This winter – and what we have had of a spring – has been a remarkable time for the entire Advantage Co.  Not only have our core businesses [the electronics division, TW&Co, and Giancarlo’s] produced the single largest increase in 20 years for Q1, our partnerships have set international and national precedents in IT as well.  The biggest winner of all was certainly our Lifetime Service Center.  Our local and California based service centers have had a run that rivals the pace we had in 2009 [and this time we are doing it right].

Over the past several months, the Walker Center has seen the development of our new Cento Club [with our two new private banquet and meeting rooms], The Beauty Bar [featuring all natural drinks, snacks, raw desserts, and organic juices], and the usual renovations and expansion.  Along with all that, we have partnered with Wellingtin Resources and introduced Bogavia to national accounts.

Recently, we’ve had visits from the founders, creators, designers, and CEO’s of Tata Harper, John Hardy, Roberto Coin, and Sumbody; while later this year we are looking forward to visits from Paige from Paige Denim, Brandy Monique from Fig Yarrow, the creator of DL1961, the creator of Peace, Love, World, the creator of Chaser, the creator of Yarok, the designer of Mackage, and we’re still working on Diane Von Furstenberg [who mentioned to Jules and Alison that she would come visit them soon].

While Tony Walker & Co and Giancarlo’s form our smallest division, it is my personal favorite.  I am looking forward to spending most of my summer on Giancarlo’s patio [and completely renovating the TW&Co store once again].

But all that has been going on pales in comparison to what our Autonomic Resources partnership has accomplished over the past six months.  Not only were we the first to receive the FedRAMP IaaS Authority to Operate, we have now received the Department of Interior’s 10 year ID/IQ Cloud Foundation contract award.  The Wall Street Journal led the story on this award with “Autonomic’s ARC-P Platform Gains Momentum With the 10 Year $1 Billion ID/IQ.”  I’d say we agree.

http://online.wsj.com/article/PR-CO-20130502-913753.html?mod=googlenews_wsj

I return to town at the end of May, and I am looking forward to an incredible summer.  We’ll be kicking it off on June 6th with our 35th Anniversary Party as we open our new Stereo Advantage Warehouse Sales Center at our international distribution and service center on Wehrle Dr.

Congratulations to everyone who participated in what has been the most remarkable 6 months in the history of the Advantage Co.  Thank you.

No need to watch the Masters later today.  Tiger already won. They decided that he should be given the tournament because he is, after all, Tiger Woods, and can you imagine the ratings next year?

Of course, Nick Faldo will be back in the booth because he dutifully recanted any and all remarks about the Masters’ transgressions.  It wasn’t really him calling for Tiger to withdraw, it was a misinformed version of him.  The information he didn’t have at the time of his remark was that he was going to get fired – that changed everything. Pathetic.  And he was one of my all-time favorites.

While a 14 year old can get hammered for taking more than 40 seconds to hit a shot during a five and half hour crawl, Tiger gets a free pass on being DQ’d because he may have been confused.  Anyone who has played competitive golf for 20 weeks knows you drop as near as possible when you choose to hit from the spot you hit your last shot.  You’d think that after 20 years of competitive golf that Tiger would have that one down.  Of course if you can have a boulder removed from your path as a ‘movable’ obstruction, this is but a mere trifle.

Anyone who has ever played competitive golf knows full well that signing an incorrect scorecard is an immediate DQ.  No reprieve, ever.  This is the first time in the history of competitive golf that someone signing an incorrect scorecard was not DQ’d.  But there were extenuating circumstances – it was Tiger Woods and this is the Masters.

And please spare me the two stroke penalty bullshit.  It means nothing.  He got a pass on being DQ’d that is completely unwarranted whether anyone had looked at the tape prior to the end of his round or not.  He signed the wrong scorecard, and, in competitive golf, you are DQ’d.  Whether it is the Monday scratch tournament at Crag Burn or the US Open, you are DQ’d.

Anyone who holds their ground that this self-absorbed myopic asshole should have been DQ’d will certainly be ostracized from the Tiger Woods/Nike world of sycophants and the hallowed grounds of golf’s Sistine Chapel, Augusta National.  So it goes.

And, yes, Steve Jobs was a great man too [as long as you consider a lying manipulative coercive cheating exploitive sociopath a great man].  Read it enough and you’ll believe anything.

That’s not my Tumblr picture that got posted last night on my Facebook page.  Sorry.  I am trying to start a Tumblr blog, but I am still learning the settings, etc.  I was looking for a shot of great legs for our Cento Bazaar footwear wall, and I found a Tumblr picture I thought I could crop the legs out of.  I guess the cropping didn’t make it.  So it goes.

Regardless, I am coming home for the Grand Opening of the Cento Bazaar Room tomorrow night.  It’s a room built exclusively for our Cento Club members, and it will feature off-season product at 30% off all the time for members only.

I’ll post some pictures on my Tumblr blog when the room is done [and I figure Tumblr out].

Is this picture a little too much for the room?

By the way, I heard the news about Reggie Witherspoon last night.  Winters in Buffalo where always more fun while watching Kwitch and him work the sidelines from the court side seats Pam talked me into.  UB Basketball will not be the same without those guys.  They exemplified everything that is right in college sports.

I know a few of the guys that played for them, and their successful after-college-careers are due, in large part, to the mentoring Reggie and Kwitch provided.

Along with Coach Schintz, Sweet Home has given us the very best of basketball coaches.  It’s a group of guys that really understood the game and life – and provided the perfect balance.  They are all missed [although I’ve been hearing some rumors that Schintz is itching to get back at it – of course, right now, the twins are keeping him busy – and he’s loving every minute of it].

I’m sure it won’t be long until we see them all back on the court they love.  Until then they will be missed.

On March 18, 2013, Thomas Edward Perez was nominated by President Barack Obama to be the United States Secretary of Labor, replacing outgoing Secretary Hilda Solis.

So, along with my best friend from high school, Joe Macmanus [who President Obama recently appointed as the new U.S. Ambassador to International Organizations in Vienna], we now have my old first baseman, Tom Perez, being appointed as Secretary of Labor.

