Weekend bump and price drop – open to sensible offers too by the way. This was £2,500 brand new just over a year ago and has warranty until July 2022 so I think the price for that and the mint condition it is in, (both cosmetically and such little wear on the battery), is fair but can certainly be discussed.
Impediments to connecting and managing disparate data sources are many. The new SODA Foundation offers the promise of more interoperability in open source data management so users can connect to applications and data, whether on premises or in the cloud.
SODA stands for SODA Open Data Autonomy. The group was introduced at the Linux Foundation’s Open Source Summit North America virtual conference on June 29.
The nascent foundation then held its own mini summit on July 2. Participating members and users outlined the goals and components that make up the open source data effort, which is an evolution of the Linux Foundation’s OpenSDS (open software-defined storage) project that started in 2016. Among members of the group are Huawei, Fujitsu, NTT Communications and Sony.
The OpenSDS project leadership realized in recent years that managing storage is only part of the challenge for organizations, which also need to manage data wherever it resides.
Many data silos exist in his organization and others and it’s not easy to bring them all together, said Yuji Yazawa, principal engineer at Toyota Motor Corporation and chair of the end user advisory committee for the SODA Foundation, during a recorded session at the Open Source Summit.
Yuji YazawaPrincipal engineer, Toyota Motor Corporation
Yazawa noted that in his experiences at Toyota and previously at Yahoo Japan, the lack of standardized interfaces for data management tends to lead to lock-in. He said that’s why he’s interested in the SODA Foundation’s mission to foster an ecosystem of open source data management tools and capabilities.
“SODA is an open source unified autonomous framework for data mobility from edge to core to cloud,” Yazawa said.
Moving from OpenSDS to SODA Foundation
In a keynote session during the SODA Foundation mini summit, Rakesh Jain, co-chair of the SODA Foundation technical steering committee and senior technical staff member at IBM, outlined the open data fabric architecture approach that the group is taking.
The SODA Foundation integrates projects that provide core elements needed to enable a unified data framework, including an infrastructure manager, controller and multi-cloud plugins, Jain said.
He noted that the core projects enable users to access different data storage repositories including VMware on premises as well as public cloud with AWS, Azure and Google. There are also components for data lifecycle management, governance, security and analytics.
Beyond the core project, Jain noted that the SODA Foundation is fostering an ecosystem of projects that help to expand the idea of an open data fabric.
Creating a single data framework with the SODA Foundation
In the same keynote session, Sanil Divakaran, a member of the technical steering committee, noted that the foundation is aiming to define a single data network framework, in which any application can potentially connect to any data or storage back end in an interoperable approach.
Each type of application deployment approach, whether VMware virtual machines, Kubernetes and containers, or public cloud, has its own method of connecting to data storage back ends and enabling data management. SODA’s open data framework enables an abstraction, so a user will transparently be able to connect and manage the different data sources, regardless of the underlying deployment approach.
“We want to provide key features like data lifecycle and data protection in a unified framework,” Divakaran said. “So the application framework can focus on application business logic and the storage can simply focus on the storage, so we connect between the two and provide a unified interface.”
PowerShell offers administrators a more flexible and powerful way to perform management activities in Exchange Online. At times, PowerShell is the only way to perform certain management tasks.
But there have been widespread concerns by many Exchange administrators who have not always felt confident in Exchange Online PowerShell’s abilities, especially when dealing with thousands of mailboxes and complicated actions. But Microsoft recently released the Exchange Online PowerShell V2 module — also known as the ExchangeOnlineManagement module — to reduce potential management issues.
New cmdlets attempt to curb PowerShell problems
Moving the messaging platform to the cloud can frustrate administrators when they attempt to work with the system using remote PowerShell without a reliable connection to Microsoft’s hosted email system. Microsoft said the latest Exchange Online PowerShell module, version 0.3582.0, brings new enhancements and new cmdlets to alleviate performance and reliability issues, such as session timeouts or poor error handling during complex operations.
Where a spotty connection could cause errors or scripts to fail with the previous module, Microsoft added new cmdlets in the Exchange Online PowerShell V2 module to restart and attempt to run a script where it left off before issues started.
Microsoft added 10 new cmdlets in the new Exchange Online PowerShell module. One new cmdlet, Connect-ExchangeOnline, replaces two older cmdlets: Connect-EXOPSSession and New-PSSession.
Microsoft took nine additional cmdlets in the older module, updated them to use REST APIs and gave them new names using the EXO prefix:
Microsoft said the new REST-based cmdlets will perform significantly better and faster than the previous PowerShell module. The REST APIs offer a more stable connection to the Exchange Online back end, making most functions more responsive and able to operate in a stateless session.
