ANTHONY BARTOLO How To: Enabling Bash on Windows 10 P.18
MICHAEL BLOOM
Where and how will all that [Big] Data be stored? P.22
INSIGHT FOR TECHNOLOGY PROFESSIONALS
THE INTERNET OF THINGS
September/ October 2016 VOLUME 7 NUMBER 3
Publication Mail Registration Number: 42169527
IS TAKING CANADIAN BUSINESSES BY STORM - IS YOUR TEAM READY?
www.itincanadaonline.ca
Stuck in traffic.
Ideas still moving for ward.
Your whiteboard, reinvented. Imagine you could see and write on the whiteboard when you’re not in the meeting room. With BrightLink Pro, you can. Collaborate in real-time, whether you’re in the room or across the world. Keep writing, without stopping to erase; just add digital pages. When the meeting’s done, share the notes instantly through email or a USB thumb drive, so nobody has to take a picture. BrightLink Pro turns any flat surface interactive; you don’t need a computer or software to use it. Just turn it on and see how easy it is to reinvent your whiteboard. Take a product tour now at epson.ca/movingforward. Or contact an Epson collaboration specialist for more information - 800-374-7300. EPSON is a registered trademark and EPSON Exceed Your Vision is a registered logomark of Seiko Epson Corporation. BrightLink is a registered trademark of Epson America, Inc. Copyright 2014 Epson America, Inc.
Contents
Vol 7 No 3 September/October 2016
www.itincanadaonline.ca
DEPARTMENTS
4 Editorial 6 News
Our roundup of news stories
10 Security Shelf 18 How to 19 Podcast
FEATURES
8 Telemetry Enables Better Business Decisions 10 PokĂŠ Lessons 14
The Internet of Things is Taking Canadian Businesses by Storm Is Your Team Ready?
16 Protecting your businesses against email attacks 20 Pokemon Go, Trojans and MDM
14 COVER STORY: The Internet of Things is Taking Canadian Businesses by Storm - Is Your Team Ready?
19 The latest episodes of WRLWND Radio 21 Changing expectations: Women leading the way for today’s entrepreneurs 22 Where and how will all that [Big] Data be stored?
Online Extras: www.itincanadaonline.ca
Missed an issue? Misplaced an article? Visit www.itincanadaonline.ca for a full archive of past IT in Canada Online issues, as well as online extras from our many contributors.
September/October 2016 IT in Canada Online / 3
EDITORIAL INSIGHT FOR TECHNOLOGY PROFESSIONALS
EDITORIAL EDITOR-IN-CHIEF: J. RICHARD JONES
905-727-4091x227 publisher@iticonline.ca
VP CONTENT STRATEGY: MARCELLO SUKHDEO
905-727-4091 x224 marcello.sukhdeo@iticonline.ca
ASSOCIATE EDITOR: NESTOR ARELLANO
905-727-4091 x228 nestor.arellano@iticonline.ca
CONTRIBUTING WRITERS: ERIC JACKSCH, ANTHONY BARTOLO, NABEEL SHERIF, CHARLIE ATKINSON, PETER ROMANO, MICHAEL MURPHY, NANCY HARRIS, MICHAEL BLOOM SALES DIRECTOR, CONTENT MARKETING & DEMAND GEN.: LASKEY HART
905-503-1376 laskey.hart@iticonline.ca
ART & PRODUCTION ART DIRECTOR: ELENA PANKOVA
circulation@iticonline.ca
SUBSCRIPTIONS AND ADDRESS CHANGES CIRCULATION DIRECTOR: MARY LABAO
circulation@iticonline.ca
CIRCULATION COORDINATOR
circulation@iticonline.ca
GENERAL INQUIRIES
23-4 Vata Court, Aurora, ON, L4G 4B6 Phone 905-727-4091 Fax 905-727-4428 CORPORATE COO AND GROUP PUBLISHER: J. RICHARD JONES
publisher@iticonline.ca www.itincanadaonline.ca
PUBLISHER’S MAIL AGREEMENT: 42169527 IT in Canada Online magazine is published six times per year. All opinions expressed herein are those of the contributors and do not necessarily reflect the views of the publisher or any person or organization associated with the magazine. Letters, submissions, comments and suggested topics are welcome, and should be sent to publisher@iticonline.ca
www.itincanadaonline.ca REPRINT INFORMATION
High quality reprints of articles and additional copies of the magazine are available through circulation@iticonline.ca or by phone: 905-727-4091 All rights reserved. No part of this publication may be reproduced without written consent. All inquiries should be addressed to circulation@iticonline.ca
Catching the IoT wave Boy can this thing make some noise. That was what I thought to myself when I first hooked up the dial up modem to my computer back in the early 1990s – and found my ears assaulted by that piercing R2D2-like electronic chatter. Some two decades later, thankfully modems have become quieter. But the Internet is still making noise, huge noise in the case of its latest spawn – the Internet of Things. I must admit, I was one of those who initially regarded with some skepticism the degree with which many companies started throwing about the acronym IoT as if the Internet was some omnipresent entity which touched every facet of our lives. Hey, wait a minute, did I just described the Internet? The rapid growth of what we called the World Wide Web in the 90’s has in some way ignited a charge that resulted in an explosion of innovation and transformation. The Internet is no longer routers and modems, computers, and server but rather all that and more – sensors, gadgets, machines talking to machines, talking to people, driving our cars, watching over our babies, conveying information and even analyzing data. This brings us to this issue of the digital edition of IT in Canada. ITIC is focusing on the Internet of Things and what it means to Canadian businesses. With more than $8.4 billion in IoT revenue forecasted for this year alone, do you think your company can afford not to catch the IoT wave? Charlie Atkinson, vice-president and managing director of Hewlett-Packard Canada, spells out the risks and benefits of IoT and lays the answer out excellently in his article The Internet of Thins is Taking Canadian Business by Storm – Is Your Team Ready? Big data is one of the key by-products of our connected world and an indispensible component to the success of any business. But with so much and so many types of data coming from so many sources, where and how does one store all that information? Exactly the query which the post Where and how will at that (Big) Data be stored? answers. Let it not be said that we’re all business here at ITIC. Like most of the world this summer, we were also into Pokemon GO. But we’re not just walking around with our heads bowed towards our phones. Eric Jacksch, our regular columnist, “sacrificed” his vacation time to investigate the latest mobile craze by trying his hand in catching some virtual animated monsters. Eric reveals what he learned from this experiment in his article Poke Lessons. Michael Murphy’s Pokemon Go, Trojans and MDM, on the other hand takes a look at the security implications of mobile games. His post provides very timely and useful advice on home companies can ensure corporate and employees’ mobile devices, as well as company network are protected even when workers visit mobile game sites. Well, those were just a sample of the articles we’ve compiled for this edition of IT in Canada Digital. Enjoy the issue. J. Richard Jones Editor-in-Chief
4 / IT in Canada Online September/October 2016
LEADERSHIP
SUMMIT 2016 P E R FO R M I N G , M E A S U R I N G , Rth E P O RT I N G :
OctOber 5 , 2016 D E L I V E RO LO GY I N P R AC T I C E OTTAWA
Breakfast Briefing September 27th, 2016 OTTAWA
LEADERSHIP
register before it’s too P E R FO R M I N G , M E A S U R I N G , R E P O RT I N G : late!D E L I V E RO LO GY I N P R AC T I C E
SUMMIT 2016
Performing, measuring, rePorting:
