I have the following 8TB drives for sale, warranty is up on all of them but all working as they should. Reason for sale is I upgraded to 14TB drives.
Seagate ST8000DM002 No Warranty (ended August 2018) Power On Hours Seagate ST8000VN002 No Warranty (ended April 2019) Power On Hours 18579 Seagate ST8000VN002 No Warranty (ended April 2019) Power On Hours 18584
£125.00 each shipped RMSD mainland UK
Have a 6TB WD Red potentially to list once I get around to it.
Sold I have a 14TB Western Digital Red drive for sale, it came out of a external duo drive but it’s a red label with 3 years warranty (will get exact warranty date) Reason for sale is I upgraded all of my NAS drives and this one was left over/not needed, opened but unused.
£280.00 shipped RMSD mainland UK
Sold to alitech £440 Seagate ST8000DM002 No Warranty (ended August 2018) Power On Hours 926 Seagate ST8000DM002 No Warranty (ended August 2018) Power On Hours 939 Western Digital WD80EFZX No Warranty (ended July 2019) Power On Hours 973 Western Digital WD80EFZX No Warranty (ended July 2019) Power On Hours 953
Enterprises are watching the development of the Kubernetes Cluster API project, which they hope will evolve into a declarative multi-cloud deployment standard for container infrastructure.
With a declarative API, developers can describe the desired outcome and the system handles the rest. Kubernetes today requires users to deploy a series of such APIs separately for each cloud provider and on-premises IT environment. This makes it difficult to take a cohesive, consistent approach to spinning up multiple clusters, especially in multi-cloud environments. Existing Kubernetes deployment procedures may also offer so many configuration options that it’s easy for end users to overcomplicate installations.
Enterprises that have taken a declarative, also known as immutable, approach to other layers of the IT infrastructure as they adopt DevOps want to enforce the same kind of simple, repeatable standards for Kubernetes clusters through a standard declarative API. Some IT shops have struggled and failed to implement their own APIs for those purposes, and say the community effort around Kubernetes Cluster API has better potential to achieve those goals than their individual projects.
One such company, German IT services provider Giant Swarm, created its own Kubernetes deployment API in 2017 to automate operations for more than 200 container clusters it manages for customers in multiple public clouds. It used a central Kubernetes management cluster fronted by the RESTful API to connect to Kubernetes Operators within each workload cluster. Eventually, though, Giant Swarm found that system too difficult to maintain as Kubernetes and cloud infrastructures continually changed.
“Managing an additional REST API is cumbersome, especially since users have to learn a new [interface],” said Marcel Müller, platform engineer at Giant Swarm, in an online presentation at a virtual IT conference held by API platform vendor Kong last month. “We had to restructure our API quite often, and sometimes we didn’t have the resources or knowledge to make the right long-term [architectural] decisions.”
Switching between cloud providers proved especially confusing and painful for users, since tooling is not transferable between them, Müller said.
“The conclusion we got to by early 2019 was that community collaboration would be really nice here,” he said. “A Kubernetes [special interest group] would take care of leading this development and ensuring it’s going in the correct direction — thankfully, this had already happened because others faced similar issues and come to the same conclusion.”
Marcel Müller Platform engineer, Giant Swarm
That special interest group (SIG), SIG-Cluster-Lifecycle, was formed in late 2017, and created Cluster API as a means to standardize Kubernetes deployments in multiple infrastructures. That project issued its first alpha release in March 2019, as Müller and his team grew frustrated with their internal project, and Giant Swarm began to track its progress as a potential replacement.
Cluster API installs Kubernetes across clouds using MachineSets, which are similar to the Kubernetes ReplicaSets Giant Swarm already uses. Users can also manage Cluster API through the familiar kubectl command line interface, rather than learning to use a separate RESTful API.
Still, the project is still in an early alpha phase, according to its GitHub page, and therefore changing rapidly; as an experimental project, it isn’t necessarily suited for production use yet. Giant Swarm will also need to transition gradually to Cluster API to ensure the stability of its Kubernetes environment, Müller said.
Cluster API bridges Kubernetes multi-cloud gap
Cluster API is an open source alternative to centralized Kubernetes control planes also offered by several IT vendors, such as Red Hat OpenShift, Rancher and VMware Tanzu. Some enterprises may prefer to let a vendor tackle the API integration problem and leave support to them as well. In either case, the underlying problem at hand is the same — as enterprise deployments expand and mature, they need to control and automate multiple Kubernetes clusters in multi-cloud environments.
For some users, multiple clusters are necessary to keep workloads portable across multiple infrastructure providers; others prefer to manage multiple clusters rather than deal with challenges that can emerge in Kubernetes networking and multi-tenant security at large scale. The core Kubernetes framework does not address this.
“[Users] need a ‘meta control plane’ because one doesn’t just run a single Kubernetes cluster,” said John Mitchell, an independent digital transformation consultant in San Francisco. “You end up needing to run multiple [clusters] for various reasons, so you need to be able to control and automate that.”
Before vendor products and Cluster API emerged, many early container adopters created their own tools similar to Giant Swarm’s internal API. In Mitchell’s previous role at SAP Ariba, the company created a project called Cobalt to build, deploy and operate application code on bare metal, AWS, Google Cloud and Kubernetes.
Mitchell isn’t yet convinced that Cluster API will be the winning approach for the rest of the industry, but it’s at least in the running.
“Somebody in the Kubernetes ecosystem will muddle their way to something that mostly works,” he said. “It might be Cluster API.”
