Daily Tech Digest - April 07, 2020

Hybrid Instead of All-Flash

All-flash Array vendors claim that because of the continuing decline in flash pricing and because of deduplication, there is no longer a financial reason to choose hybrid instead of all-flash. They claim that the unpredictable performance concerns of hybrid arrays outweigh any remaining cost advantage. AFA vendors, though, ignore the fact that the price of hard disk drives is reducing in terms of cost per terabyte. They also ignore the new reality that hard disk isn’t the only option for the second tier of storage. Deduplication, while bringing down the cost per terabyte of flash, brings a set of “taxes” that make it less cost-efficient than customers are led to believe. First, in primary storage, deduplication is far less efficient than when IT uses the technology for backup storage. Second, there is a performance overhead associated with its use, and all-flash arrays that use deduplication have an inferior cost per IOPS rating. Finally, most all-flash vendors don’t pass the full savings of deduplication on to the customer. The customer receives some of the cost savings value, but not all of it.

How to stay motivated when you work from home

Apple, remote working, iOS, mobile, iPhone
Those conversations you have with friends and family in restaurants, bars, on the street don’t need to stop when you’re self-isolating, just contact your people on FaceTime. With these suggestions in mind I’ve identified a selection of iOS tools that may help you take control of working from home while also helping you make the best of the motivation you still have available to you. Don’t be too frustrated if you’re not as motivated as normal – it really isn’t your fault. Things are happening. They are quite frightening. You are already doing what you can to challenge them by staying at home. Cut yourself some slack first and then see if these (mostly free) tools help you feel a little more in control. Assuming you can find the ingredients, then FoodPlanner lets you find healthy recipes you like the sound of online, add them into the app and then generates nutritional data, create a shopping list (including inventory management features to help you track ingredients you already have) and create meal plans for the next week or more. Foodplanner doesn’t aim to pester you into exercise, it lets you choose the food you want and then gives you the information you need in order to make it.

Compromising a 2FA system is lot easier than it seems. One of the easiest methods, especially in America, is a sim-swap, where a malicious actor switches a target’s mobile phone number to a new phone. Any subsequent text messages, such as those for 2FA, are sent to this new phone, thereby giving the malicious actor access. Certain malware has also been found to compromise 2FA systems. Cerberus, a type of Android-based malware, was found to have stolen 2FA codes for Google Authenticator in February 2020. There is also the TrickBot malware, which bypasses 2FA solutions by intercepting the one-time codes used by banking apps, sent by SMS and push notifications. Social engineering is also used to bypass 2FA security. Malicious actors may pose as a target’s bank, calling the target to “confirm their identity” by quoting the secure code that has just been sent to them, in response to an attempt to access their banking profile. “A lot of this stuff doesn’t require any real technical skill, and that’s the really scary part,” says Harding.

It might not be immediately obvious, but the Search box at the top of the Teams desktop app doubles as a command line. Click in that box and then tap the slash key (/) to display a list of all available commands. ... Pressing Ctrl+E takes you to the Search box, for example, just as it does in File Explorer and your web browser. You can use Ctrl+number to go to the corresponding node in the navigation pane on the left. In the default arrangement, Ctrl+1 goes to the Activity pane, Ctrl+2 takes you to Chat, and so on. Press Ctrl+Shift+X to toggle between the bare compose box and the full editor with all its formatting options. And just as in your web browser, you can hold down Ctrl as you tap the plus or minus keys to zoom in or out, then press Ctrl+0 to go back to normal (100%) magnification. ... When posting a new conversation/thread, it's a good idea to add a subject, as I've done in the opening post here. That makes it easier to spot a specific conversation by scrolling through a channel, and also makes it easier to use the search tools to find that conversation.

What is power over Ethernet (PoE)?

ethernet cable declantm flickr
Using PoE in wireless rollouts may be the technology’s primary application but many think it will find a home in the internet of things where wired IoT devices can receive power from their network connection. Versa technology wrote a blog about the use of PoE and IoT by the city of San Diego, Calif., which is using Ethernet cabling to deliver power to thousands of interconnected LED streetlights, which are integrated into the city’s IoT network. Power to the smart lamps can be turned up and down to optimize illumination for each space. Such lighting systems have low power requirements, making them cheaper to use. The PoE streetlights are integrated with the city’s IoT network, which makes it possible to monitor and control them remotely. The smart lamps are fitted with motion sensors to conserve energy by optimizing lighting based on the needs of each space. The system saves the city $250,000 or more per year, Versa stated. IP security cameras, which are often placed in difficult-to-access locations, are another key PoE application target.

