Tag Archives: service

Verizon 5G rollout could change broadband competition

Verizon has chosen to temporarily forego standards and launch a proprietary 5G internet service to homes in four U.S. cities. The rush to market could start generating a return from the billions of dollars spent on developing the fifth-generation wireless technology.

Verizon introduced its 5G Home service this week and said it would be available Oct. 1 in select neighborhoods in Houston, Indianapolis, Los Angeles and Sacramento, Calif. The service provider promised a baseline speed of about 300 Mbps, which is significantly higher than Verizon’s current fiber optic service, Fios.

Customers covered in the Verizon 5G rollout could experience speeds close to 1 Gbps if they are in a favorable location relative to Verizon’s 5G small cell site that broadcasts the wireless signal to the home.

Verizon plans to charge wireless subscribers $50 a month for the 5G service and nonwireless subscribers $70 a month. Verizon won’t charge for the first three months of service or for the 5G router and its installation in the home.

The promotional deal makes the 5G offering similar in pricing to the internet service Verizon currently provides through its Fios product, which delivers speeds of only about 100 Mbps or less, said Tom Nolle, principal analyst at technology consulting firm CIMI Corp., based in Township, N.J., in a research note.

“I think Verizon will be moving to normalize their pricing across FiOS and 5G, which could give Verizon users the best internet bargain out there today,” Nolle wrote.

Verizon 5G rollout using nonstandard gear

The home and cell site gear used in the Verizon 5G rollout are temporary. The company plans to replace the proprietary 5G equipment with devices built around universal standards set by the 3rd Generation Partnership Project (3GPP). Verizon will replace the equipment as suppliers deliver standard gear.

Verizon is willing to forego standards initially to be quick to market with 5G internet services and to start generating revenue as soon as possible, said Rajesh Ghai, an analyst at IDC.

“This is a brand-new service for Verizon — incremental revenue,” he said. “They’re not going to eat into anything they’re already selling. They don’t have to get their existing customer base to adopt it.”

Because 5G is a fixed-wireless technology, Verizon can compete against cable companies and rival AT&T without having to bring a cable connection to homes or apartment buildings.

“If you have broadband deliverable to homes over the air, then it becomes a lot faster for a customer to provision the service,” Ghai said. “You get the box from Verizon, and it’s ready to go.”

Indeed, Verizon has made ordering the service easy by launching a website for would-be subscribers.

Verizon 5G rollout includes TV over IP

Verizon’s handling of TV over IP (TVoIP) through the 5G service is also significant. Subscribers get Google’s YouTube TV at no charge for the first three months and then have the option of continuing the service for $40 a month.

The offer shows Verizon is experimenting with TVoIP without having to buy a content provider. “If they like what happens, they could shift FiOS to TVoIP too, and drop a lot of cost along the way,” Nolle said. Also, Verizon could collect user data and website activity on the 5G service and use the information in other applications, such as ad selection.

Announcing Azure Pipelines with unlimited CI/CD minutes for open source

With the introduction of Azure DevOps today, we’re offering developers a new CI/CD service called Azure Pipelines that enables you to continuously build, test, and deploy to any platform or cloud. It has cloud-hosted agents for Linux, macOS, and Windows, powerful workflows with native container support, and flexible deployments to Kubernetes, VMs, and serverless environments.

Microsoft is committed to fueling open source software development. Our next step in this journey is to provide the best CI/CD experience for open source projects. Starting today, Azure Pipelines provides unlimited CI/CD minutes and 10 parallel jobs to every open source project for free. All open source projects run on the same infrastructure that our paying customers use. That means you’ll have the same fast performance and high quality of service. Many of the top open source projects are already using Azure Pipelines for CI/CD, such as Atom, CPython, Pipenv, Tox, Visual Studio Code, and TypeScript – and the list is growing every day.

In the following, you can see Atom running parallel jobs on Linux, macOS, and Windows for its CI.


Azure Pipelines app on GitHub Marketplace

Azure Pipelines has an app in the GitHub Marketplace so it’s easy to get started. After you install the app in your GitHub account, you can start running CI/CD for all your repositories.


Pull Request and CI Checks

When the GitHub app is setup, you’ll see CI/CD checks on each commit to your default branch and every pull request.


