Tag Archives: launched

Google’s OUC play muddies Istio service mesh outlook

Google launched Open Usage Commons last week and donated the trademark for its Istio service mesh project to the new organization, deepening ongoing industry debate about the project’s governance and long-term future.

Service mesh, which distributes network performance and security management workloads among a network of sidecar containers, has emerged as an important networking approach amid the rise of Kubernetes container orchestration and microservices. Istio, initially the brainchild of Kubernetes creator Google and IBM, captured immediate market attention when it emerged in 2017.

Industry buzz about potential problems with Istio’s open source governance first became widespread last fall when Google announced it would not donate another Kubernetes-related project, Knative, to an independent open source foundation. The company didn’t address Istio in that statement, but industry watchers concluded it, too, would not be destined for a foundation, and so far, that has been the case.

As a result, discussion about Knative at last year’s KubeCon was muted, and it became clear that Istio had not yet achieved the market domination of Kubernetes container orchestration, as competitors such as Linkerd and HashiCorp Consul Connect remained competitive among early service mesh adopters.

Now, debate about Istio’s governance has returned to a high pitch with the release of Istio’s trademark to the Open Usage Commons (OUC), an organization created by Google last week with the promise of improved trademark management for open source projects. In official blog posts about OUC, to which it also donated its Angular and Gerrit trademarks, Google indicated the organization will focus solely on trademark management for projects governed by other open source foundations.

“Foundations do great work, and the OUC is not trying to mirror existing foundations, running conferences, etc.,” said Chris DiBona, head of open source for Google and its parent company, Alphabet, in a statement provided by a Google spokesperson this week. “The OUC is focused on a very specific pain point we see in open source — trademarks.”

Industry observers noted that trademarks have historically been an underserved aspect of open source governance.

“The industry has typically handled them via common consensus rather than explicit legal mechanisms as it has for, say, copyright,” wrote RedMonk analyst Stephen O’Grady in a blog post last week.

But trademarks can be just as important when it comes to dictating how open source software is used, and they have been the cause of contention in open source communities in the past — for example, Elastic Inc.’s legal complaint against AWS for its Elasticsearch service focuses on trademark infringement.

However, O’Grady lamented Google’s decision to involve Istio in OUC, saying it created an unnecessary distraction from these issues.

“Predictably, discussions of the foundation have been colored by impressions of Google’s stewardship of and behavior around the Istio project,” O’Grady wrote. “In many cases, perhaps the majority of cases, discussions of the OUC devolve into a referendum on Istio rather than the trademark foundation.”

This could also be because there isn’t much material to discuss yet on the trademark front; OUC has not yet published a specific trademark policy, or detailed guidelines for third-party participation in the organization. Nor has the organization specifically addressed what pains exist with current open source trademark policies at open source foundations including The Linux Foundation / Cloud Native Computing Foundation (CNCF), or how OUC will be different.

Google reps this week also declined to specify a time frame for publication of more detailed trademark policy and third-party participation guidelines.

Istio uncertainty gives some users pause — but not all

The OUC news surprised even Google’s major Istio partner, IBM, which registered its objection to the move in a terse company blog post. In it, IBM indicated Google had reneged on an early promise to donate Istio to the CNCF, which Google co-founded with IBM and other tech giants to house Kubernetes five years ago.

“IBM continues to believe that the best way to manage key open source projects such as Istio is with true open governance, under the auspices of a reputable organization with a level playing field for all contributors, transparency for users, and vendor-neutral management of the license and trademarks,” wrote IBM cloud platform vice president Jason McGee in the IBM post.

The CNCF also published an explanation of its approach to trademarks, which did not specifically mention OUC, but which was posted July 8, the same day OUC was launched.

One enterprise IT pro highly involved in open source communities said his company has begun to experiment with Istio service mesh, but hasn’t yet put it into production in part due to ongoing uncertainty about the project’s governance, including the lack of detail about OUC’s trademark policy so far.

“There are probably venues where they could’ve prompted this discussion [about open source trademarks] in existing organizations, but they went off and created this thing and made a big splashy announcement without any actual meat behind it,” said the IT pro, an engineer at a large enterprise who requested anonymity because his company does not want to take a public stance on Open Usage Commons yet.

Nicolas ChaillanNicolas Chaillan

While much of the initial reaction to OUC, and Istio’s presence within it, was negative, another Istio early adopter dismissed the controversy as misinformed. In a less-heralded move, Google has also been working behind the scenes to change Istio’s project charter to add end user members to its steering committee. Istio’s technical oversight committee also already has members from companies other than Google, including IBM, Red Hat, Aspen Mesh and Tetrate, said Nicolas Chaillan, chief software officer for the U.S. Air Force.

“I put Google a little bit on the spot and said I’d stop using Istio within a year if they didn’t give it to a foundation, particularly the trademark,” Chaillan said.

However, OUC and the proposed changes to the steering committee charter are enough to assuage Chaillan’s concerns about the project’s governance.

Trademark ease of access is critical, and it’s important that other companies can use the project name and build products around it. If one company controls the trademark, by definition it makes it something we can’t use.
Nicolas ChaillanChief Software Officer, U.S. Air Force

“Trademark ease of access is critical, and it’s important that other companies can use the project name and build products around it,” he said. “If one company controls the trademark, by definition it makes it something we can’t use.”

Google has yet to accept any non-Google projects into OUC, but the OUC’s board of directors includes members from outside the company, including academic organizations, other open source foundations and one cloud service provider, SADA Systems. End user members have also not yet been elected to Istio’s steering committee, and Istio contributors must sign a Google-specific contributor license agreement, but Chaillan said he’s convinced the project is on a path to open governance, with or without the CNCF.

“What matters is the outcome, not which foundation it goes to,” Chaillan said. “Once they take care of the steering committee changes, it checks all the boxes for me.”

Multi-cloud outlook still, well, cloudy

Another potential obstacle to widespread Istio adoption is a major architectural change introduced in version 1.5 earlier this year. Coupled with uncertainty around the specifics of the OUC, as well as proposed but not-yet-official changes to the project’s governance, the overall outlook for Istio is mixed at the moment, according to one IDC analyst.

