Wednesday, 11 January 2017

Fighting Back against 'Marketing Technology'

If you're planning on shopping in a brick-and-mortar Amazon outlet - slated to appear on UK high streets in the near future - you're likely to encounter the retail giant's checkout-free model that utilises face recognition and other technologies to eliminate the need for the cash register. But be aware that computers and sophisticated software are examining your physical appearance and using it, not only to eliminate having to checkout, but also to market to you.

Meanwhile, social media site Facebook uses facial recognition software to add tags of users to uploaded photographs. What seems like a very creative and helpful feature is gradually becoming more annoying to users with serious security concerns. But people are fighting back. Take Berlin artist and avid technology fan Adam Harvey. Concern over security and privacy has led Harvey to work on two projects designed to thwart facial recognition software.

Harvey’s first project, known as CV Dazzle, came up with ways people could change their physical appearance through hairstyles and makeup in order to foil facial recognition. Though the concept was indeed workable, there were inherent limitations that made it unworkable on a large-scale. So Harvey's second project aims to make up for what his first project lacked. His new offering is a line of fabrics with printed patterns designed specifically to overwhelm facial recognition systems.

"As I’ve looked at in an earlier project, you can change the way you appear but, in camouflage, you can think of the figure in the ground relationship," Harvey recently said in an address to the Chaos Communications Congress. "There's also an opportunity to modify the 'ground', the things that appear next to you, around you, and that can also modify the computer vision confidence score."

A Kind of DDoS Acid Attack

Data centre operators are familiar with DDoS (distributed denial of service) attacks that can bring down a website simply by overwhelming servers with a constant barrage of crushing login attempts. What Harvey is trying to do with his fabric designs is very similar. The designs include carefully implemented marks that replicate different facial features meant to overwork and confuse facial recognition software. The patterns don't look like much to the human eye, but they are exactly what facial recognition software is designed to analyse.

Harvey maintains that his project is absolutely necessary in the digital age. Like many others, he's not convinced that a technology being portrayed as an innocuous marketing initiative will remain innocuous permanently. These kinds of technologies often find themselves hijacked by people or organisations that use them to invade the privacy of citizens and compromise their security. If Harvey has anything to do with it, facial recognition software is not going to be as successful as its creators want it to be.

Will software developers find a way around Harvey's camouflage? Perhaps, but that will just perpetuate the continuation of the cat and mouse game now being played. The game is just what technology has led us to.

Resources: 

Friday, 6 January 2017

'Right to Disconnect' Takes Effect in France

At the end of a long work day, you expect to be able to go home to family, sit down to a good meal and relax for the rest of the evening. You hope to be able to spend weekends doing what you enjoy rather than having to worry about what awaits at the office on Monday morning.  However, if you're like many of us in this modern working world, those times of complete disconnection from work are rare. In France, they have decided to do something about it by formally implementing the 'right to disconnect'.

A new law codifying the rights of workers to take back their time away from work officially came into effect on January 1st 2017. The law is just one part of a much larger reform package intended to make labour practices in France more favourable to workers looking for a better work-life balance.

Under the legislation, companies with 50 or more employees must make every effort to negotiate in good faith in order to establish policies governing “off time” policies that both sides can live with. Those policies are meant to outline the limits of workplace intrusion into the personal lives of workers. If a company and its staff are unable to successfully negotiate acceptable policies, the employer must then publish documents detailing their off-time policies and the associated rights of workers.

A Law with No Teeth?

The right to disconnect legislation has been hailed by labour unions and worker advocates as a big win for the average man in the street. But how effective will the law actually be? News sources say that there are no mechanisms in place for enforcement. Rather, the French government hopes the legislation will encourage companies to voluntarily make a good-faith effort to negotiate with the employees.

Some companies have already done just that, according to the publication Silicon. A January 3rd piece from Silicon contributor Matthew Broersma cites Daimler and Volkswagen-BMW as just two examples. The question is, how many other companies will follow a law that essentially has no teeth?

We expect big-name corporations to make a way to allow their workers to disconnect, if for no other reason than the fact that they cannot afford the bad press that would come from ignoring the legislation. But smaller companies without name recognition to worry about might not be so keen on the idea.

The ironic thing is that logic dictates workers already have a right to disconnect, based on the simple fundamentals of business. A business essentially purchases services from employees by way of salary. For them to extract services for which they DO NOT pay is not only bad business but it is a legalised form of theft.

It is unfortunate that France has had to enact their right to disconnect legislation – because that right already exists naturally. Hopefully, employers will get on board with the new law because it's the right thing to do, not because French legislators have told them to.

