Browse Tag

Cloud

Canadian Government ‘shut down’ by cyber attack

Canadian Government ‘shut down’ by cyber attack.
Aug 17, 2020 Connections by Cara Bedford The Canadian Government came under serious and sustained cyber attack over the weekend, and was forced to shut down the majority of its online portals as a result.
Over 300,000 individual attacks were detected over the two days as hackers attempted to gain access to accounts on at least 24 government systems.
Marc Brouillard, acting Chief Information Officer for the government of Canada stated: “Early on Saturday morning a CRA (Canadian Revenue Agency) portal was directly targeted with a large amount of traffic using a botnet to attempt to attack the services through credential stuffing”.
He went on to say that out of an abundance of caution the CRA portal was shut down to contain the attack and implement measures to protect CRA services.
Federal officials later confirmed that these attacks targeted and exploited an internal “vulnerability” and used login information that had been stolen in previous hacks.
The attack led to some damaging and worrying results, with over 11,000 out of 12 million personal accounts compromised, .

Including tax accounts and online portals accessing Covid-19 relief programs

The data of thousands of Canadian citizens from their online Canada Revenue Agency accounts has potentially been breached.
The attack was so successful largely because Canadians reused old passwords on government of Canada systems, according to Scott Jones, head of Canada’s Centre for Cyber Security . Marc Brouillard stated that: “The bad actors were able to use the previously hacked credentials to access the CRA portal.
They were also able to exploit a vulnerability in the configuration of security software solutions, which allowed them to bypass the CRA security questions and gain access to a user’s CRA account”.
He went on to reassure Canadians that this vulnerability was patched and the risk of this attack vector has been mitigated.
Government officials first learned of attacks occuring on August 7, .

And contacted the RCMP on August 11

The public were informed after further attacks had taken place over last weekend.
As yet the perpetrators have not been identified.
Government officials were keen to stress that the vulnerability exploited was not in the Canadian Revenue Agency’s systems, but rather came from the hackers having obtained login credentials through previous attacks.
A ‘front door’ attack, where the bad actors logged in as regular users, rather than a ‘back door’ attack exploiting weaknesses in the systems themselves.
They did however admit that in dealing with the attacks a potential vulnerability in government security software had been discovered and repaired. This attack was particularly damaging as record numbers of Canadians are currently accessing government portals online to apply for and receive aid, as a result of the COVID-19 pandemic. Accounts that were compromised have been suspended, and affected individuals needing to apply for aid or access their online services for another reason were urged to do so over the phone.
Anyone who has been affected by the breach will receive a letter from the Canadian Revenue Agency explaining how to confirm their identity in order to protect and restore access to their account.
At the moment the RCMP and federal privacy commissioner are investigating and are unable to comment further on the attack.
Connections Blog.
Why we use cloud storage.
Aug 11, .

2020 Data storage is one of the most important issues for businesses these days

With cyber criminals and bad actors employing increasingly subtle and complex methods to infiltrate your.

Read more Cybercrime and working from home: helping remote workers stay safe

Aug 7, 2020 Home workers represent one of the biggest vulnerabilities to an organization’s cyber security network.
Connected to a home network and without the more comprehensive cyber protection.

Read more Cloud computing and its services

Jul 28, 2020 Cloud computing services have revolutionized the way that businesses manage their IT systems.
The three main types of cloud computing services.

IaaS (infrastructure as a service)

PaaS.
read more.
Share This Facebook.
Twitter.
LinkedIn.
reddit.

with Alibaba Cloud and IBM completing the top five

post.
KPMG’s Enterprise Reboot report: Hybrid outpaces multi-cloud as model of choice through Covid-19.
The potential for the convergence of technologies such as cloud computing, artificial intelligence, blockchain and 5G to alter business processes was already evident.
Yet the Covid-19 pandemic and subsequent lockdown has shone a light on how hesitant organisations ”are likely to be flattened by savvier competitors that push the edges of innovation.” Those words are taken from a KPMG report, put together alongside HFS Research, which surveyed 900 business and technical executives.
By | 4 September 2020 | CIO Google Cloud named by Canalys as best cloud provider for retail in major coup.
Google Cloud has been named as the top cloud service provider for the retail sector by research firm Canalys.
The company, in the latest research from its cloud channels analysis service.

