The Momentum is Not Slowing Down

Dave Bennett, CTO, Axway

“People (are) continuing to buy cloud technologies, cloud infrastructures, cloud platforms, and I think it’s forcing (Larry Ellison) to start riding that same wave. And if you think about it, if I was Larry, I would be a little anti-cloud myself…for business reasons primarily. Because if you think about things like storage and databases and core technologies, even servers–brand is not as relevant when it comes to getting that compute power from a cloud provider. You’re paying for an SLA, you’re paying for uptime, scalability… You don’t really care if the storage is EMC or IBM or HP or somebody else, and you don’t care if the database is Oracle or MySQL.”

Axway CSO Taher Elgamal Posts on “User Authentication in E-commerce”

Axway CSO Taher Elgamal posted a blog post today on, a news and information portal that focuses on IT security. Please take a look and share your thoughts!

“While e-commerce merchants will always maintain accounts for their customers, enforcing different levels of authentication using that mechanism creates several security issues, the simplest of which arises from the fact that users normally use the same password for multiple sites, and e-commerce merchants may, therefore (and rather unnecessarily), have a great deal of access to their customers’ private information.”

Dynamic Processes

Paul French, VP, Product & Solutions Marketing, Axway

“The challenge comes when it really is a file movement problem more than an email problem. Because you may have really, really large documents that bring in absolutely everything that’s on this ship. Absolutely everything that might be between a taxpayer and a county government or a state government, or be between a military agency and some logistics or procurement provider. The files are big and obviously extremely sensitive. Leaving that to chance in an email system or leaving that to chance with some free or unregulated (solution) or, even worse, leaving it to chance with a USB drive, is a risk profile that most customers don’t want to have to think about. So the answer is the ability to enable these very non-standard, fluid processes and the people that are involved with them with a really, really secure and performing tool that will allow someone to send really, really big files–either to a system or to a human on the other side–while taking advantage of connection-level security and access-management security.”

Protecting the Reputations of Our Firms, Industries, and Departments

Ruby Raley, Director, Healthcare Solutions, Axway

“We are tasked with making sure that those messages, that information, moves safely and securely to the person who needs it to provide the care to the patient, to deliver the service the patient needs, to deliver the test the patient needs in order to help the doctor make the right diagnosis. IT is the enabler through information exchange for so many interactions that improve healthcare and improve the quality of life of everyone.”

An Opportunity to Connect

Willy Leichter, Director, Product and Solutions Marketing, Axway

A commentary on the ZDNet UK article “Fog of definitions hides hybrid cloud’s truth”

“The hybrid (cloud) and cloud in general–I think there is a misnomer. A lot of the cloud hype sort of assumes that you’re going to just totally change your business, scrap everything, and move all your stuff to the cloud. And that may be the case for smaller businesses to some extent. But for enterprises, that’s not realistic.  But it doesn’t mean they’re not going to use the cloud. As they start leveraging communities, the connectivity, the ability to share information about who’s who and who you trust and where they can go, all of those policy controls across organizations are much better suited for the cloud. But it’s going to require integration with these legacy and very robust systems of connectivity that organizations use.”

EPCIS Software Selection Criteria

Cedric Monier, Director, Integration Corporate Program — Product & Solution Marketing, Axway

“When you’re building…an EPCIS event repository, you want to be able to collect information from, first, the master data to initialize your system with all the master data information. Then you need to collect events from your product line, from your warehouse system, from your partners, and to do so you’re going to encounter a lot of different formats, a lot of different protocols, coming from various applications. Vendors that provide an integration suite and that provide very powerful abilities to integrate these different flows into the event repository also differentiate in the market.”

If an Attack is Successful, Then What?

Taher Elgamal, CSO, Axway

A commentary on the IT Business Edge article “SaaS Security Is Still Sticking Point but Doesn’t Have to Be”

“In spite of the fact that the exact same attack might have been successful if the infrastructure was inside the walls, when something goes wrong, people basically get more paranoid. Everyone wants to know who’s responsible, because some of these attacks, when they get successful, they have very large effects. I think that is actually the real issue… It is true that people should be concerned when you outsource something out on the cloud or on a SaaS service provider. And it is true that you have to make sure that your vendor understands security issues–they have the right people, they have the right policies, they know how to separate things, they know how to apply decent patches and get rid of malware and so on and so forth. But the real thing is that in the contract where you actually write in terms of if an attack is successful, then what? And I don’t think anybody has solved that thing yet.”