Deliverology in Practice “Deliverology” is new, but it has deep roots in the Canadian public service, and it will affect the work of all decision-makers. The CGE Leadership Summit 2016 is a learning opportunity designed to showcase how departments and agencies are updating their delivery capacity, measuring results with new tools and attitudes, and sharpening their public performance reporting. Join thought leaders from both inside and outside the federal government and take your place at the table as we discuss adapting to new priorities, assuming traditional responsibilities and everything in between. See the Program at http://rightcrowdevents.com/cge-summit-2016 For more information please contact Laskey S. Hart, Director, Social Content & Events 905-727-4091 Ext.235 or laskeyh@netgov.ca For the 27 September Breakfast Briefing, contact Interis | BDO at events@interis.ca
Brought to you by
In partnership with
Media Partner
IN THE NEWS
By Marcello Sukhdeo
Zuckerberg and Pope Francis - leaders of billions met at the Vatican
The co-founder and CEO of Facebook, Mark Zuckerberg and his wife Priscilla Chan met with Pope Francis August 29 at the Vatican. Pope Francis, who leads over 1.27 billion Catholics around the world met with Zuckerberg, the head of Facebook, a company that has over 1.71 billion users worldwide at the
Santa Marta, the guest house in Vatican City where the pope resides. The meeting according to an official statement from the Vatican Press Office was “about how to use communications technology to alleviate poverty, encourage a culture of encounter, and to communicate
By Alexander Sweny
Uber for seniors Those living in retirement communities often find the lack of independence and mobility frustrating. That’s why Uber Canada and Revera Inc. are testing a new system that will allow retirement home residents to rideshare without a smartphone. Revera, a Canadian provider of accommodation, will pilot the system – dubbed UberCENTRAL – for the first time in Canada. “At Revera, we’re always looking for new and innovative ways to enhance our residents’ lives,” says Trish Barbato, Senior Vice President of Innovation & Strategic Partnerships, Revera Inc. “We share Uber’s goal of enabling seniors’ mobility and independence, and we’re pleased to hear from residents of The Annex retirement community in Toronto that UberCENTRAL has exceeded their expec6 / IT in Canada Online September/October 2016
a message of hope, especially to the most disadvantaged.” This meeting made a huge impact on Zuckerberg, who later wrote on his Facebook page that, “It was a meeting we’ll never forget. You can feel his warmth and kindness, and how deeply he cares about helping people.” In an exchange of gifts, the CEO of Facebook presented the pope with a model of Aquila, a solar-powered aircraft that will provide Internet connectivity to areas where Internet connection is not possible and the pope in return presented the Zuckerbergs with a copy of “The Name of God is Mercy,” an interview he did with Italian journalist, Andrea Tornielli. The pope has made it clear that he supports social media only if it is used to “facilitate relationships” rather than being used to “further polarization and division.” Zuckerberg is not the only tech leader that the pope had an audience with, earlier in the year he met with Google’s Eric Schmidt, Apple CEO Tim Cook and Kevin Systrom, CEO and co-founder of Instagram.
tations for convenient and reliable transportation. We look forward to completing this pilot and fully evaluating the results.” Beyond seniors’ centers, UberCENTRAL could serve any company from car dealerships to hotels, and more. “At Uber, our mission is to provide convenient, reliable transportation for everyone, everywhere,” said Sheldon McCormick, Gen-
eral Manager, Uber Toronto. “We know that lack of transportation is a barrier to freedom and improved health for many retirement home residents who need to get to medical appointments or spend time with family members. That’s why we’re so pleased to be piloting UberCENTRAL with Revera to help increase the independence and mobility of their residents.”
IN THE NEWS
By Nestor Arellano
Canadian firms lack digital transformation vision: Report While many businesses and governments around the world are scrambling to hire chief digital officers and chief innovation officers in order to spur transformation and growth, the majority of Canadian organizations appears to suffer from a lack of digital transformation vision. Many Canadian enterprise firms lag their international counterparts in the areas of productivity and growth, according to a recent report. A study conducted by analysts firm IDC Canada and sponsored by enterprise software company SAP found that only 17 per cent of Canada firms has so far managed to integrate their digital transformation plans to their corporate strategy and less than 50 per cent are allocating major dollar allotments for enabling technologies such as cloud software, analytics applications, cyber security and mobile solutions – this even as 84 per cent of those surveyed believed that today “every business is a technology business.” The report titled Digital Transformation in Canadian Enterprise – Profound change on the horizon, is an analysis of 200 Canadian organizations and the role technology and the digital economy plays in the transformation of their business. This report is a good source of information for businesses and government agencies because SAP commissioned a study to examine Canadian line-of-business (LOB) and IT stakeholder viewpoints on the digital economy. The survey sample included 200 senior decision makers — 134 LOBs and 66 CIO/IT professionals. Respondents included in the survey were knowledgeable about strategic plans and how technology fits into them. The report also contains summaries of cases studies of Canadian organizations in both the business and public sectors which have been successful in their digital transformation journey. “Canada, like other countries, is at an
early stage of maturity with regards to digital transformation. IDC estimates overall maturity levels to be on par with Europe, but behind the U.S. and Asia/Pacific,” the report said. According to IDC, three themes emerged in their study: • Canadian businesses recognize the importance of digital in the future - Sixty per cent of Canadian organizations expect the digital economy to have a major impact on their business in the next three to five years. • Few organizations have a clear strategy now • Less than half of respondents were making the necessary investments in technology Decision makers in large Canadian enterprises “have a foundational understanding of digital economy concepts and transformation, but do not have a good grasp of its implications for their organizations,” the report said. This mindset extends through these enterprises, as two-thirds (63 per cent) of respondents said the same was true for their organization’s top-level management. “This leads to a lack of urgency, reflected in the views collected on the “impact of the
digital economy on your organization,” according to IDC. Only a third (33 per cent) see the digital economy having a major impact now, rising to 60 per cent expecting it to have a major impact in three to five years. IDC believes that the remaining two-thirds are either not currently feeling a competitive threat or their customer base hasn’t radically changed. However, for many of these businesses, digital transformation is inevitable, and missing or ignoring the potential threats or opportunities is a risky position, the report said. The numbers, according to IDC, reveals that Canadian organizations are “slow to initiate digital transformation.” “On one hand, it is encouraging to see that the discussion of digital and its implications has started at most enterprises (86 per cent have done so), and some formal plans addressing the issue have been made at two-thirds (63 per cent),” IDC observed. “On the other hand, a meaningful commitment to embrace digital transformation through the integration with the overall strategy is still far away for most enterprises.”
