Summarize the concept of subprime loans and the risks they pose to the lender and borrower.

Standard


The term subprime loan term refers to lending grounded on the borrower’s low credit qualification based on the lack of or poor credit history.   These loans are granted at a higher rate than other prime loans.  The difference between them is risk versus revenue.   The riskier it is, the higher the income (Piera, 2008, p. 1).   Gilbert (2011) describes the subprime lending a mess consisting of individuals defaulting on loans, banks and other mortgage lenders foreclosing on homes (p. 3).   Gilbert continues to state that it also consisted of borrowers removed from their homes, unkempt neighborhoods and squatters (p. 3).   In 2007, experts thought that the crises would have been contained within only the mortgage issuers but no one suspected that the fallout would have been so severe to threaten the economy to such an extent (Bianco, 2008, p. 3).

Easy credit in addition to the anticipation that the housing prices would continue to climb encouraged the majority of subprime borrowers to acquire Adjustable Rate Mortgages. Consequently, they couldn’t afford these types of loans after initial period passed.  Then housing prices started to fall as a result of the price correction and consequently homeowners who could not refinance started to default (Bianco, 2008, p. 10). The borrowers were at risk of losing their homes and having their credit rating indicate, to lending institutions, a very risky borrower.  Research by White (2009) states there is no question that bad decisions made matters worse for lending institutions. The mistakes explain why certain financial institutions got into more trouble more than others (p. 2).  “The high risk on the mortgages came back to banksbite the mortgageholders” (p. 2).  These were the financial institutions that were owed the monthly payments.  As a result of the great recession, a number of large banks went bankrupt or were or acquired by larger institutions.   Research by Havermann (n.d) says that the casualties were as follows, “the entire investment banking industry, the biggest insurance company”,  the largest mortgage lender, the largest savings and loan, and, 2 of the largest commercial banks” and 2 government institutions (para, 1). Read more about the Great Recession.

References

Bianco, K. (2008). The Subprime Lending Crises: Causes and Effects of the Mortgage Meltdown. Retrieved from http://business.cch.com/images/banner/subprime.pdf

Gilbert, J. (2011). Moral Duties in Business and Their Societal Impacts: The Case of the Subprime Lending Mess. Business & Society Review (00453609), 116(1), 87-107. doi:10.1111/j.1467-8594.2011.00378.x

Havermann, J. (n.d). The Crises Unfolds. Retrieved from http://www.britannica.com/topic/Financial-Crisis-of-2008-The-1484264

Piera, F. (2008). Financial Institutions’ Responsibility in the Subprime Mortgage Crisis. Retrieved from http://www.ethicalquote.com/docs/SubprimeMortgageCrisis.pdf

White, L. (2009). Housing Finance and the 2008 Financial Crises. Retrieved from http://www.downsizinggovernment.org/hud/housing-finance-2008-financial-crisis

Advertisements

Embedded Objects

Standard

When an officer deployed in Iraq in 2010, uploaded some video and images showing loading valuable shipments, to different social networking sites little did he realize what he had done.  Geotagging was informing potential viewers where he was. Geotagging is a process that adds various geographical identification information into the data. It’s equal to adding a ten digit grid coordinate into the Internet every time an image or video as added in the social networking sites. According to the US military, if they know about the information then consequently the enemy knows about it as well. Moreover, one can see this information with browser plug-ins or other types of software. Information such as the longitude and latitude from where the photograph was taken is embedded directly inside the image.

One other harmful action to take is to do Check-in. This allows users to inform other social network users the business that the user has just invoked Check-in. Facebook’s “Places” and Foursquare are a couple of social networks to do this. Some social networking applications will allow anyone to track users’ movements every day; watching someone long enough, one knows exactly when and where to find that person on any given day (Cambell, 2011).

How can one safeguard against the implications of Geotagging?  There are occasions when omitting this feature is important. Never use this feature when at home, schools, hotel rooms and images containing children. One can disable this feature very easily, unfortunately is enabled by default.

TwicPic is an independent service that is integrated with Twitter, a microblogging social too. TwicPic allows users to share photos and in addition information as well. A disadvantage with using TwicPic is that the photos shared more and the images themselves but also PII (Personal Identifiable Information) too. They use a header called EXIF (Exchangeable Image File Format). PII can be used to trace users’ name, SSN, biometric data along with other information. One can use software called Picasa to analyze the data that is embedded inside these images. In one test, a script was created to extract the location and the name of the user that poste the image to Twitter (Flinn, n.d.). A url can be used to illustrate how easy it is to extract information from images [ http://pleaserobme.com ].  When posting information on Twitter, the information becomes public and allows someone to determine if that user is or is not at home.

