Tag Archives: designed

Alteryx 2020.1 highlighted by new data profiling tool

Holistic Data Profiling, a new tool designed to give business users a complete view of their data while in the process of developing workflows, highlighted the general availability of Alteryx 2020.1 on Thursday.

Alteryx, founded in 1997 and based in Irvine, Calif., is an analytics and data management specialist, and Alteryx 2020.1 is the vendor’s first platform update in 2020. It released its most recent update, Alteryx 2019.4, in December 2019, featuring a new integration with Tableau.

The vendor revealed the platform update in a blog post; in addition to Holistic Data Profiling, it includes 10 new features and upgrades. Among them are new language toggling feature in Alteryx Designer, the vendor’s data preparation product.

“The other big highlights are more workflow efficiency features,” said Ashley Kramer, Alteryx’s senior vice president of product management. “And the fact that Designer now ships with eight languages that can quickly be toggled without a reinstall is huge for our international customers.”

Holistic Data Profiling is a low-code/no-code feature that gives business users an instantaneous view of their data to help them better understand their information during the data preparation process — without having to consult a data scientist.

After dragging a Browse Tool — Alteryx’s means of displaying data from a connected tool as well as data profile information, maps, reporting snippets and behavior analysis information — onto Alteryx’s canvas, Holistic Data Profiling provides an immediate overview of the data.

Holistic Data Profiling is aimed to help business users understand data quality and how various columns of data may be related to one another, spot trends, and compare one data profile to another as they curate their data.

An overview of an organization's data is displayed in a sample Holistic Data Profiling gif from Alteryx.
A sample Holistic Data Profiling gif from Alteryx gives an overview of an organization’s data.

Users can zoom in on a certain column of data to gain deeper understanding, with Holistic Data Profiling providing profile charts and statistics about the data such as the type, quality, size and number of records.

That knowledge will subsequently inform how to proceed to the next move in order to ultimately make a data-driven decision.

It’s easy to get tunnel vision when analyzing data. Holistic Data Profiling enables end users — via low-code/no-code tooling — to quickly gain a comprehensive understanding of the current data estate.
Mike LeoneAnalyst, Enterprise Strategy Group

“It’s easy to get tunnel vision when analyzing data,” said Mike Leone, analyst at Enterprise Strategy Group. “Holistic Data Profiling enables end users — via low-code/no-code tooling — to quickly gain a comprehensive understanding of the current data estate. The exciting part, in my opinion, is the speed at which end users can potentially ramp up an analytics project.”

Similarly, Kramer noted the importance of being able to more fully understand data before the final stage of analysis.

“It is really important for our customers to see and understand the landscape of their data and how it is changing every step of the way in the analytic process,” she said.

Alteryx customers were previously able to view their data at any point — on a column-by-column or defined multi-column basis — but not to get a complete view, Kramer added.

“Experiencing a 360-degree view of your data with Holistic Data Profiling is a brand-new feature,” she said.

In addition to Holistic Data Profiling, the new language toggle is perhaps the other signature feature of the Alteryx platform update.

Using Alteryx Designer, customers can now switch between eight languages to collaborate using their preferred language.

Alteryx previously supported multiple languages, but for users to work in their preferred language, each individual user had to install Designer in that language. With the updated version of Designer, they can click on a new globe icon in their menu bar and select the language of their choice to do analysis.

“To truly enable enterprise-wide collaboration, breaking down language barriers is essential,” Leone said. “And with Alteryx serving customers in 80 different countries, adding robust language support further cements Alteryx as a continued leader in the data management space.”

Among the other new features and upgrades included in Alteryx 2020.1 are a new Power BI on-premises loader that will give users information about Power BI reports and automatically load those details into their data catalog in Alteryx Connect; the ability to input selected rows and columns from an Excel spreadsheet; and new Virtual Folder Connect to save custom queries.

Meanwhile, a streamlined loader of big data from Alteryx to the Snowflake cloud data warehouse is now in beta testing.

“This release and every 2020 release will have a balance of improving our platform … and fast-forwarding more innovation baked in to help propel their efforts to build a culture of analytics,” Kramer said.