Given that administrators will develop complex PowerShell scripts for their management needs, they needed more stability from Microsoft’s end to ensure these tasks will execute properly. Microsoft helped support those development efforts by introducing better script failure with functionality that will retry and resume from the point of failure. Previously, the only option for administrators was to rerun their scripts and hope it worked the next time.
There are cases where some properties are queried during a script execution that can generally impact the overall response and performance of the script given the size of the objects and their properties. To help optimize these scenarios, Microsoft introduced a way for a PowerShell process to run against Exchange Online to only retrieve relevant properties of objects needed during the execution process. An example would be retrieving mailbox properties that would be the most likely to be used, such as mailbox statistics, identities and quotas.
Microsoft removed the need to use the Select parameter typically used to determine which properties are needed as part of the result set. This neatens scripts and eliminates unnecessary syntax as shown in the example below.
How to get the new Exchange Online PowerShell module
To start using the latest Exchange Online PowerShell capabilities requires the installation or upgrade of the ExchangeOnlineManagement module. This can be done from a PowerShell prompt running under administrator settings and executing one of the two following commands:
The command completes in 1.29832 seconds, or almost half the time. Extrapolate these results to an organization with many thousands of users and mailboxes in Exchange Online and you can begin to see the benefit when a script takes half as much time to run.
Use the following command to get mailbox details for users in the organization:
Be aware of the Exchange Online PowerShell module provisions
There are several caveats Exchange administrators should know before they use the latest ExchangeOnlineManagement module:
The new Exchange PowerShell Online module only works on Windows PowerShell 5.1 with support coming for the new cross-platform version of PowerShell.
Data results returned by the latest cmdlets are in alphabetic order, not chronologically.
The new module only supports OAuth 2.0 authentication, but the client machine will need basic authorization enabled to use the older remote PowerShell cmdlets.
Some results may require additional formatting or adjusting because the new cmdlets give output alphabetically.
Administrators should use Azure AD GUID for account identity.
How to give Microsoft feedback for additional development
As Microsoft continues to improve the module, administrators will continue to see more capabilities that will allow them to have a much more improved experience with PowerShell to manage their Exchange Online environment.
There are three avenues for users to provide feedback to Microsoft on the new PowerShell commands. The first one is to report bugs or other issues during the processing of the different scripts from within PowerShell. To do this, run the following command:
Connect-ExchangeOnline -EnableErrorReporting -LogDirectoryPath <Path to store log file> -LogLevel All
The second option is to post a message on the Office 365 UserVoice forum.
Lastly, users can file an issue or check on the status of one with the Exchange Online PowerShell commands on the Microsoft Docs Github site at this link.
Microsoft offers two ways to handle mobile device management: MDM for Office 365 and Microsoft Intune.
The enterprise mobility industry has changed significantly in the past few years. Mobile device management (MDM) platforms such as MDM for Office 365 was once enough for most organizations. As devices such as iPads, wearables and IoT devices became prevalent in the enterprise, however, many organizations needed advanced management capabilities and a unified console. Unified endpoint management (UEM) products such as Intune entered the market, which provided a way for IT admins to manage a range of different devices under a single console.
MDM still has use cases today, however. MDM for Office 365 provides a limited feature set, but it is included in the price of many Office 365 subscriptions. This built-in tool offers organizations an integrated, inexpensive way to manage mobile devices. Microsoft Intune, on the other hand, provides a rich feature set and comes with additional costs.
MDM for Office 365 capabilities
MDM for Office 365 provides a lightweight version of MDM that does not include mobile application management (MAM). It provides organizations with MDM policies and settings that will help to control access to Office 365 data for supported mobile devices and apps. For stolen or lost devices, it offers the ability to remotely wipe the device to remove corporate data.
MDM for Office 365 provides support for the following platforms:
iOS 10.0 or later
Android 4.4 or later
Windows 8.1 (limited to Exchange ActiveSync functionality)
Windows 10 (requires the device to be Azure Active Directory joined)
Supported access control scenarios
MDM for Office 365 provides a few scenarios that will prompt the user to enroll their device. When the user’s device doesn’t comply with the policy, the user might be blocked from accessing Office 365 data, depending on the policy configuration.
