Tag Archives: began

How Microsoft re-envisioned the data warehouse with Azure Synapse Analytics

About four years ago, the Microsoft Azure team began to notice a big problem troubling many of its customers. A mass migration to the cloud was in full swing, as enterprises signed up by the thousands to reap the benefits of flexible, largescale computing and data storage. But the next iteration of that tech revolution, in which companies would use their growing stores of data to get more tangible business benefits, had stalled.

Technology providers, including Microsoft, have built a variety of systems to collect, retrieve and analyze enormous troves of information that would uncover market trends and insights, paving the way toward a new era of improved customer service, innovation and efficiency.

But those systems were built independently by different engineering teams and sold as individual products and services. They weren’t designed to connect with one another, and customers would have to learn how to operate them separately, wasting time, money and precious IT talent.

“Instead of trying to add more features to each of our services, we decided to take a step back and figure out how to bring their core capabilities together to make it easy for customers to collect and analyze all of their increasingly diverse data, to break down data silos and work together more collaboratively,” said Raghu Ramakrishnan, Microsoft’s chief technology officer for data.

At its Ignite conference this week in Orlando, Florida, Microsoft announced the end result of a yearslong effort to address the problem: Azure Synapse Analytics, a new service that merges the capabilities of Azure SQL Data Warehouse with new enhancements such as on-demand query as a service.

Microsoft said this new offering will help customers put their data to work much more quickly, productively and securely by pulling together insights from all data sources, data warehouses and big data analytics systems. And, the company said, with deeper integration between Power BI and Azure Machine Learning, Azure Synapse Analytics can reduce the time required to process and share that data, speeding up the insights that businesses can glean.

What’s more, it will allow many more businesses to take advantage of game-changing technologies like data analytics and artificial intelligence, which are helping scientists to better predict the weather, search engines to better understand people’s intent and workers to more easily handle mundane tasks.

This newest effort to break down data silos also builds on other Microsoft projects, such as the Open Data Initiative and Azure Data Share, which allows you to share data from multiple sources and even other organizations.

Microsoft said Azure Synapse Analytics is also designed to support the increasingly popular DevOps strategy, in which development and operations staff collaborate more closely to create and implement services that work better throughout their lifecycles.

YouTube Video

A learning process

Azure Synapse Analytics is the result of a lot of work, and a little trial and error.

At first, Ramakrishnan said, the team developed highlevel guidelines showing customers how to glue the systems together themselves. But they quickly realized that was too much to ask.

“That required a lot of expertise in the nitty gritty of our platforms,” Ramakrishnan said. Customers made it overwhelmingly clear that we needed to do better.”

So, the company went back to the drawing board and spent an additional two years revamping the heart of its data business, Azure SQL Data Warehouse, which lets customers build, test, deploy and manage applications and services in the cloud.

A breakthrough came when the company realized that customers need to analyze all their data in a single service, without having to copy terabytes of information across various systems to use different analytic capabilities – as has traditionally been the case with data warehouses and data lakes.

With the new offering, customers can use their data analytics engine of choice, such as Apache Spark or SQL, on all their data. That’s true whether it’s structured data, such as rows of numbers on spreadsheets, or unstructured data, such as a collection of social media posts.

This project was risky. It involved deep technical surgery: completely rewriting the guts of the SQL query processing engine to optimize it for the cloud and make it capable of instantly handling big bursts of work as well as very large and diverse datasets.

It also required unprecedented integration among several teams within Microsoft, some of whom would have to make hard choices. Established plans had to be scrapped. Resources earmarked for new features would be redirected to help make the entire system work better.

“In the beginning, the conversations were often heated. But as we got into the flow of it, they became easier. We began to come together,” Ramakrishnan said.

Microsoft also had to make sure that the product would work for any company, regardless of employees’ technical expertise.

“Most companies can’t afford to hire teams of 20 people to drive data projects and wire together multiple systems. There aren’t even enough skilled people out there to do all that work,” said Daniel Yu, director of product marketing for Azure Data and Artificial Intelligence.

Making it easy for customers

Customers can bring together various sources of data into a single feed with Azure Synapse Analytics Studio, a console – or single pane of glass that will allow a business professional with minimal technical expertise to locate and collect data from multiple sources like sales, supply chain, finance and product development. They can then choose how and where to store that data, and they can use it to create reports through Microsoft’s popular Power BI analytics service.

In a matter of hours, Azure Synapse will deliver useful business insights that used to take days or even weeks and months, said Rohan Kumar, corporate vice president for Azure Data.

“Let’s say an executive wants a detailed report on sales performance in the eastern U.S. over the last six months,” Kumar said. Today, a data engineer has to do a lot of work to find where that data is stored and write a lot of brittle code to tie various services together. They might even have to bring in a systems integrator partner. With Azure Synapse, there’s no code required. It’s a much more intuitive experience.”

The complexity of the technical problems Azure Synapse addressed would be hard to overstate. Microsoft had to meld multiple independent components into one coherent form factor, while giving a wide range of people – from data scientists to line of business owners – their preferred tools for accessing and using data.