I haven’t thought about Tom in a long time.  I lost touch with him years ago, but I’ll never forget his family and him.  I remember his dad passing away, and I was thrilled that Tom was still going to Canisius High School.  I think he may have been a college rep for us at Brown.  It’s fantastic that Tom is the Secretary of Labor, but Teeko’s [sp?] a doctor?  It would be great to hear from them.

It’s safe to say that Canisius High School is well represented at the Federal level.  Johnny Sturm would be proud.  I’m just happy to have our FedRAMP IaaS ATO.

Wikipedia:  Thomas Edward Perez was born and raised in Buffalo, New York, to parents Rafael and Grace (née Brache) Perez, who were both first generation Dominican immigrants.  His father Rafael, who earned U.S. citizenship after enlisting in the U.S. Army after World War II, worked as a doctor in Atlanta, Georgia before moving to Buffalo where he worked as a physician at a VA hospital.  His mother, who came to the United States in 1930 after her father Rafael Brache, was appointed as the Dominican Republic’s Ambassador to the United States, remained in the U.S. after Ambassador Brache was declared persona non grata by his own government, for speaking out against Dominican President Rafael Trujillo’s regime.

Perez, who was the youngest of four brother and sisters (who all followed their father in becoming doctors), suffered the loss of their father when he died of a heart attack, when Perez was 12 years old.  He graduated from Canisius High School in 1979, putting himself through college through the help of scholarships and pell grants.

Perez received his Bachelor of Arts in international relations and political science from Brown University in 1983.  He also received his Juris Doctor cum laude from Harvard Law School and a Master of Public Policy from the John F. Kennedy School of Government in 1987.  While attending Brown, he worked at the University’s dining hall, and while attending Harvard, Perez worked as a law clerk for Attorney General Edwin Meese in 1986.

Lately I have been feeling aggravated about a few things at work.  There are a number of programs and projects that are not coming along as quickly as I had envisioned.  Someone unwittingly told me that I should not stress out about it.  Frankly, I had a hard time with that depiction of my aggravation.  I see stress in others, but I only feel my sense of aggravation [and anger] in my own “stressful” situations.  Now, I will readily admit that I am often seen as a stress carrier [I may be a walking typhoon of stress for some people], but I am seldom, if ever, afflicted.  So, I thought I would look into stress a little deeper this morning.  I came across two insightful depictions of stress amongst a cottage industry of opinions.

1. Stress, when driven from outside the individual, can be motivational.  It has the potential to be a positive, driving force especially when it comes from someone perceived to be a trusted supporter or mentor or manager.  It is often perceived as good advice and it often helps generate “considered alternatives and choices” that are different from the ones currently in practice.  –  Performance Management Company Blog

2. People often say that stress is a motivator.  What we’re referring to when we say this is really better described as stimulation and engagement.  Take the example of goal-setting.  We set goals because they give us something to aim for and keep us feeling engaged.  Stimulation and engagement are good.

But that’s not stress.  Stress is the negative whirlwind of emotions that gets imposed on top of our stimulation and engagement.  It leads to poorer decision-making, reduced creativity, mental exhaustion, and physical burnout (and eventually to disease).  In other words, stress motivates us in a number of harmful ways.  Without the stress, we have more energy to get things done and more fun doing it.  We need stimulation and engagement.  We all enjoy pushing ourselves to accomplish our objectives.  But we don’t need stress to get there.

Stress is not inevitable.  Look for something you’re not bothered by that other people are (a fear of heights, driving fast, flying).  People who experience stress in those situations may say that it’s inevitable because they can’t imagine not feeling stress, but you know that this isn’t so.  Their emotions come from their beliefs.  The same is true for whatever you’re stressed out about now (money, health, work, etc.).  It’s entirely possible to think differently and not experience stress in your life, as unlikely as that sounds.  It just requires a different approach.  If you’re successful and stressed out, you’re succeeding in spite of your stress, not because of it. – by Andrew Bernstein in The Myth of Stress

I can’t help but agree that stress is something we allow to happen to us.  What you or I think is stressful [or aggravating] may indeed be stimulating to someone else.  Stress is internal.

At the Advantage, I have been known to utilize a dramatic tirade from time to time to create an environment where people are motivated to give a 100% effort toward the desired result.  There is no denying that this is effective.  But, is it stressful?  Well, it would be hard to argue that it isn’t stressful to some, but, to others, it is a tonic [or, at the very least, a focal point].

I’m not deluded, and I am not out to justify my particular leadership style.  I’m just looking at stress as clearly as possible.  As I look at successful coaches [like the Vince Lombardi type] or successful business sociopaths [like the Steve Jobs type], they make me look like a teddy bear.

So, today’s question is, do I need to ratchet it up a bit, or do we need a kinder, gentler Tony?

I’m only kidding.  I’m too old to ratchet it up, and it takes a big toll on me – a toll I am no longer willing to pay.  No, what today’s question is: How do we create an environment where we eliminate stress knowing full well that everything that happens in business has the potential to stress someone out?  

I have been around countless people who are stressed by too much opportunity, too much success [that’s what they are saying is stressing out Rory McIlroy these days], too much responsibility, too much independence, too much control, etc.  For some, making a simple decision is stressful.  Stress is a very individual feeling.  It is, like beauty and pornography, in the eye of the beholder.

So, how do we eliminate stress?  Concern would help, as would genuine support.  But what we really need is confidence.  The more confident you are about yourself, your career, your health, your friends and family, your significant other, your finances, and your ability to actually reach your goals – the less stress you will feel when you are in what is, to you, a stressful situation.

I believe that the Maslow Need Hierarchy is relevant when it comes to stress.  Our unfulfilled needs are potential stress points.  Confidence comes from not only satisfying our needs, but in the knowledge that we have the potential and resources to satisfy our unfulfilled needs.  Stress, I believe, comes from a feeling of inadequacy.  But I’ll leave that for another posting.

In the meantime, as Henry Ford [that famous anti-semitic sociopath] once said: Whether you think you can, or whether you think you can’t – you’re right.

It feels like grandpa again.

