WW W. IN T E LE C A.C O M
I N E
IN
T
F E BR UARY 2018
E CA E L
M A G A Z
1
CONT 2
I N T E L E CA.CO M
TENT It’s not polite to point P.6 The internet is not ending‌is it? P.12 This is Uber dangerous P.18 When instant gratification and reality collide P.22 I welcome our new machine overlords P.28 URGENT: How will you upload P.34 your cat photos to Instagram in the future? This is Uber dangerous This is Uber dangerous
3
Take control of the IoT Edge Onboard, manage, monitor and secure all your connected things and gateways with Pulse IoT Center.
www.vmware.com
LETTER FROM THE EDITOR
It’s official. I lead a bizarre life—not that I’m complaining. In fact, it’s quite the opposite. It’s simply the realization that as I sit here writing the first Letter From the Editor for Inteleca’s new IT magazine, it dawned on me that we now actually have a quarterly IT magazine. One year ago, if you’d told me I’d be in the digital publishing business, I probably would have thought you’re crazy. After all, the amount of work that it takes to run a multinational company is exhausting on its best day—adding a publishing job seems a bit self-punishing. But it doesn’t feel that way. It feels right. You see, our daily jobs take us into the largest companies in the world—seeing firsthand the good, the bad and, sometimes, the ugly. And with that, being part of the solutions for the bad and the ugly, all while making the good feel even better, has led us to a place where we have learned a tremendous amount and we want to share that. So here we are: a magazine filled with articles that relate directly to what we see every day. And as this magazine grows, so will the articles and authors—executives and IT professionals from a multitude of companies all sharing their knowledge and wisdom for everyone’s benefit. Here at Inteleca, we could not be more proud of our inaugural issue. We hope you enjoy it … there is far more to come!
Paul Hogg
Paul Hogg
Editor-in-Chief
5
It’s not polite to point. by Matt Edwards
For anyone starting their day, as they read this they’ll be able to relate to the pain we all feel every day: What challenges do we need to overcome at work today, and what is the easiest way to solve them and move on? It’s a situation we’re all familiar with and one that has plagued us all.
6
I N T E L E CA.CO M
7
8
I N T E L E CA.CO M
However, with all the glory of the modern digital age, comes a different challenge. It’s a challenge that may appear useful at the time—but it always comes back to haunt us. It’s what we now lovingly refer to as the “point solution.” We’ve all done it: the right here, right now, need to fix something quick. So we put our fingers to the keyboard, Google search the hell out of the topic and, ultimately, come across some small widget that costs either nothing or at the very least next-tonothing and BAM! Problem fixed for the next few days, weeks, or months. However, as time moves on, suddenly we realize that what was once the solution to a minor problem has now become a systemic issue with absolutely no way to replace the solution beyond our own desk. Furthermore, cheap point solutions end up becoming obsolete much faster than robust enterprise solutions, and usually with little to no updates, no flexibility, and often with a pay-to-play option that times out. This is seen in everything from IT security freemium products, to business management tools, and more—all instantly gratifying but, let’s face it, usually with dire consequences. The issue we all now face pertaining to these point solutions is that nothing is a so-called “point” anymore. The days when everything was conveniently stored in a silo, away from everything else, and resolved with a band-aid solution, are now long gone and are a thing of the past. As we continue to connect everything to everything else, the essence of that paradigm removes itself from the historical silo. With cloud applications paired with mobile access in an always-on-always-connected world, we must now search for solutions that address the needs of everyone and everything simultaneously.
A perfect example of this is the ever-vigilante need for IT security. The need to have cohesive and holistic IT security at every level of the business is now essential not only for business success, but also for business continuity. From the top end of mobile device security, to email, cloud infrastructure, all the way down to the darkest regions of the datacenter, all must interconnect. And without this interconnectivity, the holes in a company’s armor will be forever exposed to nefarious hackers seeking to exploit every opportunity. Now, I know what some people may be thinking—company size versus cost is always present. After all, what small company, or even a “less complicated” company, needs robust enterprise solutions when they don’t consider themselves an enterprise. It’s this sentiment that also exacerbates the point solution issue. And though I don’t want to change my job title to corporate therapist, I’m here to say that everyone deserves better solutions regardless of size or corporate stature. Unfortunate and misinformed views as they pertain to IT business solutions are something we must also move past. The idea that for some reason bigger companies get better solutions must end today. With the advent of cloud solutions such as AWS, Google, Microsoft, and more, we see the trend starting to shift. With everything now becoming equal as it pertains to scaleable horsepower, smaller enterprises can have access to the same solutions as their larger counterparts, without breaking the bank. And as stated before, this is not just about IT security. In fact, that is an easy fix. The bigger challenge is to avoid all point solutions as everything is so connected that every point, if not accounted for as it relates to every other point, will be the cause of a potentially horrific chain reaction. In all, the lesson to be learned here is that there are IT business solution companies out there that can calculate and connect all aspects of the data center from bottom to top and beyond to ensure all systems work as one. The easiest way to a better and more robust infrastructure is to find a partner who can architect the solution, saving you money, time, and effort, while building you a foundation for success. And regarding those old point solutions—remember what my Mom always said, “It’s not polite to point.”
