Friday, January 24, 2014

Cut the lines! Flood the moat! Pull up the drawbridge – we are under attack!

In the days of the cold war, we were all spectators to an arms race but with the end of the cold war, we rarely use this expression. However, events of the last couple of months have made us realize that indeed, the race is on, yet again …

This week I participated in the half-yearly sales meeting of Integrated Research, the company who brings you the much-deployed Prognosis monitoring solution. When it came time to sit down with the account teams responsible for NonStop systems and Payments platforms, the topic of fraud (and its detection and neutralization) wasn’t far from their minds – routinely through the day, we made references to the most recent attack on Target, affecting almost one in five Americans.

In the introduction to the post Cruising to EMV eventuality? to ATMmarketplace on May 17, 2013, I wrote of a trip only a few years before to St Petersburg, Russia. Back then, the topic of the day was the ATM attack that pilfered some US $40 million from unsuspecting banks, the majority of which were in New York. In that post I quoted a story that appeared in the Wall Street Journal  that told of one of the biggest ever bank heists, when a global cybercrime ring stole $45 million from two Middle Eastern banks by hacking into credit card processing firms and withdrawing money from ATMs in 27 countries.

I also wrote about the surprise I had when I read of how "investigators said they found an email exchange with an account associated with a criminal money laundering operation in St. Petersburg, Russia, describing wire transfers." Only a couple of years earlier Margo and I had paid a visit to St Petersburg when our cruise ship pulled into the port for an extended stay. We took the opportunity to take in the sites, and among the most stunning we have seen anywhere in Europe was the restored palace of Catherine the Great. The photo at the top of the post is of Margo in one of the restored gilded rooms, with myself as photographer visible in the mirror.

On shore, I couldn’t help noticing just how many cafes lined the canal and how full they were of people, oblivious to the tourists that passed by, hunched over their laptop computers. I recall being told at the time, I posted to ATMmarketplace, how it was sad to see so many unemployed PhDs simply filling in time before playing chess in the afternoon. However, it was left to others to suggest that their pastime included activities far removed from playing chess.

It would now appear that the attack on Target and other department stores had a connection with St Petersburg as well. According to CIO.com, “the card-skimming malware used to steal the credit card data of up to 110 million Target customers was ‘off-the-shelf’ malware created by a 17 year-old Russian programmer from St Petersburg. In the article, Target Malware Written By 17 Year-Old Russian Teen From St Petersburg, Firm Claims the US security analyst, IntelCrawler, has claimed. IntelCrawler “names (the teenager) as 'ree[4]', a multi-talented Russian cybercriminal and author of a range of hacking tools, including BlackPOS itself. The firm even tracked down his real name, complete with photographs of the alleged culprit.”

Furthermore, while “It is not clear that this individual has any direct connection to the actual Target attack,” IntelCrawler’s president, Dan Clements, acknowledged, “He is still visible for us, but the real bad actors responsible for the past attacks on retailers such as Target and Neiman Marcus were just his customers.” So what is it with St Petersburg? If other visitors make the same observations as I did, why can’t we just cut all the phone lines into this city? With each attack I have to believe this café society will only get bolder and the sheer brazenness of their pursuits escalate further.

It’s tantamount to a declaration of war by the intellectuals of St Petersburg! Perhaps this is, indeed, what is taking place. For participants in the January 8, 2014, webinar Meg Whitman & George Kadifa: Transforming your IT Organization and Creating Business Value, HP CEO declared it an arms race, when the subject of security was raised. I cannot imagine a better description of what’s taking place than what HP’s CEO has observed; you can raise the bar but it simply creates a new objective for the bad guys, and they will eventually find a way over.

And, if it is war – what tools do we have to repel such attacks. Clearly, coming away from the IR sales meeting, monitoring represents a great starting point. As one recent IR hire with deep industry knowledge reflected, “surely someone should have noticed that along a string of ATMs there were withdrawals (all at the maximum allowed) from a rarely-used loyalty card connected with a bank almost nobody accessed!” You would have thought alarms would have sounded pretty quickly but now, in hindsight, we aren’t so sure. When you have displays showing groups of cards in buckets, according to type and issuer, then surely this had to have stood out for all and sundry to see!

Perhaps we shouldn’t be too hard on the operators. Perhaps the real answer lies elsewhere, and could lead us into discussions about one of the true value prospects from integration with Big Data. Central to much of what IR has begun deploying with its latest release of Prognosis are new capabilities providing Business Insight, and it’s not hard to see some of the properties of Business Insight being utilized to predict escalating hostilities from the bad guys. Indeed, predictive analytics is at the fore of many discussions involving financial institutions following the most recent attacks.

