RAMI RAHIM
STEVE GLOVER
Software-defined networking 101 p.10
Going green: BC Hydro’s disposal of IT assets p.14
INSIGHTS FOR TECHNOLOGY PROFESSIONALS
November 2013 VOLUME 4 NUMBER 4
EMAIL SECURITY
Publication Mail Registration Number: 42169527
Send me a postcard?
www.itincanadaonline.ca
Do your sales reps spend more time looking for special pricing approvals than talking to customers? Is your purchasing team struggling to keep up with requests to validate pricing and discounts?
Is your sales team aware of all your customers’ upcoming maintenance, support and warranty renewals? Are your client entitlements lapsing, leaving your customers exposed and your accounts vulnerable to your competitors?
We Can Help
Contents
www.itincanadaonline.ca
Vol 4 No 4 November 2013
10 Software-defined networking 101
Features 4 Editorial 8 Send me a postcard? The recent case involving Lavabit LLC, an email provider allegedly used by NSA-leaker Edward Snowden, is restarting debates about your email security and privacy. 18 Software-defined networking 101 More than just a trend: why software-defined networking is here to stay. 16 Product Review The Toshiba Z10t: meet the Ultrabook crossover.
8 Cover Story Email: the electronic postcard Departments 12 Big Data Case Study “Data is gold” in the mining sector Taking a look at mining and exploration data collection and sharing practices for the 21st century.
17 Book Review How a simple checklist can help you get the job done better.
14 Technospective: Green IT Going Green: BC Hydro’s disposal of IT assets.
Online Extras: www.itincanadaonline.ca
14 Going green
Missed an issue? Misplaced an article? Visit www.itincanadaonline.ca for a full archive of past IT in Canada Online issues, as well as online extras from our many contributors. November 2013 IT in Canada Online / 3
EDITORIAL INSIGHTS FOR TECHNOLOGY PROFESSIONALS EDITORIAL ACTING EDITORS: AMY ALLEN AND DANIELA FISHER
amy.allen@itincanadaonline.ca daniela.fisher@itincanadaonline.ca
SENIOR STAFF WRITER: RACHEL LEVY SARFIN
editorial@itincanadaonline.ca
STAFF WRITERS: AMY ALLEN
amy.allen@itincanadaonline.ca
DANIELA FISHER
daniela.fisher@itincanadaonline.ca
IT in Canada Online, Version 2.0
CONTRIBUTORS: ERIC JACKSCH, DAMIEN DUFF, NIGEL SMITH, STEVE GLOVER, CHRISTOPHER ROGERS, HARVEY SCHACHTER SALES NATIONAL ACCOUNT MANAGER: PATRICIA BUSH
905-727-4091 x336 trish.bush@itincanadaonline.ca
ACCOUNT MANAGER: LASKEY HART
905-503-1376 laskey.hart@itincanadaonline.ca
EVENTS EVENTS MANAGER: SANDRA SERVICE
sandra.service@itincanadaonline.ca
ART & PRODUCTION ART DIRECTOR: ELENA PANKOVA
elena.pankova@itincanadaonline.ca
SUBSCRIPTIONS AND ADDRESS CHANGES CIRCULATION DIRECTOR: JAMES WATSON
circulation@itincanadaonline.ca
CIRCULATION COORDINATOR
circulation@itincanadaonline.ca
GENERAL INQUIRIES
24-4 Vata Court, Aurora, ON, L4G 4B6 Phone 905-727 4091 Fax 905-727-4428 CORPORATE COO AND GROUP PUBLISHER: JOHN JONES
publisher@itincanadaonline.ca www.itincanadaonline.ca
PUBLISHER’S MAIL AGREEMENT: 42169527 IT in Canada Online magazine is published six times per year. All opinions expressed herein are those of the contributors and do not necessarily reflect the views of the publisher or any person or organization associated with the magazine. Letters, submissions, comments and suggested topics are welcome, and should be sent to publisher@itincanadaonline.ca
www.itincanadaonline.ca REPRINT INFORMATION
High quality reprints of articles and additional copies of the magazine are available through circulation@itincanadaonline.ca or by phone: 905-727-4091 ONE YEAR SUBSCRIPTION RATES
Canada: $50/year; USA $60/year; International $100/year. All rights reserved. No part of this publication may be reproduced without written consent. All inquiries should be addressed to circulatin@itincanadaonline.ca
4 / IT in Canada Online November 2013
T
hose who have been to our website in recent months may have noticed that we’ve given IT in Canada Online an extensive refresh. The IT industry is everchanging, and we decided to follow suit. We’ve condensed our sections, retaining the topics that are most important to you: C-Level Insight, SMB, Reseller, Collaboration, Cloud, Security, and Mobility. We’ve made the website more reader-friendly and easy to navigate. It’s simple, it’s modern, and it’s clean. Essentially, we’ve designed the site to serve you better. You will find in-depth coverage of the information, trends, and technologies that affect the Canadian IT industry. We have articles and features on the latest news, a library full of whitepapers from leaders in the industry, videos of important events, and, in the coming year, we’ll be hosting a series of webinars on the cloud and business analytics. We recently moved into the social media sphere. You can now find us on Twitter, Facebook, and LinkedIn. Follow us for news updates and event coverage, or throw your questions and comments our way. We’re always happy to have a conversation with our followers; in fact, we thrive on it! We send out newsletters on a daily, weekly, and monthly basis – we focus on the channel, mobility, cloud, collaboration, SMB, and C-level insight. You may consider opting into some of them based on your information needs. Our mission has always been to serve our much-valued readers, and we hope that you will continue to bookmark our site as one of your key information sources. We also invite you to email us directly with your comments and feedback on how we can improve your reader experience within our site. We’re excited about our transformation here at IT in Canada Online, and we hope you decide to join us for the ride.
