IT in Canada July/August 2015 by Promotive Communications

STEVEN GREEN

Intensifying the intranet CIOs are up in arms over failure associated with the intranet P.8

ANTHONY BARTOLO

How To: Activate Windows 10â&#x20AC;&#x2122;s Enterprise Mode P.8

July/August 2015 VOLUME 6 NUMBER 4

INSIGHT FOR TECHNOLOGY PROFESSIONALS

BREAKING

THE BANK

Publication Mail Registration Number: 42169527

THE FINANCIAL SERVICES INDUSTRY IS A FREQUENT TARGET OF DATA-HUNGRY HACKERS

www.itincanadaonline.ca

LEADERSHIP SUMMIT 2015 L E A D I N G FO R R E S U LTS

MARK YOUR CALENDAR Date: November 18, 2015 Time: 8:30 a.m. â&#x20AC;&#x201C; 4:30 p.m. Place: Westin Hotel, Ottawa

LEADERSHIP

SUMMIT 2015

The 2015 Summit brings together innovative thought leaders and executives from the public and LEADING FOR RESULTS private sectors to interact with public sector executives, managers and their teams in a unique format designed to deliver a world-class learning exchange and networking experience.

Donâ&#x20AC;&#x2122;t MISS tHIS LeaDerSHIp SUMMIt anD aWarDS Summit program includes sessions on Linking Leadership and Engagement, Learning to Lean, Driving Employee Engagement through a Revitalized Strategy and Balanced Scorecard, Leadership Sustainability, Big Data/Business Discovery.

Keynote SpeaKerS:

LEADERSHIP

SUMMIT 2015

REgiSTRaTioN FEE

LEADING FOR RESULTS

Early Bird - Register by September 1, 2015 $600.00 plus HST Regular rate for this one-day event is

$750.00 plus HST Two or more registrants from the same organization pay

$500 each plus HST For more information or to register please contact Laskey Hart: at 905-727-4091 Ext.235 or laskeyh@netgov.ca Visit us at cgeleadershipsummit.ca

John J. Scherer

As a former Combat Officer on a US Navy Destroyer, Lutheran Chaplain at Cornell University, Gestalt and Family Systems Therapist, Graduate School co-creator, author, successful consultant and entrepreneur, John brings a unique perspective to his life and work. Business and community leaders from 23 nations have graduated from his Executive and Leadership Development Intensives.

Paul Niven

A noted speaker and writer on the subjects of Strategy, the Balanced Scorecard, and Performance Management. He has delivered keynote addresses at conference events around the world and has published in a number of noted journals.

otHer SpeaKerS: Deryck Trehearne

Director General, Program Operations, North/Atlantic/Ontario Infrastructure Canada

Craig Szelestowski President, Lean Agility Inc.

Contents

www.itincanadaonline.ca

Vol 6 No 4 July/August 2015

DEPARTMENTS

4 Editorial 6 News

Our roundup of news stories

FEATURES

8 Intensifying the intranet

CIOs are up in arms over failure associated with the intranet. Steven Green discusses how they can take action

10 Does deleting unwanted data constitute a crime?

Is deleting your browser history liable to land you in hot water with the authorities? Eric Jacksch explains

16 How To: Activate Windows 10’s Enterprise Mode

One interesting question I received recently is, “Will the new Edge browser (Project Spartan) in Windows 10 completely replace Internet Explorer?”

17 Removing the guesswork from storage performance planning

When it comes to storage planning, even an educated guess can prove costly, says Len Rosenthal

20 A closer look at Ericsson Cloud Storage – Part 1

In the first article of a two-part series, Miha Ahronovitz explores the rise of cloud storage, and its ties to Big Data

COVER STORY: Breaking the bank The financial services industry is a frequent target of data-hungry hackers. Websense’s Carl Leonard dispenses strategies that can help these organizations ensure that their customers’ data remains locked in the safe

Online Extras: www.itincanadaonline.ca Missed an issue? Misplaced an article? Visit www.itincanadaonline.ca for a full archive of past IT in Canada Online issues, as well as online extras from our many contributors. July/August 2015 IT in Canada Online / 3

EDITORIAL INSIGHT FOR TECHNOLOGY PROFESSIONALS

EDITORIAL ACTING EDITOR: MARK DAVID

905-727-4091x230 mark.david@iticonline.ca

STAFF WRITER : JEFF MACKEY

905-727-4091 jeff.mackey@iticonline.ca

CONTRIBUTING WRITERS: ERIC JACKSCH, MICHELLE DE HERTOGH, CRAIG BOWMAN, ERIC JACKSCH, MICHELLE DE HERTOGH SALES VP, BUSINESS MEDIA STRATEGY: MARCELLO SUKHDEO

905-727-4091 x224 marcello.sukhdeo@iticonline.ca

DIRECTOR, CONTENT MARKETING & DEMAND GEN.: LASKEY HART

905-503-1376 laskey.hart@iticonline.ca

DIRECTOR, CONTENT & BUSINESS DEVELOPMENT: JOSE LABAO

905-727-4091 x231 jose.labao@iticonline.ca ART & PRODUCTION

ART DIRECTOR: ELENA PANKOVA

circulation@iticonline.ca

SUBSCRIPTIONS AND ADDRESS CHANGES CIRCULATION DIRECTOR: JAMES WATSON

circulation@iticonline.ca

CIRCULATION COORDINATOR

circulation@iticonline.ca

GENERAL INQUIRIES

23-4 Vata Court, Aurora, ON, L4G 4B6 Phone 905-727-4091 Fax 905-727-4428 CORPORATE COO AND GROUP PUBLISHER: JOHN JONES

publisher@iticonline.ca www.itincanadaonline.ca

PUBLISHER’S MAIL AGREEMENT: 42169527 IT in Canada Online magazine is published six times per year. All opinions expressed herein are those of the contributors and do not necessarily reflect the views of the publisher or any person or organization associated with the magazine. Letters, submissions, comments and suggested topics are welcome, and should be sent to publisher@iticonline.ca

www.itincanadaonline.ca REPRINT INFORMATION

High quality reprints of articles and additional copies of the magazine are available through circulation@iticonline.ca or by phone: 905-727-4091

Analyze This Data mining and mining for precious gems or metals are somewhat similar in nature. Both can be long and time-consuming tasks that involve searching for and eventually protecting something that is as precious as it is valuable. And in the end, the results obtained from either operation can be very beneficial. In the age of the data-driven enterprise, Big Data and analytics are crucial building blocks. Not only do they help these companies get a more detailed look into their customer base, but they also provide key information that can help consumer-focused organizations to better tailor their products or services to the people who use or depend on them. Today, companies are producing and collecting data almost as quickly as they are releasing products. And while this data is quite beneficial to them, so too is ensuring that it is under lock and key at all times. This is especially important within the financial services industry, which processes and stores sensitive information about its clients and their transactions. But if a breach were to occur, that information could easily fall into the wrong hands, causing a litany of problems. In our cover story, Carl Leonard, principal security analyst for Websense, discusses the results of the Websense Financial Services report, and what financial institutions can do to fight off potential threats and keep their data safe. Check it out on page 12. It’s commonplace to delete your web browser’s history every so often to free up space and ensure that your computer or mobile device runs faster. But does doing so constitute committing a crime? Eric Jacksch takes a closer look at this argument in the latest edition of Security Shelf on page 10. Speaking of web browsers, it was rumoured at one point that Internet Explorer, a mainstay since the early days of Windows, would be retired upon the launch of Windows 10. However, those rumours were eventually put to rest when Microsoft announced that Internet Explorer would co-exist alongside the new Edge browser. This is welcome news for business users, who can now take advantage of a new feature called Enterprise Mode. Anthony Bartolo shares the details on page 16. When viewed from the outside, companies may seem like robust operations, but just like cars, it’s what on the inside that truly makes them tick. On page 8, we speak to TemboSocial’s Steven Green about why the success or failure of an intranet can make or break a business. Despite its usefulness, storage remains one of the most misunderstood elements of the data centre. As Len Rosenthal of LoadDynamiX explains on page 17, taking the guesswork out of the equation can help businesses make more educated decisions about storage management. Finally, the rise of the cloud has led to it becoming a destination for data storage. In the first article in a two-part series, Ericsson’s Miha Ahronovitz explains cloud storage and its Big Data connections on page 20. We hope you enjoy the issue, and may your summer be free of data-related dilemmas.

