22 Oct

Will Colocation Survive With The Rise Of The Cloud?


By Cameron Larson

Over the last 5 years there’s no denying that the demand for cloud services has been on the rise as more and more companies migrate their workloads and applications to various cloud hosting services online including pay as you go type models but, has the demand for cloud services hurt the colocation market?

The answer to this question depends on who you ask. Thanks to recent statistics from the Cloud Industry Forum we know that more than 70 percent of both private and public sector organizations are already using cloud services, and or plan on moving to the cloud at some point in the near future.

Changing Marketplace

Yes the colocation market is not like it once was but the reality is that the need for colocation isn’t going to disappear anytime soon because many companies will still be faced with the problem of needing more space to expand and they will be faced with the choice of running their own servers in house or moving them to a colocation facility.

Why Colocation?

A big selling point with colocation that will still help it to remain vital in the years to come is that it satisfies a companies need for space, power and of course performance requirements, and if a company doesn’t want to millions of dollars building a data center they will minimize their own infrastructure and hosting costs when they rent space in a colocation facility where they can maintain their very own servers, install new hardware or software and run updates while keeping their servers or network infrastructure running smoothly.

Another huge benefit for any company who chooses colocation is they will also keep their costs low because they will not only be sharing the cost of floor space but also the cost of power, connectivity and cooling as well with all other colo tenants in the same building.

Colocation works because it offers any company tight control of not only their costs but also their infrastructure as well since they can choose a variety of network or storage configurations and so much more.

Why Choose The Cloud?

Although many companies will still choose colocation the reality is that with colo a company still needs to have their own IT department plus they still need to invest in routers, network switches, servers and the other hardware that you would normally find a company using in any colocation environment.

Many industry insiders predict that due to the cost required to get started and maintain a colocation environment it may be uncommon for companies to choose colocation in 5 years because they will choose a solution like CISCO Cloud and have the infrastructure, products and solutions they need right at their own fingertips.

Another benefit of moving to the cloud is that cloud services are accessible from anywhere in the world that offers an internet connection and this enables any company to stay competitive in the global marketplace while having their data in a highly scalable, reliable and robust environment.

Get Started With Colo or Cloud Today

Have you been thinking about moving your servers to colocation or maybe you’ve been considering the cloud but don’t know which choice is the right one for your company?

Let Wavesmith thoroughly evaluate your technology needs so we can come up with the right solution for you.

Contac us today by calling (800) 792-5850 ext 500 or click here to connect with us online.

Share this
08 Oct

Three Things to Consider When Choosing a Data Center Colocation Provider


By Cameron Larson

One of the most important decisions your business will have to make as it grows is if you are you going to continue maintaining your servers in house or save time, reduce risk, and best of all stabilize your operating expenses by choosing a Data Center Colocation Provider for your company.

Before going out to search for a data center, recovery or colocation provider yourself here are three things you should consider before choosing a data center colocation provider.

#1 – Location

The first thing to consider when choosing a data center no matter where your business is located in the United States is location.

You want to have a data center that’s close to your company headquarters because this will enable your employees who manage your IT infrastructure to visit the location of your Data Center Colocation Provider.

Besides choosing a data center that’s close to your office you should also choose a data center that offers geographic stability and is not close to an active fault line.

In Oregon for companies who are searching for a location that’s not near any active fault line is Central Oregon. Besides not being located near any active fault lines, Bend is a great location for a data center thanks to climate stability, access to power the power grid and power redundancy.

#2 – Amenities

Another important factor when considering the Data Center Colocation provider you choose is amenities in addition to the space, cooling, power and the connectivity that a data center offers.

Some of the amenities you should look for in a data center include: conference rooms, copy machines, break room or kitchen because your It Staff may need to work there for long periods of time and it pays to choose a data center that has the perks to keep your employees comfortable while they are working there.

Although amenities are important in a Data Center Colocation provider you should also choose a company who offers plenty of technical support (remote hands) whenever your company has a need for it.

