Category Archives: Enterprise IT news

Enterprise IT news

Jitterbit Harmony update brings API management to iPaaS

Multi-SaaS environments are common in enterprises today, and so are connection challenges between those environments. Jitterbit promises to simplify SaaS integrations with the latest version of its enterprise iPaaS platform.

The Harmony Summer ’18 release adds API lifecycle management and hundreds of self-service integration templates. It also features point-and-click integration and API management capabilities to accommodate both non-IT knowledge workers and experienced integrators and API developers.

In this era of BizDevOps, individual business departments frequently help implement integration between cloud applications, said Neil Ward-Dutton, research director for U.K.-based MWD Advisors. Jitterbit has worked to provide an integration platform as a service (iPaaS) that caters not only to IT specialists, but also to lesstechnical staff, he said.

Jitterbit’s expanded recipe book

With over 500 new, prebuilt and certified recipes, the Harmony Summer ’18 release aims to help less technical users quickly build integrations for common combinations of applications, Ward-Dutton said. Jitterbit recipes enable endpoint connections between enterprise SaaS apps, such as Amazon Simple Storage Service, Box, NetSuite, Salesforce and others.

In the past, Jitterbit Harmony enabled IT specialists to build integration recipes for business teams, Ward-Dutton said. The new set of development templates goes a step further to provide a library of easy-to-use, certified content, with a guarantee of certified General Data Protection Regulation compliance.

Jitterbit, overall, does a good job of spanning core IT and citizen integrator audiences.
Neil Ward-Duttonresearch director, MWD Advisors

“Jitterbit, overall, does a good job of spanning core IT and citizen integrator audiences, and its [recipes are] more consumable than more hardcore tech platforms, like those from MuleSoft and TIBCO,” Ward-Dutton said. “However, others like Boomi, Scribe Online and SnapLogic are pretty comparable.”

For Skullcandy Inc., Jitterbit’s prebuilt integration templates help it accelerate deployment and enable live integrations in weeks instead of months. “We were able to connect and automate our business processes with SAP [Business] ByDesign, EDI [electronic data interchange], FTP, email, databases — you name it,” said Yohan Beghein, IT director for the device vendor, based in Park City, Utah. With the updated Jitterbit Harmony iPaaS platform, Skullcandy processes millions of transactions, transforms high volumes of information with logic and synchronizes data across all systems, he said.

API management brings integration control

API integration is one of Jitterbit Harmony’s strong points, but its API management features lagged behind the aforementioned competitors; this latest release brings Harmony in line with many other players in this space, Ward-Dutton said.

Simon Peel, chief strategy officer, JitterbitSimon Peel

HotSchedules, a restaurant software vendor based in Austin, Texas, uses Harmony’s improved API integration and management features to quickly and accurately aggregate and manage data from many different sources. Without these capabilities, the HotSchedules’ operations team would have to use several different systems to understand the health of customers’ APIs and integrations, said Laura McDonough, vice president of operations at HotSchedules. “If the data isn’t accurate, our customer success team would be making decisions based on incorrect data,” she said.

With API development, integration and management capabilities on a single platform, it’s easier to expose data from existing apps and drive real-time integration, said Simon Peel, Jitterbit’s chief strategy officer. The new Jitterbit Harmony release enables full API lifecycle management from any device, including security control management, user authentication and API performance monitoring, and provides alerts about API processes.

The Summer ’18 release is available to new users on a 30-day trial basis.

Data migration software coming for SAP CRM

ORLANDO — The goal of every major CRM vendor is to gain more of the market share and potentially capture customers from competitors. But doing that can prove difficult for a number of reasons, including organizations relying on legacy systems, challenges with data migration and the cost associated with migration.

Along with unveiling C/4HANA, SAP’s new suite of applications that it says will provide that full 360-degree view of the customer, the company also told you can expect data migration software to help automate that migration process from SAP later this year.

In this Q&A from Sapphire Now, Giles House, EVP and chief product officer for SAP Customer Experience talks about the future of CRM within the SAP sphere, as well as what customers of CallidusCloud can expect from the product. SAP bought CallidusCloud earlier this year, putting the finishing touches on its C/4HANA suite. House was chief product officer and chief marketing officer for CallidusCloud before its acquisition by SAP.

Beyond tying together the front- and back-office processes of C/4HANA, SAP hopes that adding data migration software to the suite later this year will help persuade unhappy CRM customers to migrate.

After the CallidusCloud sale, can customers expect anything different with CallidusCloud? What should they look for? Has there been any concern from non-SAP customers?

Giles House: An obvious one is tighter integration with SAP — Callidus was a great partner with SAP for many years and, more recently, the last couple years, SAP rolled it out internally. The biggest thing for those customers is, through us, a lot more investment in technology and innovation.

We’ll still be open and talk with other CRMs, and the answer is absolutely. In the modern world, have to recognize there are sales departments making their people suffer in other systems. We have to make sure they get the best incentives and CPQ [configure price quote] platform on the market.