Brad CasemoreBrad Casemore

“Among customers with whom we’ve spoken recently … [these factors have] caused them to look more broadly at options,” said Brad Casemore, vice president of data center networks at the analyst firm in Framingham, Mass. “It’s caused them to ask more questions and be more open to looking at competitors.”

The architectural change in Istio 1.5 was the right move and done for the right reasons, Casemore said, but it has made prospective users more cautious in their evaluation of the service mesh framework.

Continued uncertainty about Istio’s governance won’t be a showstopper for every enterprise, he added, since many companies choose technology based on support from a major cloud provider or trusted vendor, such as IBM.

However, IBM’s clear displeasure at Google’s OUC move leaves open the question of whether it might eventually switch support to another service mesh project. Similarly, if Istio is seen as a Google-controlled project, cloud provider competitors will likely move forward with their own service mesh control planes rather than signing on with Istio.

None of this means Istio won’t remain viable, Casemore said, but it’s increasingly unlikely it will reach the same industry-standard status as Kubernetes. This would complicate the multi-cloud portability vision for Kubernetes if the market for multi-cloud networking remains fragmented, and potentially shift enterprise vendor lock-in into the multi-cloud management layer, he said.

“Kubernetes was the clear winner from a long way out,” Casemore said. “There doesn’t seem to be a similarly universal service mesh.”

Go to Original Article
Author:

Contact tracing apps seem effective, but have privacy concerns

When the state of Rhode Island launched a contact tracing app for COVID-19 in May, public health officials said the program could help curtail the pandemic, but privacy advocates worry that the app, and ones like it, take too much data while potentially sharing it with too many people.

As stores, restaurants, parks and offices in the U.S. begin to open back up months after the first COVID-19 related stay-at-home orders, enterprises and governments face the difficult challenge of providing goods and services while keeping people safe.

To tackle that challenge, enterprises and governments are turning to technology to create contact tracing apps.

Balance of safety and privacy

A decades-old strategy to help slow the spread of contagious diseases, contact tracing is the process of identifying infected people and tracking down who they have been in contact with and notifying them of a potential infection.

While this was largely done manually in the past, enterprises, as well as local and state governments, are beginning to use apps to do it, including mobile applications that use location data to track a person’s whereabouts, to more quickly and effectively track where COVID-19 may have spread. Using AI-powered big data analytics, governments and enterprises can then process the data more anonymously.

Contact tracing apps, however, have raised concerns from privacy advocates, who say that some platforms either take too much identifying information, such as GPS data, give too much data to government authorities, or both.

The Electronic Frontier Foundation (EFF), for one, explicitly opposes automated COVID-19 contact tracing apps that track location through GPS or cell phone location, as well as apps that send information about possibly infected people directly to the government.

 “This data is highly intrusive of location privacy, yet not sufficiently granular to show whether two people were within transmittal distance (six feet),” said Adam Schwartz, senior staff attorney at the EFF.

Rhode Island, with its recently unveiled CRUSH COVID RI app, is an example.

Released May 19, the app uses GPS location data to track the people and places users visited for at least 10 minutes over the past 20 days. If a user tests positive for COVID-19, they can agree to share their location data with the state health department so it can identify people the user was in contact with and alert them.

CRUSH COVID RI app
CRUSH COVID RI application

Signing up for the app is voluntary, and location data, unless shared with the health department, is stored entirely on users’ phones. It’s deleted after 20 days.

Despite the fact that these apps are voluntary, privacy advocates worry that apps that use GPS data to track people, and that send data to the government, are invasive.

 “We are disappointed that some nations and states are using location apps and hybrid location/proximity apps. The voluntariness of such apps does not cure the lack of data minimization,” Schwartz said.

The American Civil Liberties Union was similarly critical of such contract tracing technologies, saying they carry some inherent risk of exposing an infected person’s medical condition to people with whom they come in contact.

However, some contact tracing platforms aim to be privacy-friendly.

These include a Google-Apple initiative, which has drawn wide interest, as well as a tracing app from the Pan-European Privacy-Preserving Proximity Tracing consortium.

These mobile apps use a phone’s Bluetooth Low Energy beacons to interact with other phones, enabling the phone of an enrolled user to announce itself with a different random large number to nearby phones every few minutes. Phones keep a log of the numbers they send out, as well as the numbers sent out by nearby phones.

If a user is diagnosed as infected with COVID-19, they can then voluntarily upload the that list of numbers to a central server. Those users who are not infected have their numbers automatically compared to the numbers on the server. If enough numbers match, then users are notified that they may have been in contact with someone who is infected.

That’s different from Rhode Island’s new app, which uses GPS data and which uploads information to government officials.

A Bluetooth system is more accurate and less revealing than an app that uses geolocation data, an ACLU white paper on tracing apps noted. While Bluetooth tracking could potentially reveal associations, it’s less likely to do so.

The EFF, likewise, is wary about contact tracing apps that track proximity using Bluetooth, Schwartz said.

“This system might not help; if it does, it will be a small part of a larger public health response that must focus on manual interview-based contact tracing and widespread testing,” he said.

“This system carries privacy risks that must be mitigated through voluntariness, data minimization and open source code. We oppose hybrid tracking apps that use both proximity and location,” Schwartz continued.

Enterprise-level

Meanwhile, national governments around the world, including the governments of South Korea, Singapore, China and Australia, have developed and released contact tracing apps. Some enterprises are also beginning to consider the implications of having their employees use contact tracing apps.

Enterprises with global operations have particularly shown a greater willingness to use technology-based contact tracing within countries with less legal or cultural opposition to contact tracing, said Deborah Golden, U.S. cyber risk services leader at Deloitte Risk and Financial Advisory.

“In the U.S., we expect that organizations will likely lean on a variety of approaches to reach the next normal. Some organizations may even bypass this challenge altogether and realize they are able to maintain fully remote operations in perpetuity,” Golden said. “Others that are more dependent on physical presence may consider a combination of physical protocols.”

Before using or developing contact tracing apps, however, governments and enterprises need to deeply consider the privacy implications the platform may have, as well as methods to help ensure users’ personal data stays safe and anonymous, she noted.

