The Virtualization Practice

Agile Cloud Development

Agile Cloud Development focuses the aspects of agile development that integrate with cloud computing SaaS and PaaS environments including DevOps, Scrum, XP, and Kanban. ...
Major areas of focus include the Agile Development process and the pitfalls many companies encounter trying to implement it, the DevOps process and the pitfalls associated with its implementation. the organizational aspects of successfully implementing Agile Development and DevOps and the new tools that should be used to support Agile Development and DevOps processes. Covered toolsets include Agile Project Management, Continuous Integration, and Automated Deployment.


The old way of delivering software was to bundle up the software and ship it, sell the software off the shelf, or allow customers to download and install it. In the “shipping model”, it was the buyer’s responsibility to install the software, manage the uptime, patch, monitor, and manage capacity. Sometimes the buyer would perform all of those tasks themselves, or sometimes they would hire a third party to handle it for them. In either case, the buyer of the software had total control over if and when the software was updated and at what time a planned outage would occur in order to perform the patches or upgrades.


What is the total cost of ownership, TCO, of the cloud? When we think of the cloud, we think of using applications in the cloud such as Salesforce,, and others. We may even consider using security as a service tool such as Zscaler and others. In some cases we also think of placing our own workloads in the cloud using Amazon and other tools. The real question that comes to mind is the TCO of the cloud? Not now, but long term.


At the recent Misti Big Data Security conference many forms of securing big data were discussed from encrypting the entire big data pool to just encrypting the critical bits of data within the pool. On several of the talks there was general discussion on securing Hadoop as well as access to the pool of data. These security measures include RBAC, encryption of data in motion between hadoop nodes as well as tokenization or encryption on ingest of data. What was missing was greater control of who can access specific data once that data was in the pool. How could role based access controls by datum be put into effect? Why would such advanced security be necessary?