IBM CEO Throws Down Hybrid-Cloud Challenge

IBM CEO Throws Down Hybrid-Cloud Challenge
In a LinkedIn message to IBM’s employees, Krishna said he wants the company to add a greater presence in the hybrid-cloud space to its already established positions in the mainframe, services, and middleware ecosystem. “The fundamentals are already in place,” Krishna wrote. “Our approach to hybrid cloud is the most flexible and the most cost effective for our clients in the long term. Coupled with our deep expertise, IBM has unique capabilities to help our clients realize the potential of a hybrid cloud business model.” Krishna stated that IBM would take advantage of its already established presence in cloud, artificial intelligence (AI), blockchain, and quantum computing. He noted that two “strategic battles” were taking place in the journeys to hybrid cloud and AI. “We all need to understand and leverage IBM’s sources of competitive advantage,” Krishna explained. “Namely, our open source and security leadership, our deep expertise and trust, and the fact that we enable clients to build mission-critical applications once and run them anywhere.”

Cybercriminals increasingly using SSL certificates to spread malware

Internet browser window showing lock icon during SSL connection
Recent studies have shown that cybercriminals building phishing sites now use SSL as well, complicating efforts by enterprises to keep their employees safe. The Menlo Security research revealed that while 96.7% of all user-initiated web visits are being served over https, only 57.7% of the URL links in emails turn out to be https, which means that web proxies or firewall will be oblivious to the threats unless enterprises turn on SSL inspection. "If you think the little green lock of https equals security, think again," the report said. "The bad news is that the bad guys use encryption, too. Many people mistakenly assume that as long as an SSL certificate is present, they're safe from attack, but that couldn't be further from the truth. From Reductor to Godlua and numerous other variants, it has become all too clear that new types of malware are being secreted behind a symbol that was once seen as secure." According to the report, enterprises have long relied on on-premises proxies and next-generation firewalls for visibility and control of web access. But when it comes to decrypting and inspecting SSL sessions, the report said, "many enterprises have held back partly driven out of privacy issues and partly around performance of these proxies with SSL decryption turned on.

What are the five main barriers to digital transformation and their solutions? 

What are the five main barriers to digital transformation and their solutions? image
One of the biggest barriers to digital transformation initiatives is when there is no clear direct return on investment. To overcome this barrier, White explains that “businesses should rectify this by defining a clear set of digital success criteria at the start, defined based on what you are trying to achieve — are you creating additional revenue streams or enhancing internal operations? Measures can be based on anything from metrics to softer statements such as ‘we will be able to provide customers with a way to engage 24/7 around the world’.” ... The most common barrier to digital transformation, according to Steve White, head of transformation accounts at Yotta, is data and department silos. He explains: “One common example is that the software applications being used by departments are very specific to those service areas, often require specialist knowledge to use effectively and are locked down via account profiles and permissions. They also incorporate different user interface designs (UI) and user experience designs (UX) which all make access by other departments or users within the organisation extremely difficult.

Data scientists: White House issues a call to arms

It's an opportunity for service for data scientists, a way to help healthcare workers and policymakers understand a growing dataset that holds the key to making informed decisions. At the moment, we lack the most basic knowledge about COVID-19, including an answer to the most fundamental question: how many people have been infected? Health experts agree that reliable data answering this question and other fundamental questions are needed to guide difficult decisions ahead. ... "The good news is we have lots of data," says McDonald. "The bad news is the organization and accessibility of that data is very spread out or difficult to access." Given the difficulties with the dataset, McDonald points to AI deep learning as a necessary tool. "Deep Learning is not a typical algorithm. A user literally "teaches" the platform with hundreds of examples of the various classifications or predictions. Once taught, then future classifications and predictions are in the hands of the deep learning platform." This can be applied to health data in general, which is a growing trend in data-driven medicine.

Cisco goes after wireless IoT with Fluidmesh acquisition

Industry 4.0 / Industrial IoT / Smart Factory
In January Cisco rolled out an overarching security architecture for industrial IoT (IIoT) environments that includes existing products but also new software called Cisco Cyber Vision, for the automated discovery of industrial assets attached to Cisco’s extensive IIoT networking portfolio. The new security rollout also included Cisco Edge Intelligence software to simplify the extraction of IoT data at the network edge. Together with the new software, IT and operational technology groups will be able to work together to provide advanced anomaly detection in IIoT environments, Cisco stated. Also in 2019, Cisco expanded its IoT security and management offerings by acquiring Sentryo, a company that offers anomaly detection and real-time threat detection for IIoT networks. Founded in 2014 Sentryo products include ICS CyberVision – an asset-inventory, network-monitoring and threat-intelligence platform – and CyberVision network-edge sensors, which analyze network flows. Last year Cisco rolled out a family of switches, including the Catalyst IE3x00 ruggedized edge switches, software, developer tools and blueprints to incorporate IoT and industrial networking into intent-based networking and classic IT security, monitoring and application-development support.

Quote for the day:

"When you expect the best from people, you will often see more in them than they see in themselves." -- Mark Miller

No comments:

Post a Comment