It’s clear from this assignment that users need to be more cognizant of their PII and privacy and how they can prevent this information from being inadvertently published to the Internet. I think it would be helpful if these settings, that allow PII to be embedded in social networking services, are disabled by default.

References

Flinn, M.  (n.d.). Raising Awareness: An Examination of Embedded GPS Data in Images Posted to Twitter. Retrieved from http://iacis.org/iis/2010/432-438_LV2010_1370.pdf

Fumera, G.  (2006). Spam Filtering Based on Analysis of Text in Images. Retrieved from http://jmlr.csail.mit.edu/papers/volume7/fumera06a/fumera06a.pdf

Cambell, M.  (2011).Mapping Your Life: Embedded Data in Images. Retrieved from http://www.army.mil/article/51268/

Herrick, J.  (2012). How to Avoid the Risk of Geotagging. Retrieved from http://www.wikihow.com/Avoid-the-Potential-Risks-of-Geotagging

Hoffman, C.  (2012). Security Software That Could Protect From Sharing Hidden Data. Retrieved from http://www.techyv.com/questions/security-software-could-protect-sharing-hidden-data

Murphy, K.  (2010). Web Photos That Reveal Secrets. Retrieved from http://www.nytimes.com/2010/08/12/technology/personaltech/12basics.html?_r=0

Solove, D. (2008). Understanding Privacy. Boston, MA: Harvard University Press.

Various Topics

Standard

 (1) Is there any relationship between the information your guru communicates and the management of information systems?

There is most definitely a correlation between Tom Peter’s concepts of management coupled with MIS. What is MIS? Management Information Systems (MIS) is the analysis of people, technology, organizations and the interactions (Mays Business School, n.d.). A large part of MIS focuses on data analysis, teamwork, leadership, project management and customer service. So what does Tom Peters, a management guru, have to do with MIS?

Tom Peters is known for his management acumen. His books, seminars and speeches are geared towards finding ways companies can be successful. Companies can apply his lessons to all types of businesses and departments therein. For example, one of his quotes is “Excellent companies has bias for an action, they were doers” and “They understood their clients’ needs” (Gehlot, 2006). It seems reasonable to me that an IT department focusing on MIS can most definitely adhere to Tom Peter’s lessons. As a matter of fact O’Brian states that today’s IS professionals must be highly skilled in communications, dealing with people and, most of all, articulate in the fundamentals of business (O’Brian, 2007).

So the essential message that runs through “In Search of Excellence” and most of his books is people, customers and action. The MIS departments work with people or at least most do unless there are programmers working in complete isolation. So the stakeholders will ask themselves how can we help the customer, regardless if the customer is in-house, they are still customers. The workplace is for the most part where we live, there has to be good sense and engagement. The conclusion is that considering there is a strong correlation between people, organizations & management and MIS hence follow the rule of addition then there is a correlation and relationship between Tom Peters and MIS.

(2) Making the Internet reliable would require significant amounts of capital investment. Maybe the government should just step in and finance it. Discuss

Currently the Internet is maintained by a conglomerate of organizations across the globe and the core functions are maintained by IANA (Internet Assigned Numbers Authority). The ISOC (Internet Society) plays a part as well. The ISOC is a non-governmental international organization for global cooperation and coordination for the Internet and its internetworking technologies and applications. The members are bound to the viability and scale of the Internet. The have a common stake in this effort (Business Directory, n.d.).

I have to make a full disclosure about my political standing before I proceed. I’m an undeclared voter but I lean towards the beliefs of the Republican Party. Therefore I believe in less government in other words I prefer less intervention. Besides, I’m not so sure that the Internet is in such shape that any one government has to intercede. As far as I can tell it seems to be working satisfactorily. Why would anyone want the US Government to take this responsibility and cost of this task? Considering the US has a debt of over 16 trillion dollars, this is a cost that we can’t incur.

Even if the US Government has ample funds to maintain the Internet, I wouldn’t want this to come to fruition. There could be dire consequences if the Internet were under the auspices of any government. Included in a new executive order, this is a possibility “The president of the United States will be able to essentially flip switch and turn off the Internet during times of a national crisis or emergency, as defined by the president. I don’t know what limits there are on it, but it’s cybersecurity, and the president’s going to have that power” (Liaugminas, 2012). At a recent Homeland Security meeting, Janet Napolitano, Secretary of Homeland Security, the executive order is still being drafted …and close to completion (Liaugminas, 2012). I am absolutely opposed to this.

There was recently a debate to have the UN regulate the Internet. While the ITU (International Telecommunications Union) the UN Internet regulatory agency does not have the authority to impose controls over the Internet, a regulated Internet could disrupt the global free flow of information and commerce as well as development of such cross border technologies as cloud computing. So common sense would dictate that if a government or US government would maintain the Internet it no doubt would be regulated by that entity and that would diminish the freedom that all users of the Internet presently have.