Monday, 12 December 2016

Google Approaching 100% Renewable Energy Target

For years, Google has been working on erasing its carbon footprint by powering more and more of its operations via renewable energy sources. Now it appears that the company is on the verge of reaching its 100% renewable energy target by sometime in 2017. Google is already the world's largest corporate buyer of renewable energy; it may soon become the biggest mega-corporation to be able to claim 100% renewable energy for all operations.

To be clear, reaching the 100% renewable energy goal does not mean all of Google's operations will literally be powered exclusively by green energy. Due to the complexity of power grids and energy production, that is just not possible at this time. What it does mean is that the amount of electricity Google purchases from green sources will be equal to the amount of power it consumes.

This is an important distinction to make given that the technology sector is now responsible for approximately 2% of greenhouse gas emissions, according to the Guardian. Furthermore, the world's data centres represent some of the single largest consumers of electricity. Aggressively pushing for more renewable energy use in technology is not only necessary but it is the right thing to do.

A Good Move for Business

Google established its 100% renewable energy target back in 2012. Google EU energy lead Marc Oman says it took the company five years to reach its goal because negotiating power purchase agreements is so complex. They have the size and resources to wade through the process while smaller companies may struggle to do so. This is why companies like Google and Amazon are leading the way in corporate renewable energy purchases.

Google purchased some 5.7 TW hours of green electricity in 2015. By contrast, all the renewable energy produced by solar panels in the UK that same year equalled about 7.6 TW hours. That tells you how much electricity Google is consuming between all its data centres and its US-based operations centre with 60,000 employees.

Despite the challenges of reaching their target, Oman says the decision to purchase 100% renewable power is a good business move for Google. He insists they are not merely greenwashing – giving the appearance of being environmentally responsible without actually taking steps to do so – but they are improving their own operations and profitability by concentrating on renewable energy.

Ironically, Google has also said that it would not rule out investing in nuclear power in the future. Such an investment would lead to the inevitable question of whether the company's claim of not greenwashing stacks up with an investment in a power source that does not meet the same green and renewable standards as wind and solar.

Only time will tell what happens to nuclear power. In the meantime, Google is closing in on its 100% renewable target. When the company actually achieves it, you can expect plenty of fanfare and self-promotion. And why not? When that day comes, Google will have achieved something it has been working on for quite some time.



Thursday, 8 December 2016

ICO Offers Holiday Security Tips to Government Agencies

It's not often that a blog post issued by a government agency is a combination of useful information and holiday festiveness. But, thanks to the Information Commissioners Office (ICO) and enforcement team manager Laura Middleton, government IT workers have a reason to smile during the hectic holiday season. Middleton's recent blog post offering IT security tips to government agencies is enough to put a smile on your face and remind you of the necessity for extra security at this time of year.

As Middleton so eloquently explains, time constraints and holiday activities often lead to workers cutting corners where security is concerned. Matters are made worse by the fact that IT departments tend to work on skeleton staffs during the festive season. The same is true in the private sector. Data centres and IT departments experience larger-than-normal volumes of people taking time off.

As a public service to all readers, we would like to take the opportunity to present some of Middleton's tips to government agencies, modified to be appropriate to the private sector too. Enjoy!

Keep Staff in the Loop

Middleton's suggestion of keeping staff in the loop is directly related to Freedom of Information Act (FOIA) requests. In the private sector, the same principle applies. Staff who will be required to pick up the slack during the holiday season need to be fully trained and prepared to do so. They all need to be kept up-to-date on any information that will affect how they do their jobs.

Alternate E-Mail Addresses and Responders

In cases where key staff members still need to be reachable while taking time off, consider providing alternate e-mail addresses. Those e-mail addresses can be set up on a temporary basis, then shut down once the affected staff members return to work. Along those same lines, automated responders should be established for all e-mail addresses that will not be monitored during the holiday period. People who try to contact and organisation need to know that their e-mail was received.

Adjust Security Procedures

Shutting down for the festive season means IT staff are lean and offices are empty. Workers required to work even as most of their colleagues are off may choose to work from home rather than coming into an empty building, so they may also need to be reminded of security procedures. If necessary, security may have to be adjusted to account for different ways of working at this time of year.

Have a Contingency Plan in Place

Data centres and IT departments should absolutely have a contingency plan in place just in case an IT emergency arises. There is no room for complacency, even during the festive season. Not having contingency plans in place is asking for real trouble.

Christmas is almost upon us, but that does not change the need for information and data access. You can make your festivities more enjoyable by making sure your networks and data systems keep running securely and uninterrupted.