The creators

Regardless of the method used for contact tracing, or who is deploying the apps, companies that create such apps need to ensure they are anonymizing data and keeping people’s information private, according to some vendors.

Maven Wave, an Atos-owned technology consulting firm that specializes in digital delivery skills and cloud-powered applications, is working with vendors to develop technology-assisted contact tracing (TACT) apps.

“There’s a whole bunch of things that need to happen” to keep information private, said Brian Ray, managing director of AI and machine learning at Maven Wave.

“Redaction, making data points anonymous, having a control system in place, having a way to audit that process” are just some of the things tech companies need to do, he said.

Meanwhile, enterprises considering using TACT apps should take into account many privacy and data protection concerns, regardless of whether contact tracing apps require users to opt in, said Golden.

Organizations should carefully consider how this data will be protected, accessed, stored, transmitted and reported.
Deborah GoldenU.S. cyber risk services leader, Deloitte Risk and Financial Advisory

“In adopting these technologies, organizations are creating large datasets of sensitive personal health information and personally identifiable information,” she said. “Organizations should carefully consider how this data will be protected, accessed, stored, transmitted and reported.”

“Leaders need to think through where organizational lines of responsibility exist for communication with regulatory officials, employees, customers and other stakeholder groups, as well as how communication should occur to foster trust and transparency — particularly when disparate regulatory guidance may exist across geographies or industries,” Golden continued.

Yet, governments and the public may have different, even opposing, views about what data should be shared, added Asif Dhar, chief health informatics officer and a principal in Deloitte Consulting’s Monitor Deloitte practice, which is working with states and companies to build and deploy contact tracing apps.

“Active engagement with consumers and employees is critical to gain an appreciation of their preferences to establish clear expectations,” he said. “For example, organizations should establish clear consenting platforms so that stakeholders understand when and under what circumstances data is used.”

Without a focus on trust and transparency, organizations may risk low acceptance of apps, Dhar continued. Organization should also consider ways to adequately protect data, including where data is stored, who can access it, and how and when it can be accessed.

Still, even if enterprises or governments set up fairly secure, anonymized contact tracing apps, it’s no guarantee they will provide the information needed to keep people safe.

Effectiveness of apps

How many people use available contact tracing apps can play a part in their effectiveness.

If only a few people download and use an app, the app may convey inaccurate results, such as indicating to officials that fewer people are getting infected. That may create a false sense of security. People simply not getting tested, or not changing their infection status in the app, would also skew the results.

But according to Prince Kohli, CTO at RPA vendor Automation Anywhere, people are generally willing to download the apps and provide data.

Automation Anywhere helped develop contact tracing apps in conjunction with other companies in several countries, including Australia and China. Some apps ask users to answer surveys about where they have been and their medical status. Most people have been willing to answer questions like these, said Kohli.

“This is not data that people are trying to hide,” he said.

A usage rate as low as a 10% to 20% in a group could provide relevant results, Kohli said, as long as the percentage indicates a truly random sampling of people.

Even so, app usage and COVID-19 testing rates aren’t the only determining factors of an app’s effectiveness.

While use thresholds are an important factor, other considerations, such as whether a person has their phone on them when going out or not, or if a person travels across disparate geographical areas, can help determine efficacy, according to Golden.

The Rhode Island app, for example, can’t be downloaded by users outside of Rhode Island, making it useless for tracking visitors to the state.

“Although contact tracing applications may be an important tool in a country’s ability to return to work, there is no silver bullet in getting back to normal,” Golden said. “Organizations cannot negate the opportunity that human contact tracers and other physical and digital health safety tools and protocols offer.”

Go to Original Article
Author:

Using data and IBM AI to make coronavirus economic predictions

Global digital marketing firm Wunderman Thompson launched its Risk, Readiness and Recovery map, an interactive platform that helps enterprises and governments make market-level decisions, amid the coronavirus pandemic.

The platform, released May 21, uses Wunderman Thompson’s data, as well as machine learning technology from IBM Watson, to predict state and local government COVID-19 preparedness and estimated economic recovery timetables for businesses and governments.

Building a platform

The idea for the Risk, Readiness and Recovery map, a free version of which is available on Wunderman Thompson’s website, originated two months ago as the global pandemic accelerated, said Adam Woods, CTO at Wunderman Thompson Data.

“We were looking at some of the visualizations that were coming in around COVID-19, and we were inspired to really say, let’s look at the insight that we have and see if that can make a difference,” Woods said.

A global marketing subsidiary of British multinational communications firm WPP plc, Wunderman Thompson has collected thousands of data elements on 270 million people in the U.S, including transaction, demographic and health data. That data, which is anonymized, led the company to understand the potential economic impact of the coronavirus quickly.

“We’ve seen the economic damage that this has caused, and we see that because we have access into really deep transactional data,” Woods said. “We were able to watch the ball drop almost in real time.”

We’re focusing on “how do we help brands that we work with really understand the right response and the way they should reopen their operations,” he said.

Wunderman Thompson, Risk, Readiness, Recovery
Wunderman Thompson’s Risk, Readiness and Recovery tool uses IBM Watson.

Wunderman Thompson Data, the technology arm of the company, developed the interactive Risk, Readiness and Recovery platform using that data.

Machine learning technology from IBM Watson proved to be an integral part of the platform.

Two data-centered companies

Wunderman Thompson Data started working with IBM Watson about a year ago. Wunderman Thompson Data had a data lake and consolidated data did not have modern tools to build machine learning models, Woods said.

So, the firm looked at the products from several different data science and AI vendors before settling on IBM.

We were able to watch the ball drop almost in real time.
Adam WoodsCTO of Wunderman Thompson Data

IBM provided a scalable system to help with Wunderman Thompson’s data science problem using Watson Studio, a machine learning-as-a-service platform with tools for data preparation, drag-and-drop machine learning model building and data visualization.

“They are very confident in their ability to work a problem at this scale,” Woods said, adding that Wunderman Thompson Data has about 20,000 different features it can bring into a machine learning model.

“We can do really fast, high-quality model understanding with those tools,” he said.