Go to Original Article
Author:

Windows IIS server hardening checklist

Default configurations for most OSes are not designed with security as the primary focus. Rather, they concentrate…

on ease of setup, use and communications. Therefore, web servers running default configurations are obvious targets for automated attacks and can be quickly compromised.

Device hardening is the process of enhancing web server security through a variety of measures to minimize its attack surface and eliminate as many security risks as possible in order to achieve a much more secure OS environment.

Because web servers are constantly attached to the internet and often act as gateways to an organization’s critical data and services, it is essential to ensure they are hardened before being put into production.

Consult this server hardening checklist to ensure server hardening policies are correctly implemented for your organization’s Windows Internet Information Services (IIS) server.

General

  • Never connect an IIS server to the internet until it is fully hardened.
  • Place the server in a physically secure location.
  • Do not install the IIS server on a domain controller.
  • Do not install a printer.
  • Use two network interfaces in the server: one for admin and one for the network.
  • Install service packs, patches and hot fixes.
  • Run Microsoft Security Compliance Toolkit.
  • Run IIS Lockdown on the server.
  • Install and configure URLScan.
  • Secure remote administration of the server, and configure for encryption, low session timeouts and account lockouts.
  • Disable unnecessary Windows services.
  • Ensure services are running with least-privileged accounts.
  • Disable FTP, Simple Mail Transfer Protocol and Network News Transfer Protocol services if they are not required.
  • Disable Telnet service.
  • Disable ASP.NET state service if not used by your applications.
  • Disable Web Distributed Authoring and Versioning if not used by the application, or secure it if it is required.
  • Do not install Microsoft Data Access Components (MDAC) unless specifically needed.
  • Do not install the HTML version of Internet Services Manager.
  • Do not install Microsoft Index Server unless required.
  • Do not install Microsoft FrontPage Server Extensions (FPSE) unless required.
  • Harden the TCP/IP stack.
  • Disable NetBIOS and Server Message Block — closing ports 137, 138, 139 and 445.
  • Reconfigure recycle bin and page file system data policies.
  • Secure CMOS (complementary metal-oxide semiconductor) settings.
  • Secure physical media — CD-ROM drive and so on.

Accounts

  • Remove unused accounts from the server.
  • Disable Windows Guest account.
  • Rename Administrator account, and set a strong password.
  • Disable IUSR_Machine account if it is not used by the application.
  • Create a custom least-privileged anonymous account if applications require anonymous access.
  • Do not give the anonymous account write access to web content directories or allow it to execute command-line tools.
  • If you host multiple web applications, configure a separate anonymous user account for each one.
  • Configure ASP.NET process account for least privilege. This only applies if you are not using the default ASP.NET account, which is a least-privileged account.
  • Enforce strong account and password policies for the server.
  • Enforce two-factor authentication where possible.
  • Restrict remote logons. (The “access this computer from the network” user right is removed from the Everyone group.)
  • Do not share accounts among administrators.
  • Disable null sessions (anonymous logons).
  • Require approval for account delegation.
  • Do not allow users and administrators to share accounts.
  • Do not create more than two accounts in the administrator group.
  • Require administrators to log on locally, or secure the remote administration system.

Files and directories

  • Use multiple disks or partition volumes, and do not install the web server home directory on the same volume as the OS folders.
  • Contain files and directories on NT file system (NTFS) volumes.
  • Put website content on a nonsystem NTFS volume.
  • Create a new site, and disable the default site.
  • Put log files on a nonsystem NTFS volume but not on the same volume where the website content resides.
  • Restrict the Everyone group — no access to WINNTsystem32 or web directories.
  • Ensure website root directory has deny write access control entry (ACE) for anonymous internet accounts.
  • Ensure content directories have deny write ACE for anonymous internet accounts.
  • Remove resource kit tools, utilities and SDKs.
  • Remove any sample applications or code.
  • Remove IP address in header for Content-Location.

Shares

  • Remove all unnecessary shares, including default administration shares.
  • Restrict access to required shares — the Everyone group does not have access.
  • Remove administrative shares — C$ and Admin$ — if they are not required. (Microsoft System Center Operations Manager — formerly Microsoft Systems Management Server and Microsoft Operations Manager — requires these shares.)

