Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 29, Issue 2

Full Contents Now Available!

Jon Seals

Leading Financial Services Company Relies on LORIC to Secure Critical Services in the Cloud and Is an Early Adopter Using Palerra Consulting Services

SANTA CLARA, Calif. – Palerra, the leader in cloud security automation, today announced Marlette Funding has successfully implemented the Palerra LORIC™ platform to help secure its critical cloud infrastructure and applications. LORIC presently secures Box, Microsoft Office 365 and AWS for Marlette Funding.

Marlette Funding is a large specialty finance company that has serviced more that $1 billion in loans since its launch in 2013. As a financial lending institution, Marlette Funding must ensure regulatory compliance and privacy of its customer data, both financial and Personally Identifiable Information (PII). Maintaining tight security over this data was the critical business driver for the purchase of Palerra's LORIC platform. LORIC provides Marlette Funding enterprise-class visibility into user activities, detects anomalous activities, helps them maintain compliance, identifies security configuration drift of cloud services and provides automated incident response.

Marlette Funding also recently began using Palerra Consulting Services, a new offering delivering hands-on cloud security expertise, threat research and ongoing supervised analysis to help extend Marlette's LORIC implementation. Palerra Consulting Services enables organizations to design, configure and scale a LORIC deployment with custom security policies and groundbreaking threat research in an effective and efficient manner -- truly a unique offering highlighting Palerra's commitment to securing an organization's entire cloud adoption process and portfolio. Palerra Consulting Services has integrated LORIC into Marlette's existing security operations as well as trained their security operations personnel, resulting in a more secure and efficient overall business operation.

"Palerra's LORIC platform secures our entire cloud service environment, from Box and Office 365, to our AWS infrastructure. To mold to our specific needs, the Palerra Consulting Services team integrated LORIC into our existing operations and provided comprehensive insight into the configurations and capabilities of all the cloud services we leverage," said Chet Sharrar, senior director of security and infrastructure at Marlette Funding. "We have looked into other cloud security solutions and they do not offer the breadth of service, or top-down visibility into potential threats that LORIC provides. We look forward to a long-term partnership with Palerra and plan to engage with them more as we continue to grow our cloud footprint."

"This implementation is yet another example of an established and well respected organization relying on LORIC to secure its cloud platforms and applications, keeping sensitive, company and user data private and safe," said Rohit Gupta, founder and CEO of Palerra. "Marlette Funding has demonstrated rapid innovation by embracing the cloud for mission critical applications. As they consume more services from the cloud, Marlette recognized the safety-net LORIC delivers through its unmatched visibility into cloud services, surgical threat analytics, configuration compliance and automated remediation."

LORIC monitors enterprise cloud services including Google apps, Amazon AWS, Salesforce, Box, Microsoft® Office 365™ and ServiceNow, and promotes the security of these services through a single pane of glass.

Palerra Consulting Services provides advisory and professional services to help secure enterprise use of Cloud Services, including:

  • Cloud Security and Cloud Capability Maturity Assessments
  • LORIC Customizations and Configurations
  • Operations support of your Cloud security monitoring function

To learn more about LORIC and Palerra Consulting Services

About Palerra
Palerra helps organizations protect their business-critical cloud infrastructure and data with LORIC™, the industry-leader in cloud security automation. It is the only solution to combine visibility, threat detection, compliance management, and automated incident response for cloud services into a single platform. Leading enterprises including Blue Cross and Blue Shield of Minnesota, BMC Software, Jefferies, and VMware leverage LORIC for continuous monitoring and security of their cloud applications. Palerra is a privately held company funded by Norwest Venture Partners, Wing Venture Capital and August Capital and is headquartered in Santa Clara, Calif. For more information, visit www.palerra.com.

New Console Provides Global View Across Distributed, Hybrid Cloud Storage Infrastructure With a "Time Machine" Look-Back Capability

CAMPBELL, Calif. – Panzura, leading the charge in removing the barrier to the cloud, today announced immediate availability of its CloudFS Console, a Google Maps-based monitoring, alerting and reporting interface for the entire Panzura Global File System. The CloudFS UI simplifies management of globally distributed, cloud-integrated storage, making it easier for companies to take advantage of cloud storage economics and use it as their primary storage. It also gives administrators a simple visual interface to check status and activity up to 14 days in the past across the entire Panzura deployment.

"When the cloud becomes your primary file storage, you need to take a different approach to how you manage the hybrid environment. Storage solutions -- even ones that provide some cloud connectivity or site-to-site replication -- typically provide an administrator interface for each local storage system, but don't offer a global view," said Rich Weber, Chief Strategy Officer at Panzura. "There's normally no unified view of unstructured file data. As more and more companies expand internationally and make cloud storage part of their infrastructure, IT managers need a global view of their file data. We're pleased to provide just that with our new CloudFS UI."

With Panzura, the cloud is the authoritative source for all files. Active data is cached on local controllers to provide fast access for users, and Panzura's patented global file locking ensures data integrity across every site. To manage primary storage that is dispersed across both the cloud and every office, administrators benefit from both a map-based user interface and the ability to look back in time across the system.