media:scape™
furniture and technology merged to help teams access and share information www.steelcase.com/cometogether
expect more
Contact us to learn more
·media:scape™ creates a collaborative destination ·Everyone can share their digital information instantly ·Information is visible by all participants
POI Business Interiors has more than 50 years of experience in providing knowledge, products and services that help people work more effectively. We understand the issues facing organizations today. T 888 296 9967, F 905 479 6941 www.poi.ca info@poi.ca
PRODUCT NEWS
SunGard set to open data centre in Markham SunGard, an international software and technology services company, is expanding its footprint in Canada. The company recently broke ground in Markham, Ont. for a data centre. SunGard’s newest facility is the latest addition to the company’s data centres currently operating across the country, including five in the greater Toronto area. Joe Sullivan, VP and product manager, SunGard, noted that the company has seen significant demand in the GTA for its data centre services. “It’s outstripping the supply in our current data centres,” he said. As a result, SunGard began looking for locations to expand in the GTA. Markham was a natural choice, because it is situated far enough outside of the downtown core, but not too far away for latency and recovery purposes. SunGard and Digital Realty Plus identified an existing manufacturing facility that met the software and technology services company’s needs. The building gave SunGard access to telecom fiber, and it had what Sullivan called “good structural bones” and the necessary weight-bearing capacity. “We’ve committed to 20,000 square feet and 2.5 megawatts of power,” he noted. “It covers demand for a couple of years. We have expansion capabilities for up to five times that size.” As SunGard expands its capacity at the Markham facility, company officials expect to offer customers the latest advances in technology. “As we build out, we can take advantage of new technologies,” said Chris Toushan, country manager for Canada, SunGard. Such advances will most likely be more environmentally friendly. Toushan cited the example of cooling technologies, which might leverage Canada’s cool climate. Toushan and Sullivan expect the Markham data centre to be open sometime in the late second quarter or early third quarter of 2013. “We’re extremely excited about getting started in Markham,” Sullivan commented. Toushan added that one of the things SunGard is most looking forward to is the ability to provide what he referred to as “a geographically resilient solution.” Moreover, the newest data centre in the GTA will provide both production and recovery capabilities to SunGard’s customers.
Ninety per cent of mobile apps contain vulnerabilities: HP Recent research conducted by HP has come back with some alarming results: nine out of 10 enterprise-grade mobile applications contain major vulnerabilities that leave devices open to attack. Using HP Fortify on Demand, HP tested the security of 2,107 applications published by 601 companies belonging to the Forbes Global 2000. The results of the study found that 97 per cent of the applications tested had access to a private information source – such as address books, social media, and connectivity options – within a device. Of those applications, 86 per cent did not have adequate security to protect them from common exploits. The other vulnerabilities that the study unearthed were a lack of binary protection, insecure 6 / IT in Canada Online November 2013
data storage, and a lack of transport security. Among the applications that HP scanned, 75 per cent did not use proper encryption techniques when storing data – meaning that sensitive information such as passwords, personal information, chat logs, and photos were left vulnerable to exploitation by adversaries. Additionally, 18 per cent of participating applications sent passwords and usernames over HTTP, while another 18 per cent incorrectly implemented SSL/HTTPS. According to Mike Armistead, VP and GM, Enterprise Security Products, HP Fortify, these vulnerabilities stem from the pressure business managers face to deploy their applications more quickly. “There’s a premium that people feel they need to place on getting the functionality out into the consumer’s hands as fast as they can. And with this premium placed on speed, I think people are discounting the risk,” said Armistead. Yet in many cases, a security assessment test is all that is needed to identify and remediate vulnerabilities before releasing or procuring an application. Armistead says this responsibility falls mainly on the shoulders of developers. “The most obvious thing to do is assess the app before it gets put in some place public,” said Armistead. “I believe that it is the responsibility of the people producing the application to make sure they’re doing the right thing on security. “We are seeing some really good work from a lot of different industries and enterprises, but there’s still a long way to go. Ultimately, what you have to do is raise the bar for application security and make it tougher on the adversary.” HP Fortify on Demand for Mobile provides organizations with the tools to assess vulnerabilities in applications, resolve any security flaws prior to deployment, and protect applications from exploits once they’re in circulation.
PRODUCT NEWS IBM to offer Watson technology to developers IBM announced recently that it will make IBM Watson, its artificially intelligent supercomputer, available to software developers in the cloud. Watson is capable of responding to questions asked of it in human languages, and famously defeated former Jeopardy! champions Ken Jennings and Brad Rutter in a special two-part episode of the quiz show in 2011. When launched, the IBM Watson Developers Cloud will be a cloud-hosted marketplace where application providers may take advantage of a number of tools designed to help them build their Watson-powered apps, including a developer toolkit, education materials and access to Watson’s API. IBM partners that develop Watson-powered apps will be able to use either their own data or third-party data that is offered in the IBM Watson Content Store. IBM will also connect these partners with skilled professionals – including 500 of its own experts – who will help them turn their work into market-ready products. “By sharing IBM Watson’s cognitive abilities with the world, we aim to fuel a new ecosystem that accelerates innovation, creativity and entrepreneurial spirit,” said Michael Rhodin, SVP, IBM Software Solutions Group. “With this move, IBM is taking a bold step to advance the new era of cognitive computing. Together with our partners we’ll spark a new class of applications that will learn from experience, improve with each interaction and outcome, and assist in solving the most complex questions facing the industry and society.” IBM is planning to unveil its new vision with three partners that have already utilized Watson technology in their app development. Fluid Retail, a company that builds online shopping experiences for retailers looking to engage their customers, is currently developing the Fluid Expert Personal Shopper. This app is designed to interact with customers and act as their own personal shopper. MD Buyline, a provider of supply chain solutions for hospitals and other healthcare facilities, is developing a Watson-powered app called Hippocrates that acts as a research assistant for clinical users who want to make informed medical device purchases. Social Health Management companyWelltok is working on a Watson-powered app called CafeWell Concierge that converses with users about their health and rewards them for healthy behaviour. These apps are expected to hit the market in early 2014.