Ariana, Sam, and my new grandson, Samuel Anthony, are already home starting their new adventure.  If there is anything better than grandchildren, I’ve never experienced it.  It is more than the circle of life, for me it is the life I always hoped for.

As I fast approach my 60th birthday, I can’t help but pause [more often than ever lately] to truly recognize and appreciate the gift of life.  I have always relished living my own life, and while it has been my children that have given it meaning – grandchildren are indeed a special gift.

Today, I am surrounded by my children and grandchildren.  Fate’s been kind when it comes to the love I feel from those close to me.  Just thinking of Francesca and Sam Anthony is enough to make my day complete.  My business thrives, my friendships endure, and my prospects for the future continue to amaze me.  But through it all, a certain ennui dampens my enthusiasm for the challenges that await me as I start every day.

As wonderful an adventure as it all has been, my business has certainly jaded me.  By building the Advantage Co, I have made more friends [and earned more enemies] than I ever imagined possible.  All through my school years, I was never much for socializing.  Even in college, I lived with my girlfriend, hung with a few friends, and played a lot of basketball and ping pong [while trying despairingly to play guitar].

And then along came the Stereo Advantage and a merchant’s life.  I made more friends in my first year of business than I had in the previous 24.  And by the time I was 30, I had more friends than ever, but as sure as the sun set at night, enemies rose in the morning.

It’s the nature of business that every success seems to mean someone else’s failure.  Every decision inevitably leaves someone satiated with discontent or, in the most regrettable of cases, palpable hate.  There is a cadre of ex-Advantage employees that share a common enmity that binds them together.  While it is mostly a comical association of malcontents, it does take its toll on the joy of the adventure.  WNY is a small town with little more than three degrees of separation.  And although this makes for a warm and nurturing environment for building a family, it can eventually wear you out with the petty remonstrations and almost clan-like vendettas.

But enough of all that.  The point to this little posting is that as I approach 60, this is what it all feels like: joy, appreciation, ennui, love, satisfaction, hope, and, most of all, a wry smile for the machinations of so many that find significance in anything other than the full appreciation for the gift of life.

For my family and friends, thank you.  You have given me more than my fair share of life [topped off by two beautiful grandchildren].  As for my traducers, if retribution is what you seek – you’re too late.  As I’ve said, I’ve already had more than my fair share of all that life has to offer.  From here, both the good and the bad are all a bonus.

And for all of you, especially Francesca and Sam, there is the gift of life.  Whether it be brief or long, you are always better off living it to its fullest [and a smile along the way wouldn’t hurt either].  But don’t let all this gift of life reverie confuse you, it’s still a Darwinian struggle, and the Advantage has every intention of thriving amongst the chaos.

This train keeps on rolling, and it just picked up another passenger.

It looks like we are all set with the construction plans for the new home of the Stereo Advantage.  The Retail and Commercial Divisions of the Stereo Advantage will soon be joining Lifetime Service at our Distribution Center at 1955 Wehrle Dr. [behind ECC North at Wehrle and Youngs Rd just east of Ingram Micro].  It will be great to have everyone back together again.

We will be building our new showroom, offices, and store for the Stereo Advantage in the 4k sq’ front section of our Wehrle facility.  Our plans call for a grand opening on June 6, 2013, our 35th Anniversary.  The Stereo Advantage will continue to occupy our temporary spot in the Walker Center until then.

Thanks to everyone who has been with us on this 35 year journey, it’s been quite a ride – and it still feels like we are just getting started.

Turn the page.

Reprinted from http://churchofthegood.wordpress.com/

If the COTG is to truly promote the celebration of the gift of life, it is incumbent upon us to provide services to our members that will enable them to be safe and secure.  It starts with financial security.  One of the services the Church of the Good will offer, therefore, is forensic accounting.

Accounting by God simply means accounting with no agenda other than transparency and illumination.  Our forensic service is not intended to make you money, rather it is intended to provide you with a full transparency, accuracy, and assessment of all your financial dealings so that you can make more informed decisions with your advisors.

Our COTG Financial Review will scrupulously examine all of your financial relationships and obligations.  We will review the performance and veracity of your accountants, lawyers, financial advisors, insurance providers, and agents; as well as all contracts, investments, holdings, loans, debt, credit, trusts, associations, tax filings, wills, and financial instruments.

The main value of the COTG forensic team is that it has no agenda beyond your financial well-being; whereas, every other advisor has an economic stake in the retention of you as a source of income.  This allows us the opportunity to provide you with a clear assessment of your financial health, an assessment that is not prejudiced by any other agenda.

What you don’t know may be undermining years of hard work, wise investments, and good faith.  Our forensic review will give you the peace of mind that comes with transparency and accuracy.  While our belief in god is based on faith, there is indeed a preponderance of evidence that substantiates god’s existence [not the least of which is his gift of life].  The same holds true for your advisors.  Every financial relationship you participate in is based on good faith.  And while faith is both uplifting and essential, it is not enough.  We are all responsible for the scrupulous examination of all our activities, associations, and investments.

Let the COTG financial review provide you with the requisite examination that your financial health depends on.

__________________________________________________

Information: Financial forensics is the specialty practice area of accountancy that describes engagements that result from actual or anticipated disputes.  ”Forensic” means “suitable for use in a court of law,” and it is to that standard and potential outcome that our forensic accounting works.

Our financial forensic engagements are generally concerned with economic damage, whether suffered through tort or breach of contract.  This is, increasingly, an area of great concern.  Often advisors not only mislead, but, at times, surreptitiously compromise their clients through outright theft and conspiracy.

Our forensic engagements also review bankruptcy, insolvency, and reorganization.  And our review adds transparency and credibility to any business valuation.

Our forensic accountants specialize in professional negligence claims where they are assessing and commenting on the work of other professionals.  Our forensic accountants are also engaged in marital and family law of analyzing lifestyle for spousal support purposes, determining income available for child support, and equitable distribution.

The COTG forensic accountants specialize in forensic analytics which is the procurement and analysis of electronic data to reconstruct, detect, or otherwise support a claim of financial fraud. The main steps in forensic analytics are data collection, data preparation, data analysis, and reporting.  We are most noted for our computer forensics/e-discovery.

