[Most Recent Entries] [Calendar View]
Wednesday, November 30th, 2016
- Transparency is key; more emphasis will be placed on network visibility: As organizations continue to migrate into a cloud-based environment, they must prepare for the security and control risks associated with the cloud. According to an Ixia research report, 67 percent of respondents deploy business-critical applications on the public cloud—which is often opaque. Day-to-day operations are depending on an environment with a huge visibility gap. It is expected that by 2018, 60 percent of enterprises that implement appropriate cloud visibility and control tools will experience 30 percent fewer security failures. In short, elastic and more comprehensive visibility will mean better security for the enterprise.
- Monitoring for DDoS: In recent weeks, the entire Internet infrastructure has been placed at risk. From Russia to Taiwan, we’re feeling the effects of what massive distributed-denial-of-service (DDoS) attacks can do. This type of attack was used in one of the largest cyberattacks in history that shut down 1,600 U.S. websites. We believe this trend will only continue to grow, as hackers find clever new ways to exploit IoT device vulnerabilities to launch attacks. The ability to integrate proper visibility tools looking for DDoS will be a big topic in 2017.
- Security Extending into the Cloud: A part of the push for more transparency and visibility into the cloud will translate directly into better security. It will also allow for centralized security processes to be executed and implemented across cloud boundaries. We are going to see better integrations that will expand a Security Fabric into the cloud. The results will be security that can better and automatically scale as your workloads grow and you dive further into the cloud. Cloud and security vendors will work closer than ever before.
- Not All Cloud Taps are Alike: Tapping into cloud data requires using software agents often called cloud taps, virtual taps or vTaps. They are used to monitor traffic flows, validate security, and verify container boundaries. If implemented poorly, they will degrade application performance running in the cloud. While cloud taps for public clouds are still in their early stages, quality of these taps will become a topic in 2017.
- Testing at Cloud-Scale: How much testing is enough? Every enterprise faces that question and it is even more difficult when their applications are in the cloud. When it comes to cloud implementations, simulating the environment can be done on a staging site. Simulating large traffic loads, across a range of application and attacks, encryption of different types and depth, etc. at cloud scale is much more complex. As the industry leader in multi-terabit cloud-scale traffic testing and the vulnerabilities it uncovers, we are pretty sure that testing at cloud-scale will become a bigger topic in 2017.
| Time | Event |
| 1:00p | Preparing for Today’s Changing Tech Needs at Re:Invent 2016 Jeff Harris is VP of Solutions Marketing at Ixia. From Nov. 28 to Dec. 2, industry leaders in cloud from across the United States and beyond will gather to attend the world’s largest global cloud computing conference: AWS Re:Invent. From these come five key predictions we expect to see highlighted at the show, extending to the broader world of cloud providers and users in 2017. AWS Re:Invent is one of the most anticipated and exciting events in the tech industry. Many of the trends revealed there will shape the close of 2016—and the years to come. Make sure to stop by our booth to visit our team and learn more about these trends and our partnership with AWS. Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.
|
| 9:15p | Five Things You Need to Know About the U.K.’s Mass Surveillance Law  Brought to You by The WHIR The U.K.’s Investigatory Powers Act (PDF), called the Snoopers Charter by some critics, became law upon receiving royal assent on Tuesday. The controversial legislation replaces the expiring Data Retention and Investigatory Powers Act of 2014, and will come into force in stages, as some provisions require testing, while measures forcing web companies to collect user data will be applied before the end of 2016, The Guardian reports. “The government is clear that, at a time of heightened security threat, it is essential our law enforcement and security and intelligence services have the power they need to keep people safe,” Home Secretary Amber Rudd said. “The internet presents new opportunities for terrorists and we must ensure we have the capabilities to confront this challenge. But it is also right that these powers are subject to strict safeguards and rigorous oversight.” The Guardian quoted critics, however, who say the Act is “a death sentence for investigative journalism” and “one of the most extreme surveillance laws ever passed in a democracy.” Whatever the merits of the Act, it has significant implications for service providers in the cloud and web hosting industry. Here are five of the most important of those implications.