These are the following scenarios:
Access to Exchange by using the built-in mail app on iOS 10 or later
Access to Exchange by using the built-in mail app on Android 4.4 or later
Access to Office and OneDrive for Business by using the Outlook, OneDrive, Word, Excel or PowerPoint app on iOS 10 or later
Access to Office and OneDrive for Business by using the Outlook, OneDrive, Word, Excel, PowerPoint or the Office Mobile (phones only) app on Android 4.4 or later
People who are using mobile browsers to access Office 365 data will not be prompted to enroll their devices and will not be blocked.
Supported policy settings
With MDM for Office 365, IT can enable certain settings as requirements to access Office 365 data. IT can use these settings in the supported access control scenarios to block users from accessing Office 365 data. These settings are divided into the following categories:
MDM for Office 365 also provides a limited set of policies that IT can use to configure settings on the user’s device, such as policies to prevent data loss on devices, access public clouds, make screen captures and access the store.
Microsoft Intune capabilities
Microsoft Intune is a UEM platform that provides MDM and MAM functionality and comes with additional costs, as it’s not part of the different Office 365 subscriptions. It requires an organization to have licenses that include the rights for using Microsoft Intune. These licenses include Microsoft Intune standalone, the Enterprise Mobility + Security and the Microsoft 365 subscriptions.
Microsoft Intune helps organizations to provide MDM and MAM policies and settings that will help with controlling access to corporate data. This includes not just data in Office 365, but nearly all corporate data that is available from apps that are exposed via Azure Active Directory (AAD). For stolen or lost devices, Intune provides the ability to remotely wipe the device or app to remove corporate data. It provides organizations with a strong method to secure and manage mobile devices, apps and corporate data.
Android 5.0 and later, including Android Enterprise
Windows 8.1, including Windows 8.1 RT
Windows 10, including Windows 10 Teams, Windows 10 IoT and Windows Holographic for Business
Supported access scenarios
Microsoft Intune supports many scenarios. The main difference of MDM for Office 365 vs Intune is that Intune is not limited to Office 365-related scenarios. For most organizations, the management boundaries must expand to include all apps and data that can be exposed via AAD and all apps on the devices that can use modern authentication. Intune integrates well within a Microsoft ecosystem, including Office 365.
Microsoft Intune can do more than just control access to corporate apps and data. IT can use Intune to verify compliance of devices, deploy applications, assign advanced configurations including Wi-Fi configuration, push certificates and VPN configurations, provide inventory information and more. And that’s only mentioning MDM scenarios. Besides that, it also provides MAM scenarios, including the ability to limit access to corporate apps and data and the ability to perform a selective wipe of only the app.
Supported policy settings
Microsoft Intune provides many policy settings and it’s nearly impossible to list all the possibilities. It provides the policy settings that are available with MDM for Office 365 and many more. These policy settings are categorized to provide functionality to address the supported access scenarios – for example, policies to verify access requirements, policies to verify compliance, policies to configure settings, policies to configure updates and the ability to deploy, configure and manage apps.
MDM for Office 365 vs. Microsoft Intune
The following table provides an overview of the main capabilities of MDM for Office 365 vs Microsoft Intune.
It should be clear that Microsoft Intune is the most logical choice from a security and management perspective. That doesn’t that mean there is no use case for MDM for Office 365. For smaller organizations, or organizations that only use Office 365, this could be enough. That does require strong agreements with the employees, however, as MDM for Office 365 only provides basic security for accessing Office 365 data.
MDM for Office 365 is a good starting point for any organization beginning to deploy MDM. To provide real security and management capabilities, however, any organization should eventually look at using Microsoft Intune when using more than just Office 365.
To support a migration path from MDM for Office 365 and Microsoft Intune, organizations can run both products alongside each other. When a user gets a Microsoft Intune license, the enrollment process will automatically prefer the Microsoft Intune enrollment above the MDM for Office 365 enrollment.
VMware has rolled out a revamped channel program that offers partners greater freedom to select competencies and rewards partners that deliver services on the company’s full technology stack.
The VMware Partner Connect initiative represents a “complete [overhaul] of our partner program,” said Jenni Flinders, VMware’s global channel chief. She said the program maps to the company’s strategic priorities and gives partners a “clear and easy path to define how they want to maximize opportunities with VMware.”
The new partner program has been in the works for about 18 months. VMware has periodically updated partners on its progress. Richard Steeves, senior director of worldwide partner programs at VMware, said the program changes also aim to accommodate customers’ digital transformation needs.
“As we continue to look to support our customers’ digital transformation — and support their need to run any app on any device on any cloud — we needed to ensure we had the right partner with the right skill set,” he said.