(3) Gather Information Concerning SaaS or In-House solution to deploy SCM.

Before I answer this question I need to define SCM (Supply Chain Management). What is SCM? SCM includes all the activities that must be undertaken to assure that the right product gets into the right hands of the right customers in the correct quantity at the right time. It focuses on things such as planning and forecasting, purchasing, product assembly, moving, storage, distribution, sales and customer service.

AutoZoom Inc. is the company that asked for research into a SCM solution. The company manufactures various parts that are used to assemble certain makes of vehicles. So the following questions will be addressed.

  1. What is the need for SCM – Do we need it? Can it improve our current implementation? The company needs to look at priorities and gaps and determine the needs. 2. What are the goals of SCM? What is the company trying to accomplish? 3. Are the suppliers on board? 4. What are the key SCM characteristics that the company is looking for? 5. What is the company’s budget?

The departments or officer that I would ask these questions are: CEO, CIO, Controller, Operations Manager, Plant Manager and IT Manager. This is a company investment that should not be taken lightly. Regardless of whether or not the solution would be in-house or a SasS solution the CEO would have the most input concerning technical details.

 (4) Discuss- Facebook has decided to publish its server specifications in an open source software fashion allowing developers all over the world to contribute to finding systems that are less expensive to run. This move is in dire contrast to Google’s practice.

Facebook has taken its commitment openness to a new level. It is now sharing its infrastructure details similar to how it shared its software code. This effort will bring web scale computing to the community and is godsend for AMD and Intel and the x86 designs (Higganbotham, 2011). Facebook has released its server design that is very efficient while directing the resources where it’s most needed. Facebook actually custom designed it all, the datacenter itself and the management tools that go with it. In other words Google did the same thing except that Facebook didn’t keep any of their infrastructure designs a secret.

This is antithetical to Google’s approach. It keeps its infrastructure design and details in clandestine. Much of both designs have common elements. They are stripped down boxes that have hot swappable drives and not hot standby power supplies enabling easy repairs and upgrades. Facebook decided to add more to the infrastructure. It added fewer newer and larger fans which are more efficient. There are many more details but they will not be listed because they are not germane to this report. Besides Facebook unleashing its hardware details it shared its data center designs to help other startups working trying to create an efficient infrastructure mimicking Facebook’s design for efficiency. As a matter of fact Facebook gave these designs over to the (OCP) Open Source Foundation – http://www.opencompute.org/. “The reason that anyone can benefit is that you don’t have to build a new data center to achieve some of the cost savings: You can pick and choose which OCP specifications to adopt. That means that even if you are using colocation facilities you could put in OCP servers and power supplies and make significant power and cost saving” (Rubens, 2012).  And to take advantage of the OCP designs there are OCP solution providers such as Avnet, ZT Systems and Hyve Solutions. Incidentally Yahoo did the same and made its data center plans available.

One would consider Google as an ad-supported software company. But Google is really a maker of capital-intensive, custom, warehouse scale hardware company. It has to keep as many users connected to their datacenter as possible by serving ads to them. Hence they need to hire many software programmers who can create Internet scaled applications. Facebook is now in the same predicament. It has to build and run these large scale computers as efficiently as possible. But Facebook has fewer resources than Google, hence the Open Source. If Facebook’s solution becomes common use, Google will most definitely have to follow Facebook’s design. In this scenario Facebook doesn’t have to win but rather shrink Google’s advantage. Facebook will eventually win because it will have the competitive advantage.

The question is why is Facebook doing this? Why is any company that is involved with open source doing it? It’s a way of giving back and I agree with the philosophy. As a matter of fact I wasn’t aware of this. I have a different perspective about Facebook now. Call me naïve but I think it sends a message to the user community. Facebook’s corporate culture has social value. It’s also a way for vendors to incorporate Facebook’s design to allow vendors with more scale to purchase cheaper systems. So it’s no all philanthropic.