“The significance here is that IBM will enable other companies, large and small, to embed access to Watson into their products and services, or better yet, to build applications on top of it,” said Mohamad Makhzoumi, partner, New Enterprise Associates, and board member, Welltok. “This could bring about a paradigm shift not only in how people interact with computers, but in how we live our lives.”
BBM Channels now available on BlackBerry 10 and BlackBerry OS devices BBM Channels, a forum that allows users to interact with other people, brands, communities, has been in limited beta since May 2013. But BlackBerry announced recently that the feature has been expanded to users of BlackBerry 10 and BlackBerry OS devices. Though the feature remains in beta, brands can use this period to test their content and begin engaging with users. They will be able to post messages, share pictures and animated GIFs, start discussions, and chat directly with subscribers, whether through comments or BBM Channels’ integrated live chat feature. While BBM Channels is currently available only to BlackBerry users, the company does have plans to extend the service to Android and iPhone users in the coming months. BlackBerry has also stated that, beginning next month, BBM will come pre-installed on Android-based smartphones from manufacturers in Africa, Indonesia, India, Latin America, and the Middle East. “It is clear that smartphone customers see BBM as a must have app for active conversations. The uptake we have seen for BBM since the launch on Android and iPhone is amazing,” said Andrew Bocking, EVP, BBM, BlackBerry, in a press release. “We’re thrilled to be working with leading Android smartphone manufacturers from across the globe to help bring their customers the best out-of-the-box experience with BBM pre-installed.” In the meantime, BBM will continue to be available for free download in the Google Play app store. November 2013 IT in Canada Online / 7
TECHNOSPECTIVE ON SECURITY
Send me a postcard?
By Eric Jacksch
The recent decision by a federal judge in Alexandria, Virginia to unseal records of the ongoing case involving Lavabit LLC, a Texas-based email provider allegedly used by NSA-leaker Edward Snowden, has rekindled discussions about email security and privacy.
F
or those who haven’t been following the case, Lavabit was served with a so-called “pen register” order in June requiring it to record, and provide the government with the sender and recipient of every email, as well as the IP address used to access the mailbox. Complying would have required Lavabit to make software changes to defeat the security that they provide to their customers so they resisted the order. As the fight progressed, Lavabit was eventually ordered to turn over their SSL private key, effectively facilitating the wholesale interception and decryption of all data flowing in and out of Lavabit including email, customer information, and credit card payments. Faced with a $5,000 per day penalty for non-compliance, owner Ladar Levison provided the key and shut down operations, but could not reveal the existence of the secret orders until they were unsealed in October. While the name of the investigation target was redacted from the unsealed records, it’s obvious that the investigation is related to Snowden’s alleged disclosure of highly-classified NSA documents. Presumably investigators would have liked access to Snowden’s email account and the accounts of people he had been communicating with. However, unlike the vast majority of email providers, it appears that email stored on Lavabit servers was encrypted and neither Lavabit nor US authorities could decrypt the information without first obtaining the individual users’ login credentials. The two obvious ways to accomplish that would be for Lavabit to modify their own software to capture the information – something they clearly did not want to do – or for investigators to obtain Lavabit’s SSL private key so that they could decrypt all communications between Lavabit and its customers. Levison faced a nasty catch-22: Compromise the se8 / IT in Canada Online November 2013
TECHNOSPECTIVE ON SECURITY
curity of his own systems to comply with a secret government order, knowing that his actions would eventually be revealed if evidence obtained from Lavabit was used in court, or face crippling fines and potential imprisonment. Either way his business was doomed. It’s easy to understand his decision to comply, shut down his business, and seek public discussion of the issue. Our reliance on email makes this discussion globally relevant and underscores a reality that most of us have ignored for two decades: email is inherently insecure. If a new electronic messaging service with the same security properties was proposed today, and subject to even the most cursory risk assessment, it would be deemed totally unacceptable for individual, business, or government use. Everyone from individual technologists to national privacy officials would strenuously object and vigorously argue against its use. While some poorly designed and inconsistently implemented band-aid solutions exist, email provides no useful level of confidentiality, integrity, or authentication. When we send an email we usually do not know the path it will take to the recipient and who can view it along the way. When we receive an email we have no way of knowing who really sent it or if it has been modified in transit. It is trivial for governments, criminals, Internet service providers, and individual system administrators to read, modify, or copy email. Email has often been described as analogous to a postcard. As a postcard travels through the postal system, anyone with access to the system can read or copy it. However, once delivered the recipient is in control: the owner can put it on display, lock it up, or destroy it. Our desire to access email from any computer and on our mobile devices means we often leave it in the custody of service providers who have unfettered access and can provide it to third parties without our knowledge. Modern high volume storage systems and routine backups virtually guarantee that copies are made outside our control. We also email things
