Solutions Blog

Q & A for a Q & A website: Quora, what happened?

By Richard Arneson

Think back to the first time you hopped on the Internet. If you’re under the age of thirty-years-old, it might have been a “meh” moment, if it even registered at all. It was probably lost among the other technological advancements that surrounded your crib. But if you’re older—especially if you’re over 50—you may mark your first day of Internet access as a milestone. You probably remember the first thing you Googled (What is the airspeed velocity of an unladen swallow?), then sat back in amazement as a wealth of information popped up about the subject. Fact-checking didn’t cross your mind; you just couldn’t believe everything, or so it seemed, was  just a few keystrokes away.

While Quora doesn’t merit the same level of technological wonderment, it’s shocking when you first discover how much Q & A info is posted on their site. Yes, a lot of it is nonsensical (“What is the most cringeworthy thing you’ve seen at a bachelor party?”), but much of it is informative. Content aside, it’s very popular—research from 2016 had them logging over 100 million unique visitors each month. I’m not sure I was even aware of Quora in 2016. In other words, that figure is far larger today. And while we’re on the subject of 100 million, that’s also how many Quora users’ data was lifted just six (6) days ago. Yes, I buried the lead.

This is why we can’t have nice things

We learned this at a young age—there’s always somebody or something to spoil all the fun. And in Quora’s case, the wet blanket came in the form of hackers who accessed registered users’ account information, including, among other less spectacular items, passwords and any data that authorized users imported from linked networks. It might be a blip on the cyber security radar screen considering credit card info, social security numbers, bank accounts, etc., weren’t stolen (Quora doesn’t request this type of user info), but it’s another reminder that digital evil is always lurking. Sadly, it always will be. The cat and mouse game continues.

The affected users were promptly notified by Quora and asked to re-set their passwords. They have secured the services of several digital forensics and security companies to conduct thorough investigations, but to date the perpetrator(s) have flown under the radar screen. While it’s not something Quora has mentioned or admitted to, many security analysts suspect they may have cut corners regarding encryption and associated hash functions. While Quora has stated that all passwords were encrypted and hashed with a salt that varies for each user, they didn’t provide additional details about the type of hash function.

According to Dan Goodin, a security analyst at Ars Technica, a technology news website, “The specific hash function matters greatly. If it’s one that uses fewer than 10,000 iterations of a fast algorithm such as MD5 with no cryptographic salt, hackers using off-the-shelf hardware and publicly available word lists can crack as many as 80 percent of the password hashes in a day or two. A function such as bcrypt, by contrast, can prevent a large percentage of hashes from ever being converted into plaintext.”

The takeaway

Please stop using the same password for multiple sites and accounts. If it makes you feel any better, yes, I’ve done this. I’ve ignored and violated this widely publicized, oft-mentioned digital security tip. And there’s really no excuse for it. With the spate of password management tools available, you can create the craziest combination of words, numbers and symbols you’d like. That’s not to say it’s a security panacea, but it can greatly reduce  password-related issues. If I’ve done it, you can, too. Now I can safely login to Quora and submit this gem: “Do you use Miracle Whip or mayonnaise when making tuna salad?”

Security Concerns?

To find out how to secure your organization’s network, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

 

Read more about network security here:

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

They know they want it, but don’t know how to get it…or really understand why they need it

By Richard Arneson

According to a recent study by a London-based research and analytics firm, ninety-one percent (91%) of executives realize the importance of AI and machine learning technologies. However, only slightly more than half of them are currently utilizing it. And less than twenty percent (20%) know how it’s being used in their organization, which makes you wonder if that “slightly over half” figure is really accurate. They know they want it and, as you’ll read below, know how they’d like to use it, but that’s often where the dream dies.

Here’s the problem

At the core of executives’ issues with implementing AI and machine learning is because they don’t really know how to communicate its benefits. They can’t speak to how or why it’s being, or needs to be, used.

These percentages are growing rapidly, but the key decision makers who are in charge of making AI and machine learning happen throughout their organizations are in the same boat. They don’t have enough information or skill sets on board to help match needs and/or adoption levels with AI and machine learning.

It’s one (1) thing to understand that changes need to be made, but another to know precisely where the change is needed. And without fully understanding what AI and machine learning can accomplish, it’s difficult to know what issues it can address. They know adoption is needed to stay competitive in the marketplace, but forking over a lot of dough without knowledge of the technologies and what they can provide is throwing good money after bad…executives don’t like that.

What else they know

The study also uncovered how executives would like to utilize AI and machine learning. Well over fifty percent (50%) want it to enhance employee productivity, which doesn’t come as a surprise. Find an executive who doesn’t want to improve employee output, and you’re looking at an organization that isn’t long for this world. In addition, they want AI and machine learning to help them make better business decision and streamline business processes.

Of those executives whose organizations are currently utilizing AI and machine learning, its ability to automate decisions ranks first, as forty percent (40%) utilize it for exactly that purpose. Second was customer satisfaction and retainment at thirty-six percent (36 percent), with deploying a better way to detect waste and fraud ranking third at thirty-three percent (33%).

Trust

Another study, this one (1) from Deloitte based on interviews with executives regarding AI and machine learning, discovered that the notion of putting blind faith in results is terrifying. The executives know that data, and loads of it, is being analyzed, but haven’t the foggiest what’s done with it and, most importantly, whether what comes out the other side is trustworthy.

And part of that fear lies in the word algorithm. When it’s thrown about, it tends to make people squirm. Whether referring to math, SEO or AI and machine learning, many tend to tense up when they hear it, or stop listening altogether. Algorithm may sound cryptic, but it shouldn’t; it’s simply a mathematical equation. It’s the task(s) algorithms perform, and how they calculate answers and results, that can give people a case of tired head. They think back to that C they got in high school algebra and promptly decide that they’re not equipped to participate in any discussion that includes the word or has anything to do with it.

The aforementioned figures will steadily rise, of course, but its rapidity depends on how much executives understand what AI and machine learning can accomplish, and how to explain its benefits to others, like shareholders.

Education breeds Trust…here’s how to get both

GDT’s tenured, talented solutions architects, engineers and security analysts understand how to positively incorporate change by designing and deploying innovative solutions and technologies―including AI and machine learning―that help customers realize greater productivity, enhanced operations and more revenue. GDT utilizes key partnerships with best-of-breed technology companies to help organizations transform their legacy environments into highly productive digital infrastructures and architectures. You can reach them at SolutionsArchitects@GDT.com or at Engineering @GDT.com. They’d love to hear from you.

You can read more about how AI and Machine Learning are helping organizations, and can help yours, transform your business, click any of the following:

Answer: you get a better solution than your current one

AN AI answer from a VIP provider

Unscrambled, these letters represent some of the hottest topics in the IT industry

Automation and Autonomics: the difference between them is more than a few letters

The only thing we have to fear is DEFINITELY not automation

When being disruptive is a good thing

If you fall victim to it, you won’t end up marking it as “like”

By Richard Arneson

Apparently, scammers get bored, too, at least the ones who find it fun and profitable to generate hustles related to cryptocurrency. They’ve found a new target—Facebook. Their scamming medium of choice has primarily been Twitter, which has for months been littered with fake cryptocurrency advertisements. For Facebook, however, they’ve modified their strategy and tactics. On Twitter, their basic, garden variety scam has been the infamous Bitcoin giveaway (tip: if it’s a giveaway, it’s you who will be giving away something.). For Facebook, their tactic involves luring users into coughing up sensitive info, such as the holy grail of scamming–credit card information.

Here’s how it works…on Facebook, at least

The attackers (I call them miscreants) set up phony pages with a call-to-action in the form of a fake, sponsored ad. After clicking on it, users are directed to a replica CNBC page that promotes an investment opportunity. While claims of big investment opportunities should be the first clue that you’ve ventured into murky digital waters, if it doesn’t and you end up there, you’ll be given the opportunity to purchase a new, shiny cryptocurrency from CashlessPay.

According to the ad, Singapore just announced they’re adopting an official coin, which can only be purchased from CashlessPay. Oh, and it includes fake endorsements from sundry celebrities, including Sir Richard Branson, famed English entrepreneur and owner of The Virgin Group. Gee, if Richard Branson invested in it, it must be good. I’m all in! And that’s exactly what they’re praying to The God of Cybercrime that you’ll be thinking. And, of course, once you pull out your plastic cash and enter in a few digits, you’ve just become a victim. You’ll soon unknowingly purchase high-end electronics throughout the world.

Is Facebook asleep at the wheel?

It seems odd to most that these malicious ads got past Facebook and Twitter in the first place. In the Facebook case, the miscreants were able to slide past their defense mechanisms, odd considering that earlier this year they banned all blockchain and cryptocurrency advertisements. It’s not clear exactly how they circumnavigated Facebook’s security sentinels, but obviously they did. It is interesting, though, that phony cryptocurrencies require payment via bank wires or credit cards.

Twitter appears to be the first social media victim, but they’re not flattered

While Facebook has been scammed for what appears to only be a matter of weeks, Twitter has been battling fake cryptocurrency ads for the past nine (9) months. Initially, Twitter scammers launched armies of bots that mass-spammed links to cryptocurrency giveaways. They tweaked their approach and decided to implement a more selective spamming model. They began hijacking real profiles; one (1) of their favorites was Elon Musk. Other targets soon followed, including several politicians and government accounts. Their piece de resistance? Google and Target, who both fell victim to the scam.

The question now: “Can Facebook remediate this issue faster than Twitter?”

We’ll see.

Security Concerns?

To find out how to secure your organization’s network, contact GDT’s tenured and talented security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

 

Read more about network security here:

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

If content is king, then video is its right-hand man

By Richard Arneson

There’s a reason that YouTube has over a billion unique visitors each month―video works, whether for marketing, training, webcasting, collaboration, or just plain entertainment. But it’s no longer about cute cats or spectacular sports highlights. Video is—or definitely should be–an integral tool in a company’s communications arsenal. Here’s one (1) of the many reasons why:

Cisco predicts that at least eighty percent (80%) of all Internet traffic will be video by the time 2020 arrives. And there are several reasons for their prediction, not the least of which relates to Google and how their search algorithms just love video content. And as long as we’re talking about SEO, several studies estimate that video gets anywhere from thirty to forty percent (30-40%) higher click-through and conversion rates than text. And, let’s face it, we’re living in a video world. People don’t read like they used to, they want something easier to consume that will capture their attention for longer periods of time. Consumers want, as they said in the roaring twenties, moving pictures.

A communications medium this important requires a secure solution you can rely on time and again

A video strategy requires a solution like the one from Vbrick, a 21-year-old, Herndon, VA-based company that offers a cloud-based video platform named Rev. Whether for an enterprise, service provider and government agency, Rev does as its name suggests—rev up video communications. Noted industry research and analyst firms, such as Frost & Sullivan and Forrester, have also taken notice. In fact, Frost & Sullivan named Vbrick a market leader in Enterprise Video Platforms each of the last three (3) years.

Here’s how Vbrick’s Rev Video Platform works

Imagine your organization is trying to push high-def video to tens of thousands of viewers worldwide. You may use Facebook Live or another similar connection method, but imagine trying to accomplish this on your own with team members who may or may not be video literate. It’s risky at best, mortifying―even career impacting―at worst. Not to worry if you use Vbrick, however. They designed their own Enterprise Content Delivery Network (eCDN) so customers’ videos won’t bog down or grind their corporate network to a halt.

Capture your video content…

Rev provides highly intuitive tools that allow customers to live stream content from any device, or upload recorded videos to a highly secure and reliable library.

…Manage it…

Vbrick Rev customers can then customize and design their own, brand-friently video portal.

…and Distribute it!

Vbrick Rev is the only eCDN on the market and is supported by an intelligent and automated mesh structure, which provides customers with the most secure and reliable video delivery service on the market.

But what if I use….?

Yes, Vbrick Rev collaborates seamlessly with best-of-breed infrastructures, including Cisco, Citrix and Riverbed, or any SIP-compliant video conference software. It works so well with Cisco, in fact, that they named Vbrick their 2018 Independent Software Vendor (ISV) Partner of the Year. And Vbrick Rev can accommodate the Single Sign-On (SSO) provider or Active Directory system of your choosing.

GDT and Vbrick―Collaborators in collaboration

GDT’s Collaboration Solutions team has worked with the experts at Vbrick to design and deploy transformative collaboration solutions for enterprises, service providers and government agencies of all sizes. Whether you need to stream video content for an all-hands meeting, deliver training curriculum to remote workers, disseminate enticing marketing information or present electrifying webcasts, GDT’s Collaboration Solutions experts can help. You can reach them at CollabExperts@gdt.com. They’d love to hear from you.

When customers are inspired to share their experiences, these types of awards carry far more weight

By Richard Arneson

There’s a reason so many of today’s awards are attached with the word “Choice”. Let’s be honest, they mean a little more; they carry more weight. And Choice Awards address what we’ve all suspected at one time or another—awards based on judging by a panel of “experts” are fraught with problems. Here’s an example, but keep in mind that I’ve conducted absolutely zero (0) research on the subject―in 1977, Star Wars DID NOT win the Academy Award for Best Picture. It made over a gazillion dollars; people in other solar systems lined up to see it. Not to belittle the winner, but…Annie Hall? Really?  I think this gross oversight is the very reason “Choice” awards were  invented in the first place. “Enough,” said moviegoers, “we’ll start selecting winners.”

 The 2018 Gartner Peer Insights Customers’ Choice Awards

There are awards for the people’s choice, the kids’ choice, the editor’s choice, and on and on. In the business world, though, there’s nothing better than winning a customers’ choice award. It suggests that you’re doing “it” well, whatever “it” refers to. No question, it’s great to be honored by industry experts, trade publications or professional associations. But when customers have stood up to proclaim that what you offer, deliver and manage is exactly what they’d contracted for, it carries more weight. No question.

Now combine a customers’ choice award with Gartner, one (1) of the IT industry’s most influential and trusted research firms, you’ve exponentially added more cachet into the mix—that’s no secret to Juniper Networks. They were recently named one of only three (3) recipients of a 2018 Gartner Peer Insights Customers’ Choice Award for Data Center Networking (there were dozens that didn’t make the cut).

Gartner’s Customers’ Choice Awards are presented to vendors who received at least fifty (50) published customer reviews in the last twelve (12) months, and when averaged have a rating of at least 4.2 stars. Juniper Networks received more than twice the required reviews, and comfortably exceeded the 4.2-star rating. But before you head down the conspiracy theory rabbit hole and suspect fictitious reviews were uploaded, consider who is presenting the awards—Gartner. They understand how to ensure evaluations are fair and untainted. Remember, they’re Gartner; they’re one (1) of the most noteworthy and quoted IT research firms on the planet.

What makes Juniper Networks so special in the world of data center networking?

Because it’s a customers’ choice award, I’ll let several of Juniper’s customers take this one. The following were actual quotes that Gartner utilized in calculating award winners (their titles range from IT administrator to CIO, and everything in between):

“Juniper EX switches are tanks that just work. Junos is a dream to work with.”

“Juniper allows smarter networks for less money.”

“Technology and, more importantly, the people at Juniper have proven to be second to none.”

“Juniper robust, wire speed and flexible technology.”

“Implementation has been easy, and the Juniper switches integrate well into our existing network.”

“Implementation ease, operations, and scalability are top-notch with Juniper.”

You get the idea. There are several dozen just like them that were crafted by technical professionals who work for companies of different sizes and from a wide array of industries. But they all discovered the same thing: selecting Juniper Networks was another type of choice—the perfect one.

Have questions about how your organization can soon enjoy the same features and benefits as these Juniper Networks’ customers? These experts have the answers

GDT’s tenured, talented solutions architects, engineers and security analysts understand how to positively incorporate data center solutions that help customers realize greater productivity, enhanced operations and more revenue. GDT utilizes key partnerships with best-of-breed technology companies, like Juniper Networks, to help organizations transform their legacy environments into highly productive digital infrastructures and architectures. You can reach them at SolutionsArchitects@GDT.com or at Engineering @GDT.com. They’d love to hear from you.

 

You can get more info below regarding the wealth of  technologies,  products, services and issues dotting the IT landscape:

Unwrapping DevOps

Autonomics and Automation–is there a difference?

Answer: you get a solution better than your current one

A-M-D-I-L-L: Unscrambled, these letters represent some of the hottest topics in the IT Industry

A Robust Solution for the entry-level storage customer

Don’t put off ’til tomorrow what you MUST do today

Want to read about a cool, real-world Blockchain application?

When being disruptive is a good thing

Rx for IT departments—a security check-up

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Utilizing an IT Staffing Solutions firm boils down to savings, whether in dollars or time

By Richard Arneson

Raise your hand if you don’t work for an IT staffing agency. If your hand is still in the air, ask yourself this question ― “Do I feel like I’m in the IT staffing business?” You may feel that way if you’ve ever been tasked with finding technical and engineering talent, especially if it’s to complete a project or tackle an initiative that requires a carefully defined technical skill set and a high, and very particular, level of experience. And if you’re in need of augmenting your IT staff for a set period, this means your need to find this professional has been ratcheted up a notch or two (2). Staff augmentation is synonymous with “higher level of urgency.” Nobody wants the right candidate for a project in a few months. Projects are timely. If they’re not, they’re not really projects. They’re things you’ll eventually get around to. No need to augment your IT staff for those ones.

With the range of technologies, technical solutions and certifications that exist today, finding the perfect engineering professional with the right experience is like trying to find a left-handed pitcher with a mid-nineties fastball, throws a wicked curve and can drop in a slider that leaves batters flailing at any pitch within five (5) feet of the strike zone. But it’s more than finding the right certifications, education and experience. It’s also about finding the right soft skills, such as problem solving, communication, work ethic, and time and project management. And will they fit into the department and the company, from a personality, philosophical, even sense-of-humor standpoint?

Cost Savings

It’s been estimated through several studies that it cost approximately a hundred fifty percent (150%) of an employee’s annual salary to fill a position that pays over a hundred thousand dollars ($100,000) annually (Twenty percent (20%) for positions less than $30,000 annually; over two hundred fifty percent (250%) for executive-level positions).

Let’s say you’re looking for a Cisco Certified Network Professional (CCNP). They make, on average, approximately a hundred and ten thousand dollars ($110,000) per year. Expect to spend approximately a hundred and fifty thousand dollars ($150,000) to hire them. Yes, this percentage and the related costs sound staggering, even unbelievable, but when you really dig into the numbers, it starts to make sense. Consider these costs―man hours spent by internal employees and resources, advertising and job board costs, onboarding and training expenses, and fees related to software licensing, employee referrals and memberships. But don’t stop there…

Now consider the costs incurred from not having a professional working on a project or initiative. For instance, is not having them on staff preventing others from designing or deploying a new solution that could be saving costs and time, and/or generating revenue? The numbers start adding up fast, but they’re exorbitant if you need somebody for a set length of time and know they won’t be on staff for the next five (5) to ten (10) years. When spread out over years, the costs to find that CCNP are palatable. If they’re needed for less than a year, not so much.

Time Savings

As the saying goes, “time is money.” It’s trite, yes, but timeworn for good reason. In the business world, time is calculated in dollars. If members of your HR or recruiting team are spending hours (often months) trying to find the perfect technical professional, your company is burning through funds. You may not see invoices cross your desk or checks being cut, but they’re costs, just the same.

Often HR and recruiting professionals don’t put the level of focus on bringing in a professional when they know they won’t be a member of their organization for years to come. But taking this approach is a pay-me-now-or-pay-me-later proposition. If the right person isn’t placed, understand this—you’ll be repeating the entire recruiting process very soon. Trying to shoehorn somebody into a position they’re not qualified or right for will come out in the wash. And if it takes you two (2) months to figure this out, you’ve just spent over $18,000 for the wrong CCNP. While it’s money you won’t get back, you’ll be reminded of it often—especially come budget time.

Do they understand The Language?

If your internal recruiters spend most of their time trying to place professionals outside of IT, there’s a greater than zero percent (0%) chance they don’t understand Technology-speak. Yes, it’s a whole other language, but here’s the rub―some people speak it, but don’t understand it. Does your team know how to detect IT illiteracy? If not, they’ll probably get snowed, which will lead to poor candidate placement(s), additional, unbudgeted costs, frustrated looks from executives, and Ibuprofen runs for recurring staffing headaches. Not being able to detect misrepresentations in candidates’ abilities and/or experience is a budget killer. Your staff needs to know which questions to ask, how to ask them, and can discern when they’re being sold a bill of goods.

Call on the Experts

If you have questions about what to look for in an IT staffing solutions firm, contact the staffing professionals at Staffing@gdt.com. They’d love to hear from you.

Some of the largest, most notable companies in the world have turned to GDT so key initiatives can be matched with the right IT professionals to drive projects to completion. GDT maintains a vast database of IT professionals who maintain the highest levels of certifications and accreditations in the industry. And they understand the importance of finding professionals with the right soft skills. In addition, the IT professionals they place have access to the talented, tenured solutions architects, engineers and professionals at GDT.

To learn more about IT Staffing, read the following…

IT Staff Augmentation–it’s about more than just the resume

Do you need Staff Aug or Outsourcing—or both?

How Companies are benefiting from IT Staff Augmentation

CASE STUDY—GDT Staffing Services delivered the right professional―fast

They were discovered on Google Play, but this is no game

By Richard Arneson

It’s been over three (3) years since Google announced that developers could no longer publish applications on Google Play willy-nilly—that is, without their apps having first been vetted. But that vetting process is largely handled like it is on Apple’s App store—manually. Yes, people are their main source of Malware and app violation detective work. And when there are almost 3 million apps on Google Play, there’s plenty of room for oversight. When people are involved, mistakes are made. And that was made evident this past Tuesday (Nov. 13th) when Lukas Stefanko, a Malware researcher from Slovakia, published his findings. Stefanko discovered four (4) apps on Google Play that were designed to dupe users into inadvertently coughing up their cryptocurrency.

“The Crypto 4”

Stefanko discovered an app that appeared to be developed and offered by legitimate cryptocurrency Ethereum. The app was only downloaded a few hundred times due to its $388 price tag, but when multiplied several times over, the malicious developers did all right for themselves.

Stefanko discovered three (3) apps that mimicked legitimate cryptocurrency wallet companies NEO, Tether and MetaMask.

Cryptocurrency wallets generate a public address and a private key for the user. In the case of NEO and Tether, however, the user was unknowingly provided with the attacker’s public address. Once the app was launched, the user believed that public address had been assigned to them. Then the attacker used their private key to access funds the user had deposited. And when the user would try and access those funds, they didn’t have the private key to withdraw them. It was discovered that the fraudulent NEO and Tether apps were utilizing the same malicious public address.

The MetaMask scam phished for users’ wallet password and private key, asking them to provide both. And if the user believed they had accessed MetaMask—the real MetaMask—it’s quite possible they lost some of their treasured crypto.

Stefanko reported all four (4) scams to Google Security, and they were promptly removed from Google Play.

What is Google doing to prevent this?

They already have…sort of. On July 27th, Google followed Apple’s lead, banning crypto-mining apps that were carried on Google Play. (Apple banned them a month earlier, in June). Google gave developers a 30-day grace period to revise their apps to comply with the new ban. But as recently as last week, it was discovered (not by Stefanko, in this case) that there were still eight (8) crypto-mining apps available from Google Play. Google has reported that three (3) of those apps have been removed, but apparently the following still exist: Crypto miner PRO, Pickaxe Miner and Pocket Miner. Another, Bitcoin Miner, is still carried on Google Play, but is reportedly in compliance with Google’s revised terms.

But before you label Google as being grossly negligent, it’s important to note that last year they jettisoned over five hundred (500) apps that could have easily installed spyware on users’ devices. They’re not sitting by idly. These 500 apps had been downloaded over 100 million times. Thankfully the developer of these apps, Lgexin, wasn’t operating in a malicious manner. They had accidentally created a backdoor security vulnerability, but if they were so inclined, they could have infected millions of devices via malicious plugins.

They’re not banning everything

Google doesn’t have anything against cryptocurrency, just the mining of it on devices that can download apps from Google Play. Apps from cryptocurrency exchanges are still on there, and will be for many years to come.

Security Concerns?

To find out more about the many threats that may can target your organization, contact GDT’s tenured and talented security analysts at SOC@GDT.com. From their Security- and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

 

Read more about network security here:

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part Of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

A boy and his computer…and a $67 billion purchase

By Richard Arneson

Most people know the story. Everybody who hears it likes it. It’s the one about a University of Texas pre-med student who decided to start a computer company from his dorm room. He’d take a garden variety computer and, metaphorically speaking, put on high-end headers, a Flathead engine, a four-speed overdrive transmission and chrome mags. Yes, Michael Dell souped-up computers, re-sold them (a lot of them) and dropped his medical school plans. And now, thirty-five (35) years later, Dell has over a hundred forty thousand (140,000) employees globally and is certainly a juggernaut in the high tech industry.

Once known strictly as a PC vendor, Dell has—understatement alert!—branched out just a bit. That’s not to say they’ve let their PC focus fall by the wayside. In fact, they are the 3rd largest PC vendor—behind Lenovo and HP—with a market cap of over $70 billion. Now, of course, they’re known for much more thanks in part to their 2009 acquisition of Perot Systems, which helped make them an immediate player in the enterprise storage and networking solutions segment. Then along with PCs, storage and networking solutions, they added printers, servers, switches, cameras and HDTVs, to name a few, to their sales arsenal. And then came 2016.

If you thought the Perot Systems purchase was a biggie…

You’d have a hard time finding anybody, even the Wall Street types, who thinks Dell’s $67 billion purchase of EMC Corporation in 2016 was anything but a home run. And that’s rare…highly rare when you consider that most technology purchases or mergers have been labeled everything from “meh” to “disastrous”, and every negative adjective in between. Sure, Dell’s intentions were met with some naysayers at the time, but finding critics today will be tough.

After the EMC purchase, Dell was reorganized into Dell Technologies Capital, and its multiple divisions were consolidated into three (3) subsidiaries: Dell Client Solutions Group (consumers), Dell EMC (data management hardware and software) and VMware, which it’s a majority owner of due to its EMC purchase (Dell currently holds an eighty percent (80%) stake in the Palo Alto, CA-based software virtualization company). And a year after the acquisition, Dell EMC announced the formation of an IoT Division, which is being run by VMware CTO Ray O’Farrell. He revealed in August that they’ll be pumping over $1 billion into IoT Research & Development over the next three (3) years.

The Dell EMC Strategic Focus (in addition to IoT, of course)

Dell EMC’s Ready Solutions for AI

In August, Dell EMC introduced Ready Solutions for AI, which utilizes a building-block approach to help better meet customers’ AI needs as they evolve. Ready Solutions for AI includes machine and deep learning, servers, software, storage, networking and services optimized for AI workloads.

Data Management (servers, storage, analytics and cloud-based workloads)

The term Data Management can encompass, well, pretty much everything that’s IT-related. In Dell EMC’s case, their data management focus is composed of servers optimized for AI workloads (more specifically its PowerEdge C-Series servers, which are optimized for AI workloads) and network-attached storage platforms for backup and archiving, which are provided through Dell EMC Isilon and Elastic Cloud Storage.

Boomi, a company Dell purchased eight (8) years ago, specializes in cloud-based integration, API management and Master Data Management. They’re the analytics guys.

For cloud-based workloads, Dell EMC’s Pivotal Cloud Foundry and Virtustream Enterprise Cloud fit the bill. Pivotal Cloud Foundry, which was originally developed by VMware, is an open-source, multi-cloud application PaaS (Platform-as-a-Service). After the EMC purchase, Cloud Foundry was transferred to Pivotal Software, a joint venture between EMC, VMware and General Electric.

There will be a time, probably in the not-too-distant future, when hearing Dell without EMC will be like Exxon without Mobil. And, actually, that might be a great way to judge the success of high tech’s largest acquisition in history.

Have questions? These experts have the answers

GDT’s tenured, talented solutions architects, engineers and security analysts understand how to positively incorporate change by designing and deploying innovative solutions that help customers realize greater productivity, enhanced operations and more revenue. GDT utilizes key partnerships with best-of-breed technology companies, like Dell EMC, to help organizations transform their legacy environments into highly productive digital infrastructures and architectures. You can reach them at SolutionsArchitects@GDT.com or at Engineering @GDT.com. They’d love to hear from you.

 

Want more info about IoT, AI and data management and that encompasses? Check these out:

Unwrapping DevOps

Autonomics and Automation–is there a difference?

Answer: you get a solution better than your current one

A-M-D-I-L-L: Unscrambled, these letters represent some of the hottest topics in the IT Industry

A Robust Solution for the entry-level storage customer

Don’t put off ’til tomorrow what you MUST do today

Want to read about a cool, real-world Blockchain application?

When being disruptive is a good thing

Rx for IT departments—a security check-up

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

The FTC’s findings—and what they’re doing about it—regarding small businesses and cybersecurity

By Richard Arneson

By now, most of us are aware that cyber threats don’t discriminate. Any business, regardless of size, industry, location, et al., is a potential target. The media, of course, is going to focus on breaches that affect huge, public-facing, high-profile corporations whose names are recognizable (Target, Uber, LinkedIn, JP Morgan Chase, Home Depot, to name only a few). And that media focus can make small, even mid-sized, business owners feel like they’re somewhat hidden and tucked away, like a homeowner who’s selected a neighborhood off the beaten path. With cyber attacks, however, everybody’s on the path.

In fact, small businesses suffer more malware infections than their larger counterparts, and, according to the Ponemon Institute’s report 2017 State of Cybersecurity in Small- and Medium-sized businesses, that number is on the rise. At the time of its writing, small businesses had experienced a sixty-one percent (61%) rise in attacks during the prior twelve (12) months; in 2016, it was up fifty-five percent (55%). While it’s probably giving cyberattackers too much credit to believe they single out and target small businesses (they tend to utilize a spray and pray technique), there’s no question—small businesses are getting caught in the crossfire.

The FTC is doing something about it

October was cybersecurity month, which seems a little odd. Every month should be cybersecurity month. Every day should be cybersecurity month, if that makes sense. And the FTC agrees.

Over the last twelve (12) months, the FTC crisscrossed the country conducting interviews and having discussions with small- to mid-sized business owners. Those discussions brought to light one (1) primary theme as it relates to small businesses and cyber threats—they are bringing a knife to a gunfight. They saw the immediate need to launch a cybersecurity resource for small businesses to help ensure they’re protected, or at least heading in the right security-related direction.

The FTC teamed up with the Small Business Administration (SBA), the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS) to develop clear, easy-to-use resources, which includes training, quizzes and videos on the following key security topics:

  • Cybersecurity Basics
  • NIST Cybersecurity Framework
  • Physical Security
  • Ransomware
  • Phishing
  • Business Email and Email Authentication
  • Tech Support Scams
  • Vendor Security
  • Cyber Insurance
  • Web Hosting
  • Remote Access

Yes, security threats abound, but they’re not just related to external threats. According to another study by the Ponemon Institute, over seventy-five percent (75%) of businesses largely remain unprotected from malicious insiders and employees lacking proper security education. Security is a lot to think about, but don’t wait until next October to learn about how to protect your organization. Remember, every day is security month! And to get started, you can learn here how to give your business a security self-exam.

Don’t leave it up to chance

To find out more about the many threats that may soon target, or are currently targeting, your organization, contact GDT’s tenured and talented security analysts at SOC@GDT.com. From their Security- and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

Read more about network security here:

Hiring A Hacker Probably Shouldn’t Be Part Of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Workshops uncover insights into the state of IT and Digital Transformation

By Richard Arneson

Let me get this out of the way first—IT transformation isn’t the same as digital transformation. The former is more a means of getting your organization to the latter (Read more about digital transformation here). OK, now let’s get down to IT transformation.

GDT premier partners Dell EMC and VMware covered the country from coast-to-coast to conduct workshops on IT transformation. Wait, this just in—they conducted workshops across the globe! In the workshops, Dell EMC consultants worked with CIOs and their direct reports to evaluate their current IT state against where they’d like it to be. From that, they discussed strategies and tactics to bridge that gap. But, best of all, IDC performed an analysis of this information and published the results for all to enjoy (you can read about them here). Following is a brief synopsis of the report:

CIO’s Top Priorities

Portals. Yes, portals ranked as the highest priority of all projects, primarily because they have the most visibility and represent how companies experience the effects of automation and efforts to improve infrastructures.

Hybrid Cloud Architecture

Dell EMC discovered that over the last three (3) years more and more companies (from 65% to 84%) want to utilize a hybrid cloud architecture to support production apps. However, the key word is “want”. They’re not there yet—currently only ten percent (10%) of the CIOs interviewed were using this hybrid cloud approach.

DevOps

Sixty-seven percent (67%) of the CIOs want DevOps to be an integral part of the organization, and all would like to get there, and are planning on it, within eighteen (18) months. Here’s the biggest reason—it currently takes them at least six (6) months, on average, to deploy a new release.

Network Virtualization

While it doesn’t trump Hybrid Cloud or DevOps in importance, it is where the CIOs believe they have the largest infrastructural gap. On average, they would like at least forty percent (40%) of infrastructure to be virtualized within the next 12 to 18 months.

Automation

While Infrastructure as Code (IaC) and automating changes and management ranked high on their priority list (90% wanted it), only 5% claimed to already be there.

Over eighty-five percent (85%) of the CIOs interviewed wanted to do a better job of proactively, and promptly, addressing performance and capacity issues through automation and alerts. And they would like to have automated metering and an automated analytics engine in place that delivers metrics and trends for all IT services.

Top Challenges

Changing the current operations model is the hardest part of transforming a new approach to IT. When lined up in a row—service delivery transformation, new infrastructure deployment and management, and how the IT organization needs to be re-structured—IT transformation becomes an even more daunting task than first imagined.

What are the most prevalent changes made by the top performers?

According to the CIOs interviewed by Dell EMC, the top performers—those in the top twenty percent (20%) of targeted goal achievement—had already achieved the following:

  • Executive-level, top-down support of a documented strategy and roadmap for IT Transformation.
  • IT resource provisioning taking no more than one (1) week.
  • The utilization of Cloud-based Platform-as-a-Service (PaaS).
  • The virtualization of almost one hundred percent (100%) of their infrastructure.
  • Automation implemented to deliver IT services.

Call on the experts

IT Transformation, like Digital Transformation, is no mean feat. It involves organizational changes, and lots of them, all while keeping up with technical advances across a wide range of disciplines. That’s why talking to professionals who’ve helped companies automate processes to enhance operations and grow their bottom line should be a key element of your technology roadmap.

GDT’s tenured, talented solutions architects, engineers and security analysts understand how to positively incorporate change by designing and deploying innovative solutions that help customers realize greater productivity, enhanced operations and more revenue. GDT utilizes key partnerships with best-of-breed technology companies, like Dell EMC, to help organizations transform their legacy environments into highly productive digital infrastructures and architectures. You can reach them at SolutionsArchitects@GDT.com or at Engineering @GDT.com. They’d love to hear from you.

Want more information about IT and Digital Transformation? Check them out here:

Unwrapping DevOps

Autonomics and Automation–is there a difference?

Answer: you get a solution better than your current one

A-M-D-I-L-L: Unscrambled, these letters represent some of the hottest topics in the IT Industry

A Robust Solution for the entry-level storage customer

Don’t put off ’til tomorrow what you must do today

Want to read about a cool, real-world Blockchain application?

When being disruptive is a good thing