Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 29, Issue 2

Full Contents Now Available!

Jon Seals

Growing cloud, social media, and enterprise companies too often place revenue growth at severe risk due to legacy IT infrastructure constraints.

Today’s explosion of data, applications, and business needs requires quick, flexible scaling of data center footprints – including data halls, cages, or entire
data centers.

Scale at Hyper-Speed

CyrusOne delivers large-scale, flexible data center solutions in record-breaking speed, eliminating the risks of unpredictable IT capacity planning.

...

http://www.cyrusone.com/blog/need-speed-reduces-capacity-planning-risks-leaders/

Companies continue to struggle to hire people skilled in cloud computing--and not because potential hires are holding out for jumbo sized paychecks. Simply put, there just aren’t enough qualified candidates.

The competition for talent has never been more fierce, with businesses snapping up cloud professionals as soon as they can find them. Indeed, roughly 75% of organizations already use public cloud services, and the numbers will likely continue to increase in the future. Meanwhile, the corresponding growth in the number of hybrid cloud installations also continues to accelerate.

Universities just aren’t cranking out graduates fast enough. The U.S. creates 120,000 new jobs that require computer science degrees each year. But the educational system produces only 49,000 related degrees. That leaves an annual deficit of 71,000 degrees and a growing number of unfilled IT jobs.

...

http://mspmentor.net/cloud-services/what-it-staffing-shortage-means-msps

Friday, 24 June 2016 00:00

Building Your Big Data Foundations

Whenever a company starts out in their data journey, most face the same broad issues. This is regardless of what kind of data they are collecting, what their business goals are and which industry they work in - each will follow broadly the same route to their goal.

The problem is that many don't know what this map is, as it seems like it is constantly changing as new technologies and techniques are brought to market. However, the truth is that there are four foundations that every company needs to look at when creating their data program.

...

https://channels.theinnovationenterprise.com/articles/building-your-big-data-foundations

First, it helps to compare your own preparations with those of another entity.

Secondly, if the other enterprise in question is one of your strategic suppliers, it is essential to know that your organisation is also protected, thanks to the measures taken by the supplier for its own uninterrupted business operations.

Here, for instance, are the BC position statements of two well-known technology companies. They might surprise you.

...

http://www.opscentre.com/learning-others-business-continuity/

The buzzwords 'big data' have been in the IT news world for a while now, and as the phenomenon of big data has begun to grow, so has its incorporation in big business. However, big data is not just limited to big businesses – small businesses can benefit from the incorporation of big data into their networks as well. However, knowing you need a big data infrastructure and actually building one are two different things. There are a few ways companies of any size – small, medium, and large – can incorporate big data into their business model.

Collecting Your Data

Think of data how it looks when it arrives at your door. Data includes everything about your company, from sales records to marketing lists. You may actually not need to add any more data to what you already have, but the problem is collecting and sourcing the data in a manner that you can use.

Sourcing your data can mean a lot of things, but at the very least, it is going to involve a deeper infrastructure investment. You will need to broaden your social media channels, add forms and prompts to your website to collect more client and customer information, and apps that generate user statistics. Depending on your technical expertise, you may be able to set up the majority of this infrastructure yourself, but if you're trying to build your brand and business, this might be a better task left to an expert, regardless of the cost.

Those who are well-versed in small IT networks, however, could easily set up an infrastructure like this with very little outside help. If you are just in the process of building and registering your company, it's best to leave tasks like these completely up to the experts. Use specialized services to set up your company for a reasonable fee, and leave the computing to other experts.

...

https://channels.theinnovationenterprise.com/articles/how-to-build-your-big-data-infrastructure

Governance Documents and Communications Matrices 

Regina Phelps recently joined forces with Everbridge and recorded a webinar that explores in-depth strategies for improving your disaster and crisis management. Previously in part 3 of this five part series, Regina discussed the 3 main responsibilities of a communications team. If you missed part 3, you can access it here

In this installment of the series, Regina discusses what a governance document and a communication matrix are, and what their content should be.