ONE YEAR SUBSCRIPTION RATES

Canada: $50/year; USA $60/year; International $100/year. All rights reserved. No part of this publication may be reproduced without written consent. All inquiries should be addressed to circulation@iticonline.ca

Mark David Acting Editor

4 / IT in Canada Online July/August 2015

Technology cook-off

2015

coming This fall

What is the best combo dish for SMB?

But wait a minute...

It’s Mobile solution & CRM

Where can SMB go to learn about this combo? Where can you get the impartial story about trials and tribulations of professionals? How do small business owners make sense of the morass of content, uninformed opinions and biased vendor self-promotion? Who provides the depth of real knowledge and insights? CoMe to Technology cook off 2015 and let tHe CHefS preSent tHeir BeSt platterS. over the next few months it in Canada will build communities for 3 hardware with 3 software platforms that can be most helpful to sales professionals. each community will work towards developing the “Secret Sauce” that shows that their solution is the best in the market. on the day of the event each team will be posed with 5 challenges to solve which will push each solution to the max. they then will be judged and winners selected. Vendors will have the chance to display their solutions as well. this is an opportunity for vendors to have a cook off with each other to determine the best sauce for the SMB combo. the overall objective of this event is to provide profound insight into what is lacking in the market and to help customers discover their own solutions. instant leads helps customers who cannot wait to connect with sponsors throughout the process.

for more information please contact Jose Labao at 905-727-4091 ext.231 or josel@netgov.ca Visit us at www.itincanadaonline.ca

IN THE NEWS

By Alexandra Sweny

While Canada ranked alongside the United States and Australia in the top three, project director Dr. Ruta Aidis notes that no country

is truly exempt from sexism in the workforce. Even the top countries scored no more than 71 per cent, with a staggering 70 per cent of the 31 countries scoring below 50 percent altogether. “Women still have challenges accessing capital and there remains a skills confidence gap for women contemplating business startups,” Dr. Aidis said. These boundaries are detrimental not only to women, but to the global economy as a whole. If American women experienced business growth at the same rate as American men, their businesses could provide an additional 15 million jobs in two years. The goal of the scoreboard is not meant to be merely informative, but to instigate change within international governments. “The success of entrepreneurs and small businesses is critical for a thriving global economy,” said Karen Quintos, senior vice president and chief marketing officer for Dell. “The Scorecard provides the data-driven insights we need to move the broader conversation from awareness to action and allow female entrepreneurs around the world to reach their full potential.” To view a full list of country rankings, click visit www.dell.com/women.

Fitted with major app updates alongside a familiar ribbon interface, Office 2016 provides a subtle modernization of the Mac experience users have come to love. Meanwhile, updates to Office suite apps mean a fresh experience for Word, Excel, PowerPoint, Outlook and Mac’s latest addition, OneNote. A stylish interface, combined with Word’s new designer-quality layouts, make appealing and streamlined documents more accessible than ever. More practical updates, like an improved Presenter View in PowerPoint, prove that Office 2016 isn’t just eye candy. The update gives the presenter access to previews of the current slide, next slide, speaker notes and a timer, all of which

are only visible on the Mac screen. To fully appreciate these features, complete Retina display support and Full Screen view allows users to see their own documents in a new light, sharper and more vibrant than ever. New cloud capabilities mean that users can invite friends and coworkers to join in on the fun, and, because Office for Mac is compatible with PCs, tablets and phones, there is lots of fun to be had. This sharing opportunity will prove particularly valuable, seeing as Office 2016 is offered across 139 countries and 16 languages. The update will first be available to Office 365 members before being offered to the public in September 2015.

Working Girls

he release of Dell’s Global Women Entrepreneur Leaders Scorecard packs some worrisome results for women and industry worldwide. Announced at the sixth-annual Dell Women’s Entrepreneur Network, the scoreboard measured gender-based differences across 31 countries. The data-driven scorecard studied and ranked the countries based on the challenges and opportunities women face when launching businesses and creating jobs in their respective countries.

Taking Office

One hundred thousand pieces of feedback, seven updates and four months later, the release of Office 2016 for Mac is just reaffirming what we already knew about the powerhouse that is Microsoft. 6 / IT in Canada Online July/August 2015

IN THE NEWS Lighting the way Microsoft has announced the Canadian launch of new Windows Phones, Lumia 535 and Lumia 640 XL. With enticing new features, the phones are illuminating a brighter future for Microsoft smartphones. The Lumia 535 and Lumia 640 XL are similar in terms of appearance and functionality. Both smartphones boast expendable storage up to 128 GB and bring new camera features to the table. The Lumia 535’s front camera optimizes is wide angled to maximize the Skype and selfie experience, while the Lumia 640 XL can capture 1080p videos. Furthermore, each model offers 8 GB of internal storage. Perhaps the most enticing feature for multitaskers is Cortana, a built-in personal assistant who walks the user through traffic updates, alerts and people-based reminders. The price difference of $179 and $339 for each phone respectively can be attributed to the Lumia 640 XL’s higher battery capacity, processor and camera resolution. It offers

nearly double the battery life of its counterpart at the cost of a heavier weight. Both phones are offered now exclusively at the Microsoft store. With style and versatility being increasingly important in such a competitive market, it seems Microsoft’s phones herald an important step into the field.

Testing, testing

Teachers often lament that pupils have their heads in the clouds. With a new virtual desktop revolutionizing the way tests are given, taken and scored, this may not be such a bad thing after all. Cloud infrastructure and mobility experts at VMware have announced the release of Horizon Air Desktops. Equipped with the Pearson TestNav 7.5 Online Test Delivery System, the desktops will give K-12 schools the option of delivering tests online through a public cloud.

The virtual desktop is offered exclusively for Google Chromebooks. With the familiarity of the Windows desktop, VMware is enabling IT to capitalize on the cloud’s agility and accessibility. The very nature of the cloud grants students and educators increased mobility and flexibility, but it’s a double-bladed sword. The uploading of tests and scores to the cloud may spark concerns over confidentiality and security. To combat this risk, the VMware Horizon 6 offers private cloud deployment of virtual desktops. Beyond the convenience aspect, schools will have greater control at a lesser cost. “VMware works closely with schools all around the world to bring cost-effective virtual desktops to help close achievement gaps for students and simplify management for IT,” said David Grant, vice-president, product marketing, desktop products, End-User Computing, VMware. The advancement of the mobile cloud era is shaping business across all industries. With secure online testing, there are big changes on the Horizon. July/August 2015 IT in Canada Online / 7

TECHNOSPECTIVE EMPLOYEE COMMUNITIES

By Mark David

the intranet as a place to spend their work day or if they’re going say it’s not for them.