Tuesday, 22 November 2016

Russia Blocks LinkedIn: A Sign of Things to Come?

It's official. After months of threatening LinkedIn with a block of its services in Russia, the Russian communications regulator has followed through. It all stems from a dispute over whether LinkedIn would comply with Russian laws requiring information pertaining to Russian users be hosted on Russian servers. One wonders if Russia's actions are a sign of things to come.

The push to bring all Russian user data home began in 2014 when the Duma passed the first of several bills aimed at doing just that. Under that first piece of 2014 legislation, Russia established that companies operating on an international scale would have to procure physical servers in Russia – whether contracting with existing data centres or building their own – in order to store data pertaining to Russian users.

The law equally applies to big names such as Facebook and Google and smaller companies with significantly less name recognition. Furthermore, it applies to Russian companies who have a practice of sending user data outside the country. They must cease doing so unless they can prove a certain level of domestic data security.

A Populist Mentality or Something Else?

One way to look at the Russian legislation is to compare it to the current wave of populism that seems to be sweeping the globe. Citizens growing ever more tired of globalism are demanding their nations return to a more populist way of doing things that preserve national identity and sovereignty. Populism was a big part of both Brexit and the recent US presidential election. It may grow in the near future with both the French and German elections.

Could Russia's move be as much about populism as security?  While it's true that protecting sensitive data is a lot easier when hosted domestically, it is also not terribly difficult to implement security strategies that are effective in a cross-border situation. So there has to be more to it than just security alone. Populism seems as if it could be a factor.

Still, there is another possibility. Some critics of Russia's move speculate that the regulator wants data stored at home so that certain government agencies can access it more easily. Think NSA and Edward Snowden here.

Where Do We Go from Here?

Now that Russia has taken steps to block LinkedIn, we would expect the regulator to take similar action against other companies as well. The floodgates are opened and water should begin pouring through rather quickly. Whether it spreads to other countries remains to be seen.

As per LinkedIn, they continue to stay committed to a global mindset. In their official statement, they expressed the following:

"Roskomnadzor's action to block LinkedIn denies access to the millions of members we have in Russia and the companies that use LinkedIn to grow their businesses. We remain interested in a meeting with Roskomnadzor to discuss their data localisation request."

Will Russia flinch? Probably not. So now it's up to LinkedIn to make it work.

Friday, 11 November 2016

Thoughts on a More Predictable & Reliable Data Centre Life Cycle

For a variety of reasons, there has been too much attention paid to the way data centres and infrastructure has been built, with comparatively little attention on the cost of operations throughout the life cycle.

As an industry we are 30-35 years old. We’ve grown very rapidly and so far we’ve been very technology driven and that is an extremely good thing. That focus has created the infrastructure that resides in hundreds of thousands of data centres around the world and it’s that infrastructure that gives us all the things that we take for granted, like the internet and applications such as messaging, streaming, two-way video communications and so on.

The next challenge is quite a different one and it’s making the transition from being engineering-focused to being operationally focused. What that really means is that we need to start to think much more carefully about how all the infrastructure we will have is going to be managed. How is it going to be run? How do we know how well we are running our infrastructure and doing our jobs to the best of our abilities?

Part of this, of course, is people related. But there is also a technical solution which requires giving thought to – what the infrastructure looks like and feels like throughout its life cycle, not just putting a data centre together from a design and build perspective and then moving on to the next project.

We need to think about ourselves as an industry that is maturing and as all industries mature they go through several stages of pain. The initial stages of pain are related to that change, in other words understanding where you are in the process and making the decision to change.
What that means is thinking very carefully about life cycle. How will the infrastructure that is built today perform throughout the phases of its life cycle? At some point in time we will refresh equipment. We will make capital reinvestments. We will make operational investments. We need to think those through throughout the life cycle.

What technology platform do we put in place so that we can manage our infrastructure better? The industry is still in a state of hyper growth so we’re still going to grow the number of facilities, although they may change size and shape. In fact, if the market does change in the way that we expect it to and makes a move towards Edge computing, the whole facility landscape will change dramatically.

To be able to manage the operation of those sites better we need to think about what the life cycle looks like. How do we want to run infrastructure in the best possibly way, ideally with the least amount of human intervention, and that’s where software and technology come in.

One of the things that we can do as an industry is to short-circuit that learning process by not going through the same pains that the other industries have already been through. Let’s look at oil & gas, pharmaceuticals, water and utilities and nuclear power stations. They’ve been through this exercise in varying time periods over the last 10 to 15 years. Let’s figure out what they did to change their operational best practice and use that knowledge.