Wunderman Thompson Data brought in IBM’s Data Science Elite Team, a consultancy that works with customers to tackle AI- and analytics-related use cases, to set up a rapid growth testing model.

“Organically, we knew these were the right things to do, but we just didn’t have a way to get the project done,” Woods said.

The IBM and Wunderman Thompson partnership eventually powered the Risk, Readiness and Recovery platform, which uses Wunderman Thompson’s data and machine learning models built with IBM Watson Studio.

Risk, Readiness and Recovery

The platform, as the name suggests, focuses on three areas:

  1. Risk. Health conditions, COVID-19 and census.
  2. Readiness. Health support within communities.
  3. Recovery. The impact of COVID-19 on the economy.

Risk identifies how much a given local government organization or zip code area in the U.S. is at risk from COVID-19. Readiness, meanwhile, identifies how prepared an area is by looking at its hospital and intensive care unit availability, and Recovery identifies how economically affected local areas are, how fast they might recover and when they might return to normal.

Wunderman Thompson Data is selling the tool to state and local governments, as well as to enterprise customers.

“We’ve been able to really quickly look at this [data] and bring it to a position …to help brands in a highly localized way,” Woods said.

As the economic fallout and, in some places, recovery from the worst of the pandemic continues, it’s going to be on a “vastly different county and county basis, and we can see that in the data,” Woods said.

Go to Original Article
Author:

IBM’s Watson AIOps aims to help networks run smoothly

Entering a crowded marketplace, IBM launched Watson AIOps, a tool aimed at helping CIOs automatically keep their IT networks running smoothly.

The new product, released at the tech giant’s IBM Think 2020 conference, held virtually, comes as much of America’s workforce is working remotely as the COVID-19 pandemic has forced organizations across the country to close offices. As enterprises move more, and in some cases, entirely, online, many are finding that network stability is even more important now than before the public health crisis.

Managing networks

“Watson AIOps addresses the need for IT departments to solve problems remotely and drive more automation into inefficient processes,” said Nick McQuire, senior vice president and head of AI and enterprise research at CCS Insight.

The AIOps system enables enterprises to add automation at the infrastructure level to detect, diagnose and fix IT anomalies. It aims to help CIOs build and manage more responsive, intelligent and longer-lasting networks, IBM said.

“We want to arm every CIO in the world to use AI to predict problems before they happen, fix problems before they happen,” and quickly address the problems that do arise, said Rob Thomas, senior vice president of IBM Cloud and Data Platform, during a conference call with media.

“The CIO needs a powerful AI … helping to run the operation,” he continued.

Watson AIOps, which comes out of the IBM Research division, is built on the latest release of Red Hat OpenShift, enabling it to run across hybrid cloud environments. Through a variety of vendor partnerships, the product can work in concert with workplace tools, including Slack and Box, as well as with providers of traditional IT monitoring platforms, including ones from online chat service vendor Mattermost and ServiceNow.

The right time

For McQuire, Watson AIOps, IBM’s first significant move into the AIOps market, comes at a time when enterprises are struggling with the economic impact of the coronavirus, and are looking for new technologies and practical strategies to survive.

Arvind Krishna, IBM CEOArvind Krishna

IBM also appears to be basing its strategy with the AIOps technology on that worldview. Arvind Krishna, IBM’s new CEO, said Tuesday during a live-streamed keynote from the virtual conference that the pandemic is an opportunity to develop new solutions, partnerships and ways of working.

The pandemic has shown the need for technological change and will ultimately accelerate enterprises’ digital transformations and AI adoption, Krishna said.

“I strongly believe that AI can play a critical role in assisting clients during this uncertain time,” he said.

A crowded market

Still, despite the decisive move by IBM, several of IBM’s key competitors already have similar tools to automate business processes, McQuire noted.

Vendors such as Cisco, Moogsoft and Splunk, for example, have long provided advanced AIOps capabilities. At the same time, major cloud vendors, including Microsoft and AWS, offer AIOps tools on their platforms or maintain close partnerships with AIOps vendors.

Watson AIOps “will undoubtedly raise the temperature of the AI wars between the major cloud vendors as technologies like process automation become a key battleground,” McQuire said.

More AI tools

Timed with the release of Watson AIOps, IBM also revealed Accelerator for Application Modernization with AI, a new capability within IBM’s Cloud Modernization service designed to reduce the effort and costs associated with application modernization.

Watson AIOps addresses the need for IT departments to solve problems remotely and drive more automation into inefficient processes.
Nick McQuireAnalyst, CCS Insight

The new product, through several AI-powered tools can plot the best path for application optimization, help make applications cloud-ready, and automatically understand legacy code to recommend microservices that can shorten the time to modernizing older applications.

The company also revealed updates to a few of its AI and automation platforms.

IBM Cloud Pak for Data 3.0 added several extensions to the data and AI platform, including IBM Planning Analytics, an automated planning, budgeting and forecasting tool.

Meanwhile, a recent update to IBM Cloud Pak for Automation, a platform for designing, building and running automation applications, simplifies the building of automated workers. With the update, users can more easily develop and manage employees working remotely, as well as quickly assign simple jobs to them, such as invoicing.

Go to Original Article
Author:

Microsoft faces hurdles in selling Teams to first-line workers

Microsoft has launched a public relations campaign to convince businesses that its Teams collaboration app is suitable for use by so-called first-line workers. At stake is a significant expansion of Teams into the lives of workers ranging from retail associates to housekeepers to factory hands.

Success will depend on how well the tech giant develops more industry-specific features and recruits additional hardware partners. Both are needed to drive  Microsoft Teams into first-line segments of the workforce, industry analysts said.

“We should not be impressed by a press release,” said Michael Finneran, principal at dBrn Associates Inc. “And at this point what they have is a press release.”

The capabilities Microsoft is adding to Teams are nothing new, Finneran said. The same kinds of features are already available to first-line workers today from established technology vendors like Motorola Solutions and Spectralink, as well as from numerous startups with apps for specific industries.

What’s more, Microsoft has so far discussed first-line workers in broad terms. But nurses, field technicians, and workers on the floor of a manufacturing plant have very different technology needs. The company won’t be taken seriously by many potential customers until it demonstrates an understanding of their industry.

