Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Jon Seals

FULTON, Md. -- Sonatype, the leader in software supply chain automation, today introduced the latest version of Nexus Repository Pro. The 3.2 version of Nexus Repository Pro will include built-in support for active-active high availability configurations and enhanced security and license analysis for open source components. Sonatype has also expanded Nexus Repository’s free, universal component support to include PyPI and RubyGems.

The new features of Nexus Repository Pro will be demonstrated at Jenkins World (Sept 14 - 15) and JavaOne (Sept 18 - 22). The product is currently being tested in private beta and will be commercially available in Q4 2016.

With over 100,000 active installations, Sonatype’s Nexus Repository Pro now offers expanded capabilities including:

  • High-availability which is uniquely affordable, rapidly configured, and easily managed
  • Universal support for all popular component formats
  • Precise component intelligence for repositories and applications

“We are excited to offer high-availability with the latest version of our Nexus Repository Pro to ensure that companies can achieve their continuous delivery goals,” said Wayne Jackson, CEO, Sonatype. “Our customers will be able to seamlessly integrate high-availability into their existing production environments with this sophisticated, yet cost-effective offering that minimizes downtime and improves reliability. When coupled with our precise component intelligence and ever-expanding component support, Nexus Repository Pro makes building and releasing the best software easy.”

Meeting continuous delivery needs through high availability

Active-active high availability is a requirement for organizations seeking 99.999% up-time across their Continuous Delivery and DevOps toolchains. The latest version of Nexus Repository Pro supports the active-active high availabilityensuring that if one server goes down, the other will continue running without interruption. The high availability feature is built into Nexus Repository Pro 3.2 and is remarkably easy to configure. Pricing starts at $1200 per year.

Expanding component support to PyPI and RubyGems

Nexus Repository is the only repository manager to offer free support for the world’s most popular component-based development languages including Java, npm, Bower, NuGet, and Docker, and now PyPI and RubyGems.

Providing precise component intelligence

Everyday, Nexus Repository customers evaluate the quality and security of millions of open source and third-party components across 70,000 repositories using Repository Health Check (RHC). RHC provides intelligence about the components, including license types, known security vulnerabilities, and other data such as relative usage popularity and age. This feature of Nexus Repository 2.x is now being made freely available to Nexus Repository 3.2 users.

Sonatype has now integrated the ability to perform a detailed analysis of the components and applications in Nexus Repository. Application Health Check (AHC) will enable Nexus Repository users to quickly evaluate components used in the applications. According to the 2016 State of the Software Supply Chain Report, 1 in 15 components used in applications includes a known security vulnerability. More advanced policy-based analysis of applications is available from Sonatype’s Nexus Lifecycle and Nexus Auditor solutions.

Upgrading Nexus Repository 2.x to 3.x

Starting with the release of Nexus Repository 3.1, Sonatype has included a seamless upgrade path for customers who are currently using Nexus Repository 2.14. Built-in upgrade tooling and documentation provide the current installed base an easy way to upgrade to take advantage of the latest features, including support for private Docker registries, high-availability, repository health check and universal component support.

Additional Resources

About Sonatype

Last year developers requested 31 billion components from the Central Repository to manufacture the software applications that run the world. Additionally, with more than 100,000 installations, companies around the globe use Sonatype’s Nexus solutions to manage reusable components and improve the quality, speed and security of their software supply chains. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Hummer Winblad Venture Partners, Morgenthaler Ventures, Bay Partners and Goldman Sachs. For more information, visit: www.sonatype.com.

One of the world’s largest SAP deployments in Azure uses SIOS as their HA foundation

SAN MATEO, Calif. -- IOS Technology Corp. (www.us.sios.com), the industry’s leading provider of software products that help IT optimize and protect business critical applications, today announced that Zespri International, one of the largest SAP deployments in Microsoft Azure, relies on SIOS DataKeeper Cluster Edition to take advantage of the scalability and flexibility of Microsoft Azure environment for their SAP environment while delivering the stringent service levels required of their business-critical applications.

“SIOS DataKeeper provided the configuration flexibility and high availability protection we needed to deploy our business-critical SAP/Microsoft SQL Server operations in Microsoft Azure,” said Andrew Goodin, global manager information services, Zespri International.

The world’s largest marketer of kiwifruit, Zespri International, relies on a large SAP and SQL Server infrastructure to manage its operations in more than 53 countries. Zespri began a strategic initiative to move their SAP operations to Microsoft Azure to leverage the flexibility and scalability of an Azure cloud environment. For this initiative to be successful, they needed to ensure that their business critical SAP and SQL Server applications would continue to meet the stringent levels of service and high availability their business demands.