that we would never write on post-cards. In addition to the content of email, we should also be concerned about metadata collection. Aggregated data such as sender and recipient email addresses, the date and time sent, and the IP address of the sender can paint a significant picture. Not only does it facilitate the automated mapping of human relationships, but it also provides insight into a person’s physical location over a period of time. Consider the information your ISP could gather: when you are home or travelling, how many people who use email live in your home, who they email, when, and how regularly. Unlike the content of email, metadata analysis is easily automated and combined with additional data sources. For a concrete example at the national level, let’s assume that deployed military personnel use email to keep in touch with family and friends. Given a list – gathered over time – of personnel email addresses, and given access to email metadata, it becomes possible to track movement of military groups worldwide. On a personal level, it’s only a matter of time until criminals use email patterns to identify homes more suitable for burglary due to their owner’s absence. In addition to metadata, advances in linguistic analysis will increase the exploitation of email content. It would not be difficult to examine email and automatically categorize those in relationships and look for evidence of affairs. Detecting people badmouthing their employer or country is not exceptionally difficult. While a human analyst would need to make the final call, the ability to analyse the emails of millions in search of those vulnerable to bribery or blackmail would be a tremendous advantage to intelligence agencies, organized crime, and unscrupulous competitors. Much of the world’s email flows through the United States and is stored there by the world’s largest email providers. This gives the US government the ability to access a large percentage of the world’s email. While the US is well within its rights to legislate within its borders, decisions related to communications security have worldwide ramifications as well as the potential to inflict financial damage on service providers. For example, in 1993 the US government proposed the Clipper Chip, an encryption scheme that included a US government
backdoor. At least one country called the potential import of products containing the chip a violation of their sovereignty, and US manufacturers foresaw significant import restrictions if they incorporated the technology. In this era of economic espionage, governments must consider the interception of their citizens’ email by foreign intelligence agencies a national security concern. Little action has been taken, perhaps because the total absence of email security provides governments with the ability to snoop on their own citizens. When it comes to securing data there are only two real solutions: physical possession and encryption. Leaving stacks of electronic postcards in the possession of a third party denies us the ability to protect that information. Search warrants and subpoenas should be served on data owners, not surreptitiously on service providers. Despite occasional defects, or even alleged backdoors in individual cryptographic algorithms, encrypting data remains one of our best defenses. That the US government went through so much trouble to force Lavabit to relinquish keys demonstrates that strong encryption works. The technology to protect our email has existed since the early 1990s. Open source and commercial versions of PGP provide end-to-end encryption strong enough to secure the vast majority of personal, corporate, and government email. In the mid-nineties Entrust Technologies, an offshoot of Nortel Networks, introduced leading-edge commercial encryption and key management products that were adopted by only a small number of security-conscious organizations. Many email products contain S/MIME functionality to encrypt and digitally sign messages. But for whatever reason – not understanding the risks, apathy, or perhaps even government interference – these features have become neither popular nor easy to use. One of the painful lessons we have learned since the dawn of the Internet is that, to be effective, security must become core functionality. Optional security mechanisms are seldom engaged. People want to email and surf the web, not deal with security. As a result, unless driven to change, we sink to the lowest common denominator; we send electronic postcards, or worse: email. Eric Jacksch is an Ottawa-based security expert. November 2013 IT in Canada Online / 9
TECHNOSPECTIVE ON SOFTWARE-DEFINED NETWORKING
By Rachel Levy Sarfin
Software-defined networking
Rami Rahim, EVP, platform systems division, Juniper Networks
T
rends come and go, but sometimes, certain developments hold staying power and can exert a significant and long-lasting influence. Software-defined networking (SDN) looks to be one of those developments. Rami Rahim, EVP, platform systems division, Juniper Networks, discussed why SDN is here to stay and what benefits it can bring to the enterprise in an exclusive interview with IT in Canada Online. SDN refers to an approach to networking in which software, rather than hardware, is in control. A software application known as a “controller” manages the network’s operations. In a conventional network, a switch’s 10 / IT in Canada Online November 2013
proprietary firmware would tell the switch where to send a given packet. Packets going to the same destination travel along the same path, and the switch treats these packets in exactly the same manner. SDN lets a network administrator govern the flow of traffic through a centralized console. Through the console, the network administrator can change any network switch’s rules as needed.
Software-defined networking: more than just a trend Rahim sees SDN as the most important trend in the networking space today. “There’s a hype cycle,” he acknowledged, “which is what we’re going through right now.” Rahim believes that SDN can overcome its status as a trend, though. “People are untethering its importance from the hype. We’re at a stage where it’s clearer what SDN can do for the enterprise and service providers,” he said. The Juniper Networks EVP commented that SDN has great potential because of its broad applicability. “The cost of running complex networks is so high that network operators are looking to reduce that cost and introduce agility into networks,” Rahim remarked. SDN can help them achieve that goal because the enterprise and service pro-
101
viders no longer need to invest in expensive network switches. Software-based controllers are less expensive and more responsive. “SDN makes it easier to introduce new services onto the network,” Rahim added. The customers of service providers can also deploy services much faster, speeding time to market. “They can more easily monetize their business,” he noted. While it offers enormous potential to the enterprise and service providers, Rahim sees SDN as having an even greater significance. “Networks are viewed as plumbing,” he observed. SDN will change that perception. “SDN provides insight into networks,” Rahim said. Networks will no longer be seen as a set of pipes that are secondary to the information flowing through them. “It makes networks more relevant to the introduction of services,” he remarked. Rahim expressed optimism that SDN is moving beyond the trend phase into a permanent fixture of the networking landscape. “There’s some real momentum in the industry to move SDN out of the hype cycle and into reality,” he commented. He predicted that no one will have a monopoly over SDN. “This is ultimately going to be an ecosystem of technology that’s offered by very different providers,” Rahim concluded.
http://www.itincanadaonline.ca/index.php/subscriptions
ARE YOU MISSING OUT? Please supply us the following information to allow us to provide another year of Free Subscriptions to IT in Canada.
1
SUBSCRIBE
NOW!
Fax: 905-727-4428 Mail: 24-4 Vata Court, Aurora, ON, L4G 4B6 Email: circulation@itincanada.ca
NAME:
TITLE:
ORGANIZATION:
ADDRESS:
CITY:
COUNTRY:
PROVINCE:
POSTAL CODE:
E-MAIL ADDRESS:
PHONE:
WHICH FORMAT WOULD YOU LIKE TO RECEIVE YOUR COPIES?
SUBSCRIBE TO FREE WEEKLY E-NEWSLETTER?