...

http://www.everbridge.com/improving-disaster-and-crisis-management-with-timely-communication-and-response-4/

Focus on Building the Next Generation of Cybersecurity Professionals That Will Help Businesses Fight Cybercrime

CHICAGO, Ill. – Trustwave today announced a partnership with the Illinois Technology Association (ITA) to foster cybersecurity skills and job placements that can better help businesses better fight cybercrime, protect data and reduce risk.

As part of the partnership, Trustwave has become the only platinum sponsor of the ITA's 2016 Tech Challenge. In its 7th year, the ITA Tech Challenge is a programming and coding skills competition for students at targeted Midwest universities. The ITA has increased the number of participating universities from 15 to 21 in 2016. The ITA and the Tech Challenge program has met with more than 2,500 technology-focused students across the Midwest, and each year dozens of offers are extended to Tech Challenge participants for internships or entry-level positions at high-tech companies including Trustwave.

Phase one of the program starts in September with qualifying challenges held on 21 participating university campuses. Phase two involves the top 50 scorers which are invited to Chicago for a final challenge and interviews with Chicago-area technologies companies. Among those interviewing, Trustwave has more than 300 global job openings and more than 150 based in the Chicago area.

Trustwave Chief Executive Officer and President Robert J. McCullen said: "The shortage of skilled information security professionals is not only an issue we must address immediately in the workforce but also for the future in the world's classrooms. By teaming with the Illinois Technology Association, Trustwave hopes that students have an informative and engaging opportunity to explore the challenging world of cybersecurity, choose this exciting career path, and join in our cause to fight cybercrime, protect data and reduce risk."

Illinois Technology Association Director of Talent Programs Trisha Degg said: "As a key leader in the fight against cybercrime, Trustwave is in a unique position to help businesses protect their systems, networks and applications from threats. We're pleased to partner with such an innovative services and technology provider as part of our quest to bring high-tech skills to the Illinois and Chicago technology community. We thank Trustwave for its support and sponsorship, and look forward to bringing qualified candidates to Chicago's top cybersecurity employer."

Learn more about the ITA Tech Challenge: https://www.illinoistech.org/techchallenge.

Learn more about Trustwave careers: https://www.trustwave.com/Company/About-Us/Careers/.

About ITA
Illinois Technology Association (ITA) is focused on scaling Illinois tech companies. With innovative resources that allow members to collaborate with each other, build their talent networks, and elevate their local and national presence, ITA is growing the local tech community. Founded in 2005 and supporting 500-plus growth-stage tech companies, ITA has a rich history of driving the business forward. For more information, visit illinoistech.org, follow @ITAbuzz on Twitter or find us on LinkedIn.

About Trustwave
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

All trademarks used herein remain the property of their respective owners. Their use does not indicate or imply a relationship between Trustwave and the owners of such trademarks.

 

State-of-the-Art Machine Learning Delivers Actionable Visualization and Anomaly Detection in the CloudLock CASB and Cloud Cybersecurity Platform

WALTHAM, Mass. – CloudLock®, the leading provider of Cloud Access Security Broker (CASB) and Cybersecurity-as-a-Service solutions, today announced the release of the next generation of its innovative machine learning capabilities to include suspicious login activity monitoring, location-based anomaly detection, and IP reputation analysis to identify anomalies, zero in on suspicious behavior, and pinpoint true threats across SaaS, IaaS, PaaS, and IDaaS cloud platforms.

The inability to detect real threats from millions of alerts they receive daily as well as the lack of timely response capabilities are the greatest challenges facing security teams today. Pioneered by CloudLock's research intelligence arm, the CyberLab, machine learning capabilities are the foundation of the Cloud Security Fabric™, helping security teams narrow their focus on user activities indicative of true threats. Using the company's Cloud Threat Funnel methodology, along with big data technologies and multiple advanced clustering algorithms, CloudLock's machine learning technology continuously evolves based on analyzing the industry's largest data set spanning over one billion files and events monitored daily.

CloudLock's expanded machine learning capabilities include:

Suspicious Login Activity Monitoring captures high frequency login anomalies, such as login failures and login challenges from unusual devices, geographies and time periods for a given user, indicate potential threats to corporate user accounts. While login challenges are all-too-easy for attackers to overcome, CloudLock's threat analytics arms corporate security teams with actionable intelligence, enabling quick response times.

