Happy Valentine’s Day, Happy President’s Day |
And so much more. Did you know that February was Canned Food Month? Potato Lovers Month? Sinus Pain Awareness Month? Or that the second week of February was Flirting Week while the fourth week was Pancake Week? Amazing what you can find on the Internet.
I am so surprised to realize that January's already over. If the rest of the year goes this fast, we're going to have a hard time keeping up. According to SHARE (IBM User's Group), the things to watch for are:
• More data, and more storage systems, including non-traditional business files such as graphics, video, email files.
• More service-oriented architecture, and integrating business process disciplines with SOA.
• More open source brought into the corporate data center.
• More compliance pressure, from external, governmental, and internal sources.
• More data governance and accountability in order to understand the mountains of data that have been created.
• And, doing all of these "mores" with less. Companies are turning to automation to handle increased compliance, complexity, and security concerns.
Here's the schedule. Or you can view the complete Schedule on our website.
CSTA Web sessions:
February 7,8
March 7,8
CSTA classroom sessions:
February 22 - Washington DC area
February 28 - Atlanta
March 15 - Chicago area
March 27 - New York City area
UITJ (Understanding IT Jobs) Web sessions:
February 8
March 8
TR Web session:
February 13
March 21
Keep in touch . . .
Back to top
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Storage Management, Current and Future
In fact, this is one of the most interesting points in this most important area of IT. Storage management is much more than keeping track of disks and tapes and the information stored on them. It needs to include capacity management, backup and recovery procedures, security systems, disaster recovery processing, and network management abilities. It must manage both the hardware and software, and must incorporate new technologies in both. Companies today are saving terabytes of data – trillions of bytes. This continues to grow as more and more data is provided with video and audio which take up lots of space. Huge volumes of data need to be stored in a manner that provides fast access to details which involves technologies such as indexing. Storage management is one of the most important jobs in all of IT. This is the job that lets companies store, access, update, and protect their data.
Capacity management usually refers to servers and processing capabilities. It also, however, refers to storage – both the physical storage and the software that manages the data stored on the physical units. Virtualization systems create a pool of the available physical devices and allocate space as needed. The software controls the actual space and can use inexpensive disks as temporary storage devices during execution and move them to permanent storage depending upon use and importance.
Backup and recovery systems provide automatic snapshots of data at scheduled times or events. Today's systems allow users to set policies that meet compliance requirements or corporate governance standards. Systems are also providing disk backup rather than the traditional tape backups. This provides faster speeds and random access for the backup and the retrieval process.
Storage security has many functions. One of the growing functions is identity management, which manages identities across various applications and networks. It's an integrated system of business processes, policies and technologies that controls users' access to online applications and resources. These systems protect confidential personal and business information from unauthorized users, and can include user authentication, access rights, access restrictions, account profiles, passwords, and other functionality. Data encryption on disk is also becoming more popular. Data is typically encrypted when moving from one system to another, but companies are investigating leaving critical data encrypted in storage so even if hackers get into the system, they only retrieve the encrypted data. New hardware systems can handle the encryption automatically, and hard drives for PCs can provide the same security.
Disaster recovery certainly is a major part of storage management, and for the first time ever it's top on the list of corporate concerns. One of the most important functions of disaster recovery is backup and recovery, in particular off-site storage of the backup data. The SMB (Small and Medium Businesses) market is most interested!
Network management, specifically SANs (Storage Area Networks) have become standard, as any company managing a terabyte of data probably has a SAN. This means that storage management must now encompass all the knowledge and skills necessary for network management.
Storage predictions
As storage management becomes more and more important, it also grows in functionality. Byte and Switch* has made predictions for activity in 2007 which include:
• HPC (High Performance Computing) will move beyond new processors to new types of storage that break current ceilings of size and speed.
• Data classification and search engines will grow, and will work together.
• Storage management functions will commonly be provided as a service, and the kinds of services on the rise include online backup, email hosting, and disaster recovery.
• Data protection, which includes backup, archiving, compliance, and security issues, like encryption and disaster recovery, will become a focal point for storage networks.
• Storage resource management will remain tied to vendor equipment, and software that manages devices from multiple vendors will not grow.
• Buzzwords including CDP (Continuous Data Protection) and de-duplication will disappear as vendors move towards disk backup systems.
• All email will be archived.
• Paper will finally - and significantly – diminish.
Remember, these are predictions. But they are based on current trends.
*Byte and Switch is an online magazine launched in 2001 that contains news about storage networking.
Back to top
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. What's the newest musical instrument that's dependent on computers?