SAP’s Concur Technologies subsidiary, meanwhile, created Scipian to watch for changes in Kubernetes custom resource definitions (CRDs) made as apps are updated. Scipian then launches Terraform jobs to automatically create, update and destroy Kubernetes infrastructure in response to those changes, so that Concur ops staff don’t have to manage those tasks manually. Scipian’s Terraform modules work well, but Cluster API might be a simpler mechanism once it’s integrated into the tool, said Dale Ragan, principal software design engineer at the expense management SaaS provider based in Bellevue, Wash.
“Terraform is very amenable to whatever you need it to do,” Ragan said. “But it can be almost too flexible for somebody without in-depth knowledge around infrastructure — you can create a network, for example, but did you create it in a secure way?”
With Cluster API, Ragan’s team may be able to enforce Kubernetes deployment standards more easily, without requiring users to have a background in the underlying toolset.
“We created a Terraform controller so we can run existing modules using kubectl [with Cluster API],” Ragan said. “As we progress further, we’re going to use CRDs to replace those modules … as a way to create infrastructure in ‘T-shirt sizes’ instead of talking about [technical details].”
As medical researchers around the world race to find answers to the COVID-19 pandemic, they need to gather as much clinical data as possible for analysis.
A key challenge many researchers face with clinical data is privacy and the mandate to protect confidential patient information. One way to overcome that privacy challenge is by using synthetic data, an approach that creates data that is not linked to personally identifiable information. Rather than encrypting or attempting to anonymize data to protect privacy, synthetic data represents a different approach that can be useful for medical researchers.
With synthetic data there are no real people, rather the data is a synthetic copy that is statistically comparable, but entirely composed of fictional patients, explained Ziv Ofek, founder and CEO of health IT vendor MDClone, based in Beer Sheba, Israel.
Other popular methods of protecting patient privacy, such as anonymization and encryption, aim to balance patient privacy and data utility. However, a privacy risk still remains because embedded within the data, even after diligent attempts to protect privacy, are real people, Ofek argued.
“There are no real people embedded within the synthetic data,” Ofek said. “Instead, the data is a statistical representation of the original and the risk of reidentification is no longer relevant, even though it may appear as real people and can be analyzed as if it were and yielding the same conclusions.”
Synthetic data in the real world
MDClone’s synthetic data technology is being used by Sheba Medical Center in Tel Aviv as part of its COVID-19 research.
Eyal Zimlichman, M.D.Deputy director general, Sheba Medical Center
The MDClone system is critical to his organization’s data efforts to gain more insights into COVID-19, the disease caused by the novel coronavirus, said Eyal Zimlichman, M.D., deputy director general, chief medical officer and chief innovation officer at Sheba Medical.
By regulation, synthetic data is not considered patient data and therefore is not subject to the IRB process. As opposed to real patient data, Ofek noted that synthetic data can be accessed freely by researchers, so long as the institution agrees to provide access.
“Synthetic data provides an opportunity to get quick answers to data-related questions without the need for an IRB approval,”Zimlichman said. “It also allows users to work on the data in their own environment, something we do not allow with real data.”
Zimlichman added that data science groups both within and outside the hospital are using the MDClone system to help predict COVID-19 patient outcomes, as well as to aid in determining a course of action for therapy.
Synthetic data accelerates time to insight
The MDClone platform includes a data engine for collecting and organizing patient data, the discovery studio for analysis and the Synthetic Data Engine for creating data. The vendor on April 14 released the MDClone Pandemic Response Package, which includes a predefined set of visualizations and analyses that are COVID-19-specific. The engine enables clients and networks to ask questions of COVID-19-related data and generate meaningful analysis, including cohort and population-level insights.
In the event a client wants to use their data to share, compare and collaborate with others, they can convert their original data into a synthetic copy for shared review and insight development.
“A synthetic collaboration model allows for that conversation to take place with data flows and analysis performed across both systems without patient privacy and security risks,” Ofek said.
Ofek added that the synthetic model and platform access capability enables clients to invite research and collaboration partners into their data environment rather than simply sharing files on demand. With MDClone, the client’s research and collaboration partners are able to log in to the MDClone data lake and then get access to the data and exploration tools with synthetic output.
“In the context of the pandemic, organizations leveraging the platform can offer partners unfettered synthetic access to accelerate exploration into new avenues for treatment,” Ofek said. “Idea generation and data reviews that enable real-world analysis is our pathway to finding and broadcasting the best healthcare professionals can offer as we combat the disease.”
When the CEO realizes they deleted a vital email thread three weeks ago, email recovery becomes suddenly becomes an urgent task. Sure, you can look in the Deleted Items folder in Outlook, but beyond that, how can you recover what has undergone “permanent” deletion? In this article, we review how you can save the day by bringing supposedly unrecoverable email back from the great beyond.
Before we continue, we know that for all Microsoft 365 admins security is a priority. And in the current climate of COVID-19, it’s well documented how hackers are working around the clock to exploit vulnerabilities. As such, we assembled two Microsoft experts to discuss the critical security features in Microsoft 365 you should be using right now in a free webinar on May 27. Don’t miss out on this must-attend event – save your seat now!
Now onto saving your emails!
Deleted Email Recovery in Microsoft And Office 365
Email Recovery for Outlook in Exchange Online through Microsoft and Office can be as simple as dragging and dropping the wayward email from the Deleted Items folder to your Inbox. But what do you do when you can’t find the email you want to recover?
