Microsoft Can't Shield User Data From Government, U.S. Says

Microsoft Can't Shield User Data From Government, U.S. Says

By Kartikay Mehrotra

(Bloomberg) — The U.S. says there’s no legal basis for the government to be required to tell Microsoft Corp. customers when it intercepts their e-mail.

The software giant’s lawsuit alleging that customers have a constitutional right to know if the government has searched or seized their property should be thrown out, the government said in a court filing. The U.S. said federal law allows it to obtain electronic communications without a warrant or without disclosure of a specific warrant if it would endanger an individual or an investigation.

READ MORE: Microsoft Wins Big in Fight for User Privacy as Irish Search Warrant Found Invalid

Microsoft sued the Justice Department and Attorney General Loretta Lynch in April, escalating a feud with the U.S. over customer privacy and its ability to disclose what it’s asked to turn over to investigators. Last week, Microsoft persuaded an appeals court to overturn an order to turn over e-mails stored on servers in Ireland as part of a Manhattan drug prosecution.

The Justice Department’s reply Friday underscores the government’s willingness to fight back against tech companies it sees obstructing national security and law enforcement investigations. Tensions remain high following a series of court confrontations between the FBI and Apple Inc. over whether the company could be compelled to help unlock iPhones in criminal probes, including a phone used by one of the attackers in last December’s terrorist attack in San Bernardino, California.

The industry’s push against government intrusion into their customers’ private information began at least two years ago, in the wake of Edward Snowden’s disclosures about covert data collection that put them all on the defensive.

SEE ALSO: Microsoft Rises Most in Nine Months After Profit Beat Estimates

Microsoft and Apple argue the very future of mobile and cloud computing is at stake if customers can’t trust that their data will remain private, while investigators seek digital tools to help them fight increasingly sophisticated criminals and terrorists savvy at using technology to communicate and hide their tracks.

Kathy Roeder, a spokeswoman for Microsoft, didn’t immediately respond to an e-mail after regular business hours Friday seeking comment on the filing.

Court Orders

“Microsoft’s challenge effectively asks this court to adjudicate the lawfulness of thousands of such court orders from across the U.S., without regard to the basis for, and terms of, those orders, which necessarily vary from case to case,” the Justice Department said in Friday’s court filing.

The government said Microsoft doesn’t have the authority to sue over whether its users’ constitutional protections against unlawful search and seizure are being violated, the U.S. said.

Secrecy orders on government warrants for access to private e-mail accounts generally prohibit Microsoft from telling customers about the requests for lengthy or even unlimited periods, the company said when it sued. At the time, federal courts had issued almost 2,600 secrecy orders to Microsoft alone, and more than two-thirds had no fixed end date, cases the company can never tell customers about, even after an investigation is completed.

Microsoft conceded that there may be times when the government is justified in seeking a gag order to prevent customers under investigation from tampering with evidence or harming another person. Still, the Redmond, Washington-based company says the statute authorizing the gag orders is too broad and sets too low of a standard for secrecy.

The case is Microsoft Corp. v. U.S. Department of Justice, 16-cv-00538, U.S. District Court, Western District of Washington (Seattle).

Source: TheWHIR

Lance Crosby Comes Out of Stealth with New Developer-Centric Cloud Security Venture

Lance Crosby Comes Out of Stealth with New Developer-Centric Cloud Security Venture

Almost exactly one year after Lance Crosby, SoftLayer founder and 20-year hosting industry veteran took the stage at HostingCon Global in San Diego, he is back with a new company that answers the question on many minds in the hosting industry since he left IBM last February – just what will Crosby do next?

The answer is StackPath – a Security-as-a-Service company that launched on Monday with a significant investment from Abry Partners. According to the company’s announcement, the funding will be used for M&A, and infrastructure and services development.

“The genesis is to create a developer-centric security platform that’s going to be API-driven, and going to allow developers and DevOps to actually integrate security into their applications as they are building it,” Stackpath CEO and chairman Crosby tells the WHIR. “They can make the calls and apply the security policy themselves, and they won’t necessarily have to involve the security team anymore.”

Security that meets needs of cloud

So what does this mean? According to Crosby, StackPath will initially include “some web facing services; content delivery, DDoS protection, VPN services, and a web application firewall.” The developer-centric security platform will get smarter over time, and by the end of the year will include secure compute, storage and DNS, with plans to release new security services every month for the next several years.