#3 – Pricing

Last of all, but most important is the topic of pricing because every data center out there today charges different prices and it’s important to choose the best company that offers you not just the most affordable price, but the most value for your investment.

At Wavesmith we will find you the best data center in a carrier neutral or carrier owned facility that will enable you to manage your business over the most efficient network possible for a great price.

Choose a Data Center Colocation Provider

To get started with choosing a Data Center Colocation Provider contact Wavesmith today by calling us at (800) 792-5850 extension 500 or click here to connect with us online.

Share this
21 Sep

DRaaS – Does Your Business Have Disaster Recovery As A Service?

By Cameron Larson

Disaster Recovery and DRaaS are not new concepts by any means, especially in IT, but for many companies disaster recovery is still a concept they feel is best served with backing up their data to their external hard drives and devices in their offices.

Although backing up data to a hard drive may have been something that disaster recovery professionals advocated 15 years ago the reality is that in today’s world it just makes sense to have your data backed up to cloud services.

Prepare For A Natural Disaster

Besides having DRaaS to insure the safety and security of your data it also makes sense to have this service now for your business in case of a natural disaster.

Thanks to a recent article on smallbusinesscomputing.com we know that the Small Business Administration recently confirmed that over 25 percent of businesses never reopen after a natural disaster takes them down, and 43 percent will close their doors after a catastrophic data loss.

If these facts aren’t grim enough for you, consider this: at least 75 percent of businesses right now don’t have an effective disaster recovery (DR) plan will be gone within three years of a disaster.



More Companies Moving To the Cloud By 2016

Thanks to recent research by Gartner we know that close to one third of companies around the world are going to be replacing their current data backup solutions and many of these organizations will be moving to the cloud.

Why are more companies moving to the cloud for disaster recovery? It all has to do with the complexity and cost of maintaining DR solutions in house including the hiring of qualified capable people to maintain those solutions for you.

Thanks to solutions like Disaster Recover as a Service (DRaas) it’s now easier than ever before for anyone to choose the cloud for disaster recovery and cloud backup.

Some of the new names in the disaster recovery cloud services field also include the most respected names in technology like VMWare VCloud Air, OneCloud and StorageCraft.


DR/Failover Protection

Another benefit of choosing cloud based disaster recovery is that many companies are viewing the cloud as a great data center disaster recovery solution especially since the cloud offers them an excellent DR/failover protection.

This means less minutes of downtime during the year and more up time for all of a company’s resources including its website.

How to Choose the Right Cloud Service for Disaster Recovery

To get started with choosing the right cloud service for disaster recovery you must make sure that the organization offers security solutions that are enterprise grade and uniquely configured to insure that the needs of individual service are handled.

You should also take an inventory and confirm what specific systems are involved with the cloud service and confirm if they are physical or virtual data servers capable of handling all of the most common systems any business is running on including SQL, CRM systems and of course Exchange.

Get Disaster Recovery as a Service for Your Business

To learn more about getting started with Disaster Recovery as a Service (DRaaS) for your business, or to get pricing on cloud services, contact Wavesmith today by calling us at (800) 792-5808 ext 500 or click here to connect with us online.

Share this
01 Sep

DreamHost Becomes Anchor Tenant in the ViaWest New Hillsboro Oregon Data Center

By Cameron Larson

HILLSBORO – In the last week ViaWest has made some major moves including signing up DreamHost, a webhosting and cloud provider as the anchor tenant at their New Hillsboro Oregon Data Center.

This is big news for ViaWest because luring an anchor tenant as big as DreamHost is a critical first step for ViaWest’s new data center build and it’s also the turning point where their new data center will start to generate revenue.

ViaWest Datacenter Innovation

Unlike other players in the data center market this is news because, most companies hold off on building a data center until after they’ve secured an anchor tenant, but Viawest chose to go with a speculative build and build their new data center first which is 140,000 square feet in space, in a building which is over 200,000 square feet.