How do you convince potential customers that you’re not lagging behind in CRM?

House: The intent, the acquisitions and the fact we’ve got these integrations in already two months after the sale closed starts to show progress and give people confidence. As we get through the rest of this year, you’ll see a completely different conversation happening around SAP CRM and the product itself.

Giles House, EVP and chief product officer for SAP Customer Experience
Giles House, SAP

The reason why is simple: there’s $1 billion-plus of churn in the CRM market and about $2 billion of resentment. Many companies want to get off their current, expensive CRM platform because it doesn’t give them that 360-degree view, and every year the sales person comes knocking for a 10% increase in licensing fee.

There’s been a desire to switch, but there hasn’t been something good to switch to because the other propositions are that same patchwork quilt — integrate it yourself, good luck on the analytics. Different for SAP is it will all be integrated and all will be running on the SAP Analytics Cloud and all running on the best cloud platform out there. Not a cloud platform that pays $1 billion to a legacy database vendor like Oracle.

There are software customers that would like to migrate, but data migration software is expensive and the process is challenging. How are you hoping to get them to actually commit to that migration?

[Data migration] can all be automated and that’s another thing we’re bringing out later this year is the automation of that migration.
Giles HouseSAP

House: I think number one is we have to lower that cost. There was a customer where they were quoted it would be eight figures to move. Under the covers, it’s not that hard because what CRM is doing today for a lot of people is not that hard. CRM is a notepad on a database. ‘Here’s what’s going on in the deal, here’s an account of the customer.’ It’s not that hard if you think about it, but we need to help migrate that and automate that migration.

Do the data mapping, make it simple, create the new fields in the new systems and help update the workflows. That can all be automated and that’s another thing we’re bringing out later this year is the automation of that migration.

So automating that process from previous CRM systems to C/4HANA with data migration software will be part of the suite?

House: It has to be. We need to automate it — whether that’s using some of the automation technology that we already have at SAP or whether it’s a whole new [data migration software] solution, we need to get the details of that ironed out, but it’s doable and it will be done.

Aruba taps ClearPass, Central for SD-Branch management

Aruba, a Hewlett Packard Enterprise company, has unveiled software-based wired and wireless networking for the branch that includes a cloud-managed software-defined WAN.

This week, Aruba introduced the software-defined branch technology at the HPE Discover conference in Las Vegas. The latest product, which comprises software and hardware, operates in conjunction with the Aruba Central cloud-based management platform and the Aruba ClearPass policy manager for network access control.

Combined with Aruba access points and switches, the system provides everything a customer needs to run a LAN and an SD-WAN. The latter is for routing traffic to and from the corporate data center, IoT devices and SaaS and IaaS applications. IoT devices could include surveillance cameras, point-of-sale systems, and air conditioning and heating systems.

Aruba’s offering is best-suited for smaller enterprises with a wireless-first strategy in the branch, said Will Townsend, an analyst at Moor Insights & Strategy, based in Austin, Texas. “When you look at SD-Branch and look at what Aruba is doing, it’s going to be ideally suited for a greenfield deployment — with mobile the trick — and a small to midmarket-type profile of the customer.”

Aruba SD-Branch components

SD-Branch is a recent concept. The approach simplifies networking by using one device for multiple services, such as routing and firewalls. Aruba’s multi-function device is a gateway appliance a customer would deploy on each site.

The device includes an SD-WAN that routes traffic across the branch’s various links, including MPLS, LTE and broadband. The hardware also executes ClearPass access policies for individuals, groups of people, desktops and mobile and IoT devices. IT staff create the policies that define the available infrastructure, applications and data.

“We’re collapsing that SD-WAN functionality into the gateway and now the gateway becomes the central point of policy enforcement within the branch,” said Lissa Hollinger, a vice president of product and solutions marketing at Aruba.

Aruba Central oversees the SD-WAN, as well as the branch’s access points (APs), switches and routers. The cloud-based application also stores reusable configuration templates for gateways, APs and switches. Central uses the ClearPass-generated templates to automatically provision new devices.

Other components of the Aruba system include a headend gateway at the corporate data center that creates an IPsec tunnel to each branch. The device also has a firewall with essential features for bidirectional filtering of data center traffic.

For customers that want more security, Aruba provides the option of integrating the branch gateway with cloud-based firewalls from Check Point Software Technologies, Palo Alto Networks and Zscaler.

“The integration of [data protection] for WAN services and ClearPass for policy management makes this a competitive offering in the marketplace,” said Mark Hung, an analyst at Gartner.

To lessen the workload of IT staff, Aruba offers a mobile installer app. When a gateway, switch or AP arrives at a branch office, a nontechnical person can scan its barcode with the app to ensure the device is for that location. The process avoids getting hardware that isn’t registered to download the preset configurations for that branch.