The idea for StackPath came to Crosby as he observed serious flaws in cloud security – even at the level of Fortune 500 companies, who spent a fortune on security products they never deployed. Traditional security modded for cloud environments just doesn’t meet the level of scale and automation required.

“After being acquired by IBM I spent the last two years seeing the shortcomings of cloud security,” Crosby says. “We had some security products at SoftLayer but we called them bolt-on; [we] took more traditional firewalls, load balancers and things like that and converted them to cloud but there was nothing that was truly, highly scalable and automated that would work.”

“That’s where the concept came from. I saw companies like Netflix, big banks, and firms that were spinning up literally tens of thousands of virtual machines a day and there were no real security products that would follow that level of automation and scale.”

Developers drive security engine

In last year’s Gartner Magic Quadrant for managed security services, the research firm identified IBM, Dell SecureWorks, Symantec, and Verizon as leaders in the space.

Crosby says StackPath’s global threat intelligence engine across 35 points-of-presence will be available to customers who can integrate the security within their applications via APIs, differentiating it from other security companies.

“We believe we’re going to create a whole new generation of security firms who are going to use this platform to build new widgets on top that we never dreamed about,” Crosby says. “When people ask me what that’s going to be I tell them that I didn’t know in 2005 that Facebook, Tumblr, WhatsApp, and Yelp, and all the other companies that built on top of cloud were ever going to create new verticals and new industries and I think we’re going to see the same thing here.”

StackPath’s technology will not be built from scratch – the company acquired MaxCDN, Fireblade and Cloak to build out its CDN, Web Access Firewall, and VPN, respectively. The company said that its DDoS mitigation technology also includes “an impressive array of IP.”

Crosby tells us that he drew from his past relationships in the cloud space to build a team including COO and president Andrew Higginbotham, who previously led CenturyLink’s Cloud and Managed Services Business, and CFO Kim Sheehy, who prior to joining StackPath served as CFO of CyrusOne. He recruited others from his background at IBM/SoftLayer, Google, and Amazon, as well.

Crosby’s hosting past will also serve StackPath well in its initial stage where it will be targeting internet-centered companies and more traditional hosting companies. Hosting providers will be able to sell the security services offered by StackPath and white-label the platform. Eventually the platform will be available directly to developers.

“We’re flying in the face of the way security has always been implemented and handled and managed and I think a lot of the traditional firms will have a lot of resistance. We’re going to automate a lot of things that people have done historically, but that’s also what drives us,”he says.

Source: TheWHIR

HostingCon Global 2016 Countdown: Concrete Marketing Tips to Improve Your Managed Services Business

HostingCon Global 2016 Countdown: Concrete Marketing Tips to Improve Your Managed Services Business

The countdown to HostingCon Global 2016 in New Orleans is on with two days to go before the hosting and cloud industry touches down at the Ernest N. Morial Convention Center. Education is one of the defining aspects of the HostingCon conferences, and with so many excellent sessions and opportunities for learning we wanted to spend this week offering a preview for our readers who are attending HostingCon.

Do you want to be a top producing cloud provider or managed service provider? It’s no longer enough to differentiate your services based on your customer service…you need to dig deeper in order to see real results.

“Service providers understand that differentiation is a core business function, based on innovation, based on verticals, based on their niche,” Total Product Marketing Principal and HostingCon speaker Dean Ara said.

On Monday Ara will co-present a session with Philbert Shih, Managing Director of Structure Research, on what makes a top producer in the cloud as well as unveil some research on the shift in the industry where MSPs are transforming from asset-heavy to asset-light, in terms of owning less infrastructure and offering more managed services.

Ara said he will reveal two major pitfalls he’s seen in working with asset-light MSPs, from a marketing, operational and go-to-market perspective. He says he will be giving “very specific, concrete digital marketing tips” so be sure to bring your notebook.

Attendees will walk away with three digital marketing tips along with concrete actions to improve conversion rates, according to Ara. “Make sure you stay until the end because there’s going to be a surprise,” he says.

On Wednesday, Ara will also lead a marketing workshop where attendees can walk away with a comprehensive marketing one-on-one plan.

For more details on Ara’s sessions and other HostingCon education you may be interested in, please check out the HostingCon schedule.