The CloudFS Console gives administrators:

  • Google Maps view of all controllers and connectivity between them.
  • The ability to view activity, status and alerts going back in time up to 14 days.
  • Status of locally cached data at each site.
  • Status of cloud and network connectivity.
  • Status of each controller.
  • Status and information about every file stored in the Global File System.
  • Alerts on any potential problems across the entire Panzura infrastructure, network and cloud.

Over a third of Panzura's customers have already deployed the new CloudFS UI and are seeing the benefits.

"The new Panzura CloudFS Console makes it even easier to take advantage of cloud storage for my primary data. Panzura's new console lets me proactively monitor the status of file services in all of GRAEF's offices," said David Neumann, IT Director at GRAEF-USA. "The combination of the Google Map view and status dashboard means I get a panoramic view of all of the controllers at all of my offices, including overall file service performance, connectivity to the cloud and details on every file." 

"Panzura's Global File System already lets us collaborate in real-time across offices in applications like AutoDesk Revit and AutoCAD. It's one of the single most important technology 'enablers' to our One Company philosophy, and makes establishing new offices much easier as we grow," said Hernan Gutierrez, IT Manager at Entuitive. "The CloudFS UI gives us the ability to easily monitor each office and our cloud storage, and address any potential bottlenecks in the network or cloud before they affect project timelines."

The Panzura CloudFS UI is available at no additional charge to all Panzura customers with current support contracts.

About Panzura
Panzura makes the cloud seamless by solving the last mile of hybrid cloud, transforming the cloud into another corporate datacenter, transparently blending the scale and economics of the cloud with the performance and flexibility of the corporate datacenter. By making the file system transparent across the cloud and corporate datacenters as well as eliminating the barriers of connectivity and authentication with the cloud, Panzura enables applications to run without a single change in the cloud, on-premises, or both.

For more information, visit www.panzura.com.

The January 22-24 blizzard, which dumped heavy snow from the Mid-Atlantic to southern New England has been rated as a Category 4 or “Crippling” winter storm on NOAA’s Northeast Snowfall Impact Scale, also known as NESIS. It is also among the most powerful winter storms, ranked 4th, to impact the Northeast U.S. since 1950.

NESIS characterizes and ranks Northeast snowstorms based on areas affected within and outside of the region, using data calculated by NOAA’s National Centers for Environmental Information. NESIS is based on the following factors: how much snow falls (at least 10 inches); the size of the area impacted; and the population of the impacted area. NESIS ranks these storms on a five-tier scale ranging from Category 1 “Notable” to Category 5 “Extreme.”

snowfall map

Snowfall coverage of the recent blizzard, which NOAA has ranked as category 4 on the Northeast Snowfall Impact Scale. (Credit: NOAA)

“While there were significant impacts, this storm was well forecast. We saw the system coming a week in advance. Improvements and investments in the capabilities of our supercomputers, our models, our science, and the skills of our forecasters in recent years helped us to provide critical information to emergency managers and decision makers,” said Louis W. Uccellini, Ph.D., director, NOAA’s National Weather Service and co-developer of NESIS with Paul Kocin, meteorologist, NOAA’s National Weather Service.

Kocin added, “This storm ranks up there with the great blizzards of the past 100 years in terms of amount of snowfall, size of impacted areas and population affected.”  

snowfall scene

The 2016 blizzard ranked as a category 4 storm on the NESIS scale. Residents were forced to walk in the streets of Washington, D.C., during and after the snowstorm. (Credit: Joe Flood, NOAA)

The snowstorm covered about 434 thousand square miles and impacted about 102.8 million people. Of those, about 1.5 million people had over 30 inches of snowfall; almost 24 million had over 20 inches.

Other storms on NESIS scale include:


NOAA’s mission is to understand and predict changes in the Earth’s environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on TwitterFacebookInstagram, and our other social media channels.

If you’re not thinking about expanding your security services, you should be. At least, that’s the news from Kaseya’s 5th Annual Global MSP Pricing Survey*.  

"Heightened security risks" is the top IT problem or service need MSP respondents expect their clients to face in 2016. And it won by a mile, selected by more than a quarter of all respondents and receiving 40% more votes than the second-highest selection. This result isn’t a surprise given the unremitting flow of news on breaches and hacks.

...

http://mspmentor.net/blog/security-services-are-ripe-explosive-growth-2016

Thursday, 28 January 2016 00:00

Data Center Colocation in 2016: What to Expect

Edge data center users and companies with Internet of Things applications may breathe new life into secondary data center colocation markets in 2016. However, when it comes to large-footprint deployments, it appears 2016 will unfold in a similar manner to last year.

That’s according to Bo Bond, a managing director at the commercial real estate firm Jones Lang LaSalle. JLL recently released its Winter 2016 North America Data Center Perspective report, which examines the leasing activity and sale-leasebacks by data center providers.

...

http://www.datacenterknowledge.com/archives/2016/01/28/data-center-colocation-in-2016-what-to-expect/

Inconsistent understanding of organizational resilience

Two thirds (64%) of CEOs admit that the concept of organizational resilience is inconsistently understood across their business, despite 70% believing it to be vital to the long-term viability of their operation. This is according to research commissioned by BSI.