Put Google ahead of Microsoft Azure and Amazon Web Services

with Alibaba Cloud and IBM completing the top five.

Canalys cited Google”s strength in advertising and search

as well as aggressive hiring in the sector and establishing global systems integrator partnerships to accelerate.
By | 2 September 2020 | Microsoft Azure ‘most used and trusted’ public cloud, says CCS Insight survey.
Cloud migrations are accelerating as a result of the Covid-19 pandemic – and Microsoft is the main beneficiary of this extra demand, according to new research.

The latest report from analyst firm CCS Insight

its latest annual survey on IT investment with more than 730 respondents, found the proportion of businesses with more than half of their IT workloads in the cloud is expected to double, to 56%, in the coming 12 months.

Microsoft Azure was cited as both the

By | 25 August 2020 | Alibaba Cloud posts $1.75bn revenues at 59% yearly growth rate, cites Asia Pacific dominance.
Alibaba Cloud has secured almost $1.75 billion (RMB 12,345bn) in revenues for its most recent quarter at a growth rate of 59% year over year.
The eCommerce giant, whose cloud division broke the $1.5bn mark in February, attributed the figures to increased contributions from its public and hybrid cloud businesses, reflecting higher average revenue per customer.
Total revenue for the wider company for the quarter ended June 30, 2020, was $21.76bn (RMB153,75bn) at an.
By | 20 August 2020 | Alibaba Worldwide public cloud services market hit $233bn in 2019, says IDC.
The global public cloud services market grew 26% year over year to hit a mammoth $233.4 billion (£176.7bn) in 2019, according to IDC.
The findings.

Which come from IDC”s Worldwide Semiannual Public Cloud Services Tracker

take into account infrastructure as a service (IaaS), software as a service (SaaS), and platform as a service (PaaS).
IDC argued that the public cloud services market has more than doubled since 2016.
The combined revenues of the top five providers -.
By | 19 August 2020 | IaaS MSPs have suffered amidst the pandemic – but cloud and security services key to the future.
How are managed service providers (MSPs) coping with the Covid-19 pandemic – and what does their future roadmap look like.
A new report from IT management provider SolarWinds has revealed a rocky road, but optimism going forward.
The study.

Titled ”Covid-19: Impact and Response”

surveyed 500 MSPs across Europe, North America, and Australia.
Three in five (59%) of those polled said they had applied for government financial relief programs, with three quarters (74%) of.
By | 17 August 2020 | Data Management Bharti Airtel teams up with AWS for digital transformation in India.
Indian telecoms provider Bharti Airtel has announced a strategic collaboration agreement with Amazon Web Services (AWS) to deliver cloud solutions to customers across the country.

The partnership heavily features Airtel Cloud

the telco”s multi-cloud product and solutions business.

Airtel Cloud will build an AWS Cloud Practice

as well as develop Airtel Cloud products and capabilities leveraging AWS services.

Airtel Cloud will offer customers various AWS services as part

By | 14 August 2020 | Global IaaS market worth $44.5 billion in 2019, says Gartner.
The infrastructure as a service (IaaS) space keeps on growing: new data from Gartner has argued the global market was worth $44.5 billion last year, with the hyperscalers further entrenching their positions.