Privacy Policy: we do not share or sell our mailing list
YES, PLEASE
DIGITAL
NO, THANKS
CASE STUDY
DATA MANAGEMENT
By Damien Duff and Nigel Smith
Advancing Mining and Exploration Data Collection and Sharing Practices for the 21st Century Collaboration is the key
T
hat “data is gold”— that is, it has extreme value for all— is well understood today. That newer, more efficient and more effective means can be designed and put in place to derive more value from data is also well known. In Sudbury, Ontario, a plan to build a data control centre focused on doing just that for the mining sector is currently being hatched by a diverse group of innovators. CEMI (the Centre for Excellence in Mining Innovation), miners, physicists, members of the SME (small to medium-size enterprise) community in the mining sec-
tor, as well as the federal and the Ontario governments, have decided to join forces and build the MODCC - the Mining Observatory Data Control Centre - a powerful user-driven, data-interpretation interface that searches, collects, filters and analyzes mining/exploration-related datasets. For some time, CEMI has been developing a deeper understanding of how mining data can be best collected and utilized for research purposes as part ofa large R&Dprogram called SUMIT (Smart Underground Monitoring and Integrated Technologies for deep mining). This $6.7
FIGURE 1: ANTICIPATED DATA FLOW AT THE MODCC
12 / IT in Canada Online November 2013
DATA MANAGEMENT
CASE STUDY
FIGURE 2: THE MODCC REVENUE AND ECONOMIC BENEFITS MODEL
million collaborative effort has, at its core, a need to ensure that geotechnical and geoscience data collected in mines by researchers using sensitive sensors and other forms of instrumentation can beanalyzed and interpretedafter man-made “noise” has been removed from the signals. Being able to filter noise out of data sets is critical to understanding what the data is really saying. Furthermore, being able to share this data among adiverse research community and, in turn, have the researchers themselves re-share the results of their individual efforts with each other has real value. The net result should be a more efficient and effective research effort withfaster outputs back to industry. But, how could this be built? Who had the capability and the desire to be part of this effort? The answer came quite quickly, as it happens. SNOLAB is an international physics research facility, also located in Sudbury, two kilometres deep within Vale’s Creighton mine. The facility is helping to answer some of the world’s most fundamental science questions. It hosts ultra-sensitive particle physics and particle astrophysics experiments conducted by researchers from around the world, and knows a thing or two
about big datasets and how to share them. SNOLAB also has interest in broadening its science base and demonstrating value to a wide stakeholder community. Likewise, Mira Geoscience and Objectivity - two SMEs, respectively from Montreal and Sudbury - specialize in creating software solutions for exploration and mining companies looking to improve their “bottom line.” Both were looking for ways to leverage their expertise. SNOLAB and the SMEs are well known to CEMI. Dr. Nigel Smith, executive director of SNOLAB, sits on CEMI’s board while Mira Geoscience and Objectivity have both worked on other projects with CEMI in the past. Coincidentally, both SMEs were already involved in separate projects, also with a focus on data management. Mira had been contracted to build the data integration capability at the front end of a large multistakeholder initiative called “Footprints” being led by CMIC (the Canada Mining Innovation Council), a federal- and private sector-funded organization. Objectivity was doing something similar for Rio Tinto, a large global mining company with its global
Underground Mine Construction Centre based at CEMI. The opportunity for a collaborative effort therefore presented itself. As there is a clear recognition within the Canadian mining industry that a new era in collaboration is necessary to drive the industry forward, all agreed to come together to find ways to avoid duplication of effort and complement each other’s efforts, with CEMI undertaking the coordination role. Recently, this planned collaborative effort has received a big boost from the Ontario government’s Northern Ontario Heritage Fund through an award of $750,000 toward a four-year $2.425 million plan to build a mining observatory data control centre (MODCC) located within a newly created space on the premises of SNOLAB. MODCC will capitalize on existing data integration and sharing expertise at SNOLAB, Mira and Objectivity, and will be a powerful user-driven data-interpretation interface that searches, collects, filters and analyzes mining/exploration related datasets. The result will be a data processing facility with accessibility and capability unlike anything currently available to mining/exploration companies and researchers anywhere in the world. For more information on the MODCC visit www.miningexcellence.ca Damien Duff is the Vice President of Geoscience and Geotechnical R&D, at the Centre for Excellence in Mining Innovation (CEMI). Dr. Nigel Smith is the Executive Director of SNOLAB. November 2013 IT in Canada Online / 13
CASE STUDY
Going green:
By Steve Glover
BC Hydro’s disposal of IT assets This article originally appeared in the November 2013 issue of Canadian Government Executive and has been reprinted with permission from the author.
BC Hydro was experiencing ongoing challenges with IT assets decommissioned as a result of regular personal computer refresh cycles. An innovative asset disposal program enabled the firm to meet its sustainable IT goals, while continuing to support worthwhile charities.
