Daily Tech Digest - September 26, 2017


Time to embrace a security management plane in the cloud

Time to embrace a security management plane in the cloud

There’s an old saying: Change is the enemy of security. To avoid disruptive changes, many cybersecurity professionals strive for tight control of their environment, and this control extends to the management of security technologies. Experienced cybersecurity professionals often opt to install management servers and software on their networks so that management and staff “own” their technologies and can control everything they can. This type of control has long been thought of as a security best practice, so many CISOs continue to eschew an alternative model: a cloud-based security management control plane.  Given the history of cybersecurity, this behavior is certainly understandable — I control what happens on my own network, but I have almost no oversight on what takes place on Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform.


Canada's Tough New Breach Reporting Regulations

Previously in Canada, entities experiencing a breach were required to identify what kind of breach occurred and to notify regulators. "Contacting affected individuals [about the breach] would be something you would delegate to the regulators to get advice and guidance on," he says. But that all changes under the Digital Privacy Act of 2015, which amended certain Canadian privacy regulations in three key ways and will likely go into effect by the end of 2017, Ahmad says. Those changes include mandatory breach notification to affected individuals; keeping a record log for two years of any types of data breaches that occur; and imposing sanctions of up to $100,000 for each violation of the new law, he says. Those amendments provide "a bit more teeth" to Canadian data breach legal requirements, he notes.



Machine Learning Big Data

From buzzword to boardroom – what’s next for machine learning?

You only need to think of the allocation of payments to invoices, the selection of applicants in the HR area, the evaluation of marketing ROI, or forecasts of customer behaviour in e-commerce transactions. Machine learning offers great potential for companies from the big-data environment, provided they muster the necessary developer capacities to integrate machine learning into their applications. As AI moves from the future into the present, organisations not only want to gain insight into their own processes via classical process mining, they are also looking for practical support for the decision-making process, such as guidance on how to further optimise single process steps or efficiently eliminate any hurdles that still exist. By doing so, they can understand which influencing factors would be worthwhile tackling first.


Firms look to security analytics to keep pace with cyber threats

Implementing security analytics can take time and money, especially if a business is using outdated hardware and software. Gene Stevens, co-founder and CTO of enterprise security supplier ProtectWise, says many CISOs are finding it difficult to retain forensics for an extended period of time in a way that is cost-effective and easy to manage. However, his company has come up with an intelligent, analytics-oriented platform to tackle this problem. “With a memory of network activity, security teams can go back and identify whether they were compromised by an attack once it is discovered – and assess the extent of its impact,” says Stevens. However, traditional approaches are costly to scale and laborious to deploy.


New managed private cloud services hoist VMware workloads

CenturyLink's new VMware managed private cloud, CenturyLink Dedicated Cloud Compute Foundation, rearchitects its flagship private cloud onto Hewlett Packard Enterprise (HPE) hardware. It is cheaper and 50% faster to provision than its predecessor, which required multiple integration points across network, compute and virtualization from five vendors. That's typical with many private clouds that require users to coordinate technologies, either within OpenStack or earlier versions of VMware, said David Shacochis, vice president of product management at CenturyLink. VMware Cloud Foundation serves up an integrated stack with vSphere, NSX and vSAN, which means fewer moving pieces, improved self-service features and security control, Shacochis said.


Data storage in Azure: Everything you need to know

On Azure, things are different. Instead of having to manage data at an operating-system level, Azure’s object file system leaves everything up to your code. After all, you’re storing and managing the data that’s needed by only one app, so the management task is much simpler. That’s where Azure’s blob storage comes in. Blobs are binary large objects, any unstructured data you want to store. With a RESTful interface, Azure’s blob store hides much of the underlying complexity of handling files, and the Azure platform ensures that the same object is available across multiple storage replicas, using strong consistency to ensure that all versions of a write are correct before objects can be read. 



computer frustration man resized

What’s your problem? Survey uncovers top sources of IT pain

Cost-cutting has always been a focus for enterprise IT, but as the diversity and volume of data increases, complexity and storage sprawl are straining budgets. Indeed, budget challenges were a top challenge for 35% of IT pros surveyed at VMworld 2017.  A metadata engine can cut costs in several ways. First, it can automatically and transparently moves warm and cold data off high performance resources to dramatically optimize the use of an organization’s most expensive infrastructure. Second, it enables organizations to dramatically increase the utilization of their existing resources. With global visibility and control, organizations can view data location and alignment against SLAs, as well as available performance and capacity resources. This allows IT to instantly observe resources that might be nearing thresholds, and subscribe to alerts and notifications for these thresholds.


FBI's Freese Shares Risk Management Tips

Confusion over the definitions of "threat" and "risk" exist when IT security teams talk to members of the executive suite. One strategy security professionals may consider is approaching the discussion from a business perspective, instead of leading with fear, says Don Freese, deputy assistant director with the FBI's information technology branch. Freese, who served as a keynote speaker Monday at the ISC(2) Security Congress convention in Austin, Texas, noted that risks are measurable, providing that companies practice good security hygiene, such as logging network activity and taking inventory of the data that the enterprise possesses. In addition to those best practices, Freese also advises IT security leaders to consider the industry that they operate in and the type of data that would be desired by cybercriminals, or nation states.


8 Features of Fintech Apps that Appeal to Millennials

A new wave of fintech apps is set to hit smart devices over the coming years. A number of new startups, such as the digital-only bank Atom and the international money transfer service TransferWise, are going to revolutionize the financial industry. Fintech investments have grown exponentially over the last three years, and there are many opportunities for developers, investors and executives of “legacy companies” to ride on this wave. At the same time, of all the consumer demographics, Millennials are expected to be pivotal in driving changes. As a consequence, fintech developers are aggressively targeting them, tailoring apps to solve key pain points. Let’s look at some of the common features that software developers are currently including in their apps, along with those that are expected to become widespread, in order to appeal to Millennials.



Google's custom data center switch Jupiter

What’s Different about Google’s New Cloud Connectivity Service

Dedicated Interconnect is only one of a set of cloud connectivity options from Google; it’s designed for handling workloads at scale, with significantly high-bandwidth traffic of more than 2Gbps. You can also use it to link your corporate network directly to GCP’s Virtual Private Cloud private IP addresses. Taking your cloud traffic off the public internet and onto your own network range gives you more options for taking advantage of cloud services. “Networking technologies are enabling applications and data to be located in their best execution venue for that workload,” Traver noted. Like its competitors, Google Cloud Platform requires you to connect to one of several global peering locations, so as well as Google’s charges, you’re also going to need to pay your network service provider to reach Google’s peering points.



Quote for the day:

"The two most powerful warriors are patience and time." -- Tolstoy