Our integration with the GitHub Checks API makes it easy to see build results in your pull request. If there’s a failure, the call stack is shown as well as the impacted files.


More than just open source

Azure Pipelines is also great for private repositories. It is the CI/CD solution for companies like Columbia, Shell, Accenture, and many others. It’s also used by Microsoft’s biggest projects like Azure, Office 365, and Bing. Our free offer for private projects includes a cloud-hosted job with 1,800 minutes of CI/CD a month or you can run unlimited minutes of CI/CD on your own hardware, hosted in the cloud or your on-premises hardware. You can purchase parallel jobs for private projects from Azure DevOps or the GitHub Marketplace.

In addition to CI, Azure Pipelines has flexible deployments to any platform and cloud, including Azure, Amazon Web Services, and Google Cloud Platform, as well as any of your on-premises server running Linux, macOS or Windows. There are built-in tasks for Kubernetes, serverless, and VM deployments. Also, there’s a rich ecosystem of extensions for the most popular languages and tools. The Azure Pipelines agent and tasks are open source and we’re always reviewing feedback and accepting pull requests on GitHub.

Join our upcoming live streams to learn more about Azure Pipelines and other Azure DevOps services.

  • Keynote: Watch our live Azure DevOps keynote on September 11, 2018 from 8:00 – 9:30 AM Pacific Time.

  • Live training: Join our live Mixer workshop with interactive Q&A on September 17, 2018 from 8:30 AM – 2:30 PM Pacific Time.

You can save-the-date and watch both live streams on our events page. There you’ll also find additional on-demand videos and other resources to help get you started.

I’m excited for you to try Azure Pipelines and tell us what you think. You can share your thoughts directly to the product team using @AzureDevOps, Developer Community, or comment on this post.

Jeremy Epling


Zoom audio feature could reduce PSTN costs for large enterprises

Zoom enhanced the SIP audio service it offers for large enterprises this week, while also rolling out two smaller audio features that should benefit all users of the web conferencing platform.

Zoom’s Session Initiation Protocol audio feature lets businesses establish an SIP connection between their IP telephony network and the Zoom cloud. That way, Zoom users can conduct Zoom audio conferencing over the SIP trunk rather than the public switched telephone network (PSTN).

Zoom said the SIP connection helps enterprises save money by reducing spending on PSTN services. The vendor is targeting the feature at companies that conduct more than 1 million minutes of audio conferencing every month and have significant deployments of IP telephony.

Zoom already has several customers using the service. Now, the vendor is giving companies more control over which calls get directed to the SIP trunk and which are handled by Zoom’s standard PSTN dial-in and call-out service.

This flexibility could benefit companies with multiple offices that rely on a mix of telephony endpoints. For example, a company could use the SIP trunk for calls at its headquarters in the United States, while directing calls from a remote office in Bulgaria to the PSTN.

“I think this helps Zoom in its quest to win in the larger enterprise market,” said Irwin Lazar, analyst at Nemertes Research, based in Mokena, Ill. “It certainly helps them compete with the likes of Cisco and Microsoft that offer this kind of integration between their meeting apps and their on-premises phone platforms.”

The SIP audio connection is available to businesses subscribed to Zoom’s premium audio plan. Those customers commonly get billed per minute for the use of Zoom’s call-out, toll-free dial-in and premium toll dial-in services.

“SIP Connected Audio provides opportunity to avoid or minimize those fees in exchange for the costs of establishing and maintaining the SIP trunk plus a small flat-rate, per-user fee that Zoom charges for this service,” said Walt Anderson, senior product manager with Zoom.

Zoom highlights additional audio enhancements

Zoom announced two other new audio features this week for all customers. The vendor has both freemium and premium offerings.

Users can now join and start Zoom audio conferences using only phones. That is, a host no longer needs to open the Zoom desktop client or web application to start the meeting.

Zoom also updated its cloud infrastructure to avoid voicemail recordings being added to a meeting when a participant doesn’t answer the phone. Now, Zoom will require users to press 1 to join the meeting if Zoom’s technology detects that the phone seemed to ring for too long or too short of a time.