Q: What is TemboSocial doing to make employees smarter about their company’s business?

SG: When people do want the intranet, the

INTENSIFYING

THE INTRANET

n many ways, a business is like a car. They require proper care and maintenance to ensure they run smoothly and attain certain performance goals. But sometimes, it’s more about what’s under the hood than the exterior appearance. If the product-producing team forms part of the company’s exterior, the internal connections these people share might very well be the engine that powers the proverbial car. A strong intranet helps these individuals to collaborate and work together to complete projects which gets products on the shelves and into the hands of consumers. However, despite the benefits it brings, there are times when intranet-reliant projects fall flat, thus warranting a significant tuneup in the shop. Proof of this lies in statistics from Gartner, which indicate that 40 per cent of intranet projects fail to reach their potential, while 15 per cent are completely scrapped. Steven Green, founder and president of Toronto-based TemboSocial, discusses why 8 / IT in Canada Online July/August 2015

these projects sometimes miss the mark, and what enterprises can do to build a stronger intranet.

Q: Statistics from Gartner show that 40

per cent of intranet projects fail to reach their expected ROI, while 15 per cent are abandoned entirely. Why is this? Green: A large part of the focus of an intranet strategy tends to be on all the pre-work. Everything on the governance, platform selection, who’s going to own it, how it’s going to be designed and which groups you’re going to have communities. Very little focus goes into what we call date-shoot, what happens the day after we open up this intranet and allow people to come in and use it? It’s like the iceberg. Everything is focused on preparing the governance, but really success (includes) access to the system. They (the employees) are going to have an experience, and that’s going to determine whether people are going to adopt

intranet programs are generally very broad and very shallow. They can’t provide every feature with the depth they’d like to because there are many components that they’re focused on providing to the company. That’s why millennials are very savvy users now. When people leave work at the end of the day they’re using social tools that are very engaging; they’re beautiful, they’re rich and they’re community focused. And then you come into the intranet, and the intranet allows you to collaborate on documents and posts and share other items that people are posting to the intranet as well. It’s not really a rich experience. What we do is add value inside the corporate intranet. We provide the tools that will allow the place to really collaborate and connect with each other, tools that will provide meaningful content about people, about success, about achievement, about the mission and vision values of the company. They’ll have storytelling to really create a social experience with tools that are beautiful, decisive tools that employees are using when they go home at the end of the day. Another reason why intranets tend to fail after their launch is because people tend to focus on the technology. If you buy a tool that has these features, people will be able to do these things, and then we’ll put it out there and people will do it. But it doesn’t work that way. So if you have a community manager who is creating awareness about the discussions taking place, about the meaningful content that can help a community of practice become more successful within the business, and coupled with that you provide social tools that allow employees to actually get their work done in collaborative and meaningful ways – suddenly you have an intranet that will be very successful.

TECHNOSPECTIVE

EMPLOYEE COMMUNITIES

“THE REASON WHY THIS IS A BIG FAILURE FOR MOST COMPANIES IS BECAUSE WHILE THE FOCUS FROM THAT TEAM WHO’S DECIDED ON THE INTRANET AND STRATEGY AROUND THE INTRANET IS SO FOCUSED ON THE INTRANET, THERE’S SO MANY COMPETING GROUPS THAT ARE STEALING THE TRAFFIC.”

Steven Green, founder and president of Toronto-based TemboSocial

Q: What are some of the challenges that CIOs are facing with their intranets?

SG: I think the biggest challenge they’re facing is investing a huge amount of money. A big part of their budget is being invested in the intranet and the success rates are incredibly low. While a CIO’s primary focus is on technology and security, they are also focused on business success, just like any other senior executive. If you’re going to invest millions of dollars into your company intranet and then it’s not going to create social capital, it’s not going create a place where people say “I need to be a part of this community to be engaged, be connected and advance my career,” then it’s not going to be successful. The reason why this is a big failure for most companies is because while the focus from that team who’s decided on the intranet and strategy around the intranet is so focused on the intranet, there’s so many competing groups that are stealing the traffic. If you ask a CIO, “How many hosted SaaS services can an employee access and use?” they’ll say, “Well, we have these seven, 12, or 15 that have been approved.” Then, they’ll go in and do their own analysis and find out that the company actually has on average employees accessing over 200 SaaS services. You have that competing with your intranet strategy, and you also have other groups within the bank that are

servicing the company who are bringing on solutions for recognition. What we’re finding is that in the past, the CIO had the intranet under them, and the intranet was really locked down. It was owned by IT and was something where line of business said, “We really can’t use this to do what we need to do.” In a really rogue way, they started to bring out all of these outside tools, because that’s how they could get their job done. And then CIOs got a lot smarter and they said, “Okay, we’re going to invest in these new intranets that have more capabilities and we’re going to put them out there.”

challenges?

The management and maintenance of these tools are very easy. Eighty per cent of the calls that we get from customers looking for support is really just about knowledge of how to use the tool, and not actually because anything is broken. CIOs are able now to demand that the services they’re going to adopt for the intranet, or for the company to integrate into their intranet. They’re able to say, “Our focus is creating social capital and creating an intranet that works. We don’t want to be among the 60 per cent of people whose intranet projects fail, and we’re not going to allow this fragmentation of our audience by allowing other systems to compete with the main business value that we’re offering to our intranet.”

SG: The CIOs have some great benefits that

Q: What are TemboSocial’s future

Q: How can CIOs overcome these

have come around in the past 24 months. Soft services have really become mainstream. There are several companies like SkyHigh Networks who are out there doing the hard work of certifying companies to make sure they are in fact enterprise ready. It’s a very rigid review process to get through. They look at everything from your security requirements, certifications, insurance, the customers you work with. For CIOs, now accessing cloud-based soft services is really much easier. It’s easier to say, “Okay, this company is certified by a third party, this company is working for a few companies that are similar to mine.” So you don’t have to worry about whether or not it’s actually going to work inside of your environment once you buy the software. The time-to-market is so much quicker, as we have pre-built installations for the major intranet platforms. So if you’re a jive customer and you want to purchase our solutions, we could literally have them deployed enterprise wide within about 25 minutes. That’s a significant cost saving.

goals?

SG: Our future goal is to help CIOs to reduce that failure rate on their intranet success metrics. It’s a really frustrating number, and a 40 per cent success rate is really dismal. We have programs about educating your employees around idea generation, around recognition, and all of these tools are certified, secured, easy to set up, integrated inside of their intranet platforms, and they’re going to make CIOs able to prove that an intranet can have the metrics that match up with what the original vision was. Our plan going forward is to become a leader in the market. There are several tools out there that focus on idea generation recognition. We want to be the company that people that identify as the company that helped them achieve their business goals. Additionally, we want consumers to be able to turn TemboSocial on and have a full enterprise ready to be deployed within 25 minutes. We plan to be the leader in employee recognition and idea generation inside the company intranet. July/August 2015 IT in Canada Online / 9

SECURITY SHELF

DOES DELETING UNWANTED DATA

By Eric Jacksch

CONSTITUTE A CRIME? Intentionally obstructing an investigation by deleting data is obviously a crime. But what if the law is so broad that deleting unwanted information or even a browser history constitutes an offence?

