.

Thus the SPC again while far from perfect, at least for a thumb nail sketch and comparison is not necessarily misleading, more often than not it’s how the results are utilized that is misleading. Now in the quest for the SPC administrators to try and gain more members and broader industry participation and thus secure their own future, is the SPC organization or administration opening itself up to being used more and more as a marketing tool in ways that potentially compromise all the credibility (I know, some will dispute the validity of SPC, however that’s reserved for a different discussion ;) )?

There is a bit of Déjà here for those involved with RAID and storage who recall how the RAID Advisory Board (RAB) in its quest to gain broader industry adoption and support succumbed to marketing pressures and use or what some would describe as miss-use and is now a member of the “Where are they now” club!

Don’t get me wrong here; I like the SPC tests/results/format, there is a lot of good information in the SPC. The various vendor folks who work very hard behind the scenes to make the SPC actually work and continue to evolve it also all deserve a great big kudos, an “atta boy” or “atta girl” for the fine work that have been doing, work that I hope does not become lost in the quest to gain market adoption for the SPC.

Ok, so then this should all then beg the question of what is the best benchmark. Simple, the one that most closely resembles your actual applications, workload, conditions, configuration and environment.

Ok, nuff said.

Cheers gs

Greg Schulz – Author Cloud and Virtual Data Storage Networking (CRC Press), The Green and Virtual Data Center (CRC Press) and Resilient Storage Networks (Elsevier)
twitter @storageio

All Comments, (C) and (TM) belong to their owners/posters, Other content (C) Copyright 2006-2024 Server StorageIO and UnlimitedIO LLC All Rights Reserved

R U Twittering Yet?

For those of you who are twitter fans, you can skip this post if you like as you are already twittering and know what it’s about, however feel free to follow me if you are not already doing so @storage.

On the other hand, for those of you new or not familiar with twitter (click here to learn more and sign-up) also known as micro blogging, is yet another venue and means to communicate, collaborate, network or what have you. In a nutshell, twitter messages, posts or tweets are 140 characters that appear on your twitter page for followers to view and respond to. For longer tweets or long URL’s, tiny URL’s can be used.

You can also include other tweeters in a post so your post will appear on their pages for discussion. Tweets can also be forwarded to others via a RT or retweet. Tweets as they are refereed to can be done via a web interface, from an iphone or other mobile device, or via email such as Microsoft Outlook with OutTwit.

Think of twitter as a cross between blogging, texting, IM and a few other things smashed together. For the competitive or status seekers, there are even grading or ranking sites to see or show how you stack up or compare to others.

Some tweets are discussion points, some are smash or trash talk, some are adds or news feeds, some are random thoughts or musings. Some people tweet constantly while others tweet now and then with some actively following and tweeting, while others simply lurk. Some follow others who follow-them, others simply post and follow few if anyone. Tweeters range from corporate or organizations to individuals for work or for fun for almost any cause, its really up to you how, when, why and where you want to tweet from.

Here’s a link to a blog post that I did late last year about what I refer to as tiered communications. While some may have a strong preference for one medium or venue vs. another, I see the different social networking, web 2.0 and related venues including facebook, twitter, friend feed, linkedin, plaxo, blogs, RSS, web sites and IM among others as different tiers and tools for communicating.

Check twitter out when you get a chance and start tweeting if the spirit so moves you, tweet you soon, however word of caution, tweeting can be addictive for some!

I can be found and followed @storageio or www.twitter.com/storageio and happy tweekend as its Friday.

Cheers gs

Greg Schulz – Author Cloud and Virtual Data Storage Networking (CRC Press, 2011), The Green and Virtual Data Center (CRC Press, 2009), and Resilient Storage Networks (Elsevier, 2004)

twitter @storageio

All Comments, (C) and (TM) belong to their owners/posters, Other content (C) Copyright 2006-2011 StorageIO and UnlimitedIO All Rights Reserved

Hitting The Road Again

The phrase hitting the road can have different meaning these days with rash of layoffs, cutbacks, right-sizing and so forth that are hitting companies of all sizes include IT manufacturer, services, media and even analysts firms of the like of giant Gartner (who also canceled some of their upcoming shows/conferences) and Forseters among others large firms.

For those unfortunate who have been caught up in the various recent market dynamics and job cuts, best wishes and good luck. What I have been telling people who have been contacting me for referrels, references, looking to be hired and so forth is to check-out Carter Lusher on twitter and his blog site over at SageCircle (A site for Analyst Relations-AR folks). Also check-out Jeremiah Owyang of Forrester blog, both of whom have some tips and other useful information including how to use and leverage social media tools including twitter among others. Don’t forget the various groups within Linkedin (e.g. Linkedin Groups) and other networking groups for that matter if you have not already done so as there are various notes and information for job seekers as well as job openings looking to be filled. Speaking of social media and web 2.0 including twitter, I can be found at twitter.com/storageio.

In the context of StorageIO, I’m off traveling on the road again for what marks the start of a busy and exciting winter and early spring schedule. While I wont be able to attend the big events in Washington DC or wine tasting with friends in the Sydney (Oz) area this week, I will be in San Jose, CA (Do you know the way to San Jose?) key noting at the SNIA Symposium and then at a private event in Tucson, AZ (Sorry, not at the bone yard or IBM for this trip).

At the SNIA event, the audience will be those from the storage and networking industry in general including a mix of vendors and vars, some media and analysts and a few IT customers. The title for my keynote talk at SNIA this week will be "Storage Industry Update V2.009: Chaos and Opportunity ?What?s the Buzz!". As for the theme, well, to say that times are tough would be an understatement, yet, with the financial markets and economic chaos, for many originations, the show must go however it?s not business as usual, it?s doing more work, processing and storing more information in a given footprint and at a lower cost than in the past. Yet in all of the current chaos and conditions, there are near term tactical as well as long term strategic opportunities in the storage networking and data management ecosystem.

In Tucson, the focus will be different with an audience of IT professionals from various size business and a theme of being sponsored by Silverado technologies The theme is Enabling Virtual IT Infrastructure – Trends in Data Management, Storage Management & Security Issues in Virtualized Environments. My keynote talk will be "Storage in a Virtual Data Center: Performance, Availability, Security and Data Protection". The session looks at storage and networking trends, technologies and techniques to support and enable a virtual data center.

In addition to this weeks schedule, other upcoming events include a speaking engagement on "The Green and Virtual Data Center" at an event in Cancun in early February, stops in Dallas, Tampa, Miami, Los Angles, Birmingham and Cincinnati on the Techtarget custom events tour train as well as Las Vegas and others in April and beyond in addition to other activities. Check out the StorageIO events page for more information on these and other activities in a location near you. If you are in either San Jose or Tucson this week, or in any of the other upcoming locations, come on out, stop by and say hello as it would be great to catch up and hear what’s the buzz.

Cheers – gs