With Azure Synapse, there’s no code required. It’s a much more intuitive experience.”

~ Rohan Kumar, corporate vice president for Azure Data

That includes products like SQL Server, the open source programming interface Apache Spark, Azure Data Factory and Azure Data Studio, as well as notebook interfaces preferred by many data professionals to clean and model data.

“Getting all those capabilities to come together fluidly, making it run faster, simpler, eliminating overlapping processes – there was some scary good stuff getting done,” Ramakrishnan said.

The result is a data analytics system that will be as easy to use as a modern mobile phone. Just as the smartphone replaced several devices by making all of their core capabilities intuitively accessible in a single device, the Azure Synapse “smartphone for data” now allows a data engineer to build an entire end-to-end data pipeline in one place. It also enables data scientists and analysts to look at the underlying data in ways that are natural to them.

And just as the phone has driven waves of collaboration and business innovation, Azure Synapse will free up individuals and companies to introduce new products and services as quickly as they can dream them up, Microsoft said.

“If we can help different people view data through a lens that is natural to them, while it’s also visible to others in ways natural to them, then we will transform the way companies work,” Ramakrishnan said. That’s how we should measure our success.

Top photo: Rohan Kumar, corporate vice president for Azure Data, says Azure Synapse will deliver useful business insights that used to take days or even weeks and months. Photo by Scott Eklund/Red Box Pictures.


Go to Original Article
Author: Microsoft News Center

MyPayrollHR collapse stirs allegations, questions, anger

For Tanya Willis, executive director at Agape Animal Rescue, last Thursday began like any other day — until an employee called. The employee’s deposited pay had been withdrawn from her account. The same was true for all seven of the organization’s employees. Willis called her payroll provider, MyPayrollHR.

A MyPayrollHR employee said there was a “glitch in the system,” to keep track of the missing money, and that there were “no worries,” according to Willis. But it wasn’t just a glitch in the system and the worries were only beginning.

Money continued to drain out of the animal rescue employees’ personal accounts. It didn’t stop with one paycheck reversal. “Most of our employees are still sitting with negative overdrafts in their accounts,” Willis said. One employee was told by a bank that it would be 45 to 60 days before she was made whole, she said. 

Some of the bank reversals sought arbitrary amounts, Willis said. The personal account of one employee of this Nashville-based organization showed “a negative $999,000.” She provided a screenshot of the employee’s account to SearchHRSoftware.

Employee checking account after MyPayrollHR collapse
The collapse of MyPayrollHR set into motion unusual activity in employee accounts. Many were subject to reversals in pay. But one Agape Animal Rescue employee saw reversals nearing $1 million.

Agape Animal Rescue wasn’t alone in its experience. Not long after Willis spoke with MyPayrollHR, the Clifton Park NY-based firm said it was closing “due to unforeseen circumstances.” The firm had some 4,000 customers, mostly SMB-sized businesses. The total payroll involved was about $26 million. That money is gone and there is no explanation for it. It’s unclear how many workers saw reversals in their personal bank accounts.

With MyPayrollHR’s announcement, the company also shut its doors to answers, including press queries. New York State Gov. Andrew Cuomo announced an investigation late last week. “We will not allow these bad actors to take money away from the hard-working people in this state,” he said.

The questions pile up

The MyPayrollHR story has left people shocked. Employees, including low wage workers, discovered money removed from their accounts. Employers are scrambling to cover the amounts. Questions have multiplied.

A key player in this is MyPayrollHR’s automated clearing house (ACH) network vendor Cachet Financial Services. An ACH facilitates electronic payments. Cachet, which is based in Pasadena, Calif., said it is a fraud victim. It is pointing the finger at MyPayrollHR and its parent company, Valuewise Corp.

One of the services that Cachet offers is direct deposit for payroll processing firms. It was providing these services for MyPayrollHR for about 12 years.

There are two parts to an ACH transaction: First, the payroll processing firm directs the ACH to take money out of an employer’s account; the money is moved into a settlement or holding account, which is under the control of the ACH. Second, money is moved from the settlement account into various employee accounts. The process is standard in the industry, according to Wendy Slavkin, Cachet general counsel.

MyPayrollHR uploaded a file instructing Cachet to take money out of employer accounts for payment to employees. Once Cachet did that, the money should have been put into a Cachet settlement account. But that didn’t happen here.

Account numbers were manipulated

“MyPayrollHR manipulated the account numbers in that electronic file so that the money was taken out of the employer’s account and put into an account controlled by MyPayrollHR, not a Cachet settlement account, as it should’ve been,” Slavkin said.

That problem did not stop the ACH transaction process.

The ACH system then automatically tried to access MyPayrollHR accounts, which came back as frozen. To fulfill the transaction, money was taken out of Cachet’s holding account and placed into employee accounts. “Now all of a sudden Cachet is out $26 million because it’s effectively made the payroll for all these companies,” Slavkin said.