Founded in 2011, Zoom is facing increasing competition in the web conferencing market from Microsoft and Cisco, as well as other pure cloud startups, such as BlueJeans.

Talari SD-WAN targets mobile with Meta Networks integration

Talari Networks’ customers can now combine their software-defined WAN service with a network-as-a-service platform from Meta Networks.

The platform offered by Meta Networks, an Israel-based NaaS startup, targets remote and mobile users who need to access data center and cloud applications. While SD-WAN technology offers remote connectivity to an extent, it is limited in its flexibility to connect individual remote and mobile BYOD users, as most can’t deploy a physical or virtual SD-WAN appliance. With Talari’s support for Meta Networks’ NaaS software, Talari customers located outside the software-defined WAN perimeter can connect using one of Meta’s multiple points of presence (POP) worldwide.

With the platform, user devices connect to the closest Meta POP to access corporate resources. Instead of applying policies based on site location, Meta Networks takes a user-centric approach by specifying policies and application authentication based on individual user permissions. Network administrators, for example, can create policies that deny mobile users access to certain websites or cloud applications.

The integrated offering is now available for Talari SD-WAN customers.

Versa Networks adds managed SD-WAN partner

Versa Networks added another service provider to its managed SD-WAN partner list. California Telecom, headquartered in Chino, Calif., joins existing Versa Networks partners CenturyLink, China Telecom Global, Comcast Business and Verizon in adding managed SD-WAN services to its portfolio.

California Telecom customers can choose from three available purchasing options: SD-WAN standard, SD-WAN advanced and SD-WAN secured. Load balancing, automated failover, error correction and circuit monitoring, among other features, are included in all three options. Customers can add additional features, such as firewalls, antivirus and content filtering and advanced routing.

“We spent over a year looking for an SD-WAN platform we could integrate into our existing MPLS infrastructure that could offer all the features that were being promoted in the industry,” said Jim Gurol, California Telecom’s CEO, in a statement. Versa’s Cloud IP Platform paired well with California Telecom’s infrastructure, he added, allowing the service provider to go to market immediately.

Customers can deploy California Telecom’s managed SD-WAN service to create various WAN designs, including hybrid MPLS, cloud-based SD-WAN and security-focused models, Gurol said.

SD-WAN adoption impeded by available options

Enterprises are investigating SD-WAN, but the technology is still being adopted relatively slowly, according to a report conducted by Sapio Research at the request of Teneo, a consulting firm and technology integrator.

While almost half of the 200 senior IT and networking managers surveyed said they were investigating SD-WAN in some form, only 20% said they’ve deployed the technology. A third of the respondents hadn’t yet evaluated SD-WAN technology. Part of the reason for SD-WAN’s slow adoption is the large number of available SD-WAN options and variants, according to Marc Sollars, CTO of Teneo, based in Dulles, Va.

“Many firms are clearly putting a toe in the water on SD-WAN or doing a proof of concept, but it’s still very hard to say when this test phase will start to translate into enterprise-level implementations,” Sollars said in a statement. “In many ways, the broad range of choice that SD-WAN brings is what’s causing companies to hesitate over their decisions.”

Respondents indicated the primary driver to consider SD-WAN deployment is to help address the growing complexity of network infrastructure and performance tasks. Cutting network costs and better infrastructure management followed behind.

ClearSky Data launches service for VMware Cloud on AWS

ClearSky Data launched a new service that will enable VMware Cloud on AWS customers to protect their data in inexpensive object storage.

The new ClearSky Data service gives VMware Cloud on AWS customers the chance to keep their existing backup applications and use Amazon Simple Storage Service (S3) as the back-end storage repository. The startup’s software can transform the block- and file-based data from the certified backup applications to an object format to enable data protection and archiving in Amazon S3, according to Laz Vekiarides, CTO and co-founder of ClearSky Data.

VMware Cloud (VMC) on AWS users can choose certified backup options from vendors such as Commvault, Dell EMC, Druva and Veeam. But those vendors typically offer repositories in Amazon’s Elastic Block Store (EBS). Commvault is the only certified VMC option to back up natively to Amazon’s more economical object-based S3, according to Bryan Young, a group product manager of vSphere external storage at VMware.

