Costs of the Cloud
December 15, 2016
The cloud was supposed to save organizations a bundle on servers, but now we learn from Datamation that “Enterprises Struggle with Managing Cloud Costs.” The article cites a recent report from Dimensional Research and cloud-financial-management firm Cloud Cruiser, which tells us, for one thing, that 92 percent of organizations surveyed now use the cloud. Researchers polled 189 IT pros at Amazon Web Services (AWS) Global Summit in Chicago this past April, where they also found that 95 percent of respondents expect their cloud usage to expand over the next year.
However, organizations may wish to pause and reconsider their approach before throwing more money at cloud systems. Writer Pedro Hernandez reports:
Most organizations are suffering from a massive blind spot when it comes to budgeting for their public cloud services and making certain they are getting their money’s worth. Nearly a third of respondents said that they aren’t proactively managing cloud spend and usage, the study found. A whopping 82 percent said they encountered difficulties reconciling bills for cloud services with their finance departments.
The top challenge with the continuously growing public cloud resource is the ability to manage allocation usage and costs,’ stated the report. ‘IT and Finance continue to have difficulty working together to ascertain and allocate public cloud usage, and IT continues to struggle with technologies that will gather and track public cloud usage information.’ …
David Gehringer, principal at Dimensional Research, believes it’s time for enterprises to quit treating the cloud differently and adopt IT monitoring and cost-control measures similar to those used in their own data centers.
The report also found that top priorities for respondents included cost and reporting at 54 percent, performance management at 46 percent, and resource optimization at 45 percent. It also found that cloudy demand is driven by application development and testing, at 59 percent, and big data/ analytics at 31 percent.
The cloud is no longer a shiny new invention, but rather an integral part of most organizations. We would do well to approach its management and funding as we would other resource. The original report is available, with registration, here.
Cynthia Murrell, December 15, 2016
Facebook AI pro Throws Shade at DeepMind Headquarters
November 29, 2016
An AI expert at Facebook criticizes Google’s handling of DeepMind, we learn in Business Insider’s article, “Facebook’s AI Guru Thinks DeepMind is Too Far Away from the ‘Mothership’.” Might Yann LeCun, said guru, be biased? Nah. He simply points out that DeepMind’s London offices are geographically far away from Google’s headquarters in California. Writer Sam Shead, on the other hand, observes that physical distance does not hamper collaboration the way it did before this little thing called the Internet came along.
The article reminds us of rumors that Facebook was eying DeepMind before Google snapped it up. When asked, LeCun declined to confirm or deny that rumor. Shead tells us:
LeCun said: ‘You know, things played out the way they played out. There’s a lot of very good people at DeepMind.’ He added: ‘I think the nature of DeepMind eventually would have been quite a bit different from what it is now if DeepMind had been acquired by a different company than Google.
Google and Facebook are competitors in some areas of their businesses but the companies are also working together to advance the field of AI. ‘It’s very nice to have several companies that work on this space in an open fashion because we build on each other’s ideas,’ said LeCun. ‘So whenever we come up with an idea, very often DeepMind will build on top of it and do something that’s better and vice versa. Sometimes within days or months of each other we work on the same team. They hire half of my students.
Hooray for cooperation. As it happens, London is not an arbitrary location for DeepMind. The enterprise was founded in 2010 by two Oxbridge grads, Demis Hassabis and Mustafa Suleyman, along with UCL professor Shane Legg. Google bought the company in 2014, and has been making the most of their acquisition ever since. For example, Shead reminds us, Google has used the AI to help boost the efficiency of their data-center cooling units by some 40%. A worthy endeavor, indeed.
Cynthia Murrell, November 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Enterprise Technology Perspective on Preventing Security Breaches
September 16, 2016
When it comes to the Dark Web, the enterprise perspective wants solutions to prevent security breaches. Fort Scale released an article, Dark Web — Tor Use is 50% Criminal Activity — How to Detect It, speaking to this audience. This write-up explains the anonymizer Tor as The Onion Router, a name explained by the multiple layers used to hide an IP address and therefore the user’s identity. How does the security software works to detect Tor users? We learned,
There are a couple of ways security software can determine if a user is connecting via the Tor network. The first way is through their IP address. The list of Tor relays is public, so you can check whether the user is coming from a known Tor relay. It’s actually a little bit trickier than that, but a quality security package should be able to alert you if user behaviors include connecting via a Tor network. The second way is by looking at various application-level characteristics. For example, a good security system can distinguish the differences between a standard browser and a Tor Browser because among other things,Tor software won’t respond to certain history requests or JavaScript queries.
Many cybersecurity software companies that exist offer solutions that monitor the Dark Web for sensitive data, which is more of a recovery strategy. However, this article highlights the importance of cybersecurity solutions which monitor enterprise systems usage to identify users connecting through Tor. While this appears a sound strategy to understand the frequency of Tor-based users, it will be important to know whether these data-producing software solutions facilitate action such as removing Tor users from the network.
