MAY/JUNE 2014
www.itincanadaonline.ca
ON LOCATION AT EMC WORLD PAGE 10
CRITICAL INSIGHT FOR CHANNEL MANAGEMENT
Publication Mail Registration Number: 42169527
SECURING THE ENTERPRISE
www.itincanadaonline.ca
SECURING THE CLOUD PAGE 13
media:scape™
furniture and technology merged to help teams access and share information www.steelcase.com/cometogether
expect more
Contact us to learn more
·media:scape™ creates a collaborative destination ·Everyone can share their digital information instantly ·Information is visible by all participants
POI Business Interiors has more than 50 years of experience in providing knowledge, products and services that help people work more effectively. We understand the issues facing organizations today. T 888 296 9967, F 905 479 6941 www.poi.ca info@poi.ca
CONTENTS
VOL 5 NO 2 MAY/JUNE 2014
13 Staying safe in the cloud Features 8 Cloudy with a chance of... Educating cloud users is challenge, but a necessity By Eric Jacksch 9 SMB APTs? OMG FortiGuard’s Richard Henderson shares tips for SMBs to protect themselves from APTs By Chris Rogers 10 On Location EMC made some important announcements at EMC World Las Vegas By Amy Allen 12 The end is near Microsoft will stop support for Windows Server 2003 next year – are you ready? By Ruth Morton 13 Staying safe in the cloud Symplegades’ Ian Gertler discusses how safe the cloud really is By Rachel Levy Sarfin 14 Test Bed Chris Rogers reviews the HP 8630 printer By Chris Rogers
Cover: Securing the enterprise Departments 4 Editorial 6 Channel News Our roundup of channel news stories 17 Distractions Weird and wonderful tech news
Online Extras: www.itincanadaonline.ca Missed an issue? Misplaced an article? Visit www.itincanadaonline.ca for a full archive of past IT in Canada Channel issues, as well as online extras from our many contributors. May/June 2014 IT in Canada Channel / 3
EDITORIAL
By Rachel Levy Sarfin
CRITICAL INSIGHT FOR CHANNEL MANAGEMENT EDITORIAL MANAGING EDITOR: RACHEL LEVY SARFIN
rachel.sarfin@iticonline.ca
STAFF WRITERS: AMY ALLEN
amy.allen@iticonline.ca
DANIELA FISHER
daniela.fisher@iticonline.ca
CONTRIBUTORS: ERIC JACKSCH, CHRIS ROGERS SALES NATIONAL ACCOUNT MANAGER: PATRICIA BUSH
905-727-4091 x336 trish.bush@iticonline.ca
ACCOUNT MANAGER: LASKEY HART
905-503-1376 laskey.hart@iticonline.ca
EVENTS EVENTS MANAGER: SANDRA SERVICE
sandra.service@iticonline.ca
ART & PRODUCTION ART DIRECTOR: ELENA PANKOVA
circulation@iticonline.ca
SUBSCRIPTIONS AND ADDRESS CHANGES CIRCULATION DIRECTOR: JAMES WATSON
circulation@iticonline.ca
CIRCULATION COORDINATOR
circulation@iticonline.ca
GENERAL INQUIRIES
24-4 Vata Court, Aurora, ON, L4G 4B6 Phone 905-727 4091 Fax 905-727-4428 CORPORATE COO AND GROUP PUBLISHER: JOHN JONES
publisher@iticonline.ca www.itincanadaonline.ca
PUBLISHER’S MAIL AGREEMENT: 42169527 IT in Canada Channel magazine is published six times per year. All opinions expressed herein are those of the contributors and do not necessarily reflect the views of the publisher or any person or organization associated with the magazine. Letters, submissions, comments and suggested topics are welcome, and should be sent to publisher@iticonline.ca
www.itincanadaonline.ca REPRINT INFORMATION
High quality reprints of articles and additional copies of the magazine are available through circulation@iticonline.ca or by phone: 905-727-4091
Securing the enterprise
T
he year is barely half over, and it seems that hardly a week goes by without a major company announcing a security breach. Target, AOL, Adobe and Snapchat have all fallen prey to attacks. Most recently, eBay declared that 145 million passwords and email addresses had been stolen from its customer database. How can you protect your customers against such threats? The articles in this issue answer that very question. Eric Jacksch writes about educating people about cloud security. In his interview with Richard Henderson from FortiGuard, Chris Rogers explains how SMBs can defend themselves against cyber-attacks. Ian Gertler of the consulting firm Symplegades discusses risks inherent to the cloud. This issue also features our on location coverage of the EMC World conference held in Las Vegas recently. The company made several very important announcements, including the launch of a new global partner program. This is good news for resellers, as the previous partner program was complicated and unwieldy. Our Test Bed showcases the HP 8630 printer. Chris Rogers reviews the latest addition to HP’s family of printers. Read his article to learn whether he gives it a vote of confidence or the thumbs down. It is almost certain that the next six months and beyond will bring dozens more data breaches. Given the number of cyber-criminals and the ease of launching attacks, it is just a matter of time before the next threat makes the news. Undoubtedly, many of these breaches will target large companies who were unaware that they were at risk, or worse, chose to ignore the warning signs they were in danger. Resellers are in an excellent position to offer security services in addition to their other products. Don’t let your customers be the next victim of a major breach. Talk to them about improving their protection today, before their names are splashed in the headlines.