“Customers are generally wed to their particular backup vendor. And they do not like to change because they want a common backup application across the enterprise,” Young said. “But they also want the lowest cost storage for their long-term backups.”

Extends on-premises virtual server environments

The VMware Cloud on AWS on-demand service lets customers extend their on-premises server virtualization environments to Amazon’s cloud. The service is based on VMware Cloud Foundation, which integrates vSphere server virtualization, vSAN software-defined storage, NSX software-defined networking and security, and vCenter management software.

VMware Cloud customers create a virtual private cloud (VPC) to run their application workloads on vSphere VMs in Amazon Elastic Compute Cloud (EC2) bare-metal infrastructure. VMware’s vSAN creates the local storage on SSDs in the host server cluster to keep the data.

“Part of the issue with the cloud inside of Amazon EC2 is that at any given point in time, if you decide to shut any of these [servers] down, all the data that’s inside of them gets lost,” Vekiarides said. “So, obviously, you need a place to keep all of your data when you’re not using your VMware cluster.”

ClearSky Data service for VMware Cloud on AWS
ClearSky Data service for VMware Cloud on AWS architectural diagram.

A third-party backup proxy runs in a VMware Cloud on AWS software-defined data center and copies data using the vSphere Storage APIs for data protection (VADP). The backup proxy copies data to an EC2-based backup repository that typically uses Amazon’s EBS.

Cache 64 TB per backup volume

ClearSky’s Cloud Edge appliance can connect to the backup application and cache up to 64 TB of data per VM guest-attached volume to enable fast access to frequently accessed data. Vekiarides said ClearSky can have many such volumes online, up to 4 PB total. On the back end, the Cloud Edge appliance connects to the ClearSky Data Network’s Amazon S3 storage via AWS Direct Connect to protect and archive all the data.

ClearSky supports a recovery point objective of less than 10 minutes for point-in-time snapshots and a recovery time objective of less than a minute once the customer’s applications are running.

In addition to the cloud-based deployment option, customers could run VMware virtual servers, third-party backup applications and ClearSky Edge Cache appliances on premises. The Edge Cache appliance’s software would deduplicate and compress the data and convert it to object format for archiving in ClearSky Network’s Amazon S3. The data from the on-premises Edge Cache and off-site Cloud Edge appliances would be stored in a common Amazon S3 repository.

ClearSky Data used the VMware Cloud on AWS service to build out a server cluster to test its new service. Vekiarides said ClearSky engineers made minor changes to the deployment software to ensure it works and meets performance targets in the AWS cloud environment.

Pricing for the ClearSky Data service ranges from 6 cents to 20 cents per GB, per month depending on the use case, quality of service and data capacity.

ClearSky Data does not charge fees for replication and customers do not incur AWS egress charges to restore their data, according to Vekiarides. He said egress charges generally do not apply because nearly all of the data is cached either inside AWS’ cloud or somewhere in ClearSky’s network.

New Dell EMC 100 GbE switch tailored for east-west traffic

Dell EMC has introduced a high-density 100 Gigabit Ethernet switch aimed at service providers and large enterprises that need more powerful hardware to support a growing number of cloud applications and digital business initiatives.

Dell EMC launched the Z9264F open networking switch this week, listing its target customers as hyperscale data center operators, tier-one  and -two service providers and enterprises. The Dell EMC 100 GbE switch is designed for leaf-spine switching architectures.

“Dell’s new, high-performance, low-latency 100 GbE switch is ideally suited for large enterprises and service providers,” said Rohit Mehra, analyst at IDC. “The continued growth of cloud applications that require high-performance, east-west traffic-handling capabilities will likely be one of the key drivers for this class of switches to see increased traction.”

Indeed, Dell EMC, Cisco, Hewlett Packard Enterprise (HPE) and Juniper Networks are counting on an increase in data center traffic to sell their 100 GbE switches. So far, demand for the hardware has been robust. In the first quarter, revenue from 100 GbE gear grew nearly 84% year over year to $742.5 million, according to IDC. Port shipments increased almost 118%.

The Dell EMC 100 GbE switch is 2RU hardware available with 64, 128 or 64 ports of 100 GbE, 25 GbE or 50 GbE, respectively. Options for 10 GbE and 40 GbE ports are also available. Broadcom’s 6.4 Tbps StrataXGS Tomahawk II chip powers the switch.