First, let’s look at how email recovery is structured in Microsoft 365. There are few more layers here than you might think! In Microsoft 365, deleted email can be in one of three states: Deleted, Soft-Deleted, or Hard-Deleted. The way you recover email and how long you have to do so depends on the email’s delete status and the applicable retention policy.
Let’s walk through the following graphic and talk about how email gets from one state to another, the default policies, how to recover deleted email in each state, and a few tips along the way.
Items vs. Email
Outlook is all about email yet also has tasks, contacts, calendar events, and other types of information. For example, you can delete calendar entries and may be called on to recover them, just like email. For this reason, the folder for deleted content is called “Deleted Items.” Also, when discussing deletions and recovery, it is common to refer to “items” rather than limiting the discussion to just email.
Various rules control the retention period for items in the different states of deletion. A policy is an automatically applied action that enforces a rule related to services. Microsoft 365 has hundreds of policies you can tweak to suit your requirements. See Overview of Retention policies for more information.
‘Deleted Items’ Email
When you press the Delete key on an email in Outlook, it’s moved to the Deleted Items folder. That email is now in the “Deleted” state, which simply means it moved to the Deleted Items folder. How long does Outlook retain deleted email? By default – forever! You can recover your deleted mail with just a drag and drop to your Inbox. Done!
If you can’t locate the email in the Deleted Items folder, double-check that you have the Deleted Items folder selected, then scroll to the bottom of the email list. Look for the following message:
If you see the above message, your cache settings may be keeping only part of the content in Outlook and rest in the cloud. The cache helps to keep mailbox sizes lower on your hard drive, which in turn speeds up search and load times. Click on the link to download the missing messages.
But I Didn’t Delete It!
If you find content in the Deleted Items and are sure you did not delete it, you may be right! Administrators can set Microsoft 365 policy to delete old Inbox content automatically.
Mail can ‘disappear’ another way. Some companies enable a personal archive mailbox for users. When enabled, by default, any mail two years or older will “disappear” from your Inbox and the Deleted Items folder. However, there is no need to worry. While apparently missing, the email has simply moved to the Archives Inbox. A personal Archives Inbox shows up as a stand-alone mailbox in Outlook, as shown below.
As a result, it’s a good idea to search the Archives Inbox, if it is present when searching for older messages.
Another setting to check is one that deletes email when Outlook is closed. Access this setting in Outlook by clicking “File,” then “Options,” and finally “Advanced” to display this window:
If enabled, Outlook empties the Deleted Items when closed. The deleted email then moves to the ‘soft-delete’ state, which is covered next. Keep in mind that with this setting, all emails will be permanently deleted after 28 days
The next stage in the process is Soft-Deleted. Soft-Deleted email is in the Deleted-Items folder but is still easily recovered. At a technical level, the mail is deleted locally from Outlook and placed in the Exchange Online folder named Deletions, which is a sub-folder of Recoverable Items. Any content in Recoverable Items folder in Exchange Online is, by definition, considered soft-deleted.
There are three ways to soft-delete mail or other Outlook items.
Delete an item already in the Deleted Items folder. When you manually delete something that is already in the Deleted Items folder, the item is soft-deleted. Any process, manual or otherwise that deletes content from this folder results in a ‘soft-delete’
Pressing Shift + Delete on an email in your Outlook Inbox will bring up a dialog box asking if you wish to “permanently” delete the email. Clicking Yes will remove the email from the Deleted-Items folder but only perform a soft-delete. You can still recover the item if you do so within the 14 day retention period.
The final way items can be soft-deleted is by using Outlook policies or rules. By default, there are no policies that will automatically remove mail from the Deleted-Items folder in Outlook. However, users can create rules that ‘permanently’ (soft-delete) email. If you’re troubleshooting missing email, have the user check for such rules as shown below. You can click Rules on the Home menu and examine any created rules in the Rules Wizard shown below.
Note that the caution is a bit misleading as the rule’s action will soft-delete the email, which, as already stated, is not an immediate permanent deletion.
Recovering soft-deleted mail
You can recover soft-deleted mail directly in Outlook. Be sure the Deleted Items folder is selected, then look for “Recover items recently removed from this folder“ at the top of the mail column, or the “Recover Deleted Items from Server” action on the Home menu bar.
Clicking on the recover items link opens the Recover Deleted Items window.
Click on the items you want to recover or Select All, and click OK.
NOTE: The recovered email returns to your Deleted Items folder. Be sure to move it into your Inbox.
If the email you’re looking for is not listed, it could have moved to the next stage: ‘Hard-Deleted.’
While users can recover soft-deleted email, Administrators can also recover soft-deleted email on their behalf using the ‘Hard-Deleted’ email recovery process described next (which works for both hard and soft deletions). Also, Microsoft has created two PowerShell commands very useful in this process for those who would rather script the tasks. You can use the Get-RecoverableItems and Restore-RecoverableItems cmdlets to search and restore soft-deleted email.
The next stage for deletion is ‘Hard Delete.’ Technically, items are hard deleted when items moved from the Recoverable folder to the Purges folder in Exchange online. Administrators can still recover items in the folder with the recovery period set by policy which ranges from 14 (the default) to 30 (the maximum). You can extend the retention beyond 30 days by placing legal or litigation hold on the item or mailbox.
How items become Hard-Deleted
There are two ways content becomes hard-deleted.
By policy, soft-deleted email is moved to the hard-deleted stage when the retention period expires.
Users can hard-delete mail manually by selecting the Purge option in the Recover Deleted Items window shown above. (Again, choosing to ‘permanently delete’ mail with Shift + Del, results in a soft-delete, not a hard-delete.)