Location-Based Anomaly Detection exposes abnormal user activity, where users attempt to login from IP addresses that map to locations that differ from the baseline (corporate headquarters, satellite offices, etc.) within short time frames. Activity outside of the normal baseline could signal an account compromise, requiring timely response to mitigate the situation.

IP Reputation Analysis surfaces user activities with high IP reputation risk scores based on CloudLock CyberLab research enriched with multiple third party threat intelligence services. Security teams have real-time access to outlier user activities based on frequencies (identifying users with exceptionally high counts of different IP addresses) as well as activities from IP addresses associated with malicious activities, such as spamming, zombie networks, and port scanning.

The CloudLock Security Fabric™ helps to automate the remediation of truly malicious threats directly from within the CloudLock dashboard, delivering unparalleled visibility across cloud platforms with the highest signal-to-noise ratio. Multiple response actions, such as encryption, quarantining, end-user notifications and forced step-up multi-factor authentication allow security teams to take a risk-appropriate security stance.

"Security specialists are drowning in the sea of security alerts. By highlighting the 0.02% of alerts that really point to suspicious behavior, CloudLock's Security Fabric, now enhanced with the most advanced machine learning algorithms, further helps organizations unearth and immediately respond to real security threats," said Ron Zalkind, CTO and co-founder at CloudLock.

To learn more about how CloudLock works visit https://www.cloudlock.com/products/how-it-works/ or read the CloudLock Q1 2016 cybersecurity report: "The Cloud Threat Funnel: Suspicious User Behavior That Matters."

About CloudLock's CyberLab
CloudLock is the only security vendor uniquely combining U.S. and Israeli Military Intelligence with real-time, crowdsourced cloud security insight. CloudLock continuously monitors over one billion files daily across more than 10 million users. Security professionals feed into CloudLock's unique security insight through peer-driven, crowdsourced Community Trust Ratings™. This intelligence allows organizations to immediately respond to emerging cloud cyber threats and risky apps.

About CloudLock
CloudLock is the cloud-native CASB and Cloud Cybersecurity Platform that helps organizations securely leverage cloud apps they buy and build. CloudLock delivers security visibility and control for SaaS, IaaS, PaaS and IDaaS environments across the entire enterprise in seconds. Founded by Israeli Elite Cybersecurity Military Intelligence experts, the company delivers actionable cybersecurity intelligence through its data scientist-led CyberLab and crowdsourced security analytics across billions of data points daily. CloudLock has been recognized by Inc. Magazine as the fastest growing security product company in the U.S. and by Glassdoor as one of the top 3 best places to work in the U.S. Learn more at www.cloudlock.com.

 

Rigorous Audit Validates Snapdocs as Trusted Partner With Modern Security Measures Built Into Its Online Platform to Protect Customers

SAN FRANCISCO, Calif. – Snapdocs, Inc., a modern technology platform that simplifies mortgage loan closings, today announced that it successfully completed the Service Organization Control (SOC) 2® Type 1 audit. Launched by the American Institute of Certified Public Accountants (AICPA), the SOC report certifies the service delivery processes and controls of organizations that operate information systems and deliver information system services to other entities.

"SOC 2® compliance speaks volumes in the highly regulated mortgage industry, which is becoming ever more dependent on cloud service providers," commented Snapdocs CEO Aaron King. "Snapdocs is proud to be transparent and undergo a rigorous examination of our airtight information security policies and procedures to build trust with our customers."

Conducted by A-LIGN, a nationwide security and compliance solutions provider, the rigorous SOC 2® audit verifies that Snapdocs' information security policies, practices, procedures and operations meet the SOC 2 standards for the below [1]:

(i) Security - The system is protected against unauthorized access (both physical and logical);

(ii) Availability - The system is available for operation and use as committed or agreed;

(iii) Processing integrity - System processing is complete, accurate, timely and authorized;

(iv) Confidentiality - Information designated as confidential is protected as committed or agreed;

(v) Privacy - Personal information is collected, used, retained, disclosed and disposed of in conformity with the commitments in the entity's privacy notice, and with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and Canadian Institute of Chartered Accountants.