Source: TheWHIR

HostingCon Global 2016 Countdown: What You Need to Know About IPv6 and DNSSEC Adoption

HostingCon Global 2016 Countdown: What You Need to Know About IPv6 and DNSSEC Adoption

The countdown to HostingCon Global 2016 in New Orleans is on with two days to go before the hosting and cloud industry touches down at the Ernest N. Morial Convention Center. Education is one of the defining aspects of the HostingCon conferences, and with so many excellent sessions and opportunities for learning we wanted to spend this week offering a preview for our readers who are attending HostingCon.

According to the most recent data by Akamai, despite the depletion of IPv4 addresses, there are still 187 countries in the world that have a zero percent adoption rate of IPv6.

The depletion of IPv4 space has been an issue for years, but many service providers ignored the writing on the wall and are still not supporting IPv6. If this sounds like you, don’t worry, HostingCon has a session for you.

ServerHub CEO and HostingCon speaker John Brancela said that over the past year he has seen a lot more IPv6 requests come in, but still the numbers are low, comparatively speaking.

“I think the consumers are getting ready. I’d say we have probably five times more the interest of v6 now than we did last year,” he says.

In a HostingCon panel on Tuesday, Brancela will part of a group discussing IPv6 and DNSSEC, low adoption numbers, and how to increase compliance. The session runs from 9 a.m. to 9:50 a.m. on Tues. July 26, 2016.

“As providers starting chomping through their IPv4 space I think they’re obviously going to be seeing some issues,” he says. “I think the urgency is there now but there are learning curves, and some people are not interested in it but they know they have to do it.”

Still haven’t registered for HostingCon? There’s still time! Visit the website to register now.

Source: TheWHIR

Rogers Communications Launches Canadian Public Cloud with OVH

Rogers Communications Launches Canadian Public Cloud with OVH

Canadian telecom Rogers Communications has launched a public cloud service to provide IaaS to businesses in Canada. Through a partnership with OVH, Rogers will offer a range of customizable cloud storage and computing options, hosted in OVH’s Canadian data centers and backed by Rogers cybersecurity and 24×7 service.

Rogers Public Cloud provides fast implementation and provisioning, real-time data and capacity and IP monitoring through its web portal, according to an announcement this week. It also touts its public cloud as offering environmental benefits due to the OVH data center’s cooling mix of 30 percent outside air and 70 percent liquid.

SEE ALSO: CIRA Report: IT Leaders Struggle to Find Qualified IT Pros in Canada

“Businesses that have made the transition to the cloud quickly realize the significant financial and operational advantages, but the reality is that Canadian customers do not have enough options for simple, cost effective cloud computing solutions,” Mark Schrutt, Research Vice President, Services and Enterprise Applications, IDC said in a statement. “New services like Rogers Public Cloud will make it easier for businesses to adopt cloud solutions and could ultimately foster more innovation as customers get access to more efficient, cost-effective IT as-a-service solutions.”

Rogers operates 17 data centers in Canada, and will run its public cloud from four Tier III certified locations in Calgary, Edmonton, Toronto, and Ottawa, ensuring consistent uptime and availability, the company said.

SEE ALSO: Amazon Plans First Cloud Data Centers in Canada

France-based OVH entered the Canadian market with a data center in Montreal in 2013. The company became a platinum sponsor of the Let’s Encrypt project late last year.

The Canadian government has been considering additional data protection measures for some time, but is not expected to introduce major regulatory changes applying to cloud services in the near future.

Source: TheWHIR

Why Salesforce Bought Coolan, a Data Center Optimization Startup

Why Salesforce Bought Coolan, a Data Center Optimization Startup

datacenterknowledgelogoBrought to you by Data Center Knowledge

Salesforce made a surprising move Thursday, acquiring Coolan, a three-year-old Silicon Valley startup whose software uses Big Data analytics and machine learning to help companies make smarter data center management and hardware buying decisions.

In a blog post, Coolan’s co-founder, Amir Michael, who used to design servers for Google and later for Facebook, and who co-founded Facebook’s open source data center and hardware design initiative, the Open Compute Project, said Coolan would work to optimize Salesforce’s infrastructure.

So far, the deal appears to be mostly about Salesforce looking to improve the way it builds and manages its own data centers. The company’s core business is selling cloud-based business software tools, and it’s unlikely – although not impossible – that it will sell data center management services based on Coolan’s platform to others.

“Once the transaction has closed, the Coolan team will help Salesforce optimize its infrastructure as it scales to support customer growth around the world,” Michael wrote. “I will continue my work with the Open Compute Project to further its mission of making hardware open, efficient, and scalable.”