Primary users of LANs built with Aruba technology include businesses within the retail, hospitality and healthcare industries. Aruba’s largest enterprise customers typically have an IT staff of less than a dozen people managing from 2,500 to 3,000 branch offices, according to Hollinger. 

Aruba sells the SD-Branch technology as part of Aruba Central. The gateways have a starting price of $1,495, plus an annual subscription of $450. Aruba plans to release the technology in July.

DRaaS solution: US Signal makes rounds in healthcare market

A managed service provider’s disaster-recovery-as-a-service offering is carving a niche among healthcare market customers, including Baystate Health System, a five-hospital medical enterprise in western Massachusetts.

The DRaaS solution from US Signal, an MSP based in Grand Rapids, Mich., is built on Zerto’s disaster recovery software, US Signal’s data center capability and the company’s managed services. The offering is designed to work in VMware vCenter Server and Microsoft System Center environments. One target market is healthcare.

“We have several healthcare facilities … all across the Midwest using this solution,” said Jerry Clark, director of cloud sales development at US Signal. The DRaaS solution meets HIPAA standards, according to the company.

Clark said many hospitals — and organizations in other industries, for that matter — are searching for ways to avoid the investment in duplicate hardware traditional DR approaches require. With DRaaS, hardware becomes the service provider’s issue. Instead of paying for hardware upfront, the customer pays a monthly management fee to the DRaaS provider. The approach has expanded the channel opportunity in DR.

“Enterprises … run into the same situation: ‘Do we spend all this Capex on disaster recovery hardware that may or may not ever get used?'” Clark noted. “A DRaaS solution makes it much more economical.”

Chart showing anticipated budget growth across various IT sectors
One-third of the respondents to TechTarget’s IT Priorities survey identified disaster recovery as an area for budget growth.

Baystate Health adopts DRaaS solution

US Signal found an East Coast customer, Baystate Health, based in Springfield, Mass., though VertitechIT, a US Signal consulting partner located in nearby Holyoke, Mass.

Jerry Clark, director of cloud sales development at US SignalJerry Clark

VertitechIT helped Baystate Health launch a software-defined data center initiative. The implementation uses the entire VMware stack across three active data centers. The three-node arrangement provides local data replication, but David Miller, senior IT director and CTO at Baystate Health, said an outage in 2016 knocked out all three sites — contrary to design assumptions — for 10 hours.

Miller said his organization had been looking into some form of remote replication and high availability but had yet to land a good solution. The downtime event, however, increased the urgency of finding one.

“We realized we had to do something now rather than later,” Miller said.

David Miller, CTO at Baystate Health SystemDavid Miller

VertitechIT introduced US Signal to Baystate Health. The companies met in VertitechIT’s corporate office and US Signal proposed its DRaaS solution. In its DRaaS solution, US Signal deploys Zerto’s IT Resilience Platform, specifically Zerto Virtual Manager and Virtual Replication Appliance. The software installed in the customer source environment replicates data writes for each protected virtual machine to the DR target site, in this case US Signal’s Grand Rapids data center. An MPLS link connects Baystate Health to the Michigan facility.

The remote replication service provides the benefit of geodiversity, according to the companies. Baystate Health’s data centers are all in the Springfield area.

[embedded content]

CIO of Christian Brothers Services discusses the
company’s infrastructure partnership with US Signal.

US Signal’s DRaaS solution also includes a playbook, which documents the steps Baystate Health IT personnel should take to failover to the disaster recovery site in the event of an outage. In addition, US Signal’s DRaaS package provides two annual DR tests. The DRaaS provider also tests failover before the DR plan goes into effect and documents that test in the playbook, Clark noted.

Miller said the DR service, which went live about a year ago, provides a recovery point objective (RPO) of “less than a couple of minutes” for Baystate Health’s PeopleSoft system, one of the healthcare provider’s tier-one applications. The recovery time objective (RTO) is less than two hours. RPO and RTO characteristics differ according to the application and its criticality.

Initially, the DRaaS solution covered a handful of apps, but the list of protected systems has expanded over the past 12 months, Miller said.

A DRaaS ‘showcase’

Myles Angell, executive project officer at VertitechIT, said the Baystate Health deployment has become “a showcase” when meeting with potential clients that have similar DR challenges.

Myles Angell, executive project officer at VertitechITMyles Angell

“We’re talking to other hospitals about it,” he said.

Other organizations interested in DRaaS should pay close attention to their application portfolios, however. Angell said businesses need to have a thorough understanding of applications before embarking on a DR strategy.

“To successfully build a disaster recovery option — and have confidence in the execution — relies on complete documentation of the application’s running state, dependencies and any necessary changes that would need to be executed at the time of a DR cut over,” he explained. “These pieces of information are vital to knowing how to adhere to the RTO/RPO objectives that have been defined.”

Angell said businesses may have a good understanding of their tier-one applications but may have less of a handle with regard to their tier-three or tier-four systems. The recovery of an application that isn’t well-documented or completely understood becomes a riskier endeavor when a disaster strikes.