10 / IT in Canada Online July/August 2015

SECURITY SHELF

ast month, 24-year-old Khairullozhon Matanov was sentenced to 30 months in prison for misleading investigators by failing to disclose his contact with the Tsarnaev brothers following the 2013 Boston Marathon bombings and deleting files from his computer. According to the indictment, “Matanov deleted his Google Chrome activity selectively, leaving behind Google Chrome activity from other days during the week of April 15, 2013.” According to a CBC article, “The cab driver’s case dates back to the morning of April 19, 2013, when he went to a police station in Braintree, Mass., south of Boston, to say he recognized the Tsarnaevs in surveillance photos the FBI had released the night before. Matanov was not accused of playing any role in the attack. He pleaded guilty in March to lying to investigators about how well he knew the Tsarnaevs, including the fact that he bought the brothers dinner hours after the bombings. Matanov said he was unaware of their role in the attack during the meal.” According to his lawyers, “At the time of these offences, Mr. Matanov was a scared young man. He was not, and is not, a terrorist.” In an article for The Nation, Juliana DeVries explained the U.S. legal context: “Federal prosecutors charged Matanov for destroying records under the SarbanesOxley Act, a law enacted by Congress in the wake of the Enron scandal. The law was, in part, intended to prohibit corporations under federal investigation from shredding incriminating documents. But since Sarbanes-Oxley was passed in 2002, federal prosecutors have applied the law to a wider range of activities. A police officer in Colorado who falsified a report to cover up a brutality case was convicted under the Act, as was a woman in Illinois who destroyed her boyfriend’s child pornography.” The Matanov case, and others like it, highlight the application of Sarbanes-Oxley to private individuals and has spawned Internet discussions on whether simply clearing a browser history is a crime in the United States. The Act reads, “Whoever knowingly al-

ters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both.” While the Act clearly requires intent, “proper administration of any matter” and “contemplation of any such matter or case” make it extremely broad in scope. DeVries observed that “Prosecutors are able to apply the law broadly because they do not have to show that the person deleting evidence knew there was an investigation underway.” The Sarbanes-Oxley Act is American legislation, but some Canadian companies are subject to the Act, including those trading on U.S. stock exchanges. Deleting data to intentionally obstruct an investigation is clearly a violation. However, many companies automatically delete data as a matter of policy. Purging email older than 90 or 180 days is common in the private sector. It reduces data storage requirements, but the primary purpose is that in the event of litigation there is less data to sift through during discovery. It is, in part, choosing not to retain data that could potentially be relevant to

future legal actions. Could routinely purging data result in charges? Is automation evidence of intent to destroy evidence, or is it a defence? Many individuals routinely delete their browser history, cache, and other temporary files on their PC. This data is not intentionally saved by the user, and in some cases is the result of inadvertently typing the wrong URL, clicking a link received in email, or downloading the wrong file. The purpose of a browser history is to help the user visit the same resources again. The browser cache is to speed up subsequent visits to the same site. When is clearing it illegal? According to DeVries, Matanov was investigated for more than a year. The fact that he selectively deleted his browser history was clearly used against him. Would the outcome have been different if he had cleared the entire browser history, encrypted his hard drive, or wiped and re-installed the operating system instead? Or if his browser automatically deleted the history and cache each time he closed it? It is conceivable that any email, web site visit, or other data might be relevant to an investigation in the future. Instead of focusing on the browser history, the question should be: Under what conditions does deleting unwanted data constitute a crime? Have a security question you’d like answered in a future column? Email eric.jacksch@iticonline.ca. July/August 2015 IT in Canada Online / 11

COVER STORY

WAR ON MALWARE

BREAKING THE BANK W

hen people do business with their banks, there is an element of trust involved. Clients have to trust that the banks will keep their money, investments and valuables safe, and generally, they are able to deliver on that promise, both physically at the branch, and digitally through apps and e-banking. But what happens when data-hungry hackers begin to pick away at the digital fortress? The results of Websense’s 2015 Financial Services DrillDown Report show that financial services are the target of 33 per cent of cyber-attacks. Comparatively, the financial services industry ranks third overall for targeted typosquatting. The report also indicated that malware authors, in some respect, are like chameleons. When one of their methods fails or is blocked, they are able to seamlessly switch to a different one. Financial institutions handle loads of sensitive personal data daily, and it’s up to them to ensure that it’s kept locked in the vault. But if the door is accidentally left open, hackers will waste no time on pouncing on this opportunity to drain people’s bank accounts for their own personal gain. To put the results of this report in perspective, IT in Canada spoke to Websense Principal Security Analyst Carl Leonard.

12 / IT in Canada Online July/August 2015

By Mark David

COVER STORY

WAR ON MALWARE

THE FINANCIAL SERVICE SECTORS ARE WELL KNOWN FOR HAVING LARGE AMOUNTS OF CONFIDENTIAL INFORMATION ON THEIR CLIENTS, AND MILLIONS OF TRANSACTIONS ARE CONDUCTED ON A DAILY BASIS. WE REALLY HAVE INVESTED A LOT OF TIME AND ENERGY INTO THE EARLY STAGES OF THE LIFE CYCLE IN ORDER TO BETTER PENETRATE THOSE ORGANIZATIONS. Carl Leonard, Websense Principal Security Analyst

Q: Why is now the time for this report? Leonard: When we were having conversations with some of our customers, we saw that they were having unique experiences. We really wanted to capture those and issue this report so that various industries could be better positioned to more proactively protect themselves. This is actually the first industry breakdown that we’ve done since a report on healthcare stats in 2014. We saw a 600 per cent increase in attacks against hospitals, so we then applied that same sort of conviction to get some more details on other industries. This is one of our most detailed industryspecific reports to date.

Q: The report shows that a third of all lower-stage attacks target financial services. Why is that?

CL: The financial service sectors are well known for having large amounts of confidential information on their clients, and millions of transactions are conducted on a daily basis. We really have invested a lot of time and energy into the early stages of the life cycle in order to better penetrate those organizations. Once the law had been crafted, the malware authors then set up this platform to then deploy the malicious payloads into those organizations. So it’s really the malware

authors taking the first stab at penetrating the defenses of the organizations.

Q: What types of malware are usually used to carry out these functions?

CL: One example that we’ve found particularly prevalent within financial services is Geodo. Geodo is a typical sort of banking intrusion, but it’s also got wormlike capabilities. Once it has successfully stolen the credentials, it can then spread itself by sending out further forms of malware. With Geodo, we’ve observed that occurring 400 per cent more often than any other industries. It starts with particular variance, and then spreads itself to other financial sectors through the use of that victim’s credentials. Obviously they’d have then contacts with other financial service. Systemically, around credential-stealing attacks that we’ve observed, they have focused on financial services, as well as data theft. Another example is Vawtrak, which we’ve observed to be a backdoor to a network that streams full access to the compromised machine. It also steals personal information which again can be used to further additional attacks within that same industry.

Q: The report also states that financial services rank third for targeted typosquatting. Why is this?

CL: This particular type of attack represents a development to the traditional typosquatting method, whereby, ordinarily malware authors will set up a domain that has a character in that domain slightly different on the keyboard. For example, it might replace T with an R, or an M with an N. As we mistype on the keyboard, we might encounter those domains. We’ve found the malware authors actually going to the next step along that attack. They’re actually registering those mistyped domains that have very close relationships with their target domain. So if I was running colesbank.com, the malware author might register colesbank.co. It’s just one letter off, or he might replace the L with a T. Once he’s registered that domain, he then sends mails from that domain into the legitimate colesbank.com. The end users there can be duped into engaging in conversation, thinking it’s an internal employee. We’ve actually seen PDF instructions being sent that detail how to transmit data and actions such as conducting an employee’s payment, or needing to do an urgent wire transfer. So it’s combing the traditional typosquatting with a targeted element where domains are specifically in close relation to the target organization. Emails are then sent in to that target organization from that typo domain, and we’ve actually seen these cases of phishing incidents averaging around to a loss of July/August 2015 IT in Canada Online / 13

COVER STORY WAR ON MALWARE AS WE MISTYPE ON THE KEYBOARD, WE MIGHT ENCOUNTER THOSE DOMAINS. WE’VE FOUND THE MALWARE AUTHORS ACTUALLY GOING TO THE NEXT STEP ALONG THAT ATTACK. THEY’RE ACTUALLY REGISTERING THOSE MISTYPED DOMAINS THAT HAVE VERY CLOSE RELATIONSHIPS WITH THEIR TARGET DOMAIN.