Microsoft will also need hardware partners. Retail sales associates and warehouse workers typically use shared mobile devices with unique features and strict access controls. But many of Microsoft’s features for first-line workers seem to require businesses to let employees use personal smartphones at work.

Microsoft has only just begun to build that hardware ecosystem. Samsung announced this month it would launch a smartphone for first-line workers that will come pre-integrated with a new walkie-talkie feature in Teams. The device, the Galaxy XCover Pro, will launch sometime in the first half of 2020.

Similarly, Microsoft is still in the early stages of rolling out many of the features for first-line workers that its marketing department has hyped in blogs and press releases. 

Some of the newest features won’t launch for months or longer — and when they do hit the market, they’ll only be available in preview. Technology released in preview mode is in the early stages of development. Large organizations often have policies against using software before it passes beta testing.

For example, a walkie-talkie feature in Teams that drew headlines earlier this month won’t be available until mid-2020. Even then, it will only ship to select users in a private preview. Several other device-related Teams features will launch in a public showing. Those capabilities include SMS sign-in, shared device sign-out and a portal for managing devices.

Nevertheless, Microsoft could succeed in getting first-line workers to use Teams in the long run, analysts said. The company has billions of dollars to spend and already has a foot in the door with most enterprises in the world.

“Microsoft can get there if they want to, but they ain’t getting there without really putting their nose to the grindstone,” Finneran said.

Microsoft said in a statement that it has already made progress in getting companies with first-line workers to use Teams. The businesses include plumbing supply firm Ferguson and retailers Ikea and Mattress Firm.

“These are just a few of the companies on the leading edge of involving the first-line workforce in digital transformation,” Microsoft said. It did not provide details on how those companies’ employees were using Teams.

Microsoft’s broad software portfolio will give the company a leg up. Beyond Teams, Microsoft can offer customers a productivity suite, a customer relationship management app and platforms for e-commerce and internet of things (IoT) projects.

“Microsoft is just able to bring more of the pieces to the solution than a lot of its competitors,” said Rob Arnold, analyst at Frost & Sullivan.

And Microsoft has a clear financial incentive to follow through on its rhetoric.

So-called knowledge workers — the kind of desk-based employees who use software like Microsoft Office — represent only 15% to 25% of the U.S. workforce. Worldwide, the percentage falls to 10% to 15%, according to calculations by PKE Consulting LLC.

The rest of the workforce comprises service workers, like bank tellers, nurses, UPS drivers, waiters and maids.

Those kinds of workers haven’t used collaboration apps like Teams in the past. But Microsoft could significantly increase its market footprint if it convinces them to use Teams in the future, said Raúl Castañón-Martinez, analyst at 451 Research.

“I think they are definitely very serious about going after that segment,” he said.

Go to Original Article
Author:

SMBs grappling with digital transformation initiatives

Small and medium-sized businesses across the board have either recently launched or are in the process of launching digital transformation initiatives, but many are running up against obstacles.

The results of the inaugural Insight 2020 Technology Report: IT Trends for Midmarket and Small Business, a study based on input from more than 400 North American IT professionals at independent and emerging businesses, highlighted that dilemma. Insight Enterprises conducted the research.

Technology has become a corporate cornerstone, even for small businesses, according to the report. “Enterprises recognize that they need to embrace leading-edge technology in order to remain competitive,” said Joseph Clinton, central region sales director at Insight Enterprises.

Organizations expect that embracing digital transformation will positively impact their operations, the report said. The top three business areas that respondents said digital transformation initiatives would help improve are customer experience, cited by 43%; operational efficiency, 42%; and workforce productivity and collaboration, 42%.

Digital transformation challenges

Realizing the potential benefits of digital transformation has been vexing, however. Close to half of the study’s respondents, 49%, said integrating new technology with legacy systems is very or extremely challenging when dealing with IT service providers. “Many companies perform a lift and shift. They simply take their existing applications and port them to the cloud,” Clinton explained. “In those cases, they do not take advantage of any of the modernization features available in the new environment.”

Steps for digital transformation chart
Four essential steps to digital transformation

Funding also poses issues for these initiatives. The study found that 44% of respondents pointed to budget constraints as an inhibitor to embracing digital transformation.

Additionally, when attempting to equip their businesses with the latest technology, 45% of SMBs said understanding which new technologies to invest in is an area of concern. Many new systems are cloud-based, and cost is a key obstacle here, as well. Comparing cloud pricing to current expenditures is the most frequently cited barrier to migration, cited by 56% of SMB respondents.

Building a digital transformation framework

So, how can a company address its digital transformation challenges? “Businesses need a framework, a plan that aligns where they are today to where they want to be in the future,” Clinton said.

Businesses need a framework, a plan that aligns where they are today to where they want to be in the future.
Joseph ClintonCentral region sales director, Insight Enterprises

But in many cases, these organizations lack the technical depth to create the plan — a task that channel partners can help with. “There are a lot of potential pitfalls,” Clinton said. “Businesses need to get their applications and employees ready for the change. The bursting that cloud offers can be helpful, but it can also be expensive. In some cases, modern applications cost much more than legacy systems.”

As a result, corporations should not automatically assume the cloud offers them a better deployment model than legacy infrastructure. They need to create a methodology to see which workloads should move. Channel partners with deep cloud experience are in prime position to help them make the right call, Clinton said.

Go to Original Article
Author:

World Childhood Foundation marks 20 years with focus on AI and child safety online – Microsoft on the Issues

World Childhood Foundation, launched in 1999 by Queen Silvia of Sweden, recently marked 20 years of child protection with a roundtable on leveraging artificial intelligence (AI) to assist in tackling child sexual exploitation and abuse online.

The day-long event, held last month at the Royal Palace in Stockholm, brought together 60 AI experts, representatives from technology companies, child safety advocates, academics and others to explore new ways to combat the proliferation of child sexual exploitation and abuse imagery (CSEAI) online.

“How can we use AI as a catalyst for child safety online,” asked King Carl XVI Gustaf, who, along with Queen Silvia and other members of Sweden’s royal family, presided over the day’s discussions. “New approaches are needed, so we are bringing together some of the sharpest minds in AI and child protection to share knowledge and experiences.”