Ports

  • Restrict internet-facing interfaces to port 443 (SSL).
  • Run IIS Lockdown Wizard on the server.

Registry

  • Restrict remote registry access.
  • Secure the local Security Account Manager (SAM) database by implementing the NoLMHash Policy.

Auditing and logging

  • Audit failed logon attempts.
  • Relocate and secure IIS log files.
  • Configure log files with an appropriate file size depending on the application security requirement.
  • Regularly archive and analyze log files.
  • Audit access to the MetaBase.xml and MBSchema.xml files.
  • Configure IIS for World Wide Web Consortium extended log file format auditing.
  • Read how to use SQL Server to analyze web logs here.

Sites and virtual directories

  • Put websites on a nonsystem partition.
  • Disable Parent Paths setting.
  • Remove any unnecessary virtual directories.
  • Remove or secure MDAC Remote Data Services virtual directory.
  • Do not grant included directories read web permission.
  • Restrict write and execute web permissions for anonymous accounts in virtual directories.
  • Ensure there is script source access only on folders that support content authoring.
  • Ensure there is write access only on folders that support content authoring and these folders are configured for authentication and SSL encryption.
  • Remove FPSE if not used. If FPSE are used, update and restrict access to them.
  • Remove the IIS Internet Printing virtual directory.

Script mappings

  • Map extensions not used by the application to 404.dll — .idq, .htw, .ida, .shtml, .shtm, .stm, idc, .htr, .printer.
  • Map unnecessary ASP.NET file type extensions to HttpForbiddenHandler in Machine.config.

ISAPI filters

IIS Metabase

  • Restrict access to the metabase by using NTFS permissions (%systemroot%system32inetsrvmetabase.bin).
  • Restrict IIS banner information (disable IP address in content location).

Server certificates

  • Ensure certificate date ranges are valid.
  • Only use certificates for their intended purpose. For example, the server certificate is not used for email.
  • Ensure the certificate’s public key is valid, all the way to a trusted root authority.
  • Confirm that the certificate has not been revoked.

Machine.config

  • Map protected resources to HttpForbiddenHandler.
  • Remove unused HttpModules.
  • Disable tracing: <trace enable=”false”/>.
  • Turn off debug compiles: <compilation debug=”false” explicit=”true” defaultLanguage=”vb”>.

Dig Deeper on Microsoft Windows security

Go to Original Article
Author:

Google Cloud support premium tier woos enterprise customers

Google Cloud has introduced a Premium Support option designed to appeal to large enterprises through features such as 15-minute response times for critical issues.

Premium Support customers will be serviced by “context-aware experts who understand your unique application stack, architecture and implementation details,” said Atul Nanda, vice president of cloud support.

These experts will coordinate with a customer’s assigned technical account manager to resolve issues faster and in a more personalized manner, Nanda said in a blog post.

Google wanted to expand its support offerings beyond what basic plans for Google Cloud and G Suite include, according to Nanda. Other Premium Support features include operational health reviews, training, preview access to new products and more help with third-party technologies.

In contrast, Google’s other support options range from a free tier that provides help with only billing issues; Development, which costs $100 per user per month, with a four-hour response time; and Production, which costs $250 per user per month and has a one-hour response time.

Premium Support carries a base annual fee of $150,000 plus 4% of the customer’s net spending on Google Cloud Platform and/or G Suite. Google is also working on add-on services for Premium Support, such as expanded technical account manager coverage and mission-critical support, which involves a site reliability engineering consulting engagement. The latter is now in pilot.

Cloud changes the support equation

Customers with on-premises software licenses are used to paying stiff annual maintenance fees, which give them updates, bug fixes and technical support. On-premises maintenance fees can generate profit margins for vendors north of 90%, consuming billions of IT budget dollars that could have been spent on better things, said Duncan Jones, an analyst at Forrester.