CL: We’ve been tracking threat volumes for

$130,000 per incident, as the engineering hack is successful. The actions described are actually performed by the target’s employee. The reason why financial services ranks third is because we know that within this industry, the employees are familiar with these types of transactions. They’re used to processing invoices and dealing with money transfers, so it would be no surprise to them should an additional request come in. It might ask them to use a particular system they’re already familiar with, so it’s fairly relevant to the recipient. It could also be part of their daily business and operations. That’s why malware authors are really focusing on financial services employees with this attack.

Q: Malware authors are using a bait-

and-switch method to try to outfox banking security measures. What exactly are they doing to skirt around these barriers? CL: We’re actually seeing attack trends differ dramatically from month to month and week to week. As soon as a member of a security operations center within the financial services sector has learned how to handle 14 / IT in Canada Online July/August 2015

and mitigate a particular attack, the malware author then tries something new. In one example seen in March of this year, over 50 per cent of all attacks used some type of officiated code. That makes analysis difficult by disguising the malicious payload code, as it’s unreadable by humans. We saw that half of all occasions in March and then in April that certainly dropped to less than 5 per cent of all attacks, instead to be replaced by redirection. Some distance is put between that initial law that we know is popular in financial services and the dangerous payload, such as Geodo. As a result, the malware authors are changing their styles and methods of delivery of the malware regularly in a very dynamic fashion. This makes life difficult for those defenders who are trying to understand the attack, learn from the threat telemetry they’ve gained from their systems, and then defend against it. But instead, the malware officers just change the tactic and present them with something new.

Q: What does the future hold for attacks on financial services?

some years now, and we’ve actually seen that the volume of threats, globally and across industries, has plateaued over the past year. That’s not to say the volumes are manageable. We’ve identified 4 billion threats in 2014 and another 4 billion in 2013. These are very large numbers, and we know that financial services are hit three times more than other industries. So the volumes are going to remain high, and that it is a problem because there’s this background noise of threats trickling in, some of which might be a greater risk to your business than others, especially the likes of Geodo and Vawtrack which are opening backdoors and stealing your confidential data. Malware authors have also proven that they are operating with a more complex and developed toolkit. We’ve found that advanced tools are now the new baseline, and malware authors are not afraid to change their tactics so that they can constantly evolve their own methods and also attempt to stay a step or two ahead of those who are seeking defend operations. What we’re observing is that financial services are really getting involved in sharing of threats telemetry across their industry so they can collectively better understand the types of threats coming in. This will help them to consider build out capabilities to move to a more proactive stance for vicious management within their organizations by really and truly understanding the threat types they’re observing. We hope that this report will go some way into building a picture of exactly what members of that industry can look to face in the next year. History tells us attacks are becoming more complex, and the volumes are not getting to such a level where it’s becoming so easily manageable right now.

http://www.itincanadaonline.ca

ARE YOU MISSING OUT? Please supply us the following information to allow us to provide another year of Free Subscriptions to IT in Canada Online.

NOW!

Fax: 905-727-4428 Mail: 23-4 Vata Court, Aurora, ON, L4G 4B6 Email: circulation@iticonline.ca

NAME:

TITLE:

ORGANIZATION:

ADDRESS:

CITY:

COUNTRY:

PROVINCE:

POSTAL CODE:

E-MAIL ADDRESS:

PHONE:

WHICH FORMAT WOULD YOU LIKE TO RECEIVE YOUR COPIES?

SUBSCRIBE TO FREE WEEKLY E-NEWSLETTER?

YES, PLEASE

DIGITAL

NO, THANKS

TECHNOSPECTIVE PREPARING FOR WINDOWS 10

By Anthony Bartolo

HOW TO:

Activate Windows 10’s Enterprise Mode

ne interesting question I received recently is, “Will the new Edge browser (Project Spartan) in Windows 10 completely replace Internet Explorer?” This particular question has been a major talking point amongst various IT professionals, as many organizations are looking for a web browser that provides access to legacy intranet sites that these businesses frequently rely on. The short answer to this question is that both Internet Explorer and Edge will be available for use in Windows 10. Users can then enable Enterprise Mode, which not only crafts an experience that is very similar to IE8, but also allows for the seamless transition of legacy apps to the new operation system. Here is a step-by-step guide that will show you how to activate Enterprise Mode

16 / IT in Canada Online July/August 2015

on the Technical Preview of Windows 10. 1. Press Windows Key + R on your keyboard to open the local group policy editor. 2. Type gpedit.msc into the Run dialog, and then press Enter. 3. In the Local Group Policy Editor, navigate over to User Configuration > Administrative Templates > Windows Components > Internet Explorer. 4. Look for “Let users turn on and use Enterprise Mode from the Tools menu option,” and double-click on that option. 5. Click on Enabled in the dialog windows. This allows users to enable Enterprise Mode manually. Note: IT administrators can also use the website list option to automatically enable the Use the Enterprise Mode via an IT provided list of websites. The

list can be saved on a website or on the local computer 6. Click on Apply, then on OK to accept and confirm the changes. 7. Close the Group Policy Editor. 8. If there are any open IE11 browser windows, close them. 9. To activate Enterprise Mode, open a new IE 11 window 10. Press the Alt key on your keyboard and navigate over to the Tools menu. 11. Select Enterprise Mode from the menu. If you would like a more detailed look at activating Enterprise Mode, be sure to check out our MVA: Getting Started with Windows 10 for IT Professionals session. For more information about Windows 10 and other Microsoft-related topics, please visit CANITPRO.net.

NETWORK SPOTLIGHT MAXIMIZING STORAGE

By Len Rosenthal

Removing the Guesswork from

STORAGE PERFORMANCE PLANNING Enterprises depend on their ability to change and adapt to compete. As the needs of the workforce, customers and partners change, so do the demands on storage infrastructure.

n most large enterprises, storage now represents the largest portion of the physical IT infrastructure budget and increasingly influences overall application performance. Predicting how storage systems will perform in the real world, and how to optimize performance and expenditure has forced its way to become a central focus of data center planners. This creates a significant movement of large enterprises to a new generation of storage performance analysis tools that are more accurate, more flexible, and more empowering. Determining how storage will perform in a given environment is complicated, due to the interaction between servers, network, virtualization layers, and storage—along with the wide diversity in application workloads. Most vendor-provided specifications and benchmarks do not give accurate insight into how their products will actually perform under real-world workloads. They simply don’t have the tools to figure this out and so typically provide educated guesses in relation to performance sizing. Although application level performance management (APM) tools are very good in assessing potential performance problems, they can’t isolate storage performance from overall application response times. Storage performance testing needs to be a standalone process; an IT best practice that can help determine the optimal products to deploy and help identify bottlenecks from a particular storage system or network switch. One common approach utilized by many organizations is the use of script-based tools such as Iometer and VDBench. These are open source tools that can provide basic performance information if the IT organization doesn’t mind investing heavily in scripting tests and writJuly/August 2015 IT in Canada Online / 17