Recovering Hard-Deleted Mail
Once email enters the hard-delete stage, users can no longer recover the content. Only service administrators with the proper privileges can initiate recovery, and no administrators have those privileges by default, not even the global admin. The global admin does have the right to assign privileges so that they can give themselves (or others) the necessary rights. Privacy is a concern here since administrators with these privileges can search and export a user’s email.
Microsoft’s online documentation Recover deleted items in a user’s mailbox details the step-by-step instructions for recovering hard-deleted content. The process is a bit messy compared to other administrative tasks. As an overview, the administrator will:
Assign the required permissions
Search the Inbox for the missing email
Copy the results to a Discovery mailbox where you can view mail in the Purged folder (optional).
Export the results to a PST file.
Import the PST to Outlook on the user’s system and locate the missing email in the Purged folder
Last Chance Recovery
Once hard-deleted items are purged, they are no longer discoverable by any method by users or administrators. You should consider the recovery of such content as unlikely. That said, if the email you are looking for is not recoverable by any of the above methods, you can open a ticket with Microsoft 365 Support. In some circumstances, they may be able to find the email that has been purged but not yet overwritten. They may or may not be willing to look for the email, but it can’t hurt to ask, and it has happened.
What about using Outlook to backup email?
Outlook does allow a user to export email to a PST file. To do this, click “File” in the Outlook main menu, then “Import & Export” as shown below.
You can specify what you want to export and even protect the file with a password.
While useful from time to time, a backup plan that depends on users manually exporting content to a local file doesn’t scale and isn’t reliable. Consequently, don’t rely on this as a possible backup and recovery solution.
After reading this, you may be thinking, “isn’t there an easier way?” A service like Altaro Office 365 Backup allows you to recover from point-in-time snapshots of an inbox or other Microsoft 365 content. Having a service like this when you get that urgent call to recover a mail from a month ago can be a lifesaver.
Users can recover most deleted email without administrator intervention. Often, deleted email simply sits in the Deleted folder until manually cleared. When that occurs, email enters the ‘soft-deleted stage,’ and is easily restored by a user within 14-days. After this period, the item enters the ‘hard-deleted’ state. A service administrator can recover hard-deleted items within the recovery window. After the hard-deleted state, email should be considered uncoverable. Policies can be applied to extend the retention times of deleted mail in any state. While administrators can go far with the web-based administration tools, the entire recovery process can be scripted with PowerShell to customize and scale larger projects or provide granular discovery. It is always a great idea to use a backup solution designed for Microsoft 365, such as Altaro Office 365 Backup.
Finally, if you haven’t done so already, remember to save your seat on our upcoming must-attend webinar for all Microsoft 365 admins:
Is Your Office 365 Data Secure?
Did you know Microsoft does not back up Office 365 data? Most people assume their emails, contacts and calendar events are saved somewhere but they’re not. Secure your Office 365 data today using Altaro Office 365 Backup – the reliable and cost-effective mailbox backup, recovery and backup storage solution for companies and MSPs.
Data centers have become an important part of our data-driven world. They act as a repository for servers, storage systems, routers and all manner of IT equipment and can stretch as large as an entire building — especially in an age of AI that requires advanced computing
Establishing how much power these data centers utilize and the environmental impact they have can be difficult, but according to a recent paper in Science Magazine, the entire data center industry in 2018 utilized an estimated 205 TWh. This roughly translates to 1% of global electricity consumption.
Enterprises that utilize large data centers can use AI, advancements in storage capacity and more efficient servers to mitigate the power required for the necessary expansion of data centers.
The rise of the data center
Collecting and storing data is fundamental to business operation, and while having your own infrastructure can be costly and challenging, having unlimited access to this information is crucial to advancements.
Provoking the most coverage because of their massive size, data centers of tech giants like Google and Amazon often require the same amount of energy as small towns. But there is more behind these numbers, according to Eric Masanet, associate professor of Mechanical Engineering and Chemical and Biological Engineering at Northwestern University and coauthor of the aforementioned article.
The last detailed estimates of global data center energy use appeared in 2011, Masanet said.
Since that time, Masanet said, there have been many claims that the world’s data centers were requiring more and more energy. This has given policymakers and the public the impression that data centers’ energy use and related carbon emissions have become a problem.
Counter to this, Masanet and his colleagues’ studies on the evolution of storage, server and network technology found that efficiency gains have significantly mitigated the growth in energy usage in this area. From 2010 to 2018, compute instances went up by 550%, while energy usage increased just 6% in the same time frame. While data center energy usage is on the rise, it has been curbed dramatically through the development of different strategies.
Getting a step ahead of the data center footprint
The workings behind mediated energy increases are all tied to advancements in technology. Servers have become more efficient, and the partitioning of servers through server virtualization has curbed the energy required for the rapid growth of compute instances.
A similar trend is noticeable in the storage of data. While the demand has significantly increased, the combination of storage-drive efficiencies and densities has limited total increase of global storage energy usage to just threefold. To further curb the rising desire for more data and therefore the rising energy costs and environmental impact, companies integrating AI when designing their data centers.
“You certainly could leverage AI to analyze utility consumption data and optimize cost,” said Scott Laliberte, a managing director with Protiviti and leader of the firm’s Emerging Technologies practice.
“The key for that would be having the right data available and developing and training the model to optimize the cost.”