September/October 2016 IT in Canada Online / 7
FEATURE
By Nabeel Sherif
TELEMETRY ENABLES BETTER BUSINESS DECISIONS I n any business situation, having quality data and being able to interpret it can mean better decision-making and improved business results. This is no different when applied to managing IT facilities and workloads, where having the right data and being able to interpret it can result in a better understanding of the load and growth of your IT needs, allowing better planning of IT investments. From a planning and architecture perspective, understanding the impact and characteristics of IT workloads provides opportunities for consolidation and efficiencies of scale. Operationally, better telemetry increases the ability to troubleshoot, refine and performance-tune your VMs and workloads, leading to improved IT and business functions that can reduce costs per transaction and create streamlined business processes. According to a recent McKinsey & Co. report, “Most companies collect vast troves of process data but typically use them only for tracking purposes, not as a basis for improving operations. Some companies, particularly those with months and sometimes years-long production cycles, have too little data to be statistically meaningful when put under an analyst’s lens.” 1 Telemetry and logging is not new to IT, however, the amount and detail of data and the insights we gain from it, are much greater than they’ve ever been. Between cloud systems and artificial intelligence that can now be applied to telemetry data to give us better insights, the value that this kind of data can provide to businesses is only increasing.
Placing Value On Telemetry The most basic and impactful way telemetry can help is by providing the ability to 8 / IT in Canada Online September/October 2016
proactively manage risk and to predictively operate your total facilities as well as individual applications or workloads. Rich data tied to the performance and load of your IT facilities as it relates to hardware power status, temperature and environmental warnings and IT system status (e.g. CPU load, RAM occupancy, network saturation and performance, storage saturation and performance, and any alarms or failures on such elements) can allow you to move to a just-in-time model of IT growth. Rather than having to spend capital and effort on growing your infrastructure based on assumptions, you can now base your future needs on real-world data. Having quality data and analytics on individual workloads, also means that you can
get quite predictive with your actual applications, and not just with the hardware that it runs on. This means being able to avoid software or application failures, better tune availability to key services, and generally, reduce or eliminate unwanted downtime and support issues.
Getting a Front Row Seat Building a good view across both hardware resources as well as IT workloads, be they virtual or physical, requires planning out an architecture that includes hardware and facilities that provide good telemetry. Vendor or technology choices can provide great levels of detail such as basic network data from an SNMP tool, status and health alerts from hardware and information from
FEATURE
IT operating systems in terms of applications or CPUS and how they are affecting load or resource consumption. Try to understand the capabilities you need and want up-front. Additionally, you’ll need to tie this data into some sort of tool or system that can help you make sense of all the different data points available to you. This will help you interpret what it all means and what actions you can drive out of the intelligence.
A Look On The Inside For a company to be successful in its data efforts, the task is best owned by the people who can realize the most value out of good telemetry and analytics – this would be the operations teams who have to keep your cloud systems running. Putting direct data and insight into the hands of the people actually making the changes is always best. Primarily it’s the IT and Operations people who will get the most value out of this kind of insight. However, using this data to build better financial and procurement planning around IT is an immediate “next-step” for most businesses, as the benefit can be significant. By working in synergy, the business and the technology arm of a company can create a lot of value. For example, a finance team working with an operations team could use data and analytics from telemetry to build a predictive procurement model for new IT gear. In such a situation, finance is teaching Ops about IT procurement and how it can help IT be more efficient with their spend, and IT is teaching finance how understanding basic data from the machine can help drive better visibility into costs.
Taming The Beast There’s no wrong or right way to collect and transmit data, and this will depend quite a bit on what technologies, tools, and locations a business may want to push their data to. The key here is to start by securing your data storage repositories and transit paths to ensure your data is kept private both at rest and in transit. Telemetry data should always be stored securely. There’s a lot of valuable informa-
tion in here that you’ll want to keep private to your business and/or projects. So make sure that whatever facilities or services you’re using to collect and store your data are well secured. Additionally, the thing that makes telemetry data useful is analyzing it. Generally speaking, businesses with sophisticated IT operations want to gather telemetry data from multiple elements and facilities and be able to assess and analyze them from a holistic approach. So in addition to being secure, a best practice would be to be able to collect and aggregate all your data and make it accessible to whatever analytics tools you may be using, from a central and secure location
The Relationship between Telemetry and Cloud The fact that cloud systems can scale up and down automatically means that getting a real-time sense of what’s happening on your systems can be difficult, especially when the speed of change in a cloud system means you need to be able to analyze and act on your data very quickly, if not immediately and automatically. If you are able to build good telemetry and analytics on a cloud system, and then actually use that data in a timely manner to drive increased performance and overall system uptime, you will positively impact your business both in reduced costs and in more efficient processing of customer and transactions. So good analytics on a cloud system can impact both your top and bottom lines. Q9, Canada’s leading provider of outsourced data centre services collects telemetry as required to maintain availability and quality of service for its customers, while still preserving a demarcation that ensures we’re not accessing their data. We also provide basic telemetry of environments and hardware to enable customers to apply any sort of telemetry and analytics mechanisms they want. In this situation, Q9 is enabling the customer to define and build whatever scenario they choose, and tie the data provided into that scenario. Just recently, Q9 also launched a suite of cloud services that are based on technologies that provide a great level of detail at both the physical as well as
FOR A COMPANY TO BE SUCCESSFUL IN ITS DATA EFFORTS, THE TASK IS BEST OWNED BY THE PEOPLE WHO CAN REALIZE THE MOST VALUE OUT OF GOOD TELEMETRY AND ANALYTICS – THIS WOULD BE THE OPERATIONS TEAMS WHO HAVE TO KEEP YOUR CLOUD SYSTEMS RUNNING. virtual level, and can be used to drive really detailed and intelligent business decisions. Ultimately, data driven decisions lead to better business outcomes. By helping our customers access and understand their data, we can drive both better costs as well as more effective overall operations.
Reference: 1. “How Big Data Can Improve Manufacturing” by Eric Auschitzky, Markus Hammer and Agesan Rajagopaul; July 13, 2014 Nabeel Sherif is the creator and lecturer for University of Toronto’s Cloud Computing Certificate program. He is also the Cloud Product Manager at Q9. For the past decade, his focus has been in developing and creating the next generation of services and products in hosting, cloud computing, datacentre services, and application networks. You can follow him @themightynab. September/October 2016 IT in Canada Online / 9
SECURITY SHELF
By Eric Jacksch
POKÉ LESSONS
F
ully aware of the privacy implications, I decided to participate in the Pokémon GO craze while on vacation. I learned about best practices, common strategies, and player expectations. I also gained first-hand experience with the frustrations of a mobile game that is overly reliant on Internet connectivity. Game developers must be studying Pokémon GO as they contemplate future products. Here are some lessons learned from the game through the eyes of a security professional: Privacy counts. Identifying information, such as a player’s name, age, and email address should not be required to play a mobile game. It is certainly desirable to allow the game to be restored or moved to a new mobile device, but this can be accomplished without providing an email address. If email is chosen as an account recovery mechanism it should be completely optional. APIs will be accessed directly. Within days of being released, third parties wrote applications to map Pokémon locations. Cease and desist orders resulted. Application developers must not assume that only their game software will access server APIs. Location is critical. Placing virtual objects 10 / IT in Canada Online September/October 2016
at real geographic coordinates involves risk. Disclaimers and warnings may help reduce legal liability, but failing to act in a socially responsible way will always hurt the developer’s reputation. Players, especially children and teens, may not make appropriate decisions regarding private property and sensitive locations such as memorials. There is no shortage of businesses that would like to attract players to their vicinity. Game designers should consider an opt-in approach and ensure that property owners have a way to remove virtual objects. Location information is sensitive. In games such as Pokémon GO, the player’s location is relevant to the game. If sending precise location information to the server is required, it should be used for game purposes only and discarded as soon as possible. Where possible, approximate locations should be used. For example, the game could send a lower precision latitude and longitude to the server and retrieve a list of precise object locations and an area map. Matching the player’s exact location to Pokémons and PokéStops could remain internal to the mobile device. Users should be clearly advised how location information is used and retained; burying it in the EULA
or privacy policy is not good enough. Network connectivity is not reliable. Pokémon GO’s design appears to assume a reliable connection to back-end servers. As a result, players in some areas encounter frustrating glitches. After throwing a ball at a Pokémon, the game may freeze, leaving the player wondering if it was caught or not. Clicking on a PokéStop sometimes results in a blank disk that will spin, not yield any objects, and yet the game refuses to allow the player to try again for five minutes. Levelling up usually results in an assortment of gifts, but sometimes they just don’t appear. In a small coastal vacation town, I found many PokéStops within walking distance of each other and encountered many other players. But mediocre mobile phone coverage resulted in my phone regularly switching between AT&T and T-Mobile, 3G and LTE. While server load could be a factor, it appears that Pokémon GO is unable to recover from transient network outages during critical periods of play. As a result, players must terminate and restart the game, resulting in a suboptimal experience. Mobile games should assume that Internet connectivity will be lost at the worst possible time and at least allow in-progress activities to complete normally. Not everyone pays for data. Some people do not purchase mobile data service at all, and others forego it while travelling due to outrageous roaming costs. Hotspots and neighbourhood WiFi projects sometimes provide a viable alternative. Game developers should consider the possibility of caching local data to extend the playing experience between hotspots and reduce reliance on mobile phone carriers. I asked Pokémon GO developer Niantic, Inc. about their use of GPS coordinates, constant Internet connectivity requirements, and more generally about the challenges of running such a large game infrastructure. They did not respond to my request for comment.
R
A
D
I
O
Join us each week for a brand new podcast! Presenting the top stories from the IT industry.
Find us on iTunes and Stitcher by searching for “WRLWNDradio”.
Or check it out through our website: www.itincanadaonline.ca
SECURITY SHELF
By Eric Jacksch
Effectively address
INSIDER THREATS A layered defense strategy with technical, physical, and administrative controls can effectively address insider threats.
12 / IT in Canada Online September/October 2016
O
ne of the most comprehensive guides on the topic is the Common Sense Guide to Mitigating Insider Threats, 4th Edition, published by the CERT program at Carnegie Mellon University. The guide focuses on 19 best practices for mitigating IP theft, IT sabotage, and fraud: 1. Consider threats from insiders and business partners in enterprise-wide risk assessments.
2. Clearly document and consistently enforce policies and controls. 3. Incorporate insider threat awareness into periodic security training for all employees. 4. Beginning with the hiring process, monitor and respond to suspicious or disruptive behavior. 5. Anticipate and manage negative issues in the work environment. 6. Know your assets.
SECURITY SHELF 7. Implement strict password and account management policies and practices. 8. Enforce separation of duties and least privilege. 9. Define explicit security agreements for any cloud services, especially access restrictions and monitoring capabilities. 10. Institute stringent access controls and monitoring policies on privileged users. 11. Institutionalize system change controls. 12. Use a log correlation engine or security information and event management (SIEM) system to log, monitor, and audit employee actions. 13. Monitor and control remote access from all endpoints, including mobile devices. 14. Develop a comprehensive employee termination procedure. 15. Implement secure backup and recovery processes. 16. Develop a formalized insider threat program. 17. Establish a baseline of normal network device behavior. 18. Be especially vigilant regarding social media. 19. Close the doors to unauthorized data exfiltration. Each of these practices are addressed in the context of six groups within the organization: Human Resources, Legal, Physical Security, Data Owners, Information Technology, and Software Engineering. CERT’s model places Information Assurance (IA) within the Information Technology function, and assumes that Physical Security is a separate entity. While this does not represent the best arrangement for corporate security governance, it does effectively drive home the point that addressing the insider threat requires a coordinated,
multidisciplinary approach. While organizations with an existing cybersecurity program may have many, or all, of these controls in place, others may find the list overwhelming. Small companies without dedicated security personnel often have too few IT staff to achieve meaningful separation of duties. They may have to place more emphasis on detective controls and monitoring the behaviour of employees with access to sensitive assets. From a technical controls perspective, the practices highlight the need for an enterprise log analysis capability. A correlation engine or full-blown SIEM can help to to detect unusual behaviour patterns, but despite what some vendors imply in their advertising, the detection capabilities of these systems are highly dependent on correlation rules that customers must create. The absence of industry-wide standards for event log content makes this challenging; even the major security product vendors have yet to agree on a standard. This drives up the cost of SIEM implementations and makes it more likely that important events will not be correlated. The fact that some log analysis and SIEM vendors price their products based on collected log volumes also discourages businesses from centrally collecting all logs. Fortunately, open-source log management products such Graylog have matured to the point that they are a viable alternative. While it provides only basic alerting capabilities, Graylog simplifies searching and provides a platform on which security correlation tools can be built. Most importantly, from an insider threat perspective, this provides even small business the ability to aggregate logs outside the reach of contractactors and system administrators,
A CORRELATION ENGINE OR FULL-BLOWN SIEM CAN HELP TO DETECT UNUSUAL BEHAVIOUR PATTERNS, BUT DESPITE WHAT SOME VENDORS IMPLY IN THEIR ADVERTISING, THE DETECTION CAPABILITIES OF THESE SYSTEMS ARE HIGHLY DEPENDENT ON CORRELATION RULES THAT CUSTOMERS MUST CREATE.
and hold them accountable for their actions. While the practice areas call for the involvement of physical security personnel, they fail to stress the importance of physical security controls in addressing insider threats. Limiting access to server rooms, networking closets, and sensitive paper records is essential. In addition, alarm system and proximity card access system logs should be preserved and reviewed. Events such as employees accessing the office on weekends should be noted, especially when this is unusual behaviour. Administrative controls, including background checks and, as the practices suggest, addressing suspicious and disruptive behaviour are critical. Many factors can motivate employees to steal from or sabotage their employer. One or two generations ago, it was common for employees to work with pride for the same company most of their career. While there were obviously exceptions, it was considered normal to join a company and expect to retire there. Today, many large corporations consider employees disposable. Layoffs are initiated not only in response to changing business requirements, but also sometimes as a short-term solution to boost quarterly financial results. Employers demand loyalty from employees, but many fail to reciprocate. Managers who believe that employees can be motivated by positive performance appraisals without a corresponding pay increase that at least keeps pace with the rate of inflation need to carefully consider their underlying assumptions. While there is never an excuse for employees breaching obligations to employers, it makes little sense to focus on identifying external factors such as gambling, drug, and alcohol abuse while ignoring internal factors that are within the company’s control. Employees who feel valued and respected are less likely to engage in illegal activity against their employer. It is not possible to completely eliminate internal IP theft, IT sabotage, and fraud. However, with careful planning and a multidisciplinary layered approach, it is possible to effectively address insider threats.
September/October 2016 IT in Canada Online / 13
IoT
By Charlie Atkinson
THE INTERNET OF THINGS IS TAKING CANADIAN BUSINESSES BY STORM – Is Your Team Ready?
14 / IT in Canada Online September/October 2016
A
food packaging plant manager gets an alert via smartphone app that an automated washing system is dangerously low on fluids, and he’s able to get it replenished before a health risk develops. Technicians at a municipal wastewater treatment plant avoid a messy overflow after a dying pump sends out a distress call. And a car factory keeps the line moving with regular, automatic updates from the factory floor to suppliers of seats and other components so they can keep up with deliveries. Welcome to the Internet of Things (IoT), where everything from individual valves to entire factories and supply chains share data with each other and their operators. The benefits include streamlined logistics, more efficient factories, and happier managers and consumers alike. It’s clear that Canadian businesses are quickly recognizing IoT’s value. IoT revenue will be worth as much as $8.4 billion CAD in 2016, with some of the fastest-growing industry sectors including manufacturing, healthcare, transportation, and consumer, according to IDC Canada. However, while the Internet of Things promises many rewards, it also brings a host of security risks as an ever-increasing flood of potentially sensitive data makes its way into the cloud. What’s to be done about it? Experts say the solution is twofold: data encryption, and servers with built-in security features. Securing a server’s firmware should receive special emphasis, say experts at Hewlett Packard Enterprise. “Because all of the press has been about attacks on the software side historically, the Compute side has been more
IoT
vulnerable because you didn’t have as much emphasis there,” explains HPE server firmware manager and engineer Kevin Depew. In other words, with most of the world’s attention on high-profile software and data hacks, the potential exists for hackers to slip unnoticed into the firmware in servers that run software containing sensitive information.
The Internet of Things Revolution Never before has information technology— defined by applications, databases, and server infrastructure—been able to blend so thoroughly with operations technology —the realm of machines like factory robots and environmental control systems. Connected machines and systems of machines provide a steady stream of operational data, enabling sophisticated algorithms, powerful analytics, and predictive reports that increasingly inform business processes and decision making, not just operations. It’s all made possible by the Internet of Things, or IoT. And the trend is only going to grow. According to IDC Canada, 2016 is slated as being the Year of the Developer, with more than 250,000 unique IoT applications set to be created around the world over the next five years. Given that Canada has a strong pool of engineering talent, it is clear IoT will be at the top of the country’s innovation agenda.
New Benefits, New Risks But the security risks that come with connecting operations to the IoT are also very real, as more and more potentially sensitive data goes online. Fortunately, robust tools for ensuring data security are already available—it’s just a matter of using them properly. Protecting data means keeping unauthorized users out of the data stream. And that means it must be encrypted to all but autho-
rized users. Data streaming from machines should be encrypted before it is sent, from the machines themselves to local control systems, and from there to remote servers. Fortunately, most such systems already have secure communications protocols in place for securing data in transit. But it’s only when data reaches those outside servers that the magic of the IoT can go to work. And that can only happen if the data remains secure once it reaches the servers. There, it is potentially more vulnerable than in transit, experts say. That means a key component for data security at that point are servers that include built-in protections for keeping data safe. Hewlett Packard Enterprise (HPE) takes security at the firmware level very seriously, says Depew. All firmware code goes through a rigorous testing process that includes attempted break-ins to try to discover unknown vulnerabilities. Also, says Depew, “We build security in to prevent modification by any malicious party.” For that matter, HPE servers also include built-in encryption. This protects data even if the server itself is physically stolen, let alone hacked into remotely. “It’s called encryption for data-at-rest,” says Depew. “If you steal the whole server, the keys aren’t stored on the server, so you can’t access that data.” Since the encryption keys are stored and managed externally to the server, the data is still secure, even in the wrong hands. All of which means that as long as security is handled properly at the hardware and software level, IoT’s reach—and the benefits it brings to the industrial world—will continue to expand.
PROTECTING DATA MEANS KEEPING UNAUTHORIZED USERS OUT OF THE DATA STREAM. AND THAT MEANS IT MUST BE ENCRYPTED TO ALL BUT AUTHORIZED USERS. DATA STREAMING FROM MACHINES SHOULD BE ENCRYPTED BEFORE IT IS SENT, FROM THE MACHINES THEMSELVES TO LOCAL CONTROL SYSTEMS, AND FROM THERE TO REMOTE SERVERS. FORTUNATELY, MOST SUCH SYSTEMS ALREADY HAVE SECURE COMMUNICATIONS PROTOCOLS IN PLACE FOR SECURING DATA IN TRANSIT.
Charlie Atkinson is Vice President Enterprise Group and Managing Director at Hewlett Packard Enterprise Canada. You can follow Charlie on Twitter @CharlieMeansBiz. September/October 2016 IT in Canada Online / 15
SECURITY
By Peter Romano
Protecting your businesses
AGAINST EMAIL ATTACKS
B
usinesses have to use email in order to operate successfully – it’s just reality. From internal communications to external communication, most businesses revolve around their use of email with some estimates topping more than six hours of email use a day. With email being so widely and frequently used it is no surprise that email-based threats are one of the most evolved and effective methods of targeting businesses’ employees. Many employees – even up to the C-level – find themselves unwitting participants in external threats delivered by email. Security experts at TELUS are seeing that email targets are going beyond looking like a suspicious email from an unknown email address. Now, they can appear to be legitimate requests from real partners, clients, internal colleagues or even friends. This attempts can be heavily socially engineered, potentially 16 / IT in Canada Online September/October 2016
even using carefully researched personal information, like children’s names, to feign legitimacy. Falling for one of the email ruses can not only result in a data breach, it can lead to a damaged corporate reputation and loss of customer trust. TELUS security experts advise that there is more businesses can be doing to keep up with the advancing email threats targeting employees. First, companies should be building education and awareness within their workforce. Employees must be trained to rethink their approach to email so they become an additional line of defense. Employees should be encouraged to think critically about the requests in each email received and, when in doubt, practice calling vendors, clients or coworkers directly to confirm a questionable request. Second, establish sound processes. If a
suspicious email is found or a breach is made. It is important that all employees know exactly what they need to do to escalate it to the appropriate people to it can be appropriately contained. With a breach, time is always of the essence. Finally, organizations should adopt a layered approach to security with extended email protection. Utilize encryption at the information level, data loss protection like setting rules to determine what information is allowed in and out of an organization, and target trusted connections between authorized users and attackers. Each of these capabilities can work together or individually. For example, if you’ve been breached by an advanced malware or targeted attack through a trusted link, you can use encryption or data loss protection to lock down information or stop information flow altogether. Savvy security managers and organizations taking a layered approach to security already have extended email protection on their radar. If you’ve experienced a targeted attack you’ve probably realized, like most security professionals do at some point, this type of infiltration can happen to anyone. TELUS recognizes this reality for businesses and offers not just solutions for extended email protection but solutions that give organizations the visibility, understanding and control they need to protect against emerging threats – including email based malware. By encouraging your workforce to be diligent and adopting extended email protection solutions, business will be in a much more strategic position to defend against targeted attacks through email. Peter Romano is the Director of Corporate Security at TELUS.
By Marcello Sukhdeo
SECURITY
HACKERS COULD CONTROL what you see on your monitor
H
ackers could control your monitor without hacking into your computer so that what you see is not accurate. During the DEF CON show that was held in Las Vegas, researchers showed how hackers could manipulate the display of a computer monitor to provide false information that can be misleading to the user. After many months of research and testing in reverse engineering, experts from Red Balloon Security, a company that was founded in 2011 by two of the world’s leading cyber-security researchers, found a way to hack a monitor without even hacking the computer. During DEF CON 2016, an annual hackers convention that attracted over 22,000 good and bad hackers among others from the security industry, Red Balloon chief scientist Dr. Ang Cui and principal research scientist Jatin Kataria showed how to manipulate a monitor by using an HDMI or USB port. During their presentation they exposed how by exploiting a hacked monitor, they added a secure lock icon on a web page that was not there. Think about the consequences from this addition and how it can lead to financial information falling into the wrong hands. Another example was that they made a zero PayPal account balance appeared to be a $1B balance and a more serious one was that they changed the light status on a power plant’s control interface from green to red. During their research, they used a Dell U2410 monitor and figured out how to change pixels on the display through the firmware, which was not that, secure. But it’s not just Dell monitors that are at risk, many other brands that we have sitting on our desk at work or home, including Acer, HP, and Samsung, are all vulnerable to the undetectable firmware attack according to the researchers.
As pointed out, for this type of attack to occur, though, hackers need access to physical monitors through the USB or HDMI ports, which may not be a concern for many but there have been many warnings by experts who have said that a country’s infrastructure, especially the US could be at risk if malware is introduced through a USB drive. Research has revealed that if USB drives are left lying around, that nearly 50 per cent of those that picked them up will plug it into a computer. I know it is hardly unlikely that a hacker will try to target your monitor but infrastructure targeting is still a very real threat as well as monitors that are manipulated before reaching its destination. This was amply highlighted by ExtremeTech, “One of the disclosures Snowden made several years ago was that the NSA had a program dedicated to intercepting systems shipped by Dell, HP, and other manufacturers, modifying the hardware between the warehouse and its destination, then sending it on its way, with the final recipients none the wiser. Targeted interception and modification of this sort is rare, but this is precisely the kind of modification that government-sponsored black hats might use.” The purpose of Cui and Kataria’s presentation was to raise awareness about computer monitor security and the real threat to infrastructure systems if infringed. Another result of this sort of hack is that it could be used to spy on what we are doing, what we are seeing, and even pilfer our data. But we can take comfort in the fact that at this time, this type of hack is not an easy one according to the researchers, but then again, with the heavy emphasis on hacking, we will be naive to believe that hackers cannot use this to generate more sophisticated ways to intrude our cyber-lives. September/October 2016 IT in Canada Online / 17
HOW TO
HOW TO:
Enabling Bash on Windows 10
A
t Build 2016, Microsoft announced that Bash will be coming to Windows 10 via the future release of the Anniversary update. Made possible through the partnership of Microsoft & Canonical, this first class experience is made available natively a Windows desktop and required no VM to be run. The Windows Subsystem for Linux (WSL) is actually an infrastructure within Windows operating a genuine Ubuntu user-mode Ubuntu image. At the moment Windows 10 Insider Preview build 14316 or higher is required to enable Bash functionality and there are some limitations. Further functionality is being made available in future releases. The following are the steps required to enable Bash on Windows: 1. Using version Windows 10 Insider Preview build 14316 or higher, navigate to Settings > Update & Security > For developers 2. Select the Developer mode switch to enable Developer Mode 3. Navigate to Control Panel > Programs and select Turn Windows features on or off 4. Select Windows Subsystem for Linux (Beta) and click OK In the Windows Features window 5. With the installation now complete, the computer will reboot to enable Bash on Windows 10 6. Click on the start menu, type BASH and accept the Terms and Conditions 7. Click on the start menu again and type BASH or Ubuntu to run the Bash shell The same Linux terminal commands are used within the Bash shell. The following are a few basic commands to be used in the Bash shell. • List Directory Contents: ls • Change Directory: cd • Create a Directory: mkdir • Copy a File: cp • Move or Rename a File: mv in Bash, move and rename in DOS Delete a File: rm
18 / IT in Canada Online September/October 2016
By Anthony Bartolo
PODCAST
By Marcello Sukhdeo
The latest episodes of
WRLWND RADIO Google Duo, Nokia Comeback & the Most Reputable Tech Company Listen here: http://html5-player.libsyn.com/embed/ episode/id/4603652/height/90/width/640/theme/custom/autonext/no/thumbnail/yes/autoplay/no/preload/ no/no_addthis/no/direction/backward/no-cache/true/ render-playlist/no/custom-color/87A93A/#GaRz4SZQcOmXQ5 0o.99
Your Privacy Could be Compromised for LESS than $50! Listen here: html5-player.libsyn.com/embed/episode/ id/4594097/height/90/width/640/theme/custom/ autonext/no/thumbnail/yes/autoplay/no/preload/no/ no_addthis/no/direction/backward/render-playlist/no/ custom-color/87A93A/
Moon Travel, Unlocking Your Phone with Your Eye, & Sage Summit 2016
Welcome to Season 2 of WRLWND Radio. Listen to our last four episodes to keep you safe in the technology WRLWND.
A taste of Android’s Nougat & WhatsApp’s huge privacy change Listen here: http://html5-player.libsyn.com/embed/ episode/id/4620525/height/90/width/640/theme/custom/autonext/no/thumbnail/yes/autoplay/no/preload/ no/no_addthis/no/direction/backward/no-cache/true/ render-playlist/no/custom-color/87A93A/#eA1vy6Qvr8LuPhLT.99
Listen here: http://html5-player.libsyn.com/embed/ episode/id/4568933/height/90/width/640/theme/custom/autonext/no/thumbnail/yes/autoplay/no/preload/ no/no_addthis/no/direction/backward/render-playlist/ no/custom-color/87A93A/
WRLWND Radio is now available on iTunes and Stitcher.
SUBSCRIBE TODAY. September/October 2016 IT in Canada Online / 19
GAMES
By Michael Murphy
POKEMON GO, TROJANS AND MDM
T
he Pokémon Go app experienced a viral takeover this summer, with over 100 million downloads and counting since its launch. Users are spending an average of 33 minutes per day on the app – surpassing time spent on Facebook. While there is likely a case to argue about the effect the app has had on employee productivity, there is also concern about the threat the app poses to corporate information. As quickly as the app rose in popularity came reports of security and privacy issues, first with app creator, Niantic, inadvertently gaining permission to a player’s entire Google account (including Gmail, Google Drive, and Google Photos), and then the fake imitation apps filled with Trojans. However, Pokémon Go is just one of the many apps employees have downloaded to their personal and corporate devices that have the potential to put data at risk. Messaging service, WhatsApp, discovered a bug in their web extension that allowed hackers to remotely take control of a user’s computer, and two years ago Snapchat experienced a breach when a hacker published the personal credentials of 4.6 million U.S. Snapchat users. Pokémon Go is yet another reminder
of the threat mobile devices can introduce to the workplace if an organization does not have the proper technology and policies to protect corporate apps and data. According to the Canadian Radio-television and Telecommunications Commission (CRTC) two-thirds of Canadians own a smartphone and almost half own a tablet – so banning personal devices from the office or attempting to halt the blend of personal and corporate use of a device is becoming increasingly unrealistic. However, there are many benefits for organizations that allow a BYOD (bring your own device) environment, for example, employees have the freedom to choose their own device and can work and collaborate the way they prefer. Additionally, there can be significant cost savings for the organization if employees pay for some of the costs associated with the device. At the end of the day, embracing BYOD just makes sense. So how can organizations adjust course to ensure corporate data remains secure while employees enjoy their devices? Technology that both protects company apps and data but allows a user to work from any personal device comes in the form
of Mobile Device Management (MDM) and Mobile Application Management (MAM). For optimal security precautions, organizations should provide a corporate app that can be downloaded and used on the personal device to ensure employees can securely connect to company servers and information. Ideally, this app should be separate or containerized from the rest of the apps on the device. This means that even if an employee downloads a virus that seeks to extract private data, it is blocked from accessing corporate data through end-to-end security barriers designed into the app. Certain MAM solutions also allow for remote wipe, should any vulnerabilities appear or if the device is lost or stolen, corporate files and data can be removed from the phone remotely. Organizations should also have a clear BYOD policy that is communicated to employees while simultaneously supported by the IT department. The policy should outline what devices and apps are allowed or banned, information regarding security procedures including whether not IT requires antivirus or antimalware software on the device, what information can be stored on the device, information regarding stipend or cost sharing and servicing the device among other considerations. It’s also important to educate staff on easily avoidable, common security pitfalls like how to avoid weak passwords and sending/receiving information on public Wi-Fi networks. A combined approach of technology, policy and education can help organizations make the most of a BYOD environment while employees enjoy the latest and greatest the app world has to offer. Michael Murphy is the vice-president and country manager of Citrix Canada (@CitrixCanada), a global company that enables mobile workstyles, allowing people to work and collaborate from anywhere.
20 / IT in Canada Online September/October 2016
BLOG
By Nancy Harris
CHANGING EXPECTATIONS:
E
Women leading the way for today’s entrepreneurs
ntrepreneurship is the engine that keeps the economy moving – driving innovation, creating jobs and promoting economic growth. There is a major shift happening in Canada and around the world as more and more women take the entrepreneurial plunge. According to a report from TD Economics examining Canadian entrepreneurship, since 2009, the overall share of entrepreneurs versus paid employment has been fairly flat. However, during that same period, the report also found that there was a significant increase in the number of women becoming entrepreneurs. So what’s changed? Why is the time ripe for women to start new businesses? A cultural shift in the world has helped to provide more women with opportunities to launch their own business. Today, women looking to launch their own business now have more access to capital, better media representation of women leaders, and networks and communities of women leaders to tap into for resources and support.
Greater Access to Capital There are generally two things needed to launch a new business – a good idea/ product/service and the capital to make it a reality. In the past, it has been more difficult for women-led start-ups to access capital through traditional means. Thankfully the number of female accredited investors has risen considerably in recent years, which is helping to fuel the growth of women entrepreneurs. Today, one in four angel investors are women, a dramatic jump of 234% in 10 years.
of a business, organizations like Women’s Executive Network and Women of Influence, can be invaluable sources of information and inspiration to draw on.
Changing Expectations
Leading by Example Media plays a vital role in inspiring entrepreneurship. In recent years more focus has been placed on women business leaders such as Sheryl Sandberg, COO of Facebook and Mary Barra, CEO and Chairman of General Motors. Showcasing women leaders and their impact have had two positive effects on the business world, according to a recent Forbes article. Firstly, media can shine a light on the challenges women face. By highlighting the lack of diversity within a given industry can help to pressure the industry’s leaders into change. Secondly, the increased media attention plays an important role in inspiring entrepreneurship and this, in turn, helps the next generation of female leaders. As more women entrepreneurs become successful, they mentor, invest in, and provide tools and resources to train other women. This increased access to networks, support, and resources of fellow women entrepreneurs are one of the contributing factors for the growth of women entrepreneurs in Canada and around the world. During the planning of, launch and ongoing operations
There has been a shift of the cultural ethos and today’s women leaders are finding their own voice in the world. This is in-part due to the changing expectations with regards to higher education. Success and knowledge tend to go handin-hand. It’s not uncommon that successful entrepreneurs are also highly educated. So it shouldn’t come as a surprise that parallel to the growing number of women entrepreneurs, women now outnumber men in global university attendance and graduation rates. According to a report from Statistics Canada, 64.8 percent of working-age women now have a post-secondary education. Furthermore, a report from Britain’s Higher Education Policy Institute (HEPI) found that girls born in 2016, will be 75 percent more likely than males to attend university. As such, the next generation of women entrepreneurs will have the foundation to succeed. So going back to the original questions: why is the time ripe for women to start new businesses? There have been amazing changes within finance, media, and the business world that have led to more opportunities for women to succeed in the SME market. As gender expectations continue to change for the better, women will be leading the entrepreneurial charge for years to come. Nancy Harris, is EVP, Sales and Partner Programs for Sage North America September/October 2016 IT in Canada Online / 21
BLOG
By Michael Bloom
Where and how will all that
[BIG] DATA BE STORED?