The analyst firm said in a note the worldwide IaaS market grew 37.7% in 2019

with the top five players accounting for 80% of the market, up from 77% the year before.
Amazon Web Services (AWS) remained top of the shop as of the end of 2019, with Gartner estimating a.
By | 10 August 2020 | IaaS Privacy Shield ruling could lead to dark clouds ahead for hyperscalers, advocates warn.
The ending of the Privacy Shield agreement by the European Court of Justice (ECJ) could have serious ramifications for the major hyperscale cloud providers, according to privacy activists.
Privacy Shield is an EU-US agreement which ”provides companies on both sides of the Atlantic with a mechanism to comply with data protection requirements in support of transatlantic commerce”, in the words of the framework”s website statement.
Max Schrems, a leading privacy advocate,.
By | 7 August 2020 | Misconfigurations remain alarmingly common in cloud storage services, says Accurics.
Misconfigured cloud storage services are common in the vast majority of cloud deployments, with the issue expected to exacerbate, according to new analysis.
The finding comes from security provider Accurics, whose latest State of DevSecOps Report found that misconfigurations were found in 93% of cloud deployments analysed, with the majority having at least one network exposure where a security group was left wide open.
Most worrying is that many emerging.
By | 6 August 2020 | Containers ABOUT THE AUTHOR.
TechForge Media Editor in Chief James is editor in chief of TechForge Media, with a passion for how technologies influence business and several Mobile World Congress events under his belt.
James has interviewed a variety of leading figures in his career, from former Mafia boss Michael Franzese, to Steve Wozniak, and Jean Michel Jarre.
James can be found tweeting at @James_T_Bourne.
Leave this field empty if you”re human:.
Username.
Password.

NetApp Data Fabric: A la Hybrid Cloud

NetApp Cloud Volumes.
NetApp Data Fabric: A la Hybrid Cloud.

– An update from NetApp Insight 2018

November 30, 2018 2 Comments History.
For those of you who have genuinely been following NetApp as a storage company over the years, you may already know that NetApp, contrary to the popular belief as a storage company, has always been a software company at their core.
Unlike most of their competitors back in the day such as EMC or even HPe, who were focused primarily on raw hardware capabilities and purpose built storage offerings specific for each use case, NetApp always had a single storage solution (FAS platform) with fit for purpose hardware.
However their real strength was in the piece of software they developed on top (Data OnTAP) which offered so many different data services that often would require 2 or 3 different solutions altogether to achieve when it comes to their competition.
That software driven innovation kept them punching well beyond their weight to be in the same league as their much bigger competitors.
Over the last few years however, NetApp did expand out their storage offerings to include some additional purpose built storage solutions out of necessity to address many niche customer use cases.
They built the E series for raw performance use cases with minimal data services, EF for extreme all flash performance and acquired SolidFire offering which was also a very software driven, scalable storage solution built on commodity HW.
The key for most of these storage solution offerings was still the software defined storage & software defined data management capabilities of each platform and the integration of all them through the software technologies such as SnapMirror and SnapVault to move data seamlessly in between these various platform.
In an increasingly software defined world (Public & Private cloud all powered primarily through software), the model of leading with software defined data storage and data management services enables many additional possibilities to expand things out beyond just these Data Center solutions for NetApp, as it turned out.
NetApp Data Fabric.
NetApp Data Fabric was an extension of that OnTAP & various other software centric storage capabilities beyond the customer data centers in to other compute platforms such as Public clouds and 3rd party CoLo facilities that NetApp set their vision a while ago.
The idea was that customers can seamlessly move data across all these infrastructure platforms as and when needed without having to modify (think “convert”) the data.

