If youre looking to strengthen your businesss IT security, the solution includes the human factorand its not just about new hires.

Digital transformation can make almost any enterprise better. It brings together collaborators from around the world, draws smarter insights with the help of machine learning, and empowers businesses to become more responsive and innovative.

This combination of ubiquitous connectivity and cloud computing is changing how people workand the kinds of business strategies an enterprise can pursue.

As much as conversations about digital transformation can focus on finding the right kinds of programmers or data scientists, its equally important to emphasize that digital transformation requires the right kind of security professionals.

But when technology improves, enterprises aren't the only ones to experience innovation increases. Hackers and other bad actors can be pretty innovative too. This is one reason its hard to go more than a few weeks without seeing some new data breach, malware risk, or cybercrime in the headlines.

Successful digital transformation boils down to leveraging technology to produce business outcomes, which is a simple idea. But deploying, connecting, protecting, and maintaining those technologies can be enormously complex, making it easy to accidentally expose security vulnerabilities or to react too slowly to a sudden advance in attackers capabilities.

As much as conversations about digital transformation can focus on finding the right kinds of programmers or the right kinds of data scientists, its equally important to emphasize that digital transformation requires the right kind of security professionals.

According to the 2019 The Cybersecurity Workforce Gap report, 82% of employers report a shortage of cybersecurity skills, with 314,000 additional cybersecurity professionals needed as of January 2019.

The need for security professionals is not new. In fact, security is one of the fastest growing job fields, and not just in IT. According to the 2019 (ISC) Cybersecurity Workforce Study, going forward, there will be 10,000 cybersecurity professionals for every 100,000 U.S.-based establishments.

And yet, for all of this need, this CSIS survey showed that 82% of employers report a shortage of cybersecurity skills, with 314,000 additional cybersecurity professionals needed as of January 2019, despite the 716,000 such professionals already in the field.

Think about that: Its as if every single person in Denver were already working in IT security, but because the job is so big, we need everyone in St. Louis to pitch in as well. That is a huge need and a huge shortage.

So whats causing this shortfall? A large part of it is that the professionals in these roles are bogged down by manual work. Between patching servers, maintaining security infrastructure, updating security configurations, and collecting and analyzing data, theres hardly any time left to design proactive cybersecurity.

As with so many issues in the modern workplace, improvements to this people problem lie in the cloud. Most notably, cloud providers maintain and secure the underlying infrastructure,relieving you of some of the more time-consuming manual tasks of infrastructure management.

The cloud provides security by default with systems that simplify IT resource configuration, deployment, and operation throughout the organization. This frees security professionals to concentrate on tasks that are a better use of their time and skills, like designing and modifying security policies, auditing access to critical systems, classifying business-critical content, and investigating anomalous activity through a business lens.

But the cloud offers more than just time. Many cloud providers offer tools and guidance to help users secure their apps and data by letting security teams determine which data is sensitive, who should have access to what, and how to translate the organizations security and regulatory policy to controls. And since the cloud is exposed to users as software and APIs, automation becomes much simpler, resulting in more consistency at scale with fewer opportunities for human errors.

But the cloud offers more than just time. Many cloud providers offer tools and guidance to help users secure their apps and data by letting security teams determine which data is sensitive and who should have access to what. Moreover, since the cloud is exposed to users as software and APIs, automation becomes much simpler, resulting in more consistency at scale with fewer opportunities for human errors.

In addition to the people problem, modern security workforces also find themselves facing a skills problem. Security threats are always evolving, as are the solutions and tools, which means that many established security professionals cant keep up with the skills they need to detect and address new types of attacks. The longer it takes to find solutions, the more productivity may suffer across the organization.

On a deeper level, knowledge of the latest skills is essential to strong DevSecOps. The basic concept of DevSecOps is to build apps with security in mind from the start, rather than the traditional tactic of designing security in toward the end of development or bolting it on after systems and apps are built. Executing this requires a deep knowledge of security skills and tools that grows throughout the development process.

The cloud helps overcome these issues by providing access to the latest technological advancements and giving professionals access to the latest tools without the constant need to acquire and retrain.

Security professionals can also use the cloud to drive DevSecOps by embracing the best practices embedded into cloud-based tools. For example, Google Cloud offers vulnerability scanning, deploy-time controls, and configuration managementtools that underpin Googles own best practices for develop-and-deploy processes. With tools like these, security experts can set up strong security practices from the start that persist throughout the projects life cycle.

Learn more: This Google Cloud Next 19 session explores how enterprises can deliver software faster, without compromising security or reliability.

IT security is only going to become more essential as businesses rely more on technology for innovation and competitive advantage, and the need for professionals who are equipped for the challenge is going to grow as well.

Fortunately, with cloud-based security tools and a healthy amount of security by default, not only can security professionals continue to do their jobs effectively even as the landscape changes, but the next generation of experts will likely already be trained on cloud-based tools. That leaves the major people and skills problems in the IT landscape to those who havent taken advantage of the cloud.

Discover how the highest performers scale DevOps to maximize success. Get the latest Accelerate State of DevOps Report.

See the original post here:
Building IT Security Requires Improving Teams - Forbes

Allen Whipple, distributor business development channel consultant at Hewlett Packard Enterprise, had a simple question for a room full of MSPs.

Are your customers truly protected? he asked. I see all of your heads shaking no. A majority of them are not, right?

Whipple said HPEs claim that its Proliant servers are the worlds most secure industry standard server, is not marketing fluff.

We threw that tagline around all over the place. We mean it, he said, speaking at a breakout session sponsored by D&H Distributing at XChange 2020. When we first designed this server, we took it out to a third party and said Hack this computer. Tear it apart and tell us what you know. Theyre the ones that came back and said, Based on our research you have the worlds most secure industry-standard server. Based on what were seeing, you are two generations ahead of the competition.

He said for the Gen10 model, HPE stopped using third-party chip makers, choosing instead to make its iLO 5 chip itself, and infuse them with security at the point of manufacture.

We took those iLO 5 chips, we brought them in house and we made them layer upon layer out of silicon, he said. We took our HPE firmware and literally embedded it in that silicon. Its like surrounding it with concrete. What does that mean? Its beautiful. Its like a digital handshake. You cannot break that.

Whipple said that while firmware outside of the chip can still be hacked and ransomed, the iLO 5 chip will stay secure.

In the slim chance your Gen10 server is hacked, we are going to provide you with a way to recover your server in a matter of clicks or minutes, instead of days or weeks, he said, speaking specifically about the iLO 5 Advanced chip. You can set the server to check itself once every 24 hours. So once every 24 hours it is going to go and check all the firmware settings and make sure they are in an authentic state. Now if theyre not in an authentic state, its going to give you three options.

He said first, it will allow the user to restore to the last known good state within the previous 24 hours since it last checked.

That is critical, Whipple said. In less than 24 hours you not only can identify the event hack, but you can absolutely be back up and running to how you were before the hack occurred.

He said the second option is that the server will also allow a user to restore it to factory settings which, with VMware, will allow tech support to drop an image on to the system to get it back up and running. Option number three, meanwhile, will allow a user to take the server off line to preserve it for forensics in the event it needs to be used in a hacking investigation.

They can study it, they can look at it, they can see exactly how that ransomware was operating, he said.

The insurance company Marsh & McLennan awarded the server its Cyber Catalyst designation as a top security product calling it: Arguably a close-to-perfect solution. Security that is baked in at the bare metal hardware level is the standard that security risk management professionals should strive for. Marsh will offer discounted insurance rates to those selling Gen 10 servers, Whipple said.

MSPs in the room said they were anxious to return to their shops and get this rolled out everywhere.

We just switched to the HPE ProLiant Servers. Just learning about the iLO 5 Advanced was worth coming to this whole thing, said Jeff Willems, president of CSRA Technologies, an IT service provider to the U.S. military. To be able to roll something back 24 hours earlier if we have a problem, Im going to go back and challenge my guys: Lets get this rolled out everywhere we have ProLiant servers.

Christopher Alghini, the principal G Suite and Google Cloud consultant at Cool Head Tech in Austin, Tex., agreed.

I was very impressed with the iLO advanced chip, and I can see where it would work really well for government and enterprise server installations, he said. For a data center install, these would be perfect devices because of the security and I think also the speed. Even if the chip is breached, to have that evidence to go back to, I think is an excellent idea as well, so theres some recovery in there.

Read this article:
'You Cannot Break That' HPE Says Of The iLO 5 Chip In Gen 10 Servers - CRN: Technology news for channel partners and solution providers

Edge computing refers to information being processed at the edge of the network, rather than being sent to a central cloud server. The benefits of edge computing include reduced latency, reduced costs, increased security and increased business efficiency.

Transferring data from the edge of a network takes time, particularly if the data is being collected in a remote location. While the transfer may usually take less than a second, glitches in the network or an unreliable connection may increase the time required. For some IoT applications, for example, self-driving cars, even a second may be too long.

Imagine a security camera thats monitoring an empty hallway. Theres no need to send hours of large video files of an empty hallway to a cloud server (where you will need to pay to store them). With edge computing, the video could be sent to the cloud only if there is movement detected in the hallway.

Sending less data through a network increases security. Any time you transmit data youre opening yourself up to the possibility of it being stolen or hijacked.

Processing data at the edge of the network can reduce the amount of data thats sent to a cloud server. By storing only the most relevant information on the cloud, it will be easier to locate the information your business needs and to perform analysis on this data.

For example, if a temperature sensor shows a reading of 5 degrees every second, then this information does not need to be sent to the cloud. It only becomes important to transmit this information if the temperature increases outside a preset range.

So, which IoT applications will benefit most from lower latency and costs and increased security and efficiency?

Healthcare, manufacturing and energy are all sectors that can benefit hugely from decreased latency and increased security.

Healthcare is a growing IoT sector. According to a report from research and consulting firm Grand View Research the global healthcare sector will invest nearly $410 billion in IoT devices, software and services in 2022, up from $58.9 billion in 2014.

For IoT devices that process such sensitive information, security and data privacy are paramount. By sending as little information as possible to a central cloud server, patients will retain greater control of their personal data and be less exposed to data breaches.

IoT healthcare devices also require as near to instantaneous as possible decision making. If a persons blood glucose or heart rate monitor registers dangerous readings then that information must be acted on immediately.

By utilizing edge computing, these IoT healthcare applications become less dependent on network connectivity. Patients can feel reassured that, if anything is awry, their IoT healthcare application will notify them as soon as possible, no matter where they are or how strong their internet connection is.

Low latency is crucial for industrial IoT, which is one of the reasons why this sector stands to benefit the most from edge computing.

In a factory setting, if a sensor logs a reading as being too hot, then a machine may need to be shut down immediately. By not sending that data for processing in a central cloud server, action can be taken more quickly.

We discussed why edge computing is vital for IIoT in more depth in a previous blog.

By their very nature, energy and environment IoT applications are often deployed in remote locations. Oil rigs, gas pipelines, wind turbines, hydroelectricity dams, they all stand to benefit from deploying connected solutions and all tend to be located in remote areas where network connections are not always reliable.

Many energy and environment IoT applications need to be able to respond quickly to changing conditions but aretoo remote to be able to benefit from 5G. Edge computing will be immensely useful for IoT applications in this sector. Edge computing will also increase efficiency and reduce cloud server storage costs by only transferring any relevant information.

An IoT application on a wind farm which is collecting data on wind speeds or energy generated could process that data at the edge and only transfer it to a central cloud server if it records data outside a pre-determined norm.

The healthcare, industrial IoT, energy and environment sectors will benefit from adopting edge computing networks. However, this technology will also be beneficial to the Internet of Things as a whole and we expect to see it being widely adopted in the coming years.

According to Gartner, Around 10 percent of enterprise-generated data is created and processed outside a traditional centralized data center or cloud. By 2025, Gartner predicts this figure will reach 75 percent.

More and more data processing will move to the edge, particularly within the world of IoT as IoT applications increase in number and collect more data.

Read this article:
Which IoT Applications will Benefit Most from Edge Computing? - IoT For All

For many oftodays applications and workloads, cloud computing offers the enterprise ahost of advantages over traditional data centers, including lowered operationaland capital expenditures, improved time to market, and the ability todynamically adjust provisioning to meet changing needs globally. Consequently,there has been a massive shift to cloud migration over the past decade, with cloud computing trends showing significantyear-over-year growth since it was first introduced, and Cisco predicting thatby 2021 cloud data centers will process 94 percent of all workloads.According toMarketsandMarkets, the global cloud computing market is projected to surge at acompound annual growth rate (CAGR) of 18 percent to reach approximately $623.3 billion by 2023,up from $272 billion in 2018.

Today, however, we are seeing more companies bringing workloads backinto their data centers or edge environments after having them run in the cloudfor several years because they didnt originally fully understand theirsuitability in a cloud environment. 451Research has referred to this dynamic as cloud repatriation,and a recent survey found that 20 percent of cloud users had already moved atleast one or more of their workloads from the public cloud to a private cloud,and another 40 percent planned to do so in the near future.

All of this begs a deceivingly simple question: How do I know whena workload would be better off running in or outside of the cloud?

When Latency, Availability and ControlAre Key

Aswith any IT decision, an inadequately researched, planned and tested process islikely to cause setbacks for enterprise end-users when the organization atlarge is faced with uncertainty whether to move an application or workload outof the public cloud and return it to an on-premises data center or edgeenvironment.

Very often, moving an application or workload from the cloud makes good business sense when critical operational benchmarks are not being met. This might mean inconsistent application performance, high network latency due to congestion, or concerns about data security. For example, we know of one Fortune 500 financial services firm that was pursuing an initiative to move its applications and data to the public cloud and only later discovered that its corporate policy prohibited placement of personally identifiable information (PII) and other sensitive data beyond their internal network/firewall. Although many security standards are supported by public cloud providers, because of its internal policy, the financial organization opted to keep its data on-premises.

Newsletter

Time is precious, but news has no time. Sign up today to receive daily free updates in your email box from the Data Economy Newsroom.

Somecompanies, such as Dropbox, have chosen to migrate from the public cloud tobenefit their bottom line. While cost is but one criterion for leaving, it is amajor one. In the wake of leaving the cloud, Dropbox was able to save nearly$75 million over two years.

Generallyspeaking, applications that are latency sensitive or have datasets which arelarge and require transport between various locations for processing are primecandidates for repatriation. Consider smart cities and IoT-enabled systems, whichcreate enormous amounts of data. While cloud computing provides a strongenabling platform for these next-gen technologies because it provides thenecessary scale, storage and processing power, edge computing environments willbe needed to overcome limitations in latency and the demand for more localprocessing.

Additionally,if your applications and databases require very high availability orredundancy, they may be best suited to private or hybrid clouds. Repatriation alsoprovides improved control over the applications and enables IT to better planfor potential problems.

Yes,moving to the cloud means a decrease in rack space, power usage and ITrequirements, which results in lower installation, hardware, and upgrade costs.Moreover, cloud computing does liberate IT staff from ongoing maintenance andsupport tasks, freeing them to focus on building the business in more innovativeways. And yet, while many businesses are attracted to the gains associated withpublic or hybrid cloud models, they often do not fully appreciate the strategynecessary to optimize their performance. Fortunately, there are tools to assistIT teams to better understand how their cloud infrastructure is performing.

DemystifyingCloud Decision-Making

Nomatter the shape of an organizations cloud public, private or hybrid data center management solutions can provideIT staff with greater visibility and real-time insight into power usage,thermal consumption, server health and utilization. Among the key benefits arebetter operational control, infrastructure optimization and reduced costs.

Beforeany organization moves its data to the public cloud, the IT staff needs tounderstand how its systems perform internally. The unique requirements of itsapplications, including memory, processing power and operating systems, should determinewhat it provisions in the cloud. Data center management solutions collect andnormalize data to help teams understand their current implementationon-premise, empowering them to make more informed decisions as to what isnecessary in a new cloud configuration.

Intel Data Center Manageris a software solution that collects and analyzes the real-time health, power,and thermals of a variety of devices in data centers. Providing the clarityneeded to improve data center reliability and efficiency, including identifyingunderlying hardware issues before they impact uptime, these tools bring invaluableinsight to increasingly cloudy enterprise IT environments, demystifying thequestion of on-premises, public and hybrid cloud decision-making.

Here are some factors to consider whenmaking a decision about embarking on a course of cloud repatriation:

If you answered yes to a majority of the questions above, it might be time to consider cloud repatriation.

Read the latest from the Data Economy Newsroom:

See more here:
When the Cloud Falls to Earth. Is It Time for Your Organization to Consider Cloud Repatriation? - Data Economy

(Image: Stockfresh)

By 2023, 70% of enterprises will be running some form of hyperconverged infrastructure

Print

Read More: data centre hyperconverged infrastructure virtualisation

Demand for on-premises data centre equipment is shrinking as organisations move workloads to the cloud. But on-prem is far from dead, and one segment that is thriving is hyperconverged infrastructure (HCI).

HCI is a form of scale-out, software-integrated infrastructure that applies a modular approach to compute, network and storage capacity. Rather than silos with specialised hardware, HCI leverages distributed, horizontal blocks of commodity hardware and delivers a single-pane dashboard for reporting and management. Form factors vary: Enterprises can choose to deploy hardware-agnostichyperconvergence softwarefrom vendors such as Nutanix and VMware, or an integrated HCI appliance from vendors such as HP Enterprise, Dell, Cisco, and Lenovo.

The market is growing fast. By 2023, Gartner projects 70% of enterprises will be running some form of hyperconverged infrastructure, up from less than 30% in 2019. And as HCI grows in popularity, cloud providers such as Amazon, Google and Microsoft are providing connections to on-prem HCI products for hybrid deployment and management.

So why is it so popular? Here are some of the top reasons.

A traditional data centre design is comprised of separate storage silos with individual tiers of servers and specialised networking spanning the compute and storage silos. This worked in the pre-cloud era, but it is too rigid for the cloud era. Its untenable for IT teams to take weeks or months to provision new infrastructure so the dev team can produce new apps and get to market quickly, said Greg Smith, vice president of product marketing at Nutanix.

HCI radically simplifies data centre architectures and operations, reducing the time and expense of managing data and delivering apps, he said.

HCI software, such as from Nutanix or VMware, is deployed the same way in both a customers data centre and cloud instances; it runs on bare metal instances in the cloud exactly the same as it does in a data centre. HCI is the best foundation for companies that want to build a hybrid cloud. They can deploy apps in their data centre and meld it with a public cloud, Smith said.

Because its the same on both ends, I can have one team manage an end-to-end hybrid cloud and with confidence that whatever apps run in my private cloud will also run in that public cloud environment, he added.

HCI allows you to consolidate compute, network, and storage into one box, and grow this solution quickly and easily without a lot of downtime, said Tom Lockhart, IT systems manager with Hastings Prince Edward Public Health in Bellville, Ontario, Canada.

In a legacy approach, multiple pieces of hardware a server, Fiber Channel switch, host-based adapters, and a hypervisor have to be installed and configured separately. With hyperconvergence, everything is software-defined. HCI uses the storage in the server, and the software almost entirely auto-configures and detects the hardware, setting up the connections between compute, storage, and networking.

Once we get in on a workload, [customers] typically have a pretty good experience. A few months later, they try another workload, then another, and they start to extend it out of their data centre to remote sites, said Chad Dunn, vice president of product management for HCI at Dell.

They can start small and grow incrementally larger but also have a consistent operating model experience, whether they have 1,000 nodes or three nodes per site across 1,000 sites, whether they have 40 terabytes of data or 40 petabytes. They have consistent software updates where they dont have to retrain their people because its the same toolset, Dunn added.

By starting small, customers find they can reduce their hardware stack to just what they need, rather than overprovision excessive capacity. Moving away from the siloed approach also allows users to eliminate certain hardware.

Josh Goodall, automation engineer with steel fabricator USS-POSCO Industries, said his firm deployed HCI primarily for its ability to do stretched clusters, where the hardware cluster is in two physical locations but linked together. This is primarily for use as a backup, so if one site went down, the other can take over the workload. In the process, though, USS-POSCO got rid of a lot of expensive hardware and software. We eliminated several CPU [software] licenses, we eliminated the SAN from other site, we didnt need SRM [site recovery management] software, and we didnt need Commvault licensing. We saved between $25,000 and $30,000 on annual license renewals, Goodall said.

To run a traditional three-tiered environment, companies need specialists in compute, storage, and networking. With HCI, a company can manage its environment with general technology consultants and staff rather than the more expensive specialists.

HCI has empowered the storage generalist, Smith said. You dont have to hire a storage expert, a network expert. Everyone has to have infrastructure, but they made the actual maintenance of infrastructure a lot easier than under a typical scenario, where a deep level of expertise is needed to manage under those three skill sets.

Lockhart of Hastings Prince Edward Public Health said adding new compute/storage/networking is also much faster when compared to traditional infrastructure. An upgrade to our server cluster was 20 minutes with no down time, versus hours of downtime with an interruption in service using the traditional method, he said.

Instead of concentrating on infrastructure, you can expand the amount of time and resources you spend on workloads, which adds value to your business. When you dont have to worry about infrastructure, you can spend more time on things that add value to your clients, Lockhart adds.

Key elements of hyperconvergence products are their backup, recovery, data protection, and data deduplication capabilities, plus analytics to examine it all. Disaster recovery components are managed from a single dashboard, and HCI monitors not only the on-premises storage but also cloud storage resources. With deduplication, compression rates as high as 55:1, and backups can be done in minutes.

USS-POSCO Industries is an HP Enterprise shop and uses HPEs SimpliVity HCI software, which includes dedupe, backup, and recovery. Goodall said he gets about 12-15:1 compression on mixed workloads, and that has eliminated the need for third-party backup software.

More importantly, recovery timeframes have dropped. The best recent example is a Windows update messed up a manufacturing line, and the error wasnt realised for a few weeks. In about 30 minutes, I rolled through four weeks of backups, updated the system, rebooted and tested a 350GB system. Restoring just one backup would have been a multi-hour process, Goodall said.

HCI products come with a considerable amount of analytics software to monitor workloads and find resource constraints. The monitoring software is consolidated into a single dashboard view of system performance, including negatively impacted performance.

Hastings recently had a problem with a Windows 7 migration, but the HCI model made it easy to get performance info. It showed that workloads, depending on time of day, were running out of memory, and there was excessive CPU queuing and paging, Lockhart said. We had the entire [issue] written up in an hour. It was easy to determine where problems lie. It can take a lot longer without that single-pane-of-glass view.

Goodall said he used to spend up to 50% of his time dealing with storage issues and backup matrixes. Now he spends maybe 20% of his time dealing with it and most of his time tackling and addressing legacy systems. And his apps are better performing under HCI. Weve had no issues with our SQL databases; if anything, weve seen huge performance gain due to the move to full SSDs [instead of hard disks] and the data dedupe, reducing reads and writes in the environment.

IDG News Service

Read More: data centre hyperconverged infrastructure virtualisation

More here:
Reasons to consider hyperconverged infrastructure in the data centre - Small Business