NETWORK SPOTLIGHT MAXIMIZING STORAGE

ONE COMMON APPROACH UTILIZED BY MANY ORGANIZATIONS IS THE USE OF SCRIPT-BASED TOOLS SUCH AS IOMETER AND VDBENCH. THESE ARE OPEN SOURCE TOOLS THAT CAN PROVIDE BASIC PERFORMANCE INFORMATION IF THE IT ORGANIZATION DOESN’T MIND INVESTING HEAVILY IN SCRIPTING TESTS AND WRITING CUSTOM REPORTS. IOMETER WAS CONCEIVED IN 1998 WITH A FIRST RELEASE IN 2001. ing custom reports. Iometer was conceived in 1998 with a first release in 2001. Without a corporate backer, it offers no dedicated support and has suffered significant lulls in developer activity–and when last looked, access to the user manual was broken. Such tools also require dozens of servers and hundreds of VMs to generate a sufficient amount of load to test high-performance storage systems, such as all-flash arrays. Every change to the infrastructure can necessitate a rewrite of the scripts. This ties down skilled personnel resources in scripting and maintaining in-house platforms required to recreate production environments. As noted by Jim Miller, storage analyst for Enterprise Management Associates in his Impact Brief on the subject, “The net effect is that relatively few useful storage tests are run.” A new generation of storage testing tools from Load DynamiX takes a new approach

18 / IT in Canada Online July/August 2015

and focuses on making performance evaluation easier, flexible and more accurate. These tools accurately reproduce “production” workload situations--targeting flash and hybrid storage systems--for their testing. They enable easy what-if analysis across a dozen or more key parameters. The simulated production workloads can in turn be modified and reproduced time and time again to more accurately test the possible variations of expected loads for new, yet-to-be deployed systems. Load DynamiX uses purpose build appliances to deliver real-world workloads which previously could only be produced in a cost-effective manner. As a consequence, a rapidly growing number of enterprise IT departments including GE, Cisco, T-Mobile, AT&T, and Go Daddy use Load DynamiX for storage performance planning, including technology and vendor selection, configuration optimization

and change validation. Moving away from older, less accurate and less insightful solutions allows these large enterprises to more confidently and flexibly adjust their storage needs to their constantly-changing environments and requirements. Storage architects now have validated, easy, and cost-effective insight into how workloads will perform on their potential storage systems and software updates – before the new infrastructure and applications are deployed. Len Rosenthal, Vice President of Marketing, Load DynamiX. Len joined storage performance validation leader Load DynamiX in July 2013 and is responsible for worldwide marketing. Prior to Load DynamiX, he held executive positions at Virtual Instruments, Panasas and QLogic and held senior marketing management roles at Inktomi, SGI, and HP. Len earned an MBA from UC Berkeley’s Haas Business School, a BSEE from the University of Pennsylvania and a BS Econ from Penn’s Wharton Business School.

RESELLER CHANNEL SHOWCASE GUIDE

Promote Your Sales Literature Cost-Effectively This showcase is an excellent opportunity to cost-effectively feature new products, literature and more. • Reach more than 10,000 resellers, distributors and systems builders who authorize, specify or approve the purchase of products and services. • Showcase your most current brochure or product sheet • Increase your sales with this high volume, cost-effective marketing tool.

2015 Product Showcase Rate

ReselleR Channel

ShowcaSe Guide

Promote Your Sales Literature Cost-Effectively

Ut lorperat praesed

Gait vel ut alit er sumeld SRos nulla feuip et nullaore min henit ulla feugiatet dolenis erat, conse vendiam dipit, quatinim incipit ea consecte faciliq uamcorperit wisl ilis adionummy nibh exeriur eriusci llaore magna ad tetummodiam venis nullan exer sustin vero od miniamcor susto odolore tet diam aliquat lor sum vullaore feugait prate elit at. Ed molortincil dolore tincipit luptat adipsuscilis aliquip eraestrud er sum in ullaoreet lore vendit exer se doloreet, quipisi. Cumsandipit utpat nim nonummy nostio elisseq uisisse quatet eugiamet dolorer Am dui blaorper aci eui eniamco mmolor sisi.Loreraesto commod magniate magna feui blan utpat nim nonsed tem quat adiam et ad et am niam, quismolum nim nullaorem in utpat. Xero od min utate volenibh ea am, sectem inisi tincillam ipisism olortie velit nis exer ilis et dip enim velisi ectet, sisit ipit ad diatetuerit aci ea faccumsan vel euis enit, voloreet ad dolore feum quis nos adipit ut lore feugiat, quat nulla facidunt at. Ming eEm velissit num dolorem dolobortie velit vercip euis nim ing eugiatu msandre modit nullum et vel essi. Tat. Illa autem inibh eu facilla orerci te feuguer iliquis nim nullutem il ut at prat. To er sed doloreet, sim alit, velit, quat. Lum zzriusto erostrud exer sisi blaore ming ercili erciliquat ulput wissi. Gait vel in velis elis autpat venit diatummy nons nostrud dui tat augait, si. Sequat, susto dion utpat, ver alismolenim zzri zzriuscilla facipisi blaortincing euisit, quamcommy niam zzrilit acing ercil digna feugiamet illam venim eugue modions ectet, commy num iliquamet, commod tet, quam, consequat autpatum dit do dolorem ipit vendipsummy nullandreet, consenim dipsumm olorer sim quat iniam, veliscip essequis doloboreros am in utat eu feugue conse estrud ming enim ing et pratum venim dolorerci blamet augiamc onsequamet lor irilit aliquat autpat lan et aliquis ea facilit praessit ut velis nonulla conulpu conulputate magna faccum zzriliq uiscin vent in vel ing ex

Nonsequat. Ut acilit eniamconse conullute dip er secte dolobor acil ulputat doluptatie do con el et accumsan henit iriusto consequam velit veliquat at. Sit wismod mod doluptat. Suscin hendiam, sumsandio odolum quisis atisi. Bor sum dui etue min ulla faccum zzrilis nulla feugait vel utpat iliquipsum num verat. Quis exero consed esequis adit verit nim veliscin ex euis aliquatio del el erat estrud do odiamet alismodiam zzriurem eumsan henim quissenis erat. Enibh et, quipit alit nulla auguera esecte coreet ipisl eummod magniat. Dui blandit alit, qui tio euis autpat in eriurem acilla am, sum adit volent vulpute tummod te vullaore minisse quatuer acipit del ut do commodolore volut nis nonsed ea feu feum essequi tet at numsan ut wiscin henisim zzriuscil ese faccum quat. Velesenim iliquatis nisit landre dolore vullum veliquat esecte faciduis del ulput nibh eros nit il exerat lor sit atuer susci tat augueraessis augue feuiscin vel dolortie feugiat, veliquat, sequat. Ut lamet velenim niam, sequam eu feugue velis dolestrud mod tatuer ing euguero odolore tatin ute modo dolorem eugait lute dignim acil ipsum iusto ea feu facil iuscidui elent augiam veraestis aliquis cipismo dipsum dunt alit aliquat, vel ute consed tionsed dolorpe rcilit esto euguer sim et la facilla facilismod tet ipissi. Gait at, coreetummy nullum dolutem alis nos nim vulla consecte mod dolobor periusc iduipit lut veniatetum doloboreet vero conullamet autpate dolutpat. Tat nit alissim eui tin er iriusci tie del ulputem etue veriure ver si.