Duncan JonesDuncan Jones

Google is recognizing they need to move up the stack in terms of support to make further inroads into the enterprise space.
Grant KirkwoodCTO, Unitas Global

“But customers of premium support offerings such as Microsoft Unified (fka Premier) Support and SAP MaxAttention express much higher satisfaction levels with value for money,” Jones said via email. “They are usually an alternative to similar services that the vendor’s SI and channel partners offer, so there is competition that drives up standards. Plus, they are optional extras so price/demand sensitivity keeps pricing at reasonable levels.” On the whole, Google’s move to add Premium Support is positive for customers, according to Jones.

But it’s clear why Google did it from a business perspective, said Grant Kirkwood, CTO of Unitas Global, a hybrid cloud services provider in Los Angeles. “Google is recognizing they need to move up the stack in terms of support to make further inroads into the enterprise space,” he said.

Microsoft today probably has the most robust support in terms of a traditional enterprise look-and-feel, while AWS’ approach is geared a bit more toward DevOps-centric shops, Kirkwood added.

“[Google is] taking a bit out of both playbooks,” he said. Premium Support could appeal to enterprises that have already done easier lift-and-shift projects to the cloud and are now rebuilding or creating new cloud-native applications, according to Kirkwood.

But as with anything, Google will have to prove its Premium Support option is worth the extra money.

“Successful [support] plans require great customer success management, highly trained technical account managers and AI-driven case management,” said Ray Wang, founder and CEO of Constellation Research.

Go to Original Article
Author:

New Amazon Kendra AI search tool indexes enterprise data

LAS VEGAS — Amazon Kendra, a new AI-driven search tool from the tech giant, is designed to enable organizations to automatically index business data, making it easily searchable using keywords and context.

Revealed during a keynote by AWS CEO Andy Jassy at the re:Invent 2019 user conference here,  Kendra relies on machine learning and natural language processing (NLP) to bring enhanced search capabilities to on-premises and cloud-based business data. The system is in preview.

“Kendra is enterprise search technology,” said Forrester analyst Mike Gualtieri. “But, unlike enterprise search technology of the past, it uses ML [machine learning] to understand the intent of questions and return more relevant results.”

Cognitive search

Forrester, he said, calls this type of technology “cognitive search.” Recent leaders in that market, according to a Forrester Wave report Gualtieri helped write, include intelligent search providers Coveo, Attivio, IBM, Lucidworks, Mindbreeze and Sinequa. Microsoft was also ranked highly in the report, which came out in May 2019. AWS is a new entrant in the niche.

“Search is often an area customers list as being broken especially across multiple data stores whether they be databases, office applications or SaaS,” said Nick McQuire, vice president at advisory firm CCS Insight.

Unlike enterprise search technology of the past, [Kendra] uses ML to understand the intent of questions and return more relevant results.
Mike GualtieriAnalyst, Forrester

While vendors such as IBM and Microsoft have similar products, “the fact that AWS is now among the first of the big tech firms to step into this area illustrates the scale of the challenge” to bring a tool like this to market, he said.

During his keynote, Jassy touted the intelligent search capabilities of Amazon Kendra, asserting that the technology will “totally change the value of the data” that enterprises have.

Setup of Kendra appears straightforward. Organizations will start by linking their storage accounts and providing answers to some of the questions their employees frequently query their data about. Kendra then indexes all the provided data and answers, using machine learning and NLP to attempt to understand the data’s context.

Understanding context

“We’re not just indexing the keywords inside the document here,” Jassy said.

AWS CEO Andy Jassy announced Kendra at AWS re:Invent 2019
AWS CEO Andy Jassy announced Kendra at AWS re:Invent 2019

Meanwhile, Kendra is “an interesting move especially since AWS doesn’t really have a range of SaaS application which generate a corpus of information that AI can improve for search,” McQuire said.

“But,” he continued, “this is part of a longer-term strategy where AWS has been focusing on specific business and industry applications for its AI.”

Jassy also unveiled new features for Amazon Connect, AWS’ omnichannel cloud contact center platform. With the launch of Contact Lens for Amazon Connect, users will be able to perform machine learning analytics on their customer contact center data. The platform will also enable users to automatically transcribe phone calls and intelligently search through them.

By mid-2020, Jassy said, Amazon Kendra will support real-time transcription and analysis of phone calls.

Go to Original Article
Author:

SAP Data Warehouse Cloud may democratize data analytics

SAP Data Warehouse Cloud is the latest products entrant designed to democratize data analytics.

