Category Archives: Security

Intel Security Outlines Strategy For Protecting New Digital Economy

Intel Security Outlines Strategy For Protecting New Digital Economy

Intel Security Enhances Unified Defense Architecture to Safeguard Against Threats to Trust, Time and Money

News Highlights:

  • Intel Security to strengthen threat defense lifecycle through integration, automation and orchestration.
  • Unified architecture is enabled by four key integrated systems: Dynamic Endpoint, Pervasive Data Protection, Data Center and Cloud Defense, and Intelligent Security Operations.
  • Across unified architecture, Intel Security announces 10 new products that feature organically developed capabilities including machine learning-based malware classification and cloud-based advanced threat detection service as well as cloud access security broker (CASB).
  • New Open McAfee Data Exchange Layer (DXL) marks the next phase of Intel Security’s renewed commitment to help the industry accelerate the threat defense lifecycle.

FOCUS 16, Las Vegas, Nov. 2, 2016 – Today Intel Security announced an enhanced unified defense architecture designed to empower organizations to more effectively protect today’s new digital economy of trust, time and money. No longer is our economy a physical one, but one of connected networks and systems where cybercriminals have put us on the defensive. This new second economy, has put us in a world where more than money is at stake and where private and public sectors are fighting against time and working to justify trust.

Cybercriminals are forcing cybersecurity companies to redraft the rules of engagement for defending the civilized world; to effectively counteract them, we have to abandon old security playbooks to become more unpredictable and collaborative and make cyber defense a priority,” said Chris Young, senior vice president and general manager of Intel Security Group. “Our strategic charter is simple, yet disruptive: integrate, automate and orchestrate the threat defense lifecycle to drive better security outcomes – ultimately reducing more risk, faster and with fewer resources.”

Built upon the industry’s largest open ecosystem leveraging a proven integration program, Intel Security’s unified defense architecture is enabled by four protection systems – Dynamic Endpoint, Pervasive Data Protection, Data Center and Cloud Defense, and Intelligent Security Operations – that are intelligently integrated to multiply effectiveness.

Dynamic Endpoint – Isolated solutions can be effective against individual assaults, but there are too many examples where isolated solutions can’t keep up with the wide range of sophisticated, emerging threats. Tactical security firefighting needs to be replaced with integrated, dynamic security defenses designed to outsmart attackers. Intel Security’s Dynamic Endpoint solution uses advanced protection, shared intelligence and unified workflows on a single management console to unify endpoint protection, detection and correction to guard against today’s most pervasive threats. This solution, delivered in McAfee® Endpoint Security 10.5 and McAfee® Active Response 2.0 software, includes capabilities like:

  • Patient Zero Protection – Dynamic Application Containment improves protection against patient zero and ransomware threats and isolates the rest of the network from infection by monitoring and intercepting post-malicious process actions based on file reputation.
  • Advanced, Persistent Threat Protection with Containment and Machine Learning – Intel Security is the first and only vendor to offer machine learning based malware classification using both static pre-execution analysis and dynamic post-execution analysis from the cloud that is designed to help detect zero-day malware in near real time, tracing behavior when deemed suspicious and remediating without relying on traditional signatures.
  • Enhanced Protection with Integrated Web and Endpoint Protection – Only Intel Security seamlessly integrates a connection between its endpoint client and web gateway technology to enable quick-to-deploy, pervasive protection both on and off the corporate network that is designed to prevent zero-day malware from reaching the endpoint.
  • Real-Time Advanced Threats Protection – McAfee Active Response 2.0 software uses the cloud to accelerate investigations by dynamically tracing process behavior and allowing administrators to access threat context in real time during an investigation. Quickly hunt and respond using single click correction and then automate responses to address future attacks.

Pervasive Data Protection – The rise of software as a service (SaaS) applications and a highly mobile workforce has created the need to securely enable cloud-driven business. Organizations are looking for a unified solution that extends security outside the traditional perimeter covering on and off-network users and cloud services. Intel Security’s approach to pervasive data protection is to unify SaaS security across web protection, cloud access security broker, data loss prevention and encryption to provide the industry’s broadest solution across endpoints, networks and cloud-based services all centrally managed. With a foundation in unified management, along with common rulesets, policies and encryption, Intel Security will help organizations maximize business efficiency and employee productivity. Organizations are empowered to make sensitive data readily available to the people who need it, while minimizing the risk of data leakage and misuse by unauthorized personnel. Components of the integrated solution include:

  • Increased Productivity with Centralized Data Protection – McAfee® DLP for Mobile Email 10.0 software introduces unified policies and incident management for both endpoint and network DLP. It also offers end-user empowerment tools such as end-user manual classification, and end- user initiated DLP scanning and self-remediation. Not only do these capabilities help strengthen the corporate security culture, it also alleviates administrative burden.
  • Ubiquitous Web Security – McAfee Web Gateway Cloud Service is designed to enable security teams to gain the same benefits of advanced threat protection as on-premises web gateway appliances but without the cost of hardware or the resources used to maintain it. With 3x the data centers of our previous web SaaS solution, better performance and improved uptime our new cloud service has never been more ready for the enterprise.
  • Cloud Application Governance – McAfee Cloud Data Protection, available as a beta, features cloud access security broker (CASB)) technology, to provide an integrated view of risky endpoint and cloud events, including the ability to perform a real-time endpoint health check, ensuring only trusted devices are able to access sensitive information.

