On July 24, Google began rolling out Chrome 68, which has a major impact on small business websites. The new update marks all HTTP sites as Not Secure to ensure internet users can easily recognize whether sites are safe or not. That means that Google’s browser now prominently displays a “Not Secure” warning flag next to a domain name in the address bar if the site is not secured with HTTPS. Further inspection will reveal a warning to the user that they should refrain from entering any personal information into the site for risk of attackers stealing their data.
In an effort to drive the world toward a more secure global internet, Google Chrome began marking all HTTP web pages with forms as insecure last year, as well as HTTP sites opened through an incognito window. In just a year’s time, such a small change pushed 68 percent of Android and Windows traffic and 78 percent of Chrome OS and Mac traffic toward HTTPS. Now, 81 of the top 100 sites are using HTTPS by default.
The changes have a negative impact on owners of HTTP websites – many of whom are small businesses, where a “not secure” warning could drive potential customers and revenue away from their sites. With about 60 percent of all internet traffic utilized through Google Chrome, a change like this affects many small businesses.
While HTTPS everywhere is good for the larger internet, this change is concerning for small businesses and individuals that don’t understand the nuances of security. Even with all the best intentions, a new label that says “Not Secure” on a small businesses’ websites may hurt a company’s reputation. Small businesses will be forced to explain what “secure” means to their customers, if given the opportunity at all, and explain why they don’t conform to it, even if they do using other controls. It may also cause customers to hesitate using the site, potentially driving business away. Thankfully, this can be solved by adding an SSL certificate.
While Google Chrome 68 requirements might not sound like a big deal for website owners that do not process payments or ask for information, the truth is all websites need HTTPS encryption and every website can benefit from an SSL. In fact, if you do not currently have an SSL installed on your site, you are already missing Google’s automatic search ranking boost from back in 2014. In addition, Google de-prioritizes HTTP sites. With an SSL installed, your site will have access to powerful API tools that users have come to expect in responsive websites, such as geolocation and audio/video streaming. SSLs also unlock a significant performance boost by allowing your site to operate over HTTP/2, which by itself has the capability to improve your load times by up to 40 percent!
An SSL shows legitimacy and professionalism by ensuring your users feel protected while browsing. No website is too small. No data is worthless. And installing an SSL could not be easier with the number of options you have for getting the job done!
Tony Perez is the General Manager and Vice President of GoDaddy’s Security Product Group. He is responsible for managing GoDaddy Security, Sucuri, and Media Temple Security brands. Tony leads a diverse and global team spanning over 20 countries from sales agents to software engineers. As a two-time business founder, Tony combines his understanding of the needs and concerns of small businesses with his expertise in cyber security products and services. Previously, Tony was the Vice President of Product Management for Sucuri under GoDaddy, Co-Founder, CEO, and COO of Sucuri Inc., Co-Founder and COO of CubicTwo LLC, and served as a US Marine.
When the whole world is fighting for the same jobs, what happens to workers? You can buy almost any thing you want online—toothpaste, books, plastic devices that allow you to lick your cat. On digital work platforms like Upwork, Fiverr,
The post The Online Gig Economy’s ‘Race to the Bottom’ appeared first on CloudTweaks.
Container security is not a unitary action but a multifaceted process. It involves securing the build environment using secure code control and other strategies. The procedure also necessitates securing containers’ contents via code analysis and unit tests. At some point, organizations need to develop a plan to secure their containers in production systems, as well. […]… Read More
The post Strengthen Production Systems with Container Runtime Security appeared first on The State of Security.
In World War I, the space between the most-forward trenches in a battle was called No Man’s Land – a place you didn’t want to be. I learned it as a tennis term. In tennis, you want to play at the net or behind the baseline. The middle of the court is where the ball […]… Read More
The post Selecting a Security Leader: Don’t Get Caught in No Man’s Land appeared first on The State of Security.
“… when everyone is remote, it is much easier to have a remote team than when you have maybe one or two people remote and everyone else in a location, because the mindset often is different for those people that are in the office versus those that are remote.”
Hadi Hariri is an author, teacher and a speaker at industry events around the world for more than 15 years. He hosts the Talking Kotlin podcast, leads the Developer Advocacy team at JetBrains and spends as much time as he can writing code.
(Episode published on February 22, 2018)
Guest Website: hadihariri.com
Guest Twitter: @hhariri
Guest GitHub: hhariri
Guest LinkedIn: hadi-hariri
Transcript, edited for clarity:
Ryan Carson: Welcome to Engineering People, the show where we interview the world’s leading engineering managers so we can learn from their experience and ideas. I’m Ryan Carson, the founder of Treehouse, and I’m your host.
Today, I’m joined by Hadi Hariri from JetBrains. Thanks for joining us.
Hadi Hariri: Thanks for having me.
Ryan Carson: We’re going to start off really simple and quick for those folks who haven’t met you yet. What is your job title?
Hadi Hariri: I’m like the team lead for developer advocacy at JetBrains.
Ryan Carson: What does JetBrains do?
Hadi Hariri: We make developer tools. We make tools for IntelliJ IDEA, which is our Java-based IDE, and ReSharper, which is our .NET stuff. Of course, we’re also the creators of the Kotlin programming language.
Ryan Carson: What are your primary daily responsibilities?