R
egulatory compliance, tight budgets and rapidly changing business requirements top a list of factors that are driving IT shops to pay closer attention to managing hardware assets such as PCs, laptops, servers, printers and network components. Most of the management focus, however, has been on the front end of the IT asset lifecycle – procurement, deployment, maintenance/support – where processes are well-defined, mature and well-supported with best practices and automated tools. The final stages of the IT lifecycle on the other hand – asset retirement and disposition – continue to be a source of considerable challenge for many organizations. Those organizations that are looking at disposition are likely focused on recycling. Many are not aware of other disposition options, namely refurbishment, re-use and resale, that can reduce total cost of ownership, mitigate data security risks and increase the return on their investments in technology, all while still having a positive environmental and social impact. BC Hydro, a commercial Crown corporation owned by the British Columbia government, is no stranger to the challenges of IT asset disposition, dealing regularly with decommissioned assets resulting from large-volume PC technology upgrades and 14 / IT in Canada Online November 2013
hardware refreshes for its end users. With roughly 1.9 million customers and serving approximately 95 percent of the province’s population, BC Hydro is the largest electric utility in the province and one of North America’s leading providers of clean, renewable energy. With a focus on lowering costs by being fiscally prudent, and always considering environmental and social costs, efficient operations are at the forefront of the corporation’s business success. To address IT asset disposition, BC Hydro formed a group internally to collect decommissioned assets from across the company, wipe them clean of all residual data and donate any assets meeting a pre-defined specification to Computers for Schools, the company’s chosen charity, while sending the rest for recycling. As a result of ongoing financial and staffing challenges associated with this approach, however, the firm decided to outsource asset disposition to the Green4Good (G4G) program. G4G offers a unique, new approach to the disposal of decommissioned IT assets that not only allows organizations to extract any residual value from those assets, while protecting sensitive corporate data, but also eliminates any negative environmental impact. Through the resale of the more useful assets, the program even generates a revenue stream that allows organizations to offset some of their disposition costs or, as is the case with a growing number of organizations, enables them to continue making charitable donations. In the case of BC Hydro, the Green4Good program includes collecting decommissioned IT assets sent from BC Hydro locations
throughout the province – 3,000 in total over the past year – destroying any residual data on data-bearing devices to ensure data privacy and security, and triaging assets into several categories based on their residual value. For assets having no remaining value, Green4Good arranges for environmentally sound and regulatory-compliant recycling through certified recycling partners For assets that still have useful life, approximately one-half of these assets are tested and refurbished by Green4Good and shipped to BC Hydro’s chosen charity, Computers for Schools. The rest are bought from BC Hydro by the Green4Good program, which generates revenue that helps BC Hydro offset its overall program costs, and then refurbished and resold. “What I like most about the Green4Good program is that it reduces the number of devices going to recycling and to landfill and reduces my equipment disposition costs,” says Sophia Tham, manager of IT security and infrastructure, Technology and Security at BC Hydro. In fact, the Green4Good team reports that it has been able to refurbish and resell 92 percent of all the equipment it has processed since beginning operations in 2009. This has dramatically reduced, and in the majority of cases, even eliminated, e-waste for these customers, thus contributing significantly to their sustainability goals. According to Tham, the program also eliminates BC Hydro’s asset disposition management problem and frees-up the internal team of people previously dedicated to the effort. “It’s a pretty straightforward service, and since there are no problems, I don’t have to be involved, which is exactly why one outsources such a service,” she concludes. Steve Glover is senior vice-president and head of Compugen Finance and the Green4Good program (www.Green4Good.ca or sglover@compugen.com).
01001001 01100110 00100000 01111001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110010 01100101 01100001 01100100 00100000 01110100 01101000 01101001 01110011 00101100 00100000 01101111 01110101 01110010 00100000 01100011 01101100 01101001 01100101 01101110 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01110011 01100101 01100001 01110010 01100011 01101000 01101001 01101110 01100111 00100000 01100110 01101111 01110010 00100000 01111001 01101111 01110101 00101110 If you can’t read this, we’ll connect you to the people who can.
4fmv.ca
The right candidates. The right opportunities.
PRODUCT REVIEW
Toshiba Z10t
By Christopher Rogers
Identity problems lurk beneath the surface of this tablet/Ultrabook crossover. This article originally appeared on WRLWND.com and is reprinted with permission.
The Toshiba Z10t is billed as a business device, and taken that way a lot of its shortcomings are forgivable. It’s a bit heavy, it’s lacking in power, it has a cheap plastic stylus and it has a seriously middling keyboard/dock. But looking at it in the frame of a business user, you might excuse the above as rugged, affordable, easily replaceable, and compatible. When taken in comparison to other business tablet devices, the Z10t will hold its own but it does fall a bit short if viewed strictly as an Ultrabook. With that said, the Z10t is really a tabletfirst device. I can’t stress that enough. It is billed as a convertible tablet because of the keyboard/dock accessory but like most convertible tablets, the accessory feels like more of an afterthought and a way to cram in all the legacy ports a business user needs. The device handles differently in both tablet and Ultrabook mode, so lets look at them separately.
Tablet first Undocking the Z10t from the keyboard lets the device truly shine. For an 11-inch device the Z10t feels big with its 1920x1080 display. The device can go landscape or portrait and switches easily back and forth. There is a rotation lock button to keep the device from switching inadvertently. 16 / IT in Canada Online November 2013
The viewing angles are great, as they should be on any tablet, but it was especially noticeable using the Z10t outside and on the go. The only problem with the Z10t as a tablet, and this is true of most tablets at this resolution, is the device is awkwardly long. It feels like after decades of writing on 8.5x11inch paper and with most modern tablets using the similar 4:3 aspect ratio popularized by the iPad, holding a 16:9 device(a longer rectangle) is just something that takes a while to get used to. On the design side, the massive fan slots, textured pewter-coloured shell and full size USB 3.0 ports scream utilitarian design. This is a function-first machine to be sure, but at least Toshiba has nailed the function. Undocked, the tablet alone has a full size USB 3.0, a 3.5mm headphone jack, a volume rocker, rotation lock button, power button, a Micro HDMI port and a multi-card SD card reader. And because this is a Windows 8 machine, the display side also sports a Windows home screen button. The tablet also houses front and rear facing webcams for video conferencing or quick still shots with the rear camera. The casing holds a built-in stylus for writing on the Z10t. It’s not the most comfortable stylus ever; it’s plastic and small, but I can’t complain about it being inaccurate. In fact, the Z10t is surprisingly good at handwriting recognition. The display and stylus combination is actually pleasant to work with and with a little practice the handwriting recognition features become an effective way for taking notes.
