Get the lowest-cost and the best server colocation service in the business. Learn more.
Information Technology News.

IBM is reportedly ending its contract agreement with NetApp

Share on Twitter.

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Do it right this time. Click here and we will take good care of you!

Click here to order our special clearance dedicated servers.

Get the most reliable SMTP service for your business. You wished you got it sooner!

May 26, 2014

According to various reports we've seen in the blogosphere this morning, IBM will reportedly end its contract agreement with NetApp.

Citing “an internal memo reviewed by Bloomberg, the newswire says IBM has simply decided to offer enterprise customers its own solutions rather than continuing to resell the N-series network attached storage devices it gets from NetApp.

IBM's data storage sales aren't exactly that high, so it makes sense for the company to concentrate on shifting its own infrastructure and taking as much profit margin as it can rather than outsource with NetApp.

That its own v3500, Storwize v5000 and Storwize V7000 Unified are reasonable replacements for the N3000 Express, N6000 and N7000 it gets from NetApp means that the decision can't have been all that difficult in the first place.

Understandably, that doesn't make the decision any easier for NetApp, which draws about two percent of its revenue and more than a little credibility from its IBM alliance.

With its balance sheet challenged in several ways, losing some easy revenue is perhaps the last thing it needs, however.

It's also worth reflecting about what IBM's move says about the NAS market in general. The likes of Dropbox for business offer NAS-like functions (as end-users perceive them) without all the hassle of maintaining a device.

Naturally, such services aren't going to become less sophisticated any time soon, so it represents a real threat to those who need to access files alone.

To be sure, SaaS (Software-as-a-Service) also poses a parallel threat by removing the need for data storage solutions capable of serving the transactional needs of on-premises applications.

In fact, those new and emerging technologies threaten both IBM and NetApp at the same time. IBM at least has a cloud offering that it can use to compensate.

But NetApp looks instead like less of a good catch after years of acquisition speculation. Only time will tell how this will pan out in the next year or two.

In other IT news

Workers at Microsoft Research (MSR) have implemented a new method to automatically check code for compliance with privacy laws, and Microsoft claims that its simple to use.

Legalease is to specify restrictions on how data is handled. One of the main drivers behind its development was that software developers and those setting companies’ privacy policies don’t share a common language.

As an example, MSR says that more than 20 percent of the code in its Bing search engine changes on a daily basis, with changes made by thousands of programmers.

Even some small changes in code might affect how data is used or who views it, potentially violating company, government or regulatory privacy policies.

Keeping tabs on changes in very large systems, like the Bing search engine, using manual audits is difficult and very time consuming.

According to MSR, automated testing is the best way to verify compliance with privacy rules and laws on the massive scale demanded in environments like Bing.

Legalease uses allow/deny rules, with exceptions. This reflects privacy policy frameworks like the U.S. Health Insurance Portability and Accountability Act (HIPPA).

Grok, meanwhile, annotates existing code using a system that cross-references information from different sources, based on varying levels of confidence.

According to Microsoft, pattern-matching to column names across a database results in a low-confidence score, while annotations made manually by developers are deemed to be more trustworthy and thus get a high-confidence score.

MSR says it developed Grok for use on Bing but found writing suitable polices very difficult, and this was what led to Legalese. Both were tested on Bing and are now running on the data analytics pipeline.

MSR presented Legalese and Grok at the 35th IEEE Symposium on Security and Privacy in San Jose, California this week.

MSR claims that a group of non-coders took less than five minutes to learn how to use Legalease and just 15 minutes to code 9 Bing policy clauses with some tidbits of user information.

Saikat Guha, a researcher at Microsoft, said in a statement called Legalease is “the final piece of the automated privacy compliance jigsaw puzzle."

In other IT news

Cisco is continuing the rapid expansion of its security portfolio with the acquisition of the small malware analysis firm ThreatGRID.