References

Business Directory. (n.d.). ISOC. Retrieved from

http://www.businessdictionary.com/definition/internet-society-ISOC.html

Gehlot, R. (2006) Tom Peter’s The Living Guru of Gurus. Retrieved from

http://www.citehr.com/14190-tom-peters-good-article.html

Easton, N. (2012). Where’s the outcry on the U.N. push to regulate the Internet? Retrieved by

http://tech.fortune.cnn.com/2012/05/30/united-nations-internet-regulation/

Higganbotham, S. (2011). Facebook Open Sources its Servers and Data Centers. Retrieved from

http://gigaom.com/2011/04/07/facebook-open-sources-its-servers-and-data-centers/

IANA. (n.d.). IANA. Retrieved from http://www.iana.org/

Liaugminas, S. (2012). Obamas Internet Kill Switch. Retrieved from

http://www.mercatornet.com/sheila_liaugminas/view/11281

Mays Business School. (n.d). What is Management Information Systems. Retrieved from

http://mays.tamu.edu/info/what-is-mis/

Nexmatrix. (n.d.). Virtual CRM/SCM for Small to Enterprise Business. Retrieved from

http://nexmatrix.com/virtual-atlantis-crm-scm

O’Brian, J. (2007). Management Information Systems. Columbus, OH: McGraw-Hill

Rubens, P. (2012). How to Use Facebook’s Open Sourced Data Center Design to Cut Costs.

Retrieved from             http://www.cio.com/article/720511/How_to_Use_Facebook_s_Open_Sourced_Data_Cen            ter_Design_to_Cut_Costs

Schneider, D. (2011). Under the Hood at Google and Facebook. Retrieved from           http://spectrum.ieee.org/telecom/internet/under-the-hood-at-google-and-facebook/0

Stokes, J. .(2011). Why Facebook open-sourced its datacenters. Retrieved from

http://arstechnica.com/business/2011/04/why-facebook-open-sourced-its-datacenters/

Wood, L. (2010). Global SaaS-based SCM. Retrieved from http://www.fiercecio.com/press-        releases/research-and-markets-global-saas-based-scm-market-2009-2013-report-    uncovers-challenge

 

Effective Leader – Rudolf Giuliani

Standard

Rudolf Giuliani started holding daily morning meetings with his staff at the start of gubernatorial tenure. Each team member gave their respective inputs for each project and his staff was encouraged to assure that there were accomplishments achieved everyday. He recognized that he could not be an expert in the city’s endeavors but his passion for learning made him knowledgeable about said topics. His decision making progress was quick and deliberate but wanted to hear all sides of the argument prior to making the final decision. Giuliani made it a point to emphasize that the ‘I’m responsible’ making it a point that he was responsible for activities. He also made use of statistical analysis during his daily routine. He had a computer generate spreadsheets of key performance indicators. At the start of each project he would always ask “What is the purpose, mission and goal”? All the projects had to be aligned with this statement. He would chart and track projects with this in mind.

His leadership principles are strongly aligned with his beliefs and values. His values are religion, democracy, freedom and capitalism. He frowns on gut feelings of prejudice preventing from him getting in his way. One of his greatest skills was to surround himself with pundits in topics that he lacks knowledge. He avoided ‘Yes Men’ and created family by surrounding himself with two or three directs with complimentary skill sets. He was and also made his staff goal orientated and relied heavily on loading responsibility on to each of his staff. He also fostered team spirit in so much to assure that each direct can achieve their own goals but made sure that they contributed to each others goals as well. This approach assured incredible devotion by his staff. He was criticized for reacting slowing in dismissals as a result of a scandal but this backing gave confidence to his staff that he gave more importance in them than rumors and press.

Analyze, Assess and Deal with Issues

What is Giuliani’s leadership style? LMX and Path-Goal theories were used by Giuliani to manage and lead his team. It’s clear from references that this method was used extensively by him “In group members are willing to do more than is required in their job description and look for ways to advance the group’s goals” (Northouse, 154). The LMX theory also strives to build trust and respect for all and with all subordinates. Communications is a very strong component of LMX “The high quality of exchanges advocated in LMX are inextricably bound to effective communication” (Northouse, 155). His use of daily meetings, charts and goals is evident in this exchange and is a testament to his powerful leadership style making use of the LMX Theory. He also made Path-Goal a vital part of strengthening his team “With a strong belief in the necessity of keeping the environment stimulating Giuliani would set his team stretching goals and set them off on pioneering adventures” (Rudolph Giuliani’s Definition of Leadership, 2007).

911 Leadership

If there is one leader that stands out above the rest, it is Giuliani. After the United States was attacked the FDNY and NYPD and others acted heroically. Leaders can take a lesson from his leadership during this time of angst and strife. So do I answer this question? How does Giuliani deal with issues? It would be difficult find a more poignant time frame. There are a number of tenants that he strived to abide by: be visible, be composed, be vocal and be resilient.