Slavkin said Cachet then initiated reversals to get its money back from employee accounts. She said that is a standard process. But some accounts were dinged twice for reversals because the first reversal was not coded in accordance to National Automated Clearinghouse Association (NACHA) standards. 

Slavkin said initial reversals “should have been by law and by NACHA standards rejected by the receiving bank,” so it initiated a second reversal to reclaim the money. They said banks, for the most part, rejected the first and second reversals. But many were still affected, including some of MyPayrollHR’s largest payroll processing customers.

But Cachet, apparently, had a change of heart about its direction. It then began a process to alert the hundred-plus banks involved in the employer wage payments and advised them to reject both sets of reversals so the employees could have their money, according to Slavkin.

The employees will be made whole

Cachet has been in touch with the FBI, Slavkin said. It said it is out about $26 million as a consequence of the MyPayrollHR incident.

“The employees will have their pay back, but in a sense, they’ve been paid by Cachet, and not their employer,” Slavkin said.

The total losses from MyPayrollHR may be as high as $35 million, if it includes an additional $9 million in unpaid tax withholding managed by a second ACH provider, according to Cachet.

“We just have to see how this plays out and how effective the FBI can be in helping us recoup our money,” Slavkin said.

Cachet said there were no more than two reversals, but some of the employers say there have been three.

What is clear is that this problem unfolded suddenly, and employers had very little time to react. 

Among those with questions is Jeff Salter, founder and CEO at Caring Senior Service in San Antonio, which has 1,500 employees in 23 states. As many as 1,200 of the elder care provider’s employees were affected by the problem. It was a customer of MyPayrollHR for more than three years and it was happy with the service — until last week. 

A scramble to fix the problem

At about 7 a.m. on Thursday, Salter discovered his own paycheck had a pending reversal. He started investigating and discovered a larger problem.

Cachet had initiated the reversals to Caring Senior Service’s accounts, Salter said. “I know [Cachet] may claim that one of the transactions was to reverse a non-funded transaction to them, but they have done the withdrawal twice and in some cases three times,” Salter said.

Salter questions how banks can approve two reversals.

“It is clearly evident that there is something nefarious occurring, yet they are allowing reversals to occur even when their account holders are being hurt by their decisions,” Salter said. “We’ve been focused on supporting our employees first; 90% of our employees are caregivers and none of our employees deserve this treatment.”

MyPayrollHR’s abrupt shutdown is forcing some affected businesses to use reserves to cover employees. Meanwhile, employees are in various stages of getting the banks to cover the payroll amounts.

Brad Mete is the managing partner of two recruiting and staffing firms, Affinity Resource, an employment agency, and IntellaPro LLC, a professional staffing firm. The Fort Lauderdale-based firms employ about 800. About 600 of their employees were impacted. Mete learned about the problem from an employee Thursday. 

In the absence of clear answers from MyPayrollHR, Mete and his partners suspected a big problem. “We knew the writing was on the wall, that there was probably something going down there,” he said.

It was chaos times two

Mete and his team stayed late Thursday in the office and paid people directly out of its financial cushion. People had to be paid Friday. They issued direct deposits on cash pay cards, which are similar to debit cards.

In the meantime, Mete has questions. They weren’t pulling the money out of the employees’ accounts, but who was, and why? What was happening to it? They had no way of getting answers to these questions, but they had to solve the problem.

At 5:45 a.m. on Friday, Mete’s phone started ringing.

“I didn’t have time to breathe — it was chaos times two,” Mete said.

Mete had to talk to employees, clients and banks to work through the problem. Explaining the problem to employees and the plan to pay them wasn’t easy. Some of the employees work in warehouses, “and they’re not going to give you a hug when you take two weeks of pay out of their pocket,” Mete said. 

Mete worried clients might blame him. He had to tell them: “We’re not the ones that pulled the plug here. We are the victims. We are stepping up. I need you to stand by me. We’re going to do the right thing here,” he said.

Explanations leave questions

Cachet’s explanation is unlikely to satisfy the questions. Money is still missing from employee accounts. Employees are still struggling with banks to fix the problems, and there are transactions that make no sense.

Agape Animal Rescue’s Willis said Thursday there was one withdrawal from employee accounts. On Friday there was another withdrawal or reversal to employee accounts.

Agape’s bank established an advocate to help employees work with their various banks to get the money returned. Some banks have been cooperative; in other cases, employees are still fighting for their money, she said.

Some of the second withdrawals on Friday were for the amount of an employee’s pay, and others were for arbitrary amounts, Willis said.

One Agape employee’s account was pinged again and again “by whatever company was trying to get the money,” Willis said. “It just continuously did it and it finally stopped at almost a million dollars.” The employee only had a relatively small amount of money in the account.

The reversals, or attempts to pull money out of employee accounts, haven’t ended, Willis said.  On Monday, there was another attempt at a reversal.

Willis has been reading the victim accounts on a new Facebook group. “You’re just inundated with horrible stories of people that were affected in different ways.”

The stories from victims “just continue and continue,” Willis said, and there are still people whose bank accounts are getting pinged for money.

