Tag Archives: hundreds

NVMe arrays power Plex MRP cloud

Cloud ERP provider Plex Systems requires a storage setup that can host hundreds of petabytes, while meeting high thresholds for performance and availability. The software-as-a-service provider is in its final year of a storage transition in which it added NVMe arrays for performance and two additional data centers for high availability.

Plex has been running a cloud for 19 years, since its 2001 inception. It started as a multi-tenant application run through a browser for customers.

“We’ve always been a cloud to manufacturers,” said Todd Weeks, group vice president of cloud operations and chief security officer for Plex. “We’ve been 100% cloud-based to our customers.”

“It looks like a public cloud to our customers, but we see it as a private cloud,” he continued. “It’s not running in Azure, AWS or Google. It’s our own managed cloud.”

The Plex private cloud runs mainly on Microsoft software, including SQL Server, and Dell EMC storage, including PowerMax all-NVMe arrays.

Scaling out with two new data centers

Weeks said Plex’s capacity from customer data grows from 15% to 25% per year. He said it has more than 200 PB of data for about 700 customers and 2,300 worldwide manufacturing sites, and it processes more than 7 billion transactions a day with 99.998% availability.

Todd Weeks, group vice president of cloud operations and chief security officer at Plex SystemsTodd Weeks

“With the growth of our company, we wanted a much better scale-out model, which we have with our two additional data centers,” he said. “Then, we said, ‘Besides just scaling out, is there more we can get out of them around availability, reliability and performance?'”

The company, based in Troy, Mich., has storage spread among data centers in Auburn Hills, Mich.; Grand Rapids, Mich.; Denver; and Dallas. The data centers are split into redundant pairs for failover, with primary storage and backup running at all four.

Weeks said Plex has used a variety of storage arrays, including ones from Dell EMC, Hitachi Vantara and NetApp. Plex is in the final year of a three-year process of migrating all its storage to Dell EMC PowerMax 8000 NVMe arrays and VxBlock converged infrastructure that includes VMAX and XtremIO all-flash arrays.

Two data centers have Dell EMC PowerMax, and the other two use Dell EMC VxBlock storage as mirrored pairs. Backup consists of Dell EMC Avamar software and Data Domain disk appliances.

“If we lose one, we fail over to the other,” Weeks said of the redundant data centers.

The performance advantage

Weeks said switching to the new storage infrastructure provided a “dramatic increase in performance,” both for primary and backup data. Backup restores have gone from hours to less than 30 minutes, and read latency has been at least three times faster, he said. Data reduction has also significantly increased, which is crucial with hundreds of petabytes of data under management.

“The big win we noticed was with PowerMax. We were expecting a 3-to-1 compression advantage from Hitachi storage, and we’ve actually seen a 9-to-1 difference,” he said. “That allows us to scale out more efficiently. We’ve bought ourselves a couple of years of extra growth capacity. We always want to stay ahead of our customers’ needs, and our customers are database-heavy. We’re also making sure we’re a couple of years ahead of where we need to be performance-wise.”

Early all-flash arrays

Plex’s introduction to EMC storage came through XtremIO all-flash arrays. While performance was the main benefit of those early all-flash systems, Weeks said, the XtremIO REST API impressed his team.

“Being able to call into [the API] made it much more configurable,” he said. “Our storage engineers said, ‘This makes my job easier.’ It’s much easier than having to script and do everything yourself. It makes it much easier to implement and deploy.”

Weeks said Plex is reluctant to move data into public clouds because of the fees incurred for data transfers. But it does store machine information gathered from the Plex industrial IoT (IIoT) SaaS product on Microsoft Azure.

“We gather plant floor machine information and tie it into our ERP,” he said. “But we don’t use public clouds for archiving or storage.”

Plex’s IT roadmap includes moving to containerized applications, mainly to support the Plex IIoT service.

“We’re looking now at how we can repackage our application,” he said. “We’re just beginning to go in the direction of microservices and containers.”

Go to Original Article

Network Business Systems and Microsoft announce agreement to deliver broadband internet to rural communities in Illinois, Iowa and South Dakota – Stories

The partnership will benefit hundreds of thousands of unserved and underserved people

REDMOND, Wash. — Sept. 13, 2018 — On Thursday, Network Business Systems Inc., an Illinois-based wireless internet provider, and Microsoft Corp. announced a new agreement to deliver broadband internet access to rural communities in Illinois, Iowa and South Dakota, including approximately 126,700 people who are currently unserved.