Data Center and Cloud Defense – Organizations are increasingly adopting cloud computing, which introduces unique security requirements that many legacy security solutions cannot address. Consequently, many struggle with weak and inconsistent cloud security controls, slow resolution of security issues and inefficient compute and staffing resource utilization. Intel Security cloud security products are designed to protect data centers with industry-leading security that detects advanced targeted attacks and manages security efficiently across physical, virtual and cloud infrastructures. Intel Security’s Data Center and Cloud Defense solution combines server security, network security and threat intelligence sharing to enable a single view of security across data center environments. This solution, delivered through McAfee® Server Security Suite 4.5 and McAfee Virtual Network Security Platform (vNSP) 8.3, includes capabilities like:

  • Cloud Security Visibility – Cloud workload discovery provides deep visibility across public and private clouds for virtual machines, associated workloads, networks and storage, enabling organizations to establish a strong and consistent security posture.
  • Threat Intelligence Sharing and Unification – Unification of perimeter and virtual machine protection thwarts advanced targeted attacks while ensuring efficient resource utilization within highly virtualized server environments to allow organizations to detect more threats, faster and with fewer resources. Once a threat has been detected, this knowledge is shared across the data center and corrective actions can be taken.
  • Integration and Orchestration – Tight integration across McAfee Management for Optimized Virtual Environments Anti-Virus (MOVE AV), McAfee Virtual Network Security Platform (vNSP), McAfee® Advanced Threat Defense, and McAfee Threat Intelligence Exchange along with virtualization platforms like VMWare NSX and OpenStack enable orchestration of security efficiently and more easily.

Intelligent Security Operations – Organizations looking for rapid response and remediation need a closed loop threat defense lifecycle framework that makes it easy to integrate, monitor and orchestrate security solutions. New Intel Security capabilities integrate with the above solutions and Security Innovation Alliance partners to enhance and unify visibility, investigation workflows and reporting.

  • Flexible Advanced Malware Detection – Expanded options include a new cloud-based machine learning-driven malware analysis service, McAfee Cloud Threat Detection, as well as a virtual McAfee Advanced Threat Defense appliance that makes the most of an improved user experience, more Windows OS coverage, and a significant throughput rate increase.
  • Improved Visibility and Investigation – McAfee Enterprise Security Manager introduces a new HTML 5-based interface with an intuitive, analyst-centric user experience and simpler, faster search results to expedite threat management and incident response.
  • Expanded Strategy and Incident Response Services – New consulting, deployment, assessment and incident response services enable long-term maturation of an organization’s approach to risk and threat management and improve ROI. Retainer and on-demand based managed security and emergency response augment in-house expertise.

OpenDXL Initiative

The industry has long needed a way to make different technologies work better together, and we paved the way with the most highly adopted technology across major players with the McAfee Data Exchange Layer (DXL). To accelerate that, today Intel Security announced its intent to open the McAfee Data Exchange Layer to the industry as a concrete means of disrupting the cyberattackers’ advantage. Through an open source strategy and the beta release of a new software development kit (SDK) for DXL, “white hats” (both organizations and technology providers) will gain the ability to attach to a shared real-time communication fabric and exchange security intelligence as well as orchestrate actions for the shortest possible execution of the threat defense lifecycle. DXL provides a standardized application framework to integrate technologies from different vendors with each other and with in-house developed applications. The OpenDXL initiative will expand access and capabilities of the DXL SDK and the management and community infrastructure that will support it, enabling developers within ISVs, enterprises, colleges and even competitors to gain the many real-time integration and operational benefits of the Data Exchange Layer.

For more information on all new products announced at FOCUS 2016, visit: http://www.mcafee.com/us/business-home.aspx.