Product

 1x – $1,200  3x – $1,100  6x – $1,000

Showcase

Gait vel ut alit er sumeld

Closing date:

Space

Material

Spring

Mar 11

Mar 18

Summer

May 6

May 13

Fall

Aug 12

Aug 19

Winter

Oct 7

Oct 14

SRos nulla feuip et nullaore min henit ulla feugiatet dolenis erat, conse vendiam dipit, quatinim incipit ea consecte faciliq uamcorperit wisl ilis adionummy nibh exeriur eriusci llaore magna ad tetummodiam venis nullan exer sustin vero od miniamcor susto odolore tet diam aliquat lor sum vullaore feugait prate elit at. Ed molortincil dolore tincipit luptat adipsuscilis aliquip eraestrud er sum in ullaoreet lore vendit exer se doloreet, quipisi. Cumsandipit utpat nim nonummy nostio elisseq uisisse quatet eugiamet dolorer Am dui blaorper aci eui eniamco mmolor sisi.Loreraesto commod magniate magna feui blan utpat nim nonsed tem quat adiam et ad et am niam, quismolum nim nullaorem in utpat. Xero od min utate volenibh ea am, sectem inisi tincillam ipisism olortie velit nis exer ilis et dip enim velisi ectet, sisit ipit ad diatetuerit aci ea faccumsan vel euis enit, voloreet ad dolore feum quis nos adipit ut lore feugiat, quat nulla facidunt at. Ming e

SRos nulla feuip et nullaore min henit ulla feugiatet dolenis erat, conse vendiam dipit, quatinim incipit ea consecte faciliq uamcorperit wisl ilis adionummy nibh exeriur eriusci llaore magna ad tetummodiam venis nullan exer sustin vero od miniamcor susto odolore tet diam aliquat lor sum vullaore feugait prate elit at. Ed molortincil dolore tincipit luptat adipsuscilis aliquip eraestrud er sum in ullaoreet lore vendit exer se doloreet, quipisi. Illan et atet alit, sim zzrit autpat. Min ulla cor am quat, vel exerostionse elit digna facilit alis aliquate min vel incin utpat. Nos er acip eu feugait alit il ulput landreet landio er sis augait laor augiamcons nisim quisseniam zzrilis molenisl ullutpat. Ut luptat vendre core dions niat wismodi gnissed et wisim in esenisi. Elit illuptat. Duisi tincinci blam vel ulluptat lorperil et, sissequi tatet acidui blam velit, quatio commy nummod magniam dignibh erat. Ut ipis adipsus ciliquis nim eum ver

Blaorting eum adigna facidunt velent SRos nulla feuip et nullaore min henit ulla feugiatet dolenis erat, conse vendiam dipit, quatinim incipit ea consecte faciliq uamcorperit wisl ilis adionummy nibh exeriur eriusci llaore magna ad tetummodiam venis nullan exer sustin vero od miniamcor susto odolore tet diam aliquat lor sum vullaore feugait prate elit at. Ed molortincil dolore tincipit luptat adipsuscilis aliquip eraestrud er sum in ullaoreet lore vendit exer se doloreet, quipisi. Metuercidunt ipsustionsed tatin velisi blamet, susto conullan utpat dio odolum quate magnim il eu feugait endrer sum

con ulputatum vullaoreet lum SRos nulla feuip et nullaore min henit ulla feugiatet dolenis erat, conse vendiam dipit, quatinim incipit ea consecte faciliq uamcorperit wisl ilis adionummy nibh exeriur eriusci llaore magna ad tetummodiam venis nullan exer sustin vero od miniamcor susto odolore tet diam aliquat lor sum vullaore feugait prate elit at. Ed molortincil dolore tincipit luptat adipsuscilis aliquip eraestrud er sum in ullaoreet lore vendit exer se doloreet, quipisi. Cumsandipit utpat nim nonummy nostio con utatem ing ent velis amcommy nos niam illa feuguer irit exer se ming exer ad elisseq uisisse quatet eugiamet dolorer seniamet dunt ulputat.

Blaorting eum adigna facidunt velent

ut lorperat praesed SRos nulla feuip et nullaore min henit ulla feugiatet dolenis erat, conse vendiam dipit, quatinim incipit ea consecte faciliq uamcorperit wisl ilis adionummy nibh exeriur eriusci llaore magna ad tetummodiam venis nullan exer sustin vero od miniamcor susto odolore tet diam aliquat lor sum vullaore feugait prate elit at. Ed molortincil dolore tincipit luptat adipsuscilis aliquip eraestrud er sum in ullaoreet lore vendit exer se doloreet, quipisi.

32 / CRN Canada December 2010

Specifications: Headline: cannot exceed 40 characters Copy: Cannot exceed 150 words. Advertiser are responsible for writing copy, IT in Canada reserves the right to edit copy. Illustrations: Advertisers must submit high resolution electronic files.

For Advertising Inquiries Contact: Marcello Sukhdeo VP Business Media Strategy 905-727-4091, x224 marcello.sukhdeo@iticonline.ca

CHANNEL CORNER

ACCOMMODATING BIG DATA

By Miha Ahronovitz

A closer look at Ericsson

CLOUD STORAGE

Part 1 This is the first of two articles about Ericsson Cloud Storage written for a large audience. The result is a collective effort in the Accessibility Team from the Cloud Product Team: Hans Haenlein, Johan Carlsson and myself. We started by asking what is Big Data? This is one of those terms we believe we know, but we need to take a closer look at it to truly understand it.

20 / IT in Canada Online July/August 2015

Big Data is changing our lives In the last 10 years, cloud based storage data services have exploded. Data volumes are growing up 60 per cent annually. By 2020, the total stored and archived data accumulates worldwide to a staggering 40,000 EB. This mind boggling volume of data – called Big Data – forces us to re-consider the way we design computer storage. There is no longer such a thing as small data. In a 2014 article from Information Week, Chris Gladwin, founder of Cleversafe, is quoted as saying: “A decade ago (in 2004), only 60-70 companies in the world acquired a petabyte or more of new storage each year. “There was maybe one organization at that time that was at a 100-petabyte scale, and that was it. Now, 10 years later, (in 2014) the number of companies in the world that are deploying a petabyte or more of storage every year is around 7,000.” A decade from now (in 2024), “when you look at the capacity-optimized segment of enterprise storage — which is the big enterprise storage systems — we’re projecting that zero percent of the market will be systems that are a petabyte or less.”” Here are some metaphors to visualize these mind boggling volumes of data. • 1 EB of storage could contain 50,000 years’ worth of DVD-quality video. If we travel 50,000 years back in time, we will see the Sahara desert as a wet and fertile land. At that time, the Later Stone Age just started in Africa… • To store 1 EB, let’s assume 4 million consumer grade 250 GB hard drives. In a research paper by Google, the Annual Failure Rate (AFR) of commercial grade disk drives is 8 per cent after three years. Per day, this is 877 drives failing or 37 drives failing per hour. • Wikipedia visualizes the size of the storage of 1 YB using 1 TB disks as “1 million city block size data centres, as big as the states of Delaware and Rhode Island combined.”

  

TECHNOSPECTIVE

Do your sales reps spend more time looking for special pricing approvals than talking to customers? Is your purchasing team struggling to keep up with requests to validate pricing and discounts?

 Is your sales team aware of all your customers’ upcoming maintenance, support and warranty renewals? Are your client entitlements lapsing, leaving your customers exposed and your accounts vulnerable to your competitors?