This partnership addresses a critical need, as approximately 36 percent of people living in rural Illinois, 22 percent in rural Iowa and 25 percent in rural South Dakota lack access to broadband internet. In today’s digital economy, broadband internet access is a necessity, enabling people and small businesses to take advantage of advancements in technology, including education, healthcare and precision agriculture, and access a range of cloud-based services to run their businesses and improve their lives.

The partnership with Network Business Systems is part of the Microsoft Airband Initiative, which aims to extend broadband access to 2 million unserved people in rural America by July 4, 2022. Network Business Systems will construct and deploy wireless internet access networks using a mix of technologies including TV white spaces — vacant spectrum that can travel over long distances and rough terrain, including the heavy foliage that is common in the Midwestern landscape.

“Everyone deserves to have access to broadband no matter where they live because access to broadband is access to digital opportunity,” said Shelley McKinley, Microsoft’s head of Technology and Corporate Responsibility. “Our partnership with Network Business Systems will help ensure that hundreds of thousands of people in Illinois, Iowa and South Dakota can participate in the 21st century economy.”

“Bringing broadband internet to underserved areas is more important than ever, especially as industries including education, healthcare and business are depending more on internet access,” said Kari Hofmann, general manager of Network Business Systems. “We are very glad that Microsoft is investing the money in championing the further use of TV white spaces.”

Across the U.S., 19.4 million people in rural areas lack access to broadband internet. The Microsoft Airband Initiative is focused on bringing broadband coverage to people living in rural America through commercial partnerships and investment in digital skills training for people in the newly connected communities. Proceeds from Airband connectivity projects will be reinvested into the program to expand broadband to more rural areas.

About Network Business Systems Inc.

Network Business Systems Inc. has been providing rural broadband services for over 18 years. Being a technology consulting company, NBS identified a long-term need for rural internet providers that would be able to grow with the demand that rural America has, while handling the financial challenges that go along with providing rural broadband. NBS continues to provide high speed internet networks by partnering with local governments and agricultural companies. By partnering with local companies, we are able to keep costs down and provide robust internet connections and the lowest price possible to the consumer, while paying a living wage to our employees. NBS is a rural broadband provider to the residential, small business, and to enterprise sized businesses that need carrier grade connections with SLA agreements that are just as reliable as a fiber connection in urban cities.

About Microsoft

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.

For more information, press only:

Microsoft Media Relations, WE Communications for Microsoft, +1 (425) 638-7777,

[email protected]

Network Business System Inquiries, Kari Hofmann, general manager of Network Business Systems, +1 (309) 944-8823, ext. 101, [email protected] For more information on NBS or connectivity information: www.nbson.com or 888.944.8823.

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://news.microsoft.com. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://news.microsoft.com/microsoft-public-relations-contacts.

Uber breach affected 57 million users, covered up for a year

Malicious actors stole personal data on hundreds of thousands of Uber drivers and millions of Uber users and the company allegedly covered up the breach for one year, including reportedly paying the attackers to keep quiet.

According to new CEO Dara Khosrowshahi, the Uber breach was due to two malicious actors accessing “a third-party cloud-based service” — reportedly GitHub and Amazon Web Services (AWS) — in late 2016 and downloading files containing names and driver’s license information on 600,000 U.S. Uber drivers and personal information — names, email addresses and phone numbers — for 57 million Uber customers from around the world. According to Bloomberg, which was first to report the Uber breach, the incident was covered up by two members of the company’s infosec team.

“None of this should have happened, and I will not make excuses for it. While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes,” Khosrowshahi wrote in a blog post. “We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”

Khosrowshahi said the “failure to notify affected individuals or regulators last year” prompted a number of actions, including firing the two individuals responsible for the Uber breach response — Joe Sullivan, former federal prosecutor and now ex-CSO at Uber, and Craig Clark, one of Sullivan’s deputies — notifying and offering ID and credit monitoring to the affected drivers, notifying regulators and monitoring the affected customer accounts.

Details of the Uber data breach

According to Bloomberg, the attackers accessed a private GitHub repository used by Uber in October 2016 and used stolen credentials from GitHub to access an archive of information stored on an AWS account.

Terry Ray, CTO of Imperva, said the use of GitHub “appears to be a prime example of good intentions gone bad.”