“The DR option may miss the objectives and targets that the business is expecting and, therefore, the company may actually be worse off due to lost time trying to scramble for the little things that were not documented,” Angell said.

AARP, startups partner to study digital healthcare technology

Research from AARP has found 90% of adults aged 50 and older use technology to stay connected. Based on that research, AARP has partnered with two Boston-based digital health startups that have combined technology and healthcare with a friendly face to provide a health-focused robotic companion in the homes of individuals selected to participate in a pilot study of the product.

Pillo, a HIPAA-compliant digital healthcare companion robot, will be placed in the homes of six to 10 pilot study participants later this month for about four weeks to determine how the robot can improve disease management for individuals who have been newly diagnosed with diabetes.

Pillo, which was created by Pillo Health and given a voice through Orbita’s voice experience management platform, is a voice- and video-enabled intelligent assistant that’s able to dispense medication, connect to caregivers, issue voice reminders and perform daily tasks, like reporting the weather and playing radio stations. Emanuele Musini, CEO and co-owner of Pillo Health, said the robot features a 7-inch touchscreen and facial recognition technology. Once Pillo recognizes the patient, it is able to dispense medication that has been preloaded into the robot.

In-home digital healthcare technology is “the future of healthcare,” said Brian Jack, chief of family medicine at Boston Medical Center. Jack said, over the next several years, he expects there will be gradual to rapid movement of care from the office and hospital settings to the home. And he said he believes in-home digital healthcare technology is an opportunity to “provide better care at a lower cost.”

Investing in digital health startups

AARP chose to partner with Orbita and Pillo Health in May as a result of the PULSE@MassChallenge event — a digital health innovation hub established by the city of Boston, MassChallenge and other entities to support digital health startups. AARP launched its $40 million Innovation Fund in 2015 that allows the organization to invest in companies working in three major health-related areas: aging at home, convenience and access to healthcare, and preventive health.

We want to help bring solutions to market that make life better for people 50-plus and increase their health security, financial well-being and personal fulfillment.
Andy Millersenior vice president of innovation and product development, AARP

AARP’s purpose is to “empower” people to choose how they live as they age, said Andy Miller, senior vice president of innovation and product development at AARP, based in Washington, D.C.

“Innovation is a major way to make this happen,” Miller said. “We want to help bring solutions to market that make life better for people 50-plus and increase their health security, financial well-being and personal fulfillment.”

Technology makes it easier for providers to monitor and diagnose patients at critical moments and to provide ongoing care without having the patient always in the room with them, Miller said.

Bringing robotics into the home

Orbita CEO Bill Rogers said Pillo will empower older adults by reminding them to take their medication on time and providing education about diabetes. Pillo can also communicate information to caregivers, alerting them if a person’s medication has not been taken or if some other issue occurs. 

Rogers said the challenge with mobile applications and web portals is the user needs to learn that experience to be able to collaborate with their doctors and physicians. Voice technology “changes the whole game of engagement,” he explained.  

“It allows people to be able to engage and interact with their voice, which is the natural way people engage,” Rogers said.

Pillo’s Musini said the idea to create Pillo stemmed from his own personal experience with his father, who had serious health issues and would forget to take his medication and follow the doctor’s orders.

“We started it with a mission to empower older adults living at home with chronic conditions,” Musini said. “The approach I had was, ‘What if there was someone with my father at that time?’ There was something that could be with him 24 hours a day, 7 days a week and was alert.”

Providing aftercare in-home help

Jack, who leads Project Re-Engineered Discharge (RED), a Boston University Medical Center research group responsible for developing and testing strategies to improve the hospital discharge process, helped design an animated health information technology system named Louise that provides aftercare information to people recently discharged from the hospital.

Project RED studied the system and found twice as many people who used Louise preferred to receive their discharge information from the system, rather than a doctor or nurse for several reasons, including Louise’s availability and accessibility. After returning home, Jack said patients and their caregivers are able to sign onto the Louise technology and learn about medication, proper care and follow-up appointments, as well as easily connect with their clinicians.

“When patients leave the hospital, in our studies, when we ask them what they are most worried about, they say that, ‘I’m all by myself,'” Jack said. “When there are at-home technologies, where the patient can access the technology, the technology can access the clinicians, and the patients are super happy. Plus, they can get their problem fixed in a timely way, rather than waiting for an appointment.”

Identifying best practices for digital healthcare technology

Jack said thorough study of in-home digital healthcare technology is critical before sending it out into the public — a sentiment echoed by John Torous, co-director of the digital psychiatry division at Beth Israel Deaconess Medical Center in Boston.

Torous said it’s up to researchers and groups like AARP to find best practices for in-home digital healthcare technology to avoid potentially harmful consequences.

“I think together we can learn how to use this technology in a productive, ethical and meaningful way, and it will have a bigger role in healthcare,” Torous said.