Well, our FedRAMP opportunities just keeps getting better, but before we can take all of this to market, the Williams Mullen’s legal vetting of our offering will be essential to us creating a product that will be in sync with the FAR’s requirements and, ultimately, marketable.  We plan on providing Williams Mullen with the full offering on February 1st, and the anticipated completion of the legal vetting is February 15th [at which time we will be good to go].

Note:  The Federal Acquisition Regulations System is established for the codification and publication of uniform policies and procedures for acquisition by all executive agencies.  The Federal Acquisition Regulation (FAR) is the principal set of rules in the Federal Acquisition Regulation System.  This system consists of sets of regulations issued by agencies of the Federal Government to govern what is called the acquisition process.  This is the process through which the government purchases [acquires] goods and services.  The single most heavily regulated aspect of acquisition is contract pricing.  The FAR System regulates the activities of government personnel in carrying out that process.  It does not regulate the purchasing activities of private sector firms, except to the extent that parts of it are incorporated into government solicitations and contracts by reference.

Here is a quick update of our remarkable FedRAMP opportunities as of this time:

1.  Powered by ARC-P™ is a combination of our ARC-P IaaS and our secure data center.  This is the big dog as far as I see it, but, believe me, I wouldn’t mind being left with any of the several other opportunities I am going to profile in this memo.  While this has been, up to recently, depicted and invested in as a service provider resource for Autonomic Resources, I believe that it is much more valuable as a simple stand-alone product.  I see our FedRAMP IaaS ATO as very similar to NYC’s taxi cab medallion program.

Note:  Medallion taxi cabs in NYC are named for the official medallion issued by the TLC and attached to a taxi’s hood.  The medallion may be purchased from the City at infrequent auctions, or from another medallion owner. Because of their high prices [often over $700,000] medallions [and most cabs] are owned by investment companies and are leased to drivers.  An auction was held in 2006 where 308 new medallions were sold. In October 2011, due to the longtime trend in the medallions’ supply and demand, auction prices first topped $1 million.

It is important to recognize that our FedRAMP ATO simply means that we can host the IaaS platform with our secure and authorized data center, but it does not mean that the attached SaaS will be authorized.  The software, in conjunction with our IaaS, must pass the FedRAMP scrutiny regardless of our IaaS ATO.  This is true for all applications regardless of the IaaS ATO it is built on.

Once again, the NYC taxi cab medallion analogy helps to illuminate this aspect of our offering.  While the medallion gives the holder the authority to operate a cab in NYC, it does not mean that it can be placed on any old car and have it be compliant as a cab based on the TLC’s criteria for cabs.  The cab itself must past through the eye of the needle as well.  I definitely see this as both a competitive advantage, and, as we will discuss later, another revenue resource.

Nevertheless, the mere fact that we are the only one who has so far received the FedRAMP’s ATO articulates, punctuates, and substantiates the difficulty in securing this vital link in the chain to our potential customers.  While they may not completely understand it, there’s no denying that everyone else has failed – and it isn’t like they haven’t been trying.  As an aside, I would certainly like to build the list of the 80 or so tech companies that have tried and failed to be one of the 12 awardees.

So, what is the Gold Medallion IaaS ATO?  Well, it is nothing more than an authorized access point.  An access point that the Federal Government is urging us to provide an indiscriminate number of.

The Bronze IaaS Medallion. Cost: $250k. The Bronze level of access provides the medallion holder with the opportunity to test the worthiness of our IaaS open source platform. In the event they feel that this IaaS solution will work for them, they can upgrade to the full resource level medallions, the first of which is the Silver level.

The Silver IaaS Medallion. Cost: $500k. The Silver level of access provides the medallion holder with the opportunity to use our IaaS ATO for a specific software application. While the use of this application is limitless, it is specific to only that application.

The Gold IaaS Medallion. Cost: $1M. The Gold level of access provides the medallion holder with the opportunity to use our IaaS ATO for any suitable software application in any industry. The use of this ATO is limitless unless restricted by a previous Platinum level restriction.

The Platinum IaaS Medallion. Cost: $2-10M. The Platinum level of access provides the medallion holder with the opportunity to use our IaaS ATO for any suitable software application in a specific industry or resource category. The use of this Platinum level ATO is not only limitless in this specific industry or resource category, but it is also exclusive. This means that a Platinum level user would secure the only ATO from us in that specific industry going forward. We would not issue a medallion of any kind to anyone else for use in that market space. Of course, any previous Gold level medallion holder would not be affected by this exclusive arrangement.

2.  c1 Secure 3PAO.  Third Party Assessment Organizations [3PAO] perform initial and periodic assessment of Cloud Service Provider [CSP] systems per FedRAMP requirements, provide evidence of compliance, and play an on-going role in ensuring CSPs meet requirements.  Once engaged with a CSP, 3PAOs develop Security Assessment Plans, perform testing of cloud security controls, and develop Security Assessment Reports.  FedRAMP provisional authorizations must include an assessment by an accredited 3PAO to ensure a consistent assessment process.

To become a FedRAMP Independent Third Party Assessment Organization [3PAO], organizations must undergo a rigorous conformity assessment process before being accredited by FedRAMP.  This conformity assessment process qualifies 3PAOs according to the following requirements:

• Independence and quality management in accordance with ISO/IEC 17020: 1998 standards.
• Information assurance competence that includes experience with FISMA and testing security controls.
• Competence in the security assessment of cloud-based information systems.

We have met all of the GSA and FISMA standards as a accredited 3PAO.  c1 Secure actually did the 3PAO work for our original ATO granted by the GSA, however, since they required a greater degree of separation, we recently used Veris Group as our FedRAMP accredited 3PAO.  We are now working on our own FedRAMP 3PAO accreditation.

The Federal Information Security Management Act (FISMA) is United States legislation that defines a comprehensive framework to protect government information, operations, and assets against natural or man-made threats. FISMA was established to promote the development of key security standards and guidelines to support the implementation of and compliance with the Federal Information Security Management Act including:

• Standards for categorizing information and information systems by mission impact.
• Standards for minimum security requirements for information and information systems.
• Guidance for selecting appropriate security controls for information systems.
• Guidance for assessing security controls in information systems and determining security control effectiveness.
• Guidance for the security authorization of information systems.
• Guidance for monitoring the security controls and the security authorization of information systems.