By having AI collect data on their data centers and optimizing the energy usage, these companies can help mitigate the power costs, especially concerning cooling, one of the more costly and concerning of the processes within data centers.
“The strategy changed a little bit — like trying to build data centers below ground or trying to be near water resources,” said Juan José López Murphy, Technical Director and Data Science Practice Lead at Globant, a digitally native services company.
But cooling these data centers has been such a large part of their energy usage that companies have had to be creative. Companies like AWS and GCP are trying new locations like the middle of the desert or underground and trying to develop cooling systems that are based on water and not just air, Murphy said.
Google utilizes an algorithm that manages cooling at some of their data centers that can learn from data gathered and limit energy consumption by adjusting cooling configurations.
For the time being, both the demand for data centers and their efficiency has grown. Now the advancement of servers and storage drives as well as the implementation of AI in the building process has almost matched the growing energy demand. This may not continue, however.
“Historical efficiency gains may not be able to outpace rapidly rising demand for data center services in the not-too-distant future,” Masanet said. “Clearly greater attention to data center energy use is warranted.”
The increased efficiencies have done well to stem the tide of demand, but the future remains uncertain for data center’s energy requirements.
Databases have long been used for transactional and analytics use cases, but they also have practical utility to help enablemachine learningcapabilities. After all, machine learning is all about deriving insights from data, which is often stored inside a database.
San Francisco-based database vendorSplice Machineis taking an integrated approach to enabling machine learning with its eponymous database. Splice Machine is a distributed SQLrelational database management systemthat includes machine learning capabilities as part of the overall platform.
Splice Machine 3.0 became generally available on March 3, bringing with it updated machine learning capabilities. It also hasnew Kubernetescloud native-based model for cloud deployment and enhanced replication features.
In this Q&A, Monte Zweben,co-founder and CEOof Splice Machine, discusses the intersection of machine learning and databases and provides insight into the big changes that have occurred in the data landscape in recent years.
How do you integrate machine learning capabilities with a database?
Monte Zweben: The data platform itself has tables, rows and schema. The machine learning manager that we have native to the database has notebooks for developing models,Pythonfor manipulating the data, algorithms that allow you to model and model workflow management that allows you to track the metadata on models as they go through their experimentation process. And finally we have in-database deployment.
So as an example, imagine a data scientist working in SpliceMachine working in the insurance industry. They have an application for claims processing and they are building out models inside Splice Machine to predict claims fraud. There’s a function in SpliceMachine called deploy, and what it will do is take a table and a model to generate database code. The deploy function builds a trigger on the database table that tells the table to call a stored procedure that has the model in it for every new record that comes in the table.
So what does this mean in plain English? Let’s say in the claims table, every time new claims would come in, the system would automatically trigger, grab those claims, run the model that predicts claim cause and outputs those predictions in another table. And now all of a sudden, you have real-time, in-the-moment machine learning that is detecting claim fraud on first notice of loss.
What does distributed SQL mean to you?
Zweben: So at its heart, it’s about sharing data across multiple nodes. That provides you the ability to parallelize computation and gain elastic scalability. That is the most important distributed attribute of Splice Machine.
In our new 3.0 release, we just added distributed replication. It’s another element of distribution where you have secondary Splice Machine instances in geo-replicated areas, to handle failover for disaster recovery.
What’s new in Splice Machine 3.0?
Zweben: We moved our cloud stack for SpliceMachines from an oldMesosarchitecture to Kubernetes. Now our container-based architecture is all Kubernetes, and that has given us the opportunity to enable the separation of storage and compute. You literally can pause Splice Machine clusters and turn them back on. This is a great utility for consumption based usage of databases.
Along with our upgrade to Kubernetes, we also upgraded our machine learning manager from an older notebook technology calledZeppelinto a newer notebook technology that has really gained momentum in the marketplace, as much as Kubernetes has in the DevOps world.Jupyternotebooks have taken off in the data science space.
We’ve also enhanced our workflow management tool calledmlflow, which is an open source tool that originated with Databricks and we’re part of that community. Mlflow allows data scientists to track their experiments and has that record of metadata available for governance.
What’s your view on open source and the risk of a big cloud vendor cannibalizing open source database technology?
Zweben: We do compose many different open source projects into a seamless and highly performant integration. Our secret sauce is how we put these things together at a very low level, with transactional integrity, to enable a single integrated system. This composition that we put together is open source, so that all of the pieces of our data platform are available in our open source repository, and people can see the source code right now.
I’m intensely worried about cloud cannibalization. I switched to anAGPLlicense specifically to protect against cannibalization by cloud vendors.
On the other hand, we believe we’re moving up the stack. If you look at our machine learning package, and how it’s so inextricably linked with the database, and the reference applications that we have in different segments, we’re going to be delivering more and more higher-level application functionality.
What are some of the biggest changes you’ve seen in the data landscape over the seven years you’ve been running Splice Machine?
Zweben: With the first generation of big data, it was all aboutdata lakes, and let’s just get all the data the company has intoone repository.Unfortunately, that has proven time and time again, at company after company, to just be data swamps.
Data repositories work, they’re scalable, but they don’t have anyone using the data, and this was a mistake for several reasons.
Monte ZwebenCo-founder and CEO, Splice Machine
Instead of thinking about storing the data,companiesshould think about how to use thedata. Start with the application and how you are going to make the application leverage new data sources.
The second reason why this was a mistake was organizationally, because the data scientists who know AI were all centralized in one data science group, away from the application. They are not the subject matter experts for the application.