According to Itamar Ankorion, Attunity’s Vice President, Business Development and Corporate Strategy, these financial institutions don’t want to see a message informing them that they have lost $40million, preferring to be informed ahead of time that they are likely to lose $40milion. “Such analytics can be done in an analytic platform like HP Vertica, in Hadoop, or a combination of both,” acknowledged Ankorion. “Financial institutions should look at these new technologies as ways to enable this capability; and in doing so, look for ways to leverage the data from the NonStop to support this analytics.”

HP CEO, Meg Whitman’s, remark that when it came to security, businesses everywhere were in an arms race was made during a webinar on HAVEn. An integral part of HAVEn revolves around Enterprise Security and its presence in HP’s Big Data Platform is not an accident. Clearly, securing Big Data frameworks themselves is an obvious need, but for me turning HAVEn around and applying it to help become more proactive with respect to predicting potential attacks is perhaps an even more important outcome of the HAVEn program. Could Big Data used in defense of our switches and networks, and ultimately, our money, become the commercial equivalent of the 1980s “Star Wars” that ended the last arms race?

Recognizing the potential outcome of such a focus on Big Data and the impact it could have hasn’t escaped the attention of WebAction co-founder Sami Akbay. “Now that the attention of the world is turning to events in the US, as hackers penetrate the security systems at retailers like Target,” said Akbay, “ it’s more than likely that the work being done with Big Data (and the analytics relying on Big Data) may be re-prioritized to better detect the sophisticated security attacks we are all witnessing.”

Akbay then explained that even as “Credit card issuers like Visa and MasterCard have done a good job to date in identifying fraudulent transactions as they happen, and their cardholders are well protected against fraudulent transactions, there’s real money being lost and these card issuers would like to stem the flow. With Big Data and the inclusion of real time transactional data, as we are providing today with WebAction, we expect much better awareness of potential fraudulent transaction – not as they are taking place but in the minutes and seconds leading up to them about to take place!”

Cutting all the phone lines connecting St Petersburg to the rest of the world is not an answer. Perpetrators in other countries are every bit as active as St Petersburg, of course, as we are just finding out. South Korea, for instance, woke to news just a few days ago that a rogue “Worker at the Korea Credit Bureau, a company that offers risk management and fraud detection services,” took off with the personal information of 40% of the population. In this just-breaking story, Massive data theft hits 40% of South Koreans, CNN disclosed that, “Crucial personal data like identification numbers, addresses and credit card numbers were all stolen”. Clearly, what needs to be pursued has to be a lot better than what we have been relying on to date.

According to IR, what needs to be pursued more aggressively is greater Business Insight, including greater focus on predictive analytics – alerting business to potential trends when they first develop. Big Data certainly holds the potential to be extremely helpful in this respect and vendors specializing in Big Data are well aware of the potential upside from greater integration with daily operations.

If there truly is an arms race under way, as is being suggested, NonStop is right in the middle of it and remaining ambivalent even as the bad guys probe our defenses, is not an option. Equipping our operations personnel, standing as they do on the edge of imminent danger, with tools to stem the tide is of paramount importance for every business – the headlines are bound to continue, but there’s no reason why anyone in the NonStop community should suffer. It’s time to roll out Star Wars and turn the tide on these bad guys!  

Friday, January 17, 2014

NonStop adding further chapters to its rich history in a hybrid world!

Genetics play a big role in how we all develop and it’s not too hard to speculate that “good genes” also helps products prosper. When it comes to NonStop systems, they have participated in hybrid computing throughout their history so embracing hybrids today will not be a daunting challenge for NonStop …

Ever since they first showed up on Los Angeles freeways, hybrid cars have aroused a strange mixture of curiosity as well as optimism. Rushing headlong down the high occupancy vehicle (HOV) lanes, or car-pool lanes as they are sometimes called, they generated considerable envy among the less fortunate still ensconced in vehicles with more conventional powertrains.

Yet for many, these cars’ boxy, often-ugly appearance was a turn-off for many likely purchasers, including the likes of yours truly. Margo grew up in Poland where there were few options apart from the Trabant, so there was little opportunity to look forward to anything other than little boxes, leaving her with little appetite today for what she sees cruising down the express lanes.

