Connect with us

Cloud

The Data Centre Universe & 2020’s Top Cyber Security Questions

Published

on

Top Cyber Security Questions

Have you ever wondered what would happen if two people who believe big compute is the real centre of the universe were to meet in the same room? Well, wonder no more.

In this podcast, I had the pleasure of interviewing Bill Giard, CTO of Digital Transformation and Scale Solutions at Intel. As we’re experiencing a massive growth phase, I was keen to get Bill’s thoughts on how to maintain performance and security hence discussing various questions related to cyber security.

As a result of his long career working at Intel, Bill has a unique perspective on Cloud Service Providers (CSPs) and enterprise customers, from the chip to switches, routers, and servers. The best part is that he got transferred to Intel’s Data Platform Group (DCPG) during the beginning of the digital transformation.

As part of the DCPG team, Bill helped shape Intel’s cloud strategy, technologies, and architectures. In this podcast conversation, Bill explains the sheer breadth, depth and strategic complexity of Intel’s services and markets; you might now visualise Bill as someone with significant personal experience and resulting knowledge base.

After covering what the year 2019 entailed for him and his team, Bill went on to highlight trends he thought would continue to thrive in coming years, such as Hybrid and multi-cloud computing, Security Analytics & AI.

There can be little doubt that security needs to be one of our first concerns, so much soven Bill affirms that security is not just to be handled by security officers, but needs to now be a mainstream focus area for CIOs as well, in addition to security roles including CISOs.

There are various attack vectors and several risk profiles that we can’t just approach, thinking we can simply create a moat and a firewall in the older, angular Celtic castle model – as all too often we find that threats come from inside, that old design pattern simply doesn’t work anymore. Cybersecurity must be all-inclusive from language, behaviour, and culture to the chip level.

You need to “top your game”, as Bill puts it, which requires constant learning, and a platform approach to security. Intel has a fantastic legacy of baking security into the DNA of original silicon wafer levels of their technology, which I have always felt was a key driver of their success in this space. It allows them an enormous advantage point, as security is quite literally built-in, all the way up through the technology stack.

Bill even mentioned in this post-Snowden era that everyone needs to have an attack strategy and consider how to address insider threats, and those become even more vital as computing continues outside traditional data centres.

Bill stated, “We’ve done great security work in the public cloud, but at the edge, the security controls are just not there.”

He went on to say “Building security at the server and platform level is the only way you’re going to address security on the edge in distributed computing client globally. The landscape changes but the one truth exists, you have to bake security and performance in at the very early design phases.”

Everything appears to be unique, yet we’re actually managing a significant volume of similar things, often in entirely different and unique ways, resulting in duplication of effort and reduced value from investments.

From phishing to network engineers, human interactions are at every place, in each layer. It needs continuous attention. Be careful around continued education and execute advanced controls.

“Shrink the attack surface.” says Bill, “Hardware security helps us mitigate the breadth and reach those breaches achieve. We can bring that firewalling down into the socket with advanced silicon technologies and software around the core cache and memory to isolate that.”

Bill and I additionally discussed many of the really significant changes and challenges in the cloud this last year, be it the shift from data centre aisles of racks and administration programming to a defined framework through to the shift to new DevOps organisation models with Docker and Kubernetes. Here is a shift in thinking and approach to technical problem solving that is needed for IT, which never existed before, and it’s triggering huge cultural and behavioural changes. You’ll discover all of this and more like Bill, and I get to the cybersecurity questions in this podcast.

Bill states that he believes the key to solving today’s bigger business and technology challenges is to break the work down into small sections, stay flexible, and follow what people are excited about – that’s the opener to inspiring cultural transformations.

So as we prepare for what the year 2020 may bring, security needs get even more apparent and strong, but so does the cloud ecosystem. Both choices and competition are in abundance. People are not only involved in multi-cloud strategies; they are getting better at requiring full system-wide integration. It is about realising the complete “API economy”

Due to the type of service, or price point, we can now pick workloads in several places; the question now is, do we need to make better choices about where we put those workloads, whether internal private cloud with cloud design models or deploying into public cloud leveraging the likes of container solutions such as Docker and Kubernetes?

Bill and I also discuss cloud decision-making going away from price and even from agility. Determining workload location needs to be more about what’s the proper foundation for the workload, based on below four characteristics:

  • The volume of the data: how you are using it, where you’re exhibiting it (as in production), and if you have to transfer it.
  • Performance characteristics – do you require low latency, and who are you seeking to reach; a global salesforce could need a distributed infrastructure across the globe.
  • Security cybersecurity questions
  • Integration level with systems.

Bill stated that “Workload placement is really still at the forefront of what most organisations are doing, and then, what’s the right infrastructure to support where the application and data needs to be?”

I’m genuinely passionate about Intel’s one API” focus and the potential to drive common, consistent API models into numerous private, public, or hybrid clouds. I like the idea that I don’t need to consider the foundation at the CSP level; I just need to look at the relevant APIs and receive that service.

Bill admits that we will notice more uniform compatibility. The big providers encourage that while still allowing differentiation within their own stack. The business outcome report will take some time, but it’s occurring; it’s turning into a more significant factor in the decision-making.

I won’t reveal the ultimate crystal ball answer at the conclusion of the podcast; I’ll just note that it has to do with the genuine impact of distributed edge computing in a multi-cloud environment with quantum computing capabilities. Bill speaks about preparing for it, and his advice is to begin now and don’t wait to potentially have competitors beat you to it.

I am grateful to Bill and the Intel team for making this podcast possible. Here are a few reference links you can go through about the topics and top cyber security questions Bill and I discussed. Check out:

Cloud

DBA and the Cloud: Not Never, Always, All, or Nothing!

Published

on

As more and more data is pumped into the cloud the necessity of the DBA is being questioned. Of course, not by DBAs, but by almost everybody else. Most DBAs are, more than likely, shaking their heads and trying to figure out why folks think they are now dispensable.

You see, the typical extolled value proposition of cloud computing is to reduce cost and minimise work. And sure, if you implement your cloud computing strategy effectively, it is possible to achieve both of these objectives. But wise organisations will not be eliminating all of their DBAs even as they move more work and data to the cloud.

So let’s say your organisation has moved one of its large enterprise databases to a managed cloud service. Doesn’t matter which one, just that the cloud database will be managed by the cloud service provider. Management looks at this and inevitably thinks “If the cloud provider is managing the database why do I need DBAs? That was their job.”

Certainly this is an understandable position unless you review what is actually going on. It gets to a basic point — one highlighted in the title of this post — that I frequently make: “Almost never say always or never or all or nothing!” Yes, the promise of cloud database is to remove tedious, rote processes like backups (note I did NOT say recovery), upgrades, and other simple administrative efforts. But it does not remove ALL of them. There are still many things that require DBA attention and you will want your DBA staff to be there to ensure that they are handled.

First, look at backup and recovery. It is definitely possible for a remote managed service provider to perform some standard backups on your databases. That said, based on your application needs and recovery time objectives, you may need more than a simple daily backup. DBAs will know this and be able to work with the cloud provider to either provide customised backup scheduling or to do it themselves.

From a recovery perspective, the cloud service provider is certainly capable of performing recovery from a catastrophic hardware failure. After all, the hardware is their responsibility, too. But what about an application recovery, where only certain transactions need to be backed out? Or what is an application process encounters an issue that requires only certain objects to be recovered? It is unlikely that your cloud provider has this level of intimate knowledge of your applications’ but your DBAs will.

And recovery is just one example. Think about software upgrades and patches. Most DBAs will be thrilled to rid themselves of this laborious and tedious task. Turning it over to the cloud service provider makes sense. But even then there are things that your DBAs must get involved with. Why is that?

Well, most cloud service providers are unwilling to take on understanding your applications. But it is not uncommon for a new DBMS version (or even a patch) to change things like reserved words or even SQL functionality. So what if an application is using one of the new reserved words as a variable? Or what if the results of an SQL statement changes because of a tweak to the results that a built-in function returns? Or what if a problem is corrected in the new version that stops some SQL from working? All of these are real examples of issues that I have faced as a DBA over the years. And they are things that your cloud service provider will not fix for you.

And one final example: most cloud service providers will put the onus of application performance on you. Sure, they will offer monitoring solutions, but interpreting the performance reports and identifying what needs to change in the application typically remains the responsibility of the client. And when it comes to database applications, that is the responsibility of DBAs (in tandem with developers at times).

There are many technical reasons that this is not so. And there are non-technical reasons, too. If you get rid of your DBAs then the only folks who will know your databases in any reasonable detail will be at your cloud service provider. This can be a recipe for disaster because the service provider will always put their companies’ best interests first, as they should. You need DBAs who put your companies’ best interests first!

So pump the brakes before saying that the cloud will make DBAs obsolete!

Continue Reading

Cloud

VMware Container Solution Tanzu: Evolve Event 2

Published

on

VMware Tanzu Container Solutions

On October 26th at 4 pm AEST, I hosted & moderated the 2nd in our “Evolve” series of live-stream expert panel discussions.

Evolve is a series of live stream panel discussions and briefings focused on expert-driven. It offers thought leadership to partners and customers on their most pressing challenges and how HPE and their alliance partners can help with these challenges.

Evolve Event #2 Overview:

This event kicks off with a quick market update on significant trends in the world of Cloud Computing and the adoption of VMware containers in the Enterprise market by Harris Schneiderman. He is the Director of the Hybrid Cloud Practice at HPE.

Following Harris’ opening market update, we continued our “main stage” expert panel discussion. Today, we focused on VMware container Tanzu where our expert panel delves into crucial topics,

  • Challenges and Opportunities.
  • The Technology and Solution Fit
  • The Journey: Trials & Deployment to Operational.

This events panel includes::

Host & Moderator:

Dez Blanchfield ( connecting from Sydney )

+ Founder / CEO

+ Sociaall Inc.

Panellist #1:

Harris Schneiderman ( connecting from Melbourne )

+ Enterprise Sales Director for the Hybrid Cloud Practice

+ HPE SouthPac ( South Pacific, Australia, and New Zealand )

Panellist #2:

Murali TS (connecting from Singapore )

+ HPE Pointnext APAC

+ Director of Technology for Containers & DevSecOps

Panellist #3:

David Kari ( connecting from Sydney )

+ Head of Solution Engineering

+ VMware Tanzu

Key Panel Topics

Topic #1 – Challenge & Opportunity

At the very beginning, we focused on how & where to implement VMware container solutions; they shared their insights and expertise and real-world instances of where containers can help earn business value.

Topic #2 – Technology & Solution 

Further, the panel addressed how & where to combine them in a business environment and shared knowledge and consumer stories/anecdotes of real-world applications and illustrations on obtaining a competitive benefit with VMware container Tanzu.

Topic #3 – The Journey: Trials & Deployment to Operational

We ask our panel to share their experience and illustrations of where to begin. They explained VMware containers with real-world examples, especially those where their organisations and teams have led or been part. Later, we dive into who companies and organisations must be looking to obtain the support they need from partners who can help them reach thriving results by taking advantage of Container technologies, platforms, and tools like the VMware Tanzu offering.

Q & A Section

We wind up with a brief Q&A section, where our live audience & attendees get to hop into the consolidated experience and brainpower of today’s wonderful panel.

Thank you to the fantastic teams at HPE APAC, HPE Pointnext, and VMware Tanzu. for making it achievable.

For more information, visit:

HPE Australia – http://bit.ly/hpeaustralia
HPE Pointnext – http://bit.ly/hpepointnext 
VMware – http://bit.ly/vmwareaustralia

Continue Reading

Cloud

Huawei Joins Internet Society initiative to Boost Global Internet Security

Published

on

Huawei joins Internet Society Initiative (ISOC)

Huawei has announced that it is to be a founding member of a new program backed by the Internet Society (ISOC) to actively improve global Internet security.

The global economy has never been as interconnected or as reliant on the internet as it is now. And while it may appear to some that the internet is a single coherent entity, it is in fact a massively devolved array of interconnected networks managed by numerous different entities and running on equipment from a variety of different vendors. International cooperation is essential to ensure that is it able to combat the many threats that is faces.

The routing foundations on which the internet is built is relied upon to transport exponentially increasing volumes of digital traffic, but this infrastructure has cracks, and they are growing. Every day goes dozens of incidents affect this routing system. Route hijacking, route leaks, IP address spoofing, and other harmful activities often leading to DDoS attacks, traffic inspection, lost revenue, reputational damage, and more. These incidents not only occur on a global scale, but they are hyper-infectious by nature, with the routing problems faced by one operator rapidly cascading to impact others.

Huawei joins MANRS to strengthen global internet security

To provides crucial fixes to reduce the most common routing threats, the Internet Society has instigated a global initiative called Mutually Agreed Norms for Routing Security (MANRS). Critical to its success is the participation of the router vendors, such as Huawei, which have joined its Equipment Vendor Program (EVP).

Huawei is seeking to lead by example through its active contributions to the new MANRS Equipment Vendor Program, explained Andrei Robachevsky, Senior Director, Technology Programs for the ISOC: “Along with other founding participants in the program, Huawei’s involvement shows the importance network equipment vendors have in Internet routing security, and we hope it will motivate more members of the Internet infrastructure community to continue to make advancements to a more secure Internet for everyone.”

“Routing security is crucial to Internet security, and that includes network devices (e.g., routers and IXP switches), the foundation of the Internet,” added Hank Chen, President of Router Domain, Data Communication Product Line, Huawei. “Over the years, Huawei has dedicated itself to building secure and reliable network devices and has extensive capabilities and experience in the field.” He also stated that Huawei was honored to join MANRS as an active contributor to Internet security.

This kind of contribution and collaboration will be essential if the Internet Society’s MANRS program is to stand any chance of succeeding. All of us who rely so heavily on the internet must hope that it does.

Source: https://www.huawei.com/en/news/

Continue Reading

Trending On Elnion

Copyright © 2021 ELNION ONLINE - All rights reserved.