22 / IT in Canada Online September/October 2016
W
ay back in the 1980s, the late great comedian George Carlin foresaw the storage woes we’re facing today: “A house is just a pile of stuff with a cover on it. … And when you leave your stuff, you gotta lock it up. Wouldn’t want somebody to come by and take some of your stuff … Sometimes you gotta move, gotta get a bigger house. Why? No room for your stuff anymore.” George Carlin’s observation was meant to apply to the physical clutter in our homes, but it also describes the sheer volume of data housed within our IT organizations. Companies are collecting stuff – meaning data – like never before. This is happening, in part, because many of the analog functions required to monitor and manage the physical world are quickly becoming digital. And this isn’t the only source of this new surge in data. From traditional ERP and CRM applications to emerging distributed mobile applications, the amount of data generated by organizations continues to skyrocket. In addition, enter data from embedded systems and devices (e.g., smartphones, MRI scanners), often referred to as the Internet of Things. All of this data isn’t just “white noise” being generated by devices – instead, it actually holds value for those who know how to extract it. For example, by searching through that data, businesses are able to provide more relevant content, refine their products, and improve interactions between people and devices. There isn’t enough power, space, or time available to sustain traditional storage solutions with the volumes of data that organizations are dealing with. The solution to this is something like a weight loss regimen for data storage: Consume less and exercise more. Similarly, the best way to slim down your bloated data storage is with technolo-
BLOG
“ADVANCED DATA REDUCTION, COMPRESSION, AND DEDUPLICATION TECHNOLOGIES CAN HELP WITH THE BLOAT OF LARGE AMOUNTS OF LOW VALUE DATA, WITH THE END PRODUCT MOVING INTO MORE COST EFFICIENT ARCHIVE TIERS. THE LOW-LATENCY AND HIGH IOPS OF FLASH CAN ENSURE THAT TARGET-RICH DATA WORKLOADS RECEIVE THE HORSEPOWER THEY REQUIRE, WHILE REDUCING THE FOOTPRINT AND ENERGY UTILIZATION OF TODAY’S DATA CENTRE” — Dave Pearson, IDC Canada
gies that take a multi-dimensional approach to the problem. The right technologies will not only perform better, but deliver more value in less space, and have the capability to eliminate the need for extra data copies. One of the most disruptive technologies for slimming down data storage is solid state or flash storage. For decades, the best way to boost the performance of your applications was to add additional disk drives, or spindles, to your storage environment, even when you didn’t really need the added capacity. With solid state drives (SSDs) that use flash technology, you can get all of that performance in 10% of the physical space required by storage systems powered by hard disk drives (HDDs). Along with the savings on floor space, flash also provides a significant savings on utilities because solid state drives don’t spin, which means they don’t have to be powered or cooled in the same way that HDDs do. But getting fit is not just about losing weight – it’s also about creating a healthier, more active version of yourself. Flash allows you to slim down the number of
arrays and the resources used to maintain them, and it also transforms your storage capabilities. When performance matters most, nothing can beat an all-flash array built on a flash-optimized architecture. Flash can deliver double-digit gigabytes per second of random data throughput. It offers millions of input/output operations per second (IOPS) - an order of magnitude greater than even the fastest HDDs. Fast, predictable access times with only submilliseconds of latency can improve enduser productivity. The difference between spinning disk drives and flash drives is like the difference between someone going out for a casual jog and a world-class sprinter. “Growth of data in the enterprise is staggering – more than two times the growth rate of processing power, network capacity, and even mobile phone adoption between now and 2020,” says Dave Pearson, IDC Canada’s research manager for enterprise storage. “Fortunately, not all data is created equal. Identifying value in your enterprise data can improve your overall data ‘fitness,’ allowing you to put the right workload in the right place in your storage infrastructure.” It’s also important to recognize that not all flash is created equal. While performance and space are immediate benefits, it’s important to consider that as you move more workloads to flash, you can’t sacrifice the tier-1 data availability and scale that you’ve come to expect from mission-critical storage systems. Looking outside of nextgeneration storage media, it’s key to take advantage of data services that eliminate wasted space. “Advanced data reduction, compression, and deduplication technologies can help
with the bloat of large amounts of low value data, with the end product moving into more cost efficient archive tiers. The lowlatency and high IOPS of flash can ensure that target-rich data workloads receive the horsepower they require, while reducing the footprint and energy utilization of today’s data centre,” Pearson says. One of the things that consumes so much enterprise storage space is the multiple copies of data sets that are required across systems. These data sets are used for disaster recovery, test and development, data warehousing, and backups, and they are all based on the same original data set. However, they operate independently of each other and result in copy after copy. When companies rethink these discrete systems and consolidate them onto a highly scalable and accelerated flash array, they can take advantage of space-efficient snapshot mechanisms to take a full-fidelity virtual snapshot of a dataset, and then expose that snapshot to a new application or developer. In reality, no additional copies of the data are ever created, which can drive additional space savings of 6x or more. When George Carlin talked about stuff, he was really referring to the clutter an individual accumulates during his or her lifetime. But for businesses, stuff isn’t a collection of souvenir shot glasses from every trip you ever took - it’s a valuable resource that can be mined for essential information. If you can perpetually store and effectively utilize all that data, it can be the gateway to better decision-making and more profitable business ventures. Michael Bloom is Vice President, Storage Solutions (Canada) for Hewlett Packard Enterprise. September/October 2016 IT in Canada Online / 23
http://www.itincanadaonline.ca
Are you missing out? Please supply us the following information to allow us to provide another year of Free subscriptions to IT in Canada Online.
subscribe
now!
Fax: 905-727-4428 mail: 23-4 vata Court, aurora, ON, l4g 4B6 email: circulation@iticonline.ca
Name:
TiTle:
OrgaNizaTiON:
address:
CiTy:
COuNTry:
PrOviNCe:
POsTal COde:
e-mail address:
PhONe:
suBsCriBe TO Free digiTal magaziNe:
yes, Please
NO, ThaNks
suBsCriBe TO Free weekly e-NewsleTTer:
yes, Please
NO, ThaNks
Privacy Policy: we do not share or sell our mailing list