They faced the challenge of delivering high availability and disaster protection for their critical applications in a cloud, where shared storage failover clustering is not available. “We needed a simple, cost-efficient solution that would protect critical SAP Central Services but would not add complexity to our move to Azure,” said Goodin.

The company’s IT consultant, Datacom recommended using SIOS DataKeeper Cluster Edition software to quickly and easily build SANless clusters in Azure. Zespri added SIOS DataKeeper to its Microsoft Windows Server Failover Clusters to enable them to work in a Microsoft Azure cloud environment. SIOS DataKeeper synchronizes local storage in cluster nodes located in different Microsoft Azure fault domains for disaster protection. The synchronized storage appears to WSFC as identical to a traditional SAN. Today, the Zespri infrastructure is one of the largest SAP deployments in Microsoft Azure worldwide comprising more than 32 nodes running on large Microsoft SQL Server databases.

By providing the HA foundation needed to support business critical operations, SIOS DataKeeper software played a critical role in enabling Zespri to move to Microsoft Azure. With SIOS DataKeeper, Zespri was able to take advantage of scalability and flexibility of Microsoft Azure environment for their SAP environment while delivering the stringent service levels required of their business-critical applications.

About SIOS Technology Corp.

SIOS Technology Corp. makes software products that provide the insights and guidance IT managers need to manage and protect business critical applications in large, complex data centers. SIOS iQ is a machine learning analytics software that helps IT managers optimize performance, efficiency, reliability, and capacity utilization in virtualized environments. SIOS SAN and SANLess software is an essential part of any cluster solution that provides the flexibility to build Clusters Your Way to protect your choice of Windows or Linux environment in any configuration (or combination) of physical, virtual and cloud (public, private, and hybrid) without sacrificing performance or availability. Founded in 1999, SIOS Technology Corp. (http://us.sios.com) is headquartered in San Mateo, California, and has offices throughout the United States, United Kingdom and Japan.

SIOS, SIOS Technology, SIOS iQ, SIOS DataKeeper, SIOS Protection Suite, Clusters Your Way, SIOS PERC Dashboard, and associated logos are registered trademarks or trademarks of SIOS Technology Corp. and/or its affiliates in the United States and/or other countries. All other trademarks are the property of their respective owners.

NEW YORK – Research released by Accenture (NYSE:ACN) reveals that despite the potential for small and traditional businesses to become successful digital platform companies, as few as 10 percent of new start-ups focused on digital platform business models will become profitable independent entities in the coming years. The analysis also reveals that China, India and the U.S. will dominate the platform economy by 2020, and that the gulf between countries will increase. To help bridge this gap, the report outlines five critical steps businesses and governments can take to succeed.

Accenture’s report Five Ways to Win with Digital Platformspublished in collaboration with the G20 Young Entrepreneurs’ Alliance, assesses the ability of 16 G20 economies to support the flourishing of digital platforms. It shows that the UK and Germany join China, India and the U.S. at the top of the Accenture Platform Readiness Index (see figure 1), but other emerging markets and European economies are predicted to lag behind, lacking sufficient business and socio-economic enabling conditions.

“When you think of digital platforms, think of China and India as much as the U.S. These economies are using the power of platforms to create large scale markets very rapidly,” said Paul Daugherty, chief technology officer, Accenture. “Many European economies are in danger of missing out in the platform economy. Multi-stakeholder cooperation is required to address the fragmented digital markets and to support the greater levels of digital enterprise and consumption that successful platform businesses need.”

Accenture’s analysis shows $20bn was invested in digital platforms between 2010 and 2015 in 1,053 publicly announced deals. More than half of this investment took place between 2014 and 2015. It also shows that rankings on the Platform Readiness Index strongly correlate to the levels of digital platform activity and investment in G20 countries (see figure 2).

The report recommends that governments engage with businesses leaders to advance a range of policies that can create a rich enabling environment for digital platforms including the following actions:

1.

   

Prioritize data protection standards and rules: Drive the harmonization of data privacy and data security legislation. Smooth cross-border data transfers.

2.

   

Design regulations with digital platforms in mind: Experiment with regulations alongside new technologies and business models. For instance, the U.K.’s Financial Conduct Authority’s “regulatory sandbox” allows start-ups to test ideas without immediately incurring all the normal regulatory consequences.

3.

   

Encourage cross-border electronic trade. Harmonize taxes and standards, consumer protection, contract laws and logistics infrastructure. The eWorld Trade Platform (eWTP), initiated by B20 China, aims to accelerate international policy collaboration to support SMEs.1

4.