What would the people responsible say?

Willis said the shelter has suffered, so far, about $10,000 in losses. Employee taxes were taken out of employee checks, but the payments weren’t made to tax authorities. “We still owe taxes in the next few weeks,” she said.

They are now appealing for financial help.

The organization rescues as many as 200 dogs a year, and it’s an expensive process that includes medical support such as spaying or neutering, helping owners who can no longer take care of their pets, taking in dogs from animal control and dealing with abuse cases. The shelter’s work can include behavioral help for dogs, as well as grooming to get them ready for their “forever families.”

Willis was asked what she would say to MyPayrollHR if the people responsible were in front of her.

“I would have to ask, what made you feel like you have the right to disrupt so many lives?” Willis said. “People don’t do this to people.”

Go to Original Article

Gears 5 Versus Multiplayer Tech Test Now Open to All Xbox Live Gold Members – Xbox Wire

The Gears 5 Versus Tech Test began last weekend, inviting both those players who have pre-ordered Gears 5 and Xbox Game Pass members to rev up their Lancers and roadie run through their opponents on the way to victory. Thanks to the incredible Gears fans, both new and veteran, who made our initial Gears 5 Versus Tech Test weekend a smashing success. This weekend we’re extending the invitation to join the action to all Xbox Live Gold members as part of Xbox Live Free Play Days this weekend.

Starting at 10 a.m. PDT tomorrow, COG hopefuls who are new to the Gears 5 fight can enlist in the Boot Camp training mode and then jump right into Arcade, the new game type designed for over-the-top fun. If you’re returning for another round following last week’s Tech Test, be sure to check out fan-favorite King of the Hill, the updated competitive game type Escalation and continue your Tour of Duty, a series of challenges that grant sweet rewards. A new reward has also been added – the Wreath Bloodspray, which can be earned by completing one match during the Tech Test from 5:30 – 6:30 pm PDT on Friday, July 26. No matter your level of Gears familiarity, Gears 5 offers a game type for you.

To ensure you’re ready for battle, search the Microsoft Store for Gears 5 Tech Test and download to your library. The Tech Test is available for download right now, but servers will be offline until tomorrow at 10 a.m. PDT. We also wanted to remind you that online multiplayer will require Xbox Live Gold for Xbox Game Pass for Console members, and that because this Tech Test is to help test our servers, you might encounter some queueing as you start to play. We hope to make Gears 5 a great online experience for all players and Xbox Game Pass members on launch, and this Tech Test will help.

Thanks for your support and we look forward to seeing you online! Be sure to visit www.gears5.com and follow @GearsofWar on Facebook and Twitter to keep up-to-date with the latest on Gears 5 ahead of its worldwide launch on September 10.

Gears 5 will release on September 10 for Xbox One, Windows 10 PC and Xbox Game Pass. Early access starts on September 6 for Xbox Game Pass Ultimate members and Gears 5 Ultimate Edition purchasers. Pre-order details can be found on the Microsoft Store.

Go to Original Article
Author: Microsoft News Center

Another patched Apache Struts vulnerability exploited

At least one malicious actor began exploiting a critical vulnerability in Apache Struts in the wild, despite a patch being issued last week.

According to researchers at Volexity, a cybersecurity company based in Washington, D.C., the exploits of the Apache Struts vulnerability surfaced in the wild not long after a proof-of-concept (PoC) exploit was published publicly on GitHub.

The Apache Software Foundation posted a security bulletin about the vulnerability — tracked as CVE-2018-11776 — on Aug. 22, 2018, and said that a remote code execution attack is possible “when namespace value isn’t set for a result defined in underlying configurations and in same time, its upper action(s) configurations have no or wildcard namespace. Same possibility when using url tag which doesn’t have value and action set and in same time, its upper action(s) configurations have no or wildcard namespace.”

The flaw, which was discovered and reported in April by security researcher Man Yue Mo of Semmle Inc., a software analytics company based in San Francisco, affects Struts 2.3 through 2.3.34 and Struts 2.5 through 2.5.16. Apache patched the vulnerability and noted that upgrading to version 2.3.35 or 2.5.17 would solve the problem. However, only a day after Apache posted its security bulletin, a researcher posted a PoC exploit on GitHub.

“Shortly after the PoC code was released, Volexity began observing active scanning and attempted exploitation of the vulnerability across its sensor network,” Volexity researchers said in a blog post. “The in-the-wild attacks observed thus far appear to have been taken directly from the publicly posted PoC code.”

The researchers also noted that the vulnerability is “trivial to exploit” and has already seen at least one malicious actor attempt to exploit it “en masse in order to install the CNRig cryptocurrency miner.”

“Although the main payload for Apache Struts exploits appears to be cryptocurrency miners, failure to patch also leaves an organization open to significant risk that goes beyond cryptomining.”

In 2017, another Apache Struts vulnerability — enabling remote code execution exploits — was disclosed; shortly after that disclosure, the vulnerability was exploited in the massive Equifax data breach that exposed 148 million U.S. consumers’ personal data.