2. What's C3 vision?
3. Which development approach is better – open source or SOA (Service Oriented Architecture)?
4. Which DBMS (DataBase Management System) is growing the fastest?
5. What new product provides two-factor authentication incorporating passwords?
Back to top
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As you probably know, CSTA, Computers: Systems, Terms, and Acronyms, is constantly being updated. We actually only print a three-month supply of lecture guides at a time because we know there will be changes! We do, though, pay special attention at the beginning of the year. I think we all have that "start the new year right" attitude, so we make sure that we've got the latest technologies in CSTA.
The 2007 version of CSTA is already in use. We're reflecting what's happening in the industry by adding new coverage about data. Data integration is growing in importance almost daily. A few years ago all the data needed by an application could be found in a specific database or file. Well, that's just not so when we look at BI (Business Intelligence) and business management systems. These technologies require information from the Sales database, the Customer database, the Collections database, the Employee database, etc. New technologies include MDM (Master Data Management), federated queries, Data hubs, etc. We've gotten fairly used to BI, now BI is evolving into BPM (Business Process Management), now coverage includes the business management functions.
Software development is embracing SOA (Service Oriented Architecture), open source development and EA (Enterprise Architecture), so we've added coverage of these topics. And expanded the coverage of J2EE and .NET. We've also added detail to the security section – a part of IT that's always important – and always growing! We build safeguards, hackers break in, we need new technology.
This is just a quick look at the changes already included in CSTA. And be prepared for more; the IT gurus predict a dynamic and active 2007.
Back to top
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Security
Security is always important, and always growing in importance! Companies are maintaining more and more data to satisfy business intelligence needs and government regulations. The Internet grows in use as more and more people work online – both personally and professionally. How do we keep our work and data secure? With lots of growing, and changing, security.
authentication Security process. Checking whether a user, or a network point, is who or what it is declared to be. The most common method is through usernames and passwords. Another method, digital certificates, is a stricter form of authentication for online systems (including the Internet) where a Certificate Authority (CA) ensures the authenticity of the person or location. Authentication works both ways - both the sender and the receiver of the communication can be authenticated.
CDP (Continuous Data Protection) Security technology that immediately backs up data as it's changed, allowing users to instantly return to any point in time to recover a deleted, corrupted or modified file. Provides real-time backup through various means, e.g., by backing up changes as they occur and replicating them to a security device and to a secure offsite location.
encryption Altering data so that it is meaningful only to the intended receiver. There are several ways of encrypting, or coding, data. Data is encrypted by keys, and both the sender and the receiver must have the same key. A key is a value associated with a mathematical algorithm, and the longer the key is, the harder it is to break the code. Standard keys vary in length from 56 to 128 bits. Keys are also defined as secret (or symmetric), or public (asymmetric). Secret keys have a single key, or formula used to both send and receive the information. Public keys have two keys (formulas), one to send and one to receive. With a public key, even the sender cannot de-crypt a message.
dynamic profiling Security technique where all interactions between users, Web servers, databases, and other resources are monitored to automatically build a profile of an application's normal structure and dynamics. Then, actual traffic is compared to these profiles to identify and block potentially malicious activity of any kind. Profiles are continually updated to ensure the accuracy of the profile over time.
federated identity Security technology where access to programs and data is provided based on a user's identity which is verified through passwords or biometric data. Users have multiple disconnected identities across the Internet and other networks, and a federated identity will work with all the disconnected authentication systems. Based on OASIS SAML (Security Assertion Markup Language) and Liberty Alliance.
firewall System security. The software and/or hardware used to block certain kinds of traffic to corporate information systems from the Internet and corporate online systems. Used to keep out hackers and any unauthorized access. Firewalls work with ACLs (Access Control Lists) to allow only authorized access to corporate systems and information. Firewalls are usually software products that run on system servers. A dedicated computer running the security software is called a firewall appliance.
graphical password Security technology. Authentication system that uses images rather than text. Users must select images in a specific order. For example, a user could select a specific building from a selection of several building types. The next selection could be a room in the building, the next a piece of furniture or equipment in the room, and so on. Because most people choose meaningful words for text-based passwords, images could provide better security as someone trying to break into a system would have to make the correct guess from many images on many pages. The images are presented through a GUI (Graphic User Interface), and is sometimes called GUA (Graphic User Authentication).
identity management Security function that manages identities across various applications and networks. Provides an integrated system of business processes, policies and technologies that controls users' access to online applications and resources and protects confidential personal and business information from unauthorized users. Can include user authentication, access rights, access restrictions, account profiles, passwords, and other functionality.