As for me, there will never be a trade-off between aesthetics and practicality – if it does not look good, I simply will not consider buying it. Anyone considering the purchase of a Porsche Panamera, for instance, has to wonder whether he or she really wants to park such a car in the garage! Fortunately, there is the potential for some stunning hybrids appearing in the marketplace – it is very hard to object to the styling cues of the new BMW i8, or indeed, the Porsche 918, let alone the Ferrari LaFerrari. However, while these exotic hybrids trigger considerable debate, they are only options for a very select few; the rest of us left to contemplate the awful-looking boxes that remain within our reach.

While attending an event at a well-known car racing circuit last year, I came across a bumper sticker that simply proclaimed, “Yes I am a hybrid – I burn gas and rubber!” Rather cheeky, I thought, but then again, events for alternate-fuel based racecars are beginning to appear at this and other tracks around the country, and in 2014 we see the launch of Formula-e, the “new global electric racing series”. While not strictly speaking a hybrid, Formula-e is certainly drawing our attention to the potential benefits from powertrains apart from gas (petrol) / diesel burning combustion engine.

For the past couple of days I have been putting together a new PowerPoint presentation for use at one of my client’s half-yearly sales and marketing update. While there is much that I could include I elected to touch on Cloud computing, but drill deeper into Hybrid computers. After all, the birthplace of NonStop was in hybrid configurations that quite often saw NonStop systems front-ending IBM mainframes in support of vast networks of ATMs, POSs and even telephones. In cooperation these mainframe – NonStop hybrids serviced transaction systems reliably and paved the way for a gradual transformation of batch and on-line applications to real-time mission critical solutions.   

While researching the presentation, I came across an interview of HP’s CEO, Meg Whitman, and a number of her Executive Vice Presidents that was published under the headline of CRN Exclusive: Whitman, HP Top Execs On Beating Dell, Security Breaches And Partner Profitability. Within the slides that made up the story, were some timely comments that then found their way into my presentation. “Cloud is, obviously, one of the key initiatives of this company,” HP CEO Meg Whitman. “It is, I think, a game-changer in how compute is delivered, how it is paid for, how it is sold. And HP has to be a leader in this area.”

Deeper into the story came the equally important observation by the new head of the Enterprise Group, Executive VP and General Manager, Bill Veghte. “The core of our strategy in converged cloud is about making sure that we are building and delivering a cloud that enterprises can rely on,” said Veghte. “Our belief is that it is going to be a hybrid world.” And I could not agree more. Almost by definition, the introduction of anything viewed as game-changing will come about with the new coupled with the old in much the same way as we see electric motors coupled to combustion engines.

Among those with views on hybrid computers, and actively working in the more traditional area of better mainframe – NonStop hybrids, is Infrasoft managing Director, Peter Shell. “Shortly after we developed uLinga we understood that there would be two components. The first was directed at SNAX and ICE users looking for a more modern, better supported, solution and uLinga for DLSw and uLinga for EE are examples. The second takes uLinga into a new area of application integration.”

Shell then suggested, “With so much being discussed about hybrid computing today, we shouldn’t overlook the traditional NonStop – IBM mainframe ‘hybrids’ that have existed for many decades. Integrating, and indeed simplifying, communications between respective transactional environments has many upsides and with uLinga for CICS and uLinga for IMS, application integration can be taken to a whole new level.” Perhaps a twist on burning gas and rubber, hybrid computing embracing resources upstream and downstream – a qualification that might lose some impact in our peer-to-peer oriented world – shouldn’t be ignored.

“In addressing hybrid IBM / NonStop configurations, there are only three courses you can pursue,” Shell observed. “You can write your own NonStop application, possibly as a raw sockets application, and implement your own application to application protocol. It is possible but difficult to maintain in the long term. You could even opt to use another transport mechanism, such as MQ, but this is bringing in additional complexity and cost with no guarantees NonStop implementations will stay current.”

However, it is in the third option where a more modern approach can be taken, asserts Shell who then notes that, “With uLinga, applications utilize current IBM protocols and services via an implementation on NonStop that assures seamless and optimum application to application communication specifically, from NonStop subsystems such as Pathway (TS/MP) into IBM CICS and / or IMS.”