9
Freak Blue Cruiser Flying carrousel-tourbillon 7-day power reserve Silicium technology T. 561.988.8600 ulysse-nardin.com
TH E E TE RNAL MOVE ME NT Ulysse Nardin, from the movement of the sea to the perpetual innovation of Haute Horlogerie. For over 170 years, the powerful movement of the ocean has inspired Ulysse Nardin in its singular quest: to push back the limits of mechanical watchmaking, time and time again.
IS
The internet is not ending‌
12
I N T E L E CA.CO M
IT? 13
Though I never try to date myself—it’s my hope that everyone views me as a mid-20s genius, sipping on a cup of fussy coffee, wearing tight jeans and an ironic t-shirt—I know that’s never truly going to be my perceived persona … my wife has made that very clear. So, in the case of the discussion around Net Neutrality, I’m happily going to date myself by bringing up such topics as the 1980s, old-school TV, the first days of the internet, and maybe even some references to my bad college fashion choices that haunt me to this day. So, let’s do this!
This is not that
To begin, let’s in no way downplay the coming lack of Net Neutrality. It represents an obvious turning point in our social construct, one that we have come to know and love for the past 20 years. However, though no one truly likes change, the fact remains that change is here and we’ll all have to deal with its potentially horrible consequences.
The fact is, that a pay-more-for-the-same-or-less model is not going to do great things for the United States, or its businesses. For every perceived hostile act of throttling technology, the companies that create that technology may well leave the country—bound for greener pastures and fewer controls.
Now, all politics and revolutionary rhetoric aside, we have to first look at this from a familiar angle. For those of you old enough—I told you I’d date myself—we should all remember a time not so long ago when TV consisted of one price and one set of channels, and if you were really lucky, movie networks. In fact, having more than five channels was crazy for most, and if you didn’t pay for the one price / one size option you were relegated to using an antenna on your roof to get only staticridden images.
For instance, take the innovation surrounding things such as IoT. The lack of Net Neutrality could impact that innovation simply by creating lack of choice. The fringes of the truly cutting-edge technological advancements may be hindered. After all, it’s not like ISPs are going to start turning off or charging extra for YouTube right away, but some newly introduced IoT devices may result in only certain vendors being supported or even allowed.
Then, sometime in the early 90s—a time I spent wearing ripped jeans and far too much plaid in my quest to be Eddie Vedder’s lost twin—cable television began offering packages that far outweighed those of the 80s basic cable. At the time, no one seemed to mind. In fact, the extra cost for better service was embraced by most. My point? TV had always been a certain way, and even though we were used to our TV being what it was, we adapted to the new paradigm and moved on, without having a revolutionary war. Then, of course, let’s look at the early days of the internet. I swear, to this day, I still have nightmares about the squeals and squeaks of dial-up modems taking me to the darkest corners of the internet: at the time that being chat boards and forums with people simply attacking each other for no reason … huh, maybe somethings don’t change. But when the internet truly took hold, suddenly new pricing for better and faster speeds was introduced. The outcome? People happily paid the price to access the internet faster and easier— doing away with the squeals of dial-up modems and moving into the twenty-first century.
14
I N T E L E CA.CO M
But what is the one common thread in this history lesson? When we paid more, we got more—a concept the American Dream is built on. However, the underlying issue of the disappearance of Net Neutrality is we will have to pay more to get back what we have already had. This is not the dream, but more a monetary nightmare.
Then, of course, there’s the business world—and I emphasize “world.” If we wall ourselves off from the rest of the world as it pertains to technological connectivity, the rest of the world will simply slip away to continue on without us. In the end, the internet represents the connective tissue that supports all innovation. Paying for less is never an option, and never good. There’s only one way the internet works—in an even flow. (Thanks Mr. Vedder for the
15
18
I N T E L E CA.CO M
Ladies and gentlemen, welcome to the twenty-first century where data is the new currency. And like any type of currency, there are thieves who prey on the vulnerable, waiting to exploit the perfect opportunity to rob them blind. Dangerous dark alleyways and parking lots have now evolved and moved into the deepest recesses of the worldwide web—thieves now wait to jump from the darkest corners of the web to infiltrate our systems, our devices, and our private information to exploit us and rob us blind. In this week’s news, we witnessed another industry giant being brought to its knees through failed cybersecurity efforts: Uber has now joined the long list of giants that includes BlueShield, Ashley Madison, Home Depot, J.P. Morgan, eBay, Target, and more. And what do they all have in common? Data. In fact, the reason I have listed such a diverse group of organizations is to illustrate that nothing is safe: from home renovations, to health insurance, to discreet connections, they all resulted in one inevitable end—a breach in security. I really don’t want to dwell on Uber, nor do I want to make excuses for these organizations as their security breaches have been done to death in the press already. Even so, the latest so-called victim in the cyberwar is an example of human nature at its best in terms of how cybercriminals operate. Aside from the question of technology—I sincerely feel that this breach could have been avoided with the technology that we implement daily, but I digress—the topic here is more about the human element. Pride and misguided embarrassment are the tools leveraged by these cybercriminals. Imagine this scenario: a middle-aged man or woman is sitting in their office diligently working away on their latest project. An email from a friend is deposited in their inbox with a link, inviting a visit. Now, anyone on any day probably receives several of these. The point? Nothing out of the ordinary … right? Wrong. Here is the reality of this scenario. The originating sender’s email has been compromised and is being used as a dissemination tool for malware. When the email lands in the target’s email inbox and is promptly clicked on as no threat is considered, the result is an immediate ransomware attack along with the locking of the screen to display a pornographic image. Now, the hook has been set. The poor person that clicked on the link must now weigh the possible outcomes: pay the ransom fee to potentially unlock the computer, or suffer the embarrassment of the image, the situation, and the self-blame for the attack. So, what can be done? Firstly, there is the technology and security aspect. Having safeguards at all levels of IT infrastructure is paramount for any business or organization. But, more importantly, education is key. Educating IT personnel so they know and understand the latest threats and mitigation techniques, training for worst-case scenarios in how to manage a data breach or attack, and, finally, ensuring everyone understands the human factor so they are not embarrassed, but rather diligent and self educating. Cybersecurity is the new reality. We must all live and breathe it everyday in our professional and personal lives. In our new, data-driven lives, the term “due diligence” has taken on an entirely different aspect. This is our new world, and it has been proved to be Uber dangerous!
19
WHEN
INSTANT GRATIFICATION &
REALITY 22
I N T E L E CA.CO M
23
It seems that almost daily I see more and more news surrounding hybrid cloud infrastructure—having IT reside both on-premises and outside of one’s own four walls simultaneously—the new cool that has taken the business world by storm. And to think this comes a mere few years since the cloud was feared by so many. What does this move from private cloud (on-premises) to the mixed scenario that is hybrid cloud mean for companies wanting to freely move information, applications, and more, from their own infrastructure to the public cloud and back? Surely, there are consequences, are there not? The answer: damn straight there are.
24
I N T E L E CA.CO M
Of course, the first thing that comes to mind is the issue of security, which, to be honest, is somewhat surprising; yet it’s a sign of the times. If you had asked that question just a few years ago, security, though incredibly important, may have come second in the wake of speed, access, and reliability. But we live in dangerous times—REALLY dangerous times. Not to be an alarmist, but let’s not forget that Ukraine was literally crippled just a few short months ago—all due to nefarious characters who simply wanted to make money, and perhaps watch the world burn. The point: the malicious code that lives out there in the ether, continually circles the world looking for a way in. And, as we propel ourselves forward in the attempt to make our lives better, faster, easier, and more connected, we simultaneously expose ourselves to threats designed entirely around our newfound globally connected dynamic. So, what is one to do in this case? To be secure, we need a two-pronged approach based on technology and humanfactor education. With multi-layered security solutions in place that cover virtually everything (pardon the pun), we can at least mitigate the risk of security threats. That, paired with ensuring everyone is well educated and well versed in the new world order of such things, reduces the threat. But who can keep up with all this security stuff? Is it the mythical all-knowing IT department? No, it’s not, nor should it be. But let’s tackle that topic later.
Now, with security in place let’s get to the part where we want our lives to be faster, better, more connected—in other words, as previously mentioned, the speed and reliability factors that satisfy the modern need for instant gratification. Herein lies the magic. To ensure a constant stream of data in all directions, we need ever-evolving and better IT gear to support our new hybrid world. After all, it’s more than just a fast internet connection that makes this happen. Sparing you the gory and technical details of modern network infrastructure—I’m sure we have a white paper on that somewhere—the situation remains mired in the highly complex. This complexity now haunts IT departments: as the nature of the demands on modern business continues to expand, so must the highly verticalized knowledge and expertise needed to architect the type of network required to keep pace. Oddly enough, this type of highly verticalized knowledge, along with that of the aforementioned IT security expertise, is actually at odds with the expectations of traditional IT departments. Once touted as the do-anything department, IT has evolved to be something much more important: a team of people who build and manage better processes and applications, and who plan better infrastructure for today and tomorrow. So, what is the answer to the looming issue: When instant gratification and reality collide? It’s about ensuring that IT has the authority to make the right decisions, and to engage specialists to help pair security and infrastructure so they work as one. With two very different worlds colliding, the knowledge required to combine the needs of the business with the demands of security takes a specific skill set. Finding the right company, one that has both network infrastructure and IT security expertise, means a cohesive solution that keeps everyone safe while still ensuring that instant gratification is always available.
25
Non-stop Business Continuity Instantly recover any app, any data on any cloud
veeam.com
28
I N T E L E CA.CO M
I welcome our new machine overlords. by Paul Hogg
It’s been a while since my last overly alarmist IT security blog, and with the holiday season upon us—as millions of IoT devices lie in wait to once again flood our homes and offices—I figure what better time to scare the crap out of the general public.
29
But, in this instance, it’s not actually about scaring people. It’s more about acknowledging and accepting the human condition for what it is, and working to mitigate risk against it. Case in point, the far-too-many aspects of the IT security arms race. The human factor plays into almost all of it. After all, it’s humans who build the networks, it’s humans who write the code to attack the networks, and it’s humans who in turn work to defend said networks. Simply put, technology has little to do with technological warfare … sort of. The best way to approach this on a human level is to look closely at all those involved in preparing for and fighting against cyberattacks. It introduces a new perspective: how we all need to work together, and who we need to work with. Firstly, there is IT—the department within any organization that is generally responsible for making any company function on a day-to-day basis. It’s this department that takes the brunt of the abuse from both the nefarious outside cyber attackers, to the crushing expectations of those who live inside the four walls—those who think IT people can and will be able to do absolutely any task no matter the complexity. A tough place to be, right? History dictates a view of IT that falls into expectations that can only be described as magical. An all-seeing, all-knowing group of people who will keep us safe, warm, and business ready at all times. And when new technology is introduced, that very magic is wielded in such a way that everyone in IT is instantly endowed with all knowledge as though they were plugged into The Matrix like Keanu Reeves. And, as an IT person myself, I think I speak for all of us when I say, “NOT FAIR!”—especially when it concerns IT security. Knowing the time and effort it takes to become an expert in just one aspect of technology, people need to understand that IT departments need help. Engaging with outside IT security specialists is not admitting defeat— it’s admitting that you are smart enough to hire the right people to help defend the masses.
30
I N T E L E CA.CO M
Which, of course, brings us to the next human element: the partners. Engaging with IT security partners chips away at human vulnerability. It does away with hubris, as well as a lack of confidence, creating a level playing field whereby two entities come together for the common good to establish the right technology, the right infrastructure, the right protocols, and the right habits all designed as an interconnected ecosystem of smart people doing smart things to keep would-be attackers at bay. Then we have the folks outside IT. The people you smile at in the halls and at company events; the people you work with on inter-departmental projects; and people you perhaps bowl with. So, what do they have to do with IT security … a hell of a lot! It’s the people who are outside of the know who can sometimes be unwittingly the attacker’s best friend, and the worst enemy to those who employ them. Why? Again, the human condition. Without knowing the seedy underbelly of IT and all things bad in the world, they can let the Trojan horse through the proverbial gates. Not because they are in anyway involved with the so-called attackers, more because they love horses. Not understanding cybersecurity is a human issue that revolves around constant education. Giving real-world examples of how they can be compromised, can transform them from would-be and unknowing accomplices to heavily armed guards at the cyber gate. Lifting the veil to teach them the do’s and don’ts, along with letting them know they shouldn’t be embarrassed if and when they become a victim, will help lock down the fortress that much more. Again, addressing the human factor without getting too embroiled in technology. As our world continues to evolve, there will be more attacks on the horizon. From DDoS attacks leveraging IoT devices, to mobile intrusions, to ransomeware, and more—no one can prevent attacks like us humans. And if we should ever fall to the rise of the machines like some post-apocalyptic Christian Bale movie, I for one welcome our new machine overlords and hope for a job that doesn’t involve a wireless shock collar—although as an IoT device it may be easy to hack and use to defeat the robots … only time and human history will tell ;)
31
Smart, optimized, connected security solutions for your connected world
Hybrid Cloud Security Improve visibility and simplify security management across physical, virtual, and cloud environments
Network Defense Detect, analyze, and prevent ransomware, advanced threats, and targeted attacks
www.trendmicro.com
User Protection Solution Protect users and their information – on any device, any application, anywhere
URGENT: 34
I N T E L E CA.CO M
When it comes to cable and telecom companies, I honestly don’t envy their business models. The need to continually evolve to meet the demands of consumers and businesses alike, borders on the near impossible. Yet, at every turn, they seem not only to meet the demands of the masses, but also to exceed them—to that end, I have much respect.
35
36
I N T E L E CA.CO M
For instance, look at the evolution of internet speeds and how they have changed in the past few years. It wasn’t that long ago that dial-up was all one had: a collection of squeals and beeps that brought you to the then burgeoning land of promise that was the worldwide web. Just a few years later, we experienced cable for the first time, transforming the first stages of connectivity and enabling internet 2.0—the promise of the online world growing once again.
But how does that impact consumers, businesses, and ultimately cable and telecom infrastructure? Firstly, it enables consumers and businesses to have symmetrical upload and download speeds—think of the 150 up / 150 down ads from your local cable companies in your neighborhoods. And as for telecom companies, they now get to offer their customers better and faster speeds that align with the demands of everything from data growth to virtualization, and more.
Now, of course, there is fiber directly to the house and office, enabling symmetric speeds once thought impossible. And with that comes the promise of the internet and all its wealth of knowledge—well, that and Instagram and Facebook where we get to see stupid memes and pictures of people’s cats … but hey, for some folks that’s something.
So, like all great last pushes over the proverbial cliff throughout history, this issue is always about speed to react-and-rectify than it is about choice. Like the iPhone pushed the flip phone off the cliff, like the flat panel television was the demise of its predecessor, and like how Metallica killed Napster, data growth is forcing cable and telecom companies to suffer through the change of hardware at an accelerated rate.
But, all joking aside, with so many hurdles to overcome regarding the physical nature of the internet, we sometimes forget the other side of the equation: the protocols that enable all this speed and subsequent data transfer to happen. And at the heart of this transfer for a very long time—and by long, remember we are measuring IT standards, let’s say 20 years—there has been Data Over Cable Service Interface Specification or DOCSIS for short. Now, not to get all Wikipedia on you, but for the sake of time and sanity here’s a Wikipedia-esque definition to speed things along—pardon the pun. DOCSIS is an international telecommunications standard that permits the addition of high-bandwidth data transfer. Simply put, it makes the internet happen. So, how important is DOCSIS? And how geeky can we possibly get? Very, and even more…well, very. As an established protocol, the importance of it is substantial. In fact, the Full Duplex DOCSIS® 3.1 enables what is referred to as symmetrical up/down capabilities: meaning the amount of data that can be uploaded to the internet is the same as what can be downloaded.
But what is the ultimate fix? It’s already under way. As cable companies continue to evolve their physical infrastructure due to data demands, the continuous need for new gear will solidify the foundation of DOCSIS® 3.1 for now, and possibly for the next decade or more. The more important point in all this is for cable and telecom companies to future-proof now. Getting the right IT business solutions in place that continue to support DOCSIS, such as new switches, etc., will prepare them for even bigger data demands not only now, but also in the future. No one likes change. It’s hard, sometimes painful, and more than a little frustrating. But if it means we can all upload photos to Instagram and see cat pictures that much faster, then no one should argue … because that’s what the internet is about … right?
37
I N E Z
M A G A
IN
T
F E BR UARY 2018
E
A C LE
W W W. IN TE L E C A .C O M