Dell EMC, along with rival HPE, is marketing its support for third-party network operating systems as a differentiator for its switches. Dell EMC is selling the Z9246F with the enterprise edition of its network operating system (NOS), called OS10, or with operating systems from Big Switch Networks, Cumulus Networks, IP Infusion or Pluribus Networks.

Other options for the Dell 100 GbE switch include the open source edition of OS10 and either the Metaswitch network protocol stack or the Quagga suite of open source applications for managing routing protocols. Finally, Dell EMC will sell just the hardware with several open source applications, including Quagga and the OpenSwitch or SONiC NOS.

The starting price for the Z9264F, without an operating system or optics, is $45,000.

Trends in the 100 GbE market

While open networking is not mainstream yet in the enterprise, providing choice in terms of the complete hardware and software stack is something that large enterprises and service providers have started to look at favorably.
Rohit Mehraanalyst at IDC

Several trends are driving the 100 GbE market. Service providers are redesigning their data centers to support software-based network services, including 5G and IoT. Also, financial institutions are providing services to customers over a growing number of mobile devices.

Meanwhile, cloud companies that provide infrastructure or platform as a service are buying more hardware to accommodate a significant increase in companies moving application workloads to the cloud. In 2017, public cloud data centers accounted for the majority of the $46.5 billion spent on IT infrastructure products — server, storage and switches — for cloud environments, according to IDC.

In the first quarter, original design manufacturers accounted for almost 30% of all infrastructure hardware and software sold to public cloud providers, according to Synergy Research Group, based in Reno, Nev. Dell EMC had a 5% to 10% share, which was the same size share as Cisco and HPE.

As a switch supplier, Dell EMC is a smaller player. The company is not one of the top five vendors in the market, according to IDC. Nevertheless, Dell EMC is a major supplier of open networking to the small number of IT shops buying the technology.

“While open networking is not mainstream yet in the enterprise, providing choice in terms of the complete hardware and software stack is something that large enterprises and service providers have started to look at favorably,” Mehra said.

Intelligent Search that can save you money: hotel booking, home services price ranges, and more

The Internet has put thousands of stores and service providers at our fingertips, allowing us to buy goods and services with the click of a button. This convenience comes with a set of challenges, especially when it comes to deciding which product to buy, which provider to hire, and how to get the most value for our money. Consumers cite anxiety and the fear of buyer’s remorse as their major pain points.

Today Bing is happy to announce the launch of new intelligent features designed to allow you to estimate and compare prices across multiple providers, give you insights to make the right trade-offs around price, and get more savings on products through a new deals experience – all built to help you save money.

Hotel booking

Typical users go through multiple sites before they make a choice on which hotel to book, and even then they often don’t feel confident they made the best choice. In May we released a hotel booking experience with aggregated pricing from third party booking sites. These features get even more powerful with what we’re announcing today: intelligent tips, a price trends view, and a comparison view.

First, Bing displays booking tips when you’re looking at hotels for which there are competing options you may not have considered. For example, if there are higher-rated hotels near the one you’re looking at with the same rate, or hotels that are closer to the airport and cheaper, we will let you know of the alternatives and tradeoffs for the options you’re looking at.

Second, Bing provides historical price trends for the date range you’re exploring to help make price-based trade-offs. Many sites only let you see the rate after you’ve already selected a date, so users end up clicking through many times to check the rates throughout the date range they’re interested in. Our price trend feature allows users to browse price trends over time in a single view.


Third, our new comparison view provides a comprehensive overview of pricing by hotel option. No more digging through multiple sites and reviews to find out what amenities are offered and if there are hidden fees! You’ll simply be able to see the detailed breakdowns side-by-side so you can feel assured you’re making the best choice for your needs and budget.


Home services pricing and scheduling


Hotel-booking unfortunately isn’t the only painful purchase experience for many users. We also heard that users are often frustrated when it comes to choosing a home service provider, as quotes can vary substantially from one service to another, and many people aren’t confident in how much they should expect to pay.

