All posts by edjones

The hidden dangers of legacy technology – and how to resolve them

(c)iStock.com/TiSanti

Every business has that one legacy system they can’t seem to let go of. You know you’ve got one – a relic hidden away in some dusty server room. But are you aware of the damage these outdated systems can, will and may already be having on your organisation?

The damage inflicted by legacy technology can range from minor systems issues through to major events that could put your organisation out of business – and it’s important to know the hidden dangers.

Increased downtime

Outdated software runs on outdated hardware, all of which eventually leads to ever increasing downtime and continued system failures.  Running systems past their operational lifespan is a recipe for disaster. These systems will increasingly overheat, crash and eventually cease to operate.

The damage caused by system failures can range from frustrating to devastating. It can be as minor as IT spending countless hours rebooting servers, or the inconvenience of data loss. It could however be customers left unable to make purchases on the busiest day of the year as your website is offline. The bottom line is that system failures cost money; it could be hundreds, it could be millions.

RBS are an example of a company that learned this lesson the hard way. Legacy systems at the bank failed for several days in 2012, leaving their customers unable to access their accounts and make online payments. Worse still, staff were required to manually update balances in this time. This not only damaged their brand, but cost them millions in lost business. Paris’ Orly airport suffered a similar fate. The airport was forced into grounding planes for hours after an instance of Windows 3.1 crashed in bad weather. This system is 23 years old. It’s deeply concerning that some of the most important networks and systems today are woefully outdated.

Compliance issues

Depending on your industry, holding onto legacy technology is the equivalent of holding a ticking compliance time bomb. Once a legacy technology becomes unsupported, the vast majority will fail to meet industry compliance standards like PCI DSS, SOX and HIPPA.

These standards place strict requirements which encompass the entire IT infrastructure, often with specific focus on server and network security. Unsupported systems that do not meet these requirements will require significant investment to maintain compliance.

Running a system that is no longer compliant can result in hefty fines from regulating bodies. Visa and MasterCard impose financial penalties on merchants and service providers for non-compliance. These charges can range from £3,500 to £75,000 per month until compliance is resumed. Windows Server 2003 is as an example of technology which no longer meets PCI compliance. So if you’re processing card payments through a website running on Windows Server 2003 you could be non-compliant already.

Increasing operational costs

Running outdated technology increases operating costs. Old hardware platforms lack modern power saving technology, while old operating systems are devoid of virtualisation features. These systems are inefficient and cost more to run and maintain.

As previously mentioned, these systems crash often and require constant attention from the IT department, eating away at employee resource. Failure rates on legacy technology mean you’ll need to track down increasingly rare replacement parts which manufacturers may have stopped supplying.

There’s also the risk presented by a dwindling talent pool. As technologies pass out of circulation, so to do the IT professionals with the requisite skills to support these technologies. Lose an existing staff member and you risk paying over the odds to employ or train a replacement with the skills necessary to manage the tech. That is of course if training is still available the technology in question. Reflecting on the earlier Paris’ Orly airport incident as an example, they are now in a race against time to replace the outdated system, before the only technician they have who is familiar with Windows 3.1 retires. 

Data breaches

Legacy technologies are extremely vulnerable to attack from cyber criminals. With the average cost of a single data breach now reported at $4 million, this event falls into the potential business ending category. This of course depends on the size of the company and the severity of the breach.

The problem with these outdated systems is that they are (predominantly) no longer supported by the company that created them. You are on your own, if a new vulnerability is discovered by cyber criminals, there will be no security updates released to patch the issue. It’s also unlikely you will be informed of this vulnerability, meaning you are blindly running a system prone to constant attack.

Old technology also doesn’t benefit from advances in security. Take Windows Server 2003 as an example, old server platform lacks compartmentalisation available in modern server operating systems. Once an intruder gains access to your system, they will have free reign to move around. Through a single unpatched vulnerability, attackers can access all applications, middleware and databases running on the server platform.

Outpaced by competitors

We are all faced by digital disruption, accelerating at a pace we’ve not witnessed in any previous era of technology-induced change. The explosion of mobile devices and real-time transactions – supported by cloud services – cannot be handled by legacy systems which were never designed to accommodate these interactions at such a high volume.