Miller said the goal of AARP’s collaborations with companies like Pillo Health and Orbita is to “gain useful and impactful information that can be used to continue to improve the customer experience and help make these products as beneficial as possible.”

Along with Orbita and Pillo, AARP has partnered with digital health startups like Folia Health and One Medical Group.

“When considering which startups to work with, we are looking for mission-aligned companies who have transformational solutions and those we can work with to co-create ageless design solutions that could have meaningful impact in the lives of the 50-plus consumer,” Miller said.

Hortonworks cloud options grow via Google, Microsoft, IBM

Hadoop distribution provider Hortonworks is expanding technology partnerships with Google, Microsoft and IBM to broaden the options for users looking to deploy Hortonworks cloud systems.

Most notably, Hortonworks now supports the Google Cloud Storage (GCS) service, with the ability to run applications against data stored there. Cloud-based object stores like GCS have gained greater prominence, at times supplanting the Hadoop Distributed File System (HDFS) as a repository for Hadoop-based big data applications in the cloud.

For Google, the expanded deal announced June 18 furthers its efforts to close a gap with cloud platform market leaders Amazon Web Services and Microsoft. For Hortonworks, the move is part of its efforts to enable users to run big data workloads on multiple clouds, according to Ovum analyst Tony Baer.

Baer said that for many organizations — particularly ones that are a step below the size of the biggest enterprises — big data analytics will largely be done on the cloud going forward.

“For people just getting started, even with the work done by the distribution providers, Hadoop is a complicated platform with a lot of moving parts,” Baer said. “There’s a lot of knowledge needed just to set it up, and that is not a skill most organizations have.”

When moving big data workloads to the cloud, users often see a money-saving opportunity in cloud storage tools like GCS, the Amazon Simple Storage Service (S3) and Microsoft’s Azure Blob Storage. Such technologies may provide slower performance as opposed to HDFS, but Baer said that gap could close with improvements over time. Among users of GCS now are Spotify, Coca-Cola, the Broad Institute and others.

Cold data play

Scott Gnau, CTO, HortonworksScott Gnau

Hortonworks CTO Scott Gnau said interest in cloud object stores doesn’t prefigure a complete move away from HDFS for Hortonworks cloud users.

“What we see is customers looking to take advantage of different options,” Gnau said. Running applications against data stored natively in GCS or S3 lets users “play the data where it lies without having to move it” to HDFS first, he noted. Object stores are also typically less expensive to use than keeping data in HDFS is, according to Gnau.

However, users are likely to continue using HDFS for Hortonworks cloud applications that require high-performance and sophisticated data analysis, Gnau added. Object storage “has advantages, but it also has difficulties,” he said. “It’s not as performant as HDFS.”

What we see is customers looking to take advantage of different options.
Scott GnauCTO, Hortonworks

As a result, Gnau said he sees the best immediate role for cloud-based object storage in handling “colder data” — that is, data that isn’t an immediate part of an analytics workflow.

Sudhir Hasbe, director of product management for the Google Cloud Platform, said Hortonworks users can now decouple storage and compute by using GCS instead of HDFS. That could make it more cost-effective for on-premises HDFS users to use Hortonworks cloud systems for their big data workloads, he continued.

IBM, Microsoft clouds also in sight

The Google deal complements other Hortonworks cloud pacts with AWS, IBM and Microsoft. Coming on the first day of Hortonworks’ DataWorks Summit 2018 conference in San Jose, Calif., the addition of the GCS support was accompanied by updates to the alliances that the big data platform vendor has with IBM and Microsoft.

[embedded content]

Hortonworks, Microsoft execs discuss moves to the cloud.

Hortonworks said organizations can now run its Hortonworks Data Platform (HDP) software natively on the Microsoft Azure cloud, in addition to using the HDP-based Azure HDInsight managed service that Microsoft sells to customers. Hortonworks DataFlow and Hortonworks DataPlane Service, two related technologies offered by the Santa Clara, Calif., company, also are now available for native deployments on Azure.

Meanwhile, in a blog post, Rob Thomas, general manager of IBM Analytics, said IBM is adding a managed service on its cloud platform called IBM Hosted Analytics with Hortonworks, or IHAH. The new service combines HDP with IBM’s Db2 Big SQL query engine and Data Science Experience workbench platform, extending a relationship that began last year when IBM dropped its own Hadoop distribution and agreed to resell HDP instead.

In addition to the expanded cloud deals, Hortonworks detailed plans for an HDP 3.0 release that will let users put big data applications in Docker containers to help speed up deployments and make it easier to move processing workloads to different servers. Due out in the third quarter, HDP 3.0 also adds the ability to run deep learning applications on GPU-based systems, plus support for Apache Hive 3.0, an update of the open source SQL query engine and data warehouse environment that was released in May.

Hive 3.0 functions as a real-time database for analytics applications that require fast query response rates, Gnau said. “It really is a database now versus Hive historically being viewed as a SQL programming environment that ran on Hadoop.”

