In May of 1974, singer-songwriter, Dave Loggins released his first hit single, titled, "Please Come to Boston." Before this week, Dave was best known to us at Gazzang as the slightly older cousin of movie-soundtrack legend, Kenny Loggins. Today however, the opening verse to Dave's song, "Please come to Boston for the springtime," takes on a new meaning.

This morning the MIT Sloan CIO Symposium announced the ten companies that were selected to exhibit at their 2012 Innovation Showcase. Gazzang was the lone Austin-based company chosen and the only one focused on providing big data security solutions to enterprise customers.

The event takes place on May 22nd on the MIT campus.

I hear Boston in the springtime is nice. Maybe we'll sell some sidewalk paintings while we're out there.

Happy almost Earth Day everyone. I really hope you’re planning to spend your Sunday mulching, weeding, watering, nurturing, composting, recycling and not doing a single thing to pollute or damage the earth. To do my part, I’m going to spend the day reading poetry to a bale of turtles that congregate at Lady Bird Lake.

In honor of earth day, this week’s Friday Top 4 focuses on sustainability. Namely four trends that I hope stick around awhile, and one that needs to go away as quickly as possible.

Also, please do not print this blog post. Think of the trees.

1. BIG data IPOs - Congrats to Splunk on an impressive first day of trading, more than doubling its profits. The company – whose name is not in any way more bizarre or interesting than Gazzang – helps organizations collect and make sense of the massive amount of machine data they generate. This marks the first real big data IPO, and we’re thrilled to see the overwhelming interest and positive response from the market.


2. Momentum continues for Gazzang - Earlier this week, Gazzang issued its state of the quarter press release, and the results were positive all around. Growth across the board in products, customers and talent. Services Angle followed up our announcement with a nice article on the quarter and reiterated our battle cry around the need to secure big data environments.



Look for more news from Gazzang in the coming weeks and months as we continue to bring innovative solutions to market that help organizations protect sensitive information and analyze their IT data.

3. Time magazine lists - Thanks Time for the constant reminder that your lists have 96 more things on it than mine do. Kidding aside, this year’s list of 100 Most Influential People left me thinking, “what planet am I on?” I had initially thought the most egregious error was including Jeremy Lin, a Knicks point guard who played in about 15 games this year. But then I saw this.



Anonymous? Really? This hacker collective is stealing sensitive data from organizations, and in some cases, making life and work more dangerous for law enforcement. Shouldn’t they at least be in the rogue’s gallery?

Anyway, controversial or not, I simply love anything in list format.

4. And finally on this Earth Day, my one thing that needs to go straight to the composting bin. Check out the awful Pittsburgh Steelers throwback uniforms. These look like they were designed by a hornet.

The other day I was helping a prospect install Gazzang ezNcrypt on a server with what we THOUGHT was a typical installation of MySQL. In fact, the ezNcrypt Configuration module (for MySQL, Apache and PostgreSQL) identified a common MySQL configuration with everything in the locations we expected to find them. For example, the MySQL Data Dir was found to be /var/lib/mysql/, and the MySQL daemon was found in /usr/sbin/mysqld.

We followed the Configuration script and ended up with two ACL rules. We had our @mysql rule which we planned to use to encrypt the database files, and a very similar @log rule.

They looked like this:

# -  Type     Category       Path                     Process             

1    ALLOW    @mysql         *                        /usr/sbin/mysqld   

2    ALLOW    @log           *                        /usr/sbin/mysqld  

Thinking everything was good, we then proceeded to encrypt the database they wanted to encrypt. Expecting that the customer would go to /var/lib/mysql to the database folder, I was a little bit surprised when they navigated to /opt/lampp/mysql/. This wasn't a big concern, as Gazzang's ACL rules can be applied to any directory. So we encrypted the database and tested the application's web site used to access information in the database.

When we opened the web application, we discovered that the database we just encrypted was not visible. As one more test, we logged in to phpMyAdmin on the customer's desktop (where most administration and maintenance of the server was handled), but the database was not visible there either.

Since this was a fresh install of Gazzang ezNcrypt, I knew that everything was installed properly and running, so it was very likely the ACL Rules were not configured properly.

The fastest and easiest way to figure out what's wrong in a situation like this is to check dmesg. The "dmesg" command prints the messages in the buffer of the Linux kernel. Gazzang ezNcrypt sends failed access attempt messages to the "dmesg" output, giving us an easy way to figure out what scripts / processes / applications are trying to access and use the encrypted files.

When we ran dmesg, the error message showed that the "mysqld" process that needed to access the files was actually in /opt/lampp/mysql/mysqld. This server had MySQL installed in two different directories, with the MySQL daemon that was actually running and needing to access the encrypted database files residing NOT in /usr/sbin/mysqld, but /opt/lampp/mysql/mysqld!

SOLUTION: Add the appropriate "MySQL" ACL Rules that ALLOW the "correct" mysqld process access the files. So, when we added the @mysql and @log ACL rules using the process shown in our dmesg output, everything worked the way we expected. Here are the two "corrected" rules (#3 and #4) just below the incorrect rules we started with so you can compare them.

They look like this:

# -  Type     Category       Path                     Process            

1    ALLOW    @mysql         *                        /usr/sbin/mysqld   

2    ALLOW    @log           *                        /usr/sbin/mysqld

3    ALLOW    @mysql         *                        /opt/lampp/mysql/mysqld

4    ALLOW    @log           *                        /opt/lampp/mysql/mysqld   

Once we had the correct "mysqld" process defined in our ACL rules, the database that contained the sensitive data was fully encrypted on the disk, but readily available to MySQL (our trusted application) as well as the customer app that uses this database. We were able to do all of this without making any changes to the database or the customer app.

To sum up, using dmesg to troubleshoot your access control issues with the encrypted files can help any Gazzang ezNcrypt user quickly and efficiently figure out what processes need to access the encrypted files.

It’s been a week of ups and downs here at Gazzang. We started on a high note with an excellent all-hands meeting. It’s always great to see and interact with colleagues from out of town, and it really gets you geared up for the exciting quarter ahead.

On the downside, our previously undefeated (with a record of 0-0) kickball team was absolutely steamrolled by a group from the local CVS pharmacy. You wouldn’t know it from this photo though. It’s amazing what turning a 0 into a 5 on the score sheet when the ref isn’t looking will do for morale.

We at Gazzang are a resilient bunch, however. As Texas Longhorns head coach Mack Brown likes to say, “you can’t let one loss beat you twice.” So how did we recover, you ask?

Well, our left centerfielder and Gazzang chief architect, Dustin Kirkland, welcomed his new baby girl, Camille Mae, into the world. And we released the latest version of