Enterprises and users are encouraged to update to the patched versions of Apache Struts immediately so as not to become the next victim of an Equifax-like data breach.

In other news:

  • Facebook removed its own security app, Onavo Protect, from Apple’s App Store this week because of its privacy issues. Onavo is a free VPN app that Facebook acquired in 2013 to collect data on how much its users use other mobile apps. Apple updated its App Store rules in June to ban the collection of information about other apps installed and in use on mobile devices. Apple reportedly urged Facebook to voluntarily remove the app from the App Store after Apple ruled that Onavo violated its new data collection policies. Onavo was downloaded more than 33 million times on both iOS and Android devices, and while it is no longer available in the App Store, it is still on offer in the Google Play
  • NIST published guidance this week on securing wireless infusion pumps after research over the past few years has shown the vulnerabilities in the internet-connected medical devices. The guidance, NIST SP 1800-8 “Securing Wireless Infusion Pumps in Healthcare Delivery Organizations,” suggests a defense-in-depth strategy for protecting wireless infusion pumps. “This strategy may include a variety of tactics: using network segmentation to isolate business units and user access; applying firewalls to manage and control network traffic; hardening and enabling device security features to reduce zero-day exploits; and implementing strong network authentication protocols and proper network encryption, monitoring, auditing, and intrusion detection systems (IDS) and intrusion prevention systems (IPS),” the guidance This special publication is part of NIST’s ongoing effort to secure IoT devices.
  • A researcher at Check Point uncovered new malware that hijacks browsers. A rootkit called CEIDPageLock is being distributed by the RIG Exploit kit, according to Check Point’s Israel Gubi. “It acts to manipulate the victim’s browser and turn their home-page into a site pretending to be 2345.com — a Chinese web directory,” Gubi explained, adding that it “monitors user browsing and dynamically replaces the content of several popular Chinese websites with the fake home page, whenever the user tries to visit them.” He said that CEIDPageLock targets Chinese victims specifically.

HYCU moves beyond Nutanix backup with Google Cloud support

HYCU is now well-versed in the Google cloud.

HYCU, which began with a backup application built specifically for hyper-converged vendor Nutanix, today launched a service to back up data stored on Google Cloud Platform (GCP).

HYCU sprung up in June 2017 as an application sold by Comtrade that offered native support for Nutanix AHV and Nutanix customers using VMware ESX hypervisors. The Comtrade Group spun off HYCU into a separate company in March 2018, with both the new company and the product under the HYCU brand.

Today, HYCU for Google became available through the GCP Marketplace. It is an independent product from HYCU for Nutanix, but there is a Nutanix angle to the Google backup: GCP is Nutanix’s partner for the hyper-converged vendor’s Xi public cloud services. HYCU CEO Simon Taylor said his team began working on Google backup around the time Nutanix revealed plans for Xi in mid-2017. HYCU beat Nutanix out of the gate, launching its Google service before any Nutanix Xi Cloud Services have become generally available.

“We believe Nutanix is the future of the data center, and we place our bets on them,” Taylor said. “Everyone’s been asking us, ‘Beyond Nutanix, where do you go from here?’ We started thinking of the concept of multi-cloud. We see people running fixed workloads on-prem, and if it’s dynamic, they’ll probably put it on a public cloud. And Google is the public cloud that’s near and dear to Nutanix’s heart.”

HYCU backup for GCP is integrated into Google Cloud Identity and Access Management, installs without agents and backs up data to Google Buckets. The HYCU service uses native GCP snapshots for backup and recovery.

Subbiah Sundaram, vice president of products at HYCU, based in Boston, said HYCU provides application- and clone-consistent backups, and it allows single-file recovery. Sundaram said because HYCU takes control of the snapshot, data transfers do not affect product systems.

Sundaram said HYCU for GCP was built for Google admins, rather than typical backup admins.

“When customers use the cloud, they think of it as buying a service, not running software. And that’s the experience we want them to have,” Sundaram said. “It’s completely managed by us. We create and provision the backup targets on Google and manage it for you.”

HYCU for GCP uses only GCP to stage backups, backing up data in different Google Cloud zones. Sundaram said HYCU may back up to clouds or on-premises targets in future releases, but the most common request from customers so far is to back up to other GCP zones.

HYCU charges for data protected, rather than total storage allocated for backup. For example, a customer allocating 100 GB to a virtual machine with 20 GB of data protected is charged for the 20 GB. List price for 100 GB of consumed virtual machine capacity starts at $12 per month, or 12 cents per gigabyte, for data backed up every 24 hours. The cost increases for more frequent backups. Customers are billed through the GCP Marketplace.

Industry analysts pointed out HYCU is a brand-new company in name only. Its Comtrade legacy gives HYCU 20-plus years of experience in data protection and monitoring, over 1,000 customers and hundreds of engineers. That can allow it to move faster than typical startups.