As you can see, there are several Federal agencies that have their fingers in the soup when it comes to securing an authority to operate. As we navigate through the process, we are becoming accredited and certified in each aspect of the creation, security, governance, monitoring, and fulfillment agenda of the Federal government – and each presents a new business opportunity for Autonomic Resources, Consilium, and several of our teaming partners. Our ability to become a FedRAMP accredited 3PAO is an opportunity to create a new business that will be available for all Federal Cloud Service Providers [CSP].

3.  c1 Secure Process Navigation for FedRAMP ATO.  Along with the opportunity to be the FedRAMP accredited 3PAO, we also have the opportunity to be the consultant to prospective Cloud Service Providers who want to participate in the Federal space.  Consilium has successfully navigated Autonomic Resources through the accreditation process, and, to date, we are the only consultant to successfully navigate the Federal rapids.

Sir Edmund Hillary was a New Zealand mountaineer.  On May 29, 1953 aged 33, he and Sherpa mountaineer Tenzing Norgay became the first climbers to reach the summit of Mount Everest.  Think of this Consilium offering as the sherpas of Mount FedRAMP.  Without us, you simply won’t get to the top of the mountain.

4.  The FedRAMP CMaaS ATO.  Once you have the FedRAMP IaaS ATO, you then have to get your application software to work with the IaaS platform, and then you must secure the FedRAMP ATO for the actual SaaS.  Now, you would think you are all done, but you are not.  You will still need the FedRAMP ATO for your constant monitoring component [CMaaS].  And guess who is getting that ATO?  That’s right – Autonomic Resources.

5.  Consilium System Integration and Replatforming for FedRamp Compliance.  But let’s not get ahead of ourselves, you still have to make your application software work with our IaaS, and who can help you re-platform your software application to make it work with ARC-P?  Right again, Consilium can.

6.  Consilium Identity Management.  Another opportunity that comes our way via the GSA’s requirements is Identity Management.  The GSA helps government meet the variety of policy requirements and addresses the need for comprehensive Identity, Credential, and Access Management [ICAM] products, services, and consulting.  As the lead agency for providing ICAM solutions, the GSA strives to eliminate cost redundancies by offering inter-operable and compliant products and services.  Consilium Identity Management will offer Cloud Service Providers [CSP] the appropriate and accredited products, services, and consultation for ICAM compliance.

7.  Consilium ongoing support.  And, last but not least, once you have your software working and the whole bundle from application software to data center processing is working and accredited with the several ATO’s necessary for compliance, who is going to be able to provide the ongoing support [along with the CMaaS]?  That’s right again, Consilium.

I would like to present our incredible Federal Government IaaS opportunity.  

Cloud technologies are transforming the way computing power is bought, sold, and delivered.  Rather than purchasing licenses or hardware, users may now obtain computing power as a service, buying only as much as they need, and only when they need it.  This new business model promises vast efficiency and cost advantages.  

The tremendous impact of cloud computing on business has not been lost on Congress.  The enormous potential of cloud computing has prompted the United States Federal Government to look to the cloud as a means to reorganize its IT infrastructure and to decrease its IT budgets.  

In December 2010, the Office of Management and Budget (OMB) issued a Cloud First Strategy for Federal Government computing needs.  Under this policy, government agencies will use cloud computing to boost computer operations rather than building expensive data centers.  This Federally mandated strategy requires that each agency chief information officer (CIO) fully migrate three services to a cloud solution by June 2012, and implement cloud-based solutions whenever a secure, reliable, and cost-effective cloud option exists.

Autonomic Resources Cloud Platform [ARC-P] has used our expertise in the commercial space to satisfy the unique ‘cloud’ demands of the Federal Government, allowing us to deliver the most reliable lightweight application architecture for all government agencies based on our proprietary open infrastructure.

Powered by ARC-P™   ARC-P acts as our IaaS [Infrastructure as a Service] offering, and it effectively supplies our government clients with raw computing power, storage, and networking infrastructure as a service [IaaS].  ARC-P provides a fully patched and compliant [agency dependent] hosting environment to run software.

ARC-P also provides value by supplying simplified computing power, storage, and supporting infrastructure that can be acquired and utilized on-demand.  Our government clients can now achieve rapid data center capabilities without the need to be provisioned, coordinated with contractor IT organizations, or purchased and owned by the government.

And here’s the big news: ARC-P is currently the sole access point to the cloud for the entire US Government and all of its various agencies and operations.  It is an unprecedented [and, admittedly, short-lived] monopoly.  It has been well-earned through the remarkable vision and tireless work of John Keese and his Autonomic Resources team, which makes it all the more meaningful and valuable.  Remarkably, if you want to work in the cloud with the Federal Government today, there is only one access point, and it is Powered by ARC-P™.  That’s it.  One.  Just one access point in the whole world.  What’s the potential of that?  

In order to make the cloud work in the Federal space for a vendor or agency, three things have to happen: first, you have to have the FedRamp IaaS Authority To Operate [ATO]; second, you have to operate in a secure and authorized data center; and, third, you have to make your enterprise or software actually work with the certified IaaS.  Currently, Powered by ARC-P™ is the only solution available to the Federal Government with a FedRAMP ATO on all three critical components.  While, as a service provider, we can profit from all three components, the real value resides in providing the FedRAMP IaaS ATO to every service provider and data center that wants access to the Federal Government treasure trove of business.

The most remarkable aspect of this opportunity is that the GSA wants as many providers of cloud service made available to the Federal government as possible.  They don’t want just one email supplier, they want dozens of alternatives.  They want a competitive landscape.  Here’s what they state as their number one program goal on their website: http://www.gsa.gov/portal/category/102375  “Program Goals.  Accelerate the adoption of secure cloud solutions through re-use of assessments and authorizations.”