ONE YEAR SUBSCRIPTION RATES
Canada: $50/year; USA $60/year; International $100/year. All rights reserved. No part of this publication may be reproduced without written consent. All inquiries should be addressed to circulation@iticonline.ca
4 / IT in Canada Channel May/June 2014
Rachel Levy Sarfin Managing editor
PRODUCT NEWS HP releases data migration tool for EMC customers
Microsoft and SAP to expand partnership Microsoft and SAP have been partners for quite some time, but both companies are looking to get a little bit cozier, if a recent announcement is anything to go by. The software giants are planning to deliver joint solutions in the areas of cloud computing, mobile and business intelligence. “Microsoft and SAP have a great history together, and we are committed to meeting the diverse needs of our enterprise customers,” said Scott Guthrie, EVP, Cloud and Enterprise, Microsoft, in a release. “Our expanded partnership with SAP demonstrates our continued commitment to deliver the applications and services our customers need — in their private clouds, service provider clouds, Microsoft Azure and Microsoft Office.” The new solutions are intended to “help improve employee productivity, enhance workforce mobility and drive increased business value for customers and partners.” Through the partnership, the companies expect to jointly support a number of SAP products - including SAP Business Suite software, SAP Business All-In-One solutions, SAP Mobile Platform, SAP Adaptive Server Enterprise and the developer edition of SAP HANA - on the Microsoft Azure platform. According to the release, they expect to accomplish this by the end of the second quarter of 2014. Using the SAP Cloud Appliance Library tool, customers and developers will be able to deploy a number of SAP solutions directly onto Azure in a matter of minutes. Customers will be offered a “pay per use” payment model in Azure, reducing infrastructure costs and total cost of ownership, and enabling them to scale up as needed. Additionally, the companies are releasing a new version of the SAP Gateway for Microsoft, which will allow customers to access SAP applications and data through Office 365 and Azure. Microsoft and SAP also have plans to develop and co-market SAP mobile apps for Windows and Windows Phone 8.1, which will be managed by SAP Mobile Secure or Microsoft Intune. “This has been an exciting year for one of the leading strategic partnerships in our industry,” said Steve Lucas, president, Platform Solutions, SAP. “For our customers, SAP and Microsoft are among the top strategic vendors relied upon to drive their business’ success. We are proud of how we listened to our customers and together developed — and will continue to develop — innovative new programs focused on the cloud, mobility, analytics and interoperability that we expect will provide unparalleled value for our customers.”
6 / IT in Canada Channel May/June 2014
Businesses looking to upgrade from EMC VNX or EMC CLARiiON CX4 arrays might want to consider their options before taking the leap, says HP. The company was at EMC World in Las Vegas in May, hoping to convince some EMC customers to make the switch to its 3PAR StoreServ Storage platform using its new 3PAR Online Import support tool. “Customers tend to migrate grudgingly only when they have to,” said Vish Mulchand, director, Product Management, HP Storage. “But make it easier, and they’ll do it gladly.” According to HP, the operating system that EMC’s VNX2 uses is not compatible with earlier models of the arrays, meaning that a full data migration is required to upgrade. This can be problematic, says HP, because it means the customer will have to use additional hardware appliances or resort to migration tools that are a drain on host resources. Customers can use the import tool to migrate data to any 3PAR StoreServ 7000-series, 10000-series, or all-flash 7450 array. HP says 3PAR Online Import will greatly reduce the costs associated with data migration, as well as boost agility and increase resource utilization. It also has its benefits for HP partners. “From a partner perspective, this gives them the opportunity to provide migration services,” said Mulchand. “They can offer their customers alternatives to EMC VNX, and in turn go after a large customer base.” The 3PAR Online Import software is currently available at no charge for 180 days with version 3.1.2 MU2, and later, of the HP 3PAR OS Suite.
PRODUCT NEWS Symantec shares details of revamped partner program Symantec recently released details of a new partner program that was first announced at its Partner Engage event last November. The redesign of the program comes almost two years after the company realized that something needed to change if it was to take full advantage of market opportunities. “We’re sun-setting our old partner program and launching and transitioning to the new one in October,” said John Emard, senior director, North American Channel Programs and Operations, Symantec. “It’s designed to be customer-focused, performance-based and more rewarding.” The company consulted with its partners to determine their pain points and found that its partner programs were too numerous and complex, that they weren’t incenting the right sort of behaviours, and that the company itself wasn’t investing dollars in an efficient way. Symantec took a step back and started working on a new partner program, which has been in the works for the past year and a half. Since its journey began, the company’s mission has been “to achieve sustained, profitable growth greater than market for channel partners and Symantec, leveraging joint assets to deliver
value to the customer.” Where once the company had 20 programs, it now has one, and that single program is designed to reward partners that deliver the most value and exceptional customer service to Symantec. Through the program, Symantec is John Emard looking to build stronger relationships with fewer partners. The program will be based on competency rather that products and the company will be looking at 12 solution areas in which partners can become either a Principal or an Expert. At the Principal level, partners will need only commit $10,000 annually to its Symantec business, receive sales and technical training, and provide a customer reference. However, partners at the Expert level must achieve advanced accreditation, meet a much larger revenue target, receive validation of its sales and technical training, and provide measured customer satisfaction levels. Partners will then be grouped into one of four program levels, based on the number of Principal or Expect competencies they receive: Registered, Silver, Gold, or Platinum. The Registered level is reserved for partners that have not achieved any competencies. At the Silver level, partners will have at least one Principal competency, while at the Gold level, partners will have at least one Expert competency. Platinum-level partners must have at least three Expert competencies. The full transition will occur in October, but partners that are ready to start accumulating competencies can begin to do so now. Those who receive either Principal or Competency levels between now and October will accrue financial benefits. “While we’re transitioning to the brand new program, we’re preserving investments partners have already made,” said Emard. “They will be grandfathered in to the new validation requirements. If a partner has achieved a high level of specialization in NetBackup, they’ll get credit from having already completed it.”