NetApp’s Data Fabric at its core

aims to address the data mobility problem caused by platform locking of data, by providing a common layer of core NetApp technologies to host data across all those tiers in a similar manner.
In addition, it also aims to provide common set of tools that can be used to manage those data, on any platform, during their lifetime, from the initial creation of data at the Edge location, to processing the data at the Core (DC) and / or on various cloud platforms to then long term storage & archival storage on the core and / or Public cloud platforms.
In a way, this provide customers the choice of platform neutrality when it comes to their data which, lets admit it, that is the life blood of most digital (that means all) businesses of today.
New NetApp Data Fabric.
Insight 2018 showcased how NetApp managed to extend the initial scope of their Data Fabric vision beyond Hybrid Cloud to new platforms such as Edge locations too, connecting customer’s data across Edge to Core (DC) to Cloud platforms providing data portability.
In addition, NetApp also launched a number of new data services to help manage and monitor these data, as they move from one pillar to another across the data fabric.
NetApp CEO George Kurian described this new Data Fabric as a way of “Simplifying and integrating orchestration of data services across the Hybrid Cloud providing data visibility, protection and control amongst other features”.
In a way, its very similar to VMware’s “Any App, Any device, Any cloud” vision, but in the case of NetApp, the focus is all about the data & data services.
The new NetApp Data Fabric consist of the following key data storage components at each of its pillars.
NetApp Hybrid Cloud Data Storage Private data center NetApp FAS / SolidFire / E / EF / StorageGRID series storage platforms & AltaVault backup appliance.
Most of these components now directly integrates with public cloud platforms.
Public Cloud NetApp Cloud Volumes        – SaaS solution that provides file services (NFS & SMB) on the cloud using a NetApp FAS xxxx SAN/NAS array running Data OnTAP that is tightly integrated to the native cloud platform.
Azure NetApp files        – PaaS solution running on physical NetApp FAS storage solutions on Azure DCs.
Directly integrated in to Azure Resource Manager for native storage provisioning and management.
Cloud volumes ONTAP        – NetApp OnTAP virtual appliance that runs the same ONTAP code on the cloud.
Can be used for production workloads, DR, File shares and DB storage, same as on-premises.
Includes Cloud tiering and Trident container support as well as SnapLock for encryption.

Co-Lo (Adjacent to public clouds)NetApp private storage        – Dedicated

Physical NetApp FAS (ONTAP) or a FlexArray storage solution owned by the customer, that is physical adjacent to major cloud platform infrastructures.
The storage unit is hosted in an Equinix data center with direct, low latency 10GBe link to Azure, AWS and GCP cloud back ends.
Workloads such as VMs and applications deployed in the native cloud platform can consume data directly over this low latency link.
Edge locationsNetApp HCI            – Recently repositioned as a “Hybrid Cloud Infrastructure” rather than a “Hyper-Converged Infrastructure”, this solution provides a native NetApp compute + Storage solution that is tightly integrated with some of the key data services & Monitoring and management solutions from the Data Fabric (described below).

Data Fabric + NetApp Cloud Services

While the core storage infrastructure components of Data Fabric enables data mobility without the need to transform data across each hop, customers still need the tools to be able to provision, manage, monitor these data on each pillar of the data fabric.
Furthermore, customers would also need to use these tools to manage the data across non NetApp platforms that are also linked to the Data Fabric storage pillars described above (such as native cloud platforms).
Insight 2018 (US) revealed the launch of some of these brand new data services & Tool from NetApp most of which are actually SaaS solutions hosted and managed by NetApp themselves on a cloud platform.
While some of these services are fully live and GA, not all of these Cloud services are live just yet, but customers can trial them all free today.
Given below is a full list of the announced NetApp Cloud services that fall in to 2 categories.
By design, these are tightly integrated with all the data storage pillars of the NetApp Data Fabric as well as other 3rd party storage and compute platforms such as AWS, Azure and 3rd party data center components.
NetApp Hybrid Cloud Data Services (New) NetApp OnCommand Cloud Manager    – Deploy and manage Cloud Volumes ONTAP as well as discover and provision on-premises ONTAP clusters.
Available as a SaaS or an on-premises SW.

NetApp Cloud Sync            – A NetApp SaaS offering that enables easier

automated data migration & synchronisation across NetApp and non NetApp storage platforms across the hybrid cloud.
Currently supports Syncing data across AWS (S3, EFS), Azure (Blob), GCP (Storage bucket), IBM (Object storage) and NetApp StorageGRID.
NetApp Cloud Secure            – A NetApp SaaS security tool that aim to identify malicious data access across all Hybrid Cloud storage solutions.
Connects to various storage back ends via a data collector and support NetApp Cloud Volumes, OnTAP, StorageGRID, Microsoft OneDrive, AWS, Google GSuite, HPe Command View.
Dropbox, Box, Workplace and Office 365 as end points to be monitored.
Not live yet and more details here.