About Intel Security

Intel Security, with its McAfee product line, is dedicated to making the digital world safer and more secure for everyone. Intel Security is a division of Intel. www.mcafee.com

The 2016 Cloud Computing Tipping Points

The 2016 Cloud Computing Tipping Points

Cloud Computing Tipping Points

In a piece of the latest cloud research by ServiceNow, 52% of enterprises surveyed affirm that cloud is the default choice for IT projects. The report confirms that the reality of cloud adoption is finally akin to the hype but points to a few game-changing effects for IT departments as the influence of DevOps extends across enterprises. Michael Hubbard, Vice President of Inspire Team, ServiceNow, explains to CloudTweaks, “Reality is catching up with the cloud hype and IT has the opportunity to put the ‘IT will be obsolete’ threat to rest. Seventy-two percent of enterprises that have made the cloud-first shift said this shift actually made IT more relevant to the business. IT definitely has their work cut out for them. Where IT needs to focus first is working with stakeholders to pinpoint how a cloud-first strategy will drive desired business outcomes. Next, they must realize all the very discrete and fine-grained services that can leverage the cloud paradigm… leaving the old binary ‘all or nothing’ strategy decisions behind them as they rapidly optimize each project and budget line decision in their portfolio to cloud-first.”

Three Significant Findings

Surveying 1,850 mid- to senior-level managers, this global study was split evenly among IT leaders, line-of-business management, and DevOps professionals, and three meaningful conclusions have come to light. Firstly, the reality of adoption finally measures up to the hype of cloud computing. Though just over half already choose cloud over on-premise data center computing, 77% of respondents will be shifting to the cloud over the next two years.

Secondly, ServiceNow suggests that DevOps has been the primary driver behind the move to cloud as a massive 94% of respondents reported involvement of some kind or other with the DevOps movement. An attitude originating in the agile development community, the aim of DevOps is driving fast development and hosting of new services and apps through the encouragement of regular collaboration between IT and developers. With 76% of those surveyed agreeing that the rise of DevOps is driving the move to cloud-first due to new pressures on how organizations deploy applications and bottlenecks detected when hosting apps on on-premise infrastructure it’s apparent that cloud allows for the speedy addition of new streams of revenue-driving apps which fuel business growth.

jobs-it

Finally, it’s evident that our new cloud-first world requires its own set of IT skills. With 89% of companies that have already shifted to a cloud-first model stating current IT staff lack the required skills for real success, and 88% suggesting cloud could replace formal IT departments at least in part, organizations are playing a game of catch-up regarding employee proficiencies and competencies. Notably, the cloud shift has not reduced the relevance of IT, but instead 72% of respondents believe the cloud shift raises IT’s significant to their businesses, and 68% consider IT to be wholly essential in the future.

The Consequences of the Cloud-First Shift to IT Departments

It’s possible that business developments with regards to cloud adoption will result in poorer IT visibility and cost predictions and respondents note two top priorities in the cloud shift. 64% point to the necessity for achieving 360-degree visibility and 63% to the projection of the cost of computing. IT should have an unrestricted view across an organization’s entire computing environment, cloud-based applications and services included, for the most efficient management of demand, utilization of both cloud- and on-premise resources, project execution, cost assessment, and regulatory compliance. Moreover, it’s likely that IT teams will notice more business application projects filtering up from below and while implementing greater tools to code will have to maintain control of their environments for adequate security and compliance. And, of course, as cloud growth leads to cloud sprawl, IT departments will have their hands full implementing and managing best practices and policies for cloud management as they negotiate with an ever increasing number of vendors over the expanding set of cloud tools and services available.

By Jennifer Klostermann

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Hyperconverged Infrastructure

In this article, we’ll explore three challenges that are associated with network deployment in a hyperconverged private cloud environment, and then we’ll consider several methods to overcome those challenges.

The Main Challenge: Bring Your Own (Physical) Network

Some of the main challenges of deploying a hyperconverged infrastructure software solution in a data center are the diverse physical configurations. The smart network layer may be the leading component that is tasked with the need to automatically learn the physical network layer’s topology and capabilities. Modern data center operations are expected to be automated and fast. There is no place for traditional, customized and cumbersome installation and integration processes. When deploying hyperconverged smart software on top of a data center infrastructure, running a fast and automated deployment is necessary.

data

In every organization, IT operations leaders have their own philosophy about how to deploy, integrate and manage network traffic. From our discussions with enterprise network experts, I’ve found that every leader has their own specific “network philosophy” that generally includes the following phrases:

“We believe in running internal and guest networks over the same physical network.”

“We believe in running the external communications over the 1G on-board configuration interface, while the rest of the traffic runs on 10G.”

“We like to keep things super simple and run everything on a single Interface.”   

  1. Deploying Logical Over Physical

Physical networks consist of groups of appliances that are connected using protocols. Logical networks are constructed out of different types of traffic and are completely agnostic to physical networks, but they still need to run on them.

For example, let’s assume that data center traffic can be segmented into three types: red, green and blue. Let’s also assume that according to the network admin’s philosophy, red is 1G, routed externally, and green and blue are both 10G, isolated and non-routable. It is important to ensure that each node is linked to each of the three different logical networks on certain physical interfaces. We can only connect the logical layer when the physical one is connected. This can be done by separating the types of traffic from the physical source (the node), then allocating each logical type of traffic to a physical network. In the end, each of the networks (red, green and blue) is connected to the related physical interface.