“They’re a startup that already has a ton of experience,” said Christophe Bertrand, senior data protection analyst for Enterprise Strategy Group in Milford, Mass. “When you’re a small organization, you have to make strategic calls on what to do next. So, now, they’re getting into Google Cloud, which is evolving to be more enterprise-friendly. Clearly, backup and recovery is one of the functions you need to get right for the enterprise. Combined with the way Nutanix supports Google, it’s a smart move for HYCU.”

Steven Hill, senior storage analyst for 451 Research, agreed that GCP support was a logical step for Nutanix-friendly HYCU.

We believe Nutanix is the future of the data center, and we place our bets on them.
Simon TaylorCEO, HYCU

“Nutanix partnering with Google is a good hybrid cloud play. So, theoretically, what you’re running on-prem runs exactly the same once it’s on Google Cloud,” he said. “HYCU comes in and says, ‘We can do data protection and backup and workload protection that just fits seamlessly in with all of this. Whether you’re on Google Cloud or whether you’re on Nutanix via AHV or Nutanix via ESX, it’s all the same to us.'”

Taylor said HYCU is positioned well for when Nutanix makes Xi available. Nutanix has said its first Xi Cloud Service will be disaster recovery. “We will be delivering for Xi,” Taylor said. “You can imagine that will require a much closer bridge between these two different products. Once Xi is available, we’ll be fast on their heels with a product that will support both purpose-built backup for Nutanix and purpose-built recovery for Xi in a highly integrated fashion.”

Although HYCU for GCP can protect data for non-Nutanix users, Taylor said HYCU remains as dedicated to building a business around Nutanix as ever. He emphasized that HYCU develops its software independently from Nutanix and Google, although he is determined to have a good working relationship with both.

“We believe data protection should be an extension of the platform it serves, not a stand-alone platform,” he said.

Still, Taylor flatly denied his goal is for HYCU to become part of Nutanix.

“Right now, we want to build a brand,” he said. “This is about building a business that matters, not about a quick exit.”

Can value-based care models cut costs? Yes, they can

Nearly 25 years after value-based care models began, Change Healthcare’s just-released survey showed 100% of respondents are saving money using those principles.

The survey of 120 insurance company payers is Change Healthcare’s third effort since 2012 to understand what works — and what doesn’t — when it comes to value-based care models.

The universality of savings was a surprise to Andrei Gonzales, M.D., director of value-based reimbursement initiatives at Change Healthcare, a provider of payment, data analytics and a variety of other healthcare platforms based in Nashville, Tenn. “We expected medical cost savings,” Gonzales said, “but to have 100% say they achieved savings and with almost 25% having cost savings of over 7.5% was surprising. We’ve seen savings in our own work, but we wanted a more objective and quantifiable view of the impact of these programs.”

But Gonzalez wasn’t surprised payers were struggling to innovate and to move quickly. Just 21% said they could roll out a new value-based care model in three to six months, while 13% said they needed a full two years.

“Agility in healthcare is difficult, but it is possible,” he said. “With more experience, this should get easier.”

Agility in healthcare is difficult, but it is possible.
Andrei GonzalesM.D., director of value-based reimbursement initiatives at Change Healthcare

Payers were also frustrated with the technology underpinnings of their value-based care models, Gonzales said. More than half of those surveyed said their analytics, automation and reporting capabilities just weren’t doing the job. In many cases, these tools were custom-built specifically for the value-based care models, Gonzales explained. But as more and more initiatives roll out, the services can struggle to keep up.

The other struggle is to get hospitals and physicians on board with value-based care models, he said. “It’s not surprising to us how difficult it can be to engage providers in a value-based care model,” he said.

Busy doctors and staff can do a good job with patient care in their particular silo, but have a hard time looking across the spectrum of care, he said.

“But once they understand the problem and can see the data that they’re not doing as well as a competitor is doing and that they have to compete for patients, then they start to understand. That’s really where the work is right now.”

Minecraft: Education Edition reaches milestone of 2 million users and releases new Hour of Code tutorial |

Three years ago, Minecraft became a part of the Microsoft family and my team began our work to extend Minecraft’s potential in classrooms around the world. Flash forward to today – one year after the release of Minecraft: Education Edition – and I’m thrilled to share that we’re continuing to see tremendous momentum with more than 2 million licensed users in 115 countries around the world and more than 250 educator-created lesson plans in our community.

We’ve seen firsthand how Minecraft’s open sandbox environment ignites students’ innate creativity and makes learning fun and collaborative. Educators are teaching a wide variety of subjects with Minecraft: Education Edition, and we’ve seen particularly exciting results when Minecraft is used to teach Computer Science. Though many don’t realize it, coding is in fact one of the most creative activities a student can do, building something with no limitations but his or her own creativity. And research continues to show that creativity, collaboration and coding are all critical skills for success in the modern workplace.

As part of Microsoft’s continued commitment to empower students with these skills, we’ve partnered with Code.org for the past two years to offer educators and students a free Hour of Code tutorial using Minecraft. The results are far beyond anything we could have imagined.