Citrix names Long View Canadian partner of the year At its March 2014 summit, Citrix named Long View its Canadian Partner of the Year. The Calgary-based company was recognized for its continued investment in mobility and the cloud. “Long View is one of the few partners that looks at Citrix holistically, bringing their skills and expertise Dave Frederickson, VP, not just to virtualization, National Business but to mobility,” said Development, Long View Michael Murphy, country manager, Canada, Citrix. “What I mean by mobility isn’t just how to enable a virtual app or desktop, but how to embrace enterprise mobility management, and giving people access from the device of their choice, from the location of their choice, at the time of their choice. Long View has supported Citrix in this.” By recognizing Long View, Citrix is hoping to tell the marketplace what it is looking for in its partners, what it wants its partners to become, and where it wants its partners to invest – be it in people, competencies, or joint selling activities. “We try to be innovative. We try to innovate around our customers’ business challenges and the outcomes they’re looking for,” said Dave Frederickson, VP, National Business Development, Long View. “With Citrix, we’re able to meet many challenges our customers are facing.” Long View is part of the Citrix’s Solutions Advisor Program, which is focused on providing
customers with certifications and competencies rather than a specific product family. Murphy pointed out that, during the 2013 floods in Alberta, Citrix and Long View were able to provide businesses not only with the mobile solutions their employees needed to work remotely, but also the knowledge and support required for an effective mobile workforce. “Citrix isn’t the whole story,” said Murphy. “What we provide solves, from a software tech perspective, a lot of what companies are trying to do. But we need companies like Long View, who bring other solutions and tech to wrap around what Citrix can offer.” Although Murphy and Frederickson acknowledged that Citrix and Long View have accomplished much together – particularly in western Canada – both companies are looking forward to expanding their joint services into the rest of the country. “Long View is excited about the relationship we have with Citrix,” said Frederickson. “We see huge opportunities in the traditional virtualization space and in the mobility space. We’re excited about what the market has to offer, and what we can bring to the Greater Toronto Area.” May/June 2014 IT in Canada Channel / 7
FEATURE
CLOUD AND SECURITY
By Eric Jacksch
Cloudy with a chance of . . .
E
ducating users is one of the most significant challenges we face in cloud security. Cloud-based services have rapidly become an integral part of our personal and professional lives. They usually require minimal up-front investment, offering rapid deployment and effective solutions to modern computing challenges such as mobility. Most users don’t hesitate to sign up to services that immediately address their needs. Our challenge is to help them also consider the security and privacy implications. From a security awareness perspective, users of cloud services should be asking five questions: Where is their data being processed and stored? What laws and regulations apply? Who has access to the data? How is access controlled? How is data protected during transit and at rest? While contracts and user agreements may contain important security and privacy pro8 / IT in Canada Channel May/June 2014
visions, access to the data is also subject to the laws of the jurisdiction in which the data is physically located. Storing your data in a country other than your own exposes the data to at least two different legal systems. If the company storing the data has a physical presence in a third country, there could be more complications. Users of cloud services need to understand these implications, especially when confidential information is involved. While we don’t expect end users to fully assess the physical and logical security of the data centre, it is worth noting that not all cloud services are created equal. Some run in modern, high-end data centres and take advantage of cutting-edge cloud services themselves. Others run on shoestring budgets in a closet in someone’s basement. At a bare minimum, users should ask basic questions about the environmental, physical, and access controls in place.
Another fundamental issue is who has access to your data. While agreements may make promises such as “data will not be disclosed except as required by law” — which in itself has proven problematic in some jurisdictions — users of cloud services need to consider whether the service provider will use the information for their own purposes (such as to target advertising) and the type of access that support personnel have. Given current trends in global outsourcing, users should also understand that while their data may be stored in their home country, it may be accessed by personnel who are physically located elsewhere. Most cloud services are designed to be accessed from any web browser or mobile device. While this is often desirable — or even the entire point of the service — it makes user authentication critical. There is considerable variation in the strength of different password systems. While a properly implemented password system may be good enough for less sensitive information, users should look for cloud service providers that provide two-factor authentication to help mitigate risks associated with static passwords. There are two fundamental ways to protect data: physical possession and encryption. Storing data in the cloud places it physically in the hands of someone else, leaving encryption as one of the few ways we can exercise direct control over our data. The best scenario is when the end user has sole possession of the cryptographic keys, rendering data inaccessible to others including the service provider. As the use of cloud computing continues to grow, these types of solutions will become more popular. Until then customers need to continue to ask questions about how their data is protected in transit and at rest. When it comes to cloud security, the best control we have is user education and awareness. While we can’t expect to make users experts on cloud security, we can educate them on the issues and help them ask the right questions.
SMB SECURITY
By Chris Rogers
SMB APTs?
FEATURE
OMG!