  1. Automatic and Scalable Deployment

In comparison to custom deployments that tend to involve cumbersome processes mainly completed by integrators, building a hyperconverged smart solution needs to deploy an environment with hundreds of nodes in a matter of minutes.  To achieve this, the deployment must be automatic, easy and bulletproof. Additionally, deployment techniques should not require user intervention per node (users should not have to manually configure the network, or analyze how each server is physically connected to the network). Smart hyperconverged solutions need to automatically discover and analyze an underlying network’s infrastructure.

Automatic network deployment also requires an ‘infection’ mode, where several high-availability network seeders infect all of the servers that connect with them, and in turn, immediately infect their networks. Once all of the nodes are infected, the hyperconverged solution has access to them and can retrieve and analyze information accordingly. After the seeder absorbs all of the network philosophy from the infecting servers, the current state of the physical network is analyzed. Once the scale goes beyond the capacity of normal broadcast domains, the cluster should cross over broadcast domains and start deploying over L3 and IP networks.

  1. Resilient Deployment

When deploying hundreds of nodes in a short period of time, the deployment process needs to adjust to faults and changes. Automatic deployment must assume that the nodes may fail during installation, but cluster deployment should still continue. In addition to making the system prone to errors, it is important to make relevant services highly available when dealing with deployment issues  to auto-detect and notify admins.

Returning to our example, let’s say that one of the servers is not connected to the red network, or that one of the servers has the red and green networks crossed. If not corrected in deployment, these errors must be passed to the admin for intervention without affecting the deployment of the rest of the cluster. It is important to note that this is an ongoing process. The system must be able to auto-tune itself according to physical changes and faults to maintain its reliability.

Final Note

To align with the data center leaders’ philosophy, a smart hyperconverged solution should enable the input of specific configuration preferences at the start of the process. Once the system goes into its “infection” mode, this specific philosophy can be embedded into the network.

By Ariel Maislos, CEO of Stratoscale

ariel-maislosAriel brings over twenty years of technology innovation and entrepreneurship to Stratoscale. 

In 2006 Ariel founded Pudding Media, an early pioneer in speech recognition technology, and Anobit, the leading provider of SSD technology acquired by Apple (AAPL) in 2012. At Apple, he served as a Senior Director in charge of Flash Storage, until he left the company to found Stratoscale. Ariel is a graduate of the prestigious IDF training program Talpiot, and holds a BSc from the Hebrew University of Jerusalem in Physics, Mathematics and Computer Science (Cum Laude) and an MBA from Tel Aviv University. 

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks

October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US.

The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about three hours of service outage. The attack was orchestrated using a botnet of connected devices including a large number of webcams sold by a single manufacturer, which simultaneously made tens of millions of DNS requests on Dyn’s servers. Given the impact and severity, Dyn was quick to release a statement that more fully explained the incident from their side.

DDoS attacks can be carried out in many ways and can either target individual properties, or services that support a multiple Internet properties. DNS services are common targets because they are essential to the operation of cloud-based services.

Cyber Attacks are Getting Increasingly Sophisticated

comic-dating-gameThere’s a growing trend of increasingly sophisticated DDoS attacks targeting governments, political organizations, financial institutions and businesses in general. Victims of high-profile breaches in recent years include Target, eBay, Home Depot, JPMorgan Chase, LinkedIn, FDIC and Ashley Madison, but these are only a few notable names.

Even as government and private organizations embrace cloud-based services, attacks such as the one on 10/21 should compel them to reevaluate “all in on the cloud” approaches to platforms, applications and data. While I am not advocating completely pulling back from the cloud and into on-premises systems, this is a situation that pleads for a diversified risk mitigation strategy.

Organizations need to have solutions in place that will not interrupt operations and kill productivity during situations like this. As we have always advocated, a hybrid solution can certainly mitigate risk and give organizations alternative ways to work in the event of attacks or outages.

The Polarity Problem

A major problem for many organizations is their polar philosophies around infrastructure, the thinking that everything has to be in one place or another – either in the cloud or on-premises. Here’s where hybrid approaches come into their own. What if your application ran on the public cloud, but failed over to an on-premises or private cloud instance in the event of a public-cloud outage? What if your content (data) could reside in the cloud, on-premises or in both places simultaneously, depending how business critical, voluminous or regulated it is?

Consider the Enterprise File Synchronization and Sharing (EFSS) solution space. Cloud-only providers like Box and Dropbox – that emerged as consumer services and subsequently moved into the business segment – arguably don’t account for the mission-critical use cases of governments and businesses, and their need for business continuity in the event of such outages.