Like George W Bush, people rallied around Giuliani after 911. He didn’t retreat but faced this head on. We can remember when Bush’s absence for a few days after Katrina hurt his ratings, but they both became pillars of the community be being visible and determined. By being strong, he eliminated the feelings of confusion and led us all to move forward with pride. Composure- “Be sure to show your team that you are calm and in control, even though you may not exactly feel that way at the time. Your calm demeanor will go a long way toward helping your team think clearly and react appropriately during the crisis” (9/11 Leadership Lessons, 2011). Vocal- Being vocal at times of duress calms folks and compounds the effectiveness of communications. Resilience- Did the United States return to its original state of being after 911. Not totally but there is no doubt that Giuliani played a large part in fostering its resilience. We gained hope and the ability to move forward. His fortitude and leadership gave us all hope and encouragement that we, as a Country, will be stronger and better.

Is it possible that Giuliani can be considered a Transformation Leader? In this circumstance I would have to say yes. Did he change most of the population after the attack? I can say from personal experience that I was changed and this arose from being familiar with his values and his high morality. I felt that he was speaking to us all and not just to New Yorkers. I can say without a doubt that he is a Transformational Leader.

References

Northouse, Peter. Leadership Sage2010. Print

The First MBA President (2007) Retrieved July 24th 2011 from

http://gunston.gmu.edu/pfiffner/index_files/Page1236.htm

Rudolph Giuliani’s Definition of Leadership (2007) Retrieved Aug. 20th from

http://www.winston-churchill-leadership.com/giuliani-definition.html

9/11 Leadership Lessons (2011) Retrieved Aug. 20th from

http://www.teamcaptainsnetwork.com/public/230.cfm

Should Privacy be a Right?

Standard

How would an individual right be defined? What would encompass this right? Currently the U.S. Constitution does not have an express right to privacy. There are laws that protect rights of belief as in the 1st Amendment. There is a right to privacy of the home against demands in the 3rd Amendment. There is also a privacy of possession of persons against unreasonable search as stated in the 4th Amendment. There is also the 5th Amendment that provides the right not to self-incriminate. The 9th Amendment is very difficult to interpret. It’s supposed to protect implicit rights but not explicitly described in the constitution. The implicit rights are described in Griswald vs. Connecticut (1965).  It also has in it the right to travel and the right to the presumption of innocence.

For privacy to be declared a right, it has to be defined. There is so much ambiguity surrounding privacy as it relates to current laws such as HIPAA, COPA and Electronic Communications Privacy Act of 1986.  California also passed the SB 1386 law in 2002 which requires all institutions and organizations that collect personal data to protect it from identity theft. The Gramm-Leach-Bliley Act in which this law actually gives ine the freedom to choose what businesses can access personal information and finally the Fair Credit Reporting Act.

If privacy was easily defined and understand by pundits and scholars alike then we would’ve had an Individual Right of Privacy as declared in the U.S. Constitution already. There are a number of laws, regulations and proposals surrounding privacy and the protection thereof that it’s clear that privacy will not be defined as a right anytime soon or for that matter in the future.

Moreover, as stated in the Constitution, individual rights can only be delegated by the States and not by the Federal Government. Over the years the Justices of the Supreme Court have had very little agreement concerning the right of privacy. As a result of this ambiguity, the as stated in the above paragraph this will remain uncertain (Shaman, n.d.).

This debate will continue and whatever theory is used as a means of debate, the right of privacy has to be connected to a constitutional condition. Some states have said that the right of individual privacy is centered on liberty as a result of due process. In fact the terms liberty and privacy have been interchanged many times within courts. In conclusion, it seems unrealistic that privacy will ever be an individual right.

Cline, A. (2001). Why Protecting Privacy is Difficult. Retrieved from

McBride, A. (2006). Griswold vs. Connecticut.  Retrieved from             http://www.pbs.org/wnet/supremecourt/rights/landmark_griswold.html

Banisar, D. (n.d.). Privacy and Human Rights. Retrieved from         http://gilc.org/privacy/survey/intro.html

Shaman, J. (n.d.). The Right of Privacy in State Constitutional Law. Retrieved from             http://org.law.rutgers.edu/publications/lawjournal/issues/37_4/Shaman.pdf

Solove, D. (2008). Understanding Privacy. Boston, MA: Harvard University Press.

What’s Next FTC’s Proposed Privacy Framework?

Standard

First, a review of the Framework should be addressed. What is the Privacy Framework? The scope of the framework is to be applied to all commercial enterprises that collect data whether or not they interact with consumers or not. In addition it is also applied to data that can be associated with consumers, computers or other devices. The reason of the framework is because most consumers are unaware of the way their collected data is being used and how it’s used (Santalesa, R., 2010).

There was some speculation that the framework was to be tied to Department of Health and Human Services HIPAA. This is one of the scopes of the framework, called the Universal Scope. The other scope is called the Privacy by Design and these protections are: reasonable safeguards, limited data collection, reasonable retention and accuracy of data collected.