VMware partners can pursue individual competencies across areas such as hybrid cloud, which incorporates data center virtualization, digital workspace, application modernization and security.
VMware Partner Connect offers three tiers for its channel allies: Partner, Advanced Partner and Principal Partner. The Partner and Advanced Partner tiers are for partners that engage with customers at the traditional resale, transactional customer relationship level. Principal Partners must obtain Master Services Competencies and demonstrate the ability to build and deliver services on the VMware stack.
Principal Partners qualify for deployment and consumption incentives and receive priority treatment for VMware business planning and co-selling opportunities, according to VMware.
In other program moves, VMware will integrate the VeloCloud, Carbon Black and Pivotal partner programs into VMware Partner Connect over the course of this year. Flinders said the program’s new structure will provide “easy plug and play” for integrating the channel initiatives of companies VMware acquires down the road.
Steeves said VMware Partner Connect marks “one of the largest transformations that VMware has brought to market in its partner ecosystem in upward of a decade.”
IBM pursues public cloud growth with Infosys partnership
In a bid to build out enterprise deployments of IBM public cloud, IBM has expanded its partnership with global systems integrator Infosys.
Under the alliance, Infosys plans to target enterprise organizations in highly regulated industries, including financial services, insurance and healthcare, with IBM’s public cloud offerings. Infosys said it will also look to incorporate Red Hat’s open source products in enterprise deals. Infosys is the first global systems integrator to enlist in the IBM public cloud ecosystem.
Bob LordSenior vice president of cognitive applications and ecosystems, IBM
“This is our first partner that is really advocating for everything around the IBM public cloud,” said Bob Lord, senior vice president of cognitive applications and ecosystems at IBM.
Ravi Kumar S., president of Infosys, said IBM has differentiated its public cloud platform from competitors by zeroing in on enterprises’ concerns for privacy, regulatory compliance, security and systems downtime.
Lord said while the IBM-Infosys partnership is an important step for building out IBM’s public cloud presence, it doesn’t represent a change in the vendor’s overall channel strategy. “I think it is more of a focused effort of … understanding what [Infosys’] needs are” and enabling Infosys to grow its IBM public cloud business, he said.
For example, IBM will provide Infosys with technical support for clients’ cloud migrations. Additionally, the two companies will collaborate on activities such as creating proofs of concept, running cloud pilots and staffing Infosys’ client innovation centers. “We have a joint go-to-market [and campaign investments] on joint assets … and [will] drive IBM public cloud as one of the foundational pillars in cloud journeys,” Kumar S. said.
Infosys runs several client innovation centers in North America, Lord noted. “The customers can come in, go through design-thinking sessions, and architect what their long-term infrastructure is going to be as an Infosys client. And IBM is part of that overall program,” he said. Infosys will launch IBM public cloud practices in its innovation centers starting with its Hartford, Conn., and Raleigh, N.C., locations.
“Working with a systems integrator like Infosys, who has the client relationships and the credibility and honestly … is actually where we want to be, so we can propagate the use case around [IBM public cloud] and what the product has to offer,” Lord said.
Cameyo targets MSPs with app delivery platform
Cameyo, a Cary, N.C., company that provides a virtual application delivery platform, has launched a product for managed service providers.
Cameyo for MSPs aims to let service providers deliver Windows applications to any device and manage customers remotely from a single dashboard. CompuGroup Medical US and Xpertek IT are among Cameyo’s initial MSP partners, according to the company. Cameyo for MSPs pricing starts at $10 per user, per month. The fee drops to as low as $1 per user, per month if bulk discounts are applied. Cameyo is offering MSPs a free trial of the product.
Andrew Miller, co-founder and CEO at Cameyo, said the MSP product was an offshoot of the company’s prior work with MSPs.
“Throughout our ongoing relationships with these MSPs, we received multiple requests to give them the ability to manage all of their customers from one admin dashboard, rather than having them manage each customer in a separate console,” he said.
MSPs also needed a simplified billing system, so Cameyo developed its Service Provider License Agreement model, which involves a single SKU.
Miller said he anticipates the MSP portion of Cameyo’s business to reach 15% to 20% of its revenue in 2020, “and then growing considerably in 2021.”
T-Systems, the IT services subsidiary of Deutsche Telekom, will provide managed services and open a Google Cloud competence center under a new partnership with the cloud provider. The competence center will focus on large-scale workload migrations, SAP application modernization, the creation of AI and machine learning offerings, and cloud-based data warehouse and data analytics offerings, according to the companies. Last week, Google Cloud and SADA, a business and technology consultancy in Los Angeles, unveiled a $500 million partnering agreement targeting Anthos, data warehouse modernization and contact center AI.