“Using an online collaboration and coding platform isn’t necessarily wrong, and it isn’t clear if getting your accounts hacked on these platforms is even uncommon. The problem begins with why live production data was used in an online platform where credentials were available in GitHub,” Ray told SearchSecurity. “Sadly, it’s all too common that developers are allowed to copy live production data for use in development, testing and QA. This data is almost never monitored or secured, and as we can see here, it is often stored in various locations and is often easily accessed by nefarious actors.”

Sullivan reportedly took the lead in the Uber breach response and, along with Clark, worked to keep the incident under wraps, including paying the attackers $100,000 to delete the stolen personal data keep quiet.

Khosrowshahi mentioned communication with the attackers in his blog post, but did not admit to any payment being made.

“At the time of the incident, we took immediate steps to secure the data and shut down further unauthorized access by the individuals. We subsequently identified the individuals and obtained assurances that the downloaded data had been destroyed,” Khosrowshahi wrote. “We also implemented security measures to restrict access to and strengthen controls on our cloud-based storage accounts.”

Jeremiah Grossman, chief of security strategy at SentinelOne, said it can be “difficult, if not impossible, for an organization to lock down” a vector like GitHub.

“Developers accidentally, and often unknowingly, share credentials over GitHub all the time where they become exposed,” Grossman told SearchSecurity. “While traditional security controls remain crucial to organizational security, it’s no good if individuals with access to private information expose their account credentials in a place where they can be obtained and misused by others.”

Willy Leichter, vice president of marketing at Virsec Systems, Inc., said if the details of this Uber breach cover up are verified, it could been extremely damaging for the company. 

“This is a staggering breach of customer trust, ethical behavior, common sense and legal requirements for breach notification. Paying hackers to conceal their crimes is as short-sighted as it is stupid,” Leichter told SearchSecurity. “If this had happened after the EU GDPR kicks in, Uber would cease to exist. That may be the outcome anyway.”

Uber breach ramifications

The 2016 breach is the latest in a long line of issues for Uber. At the time of the incident, Uber was already under investigation for separate privacy violations. The company is also battling various lawsuits from cities and users.

Jim Kennedy, vice president North America at Certes Networks, said Uber’s already questionable reputation should take a big hit.

“Most likely the Uber C-suite, seeing the repercussions of cyber-attacks on similar household names, were keen to avoid the reputational damage — a massive error of judgement,” Kennedy told SearchSecurity. “The reality is that customer distrust of the brand will be amplified by the company’s attempts to hide the facts from them and points to the need for change in the industry.”

Adam Levin, cyber security expert and co-founder and chairman for CyberScout, said the Uber breach is another example of the company “placing stock value over and above privacy at the expense of drivers and consumers.”

Customer distrust of the brand will be amplified by the company’s attempts to hide the facts from them and points to the need for change in the industry.
Jim Kennedyvice president North America at Certes Networks

“Uber did a hit and run on our privacy and created a completely avoidable extinction or near-extinction event, and further damaged and already tarnished brand,” Levin told SearchSecurity. “As ever, the goal for a company faced with a breach or compromise should be urgency, transparency and above all else, empathy for those affected.”

Ken Spinner, vice president of field engineering at Varonis, said the Uber data breach will likely “fire up already angry consumers, who are going to demand action and protection.”

“Every state attorney general is going to be salivating at the prospect of suing Uber. While there’s no overarching federal regulations in place in the U.S., there’s a patchwork of state regulations that dictate when disclosures must be made — often it’s when a set number of users have been affected,” Spinner told SearchSecurity. “No doubt Uber has surpassed this threshold and violated many of them by not disclosing the breach for over a year. This is the latest example of how hiding a breach rarely benefits a company and almost surely will backfire.”

Bitdefender Anti-Ransomware

Smallpox killed many hundreds of thousands before Edward Jenner worked out a technique for vaccination, a treatment that mimicked the effects of having already suffered and recovered from the disease. Bitdefender Anti-Ransomware uses a similar technique to keep your PCs safe from ransomware infection—similar enough that the company calls it ransomware vaccination. This free product offers protection against attack by a very specific collection of ransomware families. It isn’t even remotely a general-purpose antivirus tool, but it does exactly what it promises to do.