That’s why we built cost ranges to provide transparency for home services like sink installation costs and toilet repairs. These ranges show a visual distribution of prices, specific to your zip code so they’re tied to your location. We want you to feel empowered to plan your budget and even negotiate a quote with a specific provider!

This price data comes via our partnership with Porch, so you can feel confident you’re getting a comprehensive view.

After you’ve gotten a view of what to expect for pricing, Bing helps you collect quotes from multiple providers with just a few clicks. For example, if you search for “plumbers Bellevue”, you’ll get a listing of plumbers in that area with a ‘Get Quote’ for supported providers. Click that button and you’re taken to a pre-populated form on Yelp, where you can select up to 10 similar providers and send out a bulk request for quotes instead of having to contact each provider individually.


Coupons and deals

Finally, we realized that trying to find deals can be a time-consuming. Between the fine print, expiration dates, and confusing language, it’s easy to be unsure if you’re really getting a good deal or not.

Bing now aggregates deals across first- and third-party listings then displays them when you search for retailers or coupons. We surface relevant insights like ‘expiring soon’, whether the offers are online or in-store only, and more.


We hope you’re as excited by these money-saving features as we are — you can try them for yourself with our feature tour! All of them are available in the US, and apart from the home services price ranges these features are currently on desktop only. We will continue rolling out these features to mobile platforms and international markets in coming months.

While you’re trying out these new experiences, please also remember to sign in to Microsoft Rewards – you’ll earn points for your Bing searches and can redeem them towards gift cards and save even more!


The Bing Team

ChannelCon 2018: MSPs face operational growing pains

WASHINGTON, D.C. — A time comes in a service provider’s life when the early adrenaline-rush of business growth begins to fade and a harsh reality settles in: To continue to grow, and grow profitably, an organization must take deliberate steps to boost operational efficiency.

“It’s not the sexiest topic, but it is so important,” said Carolyn April, senior director of industry analysis at CompTIA. April chaired a panel discussion on operational efficiency improvement at ChannelCon 2018, CompTIA’s annual channel partner event. At last year’s ChannelCon, the benefits of diversity were an important focus, while previous meetings highlighted such topics as compliance controls.

A recent CompTIA survey of managed service providers (MSPs) and other channel partners revealed the key operational pain points. Half of the 450 organizations polled cited pricing pressure from customers or competitors as the top operations issue hurting profitability in the last year. Inefficient service delivery and inefficient sales process followed, with 28% of the respondents identifying the former and 27% of the respondents citing the latter.

April said even MSPs raking in sales could be “leaking margin left and right” due to inefficiency.

Carolyn April, senior director of industry analysis at CompTIACarolyn April

Operational efficiency improvement calls for a proactive approach that ensures a service provider has processes in place to run the business well — versus a reactive approach that hinges on extinguishing fires, April noted.

“The respondents having the hardest time and experiencing the most problems in their businesses are the ones that are reactive and not proactive,” she said.

Cultural focus

For Paul Cronin, operational efficiency is built on a cultural foundation. Cronin, facilitator of excellence at Cronin Corp., an MSP, participated in the ChannelCon 2018 panel discussion.

“I believe that operational efficiency begins with a culture of discipline,” he said.

A culture of discipline is one aspect of great companies, as defined in Good to Great: Why Some Companies Make the Leap … and Others Don’t. The book studied companies that made the jump to superior financial performance and were able to sustain that edge for at least 15 years.

I believe that operational efficiency begins with a culture of discipline.
Paul Croninfacilitator of excellence, Cronin Corp.

Cronin said he taught a monthly leadership workshop on Good to Great while he was an executive at Atrion, a systems integrator acquired by Carousel Industries in 2017. He is now beginning to shape the culture at his new venture.

Another component of Cronin’s operational efficiency approach is Lean methodology and, in particular, the framework’s focus on small, incremental changes as a mechanism for process improvement.

“We are very focused on Lean,” he said, noting the aim of empowering people to make small changes happen.

Vince Tinnirello, CEO at Anchor Network Solutions, an MSP in the Denver area, said he uses the TruMethods framework, which provides metrics and key performance indicators (KPIs) to help MSPs determine when to hire and expand or contract. “Find a framework and stick to it,” he advised the ChannelCon 2018 audience.

Signing up for an MSP peer group can also help a company along the efficiency track.