SAP Data Warehouse Cloud is a data warehouse as a service product that became generally available in October. It connects a variety of data sources but enables organizations to decide where and how they want to keep and access the data.

It includes some features that should make it attractive to business users, particularly for those already running SAP systems, but SAP Data Warehouse Cloud faces a crowded market. Still, it’s a product SAP clearly needs to remain competitive in the data warehouse and data analytics game, according to one analyst.

Dan LahlDan Lahl

Making data analytics more applicable and accessible to the business is the main goal of SAP Data Warehouse Cloud, said Dan Lahl, SAP vice president of product marketing.

“In SAP Data Warehouse Cloud we’ve added new things to the data warehouses that allow customers to define their own data sets, and either virtualize or pull in that data so they can make decisions on exactly the data they want to look at,” Lahl said. “Usually you get five guys with four spreadsheets and everybody’s arguing over who’s got the data and the decision of record. SAP Data Warehouse Cloud will either virtualize or move data, specifically to the information the customer needs, and then the business user decides what dashboards or what reports they want to use on that data. It’s getting to business decisions more quickly for business users.”

One feature, Spaces, enables business users to align data in ways that are aligned with their business or process needs.

“Data warehouses used to take a long time to build. It was very expensive, it took a number of people to build them, and by the time you got to build the reports that you wanted, nobody wanted them anymore,” Lahl said. “This is kind of the antithesis of that, getting the business user to look and access the data they want and then build reporting and visualizations off of that.”

SAP Data Warehouse Cloud also includes SAP Analytics Cloud, which provides built-in reporting and dashboard capabilities.

Opening up analytics

Velux Group, a global manufacturing of windows based in Horsholm, Denmark, has been evaluating SAP Data Warehouse Cloud as a key part in the evolution of its data analytics program. The company has 27 production sites in 10 countries, sales offices in 40 countries, and 11,500 employees.

Andreas MadsenAndreas Madsen

Velux Group is a longtime SAP customer, running SAP ECC for ERP and BusinessObjects BI and Business Warehouse (BW) for data analytics and storage. However, the company has run into some limitations with BusinessObjects and is looking to overcome those limitations with SAP Data Warehouse Cloud, said Andreas Madsen, senior data and analytics partner at Velux.

Velux is in the process of developing a new business model to sell more directly to consumers, in addition to the traditional channel of installers and resellers.

“Normally, it’s the installers and dealers that actually sell our windows — we sell through them. So we don’t know that much about our end users, but that’s changing as we’re moving into the online market as well,” Madsen said.

Direct selling requires more flexibility than what Velux’s current systems offer.

“There’s a transition in what we need to know about our end users and how we use data,” he said. “And although we have a very good, well-functioning ECC system, BW, and some classic reporting, it’s really hard to navigate in, it’s really hard to explore data when everything is structured in the data warehouse.”

The ultimate strategic goal is for Velux to become more customer-centric, and Madsen said that in order to do this, the company needs a more open data platform that enables business users to link the data as needed.

“There is a world outside of our corporate enterprise systems. We cover all the business processes in Velux, but if you look at marketing they might have 50 or 60 different databases that that they use data from, they need to be able to cater to that data as well,” Madsen said. “It’s important data, but it’s not something that we are in control of, so we need to give them a platform where they can operate and then combine that with the enterprise data.”

SAP’s needed reaction to data analytics market

SAP Data Warehouse Cloud is a necessary evolution of SAP’s HANA-based data analytics approach, especially given the crowded, competitive analytics market, said Dana Gardner, president and principal analyst with Interarbor Solutions LLC.

It needs to be noted that SAP is reacting to the market rather than making the market.
Dana GardnerPresident and principal analyst, Interarbor Solutions LLC

“There are lot of companies out there like Qlik, Tableau, and others that are making inroads and we’re seeing more of this analytics as a service and the democratization of data,” Gardner said. “SAP is recognizing that they need to compete better in all aspects of data analytics and not just the enterprise systems of record integration part of it. But it needs to be noted that SAP is reacting to the market rather than making the market.”

