Tag: cloud

One Platform. Full Stack. In Context

JDS has a proud history of working with industry-leading tools and ensuring they provide value for your business. We are excited to share that one of our major partners, Cisco, has announced their much-anticipated Full-Stack Observability (FSO) Platform at CiscoLive Las Vegas this month. We have been looking forward to the launch of the FSO platform which will help us unlock much greater value in Observability data. This will benefit our clients by allowing them to bring in a wider variety of data across the app and infrastructure stack, enriched with business context and activity data so you can ensure your tech is optimised for maximum business performance.
https://www.cisco.com/c/en_ca/solutions/full-stack-observability.html?socialshare=lightbox-fso-video

Most of our clients are involved in some level of digital transformation – be it moving to cloud-native or SaaS stacks, simplifying customer experiences with digital apps, or streamlining business processes with smart tech. This has typically meant a lot more moving parts and every time something isn’t right, a new needle-in-the-haystack challenge is presented. Being able to observe a customer’s journey and experience, including all of the technical and business elements involved, pinpoint problems or identify high-value optimisations, is critical for operational success. 

Businesses need the ability to get fast answers to questions like “where is slowness occurring”, “how can we optimise resource usage” or “where can we improve conversion.” Cisco FSO Platform has a ubiquitous and context-rich data platform, with flexible query tools and packaged solutions, to ensure IT is working at its best.

An Overview of the Cisco FSO Platform

The Cisco FSO Platform was designed from the ground up to provide end-to-end visibility across complex, hybrid and multi-cloud environments. It delivers an extensible, entity-based data model that provides the flexibility to ingest any observability data with business context. By leveraging OpenTelemetry and harnessing the power of Metrics, Events, Logs, and Traces (MELT) to seamlessly collect and analyse data generated by any source, the FSO Platform is a versatile and comprehensive solution to capture observability data across an enterprise.

Right out of the gate there are features for application visibility, security insights, resource and cost optimisation, plus partner-led tools for financial visibility and capacity planning. 


Cloud Native Application Observability

One of the standout features of the Cisco FSO Platform is its Cloud Native Application Observability capability. This feature provides deep visibility into cloud-native environments, allowing organisations to monitor and troubleshoot their applications with ease. By providing insights into digital experiences, ensuring performance alignment with end-user expectations, prioritising actions, and reducing risks, businesses can gain valuable insights into the performance and behaviour of their applications. This allows customers the ability to identify and resolve issues before they impact users.

The Verdict

The Cisco FSO Platform is an innovative solution that offers an impressive suite of features that enable businesses to enhance digital experiences, mitigate risks, and drive operational efficiency.  

The Platform represents a significant milestone in Cisco’s FSO strategy, and shows their commitment to providing a comprehensive observability solution for clients. While other observability platforms can ingest data at scale, they face challenges in understanding and building a view of services.  Cisco’s approach was to build a solution that utilises an entity model at its core, which can be tailored to overcome these limitations. This is crucial with the complexity of modern applications spanning cloud, on-premise, microservices, SaaS, and serverless technologies, yet still needing to understand your customers’ digital journey and experience as they interact with your business. 

We will be keeping a keen eye on developments and look forward to sharing our experiences as we work with our customers to rationalise their observability strategies, harnessing the unique capabilities of the FSO Platform.

Benefits of migrating to Atlassian Cloud now

There has never been a better time to execute a migration to Atlassian Cloud. 

Recent announcements at Atlassian’s Team23 conference included new products (Jira Product Discovery, Beacon), new features (Atlassian Intelligence (AI), Slack/Teams integration, Digital agents), and impressive improvements (Data residency location choice, Portal customization, Workflow and toolchain templates), demonstrating the vast range of opportunities and useful features/products that Atlassian’s cloud platform offers to elevate your service solutions.