"As the mortgage industry increasingly turns to outside technology providers to streamline activities that are core to business operations and strategy, having confidence in cloud service providers' operations, processes and results is imperative," added King.

To learn more about Snapdocs' strict privacy, security and risk management standards that keep all parties protected throughout the mortgage process, visit www.snapdocs.com.

About Snapdocs, Inc.

Founded in 2012, Snapdocs provides a modern technology platform to replace outdated and wasteful workflows that are prevalent during the loan closing process. The company ranks and sorts mobile notary signing agents according to performance metrics and creates a more seamless workflow for lenders, title and escrow, document signing services, and real estate professionals. Snapdocs is an alum of Y Combinator, the prestigious Silicon Valley accelerator known for helping to launch trailblazing technology startups. To learn more, go to www.snapdocs.com.

[1]https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/pages/soclogosinfo.aspx

 

Latest Xen Project Release Delivers Security Enhancements for Embedded and Automotive Use Cases With Support for the Latest Hardware Features

SAN FRANCISCO, Calif. – The Xen Project, a project hosted at The Linux Foundation, today announced the release of Xen Project 4.7. The release minimizes downtime and improves the user experience with non-disruptive security patching, and includes security enhancements for embedded, automotive, IoT and new security use cases. The new release also adds support for the latest hardware features from Intel and ARM.

Xen Project Hypervisor 4.7 comes equipped with Live Patching, a technology that enables re-boot free deployment of security patches to minimize disruption and downtime during security upgrades for system administrators and DevOps practitioners. Xen Project 4.7 implements version 1 of the Hypervisor Live Patching specification, which is designed to encode the vast majority of security patches (approximately 90%) as Live Patching payloads. This version ships with a Live Patching enabled hypervisor and payload deployment tools and is available as a technology preview.

For security, embedded automotive and IoT use cases, Xen Project introduced the ability to remove core Xen Hypervisor features at compile time via KCONFIG. This ability creates a more lightweight hypervisor and eliminates extra attack surfaces that are beneficial in security-first environments, microservice architectures and environments that have heavy compliance and certification needs, like automotive.

"The Xen Project hypervisor is innovating in all areas and continues to evolve to meet the new needs of cloud computing and compute infrastructures," said Lars Kurth, chairperson of the Xen Project advisory board. "Xen Project 4.7 is a testament to the incredible collaboration that is happening within the community, and a continuation of our shorter release cycle."

The Xen Project powers more than 10 million users across enterprise and cloud computing in addition to embedded and mobile devices. First to market with Intel and ARM features, many of the world's largest companies and service providers use and invest in Xen Project software. Xen Project software is used in many commercial products, including Bitdefender Hypervisor Introspection, which was developed in close collaboration with Citrix. This technology leverages Xen Project's Virtual Machine Introspection feature to reveal malicious activity, however stealthy, which can remain invisible to traditional endpoint security.

Major contributions for this release come from AMD, ARM, Bitdefender, Bosch, Broadcom, Citrix, Fujitsu, GlobalLogic, Huawei, Intel, Linaro, Netflix, Novetta, NSA, Oracle, Red Hat, Star Lab, SUSE, Xilinx, and a number of universities and individuals. Xen Project's functionality continues to evolve to serve new compute infrastructures such as mobile, hyper-scale computing, massive workloads, security-intensive applications, embedded computing, cloud computing, hosting providers, and hardware appliances.

The following new features and capabilities are available in Xen Project Hypervisor 4.7:

  • Usability Improvements: In Xen 4.7, a new XL command line interface to manage PVUSB devices has been introduced to manage PVUSB devices for PV guests. The new XL commands also enables hot-plugging of USB devices as well as QEMU disk backends, such as drbd, iscsi, and more in HVM guests. This new feature allows users to add and remove disk backends to virtual machines without the need to reboot the guest. In addition, the soft reset for HVM guests allows for a more graceful shutdown and restart of the HVM guest.
  • Support for a wider range of workloads and applications: The PV guest limit restriction of 512GB has been removed to allow the creation of huge PV domains in the TB range. TB sized VMs, coupled with Xen Project's existing support for 512 vCPUs per VM, enable execution of memory and compute intensive workloads, like big data analytics workloads and in-memory databases.
  • Improved Live Migration support: CPU ID Levelling enables migration of VM's between a larger range of non-identical hosts than previously supported.
  • Enhanced Development with ARM: Xen Project now supports booting on hosts that expose ACPI 6.0 (and later) information. The ARM Server Base Boot Requirements (SBBR) stipulate that compliant systems need to express hardware resources with ACPI; thus this support will come in useful for ARM Servers. This effort was carried out by Shannon Zhao of Linaro with minor patches from Julien Grall of ARM.