And since the GSA is limiting it to merely 12 access points, it is up to these anointed dozen to go out and secure as many providers of services as possible for the Federal government.  Yes, the fact of the matter is that they actually want us to go out and provide as many of these IaaS access points as possible.  We have a limitless supply, and, not only is it a limitless supply, each individual access point comes replete with a limitless capacity.  I’m still in awe of this opportunity.

Let’s say, for example, that there is a company that want access to the Federal Government with a FedRAMP IaaS ATO.  They can go after it themselves and maybe spend $5-10M and 6-18 months trying to secure it [and all of them have actually failed to secure an ATO up to this point], or they can come to us and spend $1M and 15 minutes to secure full access.  That’s right, $1M per access point Powered by ARC-P™.  That’s an incredible savings, not to mention the incredible speed to benefit.  And it doesn’t stop there.  We can have industry specific access points.  We can have industry exclusive access points.  We can have non-exclusive access points.  But it gets better.  Everyone who has an access point is now going to need an authorized data center as well as a service provider who can get them operational and supported.

Now, before I lose my breath, I have to mention that we are also close to getting an ATO for our CMaaS.  Yes, FedRamp is requiring a continuous monitoring component for all of this.  It just keeps getting better.  

Some companies will buy the  access point just to say they have it.  Yahoo will say, “Yes, we have the FedRamp Authority to Operate.”  How much will that add to their stock value on the street even if they never use it?  Our potential customer list is almost as limitless as the opportunity.  No one currently has the ATO: Microsoft, Google, Amazon, Yahoo, Apple, Apple, IBM, Oracle, Dell, SAS, SalesForce, Facebook, HP, etc. – and they all want it.

We will be providing our proprietary FedRAMP authorized IaaS access points for up to $1M each.  We will require an army of agents to provide the GSA with the type of coverage they envision.  There will be significant incentives to provide this Powered by ARC-P™ access, and there will be significant earnings on the ensuing services we provide.  Each Powered by ARC-P™ engagement can earn the agent $250k.  We need to get busy with this immediately.  While the potential is limitless, it is still only potential until we realize it.

I am hoping you will be able to help me bring this Powered by ARC-P™ vision to fruition.  If you are interested in providing these access points to various service providers and secure data centers that want to do business with the Federal Government in the cloud, contact Joe Kreuz at 716.445.2210.

Below is more information on FedRAMP, our authority to operate, and cloud computing.  Please feel free to comment on this blog or email me directly at tonywalker13@yahoo.com.  Thanks.

http://www.gsa.gov/portal/category/102371

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

The FedRAMP Joint Authorization Board has granted its first provisional authorization to Autonomic Resources, who used Veris Group as their FedRAMP accredited 3PAO.

http://www.gsa.gov/portal/category/102375

Program Goals
Accelerate the adoption of secure cloud solutions through reuse of assessments and authorizations.
Increase confidence in security of cloud solutions.
Achieve consistent security authorizations using a baseline set of agreed upon standards to be used for Cloud product approval in or outside of FedRAMP.
Ensure consistent application of existing security practices.
Increase confidence in security assessments.
Increase automation and near real-time data for continuous monitoring.

Program Benefits
Increases reuse of existing security assessments across agencies.
Saves significant cost, time and resources – “do once, use many times.”
Improves real-time security visibility.
Provides a uniform approach to risk-based management.
Enhances transparency between government and cloud service providers (CSPs).
Improves the trustworthiness, reliability, consistency, and quality of the Federal security authorization process.

http://finance.yahoo.com/news/autonomic-resources-arc-p-cloud-173500926.html

Autonomic Resources ARC-P Cloud Receives FedRAMP’s First Issued Authority to Operate
Autonomic Takes the Lead in Government Cloud Adoption

December 27, 2012

CARY, N.C., Dec. 27, 2012 (GLOBE NEWSWIRE) — Autonomic Resources, a Government Cloud Service Provider (CSP), has received a Federal Risk Authorization and Management Program (FedRAMP) provisional Authority to Operate (ATO) from the FedRAMP Joint Authorization Board (JAB) for their ARC-P cloud solution.

The FedRAMP program supports the U.S. government’s objective to enable U.S. federal agencies to use managed service providers that enable cloud computing capabilities. The program is designed to comply with the Federal Information Security Management Act of 2002 (FISMA). FedRAMP is governed by a Joint Authorization Board (JAB) that consists of representatives from the Department of Homeland Security (DHS), the General Services Administration (GSA), and the Department of Defense (DoD). The FedRAMP program is endorsed by the U.S. government’s CIO Council including the Information Security and Identity Management Committee (ISIMC).

FedRAMP provides a streamlined avenue for U.S. federal agencies to make use of cloud service provider platforms and offerings. The FedRAMP program provides an avenue for CSPs to obtain a Provisional Authorization after undergoing a third-party independent security assessment that has been reviewed by the JAB. By assessing security controls on candidate platforms, and providing Provisional Authorizations on platforms that have acceptable risk, FedRAMP enables federal agencies to leverage the security assessment process for the FedRAMP baseline of security controls.

Autonomic Resources now holds a FedRAMP provisional Authority to Operate, a demonstration that Autonomic meets the mandatory security requirements for cloud services housing Federal information. US Government Agencies are rapidly moving towards cloud adoption as the preferred method of compute and FedRAMP certification is critical in positioning agencies to meet Cloud First/Future First and Office of Management and Budget (OMB) mandates. “Autonomic stands ready to assist US Government agencies to meet both their security and budgetary objectives. The timeliness of our FedRAMP certification will assist federal and state government address serious needs to implement more cost effective, elastic compute platforms, and reduce their Information Technology spending. We are fully aware of the fiscal challenges our customers face and are uniquely positioned to be key to the solution going forward,” noted Autonomic Resources’ Founder and President John Keese. “Our team’s strict adherence to the FedRAMP requirements, coupled with our GSA ATO experience, enabled us to complete what much larger CSP’s have yet to accomplish. Further, Autonomic has already begun the application and security process to extend our ARC-P EaaS, PaaS and SaaS offerings.”