Senior executive editor Craig Stedman contributed to this story.

PyRoMineIoT cryptojacker uses NSA exploit to spread

A new malware variant reads like the greatest hits of cyberthreats: a cryptojacker using an NSA exploit to scan for IoT devices with hardcoded passwords to spread and distribute the miner. And according to experts, there’s blame to be had on all sides.

Researchers at Fortinet’s FortiGuard Labs have been tracking Python-based malware that uses the EternalRomance National Security Agency (NSA) exploit to spread and install a cryptominer — hence, PyRoMine. And, now, the researchers found a variant that directly targets IoT devices, which they call PyRoMineIoT.

Jasper Manuel, a malware researcher at Fortinet, based in Sunnyvale, Calif., wrote in a blog post that PyRoMine and PyRoMineIoT malware don’t need Python to be installed on the target systems, and PyRoMineIoT uses the EternalRomance NSA exploit to scan for IoT devices that are vulnerable due to using hardcoded passwords. Once PyRoMineIoT infects a device, the malware downloads components, including a Monero cryptominer.

“This development confirms yet again that malware authors are very interested in cryptocurrency mining, as well as in capturing a chunk of the IoT threat ecosystem,” Manuel wrote. “We predict that this trend will not fade away soon, but will continue as long as there are opportunities for the bad guys to easily earn money by targeting vulnerable machines and devices.”

Sean Newman, director of product management for Corero Network Security, based in Marlborough, Mass., said enterprises may not need to worry about cryptojackers specifically, because “they have their own specific mission, which has nothing to do with any data or information within an organization which ends up hosting them.”

“But there is the obvious performance impact for any device which does get compromised for this purpose, which could negatively impact the function of IoT devices, for example,” Newman wrote via email. “However, enterprises should really be asking themselves the [following] question: If a hacker can plant malware within my organization to mine cryptocurrency, what other malware can they, or another cybercriminal, plant just as easily?”

Justin Jett, director of audit and compliance for Plixer, based in Kennebunk, Maine, said regardless of the size of the enterprise, “organizations should be concerned with cryptominers.”

“These malicious applications steal valuable resources that are critical to business applications. When allowed to go unabated, vital business applications are unable to perform as required. This means that organizations are losing not only resources, but time and money,” Jett wrote via email. “Every company should use network traffic analytics to see where these cryptominers are spreading. Specifically, in the case of PyRoMineIoT, the malware is actively scanning for IoT devices on the network. Network traffic analytics makes quick work of such security vulnerabilities and can help IT professionals quickly see where the malware has compromised them.”

The NSA connection

While the PyRoMineIoT malware uses an NSA exploit — leaked by the Shadow Brokers — to help it spread and infect more vulnerable devices, experts said the blame for any damage shouldn’t necessarily go to the NSA, because even if the EternalRomance NSA exploit hadn’t been developed by the U.S. government, someone else would have created the attack.

Pat Ciavolella, malware team lead at The Media Trust, based in McLean, Va., said, “Developers are innovative” and would have eventually created something similar to the EternalRomance NSA exploit.

If a hacker can plant malware within my organization to mine cryptocurrency, what other malware can they, or another cybercriminal, plant just as easily?
Sean Newmandirector of product management for Corero Network Security

“Part of that innovation comes from being on the lookout for vulnerabilities, which is also how security measures are improved,” Ciavolella wrote via email. “The NSA and any organization that does this type of work needs to exercise tighter control over who has access to their innovations so that they do not fall into the wrong hands. Today’s digital economy isn’t just the Wild West, it’s the Wild ‘Westworld’ — virtually any innovation in the wrong hands can hurt others.”

Gabriel Gumbs, vice president of product strategy at STEALTHbits Technologies, based in Hawthorne, N.J., said, “Blaming the NSA is easy and far too convenient.”

“IoT vendors must be held to higher standards,” Gumbs wrote via email. “It is not OK to sell interconnected devices to consumers that fail to implement even basic security measures.”

Larry Trowell, principal consultant with Synopsys Software Integrity Group, said the government shares some of the blame for the NSA exploit.

“It’s in every country’s interest to develop systems enabling offensive and defensive strategies to protect individuals and national services,” Trowell wrote via email. “There is no fault in that. If the NSA does have some blame to share in this situation, it is for allowing secrets to be exfiltrated — not in developing them.”

Jett said although the NSA exploit was stolen, “they didn’t create the vulnerabilities that allow for the malware to exploit devices.”

“As such, you can’t hold them responsible for the malware that has emerged from the EternalRomance exploit. Vendors whose products are vulnerable to EternalRomance are responsible for resolving the exploit problem,” Jett wrote. “Additionally, it has been more than a year since the NSA exploits were released, and vendors have created patches. It becomes incumbent on the users to make sure they are properly patching their software and reducing the threat surface for these exploits.”