Dana GardnerDana Gardner

The SAP Data Warehouse Cloud approach focuses on the democratization of data analytics and makes it simple and automated behind the scenes, so that more business users get the types of analytics they need based on their business role and what work they are doing, Gardner said.

“You don’t want to make data analytics just available to data scientists. It’s time to break down the ivory tower,” he said. “The more people that use more analytics in your organization, the better you’re going to be as a company, so it’s important that SAP gets aggressive and out on front on this.”

Go to Original Article
Author:

Zoho adds new Zoho One features, management application

Zoho has released its latest version of Zoho One, an operating system designed to run all aspects of a business within one platform. This generation has three new services, one new application and updates to several existing features.

Updates to Zoho One features include adding Zoho’s telephony platform to Zoho One as well as single sign-on services, extending app management and provisioning capabilities. Businesses workflow management application Orchestly is another addition, as are improved Zoho Sign features and more support for users.

New application

Orchestly is the newest application added to Zoho One. It has a drag-and-drop interface in an effort to enable managers with no coding skills to define processes. Orchestly lets managers and admins automate and run their regular workflow, including cross-departmental tasks such as purchase approvals, content publishing, asset managing and onboarding.

According to Zoho One, the idea behind Orchestly is to create workflows and automation when processes involve more than one department.

New services

PhoneBridge: Zoho has added its telephony platform PhoneBridge to the operating system, which integrates more than 50 telephony vendors on one side, and several Zoho applications on the other side. PhoneBridge enables telephony in Zoho apps like CRM and Recruit. It also provides contextual information for all incoming calls and lets customers make calls from Zoho apps.

Single sign-on: Single sign-on was also added to Zoho One, which enables customers to integrate any third-party applications onto their Zoho account. It also supports about 50 third-party applications and is scalable for midsize to large businesses. Additionally, Zoho One admins can enforce YubiKey authentication as an added factor for security.

App management and provisioning: Zoho has extended provisioning to custom apps created through Zoho Creator, as well as to external apps available through Zoho Marketplace. They can be provisioned individually to users or as groups with custom criteria. There is also a new Admin Panel with dashboards and reports to enable admins to monitor user activity and app usage. Admins also get reports on user management, sign-in activity, app usage and account security.

The analytics dashboard shows eight full charts of statistics for topics such as sales and receivables, customer analytics, closed revenue and sales overview.
The analytics dashboard shows a variety of data for users.

Service updates

Other improved Zoho One features include an additional level of verification in Zoho Sign by adopting blockchain-based timestamping through Ethereum. When documents are signed using Zoho Sign, an Ethereum transaction will happen in the background, and the hash of the signed document will be added to the transaction note, providing an additional digital signature.

Additional updates includes free concierge service, in which potential customers can speak with the Zoho team to see how the service could potentially benefit their business.

Zoho also added Jumpstart for Zoho One to help customers through their initial implementation. All customers are given support, but now enterprise customers can request premium support.

Go to Original Article
Author:

Poly targets huddle rooms with Trio 8300

Poly unveiled a smaller, cheaper version of its Trio conference room phone designed for small meeting spaces, or huddle rooms. The vendor also released a new wireless phone and said it would let businesses rent its headsets in lieu of buying them.

The Trio 8300 is the third phone in the current Poly Trio series, behind the 8500 for medium-sized conference rooms and the 8800 for large conference rooms. The new device is for rooms that fit between two and five people.

The Trio 8300 comes with most of the same features as the two more expensive models — including Bluetooth connectivity, noise-blocking technology and compatibility with video conferencing software — but its microphones have a shorter range.

The main difference is price. The Trio 8300 has a suggested retail price of $649, compared with $1,099 for the 8500 and $1,599 for the 8800, according to the website of IP Phone Warehouse, a reseller of Poly devices.

“By emulating the user experience of predecessors, yet at a competitive price, the Trio 8300 could deliver significant value for money to businesses,” said Alaa Saayed, an analyst at Frost & Sullivan.

The Trio devices work with the software of a wide range of unified communications (UC) vendors, including Avaya, Cisco, Microsoft (Skype for Business), RingCentral, Vonage, 8×8, Zoom and BlueJeans.