1. Bulk Data Collection Gets Legal Backing The government has suggested that increasing transparency is part of aim of the bill. By outlining the mass surveillance powers already in use by government agencies, it also makes them law, rather than simply common practice. Under the law, GCHQ can retain Internet traffic from tapped undersea cables for “several days,” and metadata for six months, according to the Open Rights Group. 2. New User Data Storage Obligations Under the Act, service providers will be forced to store “Internet connection records” of their users. The records consist of web applications used and websites, but not specific pages, visited. Those records would then be available to government agencies, such as police, intelligence services, the serious fraud office, and others, on request. The bill also commits the government to paying the cost for service providers to comply with their new data retention obligations. 3. Government Sneak Previews for New Technology Companies receiving “technical capability notices” will be required to “notify the Government of new products and services in advance of their launch,” according to a draft of the Code of Practice (PDF), updated in October, which accompanies the legislation. This notification will help the U..K government evaluate what help, if any, it requires to deal with the new service. 4. Encryption Backdoor at Cabinet Minister’s Discretion This is the most extreme form of the help mentioned above. Section 254-256 of the final version of the act outlines the scope of technical capability notices, and says companies receiving them “may be” obligated to remove electronic protection from “any communications or data,” and appears to leave it up to a Secretary of State (of which the Home Secretary is one of 18) to decide on individual cases. 5. You May Be Forced to Hack Your Customers “Equipment interference” is the term used in the act to refer to breaking into computers and mobile devices. In addition to authorizing the use of the practice by security agencies against individual or “bulk” targets, it also gives them the power to enlist service providers to help, for instance by using their privileges to install malware onto devices. This article originally appeared here at The Whir. |
| 9:27p | ‘Deep Tech’ Dominates Plateauing European Venture Capital BLOOMBERG – For years, the rap on Europe’s technology scene was that it was dominated by consumer-oriented e-commerce companies, some of which were blatant knock-offs of successful U.S. businesses, while the real pioneering innovation was taking place back in Silicon Valley. That is no longer the case, London-based venture capital firm Atomico says in its latest annual report on the state of European tech. Startups focusing on deep technology — which would encompass the kind of artificial intelligence developed by Google’s DeepMind, or typing prediction from Microsoft-acquired SwiftKey — are drawing an increasing share of European venture funding. Deep tech accounted for $1.3 billion of European venture investments in 2015 and an estimated $935 million this year, up from just $289 million in 2011, Atomico said in its report, which was jointly commissioned and released in conjunction with the Slush technology conference in Helsinki, Finland. This deep tech investment is significant given that overall venture funding in Europe has plateaued at an average of $3.3 billion per quarter over the past seven quarters, Atomico said. This level is significantly higher than the funding levels seen prior to 2015, according to the report. “The future of technology is increasingly being invented here on the ground in Europe,” Tom Wehmeier, Atomico’s head of research, said in an interview. Atomico is headed by former Skype founder Niklas Zennstrom. This year there were 282 rounds of investment into deep tech businesses, up from just 55 in 2011, the report said. And those companies are not only in the traditional technology hubs of London and Berlin, but spread out to countries such as Finland, Estonia and Switzerland. Atomico identified Munich, Madrid, Zurich, Lisbon and Copenhagen as emerging tech hubs to watch in the coming years. Wehmeier highlighted that U.S. technology companies are increasingly developing significant engineering divisions in Europe. The appetite of these firms for European startups with deep technical expertise has been voracious, with the five largest U.S. tech companies — Alphabet Inc., Amazon.com Inc., Apple Inc., Facebook Inc. and Microsoft Corp. — making at least one acquisition a month between the start of 2014 and the end of September 2016, according to Atomico’s report. Foreign purchasers have also been consuming more established European tech companies, making 2016 a record-breaking year for European M&A in areas Atomico defines as deep tech, with at least $88 billion of transactions announced so far, compared to $8 billion last year and $3.3 billion in 2014. Two megadeals account for much of this year’s total: SoftBank Group Corp.’s $32 billion purchase of U.K. semiconductor designer ARM and Qualcomm Inc.’s $47 billion purchase of NXP Semiconductors NV. Other recent acquisitions of deep tech companies include Twitter Inc.’s purchase of London-based artificial intelligence startup Magic Pony Technology in June, and language processing company SwiftKey’s sale to Microsoft in February. While some European investors and politicians have bemoaned such acquisitions for robbing Europe of the chance to build champions of similar stature to the largest U.S. tech companies, Wehmeier said they helped seed burgeoning tech hubs throughout the region. “These deals help to put the European tech ecosystem on the map,” he said. “And they release talent and angel capital back into the ecosystem.” Tech funding remains high compared to the years before 2015, and is on track to possibly exceed 2015’s annual record of $12.6 billion, Atomico said. The number of investments already exceeds last year’s high, with 2,136 funding rounds announced in the first nine months of 2016 compared to 2,077 in all of 2015. Atomico did find a clear decline in the number of investment rounds worth more than $25 million. Wehmeier said some of this slowdown was due to German startup incubator Rocket Internet SE raising fewer large rounds for its portfolio of e-commerce companies, but that investor appetite was weaker for deals this size. “Our view is that this is not necessarily a bad thing,” he said, arguing that in the past some companies raising large rounds overexpanded and got into trouble. The venture firm also found that European tech firms continue to find it harder to raise late-stage financing from investors in the region than their peers in the U.S. It said that this “funding gap” amounted to about $25 billion annually. Some of this gap exists because, unlike in the U.S., European universities don’t have multi-billion dollar endowments. But, the report said, the entire gap could be closed if