“Join a peer group because it is business-changing,” he said.

All aboard?

In addition to management frameworks, service providers can deploy automated systems to boost efficiency. Remote monitoring and management (RMM) and professional services automation (PSA) software are among the automation options an MSP may select.

April said PSA and RMM tools are important, but suggested the human dimension may prove the bigger challenge for service providers. Indeed, operational efficiency panelists and audience members noted that companies sometimes struggle to get employees to follow the processes and procedures designed to improve efficiency.

An engineer, for example, may prefer to “just get the job done” and ignore KPIs, processes and procedures along the way, one audience member said. In addition, employees hired at a more senior level may think they are smarter than the “dumb” processes the company wants them to adopt, another audience member noted.

Tinnirello agreed that getting every employee to do things the same way has proved to be a difficult task — even with checklists and policies and procedures. A tool such as an RMM system can help standardize service delivery, but Tinnirello noted that an RMM can’t automate every customer request. He said his company now aims to “automate where we can and make processes that people actually follow where you can’t automate.”

Operational efficiency improvement: Keeping score

MJ Shoer, director of client engagement and virtual CIO at Onepath, an MSP and professional services firm, said the company drills employees in its processes from the time of onboarding. Onepath’s approach, he said, is to hire Level One employees and move them up to more advanced positions, rather than bring on employees at a higher level.

The approach, Shoer explained, lets the company “maintain the structure we want,” while also providing the appropriate flexibility to adapt to market changes.

MJ Shoer, director of client engagement and vCIO at OnepathMJ Shoer

Onepath, meanwhile, uses performance scorecards to maintain a focus on KPIs. The scorecards track KPIs at the individual level and roll up to department-level and companywide KPIs.

But as MSPs enforce KPIs that support corporate goals, they should limit the number of goals to management amount. Cronin suggested the pursuit of too many goals is the mark of an inefficient company.

“We never had more than three company goals for the year,” he said. That’s not to say the company didn’t focus on other actions to move it forward, but the three main goals cascaded down through the organization, he added.

Cronin cited three top metrics: net promotor score, top-line revenue growth and EBITDA.

“Start small,” Cronin told ChannelCon 2018 attendees. “Don’t boil the ocean.”

Windstream SD-WAN gets help connecting to the cloud

Network service provider Windstream Communications plans to release in August a service for connecting the Windstream SD-WAN to applications running on Microsoft Azure. The product, called SD-WAN Cloud Connect, is designed to provide a reliable connection to public clouds.

Windstream introduced the service in July, with initial support limited to Amazon Web Services. Windstream plans to add support for other cloud providers over time.

Connecting corporate employees to application services running in a public cloud is not a trivial matter. Corporate IT has to know the performance requirements of cloud-based applications and the expected usage patterns to estimate network bandwidth capacity. Engineers also have to identify potential bottlenecks and plan for monitoring network traffic and network connection endpoints after deploying applications in the cloud.

Windstream’s virtual edge device

Windstream’s latest Cloud Connect service is designed to eliminate some of the hassles of connecting to the public cloud. The service connects through a virtual edge device that communicates with the Windstream SD-WAN Concierge offering, which is a premise-based version of VMware’s VeloCloud.

Windstream can deploy the edge device in its data center or on a customer’s virtualized server. After installing the software, Windstream activates it and handles all management chores as part of the customer’s Windstream SD-WAN service.

Windstream provides an online portal for creating, deploying and managing SD-WAN routing and security policies. The site includes a console for accessing real-time intelligence on link performance.

Windstream’s partnership with an SD-WAN vendor is not unique. Many service providers have announced such deals to compete for a share of the fast-growing market. Other alliances include Comcast Business and CenturyLink with Versa Networks; Verizon with Viptela, which is owned by Cisco; and AT&T and Sprint with VeloCloud.

Windstream, which serves mostly small and midsize enterprises, has grown its network service business through acquisition. In January, Windstream announced it would acquire Mass Communications, a New York-based competitive local exchange carrier. In 2017, Windstream completed the acquisitions of Broadview and EarthLink.

LifeLock vulnerability exposed user email addresses to public

Symantec’s identity theft protection service, LifeLock, exposed millions of customers’ email addresses.