ViaWest has remained a strong company after being acquired by Shaw Communications for over $1 billion dollars last year and their new Brookwood data center in Hillsboro’s Silicon Forest is going to be a major leader in the data center world for years to come.

The Brookwood Data Center is actually ViaWest’s third data center in Oregon and the new generation 4 data center will feature the latest design, reliability and quality which are needed more now than ever in data centers today.

What’s great about ViaWest’s Brookwood data center is that it will feature a more reliable electrical system and their “Super-CRAH” cooling technology which was initially invented for their Lone Mountain data center.

What’s Next For DreamHost?

Besides moving into the new Viawest Data Center, DreamHost is making more moves including consolidating two of its data centers, outsourcing the management of their data center and so much more.

In a recent interview with www.datacenterknowledge.com DreamHost VP Patrick Lane echoed one of the main reasons why his company is moving their operation to ViaWest by saying: “We wanted to focus our internal resources on developing products instead of maintaining our data centers”.

Offering More Value to Their Customers

By moving their internal resources to ViaWest DreamHost can now focus on offering more value added services to their 400,000 strong customer base which also includes close to 2 million websites and almost 800,000 WordPress installations.

If you’re not familiar with Cisco or DreamHost this company is more than just a hosting company, they have also been diving into the world of OpenStack including being a major player in open source projects like Ceph, InkTank and more.

DreamHost is also the anchor tenant at RagingWire’s Ashburn Virginia Data Center since they recognized the need to have a cloud offering on the East Coast which is equivalent to the well-known Amazon Cloud zones.

Learn More

To learn more about ViaWest and the cost savings your business will receive by moving to their data center contact WaveSmith today by calling us at (800) 795-5850 extension 500 or click here. 

Share this
25 Aug

Cisco Cloud – Learn More about Why the Cisco Cloud Solution Beats the Competition

Cisco Cloud

By WaveSmith 

Last year Cisco dropped a “bomb” on the tech world by announcing that they were acquiring Metacloud, a Pasadena, CA company who specialized in Open-Stack private clouds and this acquisition would soon become Cisco Cloud.

Now that Metacloud has been owned by Cisco for almost one year everyone wants to know how Cisco Cloud is shaping up in comparison to Amazon’s cloud, BlueBox, Platform9 and other private clouds out there.

Why Did Cisco Buy Metacloud?

Cisco’s acquisition of Metacloud immediately provides more choice to their customers by giving them the ability to build their own private clouds on top of Cisco’s UCS equipment.

When news of Cisco’s acquisition of Metacloud hit the Internet Al Sadowski of 451 Research Group said “This gives Cisco another cog in its InterCloud wheel” and many other industry experts agreed that Cisco’s Intercloud gave them the advantage over their competitors.

Other well-known service providers and tech companies quickly followed suit, including HP, who bought Eucalyptus, Verizon purchased Terremark and CenturyLink acquired Savvis.

CISCO Metacloud

Cisco Cloud Vs the Competition

The big difference between Metacloud and the scores of other cloud services out there today is that when you choose Cisco’s cloud, Cisco will actually be managing your own private cloud remotely because everything from the ASR Router, Nexus 9000 Switch and UCS Servers are managed by the expert Cisco Team who also manages all of Metacloud’s private clouds as well.

With Cisco you have the ability to build clouds and or use their Intercloud services plus enjoy secure, portable solutions which can handle workloads of all sizes across “heterogeneous” work environments.

About Cisco Cloud

With Cisco Cloud you will have the total cloud experience, much like Amazon’s Cloud, in that you can easily scale out your private cloud quickly, add additional UCS servers from Cisco, extra white-boxes, storage and so much more.

Although there are competitors out there who offer similar features like Platform9, a remote managed private cloud, Cisco Cloud customers have more features to choose from than other clouds because, Cisco’s goal is to integrate other cloud solutions via their Intercloud and they expect to be a big player in the cloud market for years to come.

Cisco Keeps Moving Forward

Besides their acquisition of MetaCloud last year, Cisco also recently acquired MaintenanceNet, a sales technology company, for $139 million dollars.