Megan Feil, September 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Defending Against Java Deserialization Ransomware
July 13, 2016
What is different about the recent rash of ransomware attacks against hospitals (besides the level of callousness it takes to hold the well-being of hospital patients for ransom)? CyberWatch brings us up to date in, “My Layman’’s Terms: The Java Deserialization Vulnerability in Current Ransomware.” Writer Cheryl Biswas begins by assuring us it is practicality, not sheer cruelty, that has hackers aiming at hospitals. Other entities, like law enforcement agencies, which rely on uninterrupted access to their systems to keep people safe are also being attacked. Oh, goody.
The problem begins with a vulnerability at the very heart of any Java-based system, the server. And here we thought open source was more secure than proprietary software. Biswas informs us:
“This [ransomware] goes after servers, so it can bring down entire networks, and doesn’t rely on the social engineering tactics to gain access. It’s so bad US-CERT has issued this recent advisory. I’ve laid out what’s been made available on just how this new strain of ransomware works. And I’ve done it in terms to help anybody take a closer look at the middleware running in their systems currently. Because a little knowledge could be dangerous thing used to our advantage this time.”
The article goes on to cover what this strain of ransomware can do, who could be affected, and how. One key point—anything that accepts serialized Java objects could be a target, and many Java-based middleware products do not validate untrusted objects before deserialization. See the article for more technical details, and for Biswas’ list of sources. She concludes with these recommendations:
“Needs to Happen:
“Enterprises must find all the places they use deserialized or untrusted data. Searching code alone will not be enough. Frameworks and libraries can also be exposed.
“Need to harden it against the threat.
“Removing commons collections from app servers will not be enough. Other libraries can be affected.
“Contrast Sec has a free tool for addressing issue. Runtime Application Self-Protection RASP. Adds code to deserialization engine to prevent exploitation.”
Organizations the world over must not put off addressing these vulnerabilities, especially ones in charge of health and safety.
Cynthia Murrell, July 13, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Newly Launched Terbium Software to Monitor Dark Web for Enterprise
April 11, 2016
Impacting groups like Target to JP Morgan Chase, data breaches are increasingly common and security firms are popping up to address the issue. The article Dark Web data hunter Terbium Labs secures $6.4m in fresh funding from ZDNet reports Terbium Labs received $6.4 million in Series A funding. Terbium Labs released software called Matchlight which provides real-time surveillance of the Dark Web and alerts enterprises when their organization’s data surfaces. Consumer data, sensitive company records, and trade secrets are among the types of data for which enterprises are seeking protection. We learned,
“Earlier this month, cloud security firm Bitglass revealed the results of an experiment focused on how quickly stolen data spreads through the Dark Web. The company found that within days, financial credentials leaked to the underground spread to 30 countries across six continents with thousands of users accessing the information.”
While Terbium appears to offer value for stopping a breach once it’s started, what about preventing such breaches in the first place? Perhaps there are opportunities for partnerships with Terbium and players in the prevention arena. Or, then again, maybe companies will buy piecemeal services from individual vendors.
Megan Feil, April 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Progress and Obstacles for Microsoft Delve When It Comes to On-Premise Search
March 7, 2016
The article titled Microsoft Delve Faces Challenges in Enterprise Search Role on Search Content Management posits that Microsoft Delve could use some serious enhancements to ensure that it functions as well with on-premises data as it does with data from the cloud. Delve is an exciting step forward, an enterprise-wide search engine that relies on machine learning to deliver relevant results. The article even goes so far as to call it a “digital assistant” that can make decisions based on an analysis of previous requests and preferences. But there is a downside, and the article explains it,
“Microsoft Delve isn’t being used to its full potential. Deployed within the cloud-based Office 365 (O365) environment, it can monitor activity and retrieve information from SharePoint, OneDrive and Outlook in a single pass — and that’s pretty impressive. But few organizations have migrated their entire enterprise to O365, and a majority never will: Hybrid deployments and blending cloud systems with on-premises platforms are the norm… if an organization has mostly on-premises data, its search results will always be incomplete.”
With a new version of Delve in the works at Microsoft, the message has already been received. According to the article, the hybrid Delve will be the first on-premise product based on SharePoint Online. You can almost hear the content management specialists holding their breaths for an integrated cloud and on-premise architecture for search.