If it wasn’t clear already, the acquisition confirms once more that Salesforce’s announcement earlier this year that it would use Amazon Web Services to deploy its core products to select international markets did not mean Mark Benioff’s cloud software giant was thinking of getting rid of its own data centers, which it leases from data center providers.

Neither company has shared much detail about Salesforce’s plans for Coolan beyond Michael’s blog post. Reached by phone Thursday, Michael said he could not talk about the deal and was instructed by Salesforce to direct all inquiries to them, while a Salesforce spokesperson, responding to a request for comment, referred us back to his blog post.

Salesforce Rethinking Data Centers

Salesforce has recently been revamping its approach to data center infrastructure, seeking to adopt a strategy similar to that used by the likes of Google, Facebook, and several others. Their strategies rely among other things on custom, stripped down hardware, little variation between hardware SKUs that support different services, and lots of automation.

Both Coolan’s technology and its team, some of whom were deeply involved in building and running infrastructure for those web-scale data center operators, will be useful to Salesforce’s current infrastructure efforts.

Read more: Salesforce Latest Convert to the Web-Scale Data Center Way

Coolan’s Platform Lowers Data Center Costs

Salesforce likely sees Coolan’s software platform as a competitive advantage. The platform, which the startup has been providing to customers as a cloud-based service, helps companies save a lot of money in their data centers.

In one recent project for a customer, Coolan identified that power supplies in the customer’s servers were grossly overprovisioned, resulting in 300,000 kWh of data center energy waste per year. This customer, whose name Coolan did not reveal, had 1,600 servers. A company like Salesforce, which has global data center infrastructure that continues to scale, can get a lot more savings out of such improvements.

Read more: How Server Power Supplies are Wasting Your Money

Another example the platform’s application is identifying the best time to replace a server. There isn’t a magic number that works for every company, and total cost of ownership changes differently over time for different businesses. Being able to pinpoint when a multitude of factors – things like server cost, data center CAPEX and OPEX, cost of data center infrastructure, networking equipment, and cost data center racks – all line up in a way that makes keeping an old server more expensive than replacing it with a new one is the kind of thing Coolan is good at.

Read more: When is the Best Time to Retire a Server

Machine Learning in Data Center Management

To arrive at its conclusions, the platform analyzes operational data from the present customer’s data centers as well as historical operational data it has collected from past customers’ facilities. It stores all the data it collects on Amazon’s cloud, where much of its computing also takes place, Michael told Data Center Knowledge in a recent interview.

Coolan uses machine learning to help with everything, from identifying inefficiencies to predicting failure in server components, he said.

By applying machine learning to data center management, Coolan is taking a page out of Google’s playbook, although it’s unclear whether there are any similarities at all in the ways the two companies apply it.

Google has been using machine learning to optimize its data centers for some time now. Its latest effort to apply its Artificial Intelligence technology called DeepMind to improving data center energy efficiency has reportedlyresulted in a 15 percent improvement in Power Usage Effectiveness (PUE).

Scaling Smart

Acquiring Coolan, Salesforce gets its hands on some sophisticated, cutting-edge data center management and optimization capabilities and a team of experts who are likely to have a lot of influence on the way the world’s biggest cloud CRM company builds out its infrastructure going forward.

Scale is crucial for today’s cloud providers, and scaling infrastructure in a smart way is everything, affecting both the company’s ability to serve its customers with high performance and minimal downtime and its ability to make a profit.

Source: TheWHIR

Bracing for Brexit: How Service Providers Can Prepare for the Coming Changes

Bracing for Brexit: How Service Providers Can Prepare for the Coming Changes

Brought to you by Talkin’ Cloud/Windows IT Pro

Chaos. Mess. Uncertainty. If you’ve been following the aftermath of the Brexit vote on June 23, where U.K. citizens opted to leave the European Union (EU), then you’ve likely seen numerous articles referring to Brexit using these words — none of which are very comforting if you run an international business or use cloud services, which are inherently global.

Changes in policies around data privacy and portability, immigration, and other key areas could have a massive impact on cloud services for both service providers and end-users.

This uncertainty is exacerbated when you look at the political climate in the U.K. British Prime Minister David Cameron stepped down abruptly after the votes were tallied, and his expected successor Boris Johnson followed with an announcement that he would not be running for PM. This political mass exodus is somewhat alarming to U.K. businesses, which seem to be operating in limbo; not only until the fall when a new party leader is elected, but also for the next two or so years it will take before the U.K. leaves the EU.