When you focus on the application and retrofit the application to make it smart and inject AI, you can get a multidisciplinary team. You have app developers, architects, subject-matter experts, data engineers and data scientists, all working together on one purpose. That is a radically more effective and productive organizational structure for modernizing applications with AI.
Data breaches occur on a daily basis. They can’t be avoided in our interconnected world, but you can take a proactive approach to reduce your risk.
While the internet has been a boon for organizations that rely on remote users and hybrid services, it’s now easier than ever for an intrepid hacker to poke at weak points at the perimeter to try and find a way inside. Windows Server is a key IT infrastructure component for most enterprises that handles numerous tasks — such as authentication — and runs critical workloads, namely Exchange Server, SQL Server and Hyper-V. Due to its ubiquitous nature, Windows Server is a natural target for hackers seeking a foothold inside your company. There are many Microsoft security products and native features in the newer Windows Server designed to keep sensitive information from spreading beyond your organization’s borders.
Microsoft security in Windows Server improved with the Server 2019 release by updating existing protections and adding new functionality geared to prevent the exposure of sensitive information. The company also offers several cloud-based products that integrate with the Windows operating system to warn administrators of trending threats that could affect their systems.
What are some features in Microsoft Defender ATP?
Microsoft Defender Advanced Threat Protection — formerly, Windows Defender ATP — supplements existing security measures while also providing a cloud-based platform with a range of capabilities, including response to active attacks, automated investigation of suspicious incidents and a scoring system that determines the level of vulnerability for each endpoint.
Microsoft Defender ATP, which underwent a name change in 2019 when the product was extended to protect Mac systems, features multiple proactive and reactive methods to protect organizations from many forms of cyberattacks. For example, to keep an endpoint from being susceptible to a common intrusion method via a Microsoft Office application, Microsoft Defender ATP can prevent the application from launching a child process.
Microsoft Defender ATP gathers information from a vast array of resources — such as different events on on-premises Windows systems and the Office 365 cloud collaboration platform — that Microsoft analyzes to detect patterns, such as certain command-line actions, that could indicate malicious behavior. Microsoft Defender ATP integrates with several Azure security products for additional protection. For example, by connecting to Azure Security Center, administrators get a dashboard that highlights suspicious activity in the organization with recommended actions to execute to prevent further damage.
Microsoft security features in this offering were tailored for Windows Server 2019 customers to prevent attacks that start either in the kernel or memory — sometimes called file-less attacks — of the operating system. Microsoft Defender ATP eases the onboarding process for this server OS through System Center Configuration Manager with a script.
What new SDN security features are in Windows Server 2019?
Abstracting the operations work associated with networking offers administrators a way to add some agility in an area not typically known for its nimbleness. Software-defined networking (SDN) gives IT newfound abilities via a centralized management platform for network devices to make it easier to perform certain tasks, such as ensuring specific workloads get enough bandwidth to meet performance expectations. But SDN is not immune to traditional threats if a malicious actor gains network access and proceeds to sniff traffic to scoop up credentials and other valuable information.
Microsoft enhanced the security aspect of its Windows Server 2019 SDN functionality by introducing several features to avoid data leakage, even if the data center defenses failed to stop unauthorized system access.
By implementing the “encrypted networks” feature, organizations add another layer of security around data that moves between VMs inside a particular subnet by encoding the information. Other noteworthy SDN security additions for the Server 2019 OS include more granular control over access control lists to avoid security gaps and firewall auditing on Hyper-V hosts for further investigation of suspicious incidents.
Where can I use BitLocker encryption in my environment?
Microsoft released its BitLocker encryption feature for on-premises Windows systems, starting with the Vista operating system in 2007. Since that time, the company has continued to develop ways to use this technology in more places, both in the data center and beyond.
BitLocker started out as an encryption method to protect all the contents in a hard drive. That way, even if a laptop was stolen, prying eyes would not be able to do anything with the confidential data stored on the device due to the length of time it would take to do a brute-force hack of even a less-secure 128-bit key.
Using BitLocker, while effective to thwart hackers, can frustrate users when they need to authenticate every time they need to use a device or when a BitLocker-encrypted server requires an additional login process after a reboot. Microsoft developed a feature dubbed BitLocker Network Unlock, debuting with Windows 8 and Windows Server 2012, that uses the physical network to deliver the encrypted network key so protected systems can unlock if they are connected to the corporate network.
Microsoft extended BitLocker technology to the cloud to give administrators a way to put additional safeguards around sensitive Azure VMs with the platform’s Azure Disk Encryption feature for full volume protection of disks. For this type of deployment, the Azure Key Vault is used for key management.
What are some recent security features added to Hyper-V?
Data leakage can tarnish a company’s reputation, but it can be an expensive lesson for lax security practices if regulators determine a privacy law, such as the GDPR, was broken.
Organizations that use the Hyper-V platform get the typical benefits acquired by consolidating multiple workloads on a single host in a virtualized arrangement.
But Microsoft continues to help administrators who operate in sensitive environments by adding virtualization-based security features with each successive Windows Server release to reduce the probability of a data breach, even if an intruder makes their way past the firewall and other defensive schemes.
Microsoft added shielded VMs in Windows Server 2016, which encrypts these virtualized workloads to prevent access to their data if, for example, the VM is copied from the sanctioned environment. In Windows Server 2019, Microsoft extended this protection feature to Linux workloads that run on Hyper-V when the VMs are at rest or as they shift to another Hyper-V host.