So we don’t have to learn all those lessons for ourselves; we’ll make our own mistakes and learn our own lessons but let’s at least stand on the shoulders of our ancestors in the context of this particular maturity.

We need to do a better job in two ways. We need to describe our vision of the future and that this vision is not just about products and technology: it is really about the life cycle. Customers no longer buy product; they buy a system. They buy a solution. They buy an entire data centre. We would expect customers to say: “I’d like you to build me infrastructure that is predictable in terms of reliability and efficiency but is also incredibly easy to manage.”

Schneider Electric white paper 195, “Fundamentals of Managing the Data Centre Life Cycle for Owners” describes the five phases of the life cycle, identifies key tasks and pitfalls, and offers practical advice to the owners and management of legacy facilities.

Guest blog by Arun Shenoy, VP, IT & Data Centre Business, Schneider Electric

Monday, 31 October 2016

The Challenges of Going Global in Today’s Digital Economy

There are many popular brands here in the UK that are also well-known across the world, including fast-food restaurant chains, clothing shops, technology companies and many more. However, the vast majority of these companies didn’t start out with a global presence – for most, it happened gradually.

Businesses eyeing international expansion look to obtain the benefits of this growth through conventional uplift, including increased revenue, enhanced exposure and brand recognition, global partnerships and a more diversified product and/or service offering. But there are significant challenges to achieving this goal.

There are a lot of ambitious companies that want to grow, however, many of these companies’ data centres are typically far smaller than those of a multi-tenant colocation providers. Thus, it’s difficult for them to get the funding to pay for a facility with a high level of resiliency and a strong team to manage the mission critical environments.

Some have smaller, less resilient server rooms and data centres scattered about, which makes it more difficult to get applications that require more resiliency in the exact location they need. Others may have smaller, less redundant facilities along with perhaps one highly resilient, centralized facility. As a result, most want to move to a colocation provider that has a facility is resilient across all critical systems in multiple geographies and also enables their cloud applications to be as close to their customers as possible.

Most growing international companies like to deploy at a single point of presence to test a specific market, especially if there are some legal or regulatory hurdles and political concerns. They’ll go to an interconnection hot bed where the colocation may be a bit more expensive than going to a facility that’s away from a major city or a secondary city, allowing them to maximize their radius of coverage. For example, in the U.S., there are lot of European companies leveraging either Northern Virginia or New York City to get access to a plethora of carriers from one location. They can get access to as many different companies as possible rather than just going full force into a new market and deploying in multiple geographies.

Looking abroad in Europe, businesses are deploying in London, Amsterdam, Frankfurt and Paris, the hot beds of interconnection for the region. In Asia, it would be either Singapore for Southern Asia or Hong Kong for Northern Asia. In China, there are a lot of customers deploying a colocation environment in Hong Kong that’s directly tethered to an environment in China where they could deploy virtualized resources. In case anything goes wrong, such as a geo-political event, they can pull the virtualized environment back to Hong Kong.

Companies that want to move some of their activity outside their current boundaries might not take into account the cost for employees on the ground in a new market or for achieving connectivity between their domestic and international deployment. If they work with a reliable colocation provider with a global footprint, however, those data centre professionals can do all the racking and stacking along with managed services such as load balancing, patch management, server reboots and more. Most companies have a multitude of local colocation providers from which they can choose, but they should find a reliable one that can get them the most secure and effective point-to-point connections between the data centre and their corporate locations.

Another challenge for many businesses is their lack of knowledge with a variety of local country government regulations. Companies serving customers in certain international markets deal with data sovereignty issues and regional or regulatory compliance. For instance, if they are involved in any financial activity in Singapore, they have to make sure the colocation facility in which they are located is TBRA certified.

It’s very difficult to expand into new global markets for businesses that choose to build their own data centres, because it’s nearly impossible to move into any major cities that are regulated and unionized without having deep connections. Most enterprises that are looking at an international point of presence will not consider building, but instead, will look at tethering their proprietary data centres to their colocated international environment.

Companies have to be conservative and smart when they plan and execute on their global expansion. Small, incremental steps are key to success – maybe it’s just a cabinet or two so they can put some infrastructure in-region to better support business in that territory, whether it’s for internal customer and sales support systems, Web presence, etc. They’re often very risk-averse because expanding internationally for the first time is no small task. In this scenario, colocation allows them to use a couple of cabinets at first – likely to be in a virtualized fashion to be able to easily migrate out if needed – before they start to deploy physical servers.

Whatever route a company takes, they need to apply strong controls, rigid progress reviews and several checkpoints so they can overcome challenges and stay on course.

Guest blog by Steve Weiner, Senior Lead Product Manager, CenturyLink