Additionally, PSCI 1.0 compatibility allows Xen Project software to operate on systems that expose PSCI 1.0 methods. Now, all 1.x versions of PSCI will be compatible with Xen Project software. More information on Power State Co-ordination Interface can be found here. This effort was also carried out by Julien Grall with a patch from Dirk Behme of Bosch.

  • New feature support for the Intel® Xeon® processor product family: Xen Project 4.7 supports VT-d Posted Interrupts, which provides hardware-level acceleration to increase interrupt virtualization efficiency. It reduces latency and improves user experience through performance improvements, especially for interrupt-intensive front- end workloads such as web servers.

Xen Project 4.7 is the first to include Code and Data Prioritization (CDP), part of the Intel® Resource Director Technology (RDT) Framework and an extension of Cache Allocation Technology (CAT), first introduced in Xen Project 4.6. The introduction of CDP allows isolation of code/data within the shared L3 cache of multi-tenant environments, reducing contention and improving performance.

Additional features specific to the Intel Xeon processor family in Xen Project 4.7 include: VMX TSC Scaling, which allows for easier migration between machines with different CPU frequencies and support for Memory Protection Keys, a new security feature for hardening the software stack.

Comments from Xen Project Users and Contributors

"Oracle is committed to designing and delivering best-in-class cloud services to help businesses transition from traditional systems to the cloud," said Ajay Srivastava, senior vice president, Linux and Virtualization, Oracle. "The new live patching capabilities in Xen Project Hypervisor 4.7 can help reduce downtime for private, public and hybrid cloud environments, which is of vital importance to our customers."

"Intel is focused on enabling widespread cloud adoption and works across the industry to deliver

the best architecture for the current and future needs of compute, storage, and networking," said Susie Li, Director of Virtualization, Intel Open Source Technology Center and Xen Project Advisory Board Member. "The work the Xen Project community has achieved underpins many of the world's largest and most successful data centers in the world, setting the standard for performance, security, and capabilities. Xen Project 4.7 is developed with the latest Intel platform features to make it easier to deploy and scale clouds, so businesses can deliver services to their customers faster and more securely."

"Organizations continually have to readjust their security strategy to mitigate deep threats to IT systems. Bitdefender Hypervisor Introspection (HVI), which is tightly integrated with XenServer Direct Inspect API from Citrix, runs memory introspection at the hypervisor-level," said Harish Agastya, Vice President of Enterprise Solutions at Bitdefender. "The Xen Project hypervisor provides critical virtualization and security building blocks, which enable us to partner with Citrix to create a new security layer that detects suspicious activities by working directly with raw memory - a level of insight from which malware cannot hide."

Additional Resources

  • Xen Project Hypervisor technical blog
  • Xen Project Hypervisor version 4.7 download

About Xen Project
Xen Project software is an open source virtualization platform licensed under the GPLv2 with a similar governance structure to the Linux kernel. Designed from the start for cloud computing, the Project has more than a decade of development and is being used by more than 10 million users. A Project at The Linux Foundation, the Xen Project community is focused on advancing virtualization in a number of different commercial and open source applications including server virtualization, Infrastructure as a Services (IaaS), desktop virtualization, security applications, embedded and hardware appliances. It counts many industry and open source community leaders among its members including: Alibaba, Amazon Web Services, AMD, ARM, Bromium, Cavium, Citrix, Huawei, Intel, NetApp, Oracle, Rackspace, and Verizon Terremark. For more information about the Xen Project software and to participate, please visit XenProject.org.

Trademarks
Oracle and Java are registered trademarks of Oracle and/or its affiliates.