To date, nearly 70 million Minecraft Hour of Code sessions have introduced the basics of coding to people around the world, joining the global movement. Today, I’m excited to announce that we have built a new Minecraft Hour of Code tutorial called Minecraft: Hero’s Journey.

Available at Code.org/Minecraft today, Hero’s Journey introduces a fun character called the Agent and 12 new challenges that teach core coding concepts like loops, debugging, and functions. It’s free and playable across iOS, Android and Windows platforms. Upon completing the tutorial, students can import their code into Minecraft: Education Edition for the first time ever, bringing their work to life in the game, or share their work via email, text message or social media. Learn more about the tutorial at education.minecraft.net/hour-of-code.

Above: Loops enable players to repeat a set of instructions until a certain condition has been reached.

I hope you’ll join us in building a global appreciation for Computer Science by visiting Code.org today to try the tutorial and plan your very own Hour of Code! And please share your experience on Facebook or Twitter using: #Minecraft #Hourofcode to spread the excitement around the globe during Computer Science Education Week.

Each day I come into the office, I am inspired by the stories and videos we receive from our Minecraft: Education Edition community and innovative educators like Melissa Wrenchey, Doug Bergman and Jeff Gearhart who are using computer science to inspire the next generation of creators, innovators and leaders.

Thank you to everyone who made this first year such a success. Our continued growth is only possible with feedback and ideas from you – the passionate educators around the world who are changing education as we know it. Keep it coming!

Premium Outlook.com features now available to Office 365 subscribers

Today, we began rolling out new benefits for Office 365 Home and Office 365 Personal subscribers who use Outlook.com. These premium email features include an ad-free inbox, enhanced protection against malware and phishing, larger mailbox sizes, and premium customer support. In the coming months, we’ll be introducing additional premium Outlook.com features to make personal email and calendar experiences for Office 365 subscribers more powerful, productive, and secure.

An ad-free experience

The Outlook.com interface is now free of ads for Office 365 Home and Office 365 Personal subscribers. This includes banner ads as well as advertisements in the message list—commonly referred to as native ads. Without ads, you’ll have less distractions and faster page load times, so you can be more focused and have a better email experience.

Sophisticated protection against email threats

Email is one of the most popular ways that criminals trick people into giving away their passwords or downloading viruses and ransomware. That’s why all Outlook.com accounts already feature robust spam and virus filtering and support from a global security team that works tirelessly to stop these threats.

For Office 365 Home and Office 365 Personal subscribers, we now offer additional security against the most sophisticated types of threats in two ways:

  • Scanning attachments—Sophisticated techniques detect new types of malware previously not seen, giving you protection against today’s most advanced threats.
  • Checking links—When you click a link in an email, it is checked in real-time to determine if the destination website is likely to download viruses or malware onto your computer. If the site is found to be malicious, a warning screen alerts you not to access the site.

More mailbox storage

In our new Office 365based infrastructure, a free Outlook.com account now receives 15 GB of email storage space. Office 365 Home and Office 365 Personal subscribers enjoy even larger amounts of storage: 50 GB of space in total. Today, we’re also boosting storage limits to 50 GB for all our loyal Outlook.com users whose mailbox size is 12 GB or larger.

Premium support

If you need help on an Outlook.com account issue, you’ll receive free technical support as an Office 365 subscriber. Whether you call us on the phone or reach out via in-app support, you get our highest levels of care and support.

How to get started

Getting started and using these premium features in Outlook.com is easy.

  • It’s automatic—We activate the premium Outlook.com benefits based on the email address you used to sign up for your Office 365 subscription. Addresses ending in @outlook.com, @hotmail.com, @live.com, and @msn.com all qualify. Please note that if you use the Connected Accounts feature to access a @gmail.com, @yahoo.com, or other third-party account from Outlook.com—the advanced email security features do not apply to these accounts.
  • You can share the benefits—If you have an Office 365 Home subscription and share your Office 365 benefits with others, they will get these benefits for their Outlook.com mailboxes—including the advanced security, ad-free experience, and 50 GB of email storage.
  • The rollout is underway—We’ve already begun rolling these capabilities out to Office 365 Home and Office 365 Personal subscribers worldwide. The process of updating all accounts will take about one month. So if you don’t see them right away, don’t worry—they are on the way.

To learn more about the features and see a list of frequently asked questions, please check out the Premium Outlook.com features for Office 365 subscribers help topic.

We hope you enjoy these new benefits, and we look forward to bringing even more premium value to Office 365 Home and Office 365 Personal subscribers in the months ahead!

—The Outlook.com team

MakeCode for Minecraft makes learning to code super fun

A few years ago, my group in Microsoft’s research organization began to experiment with tools that make it possible for kids to learn how to code in the context of Minecraft, the wildly popular game where players build fantastical virtual worlds out of digital blocks, create and play mini-games within the game, and learn to survive monster-filled nights.

Confused? That’s okay. Many grownups don’t understand Minecraft. Even if they think they do, they don’t. That no rules, open-world environment is all part of its appeal. Our goal is to leverage this enthusiasm to teach kids how to code while playing Minecraft. After all, game playing is the most natural way for humans to learn.