Not so fast, says Fortinet strategist
A quick search of Google News for “advanced threats” reveals so many recent articles it’s bound to make an alarmist out of even the most diligent IT admins. Advanced Threats, or Advanced Persistent Threats (APTs) are criminal actors on the Internet, who are generally highly organized or statesponsored. These groups launch digital attacks mainly for the purpose of stealing advanced intellectual property. Unfortunately, APTs aren’t just a buzzword, they’re a trend. And it begs the question, if advanced threats are enough to worry some of the largest companies, how does a small business even stand a chance of securing itself against a cyber attack like that? As a solution provider, should you now be concerned with securing all your clients against APTs? Probably not. According to Richard Henderson, security strategist at the FortiGuard Threat Research and Response Labs (Fortinet), small businesses, even those approaching mid-size, don’t have much to worry about. Unless that small business is developing something ground breaking in high technology or some IP that will be tremendously valuable if stolen, chances are they’re not being targeted. Advanced threats might not be a big problem for small businesses yet, but it could also be a great segue to a conversation about best practices with customers. Even forgetting about APTs, there are still plenty of
malware authors and ransomware groups ready to wreak havoc on unsuspecting small businesses. Henderson offers some key points for protecting SMB networks that can serve as conversation starters and talking points for solution providers who act as trusted advisors.
Malware is still king For small businesses with a small IT team or sometimes no dedicated IT staff, malware continues to be one of the most dangerous threats. Newer trends in malware, like cryptolockers and ransomware, can decimate small businesses because they attack the data the company depends on. Henderson said in many small businesses, data is not stored on network drives, but locally on employee machines. When one of those machines is infected with a cryptolocker everything on the hard drive becomes encrypted and can’t be recovered unless the company is willing to pay a ransom fee to get it back. “If you don’t have a proper network backup strategy to mitigate the loss of data on one of your employees’ machines, you’re in trouble,” Henderson said. The problem, even with good network backup, is that malware like this can even infect network storage. To mitigate this concern, he suggests a simple solution — backing up computers to external hard drives, and ensuring employees are doing routine backups of critical data.
Patch, patch, patch Another tactic to keep networks malware free is regularly patching software. “Customers are not patching fast enough,” Henderson said, describing the situation that occurs when a vendor releases a new patch, which amounts to a footrace. When a patch is released, malware authors get right to work, he said. They tear apart the patches, read research and advisories, and figure out how the patches work. Once the authors understand the original flaw that’s being patched, they can exploit it, hoping to infect PCs that have not been diligently patched. Henderson said that employees in small businesses should know they need to patch their software too, and not to ignore patch alerts when they pop-up. Henderson said the patches should be installed immediately.
Know your software environment These are two fairly straightforward steps to keeping malware off networks, but Henderson also said owners (or in this case, solution providers) need to be aware of the software running on employee computers, especially with the overlap using PCs for work and personal use. It’s clear for small businesses, even though bigger, scarier threats exist, covering the basics is still the most essential piece. Oh, and if your customers are still running Windows XP, Henderson says to switch to a more modern OS as quickly as possible. May/June 2014 IT in Canada Channel / 9
FEATURE
EMC WORLD 2014
By Amy Allen
On Location: EMC World 2014 Joe Tucci, CEO, EMC
The XtremeIO $1 million challenge, with David Goulden, CEO, EMC II, speaking in the background
This year’s EMC World was all about partnership. Executives shared product news, but the highlight of the conference was the company’s acquisition of DSSD, its “federation” with VMware and Pivotal, and the reveal of its revamped global partner program. EMC acquires DSSD LAS VEGAS - EMC opened its 15th annual EMC World conference in Las Vegas with news that it has acquired Silicon Valleybased startup DSSD. DSSD is part of EMC’s strategy to make flash storage ubiquitous in enterprises. “With DSSD, we’re writing the definitive next chapter,” said David Goulden, CEO, EMC Information Infrastructure (II), in his keynote. “What if you could have a rackscale flash storage system that has game changing IOPS, that has hundreds of terabytes of storage, that has the manageability of shared storage, and has native application interfaces? This is the technology that the 10 / IT in Canada Channel May/June 2014
DSSD team has been developing. DSSD completes an important part of our flash everywhere strategy.” The company works on rack-scale flash storage, but little else is known about its work; it has yet to bring a product to market, and its website is devoid of information about its operations. “Anytime we found someone who understood what we were working on, we hired them and told them, ‘Don’t talk to anyone else,’” joked Bill Moore, president and CEO, DSSD, when asked how DSSD managed to keep itself secret over the course of four years.
Moore will lead the DSSD business within EMC, while Andy Bechtolsheim, chairman and Chief Development Officer with Arista Networks and former co-founder of Sun Microsystems, will serve as DSSD’s strategic advisor. “The DSSD acquisition was to solve a number of challenges,” said Jeremy Burton, president, Products and Marketing, EMC. “In the current world we live in, one size does not fit all. It will not fit all in the world we’re heading into either. EMC wants to include flash everywhere, but we look at the right tool for the right platform based on the workload.” EMC executives were tight-lipped about the terms of the acquisition, but a press release indicated that the company hopes to release products based on DSSD’s architecture in 2015. The products will be “optimized for in-memory databases, realtime analytics, [and] high-performance applications used by research and government agencies.” “If you have applications that are very I/O intensive and need low latency and high bandwidth, this company has the storage products for you,” said Joe Tucci, CEO, EMC, in the conclusion of his keynote address.