SMBs lack the personnel and training to get the most out of their data analytics tools, according to a survey from Onepath, an MSP based in Atlanta. Fifty-seven percent of the 100-plus SMB managers and executives Onepath polled said they didn’t have the right people to manage the implementation of data analytics offerings, while 62% said they could better use the tools if they had more training.
Mission, an MSP based in Los Angeles, said it is now the exclusive certified AWS SMB reseller of Cloudwick’s Amorphic data and analytics platform for AWS data warehousing.
Pax8, a cloud distributor based in Denver, inked a partnership with Bitdefender, a cybersecurity vendor. Pax8 will deliver Bitdefender Cloud Security for MSPs.
Cisco expanded its Designed for Business portfolio for small-business buyers and added a button on its website to connect customers with a Cisco partner to buy directly on Cisco.com.
Samsara, a company in the industrial IoT market, updated its fleet and industrial channel partner program. Additions include Owl Academy, an online training program, and the Samsara Flywheel Certification program. According to Samsara, the latter program provides technical training on Samsara’s industrial product offerings and how to build services around them.
Managed cloud services provider Rackspace opened an office in Dubai, UAE, as part of a push into the Middle East. Rackspace said it currently has more than 500 customers in the region.
Managed cloud services provider Rackspace opened an office in Dubai, UAE, as part of a push into the Middle East. Rackspace said it currently has more than 500 customers in the region.
CoreView, a SaaS management platform vendor, is partnering with Metsys, a digital transformation services provider in France.
Accenture named Silicon Valley entrepreneur Tom Lounibos as managing director of Accenture Ventures.
Cognition360, which provides a data analytics platform for MSPs using ConnectWise software, appointed Aaron Kennedy as its CEO.
Market Share is a news roundup published every Friday.
8×8 has replaced its old online meetings product with a new one that offers more features and is easier to use. The platform is available only to businesses subscribed to 8×8’s unified communications suite, but the company said it may make the service available as a stand-alone app in the future.
The old 8X8 video conferencing product — built with a mix of technologies, including some from Vidyo — didn’t cut it for many customers, executives said. The company used the Jitsi open source video conferencing software that it acquired from Atlassian last year to build the new product, called 8×8 Video Meetings.
“The feedback that we heard from our customers, and where we saw the market going, really necessitated that we … swap out our whole meetings product for a new and modern video communications solution,” said Meghan Keough, 8×8’s vice president of marketing.
The new platform lets guests join meetings without having to install a plug-in or download an app. 8×8 follows the lead of Cisco, BlueJeans, Highfive and others in embracing WebRTC, the latest standard for internet-based communications.
8×8 Video Meetings also gives users their own virtual meeting rooms and lets them live-stream meetings to YouTube. Other new features include more detailed analytics and the ability to remotely control a user’s desktop while in a meeting, which could be useful for IT troubleshooting.
“I like what 8×8 has done,” said Wayne Kurtzman, analyst at IDC. “They basically updated the system, made it more usable in more places in an enterprise and are not charging more for it.”
8×8 also rolled out an early access program for software to manage video conferencing hardware in conference rooms. The product offers a way to connect third-party video cameras from vendors like Logitech and Crestron (powered by minicomputers by Mac and Intel) to 8×8’s video services.
In July, Gartner named 8×8 one of four leaders in the unified communications as a service (UCaaS) market, alongside Microsoft, Cisco and RingCentral. But the research firm previously cautioned that 8×8 offered an unintuitive video conferencing platform with a limited set of features.
8×8 Video Meetings is part of the vendor’s X Series offering, which combines calling, messaging, meetings and contact center.
The company has attempted to differentiate itself from competitors by its own technology, rather than relying on partners. RingCentral, nearly twice as large as 8×8 by revenue, relies on Zoom for video calling and Nice inContact for contact center.
“8×8 is trying to be a complete one-cloud solution for communication and collaboration,” Kurtzman said.
HashiCorp Terraform offers a new midrange pricing tier that may appeal to teams within enterprises who want to use the infrastructure-as-code tool, but don’t want to wait for a capital commitment to Terraform Enterprise.
HashiCorp Terraform Cloud, a hosted version of the open source-based infrastructure-as-code software, came out as a free offering in 2018, which offered cloud-based state storage for Terraform users outside the Terraform Enterprise subscription user base. This week, HashiCorp added features to the free version, and rolled out a paid version, Terraform Cloud for Teams, that bridges the gap between the Terraform Cloud free tier and Terraform Enterprise.