With the keyboard If the Z10t is an effective tool with the stylus in tablet mode, the keyboard dock is another
matter. Let’s start with the functionality. The tablet clips to the dock using a large reinforced fastener. Looking at the clip, it should hold the tablet firmly but it can still rock around easily. It’s not going to fall out but I feel like this should be a snug fit. The other problem with the fastening system is that it holds the display at nearly 90 degrees. It’s not a deal breaker but it’s an awkward viewing angle for any device and there’s no way to adjust it. The problem is the design of the dock, which tries to keep the keyboard as slim as possible by adding a large brick section to the dock that houses a few ports like a full-size VGA, full-size HDMI, full-size Ethernet, a single USB 2.0, and an AC power input. The placement of these ports physically prevents the hinge from rotating back further (see image above). Navigation options on the keyboard include a pointing nub with two physical buttons below the spacebar and a separate touchpad, which lacks any physical buttons. I tended to use the track point when the Z10t was docked but both navigation options are simply inferior to using the touch screen to navigate. The touchpad itself lacks physical buttons but does have some sort of mocks spaces where the buttons would be, unfortunately, it’s just not functional. I found it inaccurate and too small and I ended up just turning it off to avoid touching it by accident. The touchpad does take some Windows 8 gestures like two finger scrolling, but when it comes to navigating on the Z10t, the best option is to sticking to the touch the screen. In this regard, the Z10t is similar to the Surface tablets and their type and touch covers. And then there is the keyboard. This is the biggest problem with the Z10t. The keyboard layout is small, with tiny buttons and a cramped layout. The button presses feel shallow and while there is definitely
PRODUCT REVIEW some improvement over a software or touch keyboard, I’d saw the improvement was minimal. Unfortunately, I found the keyboard dock to be wildly inaccurate and it didn’t improve the experience of the device in a way that it made with worth docking.
Functionality Luckily, whether you’re going to use the Z10t in tablet mode or with the keyboard dock, you’re going to find a device quite capable of running most office. It’s running a Core i5-3439Y Ivy Bridge CPU at 1.5GHz (Turbo Boost to 2.1GHz). It’s not a bad CPU but it’s using Intel’s 3rd generation Core architecture instead of its updated 4th generation Haswell chip that has been lauded for its use in mobile devices, especially in its ability to deliver similar clock speeds as the previous generation while greatly improving battery life.
As it stands, the Z10t carries a non-replaceable, rechargeable six-cell battery that Toshiba says gives approximately 5.3 hours of computing. During my time with the unit, I’d say that was about accurate, although you need to really monitor your usage and keep multitasking down to a minimum. In average use cases the Z10t will probably net about 3.5 to four hours of battery time before it needs to be recharged. Memory and storage are average for a tablet device. The Z10t comes standard with 4GB or RAM and a 128GB solid-state drive that can be upgraded to a 256GB drive.
Final thoughts
good input/output functionality with a great screen, but the keyboard dock doesn’t add much to the equation unless you’re desperate for a VGA or Ethernet port. I’d expect Toshiba to continue to improve on the foundation set by the Z10t. Windows tablets are still relatively new and some manufacturers are just getting used to the form factor. I feel like Toshiba might have been trying to accomplish too much with the keyboard dock on the Z10t. If the dock could have made the Z10t only slightly more usable and accurate, it would have been an easy recommendation. As it stands, the Z10t could find its niche, but a few drawbacks keep it from fulfilling its true potential.
Taken as a pure tablet device, the Z10t is a solid entry for enterprises looking to get some highly mobile devices into the hands of users while maintaining a Windows environment. The tablet unit incorporates
Christopher Rogers is Editor of WRLWND.com, a website dedicated to celebrating innovation in technology. To read more reviews and other feature articles visit http://wrlwnd.com.
BOOK REVIEW
By Harvey Schachter
The value of the checklist This article originally appeared in the November 2013 issue of Canadian Government Executive and has been reprinted with permission from the author.
The Checklist Manifesto Atul Gawande Metropolitan Books, 209 pages, $29.50
Surgeons are smart people. They are also important people. And busy. Every medical operation has unique aspects. So it seems silly to waste their time with going through a checklist of procedures before they begin cutting. However, implementing checklists for operating rooms is increasingly becoming the standard, because research shows it saves lives. Government executives are smart people. They are also important people. And busy. They tackle a flurry of unique activities during the day. So it seems silly to consider that they might be able to benefit from checklists. But before you reject the notion of checklists, check out what Atul Gawande has to say. Gawande is an unusually eclectic fellow,
an associate professor at Harvard Medical School and a surgeon at Brigham and Women’s Hospital in Boston, as well as a staff writer for the New Yorker magazine. Smart, important and busy, actually. And an advocate of checklists, who played a pivotal role in getting them adopted internationally by the World Health Organization for operating rooms. During his surgical training, he read an essay by the philosophers Samuel Gorovitz and Alasdair MacIntyre on the nature of human fallibility that has stayed with him for four decades. Some things, they declared, are simply beyond our capacity. But in others, control is within our reach, but we fail because of ignorance or ineptitude. In the past, ignorance would have been November 2013 IT in Canada Online / 17
BOOK REVIEW the prime cause. But we live in a knowledge society, and so he feels the balance is shifting toward ineptitude as the cause of failure. “Or maybe it’s ‘eptitude’ – making sure we apply the knowledge we have consistently and correctly,” he writes in The Checklist Manifesto. He notes that studies show that at least 30 percent of patients with strokes receive incomplete or inappropriate care from their doctors, as do 45 percent of patients with asthma and 60 percent with pneumonia. Between 2004 and 2007, the number of law suits against attorneys for legal mistakes increased by 36 percent, the most common being simple administrative errors like missed calendar dates and clerical goofs, as well as errors in applying the law. Authorities make mistakes when hurricanes and earthquakes occur, software is often designed poorly, and the banks… well, you know about that. “Failures of ignorance we can forgive. If the knowledge of the best thing to do in a given situation does not exist, we are happy to have people simply make their best effort. But if the knowledge exists and is not applied correctly, it is difficult not to be infuriated,” he writes. “What do you mean half of heart attack patients don’t get their treatment on time? What do you mean that two-thirds of death penalty cases are overturned because of errors? It is not for nothing that the philosophers gave those failures so unmerciful a name – ineptitude. Those on the receiving end use other words, like negligence or even heartlessness.” We are in an era of tremendous knowhow, he reflects, in which we can accomplish wonderful things, through highlyskilled, highly-trained, highly-motivated, hard-working people. But the know-how is often unmanageable. “Avoidable failures are common and persistent, not to mention demoralizing and frustrating, across many fields – from medicine to finance, business to government. And the reason is increasingly evident: the volume and complexity of what we know has exceeded our individual ability to deliver its benefits correctly, safely, or reliably. Knowledge has both saved us and burdened us,” he warns. He believes the solution is something ridiculous in its simplicity yet vital and effective: the humble checklist. Time for a story. After all, Gawande is a journalistic storyteller as well as scientist 18 / IT in Canada Online November 2013