The Autonomic Resources Cloud-Platform (ARC-P) provides U.S. Government customers with a government community Infrastructure as a Service (IaaS) cloud offering providing both managed and unmanaged virtual machines. Autonomic does not service any non U.S. Government entities with cloud services and only utilizes highly cleared US citizens for cloud operations.

Autonomic is one of only a few vendors to have met the technical requirements necessary to be awarded two GSA contracts for cloud computing; Infrastructure as a Service (IaaS) and Email as a service (EaaS). Both BPA’s demonstrate that Autonomic has met pre-qualified technical and pricing requirements, making the procurement process fast, flexible, and cost-effective for US government agencies. Further, the Autonomic EaaS is already in FEDRAMP processing, which will ensure their ability to rapidly enable their email platform offerings for government use.

About Autonomic Resources
Autonomic Resources (www.autonomicresources.com) is a service integration firm and cloud provider serving the U.S. federal government. Core capabilities include the implementation of strategic technologies including data center automation, cloud computing, open source adoption, information assurance and compliance, advanced network infrastructure, and software development services.

At the Advantage Co, our G8 partnerships have led the way to maximizing our potential in internet technology, especially when it comes to cloud computing.  If you are not up to speed about cloud computing, you will be missing out on the next technology revolution.  Every aspect of our business will be impacted by cloud computing.  The potential is limitless.

I have posted this short tutorial as a starting point for your introduction into this emerging technology.  Please learn as much as you can.  It will prove invaluable to you as we build our business.

CloudComputing

Cloud computing comes into focus when you think about what IT always needs: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software.  The Cloud computing business model generally encompasses any subscription-based or pay-per-use service that, in real time over the Internet, extends IT’s existing capabilities.

Cloud computing is basically the delivery of computing as a service rather than a product.  Shared software and information are provided to computers and other devices as a metered service over the Internet.  A parallel to this concept can be drawn with the electricity grid, wherein end-users consume power without needing to understand the infrastructure required to provide the service.

Costs are generally reduced in a cloud delivery model, whereas capital expenditure is converted to operational expenditure.  This also lowers barriers to entry, as infrastructure is typically provided by a third-party and does not need to be purchased for one-time or infrequent intensive computing tasks.  Pricing on a utility computing basis is usage-based and fewer IT skills are required for implementation (in-house).

What is cloud computing?
http://en.wikipedia.org/wiki/Cloud_computing
http://computer.howstuffworks.com/home-networking-quiz.htm

There’s a good chance you already use some form of cloud computing.  If you have an e-mail account with a Web-based e-mail service like Yahoo! or Gmail, then you’ve had some experience with cloud computing.  Instead of running an e-mail program on your computer, you log in to a Web e-mail account remotely.  The software and storage for your account doesn’t exist on your computer — it’s on the service’s computer cloud.

Let’s say you’re an IT Director at a large company.  Your responsibilities include making sure that all of your employees have the right hardware and software they need to do their jobs.  Buying computers for everyone isn’t enough — you also have to purchase software or software licenses to give employees the tools they require.  Whenever you have a new hire, you have to buy more software or make sure your current software license allows another user.  You find it difficult to manage it all effectively and economically.  There is an alternative: cloud computing.

Instead of installing a suite of software for each computer, you’d only have to load one application.  That application would allow workers to log into a Web-based service which hosts all the programs the user would need for their job.  Remote machines [usually owned by a service provider] would run everything from e-mail to word processing to complex data analysis programs for you.  This is cloud computing, and it has changed the entire computer industry.

In a cloud computing system, there’s a significant workload shift.  Local computers no longer have to do all the heavy lifting when it comes to running applications.  The network of computers that make up the cloud handles them instead.   Hardware and software demands on the user’s side decrease.  Maintenance of cloud computing applications is easier, because they do not need to be installed on each user’s computer.  The only thing the user’s computer needs to be able to run is the cloud computing system’s interface software [like Google Docs], which can be as simple as a Web browser, and the cloud’s network takes care of the rest.

The applications of cloud computing are practically limitless.  With the right middleware, a cloud computing system can execute all the programs a normal computer can run.  Everything from generic word processing software to customized computer programs designed for a specific company can work on a cloud computing system.

Clients are able to access their applications and data from anywhere at any time.  They can access the cloud computing system using any computer linked to the Internet.  Data isn’t confined to a hard drive on one user’s computer or even a corporation’s internal network.

Cloud Computing Architecture

What makes up a cloud computing system?   Although cloud computing is an emerging field of computer science, the idea has been around for years.  It’s called cloud computing because the data and applications exist on a “cloud” of Web servers.  When talking about a cloud computing system, it’s helpful to divide it into two sections: the front end and the back end.  They connect to each other through a network, usually the Internet.  The front end is the side the computer user, or client, sees.  The back end is the “cloud” section of the system.

The front end includes the client’s computer (or computer network) and the application required to access the cloud computing system.  Not all cloud computing systems have the same user interface.  Services like Web-based e-mail programs leverage existing Web browsers like Internet Explorer or Firefox.  Other systems have unique applications that provide network access to clients.

You’ve Been Virtually Served

Most of the time, servers don’t run at full capacity.  That means there’s unused processing power going to waste.  It’s possible to fool a physical server into thinking it’s actually multiple servers, each running with its own independent operating system.  The technique is called server virtualization.  By maximizing the output of individual servers, server virtualization reduces the need for more physical machines.

On the back end of the system are the various computers, servers, and data storage systems that create the “cloud” of computing services.  In theory, a cloud computing system could include practically any computer program you can imagine, from data processing to video games.  Usually, each application will have its own dedicated server.

A central server administers the system, monitoring traffic and client demands to ensure everything runs smoothly.  It follows a set of rules called protocols and uses a special kind of software called middleware.  Middleware allows networked computers to communicate with each other.  It is the software layer that lies between the operating system and applications on each side of a distributed computing system in a network.

Middleware is software that provides a link between separate software applications.  Middleware is sometimes called plumbing because it connects two applications and passes data between them.  Middleware allows data contained in one database to be accessed through another.   This definition would also fit enterprise application integration and data integration software.