The research is an outgrowth of our TouchDevelop program, which we started in 2011 to teach people how to program and build apps using the touchscreen on their phones. These devices are much more powerful, graphic and sensor rich computers than those we learned to code on as kids. Our TouchDevelop group wanted anyone to be able to program their phones as easily as we did 8-bit computers.

Then Minecraft emerged as the game people everywhere were playing and we found ourselves wanting to code inside Minecraft, too. The rest, as they say, is history.

Students in my after-school computer science classes lucky enough to tinker with coding in Minecraft went nutso crazy, in a good way. The ability to write code and immediately see the results in Minecraft, such as avatars that can jump 100 blocks high, dig through mountains and make it rain chickens, sent my students running around the classroom from screen to screen to see what their classmates did and shouting the IP addresses of their servers across the room.

Today, our Microsoft Research and Microsoft MakeCode teams are excited to make this learning experience widely available through Microsoft MakeCode for Minecraft on Windows 10.

The MakeCode for Minecraft editor has the pixelated look and feel of Minecraft. MakeCode allows coding with visual blocks, based on a drag and drop interface for beginners, as well as in text with a JavaScript interface for the more experienced learners.

Coding with blocks or text, MakeCode teaches the 101 of programming languages, including variables, control flow, if statements, loops and functions. More advanced users smoothly ramp up to more complex concepts such as recursion, fractals and object oriented or distributed programming.

The Microsoft MakeCode team also works on other editors that allow the programming of physical things such as micro-controllers including the micro:bit and Adafruit Circuit Playground Express. In all these scenarios, the coding is directly linked to building something real, which is the primary reason most computer programmers learn to code in the first place.

Instead of thinking they are coding, students are playing a game, they are building their next superpower. Minecraft is a game. MakeCode for Minecraft fits the coding experience into the game itself. Check it out.


WLAN administration challenges and how to tackle them

This week, as schools and universities began fall classes, Lee Badman used his WiredNot blog to discuss WLAN administration in the education arena. According to Badman, WLAN administration for education is particularly challenging because of the sudden increase in demand for connectivity when students return to school, often joining the network through a loose BYOD policy.

Badman cited a list of items university network administrators should follow as classes get back into full swing. Among them, networks need to be stable. “We stop making any significant network changes almost a full month ahead of the opening period, and rely heavily on the quality of the underlying code,” he wrote.

The university network must also be able to scale, and it must be predictable. At Badman’s institution, the network will serve almost 30,000 simultaneous users from more than 4,000 access points. That’s a lot of traffic to manage.

Additionally, IT teams must focus on performance and easy-to-use features — particularly in education, where many students need to be onboarded to a secure network in a short span of time.

“Part of our annual exercise is also realizing that big numbers on graphs may not reflect that our clients are really and truly using the network in ways now — as they get settled on campus — like they will a week from now. As it is every year, vigilance follows getting to our big numbers,” said Badman.

Read more of Badman’s thoughts on educational WLAN administration.

Cumulus launches virtual lab and container management system

Drew Conry-Murray, writing in Packet Pushers, explored Cumulus Networks’ launch of a new virtual lab system, along with Host Pack software for managing containers. According to Conry-Murray, the vendor launched Cumulus in the Cloud as a virtual lab designed to mimic a twin-rack leaf-spine network. The vendor assembled a prebuilt test environment to speed testing for customers, sparing them the time necessary to set up a custom test environment.

The launch coincides with the deployment of Host Pack, a bundle of software built around the vendor’s NetQ network telemetry and Cumulus Linux to host containers. The new offering, designed to run on a server and provide a routing stack, supports both Docker containers and Docker Swarm. It will add Apache Mesos support in the fall of 2017. NetQ is intended to improve container visibility, displaying connections between containers and physical switches. Host Pack costs $1,000 for each license — a fee that also covers a year of support.

Dig deeper into Conry-Murray’s thoughts on Cumulus.

Overcoming security analysis challenges

Jon Oltsik, an analyst with Enterprise Strategy Group Inc. in Milford, Mass., said most organizations face significant challenges with security monitoring and analysis. A recent ESG study, encompassing 412 IT professionals, found that 30% of respondents struggled with total cost of ownership, as organizations spend large sums on security without marked improvements.

Nearly a quarter of respondents cited a lack of tools and processes, lack of skills or the rapid addition of new applications and network hosts as factors complicating their security strategies. Close to 30% of respondents also lamented the time their security operations center teams had to focus on high-priority emergencies, leaving less time for strategizing.

“When it comes to cybersec operations, many organizations suffer from ‘death by a thousand cuts’ syndrome with multiple issues across people, processes and technologies,” Oltsik wrote. “Given this, CISOs [chief information security officers] should think in terms of 3-year strategic security operations planning rather than adding the latest next-generation security tool and only exacerbating operational inefficiencies,” he added.

Explore more of Oltsik’s thoughts on security analysis.