Photo of Poly Trio 8300
The Trio 8300 conference room phone is smaller and cheaper than the two other devices in the series.

Poly — the company formed through the merger of Plantronics and Polycom — released a USB video system for huddle rooms earlier this year, called the Polycom Studio. The vendor’s huddle room portfolio also includes the RealPresence Group 310, which comes with a video codec.

Spending on video conferencing technology for huddle rooms is expected to reach $1.5 billion within five years, representing an average annual growth rate of 29.2% between 2018 and 2023, according to Frost & Sullivan.

Poly releases wireless IP phone

Poly also released the VVX D230, a wireless phone targeted at small businesses and retailers. The device plugs a gap in the vendor’s lineup of phones and should help it compete against Yealink and Grandstream Networks, which make similar devices.

The VVX D230 has a range of 165 feet indoors and its battery lasts eight hours. The phone also comes with features Poly said it usually makes available only in desk phones, such as speakerphone, caller ID, conferencing, transfer controls and intercom capabilities.

The phone uses Digital Enhanced Cordless Telecommunications (DECT), a wireless technology similar to Bluetooth but with greater range. Shipments of DECT phones were projected to increase at an average annual rate of 4.8% between 2018 and 2025, according to Frost & Sullivan.

“It was a missing piece of the puzzle that they had to offer as part of their overall endpoints portfolio,” Saayed said.

Poly expands rental program

Meanwhile, Poly added headsets to its device as a service (DaaS) offering in North America, a financing plan that lets businesses pay rent devices on a month-to-month basis without large upfront costs.

Device subscription plans have grown in popularity over the past few years, coinciding with the rise of cloud software, which is sold through a similar pricing model.

Poly’s DaaS offering already included its desk and conference room phones.

“In the case of pro headsets, the DaaS model might certainly alleviate high upfront costs in a full-blown UC rollout, allowing customers to cancel and return devices at any time,” Saayed said.

Go to Original Article
Author:

Cohesity CyberScan scans backup copies for security risks

The latest application added to Cohesity Marketplace is designed to trawl through backups to look for security vulnerabilities.

Cohesity CyberScan is a free application available on the Cohesity Marketplace. Using Tenable.io, it compares applications in a backup environment against the public Common Vulnerabilities and Exposures (CVE) database to detect possible security flaws. The admin can then address these flaws, whether it’s an out-of-date patch, software bugs or vulnerabilities around open ports.

Cohesity CyberScan doesn’t affect the production environment when it performs its scan. The application boots up a backup snapshot and performs an API call to Tenable.io in order to find vulnerabilities. This process has the added benefit of confirming whether a particular snapshot is recoverable in the first place.

Raj Dutt, director of product marketing at Cohesity, said because the vulnerability scan happens in Cohesity’s runtime environment and not the live environment, many customers may be prompted to perform these scans. Citing a recent study performed by independent IT research firm Ponemon Institute, Dutt said 37% of respondents who suffered a security breach did not scan their environments for vulnerabilities.

“They work in an environment where the organization is expected to run 24/7/365, so essentially, there is no downtime to run these scans or make the patches,” Dutt said.

Dutt said even organizations that do perform vulnerability scans don’t do them often enough. Vulnerabilities and exposures published on the CVE database are known to bad actors, so weekly or monthly scans still leave organizations with a wide window in which they can be attacked. Dutt said since Cohesity CyberScan doesn’t interfere with the production environment, customers are free to run scans more frequently.

screenshot of Cohesity CyberScan dashboard
The Security Dashboard houses the vulnerability scan and anti-ransomware capabilities.

Phil Goodwin, a research director at IT analyst firm IDC, said there are applications that scan backup copies or secondary data but scan mostly to detect out-of-date drivers or other roadblocks to a successful restore or failover. Running it against a CVE database to look for potential security problems is unique.

End users are talking about data protection and security in the same sentence. It really is two sides of the same coin.
Phil GoodwinResearch director, IDC

Goodwin said Cohesity CyberScan is the latest example of backup vendors adding security capabilities. Security and data protection are different IT disciplines that call for different technology, but Goodwin said he has encountered customers conflating the two.

“End users are talking about data protection and security in the same sentence,” Goodwin said. “It really is two sides of the same coin.”