Consider how your organization will be impacted if all its corporate information resided in the cloud, and a DDoS attack or other form of cyber attack (or even a natural calamity) brought the cloud infrastructure down for several hours. How will it affect employee productivity? What would the revenue impact be? How would your brand image be affected?

For most organizations, the impact of a cloud outage will be very significant. As such, exploring hybrid approaches becomes mission critical.

Hybrid is the Answer

MJM, a marketing and communications agency owned by WPP, initially used a cloud-only EFSS service for file sharing and collaboration but moved over to Egnyte a few years ago after realizing that what it really needed was a hybrid file sharing solution. Thankfully they did, as disaster struck in 2012 during Hurricane Sandy, devastated the Northeast Coastline in the United States. With no internet and power going in and out, the employees at MJM were still able to work through the disaster and not lose any time or money.

DDoS Attacks

When it comes to the enterprise, we have a steadfast philosophy that:

1) Enterprises need purpose-built solutions. From our inception, we’ve had a razor-sharp focus on serving the file sharing needs of organizations rather than consumers.

2) While we enthusiastically embraced the cloud, we’ve always been aware that our customers need safeguards. Our hybrid approach to file sharing allows customers to leverage the advantages of both cloud and on-premises infrastructures for agility, reliability and business continuity.

If your cloud provider suffers an outage, a hybrid solution can seamlessly failover to your on-premises infrastructure and ensure that users, business processes and workflows remain unaffected. What’s more, these solutions can seamlessly failover to your on-premises infrastructure and ensure that users, business processes and workflows remain unaffected.

It is best to assume that Internet outages are inevitable, and plan for continued access to essential files when your cloud infrastructure or Internet connectivity become unavailable. When the next outage occurs, will you be prepared?

kris lahiriBy Kris Lahiri, VP Operations and Chief Security Officer

Kris is a co-founder of Egnyte. He is responsible for Egnyte’s security and compliance, as well as the core infrastructure, including storage and data center operations. Prior to Egnyte, Kris spent many years in the design and deployment of large-scale infrastructures for Fortune 100 customers of Valdero and KPMG Consulting.

Kris has a B.Tech in Engineering from the Indian Institute of Technology, Banaras, and an MS from the University of Cincinnati.

Key Takeaways From Dyn’s DDoS Attack

Key Takeaways From Dyn’s DDoS Attack

DDoS Attack Takeaways 

If you tried to access some of the world’s most popular websites, such as Twitter, Spotify, CNN, Netflix and The New York Times last Friday, you may have run into some trouble. Millions in the U.S. and Europe lost access to much of the internet in the wake of a cyberattack.

Hackers targeted Dyn Inc., a major provider of Domain Name System services in a distributed denial of service (DDoS) attack. The hackers used a malware called Mirai to flood Dyn’s servers with fake traffic through a botnet of internet-enabled devices including DVRs, storage devices and cameras.

Researchers do not yet know the motive for the attack and are unsure of who the perpetrator is. However, they believe that users of  a hacking forum may be responsible, and not the foreign governments, WikiLeaks supporters and political activists who were originally suspected.

Looking back at Friday’s cyberattack, here are four key takeaways.

The ‘Internet of Things’ Presents New Challenges

spybot-IoT

Devices such as webcams, DVRs, video doorbells and refrigerators that can connect to the internet are known as the Internet of Things (IoT). These devices provide us with new opportunities and make our lives easier, but also present new, unexplored security risks.

After the recent attacks, Chinese company Hangzhou Xiongmai Technology, recalled 4.3 million internet-connected cameras, which hackers infiltrated.

Many IoT devices (especially the cheaper ones) are unsophisticated and susceptible to hacking. Many users also never change their passwords from the default settings on IoT devices. Buying devices that allow you to change the default password, and changing the default password when possible, may help to stop these kinds of attacks in the future.

DDoS Protection Is Becoming Centralized

When it comes to DDoS attacks, whoever has the most computing power wins. This makes smaller companies more vulnerable. Larger companies can usually fend off hacking attempts. The use of the botnet in the recent attacks presented a new challenge, however, that Dyn was not prepared for.

Since being bigger makes a company more effective at preventing DDoS attacks, and the attacks are getting larger and more difficult to manage, websites must increasingly seek refuge with large, powerful companies. This is causing a centralization of DDoS protection.

These powerful companies can protect against these hacks more effectively, but the centralization also creates a risk. As demonstrated in Friday’s attack, a single attack can now disable a greater portion of the internet.

Imposters Can and Will Take Credit for Cyber Attacks

hacker-cloud

It can be difficult to ascertain who exactly is responsible for cyberattacks, and this creates the opportunity for imposters to take the credit.