Simplifying the creation of a mainframe – NonStop hybrid, Shell said, is helped considerably as, “Today, we support NonStop specific interfaces such as the Guardian IPC and SNAX/HLS and SNAX/APC APIs, as well as vanilla TCP/IP interfaces intended for those who prefer to write sockets applications. Looking further afield, there will be support for MQ interfaces shortly for those users who would prefer to interface to uLingu for CICS or uLinga for IMS via MQ verbs, without any need to run WebSphere MQ on the NonStop Server or on the IBM mainframe.”

HP firmly believes it will be a hybrid world and while the context for such statements is assumed to be Cloud computing, it might be a little short sighted to ignore the history of NonStop and the reputation it has earned from decades of experience with hybrid configurations lying deep within our data centers. HP also recognizes that even as enterprises turn to Clouds to bolster available resources, the entrenched mainframe – NonStop hybrid may in fact turn out to be an ideal path to Clouds. What better use of an intelligent front-end, already in place, than to leverage it for more robust mainframe to Cloud access?

“IBM mainframes remain entrenched in many enterprises just as NonStop continues to prove hard to displace. Hybrid computing inside the data center will continue for many years to come – the investments made in the applications total well into the billions of dollars,” concluded Shell. “Simplifying the interconnections – between NonStop and the mainframe as well between NonStop and the Cloud - is a bonus that few CIOs would walk away from if they knew the option existed. Infrasoft with its partner comForte have already experienced early success with uLinga and will continue to market this message as aggressively as we can in the coming year.”

No ugly boxes here as there is a sense of beauty in the symmetry of such connectivity options – looking at the PowerPoint slides I was developing only added to my belief that there would be potential in deploying NonStop servers in this way. Hybrid cars may take many more years before they become an attractive option for more than just societies fringe elements - yes, the Tesla S is a step in the right direction obviously – but it will eventuate. NonStop fortunately doesn’t have to wait; participating in hybrid configurations is in its genes.

On the other hand, to astute CIOs well versed in the capabilities and attributes of NonStop, perhaps the decision to leverage NonStop in new and exciting ways will not be as far-fetched an idea as some may hypothesize. For the near future, it will be a hybrid world and one where HP will be making a considerable investment. Isn’t it good to know that, showing good genes, NonStop has such a rich history in a hybrid world, with even more history yet to write!     

Tuesday, January 7, 2014

She’ll be right, mate!

It’s just not cricket! Picking up on a previous post featuring clichés, and adding the quote,“if we knew the answers, we would be doing it,” has led me to wonder why CIO’s don’t have all the answers even as they remain clueless about NonStop! Has the NonStop community somehow failed to educate?


Staying up late, reading of the cricket test matches under way in Australia (as the return to the natural order continues, with results harking back to much happier times for Australians) – yes, Australia is beating up on England somewhat fiercely – I was reminded of just how much slang makes its way into everyday use. Few readers who read the last post by Margo will have missed how clichés can prove to be painful, when too many are strung together, but the use of slang is something else again.

I loved the picture above and can almost hear the two intrepid anglers discussing the merits of backing the trailer into the water. “You don’t like reverse – try something different; just keep driving forward till the boat is level with the pier,” seems to be an appropriate caption, followed almost immediately by a response, possibly to some concern being raised, “nah, don't worry mate; she'll be right!" Unintended consequences still find new opportunities to exploit poorly perceived tactics, no matter the situation.

Among the slang expressions heard during these cricket matches have been other good ones “go on, have a go!” as well as “just do your best, y’hear!” Like the slang used by the anglers above, it seems to always arise when something is not going well and there is little else to add when commiserating with the victim. As a member of generation “baby boomer”, I have heard nearly every slang expression on offer at times like this.

The English cricket captain, Alastair Cook, somewhat overwhelmed by what has transpired in the cricket matches to date, went so far as to say, "I'm sure others would have done it differently, but if we knew the answers we'd be doing it.” It was left to former English cricket captain, Michael Vaughan, to ask “What are they doing in the tactics? Why aren't they helping him out? Why aren't the coaches doing more?”

Modern sporting pursuits of every type are just a form of entertainment and situations can take unexpected turns, and when things do go wrong, then it’s just a case of well, “S*** Happens!” Half an audience will be pleased with what transpired while the other half is left to lament what could have been - a situation all too visible to the spectators filling the cricket grounds in Australia.

“She’ll be right, mate!” is never the right call when you are simply muddling along. Devoid of sound tactics, companies falter and tactics need constant fine-tuning as good companies aggressively pursue those actions needed to sell a product, grow a business and seize market share. Moreover, when it comes to NonStop systems, no amount of reliance on tried and true homilies will spare the pain that many of us experience when we know so well that NonStop can provide so much more!