“You can’t say civilization don’t advance… in every war they kill you in a new way.” – Will Rogers
Software is eating the world. Cloud, RPA and AI are becoming increasingly common and a necessary part of every business that wishes to thrive or survive in the age of digital transformation, whether for lowering operational costs or to remain in the competition. But as we increasingly digitalize our work, we’re opening new doors for cybersecurity threats. Here, we dive into the technological advancements in the past year to learn how we can use those progresses without getting burnt.
From office devices to home appliances, our “anytime, anywhere” needs require every peripheral to connect to the internet and our smartphones. But simultaneously, the new IT landscape has created a massive attack vector. SonicWall’s Annual Threat Report discovered a 217% increase in IoT attacks, while their Q3 Threat Data Report discovered 25 million attacks in the third quarter alone, a 33% increase that shows the continued relevance of IoT attacks in 2020.
IoT devices collect our private data for seemingly legitimate purposes, but when a hacker gains access to those devices, they offer the perfect means for spying and tracking. The FBI recently warned against one such example of the cybersecurity threat concerning smart TVs, which are equipped with internet streaming and facial recognition capabilities.
As governments increasingly use cyberattacks as part of their aggressive policies, the problem only gets worse. IoT devices were usually exploited for creating botnet armies to launch distributed denial-of-service attacks, but in April 2019, Microsoft announced that Russian state-sponsored hackers used IoT devices to breach corporate networks. The attackers initially broke into a voice over IP phone, an office printer and a video decoder and then used that foothold to scan for other vulnerabilities within their target’s internal networks.
Some of the hacks mentioned above were facilitated because the devices were deployed with default manufacturer passwords, or because the latest security update was not installed. But with the IoT rush, new cybersecurity threats and attack vectors emerge. “When new IoT devices are created, risk reduction is frequently an afterthought. It is not always a top priority for device makers to create security measures since no initial incentive is seen due to a lack of profit,” warned Hagay Katz, vice president of cybersecurity at Allot, a global provider of innovative network intelligence and security solutions. “Most devices suffer from built-in vulnerabilities and are not designed to run any third-party endpoint security software. For many consumers, cybersecurity has been synonymous with antivirus. But those days are long gone,” he said.
To fight against the new cybersecurity threats, Katz recommended turning to a communications service providers (CSP). “Through machine learning techniques and visibility provided by the CSP, all the devices are identified. A default security policy is then applied for each device and the network is segregated to block lateral malware propagation. By simply adding a software agent on the subscriber’s existing consumer premise equipment, CSPs can easily roll out a network or router-based solution that protects all the consumer’s IoT devices.”
We also need to consider whether we really need an IoT version of everything. In the words of Ryan Trost, co-founder and CTO of ThreatQuotient who has over 15 years of security experience focusing on intrusion detection and cyber intelligence: “I can appreciate the benefits of every single student having a tablet (or equivalent) for schooling. However, I struggle to find the legitimacy of why my refrigerator needs an Internet connection, or for that matter, a video conferencing feature.”
While the next generation network takes AI, VR and IoT to new levels, it’s also creating new problems. “5G utilizes millimeter waves, which have a much shorter range than the conventional lower-frequency radio waves. This is where the source of the greatest [cybersecurity] threat in 5G infrastructure originates from,” warned Abdul Rehman, a cybersecurity editor at VPNRanks. “An attacker can steal your data by setting up a fake cell tower near your home and learn a great deal about the device you are using including location, phone model, operating system, etc. These can even be used to listen in on your phone calls.” To mitigate the risk, Rehman suggests relying on strong encryption.
We’ve previously talked about how AI is vulnerable to data poisoning attacks. As the technology advances, new forms of cybersecurity threats emerge. Voice deepfakes are one of such threats, where hackers impersonate C-level executives, politicians or other high-profile individuals. “Employees are tricked into sending money to scammers or revealing sensitive information after getting voice messages and calls that sound like they are from the CFO or other executives,” said Curtis Simpson, CISO at IoT security company Armis. “We’ve already seen one fraudulent bank transfer convert to $243,000 for criminals. Given how hard it is to identify these deepfakes compared to standard phishing attacks, I expect these operations will become the norm in the new year.”
It only takes one wrong click for a hacker to implant malware or open a backdoor. Unfortunately, that could be the undoing of all other security measures put in place to protect the network. “No one is off limits when it comes to cybersecurity threats,” warned PJ Kirner, CTO and founder of Illumio, which develops adaptive micro-segmentation technologies to prevent the spread of breaches. Children could end up installing malware on their parents’ phones. According to Kirner, “our sons and daughters will quickly become a new threat vector to enterprise security.”
Robotic process automation
A Gartner report showed the annual growth of RPA software and projected that revenue will grow to $1.3 billion by 2019. “In 2020, [RPA] will continue its disruptive rise and become even more ingrained in our everyday lives,” predicted Darrell Long, vice president of product management at One Identity, an identity and access management provider. “However, with the rapid adoption of RPA, security has become an afterthought, leaving major vulnerabilities.” RPA technologies hold privileged data and that makes them lucrative targets for cybercriminals. CIOs must pay close attention to the security of the RPA tools they use and the data they expose to ensure their business is not infiltrated by malicious actors.
Cybercrimes are not only rising — they are also evolving. Attackers have realized that data in storage systems are key to an organization’s operations. “Hackers are now targeting network attached storage (NAS) devices, according to the data revealed in a new Kaspersky report. This new type of attack presents a significant problem to businesses using only NAS devices to store their backups,” said Doug Hazelman, a software industry veteran with over 20 years of experience.
According to Kaspersky, there was little evidence of NAS attacks in 2018, but as hackers realized the benefits, they caught users off guard since NAS devices typically don’t run antivirus or anti-malware products. Hackers exploited this shortcoming to put 19,000 QNAP NAS devices at risk.
Organizations should keep their systems updated with the latest security patches and ensure only necessary devices are reachable from public networks. Per Hazelman’s recommendation, “to prevent cybercriminals from infecting backups with malicious software, CIOs should ensure company backups are being stored on two different media types, one of which being cloud storage, which has several benefits, including increased security.”
Reaching for the clouds
Contrary to the other technologies on this list, ransomware has largely left the cloud untouched. However, as companies continue to transition their servers and data to the cloud for more cost-efficient solutions, criminals will shift their focus. The current attacks have largely been due to cloud misconfigurations or stolen credentials, but since the cloud has become a one-stop shop for all data, it’s becoming the new battleground.
What we need to do about cybersecurity threats
By now, we’ve seen how devastating cyberattacks can be, and that the risks are steadily increasing. Security must be a priority and not an afterthought. While new technologies promise convenience and increased returns, CIOs must make sure the security risks do not outweigh the gains.
I have 3 BT hubs I’ve just cleared out of my loft, one is a Hub 5 and two are Hub 4’s. I think from memory they were working but I can’t be 100% positive, we were having problems with our broadband and they kept sending my routers but it turned out to be the connection that was the problem.
Anyway they are free to anybody that wants them, if you can cover the postage that would be great.
As SAP customers contemplate an SAP S/4HANA migration, they have to work through big questions like what infrastructure it will run on and how to handle business processes. One of the keys to asuccessful S/4HANA migrationwill be which part of the organization sets the project parameters, IT or business.
SAP expert Ekrem Hatip, senior solution architect at Syntax Systems, advises that because an S/4HANA migration is a fundamentally different project than a normal system upgrade, such as fromSAP R/3toSAP ECC, organizations must approach it differently. In this Q&A, Hatip discusses some of the issues that organizations need to consider as they embark on an S/4HANA journey.
Syntax Systems is based in Montreal and providesmanaged servicesfor SAP systems, including hosting SAP systems in Syntax Systems data centers and running SAP systems on public cloud provider infrastructures.
How are Syntax customers approaching a possible S/4HANA migration? Is it on their minds?
Ekrem Hatip: Over the last few years we have brought up the S/4HANA topic even if the customer doesn’t show immediate interest in doing that. We discuss with them what S/4HANA is, what are the advantages, and what are the innovations that S/4HANA introduces. We look at the customers’ existing landscape and discuss the possible migration paths from their system to an S/4HANA system. We talk about the business requirements, because an S/4HANA conversion is not a technical upgrade — it’s not a technical conversion from one database to another. It touches every aspect of their business processes, and we want to make sure that customers are aware that it is a sizable project.
Are customers eager to move or are they holding back now?
Hatip: Most customers are happy with what they have right now — with their SAP implementation. It satisfies their current needs and they don’t see an immediate reason to go to S/4HANA other than the fact that SAP has put the 2025 date in front of them [when SAP will end support for SAP ECC]. We can help our customers to understand what is ahead of them.
So educating them on what to expect is the first step of an S/4HANA migration?
Hatip: Absolutely. Most people don’t know much about SAP HANA let alone S/4HANA. Their expectation is, just like when they upgraded from R/3 to ECC, they will go ahead and just upgrade their system over one weekend. Then come Monday morning, they will continue running as they used to run on a shiny new system. We have to make sure that they understand this is not the case. Most of their business processes will be touched and most of the business processes might need to be modified or dropped. I also tell customers — especially if they’re going with a greenfield implementation — to keep their customizations at minimum. Everything seems to be going into cloud and S/4HANA Cloud is out there. So, I tell them if they can limit their customizations, they’ll be able to go to S/4HANA Cloud for the true SaaS experience.
Are customers considering any other systems as an alternative to an S/4HANA migration?
Hatip: For many customers SAP is the core of their business operations, and I haven’t yet seen any customers who are considering going to other solutions than SAP for their core business. So, it’s more likely they’re considering if they want to remain on ECC for as long as they can before moving to S/4HANA. With that said, I have seen that some customers are now considering alternatives to some of the peripheral systems offered by SAP. For example, one customer who was using BOB-J [SAP BusinessObjects BI] for its reporting is now considering using Microsoft Power BI on Azure. Do I know whether this is driven by the fact that they need to go to S/4HANA or not? I don’t know, but my observation is that some customers are considering alternatives for the systems surrounding their core SAP environment.
What are the most critical issues to consider as you make the S/4HANA decision?
Hatip: Unlike the previous conversions or upgrades, an S/4HANA conversion is not an IT-driven decision. It should definitely be a business-driven decision. It should be coming from the top and presented to the IT department, as opposed to the IT department going back and saying, this operating system is going out of support or that database is going out of support, so we have to upgrade. It should definitely be coming from the business side. Therefore, not only should the CIO be convinced to go to S/4HANA, at the same time CEOs and COOs should also be in the decision-making process. An S/4HANA conversion is a lengthy and fairly complex project, but at the same time it allows customers to clean up their existing legacy systems. Customers can use the opportunity to clean up data and review hardware or server requirements, or they can definitely leverage the public cloud offerings when they decide to go to S/4HANA. Finally, CIOs and the IT department should try to keep their customizations at a minimum in order to future-proof their environment.