Researchers at Flashpoint believe they have linked the attacks to users of the site Hack Forums. Users of this site frequently hack just for attention or fun, but sometimes also charge money for hacking services.

At first, many believed that Russia or WikiLeaks supporters were behind the attacks. A group called “New World Hackers” took credit for the attack, saying that they did it in response to the Ecuadorian government’s removal of Julian Assange’s Internet connection. WikiLeaks seemed to accept this assertion as true in a tweet. Activist group “Anonymous” also apparently took credit in a tweet. However, researchers believe these claims are false.

It’s Time to Take Cyber Security Seriously

Companies, schools and other organizations provide safety training and conduct fire drills, tornado drills and active shooter drills. Many also have metal detectors and security guards.

But these organizations rarely provide cyber security training. However, as the recent attacks show, cyber security is important and increasingly at risk. IoT technology presents us with new risks and places the responsibility for security more heavily on the average consumer.

Individuals and companies should ensure they are educated about their cyber security risks in order to protect themselves and other internet users.

Friday’s large-scale DDoS attack represents the opening of a new chapter in cyber security. As technology changes, new challenges arise that must be met to keep the internet secure. Hacking and cyber security will likely become an increasingly important issue, so it is imperative that individuals and companies educate and protect themselves however they can.

By Kayla Matthews

Report: Cloud Management Platform A Necessity

Report: Cloud Management Platform A Necessity

Cloud Management Report

Research completed by 451 Research on behalf of Embotics suggests an increased use of third-party clouds and notes ‘Amazon + 1’ is turning out to be ‘the CIO’s organizing principle.’ Managing the now typically multi-cloud environments in a business efficiently is making cloud management platforms more and more necessary.

Key Findings

Surveying 166 US-based enterprise IT organizations with regard to use of cloud infrastructure as well as the automation and management of associated processes and technologies, 451 Research observed five significant conclusions:

  • Enterprise IT environments are rapidly transforming with the majority of respondents stating current or near future use of container and orchestration technologies. 63% of those surveyed have or plan to adopt automation technology.
  • Multi-cloud environments are the norm with 75% of surveyed organizations currently using more than one cloud.
  • IT is being forced to rethink cloud management; though most of those surveyed have a cloud management platform in place, and many others are piloting such technology, the current cloud management tools are considered too slow, with a lack of single interface to view entire environments, difficulties creating, managing and tracking digital assets, and a growing VM sprawl.
  • Hybrid cloud use is increasing the need for management technologies able to assist through virtualization, consolidation, automation, and orchestration, delivering customer experiences that leave the infrastructure effectively hidden.
  • The opportunity to provide cross-cloud capabilities able to address technology evolution and business demands for improved speed and agility is notable, and cloud management platforms are required to support this IT transformation.

The Benefits of Cloud Management Platform Implementation

Cloud management platforms enable data-driven decision-making, and while many businesses are wrestling with virtualization and consolidation, cloud management platforms enable an incremental transformation from virtualization to automation and orchestration. Cloud management platforms also support fixed-term and dynamic sourcing, thus providing planned and unplanned options, and typically fewer difficulties are encountered regarding contract complexity and vendor management. Providing ease of use and access options, cloud management platforms also support a combination of old- and new-style IT services, and automation is found to improve user satisfaction without any requirements to raise staff levels.

Cloud Management Platform Challenges

It is, of course, always a balancing act, and cloud management platforms have to calculate and manage the needs of different stakeholders, including the business, IT and developers. It’s also necessary for organizations to have both the maturity and political will to make the changes required to drive cloud management platform adoption throughout, and the end-user IT literacy levels within must be carefully considered. Regarding dealings with cloud service providers and cloud management platform providers, SLAs and agreements need to be devised concerning relationships, responsibilities, and customization work to ensure that what’s expected by the organization is in fact what will be delivered.

Navigating the Journey

Cloud adoption is accelerating and with it the demand for services able to navigate the journey and manage the transformation. Not only assisting in these complex IT revolutions, as well as virtualization and consolation, automation and orchestration, cloud management platforms can aid users struggling to manage VM sprawl. They further assist users in the application of cloud decision criteria to locate, access and employ cloud applications and services through criteria such as cost, compliance, utility, governance and auditability with rules applied to every application. And of further consequence, policy-based cloud management platforms allow for less time devoted to compliance issues when selecting multiple individual services and instead move the focus to more strategic risk assessments in the selection of federated services. For cloud services that are secure, well priced, offering optimal performance, and supporting the needs of various user groups, more and more organizations find that cloud management platforms are necessary to automate and orchestrate processes and ensure business goals are met.

For the detailed research, view the PDF 451 Research: The State of Cloud Management – A New Business Imperative Emerges.

