My bright blue bathing suit had turned pale pink from all the chemicals in the pool and I knew it was only a matter of time before the chlorine ate through the nylon fabric. Once, when I waited too long to replace an old suit, the front of my trunks ripped wide open and the see-through mesh lining underneath left little to the imagination. I did not want to repeat that walk of shame back to the locker room.

So I did what millions of shoppers do every day: I signed into Amazon and with a few simple clicks, I found and ordered my favorite suit. And then, because it doesn’t get any easier than Amazon, I picked up a few spare bicycle tires, filters for the vacuum cleaner and a novel I’d been meaning to read.

read more

Sitting through a number of presentations at various cyber conferences recently I’m struck that many enterprises cyber security planning comes down to having ‘the best people’ doing really pretty boring jobs. Jobs like keeping software updated, tracking down holes in the firewalls, waiting for alarms to go off, being fed alerts about out-of-date software: in short lots of controlled firefighting. But it all seems like enterprises are just working harder (and expensively) by throwing more people at the problem – instead of finding new ways of doing their business securely.

read more

There are boggling challenges on the planet, each of them affecting all of us, one way or another. Food. Clean water. Vaccinations. Health care in general. Then those second-level concerns which are also catalysts for the big problems: transportation, communications, finance.

There are about 7.2 billion people on the Earth-around a modest 7 gigapeople in computer terms. (This should give one an idea of how big all those magnitudes beyond a gigabyte-terabytes, petabytes, exabytes, and zettabytes–really are.)

Trillions of dollars will be required to solve any of the big problems for all the people of the world. I would like to think that millions of dedicated people devising vast IoT solutions will make steady progress in each area over the coming years and decades.

read more

With the troubleshooting virtual war room capabilities, AppDynamics now provides customers with a powerful ad-hoc virtual space that gives Ops & Dev teams one place they can chat, make system changes in real time, view and annotate events on second-interval charts so everyone (even non-AppDynamics users) can collaborate in a view that unites the different aspects of troubleshooting to provide common context and common data to all. The entire decision-making process can be indexed in knowledge management systems.

read more

By Anup Ghosh

Editor’s note: As an advisor to Invincea I closely track not only their capabilities but the context they provide the community. Anup Ghosh, CEO of Invincea published well reasoned context on the Sony Hack at the Invincea blog, it is reposted below for your consideration. – bg UPDATED: on 12/19/14, the FBI officially declared North Korea to be […]

read more

A group of hackers called GOP (Guardians of Peace) has taken credit for the attack and they claim to have stolen terabytes of files. Sony admitted that a large amount of information has been stolen, including business and personnel files, and even unreleased movies.

On Friday, security firm Identity Finder revealed that the attackers leaked what appears to be sensitive personal data on roughly 47,000 individuals, including celebrities.

North Korea is considered a suspect, but the country’s officials have denied any involvement, and Sony representatives have not confirmed that the attack was traced back to the DPRK.

Researchers from various security firms have analyzed a piece of malware that appears to have been used in the Sony hack. The threat is designed to wipe data from infected systems.

read more

ScriptRock makes GuardRail, a DevOps-ready platform for configuration monitoring.

Realizing we were spending way too much time digging up, cataloguing, and tracking machine configurations, we began writing our own scripts and tools to handle what is normally an enormous chore. Then we took the concept a step further, giving it a beautiful interface and making it simple enough for our bosses to understand. We named it GuardRail after its function – to allow businesses to move fast and stay safe.

GuardRail scans and tracks much more than just servers in a datacenter. It works with network hardware, Cloud service providers, CloudFlare, Android devices, infrastructure, and more.

read more

​This is part two in a three part series. To read Part One, click here.

Firms also have the moral duty to be honest with the customers regarding security policies, and at times, even system architecture. Many years ago I once found myself in the unfortunate circumstance where a company I was working with had poorly designed network architecture with a massive single point of failure. Eventually, this single point of failure failed in a spectacular way.

This failure brought down the entire system and impacted several customers in significant ways. After the mad scramble to get the system back up and running, it was important for me to visit affected customers to discuss 1) what happened, 2) why it happened and 3) what our plans were to prevent such a failure in the future. 

I recall some internal conversations about how to present this information to customers and some were in favor of, not exactly lying, but certainly being misleading so as to obscure the fact our system had such a gaping design flaw to begin with.  I opposed this approach because not only did I feel it was important to be completely honest with customers as a matter of course, but also because our customers were not stupid. While they may not have known specifics, they knew that such a massive failure had to be result of poor design. So any misleading “spin” would not only be immoral in itself, it would also erode trust with customers because they would know we were obfuscating.

The situation I describe above also highlights another ethical principle essential to IT operations. When service providers offer a service that is business-critical for their customers, they have a moral duty to design a system based on IT best practices so as to minimize disruptions and enable fast recovery. Firms who fail to do this are betraying the trust of their customers. Of course, some services are intentionally not built as business-critical with guaranteed uptime of five nines. At times, redundancy, backups, etc., are actually a hindrance to the performance of a system and are not essential. In such cases, service providers must clearly communicate this to customers and outline, precisely, what responsibilities the customer is assuming in terms of backup, redundancy, etc.

Broadly speaking, cloud services providers have a moral duty, similar to, but somewhat distinct from members of the customer IT operations team. That duty is to be responsive.  It is easy for service providers to fall into the trap of thinking that since they provide a self-service product wherein customers can generally manage and resolve many challenges unaided. In such situations it is tempting to focus primarily, if not solely, on the needs of the biggest accounts. There is sense to this as most often, larger accounts pay for certain levels of support and responsiveness; something smaller accounts often forego. However, service providers must not forget that while a major outage impacts larger customers, so also do outages impact the one-person IT consultancy shop who’s sole-proprietor may be working to support a family, pay into a college fund, or plan for retirement. Outages impact everyone, bit or small; regardless of the nature of the business.

Of course, it would be impossible to large service providers to have 1:1 contact with all customers at all times. Therefore, meeting the needs of all customers is not just a matter of having a responsive customer service or support department. Proper customer support begins with proper product design. And this is a never-ending challenge; to design a product that is easy to use and easy to troubleshoot. This, specifically, is where documentation becomes vitally important for a firm seeking to ensure customer success. There is no such thing as a “perfect” product or an ideal service. All products have “undocumented features” and odd quirks. Their existence is to be expected.  However, service providers have it within their power to properly document system or product oddities and to highlight workarounds to aid in getting around existing product or service deficiencies.  

In short, service providers have a responsibility to make their customers—big or small—successful. There are a myriad of ways this can be accomplished through proper communication, effective product design, and documentation. No customer, due to their size, should feel less important or less valued than larger customers. Taking care of all customers is not just a moral good, it’s also good for business. Small customers often become large customers and if a service provider has established trust and credibility with these customers, they can expect long-term, and mutually-beneficial relationships with their customers.

This is part two in a three-part series. Stay tuned for a deeper dive into ethical and moral philosophy, and then how to put these ethics into practice.

read more

As this year comes to a close, let’s take one last look at the most pervasive cloud computing trends — including increased usage across the different cloud service models, the key business drivers and the impact of agile innovation strategies.

Cloud computing adoption has matured, with 69 percent of survey respondents stating that at least a portion of their computing infrastructure is in the cloud. However, 56 percent of companies are still identifying IT operations that could potentially move to the cloud, according to the latest market study by IDG Enterprise.

Survey respondents believe that business technology is a game changer, and cloud solutions are providing advantages from increasing IT agility (63 percent), IT innovation (61 percent) and improving the ability to access critical business data and digital service applications (58 percent).

Removing the Barriers to Cloud Adoption

That said, IT leaders perspective on barriers to bringing these advantages to fruition differs from their Line of Business (LOB) counterparts. There is agreement, however, that a company’s biggest challenge to implementing a cloud platform is ensuring security.

But there’s a significant disconnect on the second most important barrier. IT leaders are concerned about integration (46 percent).  In contrast, LOB leaders believe measuring return-on-investment is a more important challenge (37 percent).

“As use of cloud solutions mature, more than half of companies surveyed are shifting from adoption to upgraded services,” said Brian Glynn, chief revenue officer of IDG Enterprise. “This opens the door for new and existing solution providers as businesses continue to look for ways to improve agility and innovation while balancing enterprise security and risk.”

Cloud Service Preferences are Evolving

Three-quarters of companies are confident that the assets they have placed in the cloud are secure. To help companies have a sense of control, 80 percent have already created, or will create, a governance policy in the next year.

Also, public cloud (60 percent) and private cloud (57 percent) solutions remain the preferred environments compared to hybrid cloud (19 percent). As more workloads move into the cloud, the amount of data stored in private and public clouds will each increase to 25 percent and 21 percent, respectively, in the next 18 months.

Since 2012, cloud investments have increased by 19 percent, with large enterprises spending on average $3.3 million a year, compared to SMBs spending $400,000. Moreover, spending on cloud solutions will account for almost a quarter of IT budgets in the coming year.

Cloud Deployment Motivation is Strategic

Current estimates show that 23 percent of spending on cloud solutions happens outside of the IT department — with marketing, sales and human resources most often investing in solutions.

Besides, even when a cloud solution is purchased by LOB leaders, the IT team can still be involved in the management of the project. And, in instances where IT does not lead the project, 45 percent of the time IT is still called upon to take over the project.

No matter who initiates the move to cloud, one thing will always be certain, CEOs and other senior executives that approve the budget are not enamored by the technology — they have a strategic imperative and they seek a meaningful competitive advantage in the marketplace.

read more

While many SPM Performance Monitoring users quickly see the benefits of SPM and adopt it in their organizations for monitoring — not just for Elasticsearch, but for their complete application stack — some Elasticsearch users evaluate SPM and compare it to Marvel from Elasticsearch. We’ve been asked about SPM vs. Marvel enough times that we decided to put together this focused comparison to show some of the key differences and help individuals and organizations pick the right tool for their needs.

Marvel is a relatively young product that provides a detailed visualization of Elasticsearch metrics in a Kibana-based UI. It installs as an Elasticsearch plug-in and includes ‘Sense’ (a developer console), plus a replay functionality for shard allocation history.

read more