Now we can address the question. What’s next? Although the commission has not completely endorsed the DNT (do-not-tract) many major web browser owners have come on board and have announced their support. Microsoft’s IE ver. 9 has Tracking Protection features installed. There has been an agreement with some companies, i.e. Facebook, Google and Microsoft and IBM. They have agreed to support Privacy-by-Design and Do-Not-Track but only if the requirements are flexible and reasonably achievable. There has also been an upsurge in the States’ action for use of data security and protection. Along with the States’ potential for data protection and the other aforementioned actions and discussions, this passing of this regulation looks promising.

Kerry Releases Draft of “Privacy Bill of Rights”

This proposed act by Senator John Kerry (D- MA) and co-sponsored by Senator John McCain (R-AZ) is meant to enhance the privacy protections of individuals. The act is also meant to enhance commerce hopefully infusing consumer confidence. The salient points of the act will be address in the following paragraphs.

The act defines covered entities who are persons that collect data for at least 5,000 persons for a period of 12 months in addition to telecommunication carries and non-profit companies. Some of the information covered in this act is first name, last name, residential address etc. Not all PII (personal identifiable information) and UII (unique identifier information) data will be listed here. It’s also important to note that UII includes persistent information such as a customer number held in a cookie, user id, processor serial number or device serial number.

Only the most relevant information can be collected as to improve the services for covered entities. They are also required to assure the information that they collect is accurate. They are also required to notify all users of the act of collection, use of data and any changes to the data that has been collected. Covered entities are also required to make all users’ information accessible and upon request the entity has to relinquish all use of said data. All third parties are prohibited from access to the data unless there was consent by the consumer. Unauthorized use is another salient point that stipulates that any use by covered entities of data that is not meant to be used to process transactions, prevent a crime and improvement of service. There are others but only a few are mentioned. Finally, the state attorneys general are allowed to enforce this act including monetary penalties of up to $16,500.00 can be realized (Kerry Releases Draft of Privacy Bill of Rights, 2012).

References

Kerry Releases Draft of Privacy Bill of Rights (2012). Retrieved             from  http://www.infolawgroup.com/2011/03/articles/data-privacy-law-or-     regulation/kerry-releases-draft-of-privacy-bill-of-rights/

Santalesa, R. (2011). Retrieved from http://www.infolawgroup.com/2011/03/articles/data-     privacy-law-or-regulation/whats-next-for-the-ftcs-proposed-privacy-framework/

Santalesa, R. (2010). Retrieved from http://www.infolawgroup.com/2010/12/articles/privacy-       law/review-of-ftcs-proposed-privacy-framework-part-1/

InfoLawGroup LLP. (2012). Kerry Releases Draft of Privacy Bill of Rights. Retrieved from  http://www.infolawgroup.com/2011/03/articles/data-privacy-law-or-regulation/kerry-releases-draft-of-privacy-bill-of-rights/

Santalesa, R. (2011). What’s next for the FTC’s proposed privacy framework? Retrieved from http://www.infolawgroup.com/2011/03/articles/data-privacy-law-or-regulation/whats-next-for-the-ftcs-proposed-privacy-framework/

Santalesa, R. (2010). Review of the FTC’s proposed privacy framework – Part 1. Retrieved from http://www.infolawgroup.com/2010/12/articles/privacy-law/review-of-ftcs-proposed-privacy-framework-part-1/

Cloud Computing

Standard

1.      Brief Description

The shift from traditional software models to the Internet has gained momentum over the last 10 years. Cloud computing provides new ways to collaborate and work, even via mobile devices.  Traditional software is very expensive to deploy, configure and install and a team hardware and software experts is needed. With cloud computing, you eliminate headaches of managing hardware and software because you’re managing it yourself.  You only pay for what you need and use, upgrades are automatic and scaling becomes easy. Cloud based applications can be up and running in days or weeks and costs much less.  A wide range of business functions can be performed from many different kinds of applications, i.e. CRM (Customer Relations Management), HR, and accounting.

With cloud computing, there’s a major workload shift.  Local companies are no longer required do all the heavy lifting running applications. The network of computers that comprise the cloud does it instead. Hardware and software requirements and demands from the users’ side are diminished.  The only software that is required is the software that runs the cloud’s interface software, which can be a browser. When speaking of cloud computing, it is divided into two sections – front end and back end. They are connected via the Internet or network and the front end is the user side and the backend is the cloud section.

Cloud computing is more than a service sitting in some remote data center.  It’s a set of approaches that can help organizations quickly, effectively add and subtract resources in almost real time. Cloud Computing is offered in different forms: Public Clouds, Private Clouds and Hybrid Clouds (combination Private and Public). Public cloud applications, storage and other resources are made available to the general public by a service provider. These services are free or offered on a pay-per-use model. Generally, public cloud service providers like Microsoft and Google own and operate the infrastructure and offer access only via Internet. Private cloud is cloud infrastructure operated solely for a single organization, whether managed internally or by a third-party and hosted internally or externally. Hybrid Cloud is a combination of two or more clouds (private, community or public) that remain unique entities but are bound together, offering the benefits of multiple deployment models (Cloud Computing, 2012).