“How do you collaborate with your peers if you’re not in a regulated corporate setting, if Terraform Enterprise is too big?” said Armon Dadgar, co-founder and CTO of HashiCorp, in a keynote presentation at HashiConf this week.
Additions to the Terraform Cloud free tier will flesh out Terraform for this mid-tier scenario, Dadgar said. In addition to state storage, Terraform Cloud free tier will now support remote plan and apply operations for Terraform infrastructure-as-code templates, as well as team-based workflows and collaboration and a private module registry for internal distribution among teams.
For Terraform teams that do want enterprise governance features, Terraform Cloud for Teams comes with role-based access control for private module registries and support for unlimited collaborators in a version priced at $20 per user per month. For $70 per user per month, Terraform Cloud for Teams also includes Sentinel policy as code and advanced policy and permissions features that can be customized among multiple regions and time zones, and enforced as mandatory or suggestions. The $70 per month version also includes a new cloud infrastructure cost estimation feature that alerts users about the projected costs of infrastructure they are about to provision with Terraform.
There will be overlap in the Terraform Cloud for Teams audience between midsize companies that will never need Terraform Enterprise, industry watchers say, and very large companies where IT teams don’t want to go through the politics of instituting a Terraform Enterprise license agreement.
Armon Dadgar Co-founder and CTO, HashiCorp
“Most big customers face a similar internal dynamic where it’s more and more difficult to get capital budget for IT projects, and top-down license agreements take a very long time,” said John Mitchell, formerly chief platform architect at SAP Ariba, a HashiCorp Enterprise shop, and now an independent digital transformation consultant who contracts with HashiCorp, among others. “Terraform Cloud for Teams offers an Opex-based consumption model, with fewer training issues, that gives enterprise teams an ‘end around’ to be able to use the tool from a political and budgeting standpoint.”
HashiCorp can also use these team-based footholds to upsell the wider enterprise on a Terraform Enterprise license agreement where appropriate, Mitchell said.
Terraform Cloud’s features in both the free tier and paid Teams versions also expanded to include workflow integrations with third-party IT management and DevOps platforms, from GitHub to ServiceNow and Slack, Dadgar said. Those tools could trigger Terraform build and deploy jobs in the past, but Terraform teams can now collaborate within those platforms as well. Terraform Cloud webhooks also let users back Terraform in to a broader IT automation ecosystem, including custom applications.
Terraform’s future: Remain ‘Switzerland’ or join a platform?
It’s no coincidence that HashiCorp seems to broaden Terraform’s reach into third-party workflow platforms, as many large enterprise IT vendors race to offer soup-to-nuts DevOps and infrastructure automation platforms for their respective customers. It’s also no secret that HashiCorp might make a juicy acquisition target for such a platform player. However, such speculation has been ongoing for at least a year, without any such acquisition in place, and industry experts are divided on whether HashiCorp will join up with a platform vendor or retain its platform independence while partnering with larger companies.
For HashiCorp loyalists such as Mitchell, HashiCorp’s lack of affiliation with any one infrastructure or software platform provider is key to its appeal.
“The reality is that HashiCorp’s founders have been around long enough to see what happens to most acquisitions done by [large IT vendors],” he said. “Even if the IP technically survives, it’s still part of that bigger machine and economic model. HashiCorp will be more successful long-term than as part of an incumbent, legacy bureaucracy.”
At the same time, HashiCorp faces some of the same business model problems as other independent open core software businesses, as major cloud providers threaten to usurp their value. So far, HashiCorp has taken a slightly different tack than players such as Elastic Inc. and Redis that saw open source software lifted by cloud providers such as Amazon — HashiCorp offers its own managed services with Terraform Cloud, and where a third-party provider offers them, such as Microsoft Azure’s HashiCorp Consul Service, HashiCorp’s site reliability engineers retain control over back-end management.
“That has to be part of their strategy if they’re going to remain independent, figuring out how to block or sidestep the obvious invasion by cloud providers,” Mitchell said.
Other industry watchers don’t count HashiCorp out as an acquisition target just yet.
“Terraform has the advantage of being able to deploy applications, while others have to find a way to plug in with CI/CD tools,” said Tom Petrocelli, analyst at Amalgam Insights in Arlington, Mass. “But in a world where platforms matter, at some point they have to pull what they have together as part of a platform to compete with the likes of Ansible.”
