Aqua Security focuses on securing the runtime environment of containers  

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  In a nod to the benefits of containers, the financial services giant Goldman Sachs Group has announced it's in the midst of a year-long project to move 90% of its software into containers. The shift involves some 5,000 applications as well as the firm's software infrastructure.As reported in The Wall Street Journal, Don Duet, the co-head of Goldman Sachs' technology division, says this move will create a better software environment for his company. The staff of more than 8,000 software developers can focus on creating new products and tools, while the runtime process is automated, thus reducing labor and infrastructure costs. In addition, the use of containers will create standards for packaging and distributing different kinds of software.To read this article in full or to leave a comment, please click here

EU and US officials sign ‘umbrella’ data protection agreement, but it’s no Privacy Shield

The European Commission has signed a landmark agreement with the U.S. in its quest to legitimize the transatlantic flow of European Union citizens' personal information.No, it's not the embattled Privacy Shield, which the Commission hopes to conclude later this month, but the rather flimsier-sounding umbrella agreement or, more formally, the U.S.-EU agreement "on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses."It covers the exchange between EU and U.S. law enforcers, during the course of their investigations of personal data including names, addresses and criminal records. U.S. Attorney General Loretta Lynch, European Commissioner for Justice Vĕra Jourová and Dutch Minister for Security and Justice Ard van der Steur signed the agreement in Amsterdam on Thursday.To read this article in full or to leave a comment, please click here

EU and US officials sign ‘umbrella’ data protection agreement, but it’s no Privacy Shield

The European Commission has signed a landmark agreement with the U.S. in its quest to legitimize the transatlantic flow of European Union citizens' personal information.No, it's not the embattled Privacy Shield, which the Commission hopes to conclude later this month, but the rather flimsier-sounding umbrella agreement or, more formally, the U.S.-EU agreement "on the protection of personal information relating to the prevention, investigation, detection, and prosecution of criminal offenses."It covers the exchange between EU and U.S. law enforcers, during the course of their investigations of personal data including names, addresses and criminal records. U.S. Attorney General Loretta Lynch, European Commissioner for Justice Vĕra Jourová and Dutch Minister for Security and Justice Ard van der Steur signed the agreement in Amsterdam on Thursday.To read this article in full or to leave a comment, please click here

Arista launches Universal Leaf Platform

Last month, Arista Networks put the core router market in the crosshairs with it’s Universal Spine (http://www.networkworld.com/article/3049140/router/arista-takes-aim-at-core-router-market-with-universal-spine.html) system.  This week Arista complimented this by announcing a Universal Leaf network platform powered by its new 7280R switch series. The products leverage the Broadcom Jericho chipset which is optimized for 100 Gig-E, deep buffers and routing.  Arista has been one of the more aggressive vendors with respect to using a leaf-spine architecture to be the backbone of a modern data center, so it makes sense that it would try and push the evolution of both the leaf and spines.To read this article in full or to leave a comment, please click here

Arista launches Universal Leaf Platform

Last month, Arista Networks put the core router market in the crosshairs with it’s Universal Spine (http://www.networkworld.com/article/3049140/router/arista-takes-aim-at-core-router-market-with-universal-spine.html) system.  This week Arista complimented this by announcing a Universal Leaf network platform powered by its new 7280R switch series. The products leverage the Broadcom Jericho chipset which is optimized for 100 Gig-E, deep buffers and routing.  Arista has been one of the more aggressive vendors with respect to using a leaf-spine architecture to be the backbone of a modern data center, so it makes sense that it would try and push the evolution of both the leaf and spines.To read this article in full or to leave a comment, please click here

A new WordPress plug-in exploit endangers thousands of websites

Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites.The plug-in's developer fixed the flaw Tuesday in version 3.6, but in addition to updating immediately, users should also check if their websites haven't already been hacked.The vulnerability is located in a script called resize.php script and allows remote attackers to upload arbitrary files to the Web server. These files can be backdoor scripts known as Web shells that provide attackers with backdoor access to the server and the ability to inject code into legitimate pages.The flaw was discovered by WordPress security outfit PluginVulnerabilities.com after it observed requests for the wp-content/plugins/wp-mobile-detector/resize.php even though it didn't exist on its server. This indicated that someone was running an automated scan for that specific file, likely because it had a flaw.To read this article in full or to leave a comment, please click here

A new WordPress plug-in exploit endangers thousands of websites

Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites.The plug-in's developer fixed the flaw Tuesday in version 3.6, but in addition to updating immediately, users should also check if their websites haven't already been hacked.The vulnerability is located in a script called resize.php script and allows remote attackers to upload arbitrary files to the Web server. These files can be backdoor scripts known as Web shells that provide attackers with backdoor access to the server and the ability to inject code into legitimate pages.The flaw was discovered by WordPress security outfit PluginVulnerabilities.com after it observed requests for the wp-content/plugins/wp-mobile-detector/resize.php even though it didn't exist on its server. This indicated that someone was running an automated scan for that specific file, likely because it had a flaw.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Measurement is key to cloud success

When I think about the Internet, I think about the General Motors bankruptcy of 2009. Okay, maybe it’s not the first thing that pops to mind. But there’s a lesson in it for builders of networks.It is hard not to draw an analogy between the rise of North American car culture and the development of the Internet. In the earliest days of car culture, it was a lot of work to use a car. You needed to be a pretty reasonable mechanic, and you were using a mode of transportation that was just as uncomfortable as any other one, but that was unreliable and experimental as well. But this didn’t matter, because other enthusiasts like you were trying out the same things, and if the new technology turned out to work it would be a really big deal. Similarly, in the earliest days of the network, the users were mostly also developers of the technology. Only pretty geeky people could have thought of telnet or FTP as user-friendly.To read this article in full or to leave a comment, please click here

Internet of Things (IoT) telemetry

The internet of things (IoT) is the network of physical objects—devices, vehicles, buildings and other items—embedded with electronics, software, sensors, and network connectivity that enables these objects to collect and exchange data. - ITU

The recently released Raspberry Pi Zero (costing $5) is an example of the type of embedded low power computer enabling IoT. These small devices are typically wired to one or more sensors (measuring temperature, humidity, location, acceleration, etc.) and embedded in or attached to physical devices.

Collecting real-time telemetry from large numbers of small devices that may be located within many widely dispersed administrative domains poses a number of challenges, for example:
  • Discovery - How are newly connected devices discovered?
  • Configuration - How can the numerous individual devices be efficiently configured?
  • Transport - How efficiently are measurements transported and delivered?
  • Latency - How long does it take before measurements are remotely accessible? 
This article will use the Raspberry Pi as an example to explore how the architecture of the industry standard sFlow protocol and its implementation in the open source Host sFlow agent provide a method of addressing the challenges of embedded device monitoring.

The following steps describe how to install the Host sFlow Continue reading

IDG Contributor Network: IoT will overtake smartphones in 2018

The Internet of Things will become a bigger connected-device category than smartphones in 2018, telco equipment maker Ericsson says in its latest report.The Swedish company reckons that IoT will grow globally at a CAGR of 23 percent during the period 2015 to 2021, it says on its website.CAGR, or Compounded Annual Growth Rate, is the annual growth rate over the period.That would make IoT a 16 billion unit player by 2021. For comparison, the entire smorgasbord of connected devices will number 28 billion by then, Ericsson says in the report (PDF), published this week.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How to control the stealth IoT invasion

IoT devices are invading the enterprise, often by stealth.  Groups and departments are selecting devices such as door locks, air quality monitors, security and control systems which require connection to the enterprise WLAN and the Internet, but with no IT input into the purchase decision.  This creates headaches for the network engineer, but they are manageable:  a basic enterprise IoT management solution requires just a handful of functions. IoT is one of the first systems built in the cloud era, and many – if not most – IoT devices are designed to work with Internet-based cloud services (the remainder will need network-specific configuration to connect to inside-the-firewall services).To read this article in full or to leave a comment, please click here

Using Macvlan and Ipvlan with Docker on Software Gone Wild

A few weeks after I published Docker Networking podcast, Brent Salisbury sent me an email saying “hey, we have experimental Macvlan and Ipvlan support for Docker” – a great topic for another podcast.

It took a while to get the stars aligned, but finally we got Brent, Madhu Venugopal, John Willis and Nick Buraglio on the same Skype call resulting in Episode 57 of Software Gone Wild.

Listen to the podcast

Land O’Lakes maps out farming’s future with Google cloud

Farmers looking for ways to increase their crop output are using more technology and relying a little less on intuition.Farmers associated with Land O'Lakes, a dairy-focused, agricultural cooperative in Minnesota, are using online tools and apps to visualize their fields and to analyze the data in such areas as water management, seed placement and crop diseases.To do that, Land O'Lakes, known for producing the top butter brand in the U.S., has turned to Google's public cloud. The company is involved in a $3.5 million project with Google and expects to see a payback on it in two to three years.To read this article in full or to leave a comment, please click here

8 reasons why your security awareness program sucks

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable human failing. The reason is that I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing. I have to admit that it is frustrating to have to argue with people who claim that awareness is always bad. They argue that since there will always be a single failing, then it is not worth the effort to have an awareness program in the first place. Of course, I vehemently disagree. However to debate people, and address their points, at least in the eyes of decision makers, you need to understand the foundation of their arguments and accept the premises that are true.To read this article in full or to leave a comment, please click here(Insider Story)

8 reasons why your security awareness program sucks

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable human failing. The reason is that I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing.To read this article in full or to leave a comment, please click here(Insider Story)

Human error biggest risk to health IT

In the race to digitize the healthcare industry, providers, insurers and others in the multi-layered ecosystem have failed to take some of the most basic steps to protect consumers' sensitive health information, a senior government official is warning.Servio Medina, acting COO at the Defense Health Agency's policy branch, cautioned during a recent presentation that too many healthcare breaches are the product of basic mistakes, ignorance or employee negligence.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "These are things that could be prevented," Medina said. "Today's training and awareness efforts that we provide currently are simply not effective. They are not enough. We have to do something radically more and different."To read this article in full or to leave a comment, please click here

Human error biggest risk to health IT

In the race to digitize the healthcare industry, providers, insurers and others in the multi-layered ecosystem have failed to take some of the most basic steps to protect consumers' sensitive health information, a senior government official is warning.Servio Medina, acting COO at the Defense Health Agency's policy branch, cautioned during a recent presentation that too many healthcare breaches are the product of basic mistakes, ignorance or employee negligence.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "These are things that could be prevented," Medina said. "Today's training and awareness efforts that we provide currently are simply not effective. They are not enough. We have to do something radically more and different."To read this article in full or to leave a comment, please click here

Top Raspberry Pi news of the week: Magic mirror; Micro:Bit gets real; more on Android

This week for our Raspberry Pi roundup, we check out a little bit of magic, check in on the competition and follow up on some exciting Android-related buzz.Magic mirror – from Microsoft? Raspberry Pi Foundation official blog The magic mirror is a popular Raspberry Pi project, combining relative ease of construction with a pretty eye-catching result – who wouldn’t want a mirror that shows you the weather, your appointments and maybe the news when you look into it in the morning?To read this article in full or to leave a comment, please click here

1 2,918 2,919 2,920 2,921 2,922 3,841