Middleware is a relatively new addition to the computing landscape.  It gained popularity in the 1980s as a solution to the problem of how to link newer applications to older legacy systems, although the term had been in use since 1968.  It also facilitated distributed processing, the connection of multiple applications to create a larger application, usually over a network.

Middleware Organizations:  IBM, Red Hat, Oracle Corporation and Microsoft are major vendors providing middleware software.  Vendors such as Axway, SAP, TIBCO, Informatica, Pervasive and webMethods were specifically founded to provide Web-oriented middleware tools.  Groups such as the Apache Software Foundation, OpenSAF and the ObjectWeb Consortium (now OW2) encourage the development of open source middleware.  Microsoft .NET “Framework” architecture is essentially “Middleware” with typical middleware functions distributed between the various products, with most inter-computer interaction by industry standards, open APIs or RAND software licence.  Solace Systems provides middleware in purpose-built hardware for implementations that may experience scale.

Grids, Clouds, and Utilities.

Cloud computing is closely related to grid computing and utility computing.  In a grid computing system, networked computers are able to access and use the resources of every other computer on the network.  In cloud computing systems, that usually only applies to the back end.  Utility computing is a business model where one company pays another company for access to computer applications or data storage.

After the dot-com bubble, Amazon played a key role in the development of cloud computing by modernising their data centers, which, like most computer networks, were using as little as 10% of their capacity at any one time, just to leave room for occasional spikes. Having found that the new cloud architecture resulted in significant internal efficiency improvements whereby small, fast-moving “two-pizza teams” could add new features faster and more easily, Amazon initiated a new product development effort to provide cloud computing to external customers, and launched Amazon Web Service (AWS) on a utility computing basis in 2006.

If a cloud computing company has a lot of clients, there’s likely to be a high demand for a lot of storage space.  Some companies require hundreds of digital storage devices.  A cloud computing system must make a copy of all its clients’ information and store it on other devices.  The copies enable the central server to access backup machines to retrieve data that otherwise would be unreachable.  Making copies of data as a backup is called redundancy.

Why would anyone want to rely on another computer system to run programs and store data?

1. Clients are able to access their applications and data from anywhere at any time.  They can access the cloud computing system using any computer linked to the Internet.  Data isn’t be confined to a hard drive on one user’s computer or even a corporation’s internal network.  
2. It  brings hardware costs down.  Cloud computing systems reduce the need for advanced hardware on the client side.  You don’t need to buy the fastest computer with the most memory, because the cloud system takes care of those needs for you.  Instead, you can buy an inexpensive computer terminal.  The terminal could include a monitor, input devices like a keyboard and mouse, and just enough processing power to run the middleware necessary to connect to the cloud system.  You don’t need a large hard drive because you store all your information on a remote computer.
3. Corporations that rely on computers have to make sure they have the right software in place to achieve goals.   Cloud computing systems give these organizations company-wide access to computer applications.  The companies don’t have to buy a set of software or software licenses for every employee.  Instead, the company could pay a metered fee to a cloud computing company.
4. Servers and digital storage devices take up space.  Some companies rent physical space to store servers and databases because they don’t have it available on site.  Cloud computing gives these companies the option of storing data on someone else’s hardware, removing the need for physical space on the front end.
5. Corporations would save money on IT support.  Streamlined hardware would, in theory, have fewer problems than a network of heterogeneous machines and operating systems.
6. If the cloud computing system’s back end is a grid computing system, then the client could take advantage of the entire network’s processing power.  Often, scientists and researchers work with calculations so complex that it would take years for individual computers to complete them.  On a grid computing system, the client could send the calculation to the cloud for processing.  The cloud system would tap into the processing power of all available computers on the back end, significantly speeding up the calculation.

Once an internet protocol connection is established among several computers, it is possible to share services within any one of the following layers:

Client
A cloud client consists of computer hardware and/or computer software that relies on cloud computing for application delivery and that is in essence useless without it.  Examples include some computers (example: Chromebooks), phones (example: Google Nexus series) and other devices, operating systems (example: Google Chrome OS), and browsers.

Application
Cloud application services or “Software as a Service (SaaS)” deliver software as a service over the Internet, eliminating the need to install and run the application on the customer’s own computers and simplifying maintenance and support.  A cloud application is software provided as a service.  It consists of the following: a package of interrelated tasks, the definition of these tasks, and the configuration files, which contain dynamic information about tasks at run-time. Cloud tasks provide compute, storage, communication and management capabilities. Tasks can be cloned into multiple virtual machines, and are accessible through application programmable interfaces (API).  Cloud applications are a kind of utility computing that can scale out and in to match the workload demand.  Cloud applications have a pricing model that is based on different compute and storage usage, and tenancy metrics.

What makes a cloud application different from other applications is its elasticity.  Cloud applications have the ability to scale out and in.  This can be achieved by cloning tasks into multiple virtual machines at run-time to meet the changing work demand.  Configuration Data is where dynamic aspects of cloud application are determined at run-time.  There is no need to stop the running application or redeploy it in order to modify or change the information in this file.

Platform
Cloud platform services, also known as platform as a service (PaaS), deliver a computing platform and/or solution stack as a service, often consuming cloud infrastructure and sustaining cloud applications.  It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers.  Cloud computing is becoming a major change in our industry, and one of the most important parts of this change is the shift of cloud platforms.  Platforms let developers write certain applications that can run in the cloud, or even use services provided by the cloud.  There are different names being used for platforms which can include the on-demand platform, or Cloud 9.  Regardless of the nomenclature, they all have great potential in developing, and when development teams create applications for the cloud, each must build its own cloud platform.

Infrastructure
Cloud infrastructure services, also known as “infrastructure as a service” (IaaS), deliver computer infrastructure – typically a platform virtualization environment – as a service, along with raw (block) storage and networking.  Rather than purchasing servers, software, data-center space or network equipment, clients instead buy those resources as a fully outsourced service.  Suppliers typically bill such services on a utility computing basis; the amount of resources consumed (and therefore the cost) will typically reflect the level of activity.

Server
The servers layer consists of computer hardware and/or computer software products that are specifically designed for the delivery of cloud services, including multi-core processors, cloud-specific operating systems and combined offerings.