“Right now, there are so many steps before the U.K. can leave, one cannot predict whether it will leave and under what conditions,” said Françoise Gilbert, a lawyer specializing in international technology and IT issues with Greenberg Traurig. She said that there was some silver lining to the complexity. “Whatever happens in the next will not be too drastic, and it will take many, many years.”

But for companies watching Brexit unfold, there’s still a lot of uncertainty. Keep reading to find out what you need to know as you plan for expansion to the U.K., what happens to your existing data in the U.K., and what Brexit could mean for cloud as we know it, along with some practical, actionable tips for weathering Brexit.

The bigger the cloud, the less impact?

Some cloud providers and data center services providers seem as committed as ever to the U.K. cloud market. For example, Amazon Web Services (AWS) has announced its intention to continue with plans to open a London data center in the fall, saying that it was watching the situation but for now it’s “business as usual.”

Global colocation provider Equinix said its strong presence in the major metros across Europe (the company has data centers in 63 data centers in Europe and the Middle East) puts it in a strong position regardless of how Brexit is implemented.

“The outcome from the Brexit vote is complex and will unfold over the next several months. During that time we’ll be closely monitoring how the exit will be implemented,” Eric Schwartz, President, Equinix EMEA said. “Having said that, Equinix’s business continues to be driven by secular growth of global data traffic and the massive shift in IT to support this data explosion. We feel well positioned with our strong presence in the major metros across Europe, as well as our distributed platform which is available in more than 40 markets around the world. Our well diversified customer base is broadly deployed with more than 80 percent of our revenue coming from customers deployed across multiple metros. We believe the trend of enterprises distributing their IT at the edge to be closer to end users to increase performance will continue regardless of how Brexit is implemented.”

Of course, AWS and Equinix are two companies with a massive amount of infrastructure; even if their U.K. investments suffered, they have multiple points of presence in the rest of Europe to serve customers across the continent.

IT spending to take hit

Smaller businesses may want to be a little more cautious in their U.K. play. Gartner research vice president John-David Lovelock suggests that “new larger, long-term strategic [IT] projects will now be put on pause and likely not restarted until 2017 when the outlook with the U.K. outside the EU becomes clearer.”

Lovelock said that as a result of this pause in IT projects, the U..K will see negative IT spending growth in 2016, and the effects may spread to Western Europe as well.

In a survey of its U.K. members, IT trade association CompTIA found that 38% of respondents expected the Brexit to impact purchasing decisions, with another 16% of respondents unsure if there would be an impact. Almost a third of respondents thought the move would have a negative impact on their companies’ profitability.

Global head of Gartner Research Peter Sondergaard recommends that company CIOs create “a small, virtual task force, or ‘Office of Brexit’, to act as a project team preparing for the eventual changes.”

Creating this in-house team that can keep the rest of the company up to date on Brexit, and assess all potential issues that could come up, it’s also a relatively straight-forward way for a company of any size to prepare for any outcomes of Brexit that could have an impact.

Brexit touches many areas of the business, so be sure to include others outside of IT when forming your “Office of Brexit.” Once you’ve established this group, what are some of the areas you should be looking at? We asked the experts to come up with 3 considerations to keep in mind as you assess the impact Brexit may have on your business.

Data portability and security

According to Forrester, uncertainty over privacy regulations will make it difficult for companies operating in the U.K., who could previously share data with systems in any of the other 27 EU countries.

If the UK leaves the EU, it may need to become a trusted entity like Canada or Switzerland, or pass new privacy laws that meet the EU General Data Protection Regulation (GDPR), according to Forrester. This latter part is critical for EU companies who must comply with the GDPR, so these companies may migrate workloads elsewhere in Europe.

A lot of the open questions won’t be resolved for a while: Once the U.K. officially submits that it is withdrawing from the EU, a two-year negotiation period will kick off, at which point those kinds of agreements would be worked out. But it’s not too soon to start assessing what data could be impacted, and starting to plan on ways to dampen the impact gradually.

“I would start with doing an evaluation: Where is my data, where are the people with whom I interact, what are the rules around the data we have, where are my servers,” said Gilbert.

Human resources and labor laws

Good IT personnel are hard to find, and may become even harder to retain in the UK if Brexit goes through.

According the CompTIA study, 22% of respondents said their employment strategy will change if Britain leaves the EU.