A “federation” for the software-defined data centre LAS VEGAS - Customers are starting to look for more complete solutions for their business problems, and at EMC World, the tech giant made much of what it calls the “Fed-
EMC WORLD 2014
FEATURE
PARTNERS THAT ARE QUALIFIED IN PROGRAMS BELONGING TO FEDERATION MEMBERS – VMWARE, PIVOTAL, RSA AND VCE – WILL HAVE THE OPTION OF OBTAINING CROSS-PROGRAM TRAINING CREDITS TO REDUCE INVESTMENTS IN SALE AND TECHNICAL CERTIFICATIONS. Pat Gelsinger, CEO, VMware eration”, an alliance between EMC, VMware, Pivotal, and RSA. The goal is to combine their technologies when needed by the customer while also remaining separate to pursue their own business strategies. In a sense, the Federation wishes to encourage both collaboration and competition amongst themselves. And each company has something different to bring to the table. “Pivotal is closest to the application layer, VMware is focused on the software-defined data centre, and EMC II is about converged infrastructure,” said Jeremy Burton, president, Products and Marketing, EMC. “RSA, from an advanced security standpoint, we see playing out on a number of levels.” Through the Federation, customers can combine the offerings of different members, or take advantage of each independently. In some cases, customers may find they have a choice between two companies that offer similar solutions, which is part and parcel of the competition the Federation wishes to foster. The Federation, in essence, is geared toward helping customers move to the third platform and build a software-defined enterprise.
Paul Maritz, CEO, Pivotal
The companies are pulling together solutions, which they have dubbed EVP (EMC, VMware, Pivotal) solutions, that will address five areas that enable the software-defined enterprise. These areas include the software-defined data centre, platform-as-a-service, the virtual workspace, the data lake, and security analytics. Each area will incorporate at least one of the Federation partners’ offerings, although most will incorporate two or more. “If we can architect or organize around natural seams in infrastructure, we can give customers a degree of choice in how they build out their IT infrastructure,” said Burton. He noted that technology is not the defining indicator of success, adding, “We’re [also] working on a Federation consulting centre of excellence, where we can work with organizations up front and help them through the couple-year stretch of moving to the third platform.”
EMC to launch new global partner program LAS VEGAS - EMC announced its new Business Partner Program at this year’s EMC World. The new program unifies all of its partner programs under a single umbrella, and is geared toward giving partners the freedom to pursue different business models and assist in moving customers from the second platform to the third platform. “EMC wants to head in the direction of handling the business models that work for the partners, instead of keeping them penned into a single program,” said Michelle de Hertogh, senior director, Strategic Partner Marketing, EMC. “Partners can now belong to several different tracks, so we can support all their business models instead of just their primary business model.” The announcement marks the first time in
more than a decade that EMC has restructured its partner program - a move that EMC sorely needed, according to Fred Kohout, VP, Global Partner Marketing, EMC. “We’ve architected this to have a common framework,” said Kohout. “We used to have six different partner programs, each with its own framework and requirements. They weren’t working together cohesively, so we’ve built a common framework for all those tracks.” The different tracks include resell, distribution, cloud service provider, system integrator and outsourcer, and partners can select the ones that will best help them meet their strategic objectives. Partners that are qualified in programs belonging to Federation members will have the option of obtaining cross-program training credits to reduce investments in sale and technical certifications. Additionally, EMC will offer incentives to partners for reselling solutions built using a combination of Federation members’ technology. The company will be making five purpose-built solutions available to its partners for resell, including the VNXe 3200 array and the Data Domain DD2200 storage system, as well as consulting services and rebates for selling EMC products and services. The rebates begin at the first dollar of sale and increase when partners meet specific revenue thresholds. “We structured this so providers can move from technologies to solutions,” said David Abelow, senior director, Business Partner Program, EMC. “It enables them to be experts up at the highest level. For those not already working at the third platform, we want to make sure they have the skills and support to get there as they make that transition.” The program will officially launch on Jan. 1, 2015. May/June 2014 IT in Canada Channel / 11
FEATURE
HARDWARE
By Ruth Morton
THE END IS NEAR:
Microsoft to stop support for Windows Server 2003 in 2015
W
ith just over a year until the end of support for Windows Server 2003 on July 14 2015, many organizations are looking at their datacentres and evaluating the risks and costs associated with migrating to a new server operating system. While many have already moved to Windows 2008 or Windows 2012, there are several reasons why some still retain Windows 2003 servers. Some legacy applications may not run on a new server platform and upgrading the application to a version that does could be expensive, if it’s even possible. The software vendor may not be creating new versions or could have gone out of business themselves. The timeline may not fit with other work that needs to be completed first. Before a server is removed, another server and solution may need to be implemented first. Delays in that project can keep Windows 2003 and the legacy software that runs on it in production even after Windows Server 2003 support ends. And there are expenses that may not be budgeted for, particularly if the server is not running in a virtualized environment. The underlying hardware will likely need to be refreshed and unless the Microsoft software was bought with Software Assurance, new server licenses and client licenses to access the server will also need to be purchased. However, not migrating to a newer server OS before it becomes unsupported has risks. Although the predicted slew of Windows XP exploits didn’t flood from the hacker underworld after support ran out earlier this year, Windows XP has already been bypassed for security patches to fix known problems and the security holes will only get larger and more exposed as time goes on. Which is fine if the machine is sitting in a locked closet and never connected to a network. But that’s rarely the case. With a server OS like Windows Server 2003, it’s unlikely being used without a 12 / IT in Canada Channel May/June 2014
connection to anything else, however an IT environment is only as secure as its weakest link. So running a server that is unpatchable and unsupported by the vendor is opening anything else connected to it to risk as well. However, there are some things that can be done to mitigate that risk. First and foremost, an evaluation should be done to determine whether the server can be upgraded to a newer operating system. With proper planning and a full risk assessment, this is the option most should strive for. If that’s not an option, then the server can be hardened by removing unnecessary software, applications and utilities. It should be disconnected from the Internet if possible and only connected on networks with other secured devices behind a firewall. The local
firewall can be enabled and if the server must run a browser, only one that can be kept up to date with regular security patches and fixes should be run. July 2015 is still over a year away and for many there is still time to budget and plan for Windows Server 2003 migrations. With planning and foresight the end of life for Windows 2003 doesn’t have to be a stressful time or create a weak link in your IT infrastructure. Ruth Morton is a technology evangelist in a presales role for Microsoft solutions at Compugen. Previously, she worked for Microsoft. Morton has been employed as an IT professional and specializes in implementing enterprise technologies and formulating IT strategies for organizations in Canada, Europe and the US.