This recent acquisition by Cisco will help Cisco’s partners generate more sales tanks to the MaintenanceNet cloud based sales software platform.

MaintenanceNet is unique because its software will actually study a partners service contracts, then find out which need to be paid, are overdue, or have to be renewed, plus it will also let you know which customers are not currently buying, plus what other Cisco products they might be interested in buying as well.

The acquisition of MaintenanceNet will certainly help Cisco partners discover more “low hanging fruit” business opportunities and hand incoming Cisco CEO Chuck Robbins a major advantage when he takes over his new position in the coming weeks.


To learn more about CISCO Cloud or learn more about the cloud, colocation or data center services we can offer you click here to connect with us through our website or call (800) 792-5850 extension 500.

Share this
15 Jan

SAS 70 has been replaced by SSAE 16

What does that mean for service providers and their customers?

SAS 70 is the long-time audit standard that has been a “must” for service providers (data center operators, cloud providers, etc.) who have a need to test and validate their security controls. A SAS 70 compliancy rating has been the gold standard for data center users to gain assurance that their data center is secure and operating under proper control systems.

A SAS 70 audit verifies that the “defined” controls and processes that a service provider has implemented are followed. Note that I said the defined controls because a service provider with weak controls and processes can claim the same level of audit compliance as a service provider with strong controls and systems. So with a SAS 70 audit, one must thoroughly read through the details within the audit report to understand the level of controls and processes being used and audited.

Now, if you believe that you’ve mastered SAS 70 audits, I’m sorry to say that it has been superseded by the Statement on Standards for Attestation Engagements 16 (SSAE 16).  The good news is the information required to complete the SSAE 16 is not totally different from SAS 70 because the latter was the base from which SSAE 16 was built.


What is different?

The main difference between SAS 70 and SSAE 16 is the depth of information the service provider will now have to provide, including (among other things):

  • A management attestation of their overall service offering and underlying control structure
  • Verification that appropriate criteria are used for system evaluation
  • Evidence for every control during each assessment, rather than reusing prior evidence

The main reason SSAE 16 requires management attestation of its control structure is because SSAE 16 is an attest standard rather than an audit standard.  Instead of only the auditors opining on the controls within the service provider, its management is included in the assessment.  The idea is that the attestation process will hold management accountable with their statements on their company’s service delivery system, controls and control objectives. What’s more, SSAE 16 prohibits the use of prior evidence established in previous audits. By comparison, SAS 70 allows auditors to use evidence gathered in prior audits, which saved some companies a lot of time, but didn’t account for changes that could have impacted a data center’s security posture.


What Remains the Same?

SSAE 16, just like SAS 70, does not dictate the controls that must be covered by the assessment. It is for the service provider to decide which controls are essential to the services provided. The service provider must understand what industry control best practices are as well as what their customers’ auditors would consider to be essential controls to support the services being offered when determining the scope of the assessment.

From a provider’s perspective, a potential starting point for defining the scope of a SSAE 16 assessment would be to begin with their service contracts. The contractual obligations around the offered services would help draw the boundaries that define the systems and the controls that support the offering(s).

An SSAE 16 assessment should fulfill the requirements of a service provider’s clients, including publicly-traded clients, and it can save service providers time and resources in supporting a customer’s audit request.  SSAE 16 is an assessment a service provider completes only one time–providing the same assessment report to any customer’s auditor who requests it.

For more information on SSAE 16, you can visit:

AICPA – http://www.aicpa.org/Research/Standards/AuditAttest/Pages/SSAE.aspx

SSAE16.com – http://www.ssae-16.com/




Share this
13 Jan

Website is Live

 The right fit is important in both life and business. In our initial discovery phase, we track down solutions that are likely to work for you.

By taking a deep dive into your company’s strengths and weaknesses, we focus on designing sound solutions that serve your customer base and maximize efficiency. We examine your current market position and supporting process, desired growth trajectory, timeline and budgetary realities.