There are three types of cloud computing: IaaS (Infrastructure as a Service), PaaS (Platform as a Service) and SaaS (Software as a Service):

IaaS– In its most basic form of a service model offers computers or virtual machines, raw block storage, firewalls, load balancers and a network

PaaS –In this model, cloud providers offer a computing platform, typically an operating system, programming languages, databases and web servers.

SaaS –In this model, service providers offer application software in the cloud and users access this software from cloud clients.

2.      Related Standards

There is much hype around cloud computing that has led to a plethora of open source activities and standards. This is leading to a realization that there isn’t enough. There is a lack of customer driven prioritization and focus centering on cloud standards. Cloud Standards Customer Council is comprised of IBM, Kaavo, CA Technologies, Rackspace and Software AG.  Some standards and organizations are listed here:

Distributed Management Task Force (DMTF)-

Open Virtualization Format (OVF): This specification describes an open source, secure, portable, efficient and extensible format for packaging and distributing software for the purposes of running virtual machines.

Open Source Standards Incubator

Cloud Management Working Group (CmWG)-

Cloud Auditing Data Federation Working Group (CADF)-

National Institute of Standards and Technology (NIST)-

“NIST is posting its working definition of cloud computing that serves as a foundation for its upcoming publication on the topic (available above). Computer scientists at NIST developed this definition in collaboration with industry and government. It was developed as the foundation for a NIST special publication that will cover cloud architectures, security, and deployment strategies for the federal government” (Welcome to the Cloud Standards WIKI , 2012).

These are only some of the numerous standards and working group that define Cloud Computing.

3.       Products/Services

Cloud computing is considered a service and can be broken down into four categories; IaaS; PaaS; SaaS; and Cloud Administration:

Infrastructure as a Service (IaaS) – service infrastructures normally include servers, storage, network access, backup services, configuration management and dynamic scaling. Below are two examples of IaaS services:

  • Force – It is a platform infrastructure that is designed for rapid application development.  It uses Apex Code, the development language that let you build applications and features on demand.
  • Windows Azure – It is a platform infrastructure that allows you to develop and host applications in a cloud environment. The platform is built to support applications at the enterprise level.

Platform as a Service (PaaS) is software architecture for managing the cloud with dynamic scaling and necessary resource allocation to support and run applications.  Below are two examples of PaaS services:

  • LongJump – Provides a platform for developing and deploying business applications for managing data, streamling collaborative processes and provide actionable analysisThe platform can be installed in the datacenter, private cloud or on the LongJump cloud.
  • Joyent Smart Platform – This is an open source development platform for web applications that provides cloud administrative services.  Code is uploaded by the developers and the Smart platform sets up the infrastructure needed for the website.

Software as a Service (SaaS) – This category contains development environments that use a cloud platform to build, manage and deliver.  They run on both private clouds and public clouds.  Below are two examples of SaaS services:

  • Amazon Elastic Compute Cloud (EC2) – This service is provided directly to customers that are using Amazon Web Services.  It is a virtual computing environment that allows you to run custom applications or images of your pre-existing applications.
  • LotusLive – Is a suite of software applications that IBM offers for collaboration and communication that can run on the LotusLive cloud.  LotusLive Notes service is a hybrid service that supports both on premise and cloud deployment with directory synchronization between the two.

Cloud Administration – This grouping provides applications for management and administrative services for controlling a cloud installation including security management and data migration.  Below are two examples of administration services:

  • VPN-Cube – This is a management tool for addressing and security of the cloud platform and for controlling topology.  It uses an open source virtual private network application to create an encrypted network within a single cloud or across multiple clouds.
  • rPath – Is a release automation platform that allows you to automate the creation, provisioning, and maintenance of software systems across different networks. The networks can be physical, virtual or cloud-based environments.  It allows you to instantly deploy or move between any public or private cloud environments.

One Cloud product that law enforcement is using in the Baltimore area is Xora’s Field Force Manager.  The Baltimore dispatchers can now easily identify where all their offices are located using the Field Force Manager.  The Field Force Manager keeps track of all officers through GPS tracking on department issued BlackBerry smart phones.  Now, dispatch can send the closest officers to an incident thereby reducing the response time.  When dealing with a crowd control situation whether it goes good or bad, the police department can use the software to see location of the officers during the event and make the appropriate changes for next time.