CLOUD COMPUTING
By Rachel Levy Sarfin
Staying safe in the Cloud When you use cloud-based applications such as Salesforce.com, do you ever give a passing thought to their security? Perhaps you should. In the wake of major data breaches at retailers and other companies, businesses should be wondering how safe their data is. Ian Gertler, CMO of the consulting firm Symplegades, shared his thoughts on what companies can do to make themselves safer in an active threat landscape.
“At the end of the day, the focus on security is one that will be increasingly important as breaches occur,” Gertler commented. He cited the examples of Target, prominent financial institutions and the allegations that the Chinese government has authorized hackers to steal data from other countries. The growing number of data breaches does not mean that the enterprise should abandon the cloud, though. “While many question how secure and private cloudbased solutions can be compared to traditional on premise infrastructures, we must always manage expectations while understanding everything holds a ‘pros’ versus ‘cons’ element,” Gertler remarked. The “pros” of the cloud is that it offers ease, convenience, cost effectiveness and faster time to market. Conversely, the “cons” of the cloud are that your data is not stored on premise, meaning you must be extra vigilant about security. It is incumbent upon customers of cloud service providers to perform due diligence. “All cloud providers are not created equal -- let’s just put it out there,” Gertler warned. There are a number of aspects in which a cloud service provider could be deficient:
FEATURE
hardware, software, management, infrastructure, and most importantly, security. “Even with the larger players like Google, Rackspace, Microsoft, Amazon Web Services and others, there are different elements of the puzzle ... internal management and external implications,” he pointed out. Internal management includes technology, and external implications refer to what customers use the cloud for, who can gain access to it and whether the customer is a target for cyber-attacks. Is a private cloud safer? Not necessarily, said Gertler. “Even if a company has their own data centre or on premise servers, today’s technology and needs are increasingly about opening connections to access, integrate, analyze and build beyond the corporate walls of a physical building,” he explained. “People need to get data and utilize applications. This is rarely done on a ‘just the people sitting here’ basis these days -- aside from the development and alpha/ beta periods.” What can you do to protect yourself in the Cloud Era? Investigate the security measures that your cloud services provider (or any potential cloud services provider) has in place. Do not compromise on security – your data is valuable. A data centre should be built securely in addition to possessing digital safeguards. Such digital safeguards should include software that relies upon a cloudbased threat protection network that catches most malware threats before they can infect computers and mobile devices. A mobile device management system should also be in place to protect your networks and data. “All of the traditional software players are quickly embracing the cloud model ... not because they want to, rather because they need to in order to stay relevant and competitive with the shifting trends of the industry and their customer needs,” Gertler noted. The cloud is now a fact of life, but it need not put you at risk for threats.
Ian Gertler, CMO, Symplegades May/June 2014 IT in Canada Channel / 13
TEST BED
By Chris Rogers
HP’s Officejet Pro 8630 Review AN INK-BASED SMALL BUSINESS WORKHORSE
Here’s the ideal scenario for installing a new printer.
1
2
3
4
Take printer out of box.
Plug printer into power outlet.
Connect to local network.
Print.
U
nfortunately, it may never be this straightforward, but HP is making it about as easy as possible with its new Officejet Pro 8630. The 8630 won’t blow away your conceptions about the office printer, and it probably won’t change the way you work, but it will do what you ask of it without causing you any grief, and sometimes that’s all that matters. The HP Officejet Pro 8630 is the highend version of its 8600 series. This is a printer designed for small businesses and workgroups that touts ink-based printing at low cost-per-page. In our initial briefing on the device, HP actually boasted the 8630 has a cost-per-page around 50% lower than laser printers. The machine has a projected print speed of 21 pages-per-minute in black and 16.5 pages-per-minute in colour depending on your settings. To top off the business-first features, it’s also available with HP’s “Instant Ink” program, which means the printer can call out to HP when it’s running low on ink and you’ll receive a new cartridge before the old one is finished (hopefully). Under the Instant Ink pro14 / IT in Canada Channel May/June 2014
gram, a 50 page-per-month plan will cost customers $2.99 per month, while a more reasonable 100 page-per-month plan costs $4.99, and there are others for heavy-use scenarios.
Features Out of the box, the 8630 will print, fax, scan, and copy. It will also let users connect with certain Web services like Box and Google Drive, and extend its functionality by downloading other extensions. To meet those connectivity demands, it’s Wi-Fi enabled (802.11b/g/n) and has HP ePrint, Apple AirPrint, HP wireless direct printing, and NFC touch-to-print capabilities. It has a 4.3-inch colour touchscreen for navigating features and a 500-sheet capacity (two 250-sheet trays). The scan bed and paper trays are capable of holding up to legal size documents. If you’re interested in printing from or scanning to a USB memory stick, you can plug one into the full-size USB port on the front of the 8630. Around back, there are dual RJ-11 fax modem ports, an Ethernet
networking port, and a USB 2.0 port for hard-wiring the 8630 to a PC should it be required.