NetApp Cloud Tiering            – Based on ONTAP Fabric Pools

enables direct tiering of infrequently used data from an ONTAP solution (on premises or on cloud) seamlessly to Azure blob, AWS S3 and IBM Cloud Object Storage.
Not a live solution just yet but a technical preview is available.
NetApp SaaS Backup            – A NetApp SaaS backup solution for backing up Office 365 (Exchange online, SharePoint online, One drive for business, MS Teams and O365 Groups) as well as Salesforce data.

Formerly known as NetApp Cloud Control

Can back up data to native storage or to Azure blob or AWS S3.
Additional info here.

NetApp Cloud backup            – Another NetApp SaaS offering

purpose built for backing up NetApp Cloud Volumes (described above).
NetApp Cloud Management & Monitoring (New) NetApp Kubernetes service        – New NetApp SaaS offering to provide enterprise Kubernetes as a service.
Built around the NetApp acquisition of Stackpoint.
Integrated with other NetApp Data Fabric components (NetApp’s own solutions) as well as public cloud platforms (Azure, AWS and GCP) to enable container orchestration across the board.

Integrates with NetApp TRIDENT for persistent storage vlumes

NetApp Cloud Insights            – Another NetApp SaaS offering built around ActiveIQ

that provides a single monitoring tool for visibility across the hybrid cloud and Data Fabric components.
Uses AI & ML for predictive analytics, proactive failure prevention, dynamic topology mapping and can also be used for resource rightsizing and troubleshooting with infrastructure correlation capabilities.
My thoughts.
In the world of Hybrid Cloud, customer data, from VMs to file data can now be stored in various different ways across various data centers, various different Edge locations and various different Public cloud platforms, all underpinned by different set of technologies.
This presents an inevitable problem for customers where their data requires transformation each time it gets moved or copied across from one pillar to another (known as platform locking of data).
This also means that it is difficult to seamlessly move that data across those platforms during its life time should you want to benefit from every pillar of the Hybrid cloud and different benefits inherent to each.
NetApp’s new strategy, powered by providing a common software layer to store, move and manage customer data, seamlessly across all these platforms can resonate well with customers.
By continuing to focus on the customer’s data, NetApp are focusing on the most important asset organisations of today, and most definitely the organisations of tomorrow, have.
So enabling their customers to avoid un-necessary hurdles to move this asset from one platform to another is only going to go down well with enterprise customers.
This strategy is very similar to that of VMware’s for example (Any App, Any Device, Any Cloud) that aim to also address the same problem, albeit with a more application centric perspective.
To their credit, NetApp is the only “Legacy Storage vendor” that has this all-encompassing strategy of having a common data storage layer across the full hybrid cloud spectrum where as most of their competition are either still focused on their data centre solutions with limited or minor integration to cloud through extending backup and DR capabilities at best.
Only time will tell how successful this strategy would be for NetApp, and I suspect most of that success or the failure will rely on the continued execution of this strategy successfully through building additional data and data management services and their positioning to address various Hybrid cloud use cases.
But the initial feedback from the customers appears to be positive which is good to see.
Being focused on the software innovation has always provided NetApp with an edge over their competitors and continuing on that strategy, especially in an increasingly software defined world is only bound to bring good things in my view.
Slide credit to NetApp & Tech Field Day.
NetApp.

Tech Field Day Extra Azure NetApp Files

Cloud Insight, Cloud Insights, Cloud Manager, Cloud Secure, Cloud Sync, Cloud Tiering, Cloud Volumes ONTAP, Data Fabric, Hybird Cloud Infrastructure, NetApp, NetApp Cloud Services, NetApp Cloud Volumes, NetApp Kubernetes, NetApp Private Storage, NPS, ONTAP, Strategy, TFD, TFDX.
on.
on.
on.
on.
on.

Automation is a central tenet of DevOps

Application Modernisation.
Application Modernisation.
Application Modernisation.
WHAT IS APP MODERNISATION?.
The practice of app modernisation refers to the refactoring, and/or replatforming of software to take advantage of modern languages, patterns, and technologies.

When discussing in the context of the Cloud

this typically means looking at updating applications to be Cloud Native.
For example, .

Consider a standard 3 tier web LAMP app

This can be lifted and shifted directly into AWS using EC2

However, in order to realize the true potential of AWS there are a number of activities that should be explored.