The key to this technique lies in the fact that the cybercrooks who inflict ransomware on the world don’t want it to infect the same PC twice. Such a double whammy might make it impossible to decrypt files, even if the victim coughed up the ransom. The first round of infestation by the recent Petya ransomware simply checked for the presence of a certain file, and called off its attack if that file was present. (Sorry, folks: Petya’s current version isn’t so easily defeated.)

Bitdefender Anti-Ransomware uses a variety of techniques to convince specific families of ransomware that your PC is already infected, thereby deflecting their attacks. It specifically works on TeslaCrypt, BTC-Locker, Locky, and the first version of Petya. For defense against any other encrypting ransomware attack, you’ll need a full-blown ransomware protection utility.

Getting Started with Bitdefender Anti-Ransomware

This product is a free download, and you can use it on any PC at all. Unlike many free antivirus utilities, there’s no restriction against using it in a commercial setting. Download it, install it, and you’re done.

Initially, I had the impression that users would run the utility once and be done with it. I was a bit surprised to find that it launches at startup and keeps running in the background. My contact at Bitdefender explained the mere presence of a static file isn’t sufficient to convince some ransomware families that the system is already infected. For those tougher cases, an always-on background process is necessary.


With Bitdefender Anti-Ransomware on the job, I released my collection of real-world ransomware samples one by one, in an isolated virtual machine. The product did exactly what it promised to do.

The TeslaCrypt ransomware behaves in a predictable fashion. The sample I use pretends to be a legitimate, digitally signed utility, but its installer drops a random-named malware executable in the Documents folder. That secondary program proceeds to encrypt your documents, and then displays its ransomware demand. With Bitdefender active, I saw the secondary program appear, launch, and quit—without doing any dirty deeds.

My BTC-Locker sample also pretends to be something legitimate, though it doesn’t bother with using a random-named secondary program. It, too, launched, ran for a while, and then exited, without encrypting any files. The same thing happened with my sample from the Locky ransomware family. It launched, ran for a while, and terminated, with no damage to the test system.

I don’t have a Petya sample, but my experience with the other three ransomware families demonstrates that Bitdefender Anti-Ransomware does indeed prevent attacks by those families.

Not Vaccinated

Of course, matters were quite different when I released another three samples, ransomware threats from families not included in this product’s vaccination. In each case, the ransomware silently encrypted important files and then displayed its ransom demand.

This makes perfect sense. A smallpox vaccine doesn’t protect you against cholera. Even that flu shot you get every fall only protects against certain strains of influenza. Bitdefender is completely effective against the ransomware families it targets, and completely ineffective against anything else. The product itself makes that point very clear, suggesting that you upgrade to full-scale Bitdefender protection. Indeed, Bitdefender Antivirus Plus successfully detected all of my ransomware samples and prevented them from doing any harm.

One of the missed samples belonged to the Cerber family, which most experts agree is the most widespread ransomware family at present. My Bitdefender contacts said that they’re researching the possibility of adding a vaccine for Cerber, but couldn’t promise a timeline.

Other Defenses

Rather than look for signs of specific, known ransomware threats, the most effective tools instead watch for behavior that indicates ransomware activity. Whether the attacker is the scion of a well-known ransomware family or an utter upstart, never seen before, this sort of tool should recognize it by its actions.

The use of behavior-based detection does mean that you may occasionally lose some files while the ransomware protection tool is busy analyzing behavior. For example, while Malwarebytes Anti-Ransomware did successfully and eliminate all of my samples, a Cerber-family threat encrypted several files before it was quashed. That same sample completely eluded Cybereason RansomFree.

Malwarebytes and RansomFree are both free products. From my experience thus far, you get better ransomware protection if you’re willing to pay a little. At $1.99 per month, Check Point ZoneAlarm Anti-Ransomware isn’t expensive. And in testing it both detected all the samples and completely reversed their actions, leaving no files encrypted.

One Layer of Protection

Bitdefender Anti-Ransomware’s vaccination technique cleverly subverts ransomware’s need to avoid double infection. For specific, known ransomware families, it makes your PC look like it’s already infected. However, outside of that known collection, it does nothing, so you can’t use it alone. At the very least, combine this product with a full-scale antivirus, or with a free behavior-based ransomware protection tool such as Malwarebytes Anti-Ransomware or Cybereason RansomFree.

Even if you choose to pay a little for our Editors’ Choice, Check Point ZoneAlarm Anti-Ransomware, you still need protection against other types of malware. Check out our reviews of antivirus and free antivirus tools, and make your choice.