“IT departments in the UK will find it difficult to hire new staff as freedom of movement in 27 EU countries will no longer apply,” said Chris Byrne, founder and chief executive of SensorPro, which is based in Ireland. “Costs for tech staff will increase due to a shortage.” He noted that already, Ireland was working to poach firms that are concerned about the changes, writing to over a thousand companies that the country was interested in helping those looking to relocate.

Gartner says that in order to reassure employees, clear communication with “key employees whose roles look to be impacted” is crucial. Employers will also want to review where key IT staff is located and how certain skill set hubs might be affected.

Immigration is one of the key issues in the Brexit negotiations in the U.K., where more than 3.2 million non-U.K. nationals were employed as of 2015, accounting for six percent of the total workforce.

Suppliers and partnerships

If you have data stored overseas, you are already aware of the nuances and complexities of data privacy regulations. And you likely have existing relationships with suppliers and vendors who should be able to help you navigate it if you ask the right questions.

European colocation provider Interxion director of cloud strategy Vincent in’t Veld said that service providers should engage with their suppliers in the U.K. in order to stay ahead of Brexit.

“The key question I would ask my supplier is how are you monitoring this? How is your legal department monitoring the situation? How are you going to keep me up to date? I would ask my supplier to stay very close and keep me up to date about changes which could impact my setup inside their data center,” in’t Veld said.

The exit might also have an impact on your option for vendors: Between an economic downturn that is already taking shape and increased regulation in making deals, many expect fewer international companies to come calling, including those that aren’t even based in the EU to begin with.

Almost a third of respondents in the CompTIA survey said that they believed U.S. IT vendors would emphasize the U.K. less if the country left the EU.

Source: TheWHIR

6 Revenue Metrics to Watch in Recurring Revenue Businesses

6 Revenue Metrics to Watch in Recurring Revenue Businesses

As more solution provider companies make the pivot into MSP and CSP territory and transform their business models, there are some new financial metrics that become as important as gross and net margin.

Recurring revenue financial models are becoming the new standard.

We are all familiar with the basic formula to figure out profitability, right? Take all revenue, subtract the cost of goods sold to get our gross operating margin and then subtract business costs to get our profit margin. On paper it is a fairly straightforward concept. Inside the recurring revenue business, there are metrics within that formula that will help us understand the overall health of our subscription business and potentially improve decision making down the road.

Annual Recurring Revenues

Annual recurring revenues are a fairly straight-forward metric. Annual recurring revenues are the source of truth for business. Annual recurring revenues are the source of truth for business because it tells the actual revenue recognition. To calculate annual recurring revenue, add up the expected total yearly billings of the customer’s annual subscriptions and usage fees. Annual recurring revenue is also used in determining other metrics later on.

Average Revenue Per Unit

Average revenue per unit is most used in a business with subscriptions and fees that may vary from one customer to another. To calculate average revenue per unit, divide the total revenue by the number of subscribers. This is helpful when done by product line to help determine profitability and growth.

Conversion Rates

Most recurring revenue products offer no-cost trials. While this is a great way to entice people to try products, finding out your conversion rates can help you understand if you are attracting the right people for the no-cost trial, if the free trials are converting to paying customers and what products are most popular.

For example, a lot can be seen about the conversion rate of people who visit a website versus the number of people who sign up for the free trial. One can then calculate the conversion rate of free trials to paying customers. These conversion rates give insight into the behavior of current and potential customers, the usability of our website and the popularity of individual products.

Lifetime Value and Customer Acquisition Cost Rati0

These two metrics, when compared together, can give a better understanding rather than just customer acquisition costs alone. First, let’s look at the customer acquisition costs. This metric will help understand how much it costs to bring on a new customer. To find this metric, we add up all sales and marketing expenses and divide that by the number of new customers added during the same time. Wish customer acquisition cost, the lifetime value metric can be found. Lifetime value metric predicts the profit the company could make from a single customer for the entire life of the relationship. For this calculation, take the average revenue per account and multiply that by gross margin and customer life.

Then take lifetime value and compare it to customer acquisition costs. The ratio should be three or higher. If it is not, there may be a hidden problem in either not enough value from each customer, or exceptionally high costs to acquire customers.

This is a very telling metric.

Customer Net Profitability

Customer net profitability will help determine if money is made or lost form a customer over the lifetime of that customer. A simple formula to calculate this is to take the lifetime revenues from that customer and subtract the customer acquisition costs.