Such as: Replacing the database with an AWS hosted option

such as RDS.

Building a CI/CD pipeline using CodeBuild

CodeDeploy, and CodePipeline.

Configuring an Auto Scaling Group and using putting it behind an Elastic Load Balancer

Identifying areas of code that may be candidates for splitting into a separate service, and containerising these, which can form the move towards a microservices based model, if appropriate.
Like many areas of software, app modernisation is best seen as a journey, rather than something that occurs overnight.
Asystec has experienced architects and engineers on hand to aid with every step.
DEVOPS.
Whether you’re already deeply entrenched, or just beginning to think about how to establish a DevOps culture within your organisation, Asystec are here to help.
CI/CD.
Just about every organisation both big and small are now practicing some form of Continuous Integration and Continuous Delivery.
However, .

Is there more to it than just Jenkins

Are your apps suitable for CI/CD

and if not, what are your options.
We have experience with designing pipelines for both small and complex applications and would love to talk to you about your strategy and challenges in this area.
AUTOMATION.
Automation is a central tenet of DevOps, and you can never have enough.
Asystec have skills in generic infrastructure as code solutions such as Terraform and Ansible, .

But can also help with AWS Cloud formation and Microsoft Resource Manager

Whether you have questions about infrastructure as code, configuration management, Ansible vs Chef, Terraform best practice, or just simply have legacy processes that could be improved via scripting, get in touch.
MORE.
We are also here to help provide you with guidance and services in many other areas key to developing a solid DevOps strategy, such as: Operational best practices (Release engineering, software packaging, patching, deployment, etc.), Source control management (Foundational and advanced Git, branching strategies, SVN migration, etc.) and Logging and monitoring (ELK stack, Cloudwatch, Grafana, etc.).
MICROSERVICES.
Many organisations are seeing rapid productivity gains by moving towards a microservices based architecture (https://kubernetes.io/case-studies/).
However, microservices can bring additional complexities that need to be managed, such as: How best to containerise my application.
What source image should I use, how do we know its secure?.
What orchestration platform best suits my needs, VMware Tanzu, AKS, EKS, Swarm?.
What messaging patterns should I use between my services?.
How can I monitor and observe these services?.
Asystec engineers are ready to help answer these questions and help you along this part of your Cloud journey.
SERVERLESS.

A very important piece of App Modernisation is Serverless computing

Serverless is an execution model where the cloud provider (e.g

AWS, Azure, or Google Cloud) is responsible for executing a piece of code by dynamically allocating the resources and only charging for the amount of resources and time used to execute the code.
The code is typically run inside stateless containers that can be triggered by a variety of events including HTTP requests, database events, queuing services, monitoring alerts, file uploads, scheduled events (cron jobs), etc.
The code that is sent to the cloud provider for execution is usually in the form of a function.
Hence serverless is sometimes referred to as “Functions as a Service” or “FaaS”.
On top of FaaS, Cloud providers also offer fully managed services that are also referred to as Serverless such as AWS API Gateway or AWS Fargate.
These services allow the customer to benefit from the provided functionality while not having to manage any underlying infrastructure.
Using Serverless on your next project can bring many benefits, developers can be much more agile as no infrastructure provisioning is necessary, IT Managers don’t have to worry about scalability levels or resiliency and Business Stakeholders appreciate the faster than ever lower Time-to-market and lower costs.
To leverage all the possibilities and cost-saving opportunities that come with the cloud adoption it’s necessary to adapt your workloads and development approach to the new services and resources available.
Asystec can help your team develop cloud-native modern applications.
Phone: E-mail: [email protected].
This website uses cookies to improve your experience.
We”ll assume you”re ok with this, but you can opt-out if you wish.
This website uses cookies to improve your experience while you navigate through the website.
Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website.
We also use third-party cookies that help us analyze and understand how you use this website.
These cookies will be stored in your browser only with your consent.
You also have the option to opt-out of these cookies.
But opting out of some of these cookies may have an effect on your browsing experience.
Necessary.