Chelsea Kerwin, March 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Enterprise and Online Anonymity Networks
February 3, 2016
An article entitled Tor and the enterprise 2016 – blocking malware, darknet use and rogue nodes from Computer World UK discusses the inevitable enterprise concerns related to anonymity networks. Tor, The Onion Router, has gained steam with mainstream internet users in the last five years. According to the article,
“It’s not hard to understand that Tor has plenty of perfectly legitimate uses (it is not our intention to stigmatise its use) but it also has plenty of troubling ones such as connecting to criminal sites on the ‘darknet’, as a channel for malware and as a way of bypassing network security. The anxiety for organisations is that it is impossible to tell which is which. Tor is not the only anonymity network designed with ultra-security in mind, The Invisible Internet Project (I2P) being another example. On top of this, VPNs and proxies also create similar risks although these are much easier to spot and block.”
The conclusion this article draws is that technology can only take the enterprise so far in mitigating risk. Reliance on penalties for running unauthorized applications is their suggestion, but this seems to be a short-sighted solution if popularity of anonymity networks rise.
Megan Feil, February 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Braiding Big Data
October 26, 2015
An apt metaphor to explain big data is the act of braiding. Braiding requires person to take three or more locks of hair and alternating weaving them together. The end result is clean, pretty hairstyle that keeps a person’s hair in place and off the face. Big data is like braiding, because specially tailored software takes an unruly mess of data, including the combed and uncombed strands, and organizes them into a legible format. Perhaps this is why TopQuadrant named its popular big data software TopBraid, read more about its software upgrade in “TopQuadrant Launches TopBraid 5.0.”
TopBraid Suite is an enterprise Web-based solution set that simplifies the development and management of standards-based, model driven solutions focused on taxonomy, ontology, metadata management, reference data governance, and data virtualization. The newest upgrade for TopBraid builds on the current enterprise information management solutions and adds new options:
“ ‘It continues to be our goal to improve ways for users to harness the full potential of their data,’ said Irene Polikoff, CEO and co-founder of TopQuadrant. ‘This latest release of 5.0 includes an exciting new feature, AutoClassifier. While our TopBraid Enterprise Vocabulary Net (EVN) Tagger has let users manually tag content with concepts from their vocabularies for several years, AutoClassifier completely automates that process.’ “
The AutoClassifer makes it easier to add and edit tags before making them a part of the production tag set. Other new features are for TopBraid Enterprise Vocabulary Net (TopBraid EVN), TopBraid Reference Data Manager (RDM), TopBraid Insight, and the TopBraid platform, including improvements in internationalization and a new component for increasing system availability in enterprise environments, TopBraid DataCache.
TopBraid might be the solution an enterprise system needs to braid its data into style.
Whitney Grace, October 26, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Xendo, Can Do
October 23, 2015
While it would be lovely to access and find all important documents, emails, and Web sites within a couple clicks, users usually have to access several programs or individual files to locate their information. Stark Industries wanted users to have the power of Google search engine without compromising their personal security. Xendo is a private, personal search engine that connects with various services, including email servers, social media account, clouds, newsfeeds, and more.
Once all the desired user accounts are connected to Xendo, the search engine indexes all the files within the services. The index is encrypted, so it securely processes them. After the indexing is finished, Xendo will search through all the files and return search results displaying the content and service types related to inputted keywords. Xendo promises that:
“After your initial index is built, Xendo automatically keeps it up-to-date by adding, removing and updating content as it changes. Xendo automatically updates your index to reflect role and permission changes in each of your connected services. Xendo is hosted in some of the most secure data-centers in the world and uses multiple layers of security to ensure your data is secured in transit and at rest, like it’s in a bank vault.”
Basic Xendo search is free for individual users with payments required for upgrades. The basic search offers deep search, unlimited access, and unlimited content, while the other plans offer more search options based on subscription. Xendo can be deployed for enterprise systems, but it requires a personalized quote.
Whitney Grace, October 23, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Genentech Joins the Google Enterprise Crew
October 22, 2015
Enterprise search offers customizable solutions for organizations to locate and organize their data. Most of the time organizations purchase a search solution is to become more efficient, comply with procedures for quality compliance, and or to further their business development. The latter usually revolves around sales operation planning, program research, customer service, contracts, and tech sales collateral.
Life sciences companies are but one of the few that can benefit from enterprise search solutions. Genentech recently deployed the Google Search Application to improve the three areas listed above. Perficient explains the benefits of enterprise search for a life science company in the video, “Why Life Sciences Leader Genentech Adopted Google Enterprise Search.”
“‘…we explore why life sciences leader Genentech executed Google Search Appliance. “No company is or should ever be static. You have to evolve,’ said CEO Ian Clark.”
Perficient helps companies like Genentech by customizing a search solution by evaluating the company and identifying the areas where it can be improved the most. They host workshops to evaluate where people in different areas must stop to search for information before returning to the task. From the workshops, Perficient can create a business prototype to take their existing business process and improve upon it. Perficient follows this procedure when it deploys enterprise search in new companies.
The video only explains a short version of the process Perficient deployed at Genentech to improve their business operations with search. A full webinar was posted on their Web site: “Google Search For Life Sciences Companies.”
Whitney Grace, October 22, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