European pension funds, which traditionally have shied away from investing in young tech companies, could be persuaded to place an additional 0.6 percent of their assets under management into venture capital. Right now, U.S. venture funds help fill some of this hole. This year, about 27 percent of all venture funding in Europe came from U.S. firms, up from 24 percent in 2011. And there are more coming, with at least 150 making one investment in Europe in 2016, Wehmeier said. Sources of capital from within Europe are becoming more diverse: the U.K. and Ireland’s share of European venture funding has declined to 21 percent this year from 31 percent in 2011, while funding from firms based in Germany, Austria and Switzerland and the Nordic region has grown in relative terms. In a survey of European tech founders, investors, employees and students conducted for the report, Atomico and Slush found little impact from Britain’s vote to leave the European Union. Eighty-two percent of U.K. tech founders said the Brexit decision had so far had no impact on their business. U.K. survey respondents were also slightly more optimistic about Europe’s tech scene in general than others. Forty-eight percent said they were more positive about it than a year ago, compared to 46 percent of all respondents. Overall, only 12 percent of those surveyed said they were more pessimistic about tech in Europe than in 2015, while the remainder said their feelings were unchanged. |
| 11:35p | Intralinks Builds Second DC to Keep Customer Data Secure Behind German Border The tendency for our world to get smaller may have reversed itself, if just temporarily, in 2016. With Great Britain preparing to get ready to start the initial beginnings of a first phase of an initiative to leave the European Union, and with the United States wasting no time building its bridge to the 20th century and beyond, New York-based SaaS collaboration provider Intralinks announced Wednesday its intent to build a second data center facility in Frankfurt, Germany, to help its clients navigate this rapidly growing world. It’s no initiative, or even the beginnings of one. As Intralinks CTO Richard Anstey told Data Center Knowledge, it’s an effort to enforce the underlying connections between applications and customer data, in such a way that personally identifiable data never actually crosses borders into potentially dangerous foreign territories. Logical Location“Organizations that store and process personally identifiable information (PII) pertaining to E.U. citizens must follow a detailed set of rules, or face fines of up to 4 percent of global turnover (if their failure to follow the rules results in a breach of privacy),” Anstey told us. “The Intralinks Trust Perimeter is a set of controls, both technical and legal, that will help organizations to satisfy the regulation — especially when their business process requires them to share information beyond their own organizational boundaries.” It’s an intriguing system that takes advantage of an emerging definition in European law, as Anstey explained to us, regarding the location of encryption. Common sense might tell you that encrypted data housed on servers located in a country, is effectively hosted in that country. But common sense and European law are two concepts often separated by a variety of common languages. In this case, said Anstey, there is an emerging split between the concepts of logical location and physical location, the latter becoming more and more irrelevant from a legal perspective. “The logical location is defined as the point of control of encryption,” said the CTO, “and some (including Gartner) have stated that this is the definition of location that will become more important over time.” Under the terms of the E.U.’s General Data Protection Regulation, each member state is independently responsible for enforcing the directive, by means of its own data protection authority (DPA). It’s the DPA that has the authority to impose fines. But because Internet data may cross many European state boundaries, it may come under the scrutiny of several DPAs along the route to its final destination. Thus the need for Trust Perimeter — a kind of “line-in-the-sand” which maintains the logical location of encrypted customer data at one central point. That point is Frankfurt, thus the need for Intralinks’ second data center. Beyond stating it’s working with Deutsche Telekom subsidiary T-Systems in the development of its Frankfurt #2 center, Anstey declined to go into further details, for what he said were security reasons. A New World of UnsharingWith Trust Perimeter centered in what has already become the cloud nexus of Europe, Intralinks’ customers will maintain control of encryption key distribution. This offers the bonus capability, Anstey said, of “unsharing” previously distributed, encrypted information, simply by invalidating the key with which it was originally signed. Just last Tuesday, the U.K.’s Investigatory Powers Act became official royal law, requiring UK-based ISPs to maintain customer browsing data, and other sensitive items, for at least 12 months. Some doubts have been raised that the E.U.’s regulations would be enforceable in the U.K. following the split. This while Brexit may yet get under way, and a (very) new administration sets up shop in Washington. We asked Intralinks’ Anstey, how these global tectonic shifts may effect the landscape for its own customers. “The GDPR applies to the handling of personally identifiable data of E.U. citizens by any organization on the planet,” he responded. “U.K. being in or out of the E.U. doesn’t change the applicability of the GDPR for organizations handling this type of data. It is possible that post Brexit, the U.K. could join the U.S. on the list of countries whose laws do not satisfy the E.U. as being ‘safe’ for data storage and processing. “This is where the legal elements of the Intralinks Trust Perimeter can help by establishing legal mechanisms by which data can be transferred beyond the ‘safe’ countries. Nobody knows how this will play out in the future. Some organizations may prefer to have data stored in the U.K. post-Brexit, while others under different regulation may feel the need to store and process data within the E.U. Either way, with the Intralinks Trust perimeter, we now have them covered.” What are some of the options available to Intralinks clients who may be transacting with systems in the U.S., and are those options likely to be adjusted after January? “Legal options available as part of the Trust Perimeter include a set of contractual controls known as the ‘E.U. model clauses,’” responded Anstey, “as well as adherence to the E.U./U.S. Privacy Shield framework. We are not aware of any specific changes associated with the future Trump administration, but will be watching closely to ensure we continue to provide suitable optionality to our customers.” |
| << Previous Day |
2016/11/30 [Calendar] |
Next Day >> |