The information technology landscape offers many different methods to authenticate users, including digital certificates, one-time password tokens and biometrics.
However, there is no escaping the ubiquity of the password. The best Active Directory password policy for your organization should meet the threshold for high security and end-user satisfaction while minimizing the amount of maintenance effort.
Password needs adjust over time
Before the release of Windows Server 2008, Active Directory (AD) password policies were scoped exclusively at the domain level. The AD domain represented the fundamental security and administrative boundary within an AD forest.
The guidance at the time was to give all users within a domain the same security requirements. If a business needed more than one password policy, then your only choice was to break the forest into one or more child domains or separate domain trees.
Windows Server 2008 introduced fine-grained password policies, which allow administrators to assign different password settings objects to different AD groups. Your domain users would have one password policy while you would have different policies for domain administrators and your service accounts.
More security policies mean more administrative work
Deploying multiple password policies within a single AD domain allows you to check your compliance boxes and have additional flexibility, but there are trade-offs. First, increasing the complexity of your Active Directory password policy infrastructure results in greater administrative burden and increased troubleshooting effort.
Second, the more intricate the password policy, the unhappier your users will be. This speaks to the information security counterbalance between security strength on one side and user convenience on the other.
What makes a quality password? For the longest time, we had the following recommendations:
minimum length of 8 characters;
a mixture of uppercase and lowercase letters;
inclusion of at least one number;
inclusion of at least one non-alphanumeric character; and
no fragments of a username.
Ideally, the password should not correspond to any word in any dictionary to thwart dictionary-based brute force attacks. One way to develop a strong password is to create a passphrase and “salt” the passphrase with numbers and/or non-alphanumeric characters.
The key to remembering a passphrase is to make it as personal as possible. For example, take the following phrase: The hot dog vendor sold me 18 cold dogs.
That phrase may have some private meaning, which makes it nearly impossible to forget. Next, we take the first letter of each word and the numbers to obtain the following string: Thdvsm18cd.
If we switch the letter s with a dollar sign, then we’ve built a solid passphrase of Thdv$m18cd.
Striking the right balance
One piece of advice I nearly always offer to my consulting clients is to keep your infrastructure as simple as possible, but not too simple. What that means related to your Active Directory password policy is:
keep your domains to a minimum in your AD forest;
minimize your password policies while staying in compliance with your organizational/security requirements;
relax the password policy restrictions; and
encourage users to create a single passphrase that is both easy to remember but hard to guess.
Password guidelines adjust over time
Relax the password policy? Yes, that’s correct. In June 2017, the National Institute of Standards and Technology (NIST) released Special Publication 800-63B, which presented a more balanced approach between usability and security.
When you force your domain users to change their passwords regularly, they are likely to reuse some portion of their previous passwords, such as password, password1, password2, and so forth.
The new NIST guidance suggests that user passwords:
range between 8 and 64 characters in length;
have the ability to use non-alphanumerics, but do not make it a requirement;
prevent sequential or repeating characters;
prevent context-specific passwords such as user name and company name;
These are great suggestions, but they are difficult to implement with native Active Directory password policy tools. For this reason, many businesses purchase a third-party password management tool, such as Anixis Password Policy Enforcer, ManageEngine ADSelfService Plus, nFront Password Filter, Specops Password Policy, Thycotic Secret Server and Tools4ever Password Complexity Manager, to name a few.
Third-party password policy tools tap into the cloud to take advantage of public identity breach databases, lists of the most common passwords and other sources to make your domain password policy much more contemporary and organic. It’s worth considering the cost of these products when you consider the potential loss from a data breach that happened because of a weak password.
Zoom enhanced the SIP audio service it offers for large enterprises this week, while also rolling out two smaller audio features that should benefit all users of the web conferencing platform.
Zoom’s Session Initiation Protocol audio feature lets businesses establish an SIP connection between their IP telephony network and the Zoom cloud. That way, Zoom users can conduct Zoom audio conferencing over the SIP trunk rather than the public switched telephone network (PSTN).
Zoom said the SIP connection helps enterprises save money by reducing spending on PSTN services. The vendor is targeting the feature at companies that conduct more than 1 million minutes of audio conferencing every month and have significant deployments of IP telephony.
Zoom already has several customers using the service. Now, the vendor is giving companies more control over which calls get directed to the SIP trunk and which are handled by Zoom’s standard PSTN dial-in and call-out service.
This flexibility could benefit companies with multiple offices that rely on a mix of telephony endpoints. For example, a company could use the SIP trunk for calls at its headquarters in the United States, while directing calls from a remote office in Bulgaria to the PSTN.