By Jennifer Klostermann

The DDoS Attack That Shook The World

The DDoS Attack That Shook The World

DDoS Attack: Update 2

6 days after the DDoS attack that rocked the internet to its core, Dyn have released detailed analysis of the attack and further details have emerged. The attack has been confirmed to have been the largest of its kind in history, and the Mirai botnet has been cited as the official cause.

Dyn have estimated that there were roughly “100,000 malicious endpoints” involved in the attack, which reportedly registered a massive strength of 1.2Tbps. If these reports are found to be true, that would make this twice as strong as any other attack on record! The strongest DDoS attack prior to this also involved the Mirai botnet, in an attack on the information security blog Krebs on Security, which registered 665 Gbps.

ofer-gayerWorryingly, Ofer Gayer, a security researcher with Imperva (a DDoS mitigation provider), has suggested that the hackers could well have even more power at their disposal, “Maybe this was just a warning shot. Maybe [the hackers] knew it was enough and didn’t need their full arsenal”.

Some researchers have commented that up to 500,000 devices could have been infected through the Mirai botnet attack, so perhaps as even stronger attack is on the horizon.

Ironically, Dyn even suggested that legitimate users refreshing their browsers may have been contributing to the problem; causing the site to become even more overloaded with traffic. So next time the site is down, don’t just keep hitting refresh!

You can find the full analysis by Dyn themselves on the whole attack and aftermath here.

By Josh Hamilton

Cashless Society Part 3 – Digital Wallets and More…

Cashless Society Part 3 – Digital Wallets and More…

Digital Wallets and More…

To finish off our Cashless Society series I want to look at the Fintech giants that are leading the digital money revolution. Whilst services like Apple Pay and Google Wallet have become more widely available, they haven’t quite taken off yet. They seem to be offering the transition to the digital economy that we are told is all but inevitable, but they haven’t managed to take off in the way that say, contactless cards have.

Jordan McKee, an analyst at 451 research commented that, “Mobile wallets haven’t yet proven they are measurably better than incumbent payment mechanisms, which general work quite well”. Avivah Litan, an Analyst at Gartner, put the lack of uptake of digital wallets down to the ease of current systems,

“It’s incredibly easy to swipe or dip a credit or debit card at a payment terminal and U.S. consumers are used to this mature payment application where they know they are well protected from financial loss…..It will take a lot of persuasion and financial incentives to get consumers to change their payment habits.”

Apple Pay

Apple Pay is built around contactless payment technology. It pulls your credit cards, debit cards, and other sensitive-payment data from the Wallet app, enabling you to use an iPhone or Apple Watch like a contactless card at store checkouts.

AppleWatch

Apple Pay is growing fast as well, with some experts commenting that it could well be Apple’s saviour. Users of Apple Pay completed more transactions in September 2016 than they did in the entire year of 2015. And on top of that transaction volume was up 500% in the fourth quarter, compared to the same quarter in 2015. Someone in Kensington, England, even used the service to pay for a 1964 Aston Martin DB5 worth over $1 million.

This growth can be partially attributed to the expansion in service from just the US and the UK, to now include Switzerland, Canada, Australia, China, France, Hong Kong, Singapore, Japan and Russia, with Spain soon to follow. Apple has also expanded the payment service to the web, to enable it to be used on mobile phones and desktop computers through Safari, and to be used in apps like Uber or Starbucks. According to CEO Tim Cook, hundreds of thousands of websites are now Apple Pay ready.

Google Wallet/Android Pay

Android Pay has been developed by Google to power NFC (Near Field Communication) payments with phones, tablets, and watches, as a rival to Apple Pay. At the minute, they are only in the US, UK, Singapore, Hong Kong and Australia – lagging behind Apple on the availability of the service – though they are rumoured to be starting up in Canada in the near future! They have also have benefitted from the expansion of MasterPass to cover Google Wallet transactions online, expanding their coverage and viability as an alternative to Apple Pay.

Android pay is available to use, in the countries it operates, nearly everywhere that Apple Pay is (though you might not see branding in quite the same way) and has a major bonus in that you can collect rewards for purchases, unlike Apple Pay.

These digital wallets operate under varied circumstances, but the premise and underlying goals remain similar. Yet, despite their adoption by major providers, there are still alternatives that are being implemented by retailers and businesses.

Retailers Alternatives

apple-iwatch

Aside from all the fanfare of mega-investments from Apple, Samsung and Google in NFC on smartphones, Starbucks, Dunkin’ Donuts and Walmart Pay allow customers to pay using a QR code displayed on a smartphone, which is a much most cost effective alternative. Starbucks customers spent an estimated $3 billion using the Starbucks app, though the success of apps of this nature can be partially attributed to the customer loyalty that the apps build with vouchers and offers for users.