4.        Players

Below are the top ten players of cloud computing for 2012:

VMWare – In the coming year, VMware will become a serious player in the cloud computing with a rollout the vCloud Director 1.5.  It provides management and automation for private cloud computing.  VMWare is trying to position themselves as the middleman or go to guy for enterprise private and public clouds.

Microsoft – With their hosting of private cloud productivity suite, Office 365, according to Microsoft over 100,000 businesses are using this technology to a certain degree.  This year they rolled out of System Center 2012 and Windows Server 8, both of which support private cloud computing.

BlueLock – This company has a solid reputation for reliability.  They connect customers VMWare data centers with their private cloud, allowing small to medium companies to use private cloud computing.  This year they hope to focus on multiple virtual data center integration including data recovery and global cloud.

 Citrix – Recently Citrix Systems Inc. has purchased several cloud computing infrastructure and service companies to add to their current portfolio of cloud support. Their current products for cloud virtualization and collaboration include XenServer, XenDesktop, CloudGateway and GoToMeeting.

Joyent Inc. – This company was chosen by Dell to power Dell’s cloud computing. This public cloud provider also provides services for several online gaming platforms and hosts LinkedIn, the popular professional social network.

Verizon/Terremark – Launched an Enterprise Cloud Private Edition, a single-tenant environment providing the level of security required by large enterprises and government agencies.  They also have a good understanding about the value of accessibility and integration.

Salesforce.com – This company is involved with the hot items of cloud computing; social media, mobile computing and real-time computing.  They have recently acquired Heroku, with their popular Ruby platform service. There are currently over 105,000 applications available at the service.

CenturyLink/Savvis – CenturyLink acquisition of Savvis shows how serious CenturyLink is about cloud computing.   CenturyLink has the hosting, networking and other infrastructure assets.  And Savvis has a collection of cloud products, colocation and managed hosting cloud services.

Rackspace Inc. – This company is the co-creator of the open source cloud operating system, OpenStack, now in its fifth release.  The company made 1.3 billion dollars in fiscal year 2011.  They employ over 4000 employees, they have over 170,000 customers and own over 233,000 square feet of data centers worldwide and house over 80,000 servers.

Amazon Web Services (AWS) – Is the top company for the third year in a row.  Recently they have been rolling out new services design for enterprise IT, a hard market to break into for a public cloud provider.  Amazon leads the pack by cutting prices 19 times in the last six years.

5.      Future Outlook

The future of cloud computing is looking bright. According to a Pew survey of  IT experts and stakeholders, by 2020 they expect most software applications will be accessed online and  users will perform most computing and communicating activities through connections to servers operated by outside firms in the cloud.  However, large companies are less likely to put most of their work in a public cloud because of control and security issues but are moving towards private and hybrid solutions.   Rather than a thing, the cloud is now being seen by businesses as a concept or idea of tapping into a utility IT model so that a company can focus on what it makes and sells, rather than investing time and energy building its own IT environment.

6.      Summary

The cloud has come a long way since it started as a cartoon cloud in a network diagram representing undefined or unknown portions of the network.   Although the concept is still relatively new to some, businesses looking to gain a competitive edge and save money are looking into it to reduce their infrastructure and the complexity of their IT environment.  Instead of purchasing software and servers, they are purchasing IaaS, PaaS, and SaaS services and shifting to a utility model where the service is metered like electricity with on-demand capacity that can be scaled up or down.  It’s more than hype; the cloud is a new business landscape and model that is here to stay.

   References

Converged Cloud Solutions (2012) Retrieved from http://www8.hp.com/us/en/business-      solutions/solution.html?compURI=1079449

 How Cloud Computing Works (2012) Retrieved from     http://computer.howstuffworks.com/cloud-computing/cloud-computing.htm

 

What is Cloud Computing (2010) Retrieved from            http://www.pcmag.com/article2/0,2817,2372163,00.asp

 Welcome to the Cloud Standards WIKI (2012) Retrieved from http://cloud-       standards.org/wiki/index.php?title=Main_Page

 Cloud Computing (2012) Retrieved from http://en.wikipedia.org/wiki/Cloud_computing

Top 10 cloud computing providers of 2012 (2012) Retrieved from

http://searchcloudcomputing.techtarget.com/photostory/2240149038/Top-10-cloud-           providers-of-2012/1/Introduction#contentCompress

Directory of cloud computing products and services (2010) Retrieved from       http://cloudynews.com/directory/

 Cloud Computing for Law Enforcement (2011)  Retrieved from http://cloudcomputing.sys-      con.com/node/1810027

The Future of Cloud Computing (2010) Retrieved from http://pewresearch.org/pubs/1623/future-cloud-computing-technology-experts