We Can Help                  

July/August  2015 IT in Canada Online / 21 

CHANNEL CORNER

ACCOMMODATING BIG DATA

STORAGE UNITS FOR BIG DATA Storage Units for Big Data

Symbol

SizeOnline

Terabyte Petabyte Exabyte Zettabyte Yottabyte

TB PB EB ZB YB

1 TB = 1,000 GB 1 PB = 1,000 TB 1 EB = 1,000 PB 1 ZB = 1,000 EB 1 YB = 1,000 ZB

From now on, legacy storage won’t work because the architecture can’t scale. The usage of replication drives will send costs to unmanageable levels. Storage objects will be 1,000 times larger than today. Web-scale requires a new storage architecture.

Structured data Structured data can be easily organized and placed in databases. It accounts for only 20per cent of the data available worldwide. Examples of machine generated structured data are Sensory Data – GPS data, manufacturing sensors, medical devices; point-of-sale data – credit and debit card information, Any data entered into a computer: name, age, zip code, gender, etc. is structured data Although much smaller in volume, structured data functions as a solid foundation to critical business relevant insights. Without structured data, it is difficult to know where to find treasured discoveries buried in the unstructured data sets.

Unstructured data Unstructured data refers to information that either does not have a pre-defined data model and/or is not organized as such. Human unstructured data includes email and text, documents, pictures, videos, slideware which deal with opinions or aesthetic judgments. Different people will have different opinions. Social networks and content driven services are the dominant source for human generated unstructured data. The hundreds of millions people texting and emailing or leaving voice mails from their mobile phones – like the two young men from Brazil in the image above – create massive sets of unstructured information never available before Machine generated unstructured data 22 / IT in Canada Online July/August 2015

originates from man-made machines produce nonstop streams of data. These are computer logs, satellite telemetry (espionage or science), industrial sensors, and video from security cameras, medical, seismic and geophysical sensors. As Derek Collison, founder and CTO of Apcera predicts in his blog Takeaways from TED 2015: “…massive amounts of data exist in forms that appear static, but now we’re leveraging massive computing resources and the cloud to turn this data into amazing information that enables not only humans – but machines – to learn. In fact, thanks to this data explosion, machine learning will advance so rapidly that in just five years what we’re doing now to analyze and leverage data could look as antiquated as a rotary dial telephone.”

Questions and wishes Every company wants to be self-sufficient in Big Data business. But where do they start? Here are some questions and wishes that our accessibility group inferred from interviews and Internet research. “How do I store all this data? What data do I keep active and what do I archive? (They call this “triage”) “How do I move data around without breaking the law? How do we keep multiple clouds compliant, under multiple jurisdictions, in different countries, and ever changing compliance rules?” “I tried the public storage cloud services from third-party vendors; they do not have geographical fencing and Governance, Risk Management and Compliance (GRC). Also, we are not sure about their future long-term pricing.” “Why are we feeding their margin, and not our company’s margin?” Enterprises want to deploy the storage

at will, and be able to scale it up to at least 100 PB. They want a built-in governance, risk-management and compliance (GRC), automated as part of the system. They need to audit in-house to avoid surprises from external auditors. The active content should be always on, accessible in 100 milliseconds or less. We hear open questions like “What is “secure enough?” or “To comply with what? At what cost?” Enterprises want disruptive economics and savings. They want to make money and not to spend unnecessarily. And above all they want simply to own and operate cloud storage and control in-house the tools used to speed up the management decision.

Accessibility Ericsson calls ease of use Accessibility. No matter how powerful the cloud storage solution is – if it ties up the customer’s smartest people and consumes inordinate amounts of money – it will fail. Enterprise UX is a catch-all term for work done for internal tools – software that’s used by employees, not consumers. It is just as important for the employee of a company to use the software tools, as it is for the external users. Otherwise, the productivity will not be improved. When an employee uses a software because “she has to,” and not because “she likes it,” there is de-motivation. Research shows that 60 per cent of our decision making is emotional. Many traditional big organizations have been defined by engineering and business thinking. Any design was either incidental or unintentional. Now, those companies are waking up to the value of solid design. They shed excess and are building better, leaner, and more human organizations. The time has come to emulate (in any suitable enterprise) the cloud “giants.” Google, Facebook and Amazon have been playing a different game for over a decade. By increasing both operational and asset efficiency, it is possible for a company to own cloud and storage solution as the giants have, but on a smaller scale. Stay tuned for Part 2. Miha Ahronovitz is the senior evangelist for Ericsson’s Cloud Product Team.

l record CARON DANIELing the digita Archiv

UBLIC

SNOOK l health p.12 nta ANDREW ing me Manag

S A THOMA SORCHg ideas and Sharin ces p.16 resour

AZI NE

LIC FOR PUB

DEC ISIO

KER N MA

UE KED ISS THE WIC 12 BIG

12 FOR 20 ENGES CHALL

ngovernm

entexecu

SEC TOR

DEC ISIO

SEC TOR

S MA KER

NS WHO ONWMENT R GOVE MATION? INFOR

PUB LIC INE FOR

p.16

Y 201 JAN UAR 18 VOL UME 1 NUM BER

2010 JUN E 16 VOLU ME 6 NUM BER ov.ca www.netg

THE MAG

GAZ THE MA

p.15

tive. ca

GOVE

T VS P RNMEN

UBLE Ygement JOHN KN mana Portfolio

70471

ry 10 Februa

61399 0

until Display

1 9 7047

10 until July

6139

tion Mail Publica 37 411325

r: ation Numbe Registr

37 : 411325 tion Number Registra

Display

$5.00

Public

$5.00

adia www.can

nment Gover

ion Mail Publicat

Calling All IT Vendors! The senior government decision-makers that you want to reach are reading IT in Canada’s sister publication Canadian Government Executive.

We are the forum of choice for public sector decision-makers, reaching up to 60, 000 of your potential clients each month.

• high quality editorial • extensive networking opportunities • a large and enthusiastic readership that makes use of advertisers’ products and services

Why CGE?

CURRENTLY IN ITS 21ST YEAR OF PUBLISHING IT IS THE MOST WELL READ AND RESPECTED JOURNAL REACHING THIS MARKET. CGE PROVIDES:

THINK OUTSIDE THE AD

Our publication has the largest and most enthusiastic readership of any public sector magazine in the country. By combining our relationships and relevant editorial with your products and services, your brand will make an impact. CGE provides valuable tools for executives to work smarter and more effectively. Join us in getting in front of Government Executives with your message!

In addition to traditional print advertising, CGE can help you reach your clients through world class special events, informative webinars, thought leadership and content marketing, and social media.

FOR FURTHER INFORMATION CONTACT Marcello Sukhdeo, VP Business Media Strategy 905-727-4091, x224 marcellos@netgov.ca Jose Labao, Account Manager 905-727-4091, x231 josel@netgov.ca

Reader Action

Scan to visit CGE website

Our Readers

PUBLIC SECTOR EXECUTIVES: • Deputy Minister • Assistant Deputy Minister • Director General • Director

76%

Have purchase inﬂuence on one or more of the items advertised

50%

Take action in response to what they see in our advertisements and articles

23%

Have personal control or signiﬁcant inﬂuence over budgets greater than $10 Million

01001001 01100110 00100000 01111001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110010 01100101 01100001 01100100 00100000 01110100 01101000 01101001 01110011 00101100 00100000 01101111 01110101 01110010 00100000 01100011 01101100 01101001 01100101 01101110 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01110011 01100101 01100001 01110010 01100011 01101000 01101001 01101110 01100111 00100000 01100110 01101111 01110010 00100000 01111001 01101111 01110101 00101110 If you can’t read this, we’ll connect you to the people who can.

4fmv.ca

The right candidates. The right opportunities.