The event consisted of a series of presentations, panels and small-group discussions about raising awareness among the broader global population about the “epidemic” that is child sexual exploitation and abuse, as well as the misuse of technology to share illegal imagery and enable on-demand abuse of children tens of thousands of miles away. Experts shared experiences, ideas and data, including that reports of child sexual abuse videos to the U.S. National Center for Missing and Exploited Children (NCMEC) had risen 541% in 2018 compared to the prior year. Moreover, children of all ages and backgrounds are susceptible to sexual exploitation with more than 56% of the children in Interpol’s database identified as prepubescent. “Nothing surprises us anymore,” said one law enforcement official.

More, faster needed from all stakeholders

The roundtable concluded with a series of observations and recommendations from a variety of sectors, including law and public policy, technology, and victim advocacy, including that:

  • Governments need to take a more active role in addressing the issue. Indeed, no country or society is immune from child sexual abuse and the vile content that makes its way online. Experts acknowledged the work of some standouts governments like the U.K., Australia and others, but called for more globalization and harmonization
  • Children need to be acknowledged as rights-holders, including their right to privacy, and not just as “objects in need of protection”
  • Speed will continue to present a challenge with technological advancements moving at internet speed; academic research occupying a distant second position; and policy, law and regulation lagging significantly behind
  • Civil society needs to do more and, in particular, victims’ rights groups and other organizations must inject a sense of urgency into the dialogue, and
  • Hope must be offered by believing in the brilliance and power of the human and the machine working together to combat such deep-rooted societal ills

I had the privilege of attending and presenting details on the progress of the development of a new method to detect potential instances of child online grooming for sexual purposes. The technique is the result of a cross-industry hackathon that Microsoft hosted in November 2018. Engineers from Microsoft and three other companies continued to develop the process for 12 months following the hackathon, and we intend to make it freely available in 2020 to enable others to examine historical chat conversations for potential indicia of grooming. (Grooming for sexual purposes takes place when someone befriends a child with the intent of gaining the child’s trust for sexual abuse, sexual exploitation or trafficking.) For more about the technique being developed, see this post.

Queen Silvia builds on Vatican remarks

The week before the Stockholm roundtable, a number of attendees also participated in a conference in Rome, Promoting Digital Child Dignity: From Concept to Action. This event was sponsored by the Vatican’s Pontifical Academy of Social Sciences, the Child Dignity Alliance and the government of the United Arab Emirates.

Queen Silvia was a featured speaker at the Rome conference, noting that when she founded World Childhood Foundation, she hoped she could use her voice to highlight the global problem of child sexual exploitation and abuse. She imagined that the foundation would soon close because it would no longer be needed, as the global scourge that is child sexual abuse would have been eliminated. “To speak about the unspeakable, and to give children back their right to a childhood,” she said. “(Yet,) 20 years later, here we are, with an ever-increasing number of children at risk of abuse and exploitation online.”

Along with several speakers that followed her in Rome, the queen called on all stakeholders to come together and do more: policymakers, technology companies, civil society and faith-based groups. “For the child who has suffered abuse; for the child who is at risk; for the child who carries guilt and shame – for this child, we have to speak with one voice and to act collectively.” (The Queen’s Rome remarks were distributed to participants of the Stockholm roundtable.)

A third landmark event on combating CSEAI will be held later this month in Addis Ababa, Ethiopia. The African Union, the WePROTECT Global Alliance and the U.K. Government will sponsor the Global Summit to Tackle Online Child Sexual Exploitation on December 11 and 12.

Microsoft and the challenge of Online Child Sexual Exploitation  

This increased attention from several corners of the globe and from new and different stakeholder groups is both needed and encouraging. Additional strides will follow only when we embrace a whole-of-society approach and all stakeholders take part in this important fight.

Microsoft has been combating the spread of CSEAI online for nearly two decades. We first became aware of the magnitude of these online horrors in 2003 when a lead detective from the Toronto Police Department sent an email to our then CEO Bill Gates, asking for help using technology to track down purveyors of CSEAI and for assistance with the detective’s goal of rescuing child victims. Microsoft responded with a $1 million investment and the creation of a technology still in use today by some law enforcement agencies to share investigative information.

Our commitment to create technology to help fight CSEAI online continued with the invention of PhotoDNA, PhotoDNA Cloud Service and PhotoDNA for Video. Progress has been made over the last 20 years, but more needs to be done, including raising awareness, educating young people and the wider public, reporting illegal content to technology companies and hotlines, and continuing to create technologies and techniques to assist in online detection and reporting.

Learn more

To learn more about the World Childhood Foundation, visit the organization’s website. To learn what Microsoft is doing to tackle child sexual exploitation and abuse online, see this link, and to learn more about digital safety generally, go to www.microsoft.com/saferonline, like us on Facebook and follow us on Twitter.

Tags: , , , , ,

Go to Original Article
Author: Microsoft News Center

Zoom Chat update takes vendor further beyond video

Zoom has launched a Zoom Chat update that demonstrates the video-conferencing vendor’s ambition to become a one-stop shop for business communications.

Zoom has made the Chat messaging app suitable for a broader range of collaboration scenarios. The more extensive capabilities bolster the product’s role in the vendor’s portfolio, which also includes the expanding cloud calling service, Zoom Phone.

The two products, combined with the vendor’s flagship video conferencing service, show that Zoom wants to become an all-in-one UC provider.

However, to reach its goal, Zoom still has to catch up with rivals. The updates to Zoom Chat unveiled this week underscore that the product remains far behind leading messaging apps with regards to features and integrations.

Zoom added support for reply threads and emoji reactions. The former is an essential tool for keeping messaging channels organized. The app also now gives users the ability to send notifications to everyone in a channel, and for admins to use channels to make announcements.

Users’ profiles are another new feature, showing each employee’s location, department and job title. Colleagues can link to those profiles by tagging their coworker in a message using “@.”

These are standard features that leading apps like Slack and Microsoft Teams have long supported. Nevertheless, by steadily adding features, Zoom is making its portfolio more attractive to businesses that want to buy communications services from a single vendor, analysts said.