“I think this helps Zoom in its quest to win in the larger enterprise market,” said Irwin Lazar, analyst at Nemertes Research, based in Mokena, Ill. “It certainly helps them compete with the likes of Cisco and Microsoft that offer this kind of integration between their meeting apps and their on-premises phone platforms.”
The SIP audio connection is available to businesses subscribed to Zoom’s premium audio plan. Those customers commonly get billed per minute for the use of Zoom’s call-out, toll-free dial-in and premium toll dial-in services.
“SIP Connected Audio provides opportunity to avoid or minimize those fees in exchange for the costs of establishing and maintaining the SIP trunk plus a small flat-rate, per-user fee that Zoom charges for this service,” said Walt Anderson, senior product manager with Zoom.
Users can now join and start Zoom audio conferences using only phones. That is, a host no longer needs to open the Zoom desktop client or web application to start the meeting.
Zoom also updated its cloud infrastructure to avoid voicemail recordings being added to a meeting when a participant doesn’t answer the phone. Now, Zoom will require users to press 1 to join the meeting if Zoom’s technology detects that the phone seemed to ring for too long or too short of a time.
Founded in 2011, Zoom is facing increasing competition in the web conferencing market from Microsoft and Cisco, as well as other pure cloud startups, such as BlueJeans.
Algolia, which offers search technology for websites and mobile apps, has launched a partner program targeting systems integrators, consultants, digital agencies and e-commerce platforms. Algolia partners include Accenture Interactive’s Altima business unit, digital agency Wunderman and e-commerce platforms Magento and Shopify.
At launch, the Algolia Partner Program has 20 certified partners. The program aims to create an ecosystem of Algolia partners that can help enterprises customize Algolia search technology, according to the company.
The program’s launch follows rising interest among customers in working with partners, said Alexandre Popp, director of channels and alliances at Algolia.
“Over the past year, we saw increasing demand from enterprises to leverage the support of partners like systems integrators, consultants and agencies,” Popp said. “So we made the decision to dedicate resources to building out partner engineering, account management, and marketing teams to support our partners in the field and meet customer demand.”
The partner program is part of the company’s enterprise customer initiative.
“Our motion to move upmarket comes with partners and multinational brands purchasing our product in tandem with partner solutions, and deployed with consulting firms’ team[s],” Popp said. He noted the program’s objective is to support partners as they “build or sell digital products” that embed Algolia.
Algolia’s partner program offers technical enablement and certification; go-to-market and sales enablement; and marketing support, including co-marketing events, webinars and campaigns. The company, founded in 2012, said it has more than 5,700 customers.
Cloud service providers launch offerings
Cloud service providers Faction and 2nd Watch rolled out new services this week.
Alexandre Poppdirector of channels and alliances, Algolia
Faction, a Denver company that focuses on multi-cloud services, said it is working with VMware to provide cloud-attached storage for VMware Cloud on AWS deployments. Faction said its Cloud Control Volumes offering provides a scalable storage platform for VMware Cloud on AWS customers who need more storage capacity.
Meanwhile, 2nd Watch, a managed service provider based in Seattle, said its Cloud Migration Cost Assessment service aims to help large and midmarket firms get a handle on the cost benefits of moving on-premises IT infrastructure to the cloud. The cloud migration assessment involves a six-week engagement in which 2nd Watch cloud personnel evaluate a customer’s IT estate and “map current resources to the most cost-effective cloud solution,” according to the company.
Silver Peak launched its Authorized Deployment Partner (ADP) Program, which will train, certify and authorize a group of services partners. Partners receiving authorization are deemed capable of managing the design, deployment and management of the Silver Peak Unity EdgeConnect SD-WAN offering. Program participants include Cavell Group, FireOwls Corp., Geode Networks, Traversa Solutions and Velociti.
Arcserve, a data backup and availability vendor based in Minneapolis, unveiled a new channel program dubbed Arcserve Accelerate. The program targets North American MSPs, value-added resellers, large-account resellers and original equipment manufacturers. Program features include re-developed e-learning courses, partner certification, individual and corporate SPIFs, marketing development funds and access to cloud-native products with support for private and public clouds such as AWS and Microsoft Azure, according to Arcserve.
Matrix Integration, an IT infrastructure company in Kentucky and Indiana, has opened its new Louisville regional office. The company said the expansion provides a hub for modernizing the IT infrastructure of public and private sector entities in the Louisville area.
Market Share is a news roundup published every Friday.