Atlassian’s tools continue to grow more effective, efficient, and powerful, leading to improvement in the methods and practices they support.  Dominant technologies like ChatGPT have proven how integrating new technologies into your business can help streamline activities and improve your day-to-day operations to keep your company competitive in the market space. Taking this into consideration, organisations should understand that adopting these tools at the outset is well worth the investment of time and resources to adapt & upgrade internal tooling, methodologies and policies.

Given that cloud migrations take 3-9 months on average, it is important to commence the move off your server instance into the cloud as soon as you can. In February 2024, Atlassian’s Server End Of Support (EOS) date will lapse and server customers won’t receive any future products, developments, or improvements to their site. Executing a migration now will ensure the business impact is kept minimal and change management has low complexity while guaranteeing you are able to continue utilising everything Atlassian has to offer. 

JDS recommends you carry out the migration before the gap between server and cloud becomes too vast. It will ensure your business receives upgrades and improvements that will keep it adapting to new market climates. Migrating now will also give you greater time to implement change management and adopt new and improved practices, ultimately adding value to your business operations. Migrating before the EOS date will also allow you to integrate the new system into your business while the look and feel of Atlassian Cloud products remain similar to their on-premises server offerings. This will mean that your staff and customers will easily adapt to the new environment without requiring extensive time and resource-consuming activities like upskilling and training.

Atlassian has shown that it has big plans around its product roadmap for the future. Adopting change now will minimise business impact while allowing you to keep your business at the forefront of advancement and technology.  It will also give you a headstart on establishing best practices and refining processes as Atlassian products continue to develop and evolve into the future.

Atlassian Cloud Migration: The Clock Is Ticking

End of Server Sales and Support

In late 2020, Atlassian announced their end-of-life roadmap for Server edition sales and support in a push towards migrating to Atlassian Cloud (see below). Three years on, we find ourselves hitting the third milestone of this plan, and no longer have the ability to purchase new apps for Atlassian Server. The final end-of-support date of February 2024 is now fast approaching.

Image by Atlassian: Atlassian Server end of life (sale/support) information

It has never been more important for users of Atlassian Server to start planning their move to Atlassian Cloud as these migrations can prove to be more complex and involved than originally anticipated.

JDS, a Gold Atlassian Solution Partner, has assisted a multitude of customers with their move to Atlassian Cloud, including migrations with large-scale data, multiple instances, alternative approaches (where the traditional JCMA tool was not viable), and extended products beyond Jira and Confluence (Such as Bitbucket and Zephr).

Why Cloud?

Some users may have reservations about making the move to a new platform, especially those who have not experienced what cloud has to offer, however there are a number of benefits to be acknowledged. Moving to cloud means that Atlassian takes on the hosting and management responsibilities, resulting in a reduction in overhead costs relating to Atlassian products. Atlassian Cloud also offers a wide range of new and extended functionalities built into its out-of-the-box solutions (see table below), and there is an expansive and valuable marketplace of add-ons.

What to do next…

With this imminent end-of-support date, and the knowledge that migrating to cloud may take upwards of 6 months, it is no surprise that Atlassian and Atlassian partners are recommending cloud migrations for all Atlassian on-premises products be carried out as soon as possible, especially while Atlassian is offering reduced costings and extended cloud trials.

Atlassian supplies you with the JCMA tooling which can be implemented by your internal IT team, however there are often pitfalls and complications that can arise during migration that can be difficult to navigate without in-depth knowledge.

In addition to this, given the current climate of data security, it is extremely important that all necessary steps are taken to minimise the risk of data loss and exposure of cyber vulnerabilities. Therefore, it’s highly recommended that an Atlassian Solutions partner is engaged in the migration project to ensure a seamless implementation and successful outcome.

If you haven’t yet moved to Atlassian Cloud, JDS is here to assist as a local Atlassian Gold Solutions Partner with invaluable depth of expertise and experience.