Security is the proactive approach of preventing data loss, while data protection and backup are reactive. Goodwin said organizations should ideally have both, and backup vendors are starting to provide proactive features such as data masking, air gapping and immutability. But Goodwin said he has noticed many vendors stop shy of malware detection.

Indeed, Cohesity CyberScan does not have malware detection. Dutt stressed that the application’s use cases are focused on detecting cyberattack exposures and ensuring recoverability of snapshots. He pointed out that Cohesity DataPlatform does have anti-ransomware capabilities, and they can be accessed from the same dashboard as CyberScan’s vulnerability scan.

Cohesity CyberScan is generally available now to customers who have upgraded to the latest Cohesity Pegasus 6.4 software. The application itself is free, but customers are required to have their own Tenable license.

Go to Original Article
Author:

Exten Technologies releases 3.0 version of NVMe platform

Exten Technologies has released the third generation of its HyperDynamic storage software, which was designed with the aim of bringing more resiliency, performance and management to data center customers.

New features in generation three include node-level resiliency with synchronous replicas, shared volumes with replicas for supporting parallel file systems, dual parity resiliency, and integrated drive management and hot swap.

Exten software is deployed on the storage target and does not require proprietary software on compute clients.

According to Exten, HyperDynamic 3.0 aims to improve TCP performance with Solarflare TCP acceleration that provides TCP performance near remote direct memory access.

It also has new features designed to simplify NVMe-oF storage management and deployment, Exten claims. These features include declustered RAID, which enables the configuration of resilient volumes that use Linux multi-path IO software to provide redundancy in both networking and storage. Exten’s interface provides node- and cluster-level telemetry. Users can also set quality-of-service limits in order to manage performance during drive or node rebuilds.

Exten Technologies is part of a batch of newer vendors making their way in the NVMe market.

Apeiron Data Systems offers a handful of NVMe storage products, including enterprise NVMe. It is NVMe over Ethernet, as opposed to over fabric, and was designed with the goal of delivering the performance and cost of server-based scale-out but with the manageability of enterprise storage.

Vendor Vexata also touts its RAID-protected NVMe and claims it has ultralow latency at scale. According to its website, the company was founded in an attempt to provide better performance and efficiency, while at a lower cost than other flash storage solutions.

Exten Technologies’ HyperDynamic 3.0 is available now.

Go to Original Article
Author:

8×8 launches small-business phone system 8×8 Express

8×8 Inc. has launched 8×8 Express, a business phone system designed specifically for smaller businesses that don’t yet have an IT staff.

8×8 Express does not require implementation services, and the vendor claimed online setup takes minutes. 8×8 Express gives users unlimited calling to the United States and Canada; HD video conferencing; business messaging, including text messaging and group chats; and intelligent call routing. All features are available on desktop and mobile for both iOS and Android.

Additionally, 8×8 Express includes the recently released 8×8 Meetings platform. This enables teams to collaborate with HD video conferencing with screen sharing. The Meetings platform is accessible through the same mobile and desktop apps that are used for calling and texting. Collaborators can join meetings from browsers without downloading software. 8×8 Meetings is in early access now for new 8×8 Express and X Series customers on X2 packages and above.

Other features of 8×8 Express include the following:

  • call forwarding, auto attendant and ring groups;
  • voicemail;
  • moving existing businesses’ numbers to 8×8;
  • HD voice and video;
  • compatibility with multiple Poly desk and conference phones;
  • integration with Office 365, Outlook Calendar and Google Calendar; and
  • self-administered management tool.

8×8 Express comes on the heels of a few other small-business phone system launches in recent months.

In May, Google launched CallJoy, a phone service for small businesses that gives them a local phone number and provides customer service options. A CallJoy agent can be customized to provide information to customers and block spam calls.

Earlier in July, LogMeIn Inc. launched Grasshopper Connect as a unified communications product designed for small businesses. Grasshopper Connect combines multiple forms of business communication into one inbox and enables small-business owners to create a dedicated business phone number through an existing phone.

8×8 Express is available now in the U.S. and Canada starting at $12 per person, per month.

Go to Original Article
Author: