The vast majority of businesses now use cloud services, yet many still struggle with realizing the full potential of their IT investments. In particular, small and medium-sized businesses (SMBs) lack the internal IT staff and expertise to fully move to and manage workloads in public cloud environments. Speaker Todd Schwartz will help session attendees better navigate the complex cloud market and maximize their technical investments. The SkyKick co-founder and co-CEO will share the biggest challenges uncovered by the company’s [2017 survey](https://offers.skykick.com/top-cloud-challenges) of North American business, sales and IT leaders.
Monthly Archives: May 2018
Meet Google One, the cloud giant’s new paid storage tier
16 May, 2018
Google has revamped its paid-for cloud service, re-launching it as Google One. The plan will enable people to take advantage of storage limits of between 100GB up to 30TB, with support from Google experts to help you choose the right products and services for your business.
This space is now shareable across families, with the ability to add up to five members to one plan, with just one bill every month, simplifying the service for households. Everyone who joins the shared scheme will get their own storage space, so you won’t have to have your son or daughter’s files saved alongside yours, for instance.
The cloud giant said it’ll also offer those who pay for their cloud storage access to other benefits, such as credits on Google Play and deals on hotels when you use Google Search to find them. It says it’ll be adding more deals in the future as the service grows and evolves.
Everyone who currently pays for their Google Drive plan will be automatically moved over to Google One in the coming months, with their storage limits applying to files and folders in Google Drive, Gmail and photos and videos saved through the company’s Photos product. The service will start in the US and will expand over time, but before your plan is moved, you’ll be notified by Google.
Google One will cost less than current Google Cloud plans, too. Only the US pricing structure has been announced so far, but plans will cost from $1.99 (£1.47) a month for the 100GB version, $2.99 (£2.21) a month for the 200GB option or $9.99 (£7.38) per month for the 2TB option. This highest tier previously cost £15 a month.
Anyone on other Google Cloud plans will migrate later in the year, after Google Drive users are switched over. However, G Suite business customers won’t be forced to make the switch just yet.
Image credit: Google
Google aims to simplify its cloud storage with One plan
Google’s focus on the enterprise side of cloud has been strong in recent months – but it has by no means neglected the consumer arena either with a new storage plan and price cuts to match.
The company has announced the launch of Google One, a premium tier cloud storage offering aimed at replacing paid consumer Google Drive plans. The new service includes options ranging to 30TB, alongside access to Google experts for customer service, and added perks, such as credits on Google Play, or select hotels found on Google search.
Pricing starts at $1.99 per month for 100 GB and $2.99 for 200 GB, with prices above 2TB remaining the same as before. Yet the big change is around the 2TB mark, which now costs $9.99 per month – the price of 1TB previously.
In other words, Google is giving everyone an extra terabyte out of the goodness of its heart, halving the price of its 2TB plan in the process. The company confirmed it will upgrade existing 1TB Drive plans at no extra cost. In comparison, Dropbox and Microsoft offer 1TB at $9.99 – but the latter also bundles it in with Office 365.
“Thanks to mobile phones, and new file formats like 4K video and high-res photography, people are storing more than ever before,” wrote Pavni Diwanji, VP of Google One in a blog post confirming the news. “That’s why we’re introducing Google One, a simple plan for expanded storage that includes extra benefits to help you get more out of Google.”
This publication has covered in chapter and verse Google’s recent cloudy plays. Earlier this week, the company announced its intent to acquire Velostrata, an Israel-based company which focuses on accelerating enterprise cloud migrations. The storage wars continue, but more in the background these days. In February, Microsoft unveiled plans to poach rival customers by offering free OneDrive for Business so long as companies weren’t already Redmond houses in some capacity. The offer runs out at the end of June.
Google One has received favourable reviews, however. Writing for Forbes, Kevin Murnane argued that the live help aspect of the service “could turn out to be the most useful element of the new service.”
You can find out more about Google One here.
AWS plans to go celeb-spotting at the royal wedding
15 May, 2018
Saturday will see Prince Harry marry Meghan Markle at a celebrity-packed St. George’s Chapel in Windsor – and thanks to Amazon Web Services (AWS), no famous face will go unrecognised.
The cloud giant is using the live broadcast of the royal wedding to showcase its facial recognition technology, working with Sky News to provide viewers with a detailed explanation of who each famous person is and how they know the royal couple.
Rekognition will power the Sky News app’s ‘Who’s Who Live’ feature that will automatically highlight celebrities as they appear on screen.
Users of the Sky News app will be able to immediately see onscreen captions and graphics for each recognised famous guest and navigate the data without leaving the app, while keeping the livestream of the wedding on their screen.
AWS powers Sky News app’s ‘Who’s Who Live’ feature/Credit: AWS Elemental
“We’re excited to have helped Sky News successfully build and deploy the Royal Wedding: Who’s Who Live app,” said ALex Dunlap, general manager of AWS Elemental, which is AWS’s division that specialises in creating videos at scale.
“The high visibility and unpredictable audience size for this type of event made AWS cloud services, including those for media, a great solution by giving the ability to test quickly, only pay for what was used, and produce a reliable, high-quality experience in a matter of weeks.”
A video feed from an outside broadcast van located near the chapel will capture the faces of the rich and famous as they arrive, feeding the information to an AWS Elemental live small form factor appliance, located nearby, and ingest this real-time data into an entirely cloud-based workflow.
Sky News is also using data analysis platform GrayMeta, which has combined with Amazon Rekognition video and image analysis service, to provide the app with a tag of each celebrity.
It’s the ideal opportunity for AWS to showcase its technology – hopefully it performs better than the police’s own systems, which managed to incorrectly match faces in crowds with those from a criminal database 95% of the time, according to a privacy organisation’s report.
Picture: Shutterstock
Best free email backup tools
17 May, 2018
Backing up your inbox to your PC or external hard drive gives you access to your messages no matter what happens – even if a hacker attacks your account. We go through some of the best options available, whether you’re looking for something to automate the process, or for a manual tool for only the occasional backup.
Automatic: Thunderbird
In Thunderbird, an email client from Firefox’s creator Mozilla, the Mail Account Setup Wizard simplifies the process of adding an email account down to entering your name, email address and password. It works with all the main webmail and email services, and has a tab-based interface to make it easy to switch between messages.
When setting up you can choose between two email protocols: POP and IMAP. With the former option, messages are downloaded to your computer (250 at a time) and then, depending on your settings, either deleted from the source (Gmail, or Outlook.com, for example), archived, or left alone.
When setting up Thunderbird choose either the POP or IMAP protocol
With IMAP, messages are synchronised. Delete an email in Thunderbird and it will vanish from the web and vice versa.
Automatic: eM Client
eM Client is a more advanced alternative to Thunderbird, containing a calendar, a to-do list and tools for managing your contacts. Like Thunderbird, it works with POP and IMAP, downloads your messages as they arrive, and lets you save them by dragging them to your desktop or a folder.
It automatically sets up Gmail, Outlook.com, and Apple iCloud accounts, and even imports email from other clients you used in the past. It’s free for home users, with no limitations, though you’ll need to register to get a licence.
There’s a 30-day free trial of the Pro edition, but the free version should be enough for your needs.
Automatic: IFTTT
Use IFTTT to set up automatic actions, such as saving email attachments to Google Drive
If This Then That is a useful service that lets you link popular programs and devices so an action in one triggers a related action in another. A simple example is “if I get an email from a specific sender, then forward it to a different email account”. Sign up for an account, choose the options you require, then customise them. You can use it to do all sorts of tasks, such as automatically downloading attachments to Google Drive, OneDrive, or Dropbox.
Manual: MailStore Home
MailStore Home backs up your emails, and works with all email providers. To use it, select the service(s) to back up, then enter your email account details.
Your messages are saved in a central location on your hard drive, from where you can search for and read them. You can also easily restore them back to your email account. You can password-protect your archives, and the software fully encrypts all databases to make it impossible for anyone other than yourself to view the messages. You can run the software from a USB stick if you require.
Manual: Upsafe Free Gmail Backup
Some backup programs come with annoying limitations or, only store emails online (in the ‘cloud’). If you just want to save a copy of your Gmail messages to a folder on your hard drive, use Upsafe’s Free Gmail Backup, which is a breeze to use.
Once you’ve backed up your emails in Upsafe, click ‘View mail backup’ to see them
Install and run it, click the ‘Sign in with Google’ button, then enter your Google username and password and grant the program permission to access your account (none of your login details go to Upsafe).
Click ‘Start backup’ in the program and it will begin downloading your messages. You can choose where to save your backup to and see how much space is being used on your hard drive. Messages are downloaded in EML format (the format used by all email programs), and saved in Zip files. To see your emails in the program, click ‘View mail backup’ button (see screenshot).
Manual: Save and Backup My Emails
Most backup tools save copies of all your emails, which may be overkill. To selectively save emails, use CloudHQ’s ‘Save and Backup My Emails’ Chrome extension, which works in Gmail only.
Select emails to back up using CloudHQ’s extension, then click this button
Once you’ve connected CloudHQ to your email account, select one or more messages, then click the extension’s button under the search bar (see screenshot) to save a copy online.
You can download these at any time as PDFs by clicking the extension’s icon at the top right. If you don’t select any emails, you’ll see a button to ‘Backup all emails’ instead. This might be tempting, but the free version limits you to saving just 200 emails a month.
Manual: Google Takeout
Google lets you download a copy of all your data from its various products and services, including Gmail. Go to the Takeout page, click Select None, then scroll down and switch on the Mail slider (underneath ‘Location History’). Next, click the arrow next to the slide so you can choose to include all of your email or selected labels. Scroll to the bottom and click Next, and select the format to save the data in (it’s Zip by default).
Click this slider to download your Gmail emails using Google Takeout
You can send backed-up data as a download link via email, or added to Google Drive, Dropbox or OneDrive. You can browse this data once downloaded, but can’t restore it or import it into a new account. Takeout is strictly export-only.
Manual: Outlook
The best way to back up emails from Outlook.com is using an email client like eM Client or Thunderbird. To back up in Outlook 2013, click File, then select Open & Export. Click Import/Export then select ‘Export to a file’. Click ‘Outlook Data File (.pst)’, then click Next. Select your email folder, click Next and then Finish. You can import the backup through the Import/Export page.
Image: Shutterstock
Step aside ransomware: Why cryptojacking is the new kid on the block
With the ability to generate a staggering $1.5 trillion in revenues every year, cybercrime is big business. It’s the perfect model – earn a high income for minimum effort and risk of penalty.
It comes as no surprise then that when faced with issues around the fluctuating value of Bitcoin, cybercriminals stepped into action. These savvy criminals created a new attack technique that offers better paid out odds in comparison to ransomware – cryptojacking – unauthorised use of someone else’s computing resources to mine cryptocurrency.
This new technique has quickly risen in the ranks, replacing ransomware as the number one threat for consumers and enterprises. Let’s look more in detail at the factors that have driven this shift.
The money maker
With a cryptocurrency market cap of nearly $500 billion, cryptojacking is extremely attractive for cybercriminals: it doesn’t require high technical skills and, unlike ransomware, offers a potential 100% pay-out ratio. Once compromised, infected machines can immediately start to mine cryptocurrency in stealth mode regardless of its processing power or geographical location. Even low-end systems are useful to the cause since it’s the size of the network of compromised machines, and hence the total computational power, that really matters. Additionally, if the attackers don’t get carried away and tune the miner not to completely drain the CPU, the attack can go on stealth and undetected for a long time.
Ubiquity of the attack surface
It doesn’t matter if the malicious miner component is injected into a mobile device, a personal computer, a server, the cloud, or even an IoT device. It doesn’t even matter what operating system is being used. The attackers can take advantage of its CPU cycles for their illegitimate purposes with any OS. Even IoT devices with limited processing power can be recruited: the Mirai botnet has taught us what multiple IoT devices can do when working together. And it’s not a coincidence that a variant has been repurposed to mine cryptocurrency, and the same botnet has also spawned Satori, a variant infecting mining rigs, hijacking the device owner's mining credentials. In fact, hacking multiple IoT devices can be rewarding: according to a recent estimate, 15,000 hacked internet-connected gadgets can mine $1,000 of cryptocurrency in just four days. Not shabby considering that by 2020, there will be over 20 billion internet-connected devices.
Multiple infection mechanisms
Since malicious miners can be injected in virtually any device, multiple infection vectors can be used such as brute-force attacks, unpatched vulnerabilities, or compromised websites (drive-by cryptomining). The timelines of cyberattacks that I collect each month highlight the attackers’ creativity and their ability to find new ways to carry out these attacks.
Similar techniques can be used to compromise both client and servers, making new slaves for the cryptominer botnets. The Smomirnu botnet and Wannamine malware are two examples of threats exploiting the infamous EternalBlue vulnerability (CVE-2017-144) to spread. Even existing malware can be rewritten to mine cryptocurrency, or to add this “feature” to the existing ones.
In reality clients are even more exposed since they can mine cryptocurrency simply visiting a web-page hosting a JavaScript miner like Coinhive. Coinhive mines a cryptocurrency called Monero (XMR) and the main reason is that besides being able to stay anonymous with this blockchain, the algorithm used to calculate the hashes, called Cryptonight, was designed to run well on consumer CPUs (what a coincidence).
This is only the tip of the iceberg, since drive-by cryptomining campaigns are becoming bigger, more prevalent and more persistent while you browse the internet. Criminals are now adopting a technique similar to malvertising, injecting the Coinhive code into advertisements supplied by platforms like AOL or Google DoubleClick. It doesn’t even matter if the user leaves the compromised page or closes his browser since the malicious code can be hidden in a tiny ‘pop-under’ window hidden behind the Windows taskbar. This makes it persistent and invisible to the user. There have also been cases of malicious browser extensions injecting Coinhive directly into your browser.
The role of the cloud
The list of the five most new dangerous attacks presented by the SANS institute at the last RSA Conference includes both cloud storage data leakage and monetisation of compromised systems via cryptominers. Data leakage in the cloud is often the consequence of misconfigurations like wrong permissions or lack of an adequate password protection. Apart from stealing data, the same misconfigurations can be used by crooks to spin-up their own instances and use them to mine cryptocurrency at the expense of the victim, with the concrete possibility that the latter will not detect the attack until the next bill. A deadly combination of these two attack techniques listed by the SANS Institute has already hit some high-profile victims like Tesla, whose public cloud was used to mine cryptocurrency.
There are also some additional risks. Miners can use known cloud services to spread more quickly inside organisations (Netskope Threat Research Labs discovered a Coinhive miner resident in a Microsoft Office 365 OneDrive for Business instance), or also to avoid detection (like in case of Zminer and Xbooster that download payloads from Amazon S3 cloud storage).
Out-crafting the cryptojacker
The good news is that businesses can reduce their risk of exposure to cryptojacking by enforcing policies such as:
- Scanning all uploads from unmanaged devices to sanctioned cloud applications for malware
- Scanning all uploads from remote devices to sanctioned cloud applications for malware
- Scanning all downloads from unsanctioned cloud applications for malware
- Scanning all downloads from unsanctioned instances of sanctioned cloud applications for malware
- Enforcing quarantine/block actions on malware detection to reduce user impact
- Blocking unsanctioned instances of sanctioned/well known cloud apps, to prevent attackers from exploiting user trust in cloud. While this seems a little restrictive, it significantly reduces the risk of malware infiltration attempts via cloud
These policies combined with an effective patch management process for clients and servers; an updated corporate antivirus the latest releases and patches; and the use of Ad-blockers or browser extensions like NoScript can help to prevent drive-by cryptomining attacks.
Criminals are savvy, smart and are always on the lookout for the opportunity to exploit what they can, when they can, so don’t give them the chance. These preventative measures are effective and offer the barrier you need to protect yourself against mounting cryptojacking attacks and stop them in their tracks.
Josh Pederson Joins @CloudEXPO NY Faculty | @AylaNetworks #AI #IoT #IIoT #SmartCities #DigitalTransformation
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. By using cell IoT modules, telecom service providers, mobile network operators can more quickly and easily develop and deploy IoT that use cell communications.
Larry Larmeu Joins @CloudEXPO NY Faculty | @LarryLarmeu @AccentureCloud @AccentureTech #CloudNative #Serverless #DevOps
They say multi-cloud is coming, but organizations are leveraging multiple clouds already. According to a study by 451 Research, only 21% of organizations were using a single cloud. If you’ve found yourself unprepared for the barrage of cloud services introduced in your organization, you will need to change your approach to engaging with the business and engaging with vendors. Look at technologies that are on the way and work with the internal players involved to have a plan in place when the inevitable happens and the business begins to look at how these things can help affect your bottom line.
Muzaffar Khurram Joins @CloudEXPO Faculty | @AccentureCloud @AccentureTech #IoT #IIoT #EdgeCompute #SmartCities
The hierarchical architecture that distributes “compute” within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully been able to harness the excess capacity of privately owned vehicles and turned into a meaningful business. This concept can be step-functioned to harnessing the spare compute capacity of smartphones that can be orchestrated by MEC to provide cloud service at the edge.
Salesforce appoints a data protection officer
15 May, 2018
Salesforce has revealed the steps it’s made to become GDPR compliant, including appointing a data protection officer and putting privacy at the heart of product design.
The company has appointed Lindsey Finch, its current senior vice president of global privacy and product legal as its data protection officer (DPO), overseeing how Salesforce collects, stores and uses customer data.
“The official DPO designation is a natural outgrowth of our existing programme,” Finch said. “My team and I will continue to partner across the company to foster a culture of privacy – designing, implementing, and ensuring compliance with our global privacy programme, including ensuring that privacy is considered throughout the product development lifecycle.”
She explained that Salesforce’s Privacy Working Group, which includes executives from across the company’s privacy, legal, product, engineering, distribution, employee success and security departments, will help make decisions too, ensuring Salesforce remains compliant with the new rules after they come into force on 25 May.
“There is no finish line when it comes to GDPR compliance,” she said. “While Salesforce currently offers the tools for our customers to comply with the GDPR, we will continue to release new innovations that help our customers achieve compliance success.”
Salesforce has launched a GDPR website to help customers become compliant, including the information businesses need to honour data subject access requests, as well as guidance to help customers learn more about GDPR.
The vendor has also developed two new features after reviewing its readiness. A product called Individual Object pulls together a user’s individual privacy preferences across a customer’s entire Salesforce ecosystem, including contacts, leads, personal accounts and custom object records, while Salesforce DMP now features a consumer rights framework, enabling users to track and record consents they’ve received.