   

Invest in digital infrastructure: For example, the E.U.’s Payment Services Directive (PSD2) will empower start-ups to expand customer reach and encourage innovative business models.

5.

   

Think small, act big: Educate SMEs on alternative funding, such as crowdfunding and peer-to-peer lending; and on data privacy and consumer protection. Support SMEs with digital economic zones to support e-commerce.

       

Five ways to succeed

Accenture notes that only 15 percent of Fortune 100 companies have developed digital platform business models to date Successful digital platforms will proliferate as small businesses and traditional industries follow the lead set by digital-born platform companies. Accenture identifies five factors critical to sustaining critical mass in digital platforms, which use new technologies to create large scale markets of customers and service providers:

1.

   

Proposition: Create differentiated platform services that extend beyond the point of transaction; and that support both customers on the demand side and service providers on the supply side.

2.

   

Personalization: Target customers through tailored experiences across all channels, using customer data to anticipate needs and offer bespoke experiences.

3.

   

Price: Apply new pricing models, such as pay-as-you-go, ‘freemiums’, and subscription pricing to respond to peak demand.

4.

   

Protection: Embed trust at the heart of the platform, using both prevention and compensation techniques to attract customers and differentiate the platform.

5.

   

Partners: Scale the platform rapidly by identifying digital partners – such as app developers and payment service providers – who can enrich the platform experience and fulfill customer needs.

       

“Digital platforms are not just the preserve of digital born companies, like Airbnb and Alibaba, but are now becoming a default business model in most industry sectors, both B2B and B2C,” said Francis Hintermann, managing director, Accenture Research. “To enjoy efficiencies and high rates of growth, companies will need to transform everything from the way they co-create goods and services with third parties, tailor their offerings to customers, and price them dynamically. Crucially, they will only sustain critical mass by working with digital partners who can deliver the range of functional services that complete the customer experience.”

About the Accenture Platform Readiness Index

The Accenture Platform Readiness Index measures 16 G20 countries by a number of factors including the size and savviness of their digital population, the extent of its digital talent and the strength of its wider entrepreneurship culture. Accenture also measured degrees to which companies are willing to share intellectual property and ideas in a spirit of open innovation, the quality of their technology infrastructure and their ability to support home-grown technologies. The agility and flexibility of market regulation on issues such as data privacy, data portability and cybersecurity was also measured.

About Accenture

Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 375,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.

1 Draft policy paper of B20 SME development taskforce, May 2016

CyberArk Technology Recognized as Innovative for Ability to Detect Privileged Credential Vulnerabilities

NEWTON, Mass. & PETACH TIKVA, Israel – CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced it was recently awarded another patent (U.S. Patent 9,386,044) by the U.S. Patent and Trademark Office for innovative security risk detection technology. This patent follows a previously granted patent (U.S. Patent 9,185,136) and demonstrates CyberArk’s expertise in detecting the risks that make cyber attacks possible in organizational networks.

The patent for correlation-based security risk identification covers methods and systems to map risks arising from credentials, especially privileged credentials, present on machines in the network that, once compromised, enable attackers to access and compromise other machines in the network.

CyberArk has implemented this innovative technology in the CyberArk Discovery and Audit (DNA) tool. CyberArk DNA is a valuable tool for security practitioners to quantify privileged account security-related risks and gain visibility into the vulnerable attack surface that exists within enterprise environments.

Once compromised by an attacker, privileged credentials can enable lateral movement to other machines in the network. Using CyberArk DNA, organizations can identify specific security risks, such as those associated with Pass-the-Ticket and Pass-the-Hash attacks, and visualize how attackers could abuse credentials and associated access rights to operate in the network.

CyberArk DNA is a free tool that enables organizations to complete risk assessment audits to:

  • Discover where privileged accounts exist on their networks;
  • Clearly assess privileged account security risks;
  • Identify privileged credentials including SSH keys, embedded and hard-coded credentials, and password hashes;
  • Collect reliable and comprehensive audit information to better lock down these powerful accounts and secure their networks.

“CyberArk continues to make strong investments in product research and development, with this latest patent reinforcing the importance of innovation for detecting risks and potential abuse of privileged credentials,” said Andrey Dulkin, director of cyber innovation at CyberArk Labs. “Incorporating these technologies into CyberArk DNA has a direct impact on helping organizations understand the risks associated with unmanaged credentials, with risk mapping as an important first step to establishing a proactive privileged account security program.”