This is a simple case of Darwinism, adapt or die. You cannot hope to be a 21st century organisation running on 20th century technology. By clinging on to that legacy system you may find your business lost to a digital start-up.

Don’t believe me? We need only look at our recent history. More than 80% of Fortune 500 companies from 20 years ago are no longer on the list. Having failed to make the transition to an internet-based business in the 1990s, they have been replaced largely by organisations born in the last 20 years as an Internet-based business.

The same fundamental transformation is happening now. Instead of a shift to online business, it’s a shift to digital business models and modern digital infrastructures. If you stick with your legacy technology, you face losing relevance and suffering the same fate as those from the 1990s.

The top five in-demand cloud security skills for 2016

(c)iStock.com/Jirsak

The cloud computing market continues to expand at a phenomenal rate. According to a recent report from IDC, worldwide spending on public cloud services will grow 19.4% annually through to 2019. Six times the rate of overall IT spend growth, this will double the current spend from $70 billion to $141 billion.

As more businesses transition to the cloud this will drive up demand for IT professionals with the skills to make the most of the technology. A market, which according to WANTED Analytics, already offers 18 million jobs worldwide. When considering this transition, a report from BT suggests security remains the number one concern for businesses looking to implement cloud technology. Therefore, IT professionals with cloud security skills will be more in-demand than most.

To help you take advantage of this growing opportunity, take a look at this list of the top five in-demand cloud security skills.

Compliance

The instant a business makes use of a cloud storage or backup service, compliance becomes an issue. Moving data from internal to external storage requires that business to closely examine how that data is kept to ensure they remain compliant with laws and industry regulations.

Understanding data types you can and can’t move to the cloud, asking the right questions of providers and ensuring correct terms are written into service level agreements (SLAs) are all critical areas in maintaining a business’s cloud compliance. Professionals who can demonstrate these skills within these areas will be in huge demand, crucial to any organisation using cloud storage services. Getting on the wrong side of cloud compliance can cost organisations $millions in fines, not to mention the reputational damage it can cause.

Ethical hacking

One of the more exciting skills on the list is that of ethical hacking. Businesses are increasingly on the lookout for professionals with ethical hacking skills as they look to test the security of their private, public and hybrid cloud deployments.

These ethical hackers combine a series of tools, hacking and penetration techniques in order to search for weaknesses in the businesses systems. The Certified Ethical Hacker course from EC-Council is a great way to develop these skills, with new modules dedicated to cloud computing.

Platform specific knowledge

When it comes to selecting a cloud platform, businesses actively seeking professionals who can demonstrate in-depth knowledge of the leading providers. This platform specific knowledge is hugely important when it comes to security.

These professionals help the business choose the platform, understanding how cloud service providers implement security. This can include knowledge of how each provider enforces physical security of its infrastructure and facilities through to the inbuilt security features that can be implemented once using a platform.

For leading providers like Amazon Web Services and Microsoft Azure, there are a range of cloud courses available to help develop this platform specific knowledge.

Communication

Interestingly, among the most in-demand cloud security skills is one entirely unrelated to the technologies themselves, communication. Both cloud and security combined include complex technological concepts and jargon that require explanation. The ability to be able to communicate these concepts and requirements to management and non-technical staff is a critical part of ensuring cloud security is correctly implemented in an organisation.

In fact, the (ISC)² Global Information Security Workforce Study places communication as the most important skill in contributing to being a successful information security professional. Amazingly, 90% of the 14,000 respondents ranked it as the number one.

Encryption

TalkTalk’s recent data breach cost the company £60m. The cause, cyber attackers intercepting unencrypted data packages.

Encryption remains one of the most effective ways to achieve data security. With the volume of data now being transmitted from businesses to the cloud, professionals who can create complex encryption algorithms whilst also understanding the different cloud encryption services on offer will continue to be a valuable and sought after asset.

Conclusion

These are some of the hottest security skills demanded of the modern cloud professional. Developing your skills in just one of these areas will open the door to new and exciting opportunities in 2016 and beyond. Why not start today?

Read more: The top five in-demand cloud skills for 2016

The top five in-demand cloud skills for 2016

(c)iStock.com/sommail

Now acting as the technological cornerstone for businesses across the globe, the growth of cloud computing continues at a phenomenal rate – and as a result, the employer demand for cloud professionals has exploded.

In 2015, there were an estimated 18 million cloud computing jobs globally, according to WANTED Analytics, and it’s a number that is only set to increase with LinkedIn reporting ‘cloud and distributed computing’ as the number one hottest skillset to get you hired in 2016.

With that in mind, it’s worth breaking down this skillset into the five most popular skills required of the modern cloud professional – and how you can go about developing those skills.

Migration

Despite the widespread adoption of cloud, millions of businesses are still contemplating, or in the process of, migrating their on-premise infrastructure. This continues to create significant demand for professionals with the skills to facilitate this migration.

Cloud professionals overseeing migration projects will need a sound knowledge of the different cloud deployment models available to businesses. They’ll also need to understand the existing infrastructure of an organisation, whilst having the knowledge to map applications and workloads running on existing servers and relocate them to the cloud equivalent.

For individuals considering Microsoft’s public and private cloud technologies, it’s worth taking a look at the MCSE: Private Cloud and Specialist: Implementing Microsoft Azure Infrastructure Solutions certification courses. These courses focus on developing the skills to manage and implement the Azure and System Center cloud computing technologies. You should also consider the MCSA: Windows Server 2012 course, which can be deployed across both public and private cloud offerings.

Security

Security is always a major concern for businesses when it comes to technology, and cloud is no exception; a 2015 study from BT claims business leaders rate security as ‘the number one concern for cloud computing’. It’s a concern which is unlikely to disappear with organisations continuing to hit the headlines for all the wrong reasons following high profile breaches.

Cloud security skills are critical for any business adopting the technology, especially since the UK average cost of a single data breach is reported to be a terrifying £2.37 million. IT pros who can demonstrate these skills will be hot property in 2016.

If you’re looking to develop cloud security skills, then (ISC)2’s Certified Cloud Security Professional (CCSP) credential should be your number one target. A collaborative effort between (ISC)2 and the Cloud Security Alliance, the credential builds skills incorporating data security, platform and infrastructure security and compliance, amongst others.

Database

In an interconnected world, we now create 2.5 quintillion (30 zeroes) bytes of data every day. Companies are desperate draw insights from this invaluable information, fuelling demand for professionals with the skills to store, manage and access this data. With these databases increasingly hosted on cloud platforms, now is the time to invest in learning a database querying language and an associated database platform.

SQL is the de-facto standard language to learn. Then, if you’re considering developing skills around a database platform, it’s worth looking at Microsoft SQL Server, Oracle Database or an open-source platform like MySQL, Hadoop or Mongo DB.  

If you go searching for SQL querying courses, they’re a dime a dozen. As for the platforms, there exist established certification tracks for Oracle and Microsoft. For the world of open-source there’s the MongoDB university, while Oracle cover MySQL training and Hadoop courses are available from Cloudera.

Programming language

Cloud adds a new dimension to the world of development. Developers can now build, deploy and manage applications quickly that can scale to unlock the full capabilities of cloud. These type of developers are hugely valuable to businesses.

In recent years, we have seen new programming languages like Python, Perl and Ruby rise to prominence in the cloud application development ecosystem. While traditional languages like .NET, Java and PHP continue to be popular.

If you’re starting out, choosing a programming language like Python or Perl is a good starting point. They are high level languages, making them easier to learn. Codecademy is an excellent resource with free courses including Ruby, Python and Java. For those looking to stand out, learning a second language will increase your employability, especially if it’s a mainstream language.

Linux

Demand for cloud professionals with Linux skills is huge right now. More than 25% of servers powering Azure are Linux based, a percentage that’s only set to grow as Microsoft continues to embrace the open-source market. Businesses are increasingly on the hunt for professionals with the skills to design, architect, build, administer and maintain Linux servers in a cloud environment.

For those wishing to seek out Linux skills, the Linux Foundation Certified Systems Administrator will develop the skills to administer a Linux Server. While Microsoft’s MCSA: Linux on Azure develops the skills to create cloud-enabled Linux solutions that leverage the full capability of the Azure platform.

Conclusion

These are in our opinion the top five cloud skills to get you hired in 2016 and beyond. Whichever area you choose, you’ll be opening the door to new and exciting opportunities. It could be a new project, a coveted raise or even a whole new career direction. What are you waiting for?