IDS (Intrusion Detection System) Security software that monitors networks and reports on any unauthorized attempts to access any part of the system. These systems vary in complexity from producing a report of unauthorized access attempts, to sounding alarms, calling beepers, identifying the unauthorized user, and even tracking an intruder through a Website or system.
IPS (Intrusion Prevention System) Security system that usually consists of both hardware and software - a device that does nothing but monitor traffic looking for possible attacks. The appliances monitor network traffic for anomalies and automatically drop associated packets thus cutting off attacks before they can start and blocking viruses, even if unknown. IDS (Intrusion Detection Systems) recognize only known attack patterns and flag intrusion after the fact.
penetration test Testing that validates the security measures on an environment or system. Actually uses hacking techniques to see where weaknesses and/or holes in the security measures exist. Penetration testers are sometimes called "ethical hackers." Penetration testing is also called intrusion detection and red teaming.
PKI (Public Key Infrastructure) Security technology. Uses different keys to establish confidentiality and authenticate that information does come from the sender. Two keys are used: a private key which is kept confidential and a public key that is sent to potential correspondents. A document that is encoded with one key can only be decoded with the other. Encryption is handled totally by software. Called asymmetric keys.
Private key encryption Security technique. Uses a single key known to both sender and receiver that is used to encrypt and decrypt information. Also called symmetric keys.
sandbox Communications. Security issue. Term used with Java systems to describe the security controls on Java applets. Java applets are stored by browsers in a protected area called a sandbox. This is done to ensure that the applet cannot affect the user's systems. The sandbox also limits the applets access to Websites to those on the same Web server as the applet.
security token Communications. Security device. Often in the form of a smart card, but can be any small device. The user has a PIN (Personal Identification Number) that permits access to a number provided by the device which, in turn, allows access to a secured technical area. The device number is changed as often as every five minutes.
VPN (Virtual Private Network) Security system that uses public wires to transmit private data. Usually used by companies to use the Internet to give remote users access to internal corporate networks. Includes encryption and encapsulation functions. Creates virtual tunnels across the Internet. There are two types of VPN technologies used on the Internet today: the trusted VPN and the secure VPN. Trusted VPNs are managed by ISPs (Internet Service Providers) by defining paths through their networks to ensure that customers' traffic is routed over a trusted path. There is no equipment to buy, requires no maintenance, and often has a service-level agreement. Secure VPNs, protect traffic and provide privacy, authentication and data integrity through encryption. They can be managed by either the user or the service provider. A hybrid VPN combines the two technologies.
Back to top
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. Musical T-shirts. Air guitarists of the world, your days of silent strumming may soon be over. Scientists in Australia just announced they have created a T-shirt that produces sounds to match the strumming of an air guitar. The shirt has built-in sensors on the elbows that track arm movements. Information is then sent by wireless technology to a computer, which generates music from the gestures.The musical T-shirt is a promotion for a a more serious technology. The main use will be for developing physiotherapy devices in the the health and sporting sectors.
2. C3 vision is "cortically coupled computer vision system." Now, that means a new brain-computer-interface technology could turn our brains into automatic image-identifying machines that operate faster than human consciousness. Researchers at Columbia University are combining the processing power of the human brain with computer vision to develop a novel device that will allow people to search through images ten times faster than they can on their own. Fully supported, no surprise, by DARPA (Defense Advanced Research Projects Agency). The technology would allow hours of footage to be very quickly processed, so security officers could identify terrorists or other criminals caught on surveillance video much more efficiently.
3. Actually the word "better" is an important word in this question – whenever you see that word, the answer is probably "neither!" In fact, both these approaches to software development are being used by more and more companies, both are concerned with creating reusable software, and they're completely compatible. Many companies use both – very successfully. SOA creates functional programs called services, publishes information about these services in a directory, and follows standards that ensure compatibility with all the services. Open source creates functional programs that are "open," which means that the code is available to anyone who uses the software.
4. MySQL – adding more information about open source! MySQL is an open source database, and is being used more and more by corporate America. In fact, it is the fastest growing database out there.
5. BioPassword. Users can be authenticated in various ways. They can provide information (something they know), biometrics (something they are, e.g. fingerprints, retina prints), or a device (something they have, e.g. a key or a security token). BioPasswords provide two-factor authentication by checking each users unique typing pattern (something they are) and the actual password provided (something they know).
Back to top
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SemCo Enterprises, Inc. respects your privacy. We do not sell, rent or share your information with anyone.
|
Forward to a Friend! 