In the discussions and email exchanges I have been a party to, as the year wound down, the image that stuck with me was of how much dumbing-down of the complexity of IT is being done by those who should know better. If you have not already noticed a theme of mine of late, it is lambasting the current crop of supposedly well-informed industry analysts that are doing a very poor job for the IT community.

Modern IT is anything but simple, and picking best of breed solutions and empowering line-of-business managers to comprehend the nuances of all the technology involved is a modern day travesty. Not even the best informed of us has the breadth of knowledge to ascertain the strengths of one product versus another when it involves a complete “stack” of hardware, software, networking, security, database, and so forth.

Let alone the steps required to integrate it with what currently exists within the data center. Because we cannot run NonStop on our handheld device nor can we fire it up in our media room at home, does not mean it is lacking in either usability or indeed, relevance. The roadmap for NonStop systems has been a matter of public record for some time. The fact that such a large a percentage of users in select market segments continue to rely on its capabilities is a testament to just how well all associated with NonStop have delivered on that roadmap.

Doing IT is a tough row to hoe – and of the most difficult tasks to pursue is ensuring everything keeps running despite hacking attacks, network outages, software release incompatibilities, and any number of disasters that may take place. That a generation well versed in its complexities is retiring and the two generations following – “Generation Y” (the Millennials) and before them, “Generation X” - lack awareness of the pitfalls awaiting them. For the most part, they are insensitive to the work that preceded them in getting IT to where it is today, yet another opportunity for even harsher unintended consequences than we have seen to date.

It was not a cricket reference that caught my eye, as I completed a recent post to comForte Lounge, but rather, a comment made during the telecast of an American football game. To an injury-prone player, the television analyst quipped, “Your best ability is your avail-ability!” something that many in IT comprehend all too readily. In this post I then added how I was reminded of just how important a role NonStop plays and of how big a contribution NonStop makes to ensuring all we do on a daily basis is just keeps running. Not to put too fine a point on this, but move too far from NonStop as part of your infrastructure and you will wear the wrath of your customers and clients.

As I look ahead to 2014, I am concerned about tactics and about who is helping the team. That is, the NonStop team present in users and vendors alike. Yes, I am concerned too as to why aren't the coaches doing more? This is not a reflection on what I watch taking place inside HP, when it comes to NonStop, but rather a call for a lot more action from all of us, particularly those of my generation. When was the last time we took a proactive stand, with our peers, as to why un-availability is unacceptable?

Looking at 2014 I am getting very angry – yes, to those who know me well I have hidden my passions poorly through the years – even as I know there’s a lot more I could be doing. Just think if only one user from every company running NonStop phoned Gartner (of Forrester) today for an update on NonStop, they would be fielding close to a thousand calls. All from very large and prestigious corporations, with considerable influence in key markets.

Not likely to happen, but just a thought – it takes very little to get something to turn “viral” and with NonStop we have a message that should be resonating well with everyone. Yes, the primary cap-ability of NonStop is its avail-ability and with that, there is absolutely no reason why NonStop should be sidelined. For me, “She’ll be right, mate!” suggesting nothing will change. And I want to ensure we do change.

Yet change is what’s needed most and HP needs our help - customer testimonials still carry the most weight with those looking at their options. NonStop is a solutions sell and its sweet spot is increasingly as a part of the complex infrastructure IT is rolling out. There’s always a need for more solutions but already, with what we have today, much more can be done – again, even as the discussions turn to Clouds, Hybrid Computers and Big Data solutions, NonStop directing traffic, safely, reliably, without ever dropping a transaction or a database field, is unquestionably a tour de force when it comes to availability.

It is the start of the New Year and tradition mandates that I finish on a positive note. The news that the commoditization of NonStop hardware continues and that there will be no falling off the chip cliff certainly sparked interest in NonStop again. Embracing the Intel x86 architecture as well as InfiniBand are all very positive signs concerning the future of NonStop. Perhaps 2014 will see a continuation in the steady upward growth in shipments that we have seen for NonStop these past two years.

“Nah, don't worry mate; she'll be right!" This may be an appropriate comment among spectators at sporting events, but in the world of IT, it is unconscionable to think we will ever be satisfied with what do essentially by rote. Innovation, disruption, and being cool (in the marketplace) are the well-known hallmarks of successful technology companies – it is time for NonStop to get its swagger back!