Zoom is trying to get businesses to use more of its products by encouraging its video customers to adopt Zoom Phone. But more aggressively pushing Zoom Chat would bring the vendor into conflict with Slack, a close partner. That’s a scenario Zoom executives previously said they wanted to avoid.

“A Zoom Chat app, integrated with Phone and Meetings, makes a great deal of sense,” said Irwin Lazar, an analyst at Nemertes Research. “I think it will be interesting to see how aggressive Zoom is in the next year with adding features and integrations to its own chat app.”

Zoom is now a telephony service provider in six countries through Zoom Phone, with a beta service available in 11 additional locations. Outside of those countries, businesses can power Zoom Phone using third-party telephony services.

At Zoomtopia 2019, the vendor’s annual user conference in October, CEO Eric Yuan said Zoom Phone was raising Zoom Chat’s profile within the portfolio. 

“The more we focus on voice, we need chat,” Yuan said at the time. “As we sell more and more phone systems, I think chat will be key for us as well.”

Meanwhile, Zoom on Thursday delivered a better-than-expected earnings report for the quarter, bringing in $166 million in the three months ended Oct. 31. Valued at roughly $19 billion, Zoom now expects to generate revenue between $609 million and $610 million in the year.

Go to Original Article
Author:

SageMaker Studio makes model building, monitoring easier

LAS VEGAS — AWS launched a host of new tools and capabilities for Amazon SageMaker, AWS’ cloud platform for creating and deploying machine learning models; drawing the most notice was Amazon SageMaker Studio, a web-based integrated development platform.

In addition to SageMaker Studio, the IDE for platform for building, using and monitoring machine learning models, the other new AWS products aim to make it easier for non-expert developers to create models and to make them more explainable.

During a keynote presentation at the AWS re:Invent 2019  conference here Tuesday, AWS CEO Andy Jassy described five other new SageMaker tools: Experiments, Model Monitor, Autopilot, Notebooks and Debugger.

“SageMaker Studio along with SageMaker Experiments, SageMaker Model Monitor, SageMaker Autopilot and Sagemaker Debugger collectively add lots more lifecycle capabilities for the full ML [machine learning] lifecycle and to support teams,” said Mike Gualtieri, an analyst at Forrester.

New tools

SageMaker Studio, Jassy claimed, is a “fully-integrated development environment for machine learning.” The new platform pulls together all of SageMaker’s capabilities, along with code, notebooks and datasets, into one environment. AWS intends the platform to simplify SageMaker, enabling users to create, deploy, monitor, debug and manage models in one environment.

Google and Microsoft have similar machine learning IDEs, Gualtieri noted, adding that Google plans for its IDE to be based on DataFusion, its cloud-native data integration service, and to be connected to other Google services.

SageMaker Notebooks aims to make it easier to create and manage open source Jupyter notebooks. With elastic compute, users can create one-click notebooks, Jassy said. The new tool also enables users to more easily adjust compute power for their notebooks and transfer the content of a notebook.

Meanwhile, SageMaker Experiments automatically captures input parameters, configuration and results of developers’ machine learning models to make it simpler for developers to track different iterations of models, according to AWS. Experiments keeps all that information in one place and introduces a search function to comb through current and past model iterations.

AWS CEO Andy Jassy talks about new Amazon SageMaker capabilitiesatre:Invent 2019
AWS CEO Andy Jassy talks about new Amazon SageMaker capabilities at re:Invent 2019

“It is a much, much easier way to find, search for and collect your experiments when building a model,” Jassy said.

As the name suggests, SageMaker Debugger enables users to debug and profile their models more effectively. The tool collects and monitors key metrics from popular frameworks, and provides real-time metrics about accuracy and performance, potentially giving developers deeper insights into their own models. It is designed to make models more explainable for non-data scientists.

SageMaker Model Monitor also tries to make models more explainable by helping developers detect and fix concept drift, which refers to the evolution of data and data relationships over time. Unless models are updated in near real time, concept drift can drastically skew the accuracy of their outputs. Model Monitor constantly scans the data and model outputs to detect concept drift, alerting developers when it detects it and helping them identify the cause.

Automating model building

With Amazon SageMaker Autopilot, developers can automatically build models without, according to Jassy, sacrificing explainability.

Autopilot is “AutoML with full control and visibility,” he asserted. AutoML essentially is the process of automating machine learning modeling and development tools.

The new Autopilot module automatically selects the correct algorithm based on the available data and use case and then trains 50 unique models. Those models are then ranked by accuracy.

“AutoML is the future of ML development. I predict that within two years, 90 percent of all ML models will be created using AutoML by data scientists, developers and business analysts,” Gualtieri said.

SageMaker Autopilot is a must-have for AWS.
Mike GualtieriAnalyst, Forrester

“SageMaker Autopilot is a must-have for AWS, but it probably will help” other vendors also, including such AWS competitors as DataRobot because the AWS move further legitimizes the automated machine learning approach, he continued.

Other AWS rivals, including Google Cloud Platform, Microsoft Azure, IBM, SAS, RapidMiner, Aible and H2O.ai, also have automated machine learning capabilities, Gualtieri noted.

However, according to Nick McQuire, vice president at advisory firm CCS Insight, some of the  new AWS capabilities are innovative.

“Studio is a great complement to the other products as the single pane of glass developers and data scientists need and its incorporation of the new features, especially Model Monitor and Debugger, are among the first in the market,” he said.

“Although AWS may appear late to the game with Studio, what they are showing is pretty unique, especially the positioning of the IDE as similar to traditional software development with … Experiments, Debugger and Model Monitor being integrated into Studio,” McQuire said. “These are big jumps in the SageMaker capability on what’s out there in the market.”

Google also recently released several new tools aimed at delivering explainable AI, plus a new product suite, Google Cloud Explainable AI.

Go to Original Article
Author:

IBM Cloud Pak for Security aims to unify hybrid environments

IBM this week launched Cloud Pak for Security, which experts say represents a major strategy shift for Big Blue’s security business

The aim of IBM’s Cloud Pak for Security is to create a platform built on open-source technology that can connect security tools from multiple vendors and cloud platforms in order to help reduce vendor lock-in. IBM Cloud Paks are pre-integrated and containerized software running on Red Hat OpenShift, and previously IBM had five options for Cloud Paks — Applications, Data, Integration, Automation and Multicloud Management — which could be mixed and matched to meet enterprise needs.