The Importance of Pen Testing Your Cloud Environment

As the uptake of cloud services increases, cybercriminals are more interested than ever in exploiting vulnerabilities to attack cloud services and it’s customers. If your organisation is using cloud services, it’s important to recognise the shared responsibility model where the Cloud Service Provider (CSP) and the client share certain responsibilities, including cybersecurity. The CSP, such as AWS, Google Cloud, or Microsoft Azure, is responsible for securing the underlying services, whereas the client is responsible for the security of any cloud services that are configured and deployed. Therefore, cloud-focused penetration testing can help your organisation to fulfil that responsibility. So what are the benefits of cloud penetration testing, and how does it differ from a standard pen test?

What exactly is cloud penetration testing?

Cloud penetration testing is a simulated attack where offensive security tests are performed to find exploitable security flaws in the cloud-native infrastructure before cybercriminals do. The primary goal of this form of testing is to assess an organisation’s cybersecurity posture within the cloud environment, prevent avoidable breaches in the system, and remain compliant with industry regulations. 

Effective cloud penetration testing involves more than just leveraging an automated scanner. It also employs human skills to examine those flaws, simulate an attack, and determine how the security vulnerabilities in your cloud network could result in actual data compromise. Cloud penetration testing will help organisations learn about the strengths and weaknesses of their cloud-based architecture, consequently safeguarding the company’s data and intellectual properties, finances, and reputation more effectively. 

What’s the difference between cloud penetration testing and traditional penetration testing? 

Although cloud penetration testing applies the principle of traditional on-premise penetration testing, there is a major difference in regard to the approach and environment of testing. This is due to the fact that services in the Cloud are configured and operate differently than in an on-premise infrastructure. Depending on the type of cloud service and the provider, different manual approaches and cloud penetration testing tools may be used. 

Furthermore, the cloud environment comes from a CSP. These providers have unique and specific guidelines when it comes to conducting a pen test on their cloud service, which you must follow. 

Common security vulnerabilities in the Cloud

Some of the most common vulnerabilities that cloud penetration testing can identify include:

  • Misconfigured accounts, access lists, and buckets: Misconfigurations of accounts, access lists, and data containers are the most common vulnerabilities that can lead to a compromise of cloud security. Overly-permissive accounts or containers will violate the principle of least privilege, and therefore potentially result in data disclosure.   
  • Weak authentication, credentials and identity management: Accounts with weak authentication mechanisms allow the attacker to gain a foothold into the cloud system much easier. This compromises all of the information that those accounts can access, and if the least privilege is not strictly implemented, a deeper compromise is inevitable.
  • Data breaches: Another frequent method to compromise the Cloud is harvesting publicly exposed credentials for cloud accounts. An effective cloud penetration test can assist in identifying sensitive information in publicly available repositories, discover the likely repercussions, and provide advice on how to strengthen that aspect of your security posture.
  • Insecure interface and APIs: The attacker often scrapes the cloud infrastructure to identify any weak links that could help them to gain a foothold in the system. An experienced cloud pen tester will explore and identify those insecure entries before the cybercriminals are able to exploit them. 

Why do you need regular cloud penetration testing? 

As cloud services continue to offer new technologies to encourage businesses to move their workload to the Cloud to achieve agility, time and cost efficiency, attackers are also adjusting to changes in the cloud landscape. Therefore, the security risks associated with cloud-based systems and services are evolving rapidly. This stresses the importance of why cloud pen testing should be conducted more frequently than standard on-premise penetration testing. A skilled penetration tester will provide you with useful guidance on how to fix any security flaws found during the test, allowing you to improve your cloud security moving ahead. 

Moving forward with a trusted cloud penetration testing partner

Almost every modern organisation is using cloud services, but the majority lack the tools, methodologies, or experts at hand to conduct a cloud pen test. Partnering with an experienced cloud security provider can bring your cloud platform closer to where it needs to be from a security standpoint.

JDS Security has the experience and expertise to defend your business in the Cloud, with deep and unmatched knowledge of AWS, Azure, and Google Cloud services to help reach your cloud and digital transformation goals securely.