Research by CyberArk Labs found that, on average, 40 percent of network machines can provide cyber attackers with credentials enabling them to start an attack that could compromise an organization’s entire network. To learn more, download the associated report, “Analyzing Real-World Exposure to Windows Credential Theft Attacks.”

To learn more about using CyberArk DNA to conduct a free risk assessment, please visit: http://www.cyberark.com/discover-privileged-accounts-exist-cyberark-dna/

About CyberArk

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including 45 percent of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikvah, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout EMEA and Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.

Copyright © 2016 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

Provides advanced threat intelligence with 24/7 support, complete with PCI and HIPAA adherence
 

RICHARDSON, Texas – The complex nature of the security landscape has businesses across industries seeking seasoned experts for guidance and support. FlexManage, a leading technology consulting firm and Microsoft Systems Integrator, and Armor, a leading provider of managed cloud security, today announced a partnership to deliver military-grade cloud security solutions. Through the Armor Global Partner Program, the companies will provide scalable security and compliance support for applications and workloads leveraging on-premise, AWS© and Azure©cloud infrastructures.

“Armor’s proven solutions and threat intelligence expertise protects critical information without compromising business performance or productivity. This allows us to offer significant advantages to the market.”

https://abs.twimg.com/errors/logo23x19.png); float: left; font-size: 16px; margin: 10px 0px; padding: 3px 3px 3px 28px; border: none; outline: none medium !important; background-position: -1px 50%; background-repeat: no-repeat no-repeat;">Tweet this

“FlexManage engages partners with the acumen and experience to help us meet the complex IT needs of our customer base – of which security is among the chief concerns,” said Lee Hovermale, chief executive officer, FlexManage. “Armor’s proven solutions and threat intelligence expertise protects critical information without compromising business performance or productivity. This allows us to offer significant advantages to the market.”

Armor has two PCI and HIPAA compliant solutions proven to limit dwell time where network intrusion remains undetected. For organizations operating in a combined virtual and public cloud, or customer-owned IT environments, Armor Anywhere offers additional security, managed by an elite team with more than 150 years of military cyber security experience. Armor Complete, the world’s most secure and trusted cloud, provides a safe platform for companies to place the most sensitive data in a high-performance and fully-managed environment.

“The flexibility and performance that the cloud offers can’t be realized if there is a cumbersome security solution impeding productivity,” said Jared Day, president, Armor. “FlexManage and Armor will be working together to ensure that these two crucial elements of an organization’s IT strategy can be met without sacrificing security or the ROI of the cloud. We look forward to demonstrating Armor’s ability to detect and defend information while providing unparalleled support.”

For additional information regarding the Armor Global Partner program, please visit, www.armor.com/partners.

About FlexManage™

FlexManage, formerly Project Leadership Associates (PLA), provides flexible and scalable IT services to help customers harness the power of technology and become agents of change driving modern business transformation. We specialize in delivering reliable consulting, cloud and managed services, empowering our clients to envision solutions that enable growth, new revenue streams and greater productivity through the effective use of technology. To learn more about FlexManage visit www.flexmanage.com or call 1-877-752-0451.

About Armor

The leader in active cyber defense, Armor offers customer-centric security outcomes for retail and eCommerce enterprises, healthcare organizations, payment leaders and financial institutions. Armor protects highly sensitive data for the most security-conscious companies in the world. With its proven cyber security approach and proprietary cloud infrastructure built specifically for security, compliance and performance, responsible businesses choose Armor to reduce their risk. For more information, visit armor.com, call 1-844-682-2858 or follow @armor.

 

Shield has been redeveloped with a facelift, enhancing functionality while maintaining the core features that make it the Plan Builder.

 

KingsBridge Disaster Recovery announces its signature Shield software, a Business Continuity and Disaster Recovery Planning tool, has undergone a complete redevelopment and will be available to new users starting this month. Shield has always strived to make planning simple, but now The Plan Builder is taking it to the next level following more than a year of planning, development and testing while always keeping “faster", “easier", “intuitive" at the core of all design decisions.  The KingsBridge team is excited to release this new and improved product to build better recovery plans faster.  

 

With the mantra of “The Plan Builder”, Shield 2.0 gives users the ability to build a first draft of the plan right out of the box saving precious time and resources. KingsBridge understands that many Business Continuity project managers have conflicting priorities and tight deadlines. To answer the call for an easy to use, easy to manage plan, Shield 2.0 has enhanced capabilities for managing data and documents with easier navigation. And users couldn’t be happier. Here is what customers have to say about Shield 2.0;

  • Ease of use; the application isn’t too complex allowing users to access it only once or twice a year without the need for retraining.
  • The Shield App is awesome!  Because it handles Android, iPhone and Blackberry, everyone in our company can always access it. Better still, the App only needed a single login so log-in once and it remembers your password for you!
  • Amazing customer support; super-fast responses to inquiries and my feedback was implemented almost immediately!