EU institutes Kaspersky ban, calls software ‘malicious’

After the European Parliament voted to institute a Kaspersky ban on the use of its products in the European Union, Kaspersky Lab temporarily suspended its involvement with Europol and the No More Ransom project.

In a plenary session, the European Parliament voted on a cyberdefense strategy report written by Urmas Paet, the Estonian member of the European Parliament on the Committee on Foreign Affairs. The resolution included an amendment from the Polish MEP that “calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous [programs] and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab.”

The Kaspersky ban resolution was approved, with 476 votes to 151. Following the vote, Kaspersky announced it was freezing its cooperation with Europol and the No More Ransom project.

Kaspersky Lab was one of the first antivirus companies to collaborate with Europol law enforcement officials. The company is also one of the founding members of the No More Ransom project, which provides ransomware victims with free decryptors. The European Parliamentary Research Service had recently praised the work of the No More Ransom project.

“We have protected the EU for 20 years working with law enforcement leading to multiple arrests of cybercriminals,” Kaspersky Lab CEO Eugene Kaspersky tweeted after the vote, adding that the company is “forced to freeze” its cooperation with Europol and the No More Ransom project.

Other governments — including the United States, the United Kingdom, the Netherlands and Lithuania — have already taken steps to implement a Kaspersky ban on sensitive systems because of suspicions that the Moscow-based company does not work entirely independently from the Russian government and is, therefore, a security risk.

Kaspersky has denied all of these accusations and took to Twitter again this week to reiterate that the claims made by the European Parliament are unfounded.

“The risks of using our software are purely hypothetical. Just as hypothetical as with any other cybersecurity software of any country,” he tweeted, adding that the risk of cyberattacks is real and “extremely high.” He went as far as saying the European Parliament’s decision “plays for cybercrime.”

Kaspersky Lab has been trying to prove its innocence with measures such as its Global Transparency Initiative, which moves some of the company’s processes out of Russia and to Switzerland.

In other news:

  • Yahoo has been fined 250,000 pounds — approximately $331,000 — for its 2014 data breach. The United Kingdom Information Commissioner’s Office (ICO) investigated the more than 515,000 Yahoo user accounts affected by the breach in the U.K. and found Yahoo had violated the Data Protection Act 1998. The Yahoo U.K. Services branch of the company — which was purchased by Verizon and merged with AOL to form Oath — is responsible for the breached U.K. accounts. Overall, the massive data breach affected around 500 million users worldwide. The ICO found that Yahoo U.K. Services failed to take the appropriate measures to ensure its parent company, Yahoo Inc., complied with the correct data protection standards and failed to ensure the appropriate monitoring services were in use to protect users.
  • Equifax appointed Bryson Koehler as its new CTO this week. Koehler was previously the CTO of IBM Watson and Cloud Platform, as well as CTO and CIO of The Weather Co. “The world of AI is unlocking massive potential in how data can be used, and cloud-based AI technology is a game changer for developing secure and reliable data-driven products,” Koehler said in a statement announcing his new role. “I see tremendous opportunity for Equifax to become a leading data-driven technology company, and I’m excited to join its highly-talented team to bring new energy that accelerates Equifax’s transformation into a leader of insight forecasting.” Koehler’s appointment follows the massive data breach Equifax reported in September 2017, which affected at least 145 million consumers
  • Tenable Network Security has filed for an initial public offering (IPO), according to a report from The Information. Tenable filed for the IPO on June 11, which makes it the third cybersecurity company to go public so far this year, following Carbon Black and Zscaler. Both companies have reported growth since going public, with shares up 12% and 18%, respectively. Tenable plans to go public in late July, according to the report. The company makes cybersecurity software and is run by CEO Amit Yoran, who was previously the president of RSA. Reuters reported in March 2018 that the company hired the investment bank Morgan Stanley to prepare for the IPO. The report also said the IPO could put the value of Tenable between $1.5 and $2 billion.

FBI fights business email compromise with global crackdown

The United States Department of Justice this week announced the arrests of 74 individuals alleged to have committed fraud by participating in business-email-compromise scams.

The arrests are the result of an international enforcement effort, coordinated by the FBI, known as Operation Wire Wire, which was designed to crack down on email-account-compromise schemes targeting individuals and businesses of all sizes.

Business email compromise (BEC) is a growing problem, accounting for the highest reported losses, according to the FBI’s “2017 Internet Crime Report.” Criminal organizations use social engineering to identify employees who are authorized to make financial transactions, and then send fraudulent emails from company executives or foreign suppliers requesting wire transfers of funds.

Some schemes are directed at individuals in human resources or other departments in an effort to collect personally identifiable information, such as employee tax records. Others target individual victims, especially those involved in real estate transactions and the elderly.