Share this
07 Jan

New SOC Reporting and Certification Options

Previously (SAS 70 has been replaced by SSAE 16.  What does that mean for service providers and their customers?) I outlined the similarities and differences between SAS 70 and SSAE 16 audits.  Now I will highlight the reporting options available with SSAE 16 and the additional auditing/reporting options the American Institute of CPAs (AICPA) developed for IT outsource services, e.g. data centers and cloud hosting providers.

SSAE 16 is the new audit standard for “Reporting on Controls at a Service Organization” (including data centers) within the United States.
SSAE offers three Service Organization Controls (SOC) reporting options: SOC 1, SOC 2 and SOC 3.  According to the AICPA the reporting options are “designed to help service organizations, organizations that operate information systems and provide information system services to other entities, build trust and confidence in their service delivery processes and controls through a report by an independent Certified Public Accountant.  Each type of SOC report is designed to help service organizations meet specific user needs.”

SOC 1 is known as the “Report on Controls at a Service Organization Relevant to User Entities’ Internal Controls over Financial Reporting.” In-essence, this is what SAS 70 was supposed to be — reporting on financial controls at a service organization as an auditor-to-auditor communication tool.  It was never intended to be a data center centric audit.

A SOC 1 report is the basic SSAE 16 report, just like SAS70, which issues either a Type 1 or Type 2 report. A Type 1 report is an auditor’s opinion on the accuracy and completeness of the service provider’s management description of the system or service including the appropriateness of the providers’ controls for a specific date in time. The Type 2 includes everything from a Type 1 report AND it verifies the effectiveness of the controls for a specified period of time; a calendar year, for example.

Ok, you just went through a SSAE16 audit and have a SOC1 report. So now you’re SSAE 16 or SOC 1 “certified, right?  No you’re not. Because, a service provider does not receive a certification after they have been SSAE16 audited.  So, don’t call yourself “Certified” (just yet …).

To address the need for a standard approach to auditing of non-financial controls (e.g. IT centric data center controls) and the need for a certification process, the AICPA created the SOC2 and SOC3 reporting standards.

SOC 2 – the “Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy” – is an audit of non-financial controls related to compliance and operations of a service provider. This report is used by a providers’ management, its customers and prospects, business partners and other organizations associated with a provider as a tool to assess the control environment of a service provider.

This report, as well as the SOC3, is built upon a set of pre-defined controls outlined within the AICPA Trust Services Principles and Criteria. The AICPA developed these criteria for evaluating the design and operating effectiveness of controls at a data center or other service organizations.  The AICPA defines the Trust Principles as five attributes of a reliable system as being:

  1. Security – The system is protected against unauthorized access (both physical and logical).
  2. Availability – The system is available for operation and use as committed or agreed.
  3.  Processing integrity – System processing is complete, accurate, timely, and authorized.
  4. Confidentiality – Information designated as confidential is protected as committed or agreed.
  5. Privacy – Personal information is collected, used, retained, disclosed, and disposed of in conformity with the commitments in the entity’s privacy notice and criteria set forth in Generally Accepted Privacy Principles issued jointly by the AICPA and the Canadian Institute of Chartered Accountants.

SOC 3 – the “Trust Services Report for Service Organizations” – is a general use report that can be distributed and promoted with the SOC 3 seal on the service organization’s website. It also reports on non-financial controls related to compliance and operations at a service organization listed under the SOC 2 description.

So, what’s the difference? Certification!

Now with a SOC3 report, data center and other cloud providers can say they are certified once an auditor issues the opinion that that the service provider has achieved the trust services criteria. Then and only then can the provider display the “SOC 3: SysTrust for Service Organizations” seal.

What the AICPA has delivered is a real win for both the service provider community and their customers. Both get clarity on control standardization. Moreover, the service provider receives a certification and the customers get what they’ve been seeking – a control benchmark to use when comparing data center operators and outsource service providers.


For more information about the:

Share this