and clinician. And he shares an illuminating story from the mid-1930s, about an airplane, that furthers his case about the checklist. On October 30, 1935, Boeing Corporation unveiled its new aluminum-alloy Model 299 bomber, which was the odds-on favourite to win a competition for the right to build the next-generation U.S. long-range bomber. It could carry five times as many bombs as the army had requested. It could fly faster than any previous bomber and twice as far. But the plane was complicated. Indeed, a newspaper declared it “too much airplane for one man to fly” when the test flight crashed due to pilot error. Douglas Aircraft won the competition instead. But a few of Boeing’s models were purchased as test planes, leading a group of pilots to meet to figure out how to make the plane safer. They decided the solution was not, as might be expected, more training. Instead, they opted for a simple checklist that pilots would follow before takeoff to eliminate error. “Using a checklist for takeoff would no more have occurred to a pilot than to a driver backing a car out of a garage. But flying this new plane was too complicated to be left to the memory of any one person, however expert,” Gawande declares. It worked well beyond what might be expected given the plane’s previous record. The pilots went on to fly the Model 299 a total of 1.8 million miles without an accident. The army eventually ordered 13,000 of the bombers, which became known as the B-17, and it provided a crucial air advantage in World War II. The checklist is now, of course, common for air flight. But Gawande had to push hard, with others, to insert it into operating rooms. And there are plenty of other places where it might be of help, such as software design, financial management, firefighting, police work, construction, and lawyers preparing for a case. In each case, they face a series of steps that are required for success and if one step is forgotten they could crash and burn. The same may apply in your workplace. The problem is that most of us feel our jobs are too complicated – or too important – to be reduced to a checklist. And checklists are painstaking, not much fun. They take away from the creativity and professionalism we want to feel at work. Although research
shows that a checklist in a medical environment can save lives and for venture capitalists or investors boost the bottom line, he notes that we avoid them: “There’s something deeper, more visceral going on when people walk away not only from saving lives but from making money. It somehow seems beneath us to use a checklist, an embarrassment. It runs counter to deeply held beliefs about how the truly great among us – those we aspire to be – handle situations of high stakes and complexity. The truly great are daring. They improvise. They do not have protocols and checklists.” You couldn’t, however, be more daring or heroic than Chesley B. “Sully” Sullenberg III. He’s the pilot who landed US Airways Flight 1549 on the Hudson River after the plane struck a flock of Canadian geese and lost both engines. The initial stories fed into our traditional notion of heroism, with the landing supposedly resulting from Captain Sullenberg’s prowess as a glider pilot and his improvisational talent when the engines failed him. But Gawande went through the logs and found the pilot and co-pilot, who had never flown together, worked as a tight team after the crisis began, the co-pilot reading off the various points on the checklists established to handle such unusual occurrences. So chalk that heroism up to protocols and checklists. Good checklists are precise, but easy to use even in difficult situations. They don’t try to spell everything out. “They provide reminders of only the most critical and important steps – the ones that even the highly skilled professionals using them could miss. Good checklists are, above all, practical,” he explains. Good checklists, he stresses, also encourage cooperation. They nudge people to work together, be it when landing a plane on the Hudson, in surgical operating theatres where simply having people introduce themselves to each other improves results, and on construction sites. The book meanders, in essay fashion, returning time and again to the medical field, but with stops in many other areas. It doesn’t offer a bullet point checklist for creating a checklist, much as you might hope. But it does make a case for checklists as an antidote to today’s complicated world. And it may have application in your field. Harvey Schachter is the Globe and Mail columnist for Managing Books and the Monday Morning Manager, and a freelance writer specializing in management issues.
& s& bs ub e pu ve op tiiv to ut et cu se ec os xe lo e c ex cl
S ESTO
R
ES SUI T
S
o to st ns miin 2 2m
e he t th
Y SWA N E E U
Q
ind beh ly ngs i n t e me so
Howntowonckwsaaway! ft e le
d l wb A fe
THE
SURPRISING DOWNTOWN OTTAWA HOTEL YOU MIGHT HAVE MISSED.
377 O'CONNOR STREET, OTTAWA, ONTARIO
1-800-465-7275 WWW.VICTORIAPARK.COM
Really,
ReallyBig Hotel Suites.
The moment.You know it. It happens any time you stay at a new hotel, right after you swipe your room key. The moment before you open the door. Will the room be big, or small? Light, or dark? Nice, or not?
and feature real bedrooms, real kitchens and real living rooms. And they don’t cost any more than those of our competitors. Really, why would you stay any place else?
Here’s what you’ll find the moment you open your door at Albert at Bay—space, and lots of it. Our suites are the biggest in Ottawa
DOWNTOWN OTTAWA
435 ALBERT STREET
613.238.8858
RESERVATIONS 800.267.6644 ALBERTATBAY.COM
THE ITSY, BITSY, TEENIE, WEENIE, P-208 WIRELESS SCAN-TINI Small scanner. Big features. Powered by a single-USB or the optional Wi-Fi and battery unit, the imageFORMULA P-208 Scan-tini scans documents, business cards, and even photos at 8 pages per minute. Combine the P-208 with the Wi-Fi unit to wirelessly scan directly to your smart phone, tablet or desktop PC. Canon's CaptureOnTouch Mobile app allows for scanning directly to your iPhone®, iPad® or Android® device. This free app is available for both iOS and Android devices. For more information or to request a demo, please visit
www.canon.ca/contactus
Canon is a registered trademark of Canon Inc. imageFORMULAis a trademark of Canon Inc. © 2013 Canon Canada Inc.
WITH ONE ACCESSORY YOU GET UNLIMITED HOTSPOTS.