In January, according to the Department of Justice, the U.S. federal agencies worked with international law enforcement on Operation Wire Wire to find and prosecute alleged fraudsters. The six-month coordinated effort involved the U.S. Department of Homeland Security, the U.S. Department of the Treasury and the U.S. Postal Inspection Service, and it resulted in 42 arrests in the United States, 29 in Nigeria and three in Canada, Mauritius and Poland. Law enforcement recovered $14 million in financial wire fraud during the operation, and they seized close to $2.4 million.

‘Nigerian princes’ turn to BEC

The techniques and tactics of Nigerian criminal organizations have become more sophisticated, according to Agari Data Inc. The email security company captured and analyzed the contents of 78 email accounts associated with 10 criminal organizations — nine in Nigeria — and reported increased BEC activities against North American companies and individuals between 2016 and 2018.

The research involved 59,692 unique messages in email communications originating from 2009 to 2017. According to the findings, business email compromise represented the largest attack vector for email fraud at 24%, even though many of these criminal groups migrated to BEC attacks, starting in 2016. Previously, these groups had focused predominantly on “romance” fraud schemes.

Business email compromise often overlaps or has similarities with cyberfraud schemes involving romance, lotteries, employment opportunities, vehicle sales and rental scams. In some cases, money mules “hired” using romance schemes or fraudulent employment opportunities may not be aware of the BEC scams. Mules receive the ill-gotten funds stateside and transfer the monies to difficult-to-trace, off-shore accounts set up by criminals.

Since January, up to $1 million in assets has been seized domestically, and 15 alleged money mules have been identified by FBI task forces and charged “for their role in defrauding victims.”

BEC schemes are hard to detect, because they do not rely on victims downloading malicious email attachments or clicking on fake URLs. Instead, this type of cyberfraud uses identity deception — 82%, according to Agari — email spoofing or corrupted email accounts, accessed via malware or credential theft. Researchers found 3.97% of intended targets who responded to the initial emails used in business email compromise became victims.

Microsoft Teams e-discovery enabled for hybrid clouds

For businesses with on-premises Exchange mailboxes, Microsoft will facilitate the electronic discovery of Microsoft Teams chats — a feature that should appeal to large enterprises in the process of migrating to the cloud.

Upon request, Microsoft will create cloud-based mailboxes for the sole purpose of storing the Teams chat data of users with on-premises Exchange mailboxes. Those users must have their on-premises identities synced to the cloud in Office 365’s Azure Active Directory. 

Organizations that take advantage of the tool will be able to search, preview and export Teams chat data stored in the cloud. That activity could be useful for Microsoft Teams e-discovery cases, compliance reviews or data service requests related to the General Data Protection Regulation.

However, businesses won’t be able to apply Office 365 retention policies to that chat data or place it on hold. In a blog post announcing Microsoft Teams e-discovery for hybrid setups, Microsoft said it would “provide more updates about our plan to address this gap soon.”

Microsoft Teams muddles path to cloud for large enterprises

Microsoft needs to continue to promote hybrid capabilities, such as its new Microsoft Teams e-discovery feature, to help on-premises customers feel comfortable with the transition to the cloud — a process that could take years.

“It’s messy to be in the middle, and I think Microsoft forgets that if you’ve got 100,000 people, you’re going to live in the middle for a long time,” said Kevin Kieller, a partner at consulting firm EnableUC in Oakville, Ont.

Many large enterprises with on-premises Skype for Business deployments had previously been gearing up to transition to the cloud version of that platform, Kieller said. Then, Microsoft introduced Teams last year, significantly complicating the cloud migration path for those businesses.

Microsoft has been steadily rolling out interoperability features between Skype for Business and Teams over the past several months, such as persistent chats and aggregated presence. But almost all of those features require businesses to have their employees registered through Skype for Business Online, the cloud version of the service.

“As far as I’ve seen, there isn’t really a good and easy way to migrate from Skype for Business on-prem to Teams,” said Zeus Kerravala, founder and principal analyst at ZK Research in Westminster, Mass. “It just seems like [Microsoft] didn’t think about it very well.”

Advanced telephony features for Teams coming soon

Microsoft is on track to add dozens of telephony features to Teams that are critical to large enterprises by the end of June, including call queues and organizational auto attendants. The final advanced calling features are expected to come online by year’s end.

The perception that Microsoft Teams lacks the full capabilities of Skype for Business has slowed adoption of the platform, particularly among large enterprises. But even as those features get added, Microsoft faces another hurdle: perception.

It could take months to get the message across that Teams is fully built-out, Kieller said. “Microsoft has a tough time, as everybody does, in terms of discoverability of the right information for somebody that’s contemplating this migration.”

Still, there is no end date in sight for support of Skype for Business on premises. However, while Microsoft plans to release a new on-premises server in 2019, the vendor is expected to keep some of its latest and most advanced collaboration tools as cloud-only offerings.

“It’s almost, by definition, going to be a hybrid mode,” Kieller said. “It’s just another way that I think Microsoft, even for on-prem customers … [is] effectively pushing them, moving them, cajoling them to move to the cloud.”