The acquisition target was founded two years ago, one of the then-burgeoning number of companies that pushed malware analysis, threat intelligence and security analytics into the cloud, supplemented by an on-premise appliance.

This new acquisition will fit into Cisco's Advanced Malware Protection portfolio, created when it acquired open-source IPS pioneer SourceFire.

In its announcement, Cisco says ThreatGRID “allows enhanced aggregation and correlation of data for advanced threat intelligence across the extended network and across Cisco security solutions and services”.

Cisco has also announced a bunch of other extensions to the AMP suite, including: AMP for Endpoints, adding support for Mac OS X, “elastic search” to identify the scope of an attack, and remote file analysis; the AMP Private Cloud Appliance; AMP for Networks, which includes a cloud-based sandbox to help defend against unknown threats; and two AMP FirePOWER appliances, the AMP8150 with up to 2 Gbps of performance and the FirePOWER AMP7150 with up to 500 Mbps of performance.

In other IT news

CERN alumni and a team or research scientists at MIT have taken another shot at cracking the e-mail encryption scenario.

Their offering is dubbed Proton Mail and it's now available in public beta, and it proves to be so popular that the group had to suspend new registrations while it upgrades its system.

As a concept, encrypting email goes back at least to the earliest days of PGP-– Pretty Good Privacy, that got Phil Zimmerman of RSA Security in so much trouble back in those days. He suffered a long criminal investigation by the U.S. Customs Service.

After a report from RSA Data Security who were in a licensing dispute with regard to use of the RSA algorithm in PGP, the United States Customs Service started a criminal investigation of Zimmermann for allegedly violating the Arms Export Control Act.

The United States government had long regarded cryptographic software as a munition, and thus subject to arms trafficking export controls. At that time, the boundary between what cryptography was permitted ("low-strength") and impermissible ("high-strength") for export from the United States was placed such that PGP fell on the too-strong-to-export side of the boundary.

The boundary for legal export has since been raised and now allows PGP to be exported. The investigation lasted three years, but was finally dropped without filing charges against Zimmerman.

PGP, which lives on in various open-source tools today, ran encryption alongside users' e-mail clients and was widely seen as too difficult for the average user.

In the world of Webmail, encryption happens at the server end, and as Lavabit found to its own cost, that leaves user data subject to the demands of law enforcement.

Proton Mail even nods towards PGP-- “In truth, there is not a whole lot that ProtonMail does that is not already accomplished by PGP, at least from a security standpoint," the MIT team notes.

Click here to order the best dedicated server and at a great price.

"But, to quote what Bruce Schneier said to us when he visited CERN, all PGP has demonstrated is that even one click is too much,” he added.

“What we really want to provide here is privacy for the much larger segment of the population that isn't sophisticated enough to use PGP,” he added.

Proton Mail is a Webmail system that encrypts messages at the client-side – within the user's browser – so that the user doesn't have to delegate encryption and trust to the provider.

The organization doesn't log user activity, so information like IP addresses and other metadata aren't available, and that's what really makes the whole concept so interesting.

It runs AES, RSA and OpenPGP implementations on open source cryptographic libraries, while at the server end, Proton Mail runs full disk encryption in its Switzerland data centers.

However, the system does demand that users have two passwords-- one to authenticate yourself with its servers, and the second local password for decrypting messages. We would suggest using a password manager for the second, since Proton Mail can't re-issue a password that it never held in its memory to begin with.

There's also an optional self-destruct feature for messages, and users can deal with other e-mail providers either unencrypted, or using symmetric encryption as an option.

Some of the developers remain at CERN, while others are now at MIT. There's some interviews with the founders, Jason Stockman, Wei Sun, Andy Yen on the Forbes website.

The developers told Forbes they chose to “bootstrap” rather than seek venture capital funding to maintain their credibility among users.

Source: Bloomberg.

Get the most dependable SMTP server for your company. You will congratulate yourself!

Share on Twitter.

Need to know more about the cloud? Sign up for your free Cloud Hosting White Paper.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.