Encouragingly 28% of CEOs are confident they secure an advantage in the market from organizational resilience, almost half (49%) claiming it enhances their company’s reputation and 39% suggesting it has improved their organization’s competitiveness through quicker and better targeted responses to opportunities. The research also found that North American firms are more than twice as likely as European firms to have boosted the quality of their products and services through organizational resilience, something that is most commonly held back by short-term financial thinking, a lack of skills and a failure to focus on the management of resilience.

Howard Kerr, Chief Executive of BSI commented: “CEOs may become so risk averse that they’re not only missing out on opportunities, but potentially undermining the long-term resilience of their organizations. Leaders need to have confidence in the ability of their team to remain agile and adaptive, while maintaining robust processes in the face of uncertainty. Ultimately today’s challenging conditions offer an opportunity to forge stronger team dynamics and delivery.

Worldwide more than half of CEOs (52%) attributed failures in organizational resilience to a lack of skills amongst their workforce. In a signal as to the importance of the issue, more than half (57%) of CEOs take personal responsibility for driving organizational resilience across their business. Just a quarter (25%) entrusted responsibility to colleagues below C-level in their seniority.

Kerr concluded: “Change must be led from the top. Organizations can be surprisingly naive, ignoring advice and best practice until they experience a setback themselves. CEO resignations aren’t just token sacrifices; they are a symptom of a wider malaise. Adapting and coping with change is a team effort, based on a culture of excellence across people, products and processes. True leaders recognize that Organizational Resilience is a strategic imperative across the whole business.

Revelations of government snooping and pressure on cloud providers to provide customer data to authorities have led to new developments in the way encryption is applied. The problem came about because the providers did the encryption of the data, but also held the encryption keys. That meant that customer data was protected from everyone else, except from the provider itself. Of course, the option for customers to encrypt their data before sending it to the cloud for storage has always existed, but makes it more difficult to use the data for cloud-based applications. A recent twist to the encryption saga is BYOE, also known as BYOK (Bring Your Own Key). How well does this answer concerns about data privacy in the cloud?

...

http://www.opscentre.com.au/blog/how-ready-do-you-feel-for-byoe-bring-your-own-encryption/

OXFORD, Miss. – Home and business owners looking for information on how to rebuild safer and stronger following the destructive December storms will find help this week at local hardware stores in Ashland and Holly Springs.

Mitigation specialists from the Federal Emergency Management Agency will be at the Ashland Hardware store at 15800 Boundary Drive this Thursday and Friday from 9 a.m. to 6 p.m. and on Saturday from 10 a.m. to 3 p.m. They will be in Holly Springs at the Booker Hardware store at 119 South Market St. this Friday, 10 a.m. to 3 p.m. and Saturday from 10 a.m. to noon.

The specialists will answer questions and offer advice on ways to repair or rebuild homes so they are more storm resistant. Free printed materials with additional information will also be available.

The FEMA specialists can also offer advice on dealing with contractors, in particular on how to avoid being scammed. The specialists will provide handouts on selecting and working with contractors.

Anyone interested is welcome whether or not they are receiving financial disaster assistance from FEMA.

For the latest information on Mississippi disaster recovery operations, visit msema.org and fema.gov/disaster/4248.

###

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

 
State/Tribal Government or Region: 
Thursday, 28 January 2016 00:00

Walmart Open Sources Cloud Management Platform

Walmart became the latest major business to embrace the open source cloud this week with the release on GitHub of OneOps, the company’s formerly closed-source cloud management and application lifecycle platform.

OneOps is a platform for building and launching cloud-based applications across varied and changing environments. It offers a way to deploy apps on different providers’ platforms, from Microsoft Azure, Rackspace and CenturyLink public clouds to private or hybrid environments built using OpenStack.

The main selling point of OneOps for businesses is that it lets organizations switch between different providers easily to take advantage of changes in pricing, features and scalability. Meanwhile, for developers, it makes it easier to build and deploy cloud apps in a vendor-agnostic way.

...

http://www.datacenterknowledge.com/archives/2016/01/27/walmart-open-sources-oneops-cloud-application-management-platform/

Thursday, 28 January 2016 00:00

Why Mobile Apps Are Not Getting More Secure

Last month, Veracode released a supplement to its 2015 security report that focused on application development. The report showed that four of five applications written in PHP, Classic ASP and ColdFusion failed at least one of The Open Web Application Security Project (OWASP) Top Ten, a list of security benchmark best practices. Put more simply, the research suggests that applications – many of them mobile – are awash in vulnerabilities.

The research found that one scripting language is riskier than two other common approaches.  “In the side-by-side comparison of programming languages, we found that PHP was far more vulnerable to the issues of cross-site scripting and SQL injection than Java and .NET,” Chris Wysopal, Veracode’s co-founder, CTO and CISO says.

The intricacies of which scripting languages are more vulnerable than others is very important to developers and security professionals. For others, however, the question is a bit simpler: Is there an epidemic of insecure applications running on the mobile devices, many of which handle corporate communications and data?

...

http://www.itbusinessedge.com/articles/why-mobile-apps-are-not-getting-more-secure.html