This is a great metric to look at to help determine where profitable customers are, and by that, we can begin to target additional similar type of customers.

Retention and Churn Rates

At the heart of every recurring revenue business is loyalty and keeping current customers happy and engaged. Without this, the business churns through customers and spends lots of time and money to acquire new ones. Retention rate is a percentage of customers that the company maintains from year to year. Churn rate is the percentage of customers that a company loses from year to year. Retention rate high and churn rate low is the key.

Examining these metrics across different periods of time and different product lines can help identify where the company is doing well, and where it needs improvement. Increasing retention and decreasing churn will help all other metrics improve as well.

These are just a few metrics to leverage for understanding a recurring revenue business. The more key financial metrics for business decisions based on the data are understood, the more likely the business is to grow recurring revenue income as profitably as possible.

There is still time to join Theresa at HostingCon in New Orleans on Sunday to learn more about partnership best practices, recurring revenue and other topics to help grow your business. Register here.

Source: TheWHIR

Final Updates as Industry Prepares for HostingCon Global 2016

Final Updates as Industry Prepares for HostingCon Global 2016

The exhibit hall at HostingCon Global 2016 New Orleans is sold out, and the exhibitors, along with the Networking Lounge and the Plesk Charging Station, will fill the Exhibit Hall B of the Ernest N. Morial Convention Center during the conference and trade show which runs from July 24-27, 2016.

The expo hall will also be the site of several new networking events for 2016, including Monday night’s Opening Reception, as well as networking breakfasts on both Tuesday and Wednesday.

The HostingCon App (for Android or iOS) is available now, and All Access Pass holders can use the HostingCon Connect app to scout out potential partners and customers and set up meetings.

At this point #HostingCon is buzzing with friends in the industry connecting ahead of the show next week.

As you pack for the big event, you can familiarize yourself with keynote speaker Andrew Blum and his quest to broaden understanding of the internet by watching his Ted Talk.

The 2016 edition of HostingCon Global is shaping up to be the biggest and best in its 12-year history. By size, quality, and staying power, HostingCon Global is the top vendor neutral conference and trade show for the web hosting and cloud services industry. Register today if you haven’t already; it’s a show not to be missed!

Source: TheWHIR

Report: Privileged Account Management a Joke at Many Organizations

Report: Privileged Account Management a Joke at Many Organizations

Half of all organizations fail to audit privileged account activity, according to a report by Cybersecurity Ventures and Thycotic. The companies co-sponsored the 2016 State of Privileged Account Management report which shows that although companies say they recognize the importance of securing privileged accounts, practices are often stuck in the past.

The report is based on a Privileged Password Vulnerability Benchmark survey, which showed that 76.5 percent of companies consider privileged account management (PAM) security a high priority, and 60 percent have PAM-related regulatory requirements, yet 7 out of 10 do not require approval for creating new privileged accounts.

READ MORE: HostingCon Global 2016 Countdown: New Trends in Web Application Security

“Weak privileged account management is a rampant epidemic at large enterprises and governments globally,” Steve Morgan, founder and CEO at Cybersecurity Ventures said in a statement. “Privileged accounts contain the keys to the IT kingdom, and they are a primary target for cybercriminals and hackers-for-hire who are launching increasingly sophisticated cyber-attacks on businesses and costing the world’s economies trillions of dollars in damages. We expect the needle on automated (PAM) solutions adoption to move fairly quickly into the 50 percent range over the next two years.”

Three out of 10 organizations allow accounts and passwords to be shared; three out of 10 have no formal password controls, and four out of 10 use the same security for privileged and standard accounts.

SEE ALSO: Report: Cloud Requires New Approach to Security Operations

Nearly one in five organizations have never changed the default passwords on their privileged accounts, and while many of the report’s findings are unsettling, this practice is so obviously negligent that one has to wonder about possible legal ramifications. Clients, partners, and shareholders of any given business should have assurances that it will not be brought to a standstill and suffer major losses from a years-old “admin” password.

Only 10 percent of those surveyed have implemented commercial automated PAM security, perhaps in part because 30 percent say they have not communicated the importance of following IT security policies to stakeholders.

The PAM report also puts a new spin on previous reports like the Ping Identity study from late 2015 which showed enterprise employees often share credentials for devices they do work on with family members and commonly reuse passwords. If the organization neglects basic credential controls, it is unrealistic to expect employees to pick up the slack.

Source: TheWHIR