Chris Meenan, director of offering management and strategy at IBM Security, told SearchSecurity that Cloud Pak for Security was designed to tackle two “big rock problems” for infosec teams. The first aim was to help customers get data insights through federated search of their existing data without having to move it to one place. Second was to help “orchestrate and take action across all of those systems” via built-in case management and automation. 

Meenan said IT staff will be able to take actions across a multi-cloud environment, including “quarantining users, blocking IP addresses, reimaging machines, restarting containers and forcing password resets.”

“Cloud Pak for Security is the first platform to take advantage of STIX-Shifter, an open-source technology pioneered by IBM that allows for unified search for threat data within and across various types of security tools, datasets and environments,” Meenan said. “Rather than running separate, manual searches for the same security data within each tool and environment you’re using, you can run a single query with Cloud Pak for Security to search across all security tools and data sources that are connected to the platform.” 

Meenan added that Cloud Pak for Security represented a shift in IBM Security strategy because of its focus on delivering “security solutions and outcomes without needing to own the data.”

“That’s probably the biggest shift — being able to deliver that to any cloud or on-premise the customer needs,” Meenan said. “Being able to deliver that without owning the data means organizations can deploy any different technology and it’s not a headwind. Now they don’t need to duplicate the data. That’s just additional overhead and introduces friction.”

One platform to connect them all

Meenan said IBM was “very deliberate” to keep data transfers minimal, so at first Cloud Pak for Security will only take in alerts from connected vendor tools and search results.

“As our Cloud Pak develops, we plan to introduce some capability to create alerts and potentially store data as well, but as with other Cloud Paks, the features will be optional,” Meenan said. “What’s really fundamental is we’ve designed a Cloud Pak to deliver applications and outcomes but you don’t have to bring the data and you don’t have to generate the alerts. Organizations have a SIEM in place, they’ve got an EDR in place, they’ve got all the right alerts and insights, what they’re really struggling with is connecting all that in a way that’s easily consumable.”

In order to create the connections to popular tools and platforms, IBM worked with clients and service providers. Meenan said some connectors were built by IBM and some vendors built their own connectors. At launch, Cloud Pak for Security will include integration for security tools from IBM, Carbon Black, Tenable, Elastic, McAfee, BigFix and Splunk, with integration for Amazon Web Services and Microsoft Azure clouds coming later in Q4 2019, according to IBM’s press release.

Ray Komar, vice president of technical alliances at Tenable, said that from an integration standpoint, Cloud Pak for Security “eliminates the need to build a unique connector to various tools, which means we can build a connector once and reuse it everywhere.”

“Organizations everywhere are reaping the benefits of cloud-first strategies but often struggle to ensure their dynamic environments are secure,” Komar told SearchSecurity. “With our IBM Cloud Pak integration, joint customers can now leverage vulnerability data from Tenable.io for holistic visibility into their cloud security posture.”

Jon Oltsik, senior principal analyst and fellow at Enterprise Strategy Group, based in Milford, Mass., told SearchSecurity that he likes this new strategy for IBM and called it “the right move.”

“IBM has a few strong products but other vendors have much greater market share in many areas. Just about every large security vendor offers something similar, but IBM can pivot off QRadar and Resilient and extend its footprint in its base. IBM gets this and wants to establish Cloud Pak for Security as the ‘brains’ behind security. To do so, it has to be able to fit nicely in a heterogeneous security architecture,” Oltsik said. “IBM can also access on-premises data, which is a bit of unique implementation. I think IBM had to do this as the industry is going this way.”

Martin Kuppinger, founder and principal analyst at KuppingerCole Analysts AG, based in Wiesbaden, Germany, said Cloud Pak for Security should be valuable for customers, specifically “larger organizations and MSSPs that have a variety of different security tools from different vendors in place.”

“This allows for better incident response processes and better analytics. Complex attacks today might span many systems, and analysis requires access to various types of security information. This is simplified, without adding yet another big data lake,” Kuppinger told SearchSecurity. “Obviously, Security Cloud Pak might be perceived competitive by incident response management vendors, but it is open to them and provides opportunities by building on the federated data. Furthermore, a challenge with federation is that the data sources must be up and running for accessing the data — but that can be handled well, specifically when it is only about analysis; it is not about real-time transactions here.”

The current and future IBM Security products

Meenan told SearchSecurity that Cloud Pak for Security would not have any special integration with IBM Security products, which would “have to stand on their own merits” in order to be chosen by customers. However, Meenan said new products in the future will leverage the connections enabled by the Cloud Pak.

“Now what this platform allows us to do is to deliver new security solutions that are naturally cross-cutting, that require solutions that can sit across an EDR, a SIEM, multiple clouds, and enable those,” Meenan said. “When we think about solutions for insider threat, business risk, fraud, they’re very cross-cutting use cases so anything that we create that cuts across and provides that end-to-end security, absolutely the Cloud Pak is laying the foundation for us — and our partners and our customers — to deliver that.”

Oltsik said IBM’s Security Cloud Pak has a “somewhat unique hybrid cloud architecture” but noted that it is “a bit late to market and early versions won’t have full functionality.”

“I believe that IBM delayed its release to align it with what it’s doing with Red Hat,” Oltsik said. “All that said, IBM has not missed the market, but it does need to be more aggressive to compete with the likes of Cisco, Check Point, FireEye, Fortinet, McAfee, Palo Alto, Symantec, Trend Micro and others with similar offerings.”

Kuppinger said that from an overall IBM Security perspective, this platform “is rather consequent.”

“IBM, with its combination of software, software services, and implementation/consultancy services, is targeted on such a strategy of integration,” Kuppinger wrote via email. “Not owning data definitely is a smart move. Good architecture should segregate data, identity, and applications/apps/services. This allows for reuse in modern, service-oriented architectures. Locking-in data always limits that reusability.”

Go to Original Article
Author: