Security’s Next Era: Big Data Security Analytics

Strap yourself into your seat for the big data security analytics show, for it’s coming to a town near you. Carnival barkers from every walk of life will want you to come into their tents to see the latest and greatest show on earth: the big data security analytics show.

You will want to understand why using evolution charts, Venn diagrams, Pareto charts, and Pivot tables can or will help. You’ll want to see what association rules, clustering, decision trees, and forecasting can do for you. And you will want to understand the difference between analysis and knowledge, as it’s applied to security.

You will also want to make the distinction between whether you have to hire a data scientist or not and whether this will solve your immediate problems. You will also want to consider which approaches you could take that will produce the most value in the short, medium, and long term for your company and career.

To be useful, security analytics must take the large volume of data that can be collected and take three actions with the data, as follows:

  • Reduce voluminous data and identify the pattern that matters,
  • Use the information to enable a timely and appropriate in-situ response, and,
  • Use the data to make adjustments – after the fact.

Continue reading

IBM Expands BlueMix DevOps Offerings: Delivery Pipeline

IBM introduced BlueMix about a year ago in the winter of 2014, a first step toward Platform-as-a Service Cloud Development. BlueMix is a language-agnostic Cloud development platform (IBM calls it a “Composable Services Development Environment”) serving Java, Javascript, Node.js, Go, PHP, Python, Ruby, and open enough to accommodate other SDKs and API sets that developers may install there:

  • Built On Open Standards – OpenStack and CloudFoundry
  • Providing Integration via Cast Iron to Systems Of Record
  • Designed For Mobile (MobileFirst initiative)
  • Offering more than a dozen Watson cognative computing functions
  • Providing a DevOps Environment for Integrated Development and Deployment

See 1336RA, IBM’s Hard Dollar Investments in SoftLayer: BlueMix and Beyond, 27 February 2014.

Now IBM has introduced an enhanced delivery pipeline in support of DevOps on BlueMix. The delivery pipeline enhancements expand previously introduced capabilities focusing on the build-test-deploy-production end of the process, automating the build process, functional testing and deployment to one or more production environments. Everything is configurable and fully automated in this process: inputs (from Git), triggers (on push, manual or when a stage completes, and jobs (build, deploy, test). Stages now may have multiple jobs in a sequence. The delivery pipeline provides a continuous stream of feedback from job execution. Continue reading

Mocana Partners with SAP to Boost Mobile Productivity

Mocana began as a technology provider of embedded systems security in 2004. Over the years Mocana has broadened its scope and identified two potential markets to address: one, the need to protect mobile devices and, two, to protect apps and the data on them. Mocana launched its Mobile Application Protection platform in 2011 with support for Android apps, and added iOS app support in 2012.

In 2012 Mocana raised $25 million in Series D funding, bringing total investment to $47 million, to expand its opportunity around its Mobile App Protection software. Trident Capital led the round, joined by existing investors Intel Capital, Shasta Ventures, Southern Cross Venture Partners and Symantec.

Mocana’s nearly two-year partnership with SAP, launched in May 2013, has taken a back seat to SAP’s single-minded focus on promoting its HANA platform. However, over the past twenty months, Mocana Atlas has emerged as a leading platform for delivering secure, high-productivity mobile integration with SAP solutions.

Mocana recently commissioned a research study designed to validate its economic benefit and now stakes a claim to user productivity improvements leading to improved application time to market and and cost savings resulting from that.

According to Ranjeet Vidwans, vice president of marketing at Continue reading

CIO-CTO Panel – Technology, Vision and Leadership: The Digital Business Era (CBS14)

On November 12th, 2014, Saugatuck Technology held its 4th annual Cloud Business Summit at the Yale Club of New York City. As with prior Summits, our event brought together more than 100 large-enterprise CIOs, CTOs and senior business, marketing and finance leaders – to explore how they can and are realizing value from the Cloud. The key focus this year was the significant impact that Cloud is having in shaping core business strategy, as we evolve into the era of Digital Business.

In a featured CIO / CTO panel entitled “Technology, Vision and Leadership: The Digital Business Era,” Saugatuck Research Fellow Mike West spoke with several senior IT from diverse organizations – Malcolm Frank, EVP and Chief Strategy Officer at Cognizant Technology Solutions, Rich Roseman, former CIO at 21st Century Fox, Daniel Widera, CIO at Veolia – who were asked to consider the following contextual issues:

  • How can IT leaders optimize traditional and emerging resources, internally and externally?
  • How should IT leaders rethink getting work done and delivering operational excellence?
  • What changes must be made to realize the enormous potential of Digital Business?

The panelists were posed the following Continue reading

Net Neutrality – Enjoy the Media Circus, Hurry Up and Wait for Real Change

What is Happening?

Earlier this month in a Wired article, the chairman of the Federal Communications Commission (FCC) proposed stronger government regulation of the Internet. Chairman Tom Wheeler suggested that Internet service providers (ISPs) should not give preferential treatment to some users by blocking content or creating “fast lanes.” Wheeler suggested regulating the ISPs by changing their status to be under Title II of the Telecommunications Act. Title II status means the government would regulate the Internet as a public utility.

President Obama had already chimed in, asserting that it’s essential to the economy to “keep the Internet free and open” by protecting net neutrality for everyone. He says there should be “no gatekeepers of content” and that we need to make net neutrality a “legal obligation” for ISPs. He goes on to ask the FCC to reclassify the Internet as Title II. The Internet, he says, is “an essential part of everyday communication and everyday life.” Consumers, not the ISPs, should decide what Web sites they want to access. Obama’s statement lists four main categories of rules:

  1. No blocking,
  2. No throttling,
  3. Increased transparency, and,
  4. No paid prioritization.

The five-person FCC panel will vote on the 332-page proposal for the order on Thursday, February 26. The FCC will not release the plan to public before the vote. According to those who have seen it, eight of the pages are regulations, 79 pages are details of the provisions, and the rest are references and comments. The expectation is for the FCC to adopt the proposal.

FCC commissioner Ajit Pai, made a statement on Feb. 10 saying that, “the American people are being misled.” In a counter to President Obama’s and Chairman Wheeler’s assertions, Pai sees “adverse consequences to the entire Internet economy” should the rules become law. He says these are “vast, yet vague regulations” with “exogenous political influences.” Pai emphasizes that the plan:

  • Regulates rates,
  • Claims no competition exists for the majority of Americans,
  • Scrutinizes all options but unlimited,
  • Tolerates the FCC micromanaging the Internet,
  • Allows class action lawsuits against providers,
  • Regulates ISPs utility-style, and,
  • Opens door to billions in new taxes on Internet.

Continue reading

The Secret in the Clouds – Inconsistent Service Delivery

As a result of ongoing discussions with users and providers of Cloud infrastructure, Saugatuck has identified that Cloud infrastructures are not immune to the fundamental characteristic of any shared resource: resource sharing can result in variable service levels.

In a recently published Strategic Perspective, Saugatuck explains why Cloud infrastructures deliver inconsistent service. Saugatuck urges Cloud users to perform ongoing monitoring of performance of key Cloud-based workloads and offers some possible approaches for dealing with inconsistent service, including: Continue reading

Agility, Microservices, and Digital Business

What is Happening?           

Microservices is a new emerging architecture that is designed to operate well in Cloud environments. Microservices is often contrasted with traditional monolithic architectures – where instead of single cohesive applications, individual services are developed separately and connected by using interfaces – often RESTful APIs.

Because these APIs effectively abstract the inner workings of each service, Microservices can be developed using a variety of languages and technologies that best suit the service’s performance characteristics and requirements. This abstraction also allows the service to be upgraded under continuous development and deployment practices without interrupting the service, as long as the interface does not change.

Microservices architectures tend to scale well horizontally. Unlike Monolithic architectures, as load increases on any one service, it is possible to scale that service independently of the others. This allows better usage of resources, and also caters well to the Cloud, where it is possible to purchase very granular amounts of infrastructure for highly elastic and responsive scaling.

There are downsides though – primarily in the form of increased developmental and operational complexity from maintaining individual services, interfaces, and scaling resources. Microservices necessitates high-levels of automation, both in rolling out updates and deploying new services, to auto-scaling, load balancing, clustering, and fault-tolerance. Additional considerations need to be made into how applications are able to handle degraded service, since when individual services fail (and they will) the entire application doesn’t necessarily fail.

Finally, the Microservices approach plays well with legacy applications. In many cases, this is where Saugatuck expects to see the greatest adoption of Microservices in the enterprise. Because the services communicate through interfaces and are not bounded by the use of existing technologies / languages / databases, they are well suited to be added on to existing systems when additional features, functions, or performance are needed. Examples might include simple analytics services for regressions, additional small webpage applets, or asynchronous notification processes. Continue reading

Featured Presentation with Kit Beall, VP Cloud at Cisco (CBS14)

On November 12th, 2014, Saugatuck Technology held its 4th annual Cloud Business Summit at the Yale Club of New York City. As with prior Summits, our event brought together more than 100 large-enterprise CIOs, CTOs and senior business, marketing and finance leaders – to explore how they can and are realizing value from the Cloud.

The key focus this year was the significant impact that Cloud is having in shaping core business strategy, as we evolve into the era of Digital Business

In this Featured Presentation, Kit Beall, VP Cloud and Managed Services at Cisco discusses Continue reading

Featured Presentation with Teesee Murray, RVP CloudSuite at Infor (CBS14)

On November 12th, 2014, Saugatuck Technology held its 4th annual Cloud Business Summit at the Yale Club of New York City. As with prior Summits, our event brought together more than 100 large-enterprise CIOs, CTOs and senior business, marketing and finance leaders – to explore how they can and are realizing value from the Cloud.

The key focus this year was the significant impact that Cloud is having in shaping core business strategy, as we evolve into the era of Digital Business.

In this Featured Presentation, Teesee Murray, RVP CloudSuite at Infor discusses Continue reading

SAP S/4HANA is More Core Business Re-invention

What is Happening?

At the New York Stock Exchange this Tuesday morning, SAP took the wraps off of the most substantial overhaul of its core business management software in 20 years, positioning it and the company as simpler, faster, more intuitive, and more frictionless paths to Cloud-based enterprise business management for customers and partners both existing and new.1523Graphic-V2
Our summary:What SAP showed, and what it means to SAP, its customers, and its partners, is summarized below. In-depth analysis and guidance on what SAP presented and promised is available to clients of Saugatuck’s CRS subscription research service.

  • SAP unveiled the fourth-generation Business Suite 4 SAP HANA (S/4HANA), spotlighting its abilities in Financial and business performance analytics, reporting, decision-making, and planning, although the demos did include other aspects of enterprise business management. Major emphases by SAP included S/4HANA’s “smaller footprint,” along with increased speed and an “on-demand” nature of data processing, analytics, and reporting. SAP claims that the total footprint of the new suite is 90% smaller than its current Business Suite, and data processing/analytics/reporting is 3x to 7x faster, both due to a combination of in-Cloud and in-memory processing.
  • S/4HANA runs on-premises, in Private Clouds, or in Public Clouds, and across all types of business computing devices via a unifying UI built with SAP’s Fiori. SAP demo’d the UI working on tablets, traditional PCs, and a smartwatch. Fiori uses HTML5 and CSS via an SAP network gateway to reach the S/4HANA back-end and any linked resources. According to the demo today, some Business Suite apps do not work with the new UI; those that do not will be updated based on “customer- and partner-driven priorities.”
  • Some of the most compelling emphasis today was on what SAP is calling “Guided Configuration”,e., Cloud-based, in-app S/4HANA setup for customer situations. SAP founder Hasso Plattner jokingly apologized to partner consulting firms for reducing their future business as a result of the Guided Configuration capability, which we expect will be most useful where S/4HANA is running as a SaaS offering in a Public Cloud.

Why is it Happening?

As we blogged in May 2013: SAP knows that to remain not just relevant, but dominant, it must reinvent itself from the inside out. Continue reading