When asked what makes Shield 2.0 so exciting, KingsBridge Co-Founder and BCI Consultant of the Year Skip Williams replied “BC/DR shouldn’t be complex and we’ve always lived by "keep it simple". Shield 2.0 is the next step toward this goal by making that possible for any user. Shield is easy, fast and cost effective.  There is no question about it, this is our best product to date.  Simply put Shield is The Plan Builder.”  

 

The KingsBridge Disaster Recovery team will be on site at this year’s DRJ Fall World to showcase Shield 2.0 and provide demos of the tool. KingsBridge also provides consulting and training services in addition to their software solutions. You can find more information here.

 

KingsBridge Disaster Recovery leverages more than thirty years’ experience in Business Continuity and Disaster Recovery to bring a suite of complimentary products and services to the industry. KingsBridge Disaster Recovery has a proven track record of exceeding expectations and remaining responsive to the changing needs of BC/DR planners. Visit disasterrecovery.com for more information.

 

One of the bigger challenges associated with any Big Data project is mastering the interplay between all the technologies such an initiative entails. Between Hadoop and a host of associated platforms such as the Apache Spark in-memory computing framework and the Kafka messaging system, there’s a lot that can go wrong.

Looking to provide IT organizations with a means of actually monitoring the performance of Big Data environments, Unravel Data this week launched a namesake performance intelligence platform for Big Data applications.

Unravel Data CEO Kunal Agarwal says that Unravel, fresh off raising an additional $7 million in funding, has spent the last few years analyzing over eight million jobs run on Big Data platforms. It has used that information to create a catalog of events that in one way or another lead to performance degradation of a Big Data application. It is now using that repository to compare events in specific Big Data environments to determine the root cause of any given Big Data application issue, says Agarwal.

...

http://www.itbusinessedge.com/blogs/it-unmasked/unravel-data-launches-big-data-monitoring-platform.html

The Travel Risk is Real

You don’t have to look long to find news of terrorist attacks, natural disasters, political unrest, and other safety threats around the world. It can be a scary place, especially if you’re a frequent traveler. Not too long ago, business travelers only had to be concerned with logistics and language barriers. Today, they have to be on alert everywhere they go, both home and abroad.

The Global Business Travel Association found millennials are nearly twice as likely to want to travel more for business than Baby Boomers and 57% of millennials believe technology can “never replace face-to-face meetings to get business done.” These numbers help explain the boom in business travel. Nearly 500 million business trips were taken in 2015 and that number is expected to grow considerably in the coming years.

...

https://www.alertmedia.com/how-companies-can-use-incident-communications-software-to-protect-themselves

Friday, 23 September 2016 00:00

The Rise and Fall in Compliance Costs

Many leaders of financial services companies complain about the rising cost of compliance and fraud detection. Larger institutions fear they are not seeing the economies of scale that typically arise with size. When it comes to compliance, the greater “surface area” and the greater complexity of environment offset the traditional economies of scale.

Increasing costs inevitably create a demand for creative cost containment. The usual proposed solutions are automation, reviews of capital or operating expenses and outsourcing.  All three of these are combining to stem the tide of rising compliance costs, but all require re-engineering of business operations to achieve those savings.

Historically in financial services, automation of business interactions – ranging from deposits and withdrawals to derivatives trading – was the first driver of business volume growth.  However, as the amount of transactions and other data requiring review grew, so did compliance costs, and businesses had incentives to move from manual to automated auditing and reporting processes.

...

http://corporatecomplianceinsights.com/rise-fall-compliance-costs/

A fire extinguishing test at a Bucharest data centre belonging to the Romanian arm of ING saw the bank’s customers unable to make card payments, ATM withdrawals and online transactions for several hours on Saturday.

The bank says that services were knocked out for around 10 hours thanks to the damage caused when it tested its extinguisher system, which expels a mix of nitrogen, argon and carbon dioxide, known as inergen.

Inert gas is used to combat fires at data centres because it does not normally damage electronic equipment. It is stored in cylinders and released at high pressure out of nozzles spread around the site. The high-pressure release of the gas produced a loud noise – over 130 decibels – and the associated vibration destroyed dozens of hard drives.

...

https://businessresilienceforum.com/business-continuity-incident-data-centre-fire-test-knocks-out-banking-services/