Nitesh Patel, an analyst at Strategy Analytics, suggested that this could be the main reason for their success over digital wallets, “so far, mobile wallets, particularly NFC, have yet to integrate payments with loyalty in a compelling way…. You need a single tap to redeem or accumulate points and coupons”. Ultimately, the frills of the service are what is going to sell it to the general public, and digital wallets just don’t have those frills yet (especially Apple Pay, though it makes up for it somewhat in its widespread adoption).

Ultimately, we are still very early on in the transition to a cashless society. The technology is all but there, but the infrastructure and cultural acceptance hasn’t quite got there. It isn’t clear quite yet as to whether the digital wallet market will remain as open or competitive, or whether it will become an Android vs Apple battle. We shall simply have to wait and see who establishes themselves as the frontrunner.

By Josh Hamilton

CloudTweaks Comics
The Future Of Cybersecurity

The Future Of Cybersecurity

The Future of Cybersecurity In 2013, President Obama issued an Executive Order to protect critical infrastructure by establishing baseline security standards. One year later, the government announced the cybersecurity framework, a voluntary how-to guide to strengthen cybersecurity and meanwhile, the Senate Intelligence Committee voted to approve the Cybersecurity Information Sharing Act (CISA), moving it one…

Cloud Infographic – Interesting Big Data Facts

Cloud Infographic – Interesting Big Data Facts

Big Data Facts You Didn’t Know The term Big Data has been buzzing around tech circles for a few years now. Forrester has defined big data as “Technologies and techniques that make capturing value from data at an extreme scale economical.” The key word here is economical. If the costs of extracting, processing, and making use…

Digital Marketing Driven by Cloud, Big Data and IoT

Digital Marketing Driven by Cloud, Big Data and IoT

Digital Marketing Successful digital marketing campaigns are being driven largely by trending technologies, specifically the Internet of Things (IoT), Big Data, and The Cloud. These may be used for a huge number of marketing applications, from optimizing the performance of sports teams to improving science and research, even helping to aid law enforcement. Amazon Web…

Cloud Computing and Finland Green Technology

Cloud Computing and Finland Green Technology

Green Technology Finland Last week we touched upon how a project in Finland had blended two of the world’s most important industries, cloud computing and green technology, to produce a data centre that used nearby sea water to both cool their servers and heat local homes.  Despite such positive environmental projects, there is little doubt that…

The Business of Security: Avoiding Risks

The Business of Security: Avoiding Risks

The Business of Security Security is one of those IT concerns that aren’t problematic until disaster strikes. It might be tomorrow, it could be next week or next year. The fact is that poor security leaves businesses wide open for data loss and theft. News outlets just skim the surface, but hackers cost business up…

Infographic Introduction – Benefits of Cloud Computing

Infographic Introduction – Benefits of Cloud Computing

Benefits of Cloud Computing Based on Aberdeen Group’s Computer Intelligence Dataset, there are more than 1.6 billion permutations to choose from when it comes to cloud computing solutions. So what, on the face of it, appears to be pretty simple is actually both complex and dynamic regardless of whether you’re in the market for networking,…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

A New CCTV Nightmare: Botnets And DDoS attacks

A New CCTV Nightmare: Botnets And DDoS attacks

Botnets and DDoS Attacks There’s just so much that seems as though it could go wrong with closed-circuit television cameras, a.k.a. video surveillance. With an ever-increasing number of digital eyes on the average person at all times, people can hardly be blamed for feeling like they’re one misfortune away from joining the ranks of Don’t…

Is The Fintech Industry The Next Tech Bubble?

Is The Fintech Industry The Next Tech Bubble?

The Fintech Industry Banks offered a wide variety of services such as payments, money transfers, wealth management, selling insurance, etc. over the years. While banks have expanded the number of services they offer, their core still remains credit and interest. Many experts believe that since banks offered such a wide multitude of services, they have…

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring One of the hottest topics in Information and Communication Technology (ICT) is the Internet of Things (IOT). According to the report of International Telecommunication Union (2012), “the Internet of things can be perceived as a vision with technological and societal implications. It is considered as a…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…

Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a high level of confidence in how it will be risk-managed and controlled, to preserve the security of their information and integrity of their operations. Cloud implementation is sometimes built up over time in a business,…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information Officer of the United States was announcing a major Cloud First goal. That was 2011. Five years later, as both the private and public sectors continue to adopt cloud-based software services, we’re interested in this…

Beacons Flopped, But They’re About to Flourish in the Future

Beacons Flopped, But They’re About to Flourish in the Future

Cloud Beacons Flying High When Apple debuted cloud beacons in 2013, analysts predicted 250 million devices capable of serving as iBeacons would be found in the wild within weeks. A few months later, estimates put the figure at just 64,000, with 15 percent confined to Apple stores. Beacons didn’t proliferate as expected, but a few…