Archive | October 2015

Moving Data is a Weighty Matter

 

powerlifting

 

We’ve accepted that data has gravity and like any large body as it increases it draws an increasing amount of applications, uses and more data towards it.

We’ve also accepted that applications also have mass, growing in complexity through their evolution unless the painful decision to start again is taken.

Combine these factors with an increasing number of requests, an increasing request size and suddenly you have a significant impact on the access time and the bandwidth available to move data takes a hit.

If these factors apply in day to day operations, then consider the impact when you have to move large quantities of data from one place to another; whether as part of a re-platforming operation, or as a move to an archive, or possibly as a move to the fabled Data lake technology. Then the combined data gravity and Application mass can combine to have a seriously detrimental effect on the movement of data.

Whilst any admin can script the movement of data between platforms and numerous ‘free’ tools exist, the ability to move data rapidly and effectively between similar or dissimilar platforms in a rapid manner, minimising any outages and working around locked files and ensuring file permissions and configurations remain complete, becomes crucial for customers. Neither internal nor external customers accept data outages; we have to be always on.

In my career I have migrated PBs of data between storage arrays, and honestly it can be a long dull and ultimately boring process, certainly not the sexy storage world we’ve come to know and love.  Moving data was never something to sit and watch; it was always a kick off and go for several cups of coffee (that may explain your caffeine addiction. ED).

Now, however, things are finally changing. Computacenter has recently partnered with Data Dynamics to move file data more efficiently and effectively than previously possible. Through the use of the Data Dynamics StorageX toolset Computacenter can offer movement of data detailing what moved, where it moved and even what didn’t move (and why). It does this whilst reducing disruption, decreasing migration time by 600% and reducing network load.

Combining these features with the ability to validate the configuration of the target system makes for a very compelling case and ultimately becomes significantly less expensive to a business than the ‘free’ tools available.

Moving data is a weighty matter, but that doesn’t mean it should be stressful.

Good defence exists, attacks still happen, breaches occur – “Time for security to change.”

“Cybercrime may now be bigger than the drug trade”, quoted the City of London police commissioner Adrian Leppard.

Security breach announcements that were once a rarity in the non IT world are now BBC front page news on a regular basis. Whether it’s the attack and successful removal of data from a previous unknown (but now well known) dating site or the more recent attack and potentially successful data breach of a major consumer telecoms services provider, Cyber attacks are the norm. Is it time to accept them as a necessary by product of the relentless creation and consumption of digital data, sadly yes. But to accept they exist does not mean an acceptance that an attack should be effective when there are so many steps that can be taken to reduce the potential for success. Defending and securing IT systems are not an easy task as the approach includes people, process and systems. To keep all three security aware and congruent at all times is a challenge with that one “out of sync” moment the attack window for a hacker. Do nothing or “do something but slowly” is a sure-fire way to be the next big story on the front page of the BBC news broadcast. It’s time for new thinking, new skills and better visibility EVERYWHERE or the enterprise will NEVER be secure.

Many years ago a large IT company ran a brilliant ad campaign about the need to think differently. In the case of IT systems and Cyber security, thinking differently should include a rigorous appraisal of existing defences, a perspective on the most valuable digital assets within the organisation (and the additional protection they require) and most importantly the need for people to change the way they interact with digital systems (vigilance). To defend against an attack, it’s time to “think like an attacker” and not based on a viewpoint that attacks follow standardised behaviour, are seeking random targets and lack rigour and planning. Today’s attackers or attack teams are extremely well trained, often well funded and have razor sharp focus on the target and expected outcome. Old school thinking based on technology will fall short in this new digital age. It’s time for new school thinking based on the psychology of an attacker as that will surely deliver greater value (protection).

We are in the midst of an enterprise business landscape with an aging work population aligned with traditional IT skills needing to evolve to a revised “digital rich” skills portfolio. This new skillset is likely to be software influenced and will definitely drive the need to think differently, learn now and learn very differently. And to further compound matters the emerging work force of Generation Y and Z thinkers may not be viewing Information Technology as the “must join” profession of circa 25 years ago. Modern enterprises face the quandary of an old workforce with dated security skills, coupled with a new workforce with skills too new to make an impact – who then will solve the security challenges we currently face? Sadly the skills problem will not be resolved overnight with a major investment in academic level cyber awareness, new age security skills training on mass for existing networking and security personnel plus enhanced employee security education as a mandatory activity within all enterprises. It’s time for enterprise organisations to encourage everyone who embraces the benefits of IT to also part be of the solution to the cyber security challenge.

There has been an age old management quote highlighting the difficultly managing things that can’t be seen – so why believe it to be different with data and information technology outcomes. Digital data is now the DNA of modern enterprises with the potential to ignite ongoing success or collapse an organisation to failure. Full visibility of data from edge to core with the potential to preempt attacks or fast remediate breaches is now an essential element of the enterprise IT systems operational playbook. Breaches will occur in a digital data rich enterprise due to the challenge of continually appraising human, IT and non IT systems behaviour in context and in sync. However enhanced visibility leveraging optimised data analytics can highlight anomalies or areas for further investigation earlier with the hope it’s early enough for the correct intervention prior to a breach. And if an when a  breach unfortunately occurs, “flight recorder” type data playback of the pre and post breach state will accelerate the time to triage and remediate plus reduce the potential for a mirrored attack. Many highlight “encryption everywhere” as one of the most impact full strategies for data protection and the emerging and very interesting “s‎oftware defined perimeter (SDP)” approach (zero trust access control and data movement) as instant fixes. There is no doubt that both will be highly effective protection elements but only as part of a wholesale rethink of security defence, protection and breach remediation.

Enterprises MUST now change their approach and security solutions expectations. The increased use of mobile solutions, cloud computing and virtualisation are not creating a problem for security professions but instead delivering the potential to “reset” security protection and defence within the enterprise. The days of “adding more layers”, often bigger or higher than previously delivered are no more – instead it’s time to design a solution for an enterprise in a state of continual attack not in “comfortable defence”. Effective digital systems security WILL be a primary business enabler in the digital age as enterprises that fail to defend well, remediate quickly and understand attacks may not survive for long enough to fully recover.

Act Now.

Until next time.

 

Colin W

Twitter: @colinwccuk

Chief Technologist – Networking, Security, UC – Computacenter UK

 

 

Digital Natives- The Future Dominant in the Workplace

This latest blog focusses upon what I termed in my last blog post “the latest disruptor….. also the source of much future opportunity”

To take an academic view for one moment, the prevalent definition of a “Digital Native” is as follows:

“a person born or brought up during the age of digital technology and so familiar with computers and the Internet from an early age”

By virtue of the definition, this puts an age/demographic based slant on the term Digital Native.

We are on the cusp of a major transition in the workforce, where this “latest disruptor”, which today accounts for approximately 23% of the active work force, will, in only 5 years rise to 47% of the active work force.  While 5 years may seem a long time away in some ways, it is clear that the focus on building modern workspaces for Digital Natives is rapidly becoming a pressing business priority.

demographics

Often we focus on the technology aspects of the Digital Native, and suggest that the conventional business tools and systems such as email are passé to these people, who prefer to communicate through Social Communities, “Whatsapp” messengers or “Facetime” conferencing.

However, looking beyond the tools chosen are more subtle themes and priorities.

The key traits of what the Digital Native is looking for within their Workspace are

  • The need For great user experience,
  • To be “always connected”
  • To favour convenience rather than security in their consumption and access to services
  • The ability to adapt and embrace new technologies
  • The willingness to sacrifice loyalty to previous tools when they no longer offer the most effective solution

The technology doesn’t matter, because invariably it will change; and change at an ever increasing pace.

The Digital Natives therefore pose a challenge to enterprise IT.  How does IT “keep up” and fulfil against the needs and expectations of this, soon to be dominant, portion of the work force.  At the same time, how does the business manage the risk posed by the previous dominant demographic, the “Baby Boomers” coming towards the end of their working tenure, leaving not only with their pension but a vast amount of intellectual property, knowledge and experience of their business locked in their heads?

The solution? We must not think of Digital Natives as distinct from any of the other prevalent workforce demographic (Generation X or the Baby Boomers).  What we must do, which we’ve always done, is leverage the opportunities the Digital Natives offer, the innovation of new tools, the new experiences and expectations to challenge how things are done today and make them better in the future.  Ultimately, success is in harnessing the collective experience of both the “Digital Natives”, who know only of a digital world powered by technology, mobility and collaboration, and the “Digital Novices” who whilst maybe adapting to the digital world at a technology level, retain a vast amount of business and industry knowledge.

Both sets of users need a common solution, a dynamic and agile workspace which enables the user wherever they may be working – we call this the Contemporary Workplace, an environment which adapts and flexes to provide natural habitats for not just digital natives but for every employee.