According to security journalist Brian Krebs, the LifeLock vulnerability was in the company’s website, and it enabled unauthorized third parties to collect email addresses associated with LifeLock user accounts or unsubscribe users from communications from the company. Account numbers, called subscriber keys, appear in the URL of the unsubscribe page on the LifeLock website that correspond to a customer record and appear to be sequential, according to Krebs, and that lends itself to writing a simple script to collect the email address of every subscriber.

The biggest threat with this LifeLock vulnerability is attackers could launch a targeted phishing scheme — and the company boasted more than 4.5 million users as of January 2017.

“The upshot of this weakness is that cyber criminals could harvest the data and use it in targeted phishing campaigns that spoof LifeLock’s brand,” Krebs wrote. “Of course, phishers could spam the entire world looking for LifeLock customers without the aid of this flaw, but nevertheless the design of the company’s site suggests that whoever put it together lacked a basic understanding of web site authentication and security.”

Krebs notified Symantec of the LifeLock vulnerability, and the security company took the affected webpage offline shortly thereafter. Krebs said he was alerted to the issue by Atlanta-based independent security researcher Nathan Reese, a former LifeLock subscriber who received an email offering him a discount if he renewed his membership. Reese then wrote a proof of concept and was able to collect 70 email addresses — enough to prove the LifeLock vulnerability worked.

Reese emphasized to Krebs how easy it would be for a malicious actor to use the two things he knows about the LifeLock customers — their email addresses and the fact that they use an identity theft protection service — to create a “sharp spear” for a spear phishing campaign, particularly because LifeLock customers are already concerned about cybersecurity.

Symantec, which acquired the identity theft protection company in 2016, issued a statement after Krebs published his report on the LifeLock vulnerability:

This issue was not a vulnerability in the LifeLock member portal. The issue has been fixed and was limited to potential exposure of email addresses on a marketing page, managed by a third party, intended to allow recipients to unsubscribe from marketing emails. Based on our investigation, aside from the 70 email address accesses reported by the researcher, we have no indication at this time of any further suspicious activity on the marketing opt-out page.

LifeLock has faced problems in the past with customer data. In 2015, the company paid out $100 million to the Federal Trade Commission to settle charges that it allegedly failed to secure customers’ personal data and ran deception advertising.

In other news:

  • The American Civil Liberties Union (ACLU) of Northern California said Amazon’s facial recognition program, Rekognition, falsely identified 28 members of Congress as people who were arrested for a crime in its recent test. The ACLU put together a database of 25,000 publicly available mugshots and ran the database against every current member of the House and Senate using the default Rekognition settings. The false matches represented a disproportionate amount of people of color — 40% of the false matches, while only 20% of Congress members are people of color — and spanned both Democrats and Republicans and men and women of all ages. One of the falsely identified individuals was Rep. John Lewis (D-Ga.), who is a member of the Congressional Black Caucus; Lewis previously wrote a letter to Amazon’s CEO, Jeff Bezos, expressing concern for the potential implications of the inaccuracy of Rekognition and how it could affect law enforcement and, particularly, people of color.
  • Researchers have discovered another Spectre vulnerability variant that enables attackers to access sensitive data. The new exploit, called SpectreRSB, was detailed by researchers at the University of California, Riverside, in a paper titled, “Spectre Returns! Speculation Attacks using the Return Stack Buffer.” “Rather than exploiting the branch predictor unit, SpectreRSB exploits the return stack buffer (RSB), a common predictor structure in modern CPUs used to predict return addresses,” the research team wrote. The RSB aspect of the exploit is what’s new, compared with Spectre and its other variants. It’s also why it is, so far, unfixed by any of the mitigations put in place by Intel, Google and others. The researchers tested SpectreRSB on Intel Haswell and Skylake processors and the SGX2 secure enclave in Core i7 Skylake chips.
  • Google Chrome implemented its new policy this week that any website not using HTTPS with a valid TLS certificate will be marked as “not secure.” In the latest version of the browser, Google Chrome version 68, users will see a warning message stating that the site in not secure. Google first announced the policy in February. “Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default,” Emily Schechter, Chrome Security product manager, wrote in the announcement. “HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP.”