Hadi Hariri: For the team lead aspect, it’s making sure that things are working, although I’ve got mostly an autonomous team. Then just working on the stuff myself — whether it’s content, whether it’s preparing talks, some internal projects that I’m working on and stuff like that. So it’s varied, a bunch of different things, yeah.
Ryan Carson: How many people do you currently manage?
Hadi Hariri: Roughly, directly around 10 and indirectly a couple more.
Ryan Carson: What’s the largest number of folks you’ve managed underneath your whole organization?
Hadi Hariri: In a previous job, I was managing around 20 people.
Ryan Carson: What project are you most proud of?
Hadi Hariri: Given the type of work we do, which is contributing to multiple projects, it would be hard to say which project I would be most proud of. I guess that one of the things that I was most involved in recently was KotlinConf, which I was proud of and happy with how it went. But if you look at the kind of work that we do, although we’re part of the developer advocacy team, each of us, in some sense, is also part of different teams for our main products. Like I may focus on IntelliJ and Kotlin, and someone else might focus on TeamCity.
Seeing Kotlin progress over time and become popular and people adopt it — I think that has also made me proud a little bit of whatever I’ve contributed to that, of course.
Ryan Carson: Absolutely. KotlinConf is interesting, we should double click on that. What is the main value of running a user conference? Try to help our listeners understand. Maybe they should think about doing something like that.
Hadi Hariri: As someone said at the conference, it feels like a celebration. This first KotlinConf felt like a culmination of six years of working on Kotlin, and then having the whole community — especially many of those people who were around from the very early on days — come together. We were 1,200 people for a first-time event selling out, it’s kind of unheard of. But it is about trying to bring the community together, improve knowledge of Kotlin, what’s going on in the community, have other people share their experiences. From JetBrains’ perspective, it’s trying to give that to the community, a place to share and meet and talk around Kotlin.
Ryan Carson: Is your team distributed itself right now?
Hadi Hariri: Yeah. Pretty much.
Ryan Carson: How do you deal with having a remote team? What kind of tips can you give engineering managers who deal with remote team members?
Hadi Hariri: Yeah. Most of my team is actually remote. We’re fortunate enough, because of the nature of our work, that we meet quite often. We meet probably at conferences because if two or three of us are going to a conference, we might coincide there. We try and have at least once, but now we’re trying to push that to two, onsite meetings in one of the offices per year.
I think one of the things that is really important for remote teams is that you keep a constant communication flow on a daily basis, whatever medium you want to use for that. Back in the old days, we used to use ICQ. Then, it was Skype, then it was whatever. Nowadays, it’s Slack. We have a channel for our team, which is, it’s kind of like a virtual water cooler. We just constantly are chatting there about different things. I think that that makes it easier. I also think that when everyone is remote, it is much easier to have a remote team than when you have maybe one or two people remote and everyone else in a location, because the mindset often is different for those people that are in the office versus those that are remote.
Ryan Carson: Right. If someone is forced to have some of the team remote, some of it local, do you have any tips on how to keep the team cohesive and gelling?
Hadi Hariri: Don’t forget about your remote teammates. Cardo conversations are fine, but there’s things that you always need to take into account that not everyone is present all the time. That’s something to consider. I think that that’s very important.
Ryan Carson: Do you use video calls at all for the team?
Hadi Hariri: Yes, we do. We moved away from our weekly stand-up to a bi-weekly stand-up, but we always do video conferencing. A lot of times when I talk to people at the company, whether it’s team members or other teams, I try as much as possible to have it face-to-face as opposed to just voice because it really helps read emotions. When you’re typing or just hearing people, a lot of times, the emotions don’t come across, and that leads to misunderstandings.
Ryan Carson: Yep, amen. Some of my team is remote, and we do video one-on-ones every week. It’s a world of difference than a call.
Ryan Carson: How do you find great talent for your team?
Hadi Hariri: Being a remote team, we have a series of requirements: We really want people that are self-organized, people that have discipline to be able to work on their task, work on their things without needing to be micromanaged. We also look for people that are very good at communication. Especially on my team, which is developer advocacy, everyone is technical. Everyone is a developer. Everyone comes from a developer background. And we all still do development, but the ability to communicate is very important, and the ability to teach is very important. These are the skills that we look for when hiring new people.
Ryan Carson: How do you test for those behaviors?
Hadi Hariri: There is actually a test that we have, which is, for the developer advocacy perspective, it’s a very social test. It’s essentially asking questions of how you would approach different aspects. How would you talk to a customer that was upset? How do you react to certain things that are going on in the community? That gives more or less a good feel for what the type of character you’re talking to.
But then obviously, you say “Yeah, you’re going to be self-managing, you’re going to do this, and you’re going to do that” and the majority of people have never said, “Well, okay, I’m not very good.” Nobody I think is going to admit and say, “Oh, actually, I love being micromanaged,” right? So you kind of go on good faith, and then you just try it out. Then, three months, six months later, If it doesn’t work out, then you try and see where you can fix things. You just don’t say, “Well, you need to be micromanaged. Go away.” You try and work with the person and see how you can fix things before moving on. It’s very hard to determine in an interview whether it’s going to work in the long-term or not.
Ryan Carson: It seems almost impossible. How do you give feedback in a quick, timely manner so folks know how they’re doing, and can adjust, and ideally make things better instead of being surprised and then let go?
Hadi Hariri: I try and be quite direct. I try very hard to give constructive criticism: “This is what I feel is an issue, let’s talk about it, tell me if I’m mistaken, or is it something that I can do to help?” Then, “Do this, work together to try and improve things, and then do this a number of times. If neither of us see improvement or there’s no change, then it’s not working out.” But I do try and give enough, not notice so to speak, but enough steps to try and move to improving things.
The other aspect is there are a lot of times you might find a really good person that is not doing a great job for the role that you’ve given them, but that doesn’t mean that they might not be able to do a good job for a different role. So it’s always important to say, “This person has amazing qualities but is just not working out in this role. Is there anywhere else that they could fit in?” before saying it’s time to move on.
Ryan Carson: Which makes sense because it’s much more affordable to move someone sideways because you’ve already invested a ton of money in finding them, spinning them up, training them. They are starting to learn the tooling and the structure of the team. You want to keep them if you can.
Hadi Hariri: Yeah, and it’s nicer for them as well, right?
Ryan Carson: Right, absolutely. What frequency do you aim to give people feedback — whether it’s good feedback or bad feedback — daily, twice a day, weekly, monthly?
Hadi Hariri: In my specific team, we have one-on-ones every month to give feedback on how things are going — and not only how I feel they’re doing, but how they feel I’m doing. Am I giving enough feedback? Am I not? Where am I making mistakes?
Apart from that, every time you notice someone’s done a great job, why not say it? And then every time you notice that someone is maybe going off course, directly say, “Look, I think this is probably the wrong direction,” not wait for that one-on-one.
I’ve found that if you have this continuous conversation with people, those one-on-ones sometimes become like “Well, there’s nothing really to say because we’ve fixed things during this month, or you’ve done a great job this month.” It can become kind of short.
Ryan Carson: Once you’ve found that great talent, how do you retain that talent?
Hadi Hariri: I think this will probably sound, I want to say cliché, but it honestly is the truth. I think there’s two important things: trusting people and caring for people. This is a two-way relationship. If you join my team, and I trust you, and I give you the freedom to work, you need to earn that trust. It’s just a two-way thing, and keep that trust both ways.
Caring is caring for the person, not just caring for the quality of the work, but caring for the person. At the end of the day, I think if you care for people — you show that you care for people, you make sure that they’re happy, that they’re not overworked, that they’re not stressed, that if they have any personal issues, you’re there to help them within the limits that you can — if people enjoy the job they’re doing, they feel cared for, they feel trusted to do their best, they stay.
If you look at JetBrains, the first employee hired, 17 years ago, is still here. We have extremely, extremely low turnover. For me, it’s the longest job I’ve ever been at. This year, it’s coming up to eight years.
Ryan Carson: We actually just did company-wide training with something called Speed of Trust, which is a Franklin Covey concept, and I’m not being paid to say that. In fact, we had to pay them to train us. [laughter] But it was actually really interesting, and it was literally focusing on those things, that you cannot be effective at work if you don’t trust each other. We often, we don’t really value that as the hidden variable, which made sense. But then they actually broke it down into well, what is trust actually, because it’s kind of a big word that can mean a million things, but it’s based off of all these foundational principles. If you’re listening to this, I would really recommend checking out Speed of Trust. It’s probably a book. We just did a one-day training seminar on it, but it was helpful to me.
Hadi Hariri: I will definitely read up on that. If you don’t mind talking about books, one of the books that I read recently — which I was kind of surprised that many of the things that were said both myself and many people at JetBrains were already doing — it’s called Radical Candor, by Kim Scott, “Be a Kick-Ass Boss Without Losing Your Humanity.” It’s talking about this quadrant of you need to be candid with people. You don’t need to be offensive with people. It’s about keeping this balance, and it has a lot of great tips on how to do one-on-ones, and how to approach many different things that you face when you are managing teams.
Ryan Carson: Last question. We only have three minutes, so I’ll let you go after this. What’s been one thing that has dramatically improved the effectiveness of your team?
Hadi Hariri: That would be a question probably best asked of the team [laughter], but I would probably say that I think probably first of all, their freedom to work, to really just trust them to set the goals and say, “This is what we’re trying to do. Go out and do it. If I can help, let me know.”
I think one of the things that has actually improved in a sense is when I’ve tried to push — not push more, but say “Look, I really am here to help,” because we’re very hands-off in terms of management. We don’t micromanage, but I feel that sometimes, people might feel like they can’t approach and ask about things. That shouldn’t be the case, and so I think that that’s one aspect. The other one, again, being a remote team, I think one of the things that we do is — this is more kind of like a specific technical thing, so to speak, or a process thing — we actually log the activities that we do as part of a stand up. We actually send it to Slack, and then Slack posts it to a page we have on Confluence automatically. It’s just a single line — you know, today I worked on this, or this week I’ve worked on that — but it helps us raise awareness of what each of us are doing, so everybody sees everybody. It’s like a standup, but it’s a weekly thing. That helps us to say, “Oh, you’re working on this, I have a similar idea. Let’s try and combine activities,” especially because of the nature of our work, because each of us are working with different product teams. I think that this has also helped in communicating better and being more effective.
Ryan Carson: I’ve seen the same thing at Treehouse. Actually, the more we know about the daily activities of others, it actually unblocks all sorts of things. We had something where I said I’m going to meet with somebody about this process that we want to improve, and then someone said, “Oh, I know a lot about that. Can I join the call?” We fixed that process in a day.
Hadi Hariri: Yeah. It’s that raising awareness. As a company becomes bigger, you’re always going to have maybe two or three people thinking about doing the same thing, and if there’s no awareness between them, you end up duplicating effort.
Ryan Carson: Right, you can’t fix it. Well, that’s all we have time for. Hadi, thank you so much for joining us. I respect what you’ve built and what you’ve done, so thank you for being on the show.
Hadi Hariri: Thank you.
The post Engineering People Podcast, Episode 01: Hadi Hariri appeared first on Treehouse Blog.
The growth of cloud services — with on-demand access to IT services over the Internet — has become one of the biggest evolutions in enterprise technology, but with it, so has the threat of security breaches and other cybercriminal activity. Now it appears that one of the leading companies in cloud services is looking for more ways to double down and fight the latter. Amazon’s AWS has been working on a range of new cryptographic and AI-based tools to help manage the security around cloud-based enterprise services, and it currently has over 130 vacancies for engineers with cryptography skills to help build and run it all.
One significant part of the work has been within a division of AWS called the Automated Reasoning Group, which focuses on identifying security issues and developing new tools to fix them for AWS and its customers based on automated reasoning, a branch of artificial intelligence that covers both computer science and mathematical logic and is aimed at helping computers automatically reason completely or nearly completely.
In recent times, Amazon has registered two new trademarks, Quivela and SideTrail, both of which have connections to ARG.
Classified in its patent application as “computer software for cryptographic protocol specification and verification,” Quivela also has a Github repository within AWS Labs’ profile that describes it as a “prototype tool for proving the security of cryptographic protocols,” developed by the AWS Automated Reasoning Group. (The ARG also has as part of its mission to share code and ideas with the community.)
SideTrail is not on Github, but Byron Cook, an academic who is the founder and director of the AWS Automated Reasoning Group, has co-authored a research paper called “SideTrail: Verifying the Time Balancing of Cryptosystems.” However, the link to the paper, describing what this is about, is no longer working.
The trademark application for SideTrail includes a long list of potential applications (as trademark applications often do). The general idea is cryptography-based security services. Among them: “Computer software, namely, software for monitoring, identifying, tracking, logging, analyzing, verifying, and profiling the health and security of cryptosystems; network encryption software; computer network security software,” “Providing access to hosted operating systems and computer applications through the Internet,” and a smattering of consulting potential: “Consultation in the field of cloud computing; research and development in the field of security and encryption for cryptosystems; research and development in the field of software; research and development in the field of information technology; computer systems analysis.”
Added to this, in July, a customer of AWS started testing out two other new cryptographic tools developed by the ARG also for improving an organization’s cybersecurity. Tiros and Zelkova, as the two tools are called, are math-based techniques that variously evaluate access control schemes, security configurations and feedback based on different setups to help troubleshoot and prove the effectiveness of security systems across storage (S3) buckets.
Amazon has not trademarked Tiros and Zelkova. A Zelkova trademark, for financial services, appears to be registered as an LLC called “Zelkova Acquisition” in Las Vegas, while there is no active trademark listed for Tiros.
Amazon declined to respond to our questions about the trademarks. A selection of people we contacted associated with the projects did not respond to requests for comment.
More generally, cryptography is a central part of how IT services are secured: Amazon’s Automated Reasoning Group has been around since 2014 working in this area. But Amazon appears to be doing more now both to ramp up the tools it produces and consider how it can be applied across the wider business. A quick look on open vacancies at the company shows that there are currently 132 openings at Amazon for people with cryptography skills.
“Cloud is the new computer, the Earth is the motherboard and data centers are the cards,” Cook said in a lecture he delivered recently describing AWS and the work that the ARG is doing to help AWS grow. “The challenge is that as [AWS] scales it needs to be ever more secure… How does AWS continue to scale quickly and securely?
“AWS has made a big bet on our community,” he continued, as one answer to that question. That’s led to an expansion of the group’s activities in areas like formal verification and beyond, as a way of working with customers and encouraging them to move more data to the cloud.
Amazon is also making some key acquisitions also to build up its cloud security footprint, such as Sqrrl and Harvest.ai, two AI-based security startups whose founding teams both happen to have worked at the NSA.
Amazon’s AWS division pulled in over $6 billion in revenues last quarter with $1.6 billion in operating income, a healthy margin that underscores the shift that businesses and other organizations are making to cloud-based services.
Security is an essential component of how that business will continue to grow for Amazon and the wider industry: more trust in the infrastructure, and more proofs that cloud architectures can work better than using and scaling the legacy systems that businesses use today, will bolster the business. And it’s also essential, given the rise of breaches and ever more sophisticated cyber crimes. Gartner estimates that cloud-based security services will be a $6.9 billion market this year, rising to nearly $9 billion by 2020.
Automated tools that help human security specialists do their jobs better is an area that others like Microsoft are also eyeing up. Last year, it acquired Israeli security firm Hexadite, which offers remediation services to complement and bolster the work done by enterprise security specialists.
The OpenStack Foundation today released the 18th version of its namesake open-source cloud infrastructure software. The project has had its ups and downs, but it remains the de facto standard for running and managing large private clouds.
What’s been interesting to watch over the years is how the project’s releases have mirrored what’s been happening in the wider world of enterprise software. The core features of the platform (compute, storage, networking) are very much in place at this point, allowing the project to look forward and to add new features that enterprises are now requesting.
The new release, dubbed Rocky, puts an emphasis on bare metal clouds, for example. While the majority of enterprises still run their workloads in virtual machines, a lot of them are now looking at containers as an alternative with less overhead and the promise of faster development cycles. Many of these enterprises want to run those containers on bare metal clouds and the project is reacting to this with its “Ironic” project that offers all of the management and automation features necessary to run these kinds of deployments.
“There’s a couple of big features that landed in Ironic in the Rocky release cycle that we think really set it up well for OpenStack bare clouds to be the foundation for both running VMs and containers,” OpenStack Foundation VP of marketing and community Lauren Sell told me.
Ironic itself isn’t new, but in today’s update, Ironic gets use-managed BIOS settings (to configure power management, for example) and RAM disk support for high-performance computing workloads. Magnum, OpenStack’s service for using container engines like Docker Swarm, Apache Mesos and Kubernetes, is now also a Kubernetes certified installer, meaning that users can be confident that OpenStack and Kubernetes work together just like a user would expect.
Another trend that’s becoming quite apparent is that many enterprises that build their own private clouds do so because they have very specific hardware needs. Often, that includes GPUs and FPGAs, for example, for machine learning workloads. To make it easier for these businesses to use OpenStack, the project now includes a lifecycle management service for these kinds of accelerators.
“Specialized hardware is getting a lot of traction right now,” OpenStack CTO Mark Collier noted. “And what’s interesting is that FPGAs have been around for a long time but people are finding out that they are really useful for certain types of AI, because they’re really good at doing the relatively simple math that you need to repeat over and over again millions of times. It’s kind of interesting to see this kind of resurgence of certain types of hardware that maybe was seen as going to be disrupted by cloud and now it’s making a roaring comeback.”
With this update, the OpenStack project is also enabling easier upgrades, something that was long a daunting process for enterprises. Because it was so hard, many chose to simply not update to the latest releases and often stayed a few releases behind. Now, the so-called Fast Forward Upgrade feature allows these users to get on new releases faster, even if they are well behind the project’s own cycle. Oath, which owns TechCrunch, runs a massive OpenStack cloud, for example, and the team recently upgraded a 20,000-core deployment from Juno (the 10th OpenStack release) to Ocata (the 15th release).
The fact that Vexxhost, a Canadian cloud provider, is already offering support for the Rocky release in its new Silicon Valley cloud today is yet another sign that updates are getting a bit easier (and the whole public cloud side of OpenStack, too, often gets overlooked, but continues to grow).
When it comes to doing business, the Internet is vital. And, when it goes down, panic usually sets in. Currently, Internet subscribers are at the mercy of their providers and there is nothing that can be done to remedy the situation. But, things have changed. Hughes Network Systems has created a solution that will keep the Internet going strong, even during those unexpected and unwanted outages.
Hughes Network Systems provides broadband satellite service for business and residential customers. Their Internet services reach the people who are unable to connect via cable and phone lines. Their Internet service, known as HughesNet, serves more than 1.2 million customers. They also have a program called HughesON, which uses satellite and traditional methods to keep large businesses and government entities connected at all times.
Hughes Network Systems has a new program they call HughesNet Internet Continuity that can fill the void that Internet outages bring. By subscribing to this program, Internet users will be able to access satellite Internet when the terrestrial options go down. Then, when the terrestrial Internet is running again, the satellite Internet stops. This is a must-have service for any business that relies on the Internet for productivity and sales. It can be used by residential and business customers who rely on cable, fiber, or DSL Internet.
Residential and business Internet users usually do not subscribe to satellite Internet as their first choice, simply because the cost is prohibitive. Terrestrial Internet is more affordable for those who have it readily available. But, this backup Internet service is worth the expense because it keeps business moving.
Most who rely on terrestrial Internet know that outages happen. Those outages can be weather-related and they can be caused by equipment problems and hardware degradation. Because HughesNet does not rely on those terrestrial lines, it can provide this useful automatic backup system.
Business is able to keep moving because of the way the backup system is set up by HughesNet. It uses a Wi-Fi modem, an antenna, and radio, along with a special router to switch back and forth between the terrestrial and satellite service. The backup equipment can be purchased or leased. It should be professionally installed. Businesses can keep swiping credit cards and making sales using the HughesNet Failover Router, as long as the power is still running the router.
The price to use HughesNet Internet Continuity starts at $39.99 per month. There are several plans available. Downloads happen at 25 Mbps and uploads at 3 Mbps. Learn more about the service here. Don’t let Internet downtime negatively affect your business.
InVision today announced a newly expanded integration and strategic partnership with Atlassian that will let users of Confluence, Trello and Jira see and share InVision prototypes from within those programs.
Atlassian’s product suite is built around making product teams faster and more efficient. These tools streamline and organize communication so developers and designers can focus on getting the job done. Meanwhile, InVision’s collaboration platform has caught on to the idea that design is now a team sport, letting designers, engineers, executives and other shareholders be involved in the design process right from the get-go.
Specifically, the expanded integration allows designers to share InVision Studio designs and prototypes right within Jira, Trello and Confluence. InVision Studio was unveiled late last year, offering designers an alternative to Sketch and Adobe.
Given the way design and development teams use both product suites, it only makes sense to let these product suites communicate with one another.
As part of the partnership, Atlassian has also made a strategic financial investment in InVision, though the companies declined to share the amount.
Here’s what InVision CEO Clark Valberg had to say about it in a prepared statement:
In today’s digital world creating delightful, highly effective customer experiences has become a central business imperative for every company in the world. InVision and Atlassian represent the essential platforms for organizations looking to unleash the potential of their design and development teams. We’re looking forward to all the opportunities to deepen our relationship on both a product and strategic basis, and build toward a more cohesive digital product operating system that enables every organization to build better products, faster.
InVision has been working to position itself as the Salesforce of the design world. Alongside InVision and InVision Studio, the company has also built out an asset and app store, as well as launched a small fund to invest in design startups. In short, InVision wants the design ecosystem to revolve around it.
Considering that InVision has raised more than $200 million, and serves 4 million users, including 80 percent of the Fortune 500, it would seem that the strategy is paying off.
Ranks No. 29 on Fortune’s 100 Fastest-Growing Companies List BOSTON, Aug. 30, 2018 (GLOBE NEWSWIRE) — LogMeIn (Nasdaq:LOGM) announced today it has been named the only company in Boston to Fortune magazine’s 2018 100 Fastest-Growing Companies list. The annual Fortune list recognizes top three-year
The post LogMeIn Named Fastest Growing Company in Boston by Fortune appeared first on CloudTweaks.
With the European Parliament calling for the suspension of Privacy Shield from 1st September, how should ethical, customer-centric organisations respond? Bill Mew, Cloud Strategist at UKCloud, gives a perspective from the UK. Privacy is not just a legal obligation, it
The post Data Sovereignty: the ONLY truly safe path to avoid Privacy Shield turmoil appeared first on CloudTweaks.
Local authorities are currently investigating a data breach at a Chinese hotel group that could have exposed customers’ personal information. According to the Xinhua state news agency, Shanghai police launched an investigation into a data security incident involving Chinese hotel management company Huazhu Hotels Group Ltd. A report from Beijing News reveals that the trouble […]… Read More
The post Police Investigating Data Breach at Chinese Hotel Group appeared first on The State of Security.
The Conference Board recently released survey results that found "51 percent of U.S. employees feel overall satisfied with their job."
This is quite a bit lower than the level reported by independent workers in the 2018 MBO Partners State of Independence study. It found 72% of independent workers report being satisfied.
The two studies asked slightly different satisfaction questions. The Conference Board asked:
“To what extent are you satisfied with your current job?”
The MBO Partners survey asked:
"Please rate your overall satisfaction with being an independent worker."
These questions are close enough, we think, for a directional comparison. And it's clear more independent workers are satisfied than those with traditional jobs.
These results are also consistent with our past studies where we've asked both independent workers and those with traditional jobs the same question about how satisfied they are.
In those studies independent workers have consistently reported higher levels of satisfaction than traditional job holders.
Based on our broader research, and the research of others, we think this is due to the work flexibility, autonomy and control most independent workers have.
This is reinforced in the Conference Board Study. They found traditional job holders making $75,000 a year or more have higher satisfaction levels than those earning less. They attribute this in part to higher earners having more control over their work.
Key quote from the Wall Street Journal article on the study, U.S. Workers Report Highest Job Satisfaction Since 2005 on the higher earning job holders:
“These are higher-skilled workers, managers, and they tend to have more control over their day-to-day work activities,” said Rebecca Ray, leader of The Conference Board’s human capital practice. “Having more control can drive a lot of how you feel about the job.”
As you can see from the Wall Street Journal chart below, the differences in satisfaction for traditional job holders is quite large.
In our work we've found only modest differences between the satisfaction levels of low and high income independent workers.
We think this is because many lower earning independents report having work flexibility, autonomy and control. We've also found in our work having these tightly correlates with independent worker satisfaction - and is a much stronger indicator of satisfaction than income is.
But relatively few lower earning traditional jobholders have these.
So it makes sense that satisfaction level differences are greater between higher earning and lower earning traditional workers than for higher and lower earning independent workers.
And it also makes sense that independent workers overall have higher levels of satisfaction. This is due to more of them having work flexibility, autonomy and control.
At this point, the Center for Internet Security’s Security Controls are an industry standard for technical cyber security. The first six basic controls can prevent 85 percent of the most common cyber attacks, and even though the controls have been developed with traditional data centers and process in mind, there is no reason they can’t […]… Read More
The post How DevOps and CIS Security Controls Fit Together appeared first on The State of Security.
In the healthcare industry, data sets are growing rapidly, both in volume and complexity, as the sources and types of data keep on multiplying. As of now, 30 percent of the world’s information is assessed to be medical services data, and in the U.S., many hospitals collect over 100 data points per patient per day. […]… Read More
The post Evolution of Cyber Security in Healthcare appeared first on The State of Security.
The hot topic in storage today is NVMe, an open standards protocol for digital communications between servers and non-volatile memory storage. It replaces the SCSI protocol that was designed and implemented for mechanical hard drives which processed one command at a time. NVMe was designed for flash and other non-volatile storage devices that may be in our future. The command set is leaner, and it supports a nearly unlimited queue depth that takes advantage of the parallel nature of flash drives (a max 64K queue depth for up to 64K separate queues). The NVMe protocol is designed to transport signals over a PCIe bus and removes the need for an I/O controller between the server CPU and the flash drives.
PCIe (Peripheral Component Interconnect Express) is a standard type of connection for internal devices in a computer. NVMe SSD devices connected to PCIe has been available in PCs for some time. Hitachi Vantara has implemented NVMe on our hyperconverged, Unified Compute Platform (UCP HC), where internal NVMe flash drives are connected directly to the servers through PCIe. The benefit of this is having a software-defined storage element and virtual server hypervisor on the same system where you can access NVMe at high speed. It makes sense to us to first bring the performance advantages of NVMe to commodity storage like our UCP HC because improvements will be greater for our customers. There are considerations though: since there is not a separate storage controller, data services will have to be done by the host CPU which adds overhead. If a VM has to access another node to find data, you lose time. For smaller data sets this isn't an issue, but as the workload increases, this negates some of the performance advantages of NVMe. However, you are still ahead of the game compared to SCSI devices and UCP HC with NVMe is a great option for hyperconverged infrastructure workloads.
NVMe is definitely the future, but the storage industry is not quite there yet with products that can fully take advantage of the technology. PCIe has not broken out of the individual computer enclosure to function as a high-speed, wide bandwidth, scalable serial interconnect of several meters in length between control platforms and I/O, data storage or other boxes within an I/O rack. Here are the current proposals for NVMe transport:
Clearly this is an evolving area and most storage solutions that are available with NVMe today use PCIe for the back-end transport. NVMe SSDs plug into a PCIe backplane or switch which plugs directly into the PCI root complex. However, PCIe has limited scalability. There’s a relatively low number of flash devices that can reside on the bus. This is okay for hyperconverged storage but it’s not what most customers are used to dealing with in All Flash Arrays. Scalable enterprise NVMe storage arrays will likely require a fabric on the backend.
What one would like is an NVMe, All Flash Array, with an enterprise controller for data services and shared connectivity over a high-speed fabric. The backend Flash devices could connect to the controller or data services engine over an internal NVMe-oF, which would in turn connect to a host system using an external NVMe-oF using FC or RDMA. Since PCIe connections are limited in distance and do not handle switching, a fabric layer is required for host connectivity to external storage systems. While NVMe standards are available, both FC-NVMe and NMVe-oF are still works in progress since Rev1 of the NVMe-oF standards was published in June of 2016 by the NVM Express organization, and Rev 1 of the FC-NVMe standard was just released last summer by the T11 committee of INCITs. Only a few proprietary implementations are available today. Several of our competitors have announced AFAs that they claim to be NVMe “fabric ready”. In fact, they are promoting features that have not been tested for performance, resiliency or scalability and are based on incomplete standards that are still evolving. Implementing based on these promises can add a huge risk to your installation and tie you to a platform that may never deliver up to the hype.
Here is where I believe we are in the NVMe introduction of enterprise storage arrays.
NVMe-oF is needed to scale the connectivity and speed up the transmission of data between an NVMe SSD device and controller and FC-NVMe or NVMe-oF can do the same between the controller and a fabric connected host. However, there is a lot that goes on in the SSD device, the controller, the fabric, and the host that can affect the overall throughput. In fact, the congestion caused by the higher speeds of NVMe and the higher queue depths can negate the transmission speeds unless the entire system is designed for NVMe.
On the backend, flash drives require a lot of software and a lot of processing power for mapping pages to blocks, wear leveling, extended ECC, data refresh, housekeeping, and other management tasks which can limit performance, degrade durability, and limit the capacity of the flash device. The higher I/O rates of NVMe could create bottlenecks in these software functions, especially on writes. While Hitachi Vantara Flash storage systems can use standard SAS SSDs, we also provide our own flash modules, the FMD, FMD DC2 (with inline compression), and the FMD HD for high capacity (14TB) to improve the performance, durability and capacity of NAND devices. In order to support these processing requirements, the FMDs from Hitachi Vantara are built with a quad core multiprocessor, with 8 lanes of PCIe on the FMD PCBA and integrated flash controller logic, which supports 32 paths to the flash array. Having direct access to the engineering resources of Hitachi Ltd., Hitachi Vantara is able to deliver patented new technology in our FMDs, which sets it apart from competitive flash vendors. As the NVMe rollout progresses, expect to see other vendors trying to catch up with us by putting more processing power into their flash modules. This advantage that Hitachi has from our years of flash hardware engineering efforts is one of the reasons why we aren’t rushing NVMe into our Virtual Storage Platform (VSP) all-flash arrays. Our customers are already seeing best-in-class performance levels today.
One of the biggest reasons for a controller or data services engine is to be able to have a pool of storage that can be shared over a fabric by multiple hosts. This enables hosts and storage to be scaled separately for operational simplicity, storage efficiency and lower costs. Controllers also offload a lot of enterprise functions that are needed for availability, disaster recovery, clones, copies, dedupe, compression, etc. Because of their central role, controllers have to be designed for high availability and scalability to avoid being the bottleneck in the system. Dedupe and Compression are key requirements for reducing the cost of flash and are done in the controller if both are required (note that compression is done in the FMD when they are installed but in the controllers for SSDs). The new controllers for an NVMe controller must support all these functions while talking NVMe to the backend flash devices and FC-NVMe or NVMe-oF across the fabric to the multiple hosts. Here again, the increase in workloads due to NVMe could create bottlenecks in the controller functions unless it’s been designed to handle it.
Over the many generations of VSP and the VSP controller software, SVOS; Hitachi has been optimizing the hardware and software for the higher performance and throughput of flash devices. The latest version of Storage Virtualization Operating System RF (SVOS RF) was designed specifically to combine QoS with a flash aware I/O stack to eliminate I/O latency and processing overhead. WWN, ports, and LUN level QoS, provide throughput and transaction controls to eliminate the cascading effects of noisy neighbors which is crucial when multiple NVMe hosts are vying for storage resources. For low latency flash, the SVOS RF priority handling feature bypasses cache staging and avoids cache slot allocation latency for 3x read throughput and 65% lower response time. We have also increased compute efficiency, enabling us to deliver up to 71% more IOPS per core. This is important today and in the future because it allows us to free up CPU resources for other purposes, like high speed media. Dedupe and compression overheads have been greatly reduced by SVOS RF (allows us to run up to 240% faster while data reduction is active) and hardware assist features. Adaptive Data Reduction (ADR) with artificial Intelligence (AI) can detect, in real time, sequential data streams, data migration or copy requests that can more effectively be handled inline. Alternatively, random data writes to cells that are undergoing frequent changes will be handled in a post-process manner to avoid thrashing on the controllers. Without getting into too much technical detail, suffice it to say that the controller has a lot to do with overall performance and more will be required when NVMe is implemented. The good news is that we’ve done a lot of the necessary design work within SVOS to optimize the data services engine in VSP for NVMe workloads.
From a fabric standpoint FC-NVMe can operate over a FC Fabric, so data centers could potentially use the technology they have in place by upgrading the firmware in their switches. The host bus adapters (HBA) would need to be replaced or upgraded with new drivers and the switches and HBAs could be upgraded to 36 Gbps to get the performance promised by NVMe. If NVMe-oF is desired, it will require RDMA implementations which means Infiniband, iWARP or RDMA over Converged Ethernet (RoCE). Vendors, such as Mellanox, offer adaptor cards capable of speeds as much as 200 Gbps for both Infiniband and Ethernet. Considerations need to be given for the faster speeds, higher queue depths, LUN masking, and QoS, etc, otherwise congestion in the fabrics will degrade performance. More information about NVMe over fabric can be found in blogs by our partners Broadcom/Brocade and Cisco. J Metz of Cisco published a recent tutorial on Fabrics for SNIA.
Another consideration will be whether the current applications can keep up with the volume of I/O. When programs knew they were talking to disk storage, they could branch out and do something else while the data was accessed and transferred into its memory space. Now it may be better to just wait for the data rather than go through the overhead of branching out, waiting for interrupts and branching back.
NVMe is definitely in our future. However, moving to NVMe will take careful planning on the part of the vendors and consumers. You don’t want to jump at the first implementation and find out later that you have painted yourself into a corner. Although the Hitachi Vantara VSP F series of all flash arrays do not support NVMe at this time, it compares very favorably with products which have introduced NVMe.
A recent, August 6, 2018, Gartner Critical Capabilities for Solid State Arrays report provides some answers. In terms of performance rating, the VSP F series came in third in front of several vendors that had NVMe. This evaluation did not include the latest SVOS RF and VSP F900/F700/F370/F350 enhancements which were announced in May because they did not make Gartner’s cutoff date for this year’s evaluation. These new enhancements featured an improved overall flash design, with 3x more IOPS, lower latency and 2.5x more capacity than previous VSP all flash systems.
The only two vendors ahead of the F series in performance are the Kaminario K2 and the Pure Storage Flash Blade, none of which have the high reliability, scalability and enterprise data services of the VSP. In fact, the VSP F series placed the highest in RAS (reliability, availability, serviceability) of all 18 products that were evaluated. The Kaminario K2 has a proprietary NVMe-oF host connection which they call NVMeF,and the Pure Storage NVMe arrays followed us with a DirectFlash storage module instead of the standard SSD. One can assume that the performance of the Hitachi Vantara All Flash Arrays would be higher if the new models of the VSP and SVOS RF had been included in the evaluation. Here are the Product scores for the High-Performance Use Case for the top three places on a scale from 1 to 5 with 5 being the highest.
Kaminario K2 4.13
Pure Storage FlashBlade 4.08
Hitachi VSP F Series 4.03
Pure Storage M and X Series 4.03
Hitachi product management leadership has confirmed that our VSP core storage will include NVMe in 2019, and we are happy to share more roadmap details to interested customers on an NDA basis. In the meantime I recommend that you follow the NVMe blog posts by Mark Adamsand Nathan Moffit