Setup Taking the 8630 out of the box was probably the most difficult part of setting it up. At 35 pounds with the secondary paper tray attached, and a 19.7 x 25.5 x 15.7-inch footprint, it’s not the smallest piece of tech ever. In fact, it’s difficult to call the 8630 a “desktop” printer because it’s just so big. This really needs its own dedicated space or its own desk. It’s really too big to effectively be on anyone’s desk. But thankfully, once the pieces are out of the box, setup is as simple as plugging in the duplexer on the back and setting the printer on top of the extra paper tray. Plug the power cord in and the 8630 will walk you through setup using the touch screen. I did have a short delay because I set the paper tray up incorrectly but otherwise the setup was fast and took less than 20 minutes total. Once the 8630 was connected to the local network I didn’t even need to install any Continued on page 16
http://www.itincanadaonline.ca
ARE YOU MISSING OUT? Please supply us the following information to allow us to provide another year of Free Subscriptions to IT in Canada Channel.
SUBSCRIBE
NOW!
Fax: 905-727-4428 Mail: 24-4 Vata Court, Aurora, ON, L4G 4B6 Email: circulation@iticonline.ca
NAME:
TITLE:
ORGANIZATION:
ADDRESS:
CITY:
COUNTRY:
PROVINCE:
POSTAL CODE:
E-MAIL ADDRESS:
PHONE:
WHICH FORMAT WOULD YOU LIKE TO RECEIVE YOUR COPIES?
SUBSCRIBE TO FREE WEEKLY E-NEWSLETTER?
Privacy Policy: we do not share or sell our mailing list
YES, PLEASE
DIGITAL
NO, THANKS
TEST BED
PROS: • Ink-based office printer • Nice touch screen • Apps let users pull files directly from storage like Google Drive • Good scan quality HP 8630’s user interface Continued from page 14
additional software. My computer, running OS X 10.9, immediately recognized the new printer on the network and I had access to all the features I wanted, such as doublesided printing black and white defaults and print quality. More settings were easily accessed by visiting the printer’s network page (the 8630 will give you its own network address so you can access it through a browser). That network utility gives you access to the more advanced features, such as scan to email and network drive settings. There are also easy update features that let you update the 8630 directly from the network application, so you won’t need to download and install firmware updates using a memory stick. The options in the network interface are straightforward enough to understand even if you’re not technically inclined. And without diving too deep into the configuration settings, there are enough options that you can definitely set the 8630 up securely for a small office or workgroup. For accounting and audit purposes there is even a reports page that gives you a detailed look at what’s been printed (stats-wise) and also an events page that lets you look at the latest jobs the printer has completed.
Design Design is the biggest problem with the 8630. As mentioned earlier in the review, it’s 35 pounds of machine. Combine that with its hefty footprint and you’ve got yourself a big 16 / IT in Canada Channel May/June 2014
piece of equipment that needs a home in your office. But if you’ve got the space to accommodate its girth, the 8630’s design does make sense. It’s large enough to use with standard legal-size paper, and the 500-sheet capacity means you won’t be changing the paper tray very often. Changing the cartridges is quick and maintenance should be easy with large doors and very few removable parts. There is even a light that illuminates the interior when changing the cartridges. The 4.3-inch touch screen is big and responsive enough to be usable without being frustrating. There is no lag between input and execution which makes using it feel fast and efficient. Scrolling and even pinchto-zoom gestures can be used in some cases and each worked well. The interface design for the touch screen is also well done. All the options are right in front of the user and it’s not hard to find what setting you’re looking for. Even the help screens, usually a nuisance, were well designed and seemed to pop up exactly when needed with the right information.
Performance Print speeds aside, the 8630 was quick to set up, easy to connect around the office and, once installed, allowed users to print their documents fast. Most of my tests used double sided sheets with draft-quality printing and this didn’t add or improve print times significantly. Full colour sheets obviously
CONS: • It’s big
take longer to print than black and white, but nothing took exceptionally long to print, even a full colour photo sent from an iPhone. The performance of printing at the machine itself is also pretty speedy thanks to the touch screen and interface. It’s easy to find what settings you’re looking for, and the on-screen keyboard is large enough and fast enough to make entering emails and other information a snap. The only performance drop happened when pulling documents down from the cloud. Even single text documents pulled from Google Drive using the apps section of the 8630 took much longer to download and print than local files.
Final thoughts The ideal printer does what it needs to do and stays out of the way. It doesn’t bog you down with a lot of software, it just enables easy printing from whatever device you’re on. The 8630 mostly gets there with easy to use software and setup. My only real complaint about the 8630 is its weight and size, but if you’ve got the room for it, it could be a good addition to your workflow. Of particular note is the network interface that makes managing the device on your local network easy even for those who have never set up a printer before.
CHANNEL DISTRACTIONS
CHANNEL DISTRACTIONS LOOKOUT APP TAKES ‘THEFTIE’ PICTURE
Have you ever lost your phone, or had it stolen? A new security app from Lookout aims to help you recover your phone - and it takes a picture to help you catch the thief. When the app notices suspicious behaviour, it emails the phone’s owner. The email is triggered by actions that thieves commonly perform after stealing a phone, like entering an incorrect password too many times, removing the SIM card, or turning off the device. For added security, the app will direct your phone to secretly take a photo of whoever is messing with it. It uses the front-facing camera to take a ‘theftie’ of the person, and sends it to you in an email along with the phone’s location. Critics, however, are saying the app is not without its faults. If the person isn’t holding the phone directly in front of them, it can be difficult to get a picture of the thief’s face. The covert nature of the photo is also raising a number of privacy concerns. Before releasing the app, Lookout conducted a study through IDG Research on phone theft in America. The study found that 68 per cent of phone theft victims weren’t able to recover their stolen device. It also found that 68 per cent were likely to put their personal safety at risk if it might lead to recovering their photos, videos, music, and other personal data. Which begs the question, is what’s on your phone worth your life?
NO HABLA INGLES? NO PROBLEM. SKYPE LAUNCHES REAL-TIME TRANSLATION It can be a daunting task, to say the least, to hold a conversation with someone when you don’t speak the same language. In our hyper-connected world, the language barrier is one of the final roadblocks to global connection and collaboration. Microsoft has come up with a solution for improved cross-lingual communication. The company recently demoed its new Skype Translate application. The app translates your words into other languages in real time, allowing for fluent conversation. The demo of the translator app featured an audio translation from English to German and vice versa, using Skype voice and IM technologies. According to Microsoft, the technology comes from decades of work and research in speech translation, speech recognition and language processing. The result is a translator that fits the voice and speech patterns of many different users and the nuances of different languages. It opens up a whole new world of potential for businesses, schools, and multi-lingual families. Skype Translate will be available as a beta app for Windows 8 before the end of 2014. This new innovation is the latest in a line of improvements to Skype, including making group video calls free. May/June 2014 IT in Canada Channel / 17
CHANNEL DISTRACTIONS
NEW TORONTO APP TRACKS CYCLISTS If you’ve ever ridden your bike in Toronto, chances are you’ve experienced frustration or had a close call with a car.
HACKERS RANSOM PHONE DATA IN AUSTRALIA It can be very tempting to use the same password and username across multiple accounts. But as Apple device owners in Australia recently discovered, this can leave your digital devices vulnerable. Earlier this month, the Sydney Morning Herald reported that iPad, iPhone, and Mac owners woke up to find themselves locked out of their devices. A message on their phones informed them that ‘your device has been hacked by Oleg Pliss.’ They were instructed to send up to $100 to a PayPal account to have their devices unlocked. The digital ransom caught many by surprise. Security experts say the problem wasn’t an iCloud hack, but a phishing scam. The speculation is that hackers were using compromised login passwords and credentials from previous data breaches. Many still use the same password across multiple online services. If one is compromised, those other accounts will also be vulnerable. Hackers are accessing the devices through the Find My iPhone feature, by figuring out the user’s Apple ID login and password and then accessing the Find My iPhone app from iCloud. Going forward, experts recommend that users change their AppleID passwords, and avoid using the same username and password for multiple services. While the digital hijacking started in Australia, at the time of writing this article, the scam had spread to Apple users in the United States.
18 / IT in Canada Channel May/June 2014
The City of Toronto is aiming to improve the cycling experience. It recently released a new biking app that tracks a cyclist’s route through the city. The Toronto Cycling App was designed to benefit both city and citizen. It uses the GPS on a smartphone to record data about the route taken and length of trip. Cyclists can use the app to get statistics like average speed and distance, as well as calories burned and greenhouse gas offset. As the app tracks a cyclist’s route around Toronto, it sends the city data about the trip. It tracks things like which roads the cyclist takes, preferred routes, and how long it takes to get to destinations. The software was developed by the company Brisk Synergies, and is available on iPhone and Android. The City of Toronto is hoping that users will download the free app, to assist the city in monitoring cycling patterns and improving cycling infrastructure. The data will be submitted anonymously to a city database, and added to the city’s plan to expand on existing cycling networks. As of now, the new cycling plan is slated to be presented to city council in 2015. Hopefully if designed correctly, the new bike lanes can help cut cyclist-driver tension in Toronto.
01001001 01100110 00100000 01111001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110010 01100101 01100001 01100100 00100000 01110100 01101000 01101001 01110011 00101100 00100000 01101111 01110101 01110010 00100000 01100011 01101100 01101001 01100101 01101110 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01110011 01100101 01100001 01110010 01100011 01101000 01101001 01101110 01100111 00100000 01100110 01101111 01110010 00100000 01111001 01101111 01110101 00101110 If you can’t read this, we’ll connect you to the people who can.
4fmv.ca
The right candidates. The right opportunities.
THE ITSY, BITSY, TEENIE, WEENIE, P-208 WIRELESS SCAN-TINI Small scanner. Big features. Powered by a single-USB or the optional Wi-Fi and battery unit, the imageFORMULA P-208 Scan-tini scans documents, business cards, and even photos at 8 pages per minute. Combine the P-208 with the Wi-Fi unit to wirelessly scan directly to your smart phone, tablet or desktop PC. Canon's CaptureOnTouch Mobile app allows for scanning directly to your iPhone®, iPad® or Android® device. This free app is available for both iOS and Android devices. For more information or to request a demo, please visit
www.canon.ca/contactus
Canon is a registered trademark of Canon Inc. imageFORMULAis a trademark of Canon Inc. © 2013 Canon Canada Inc.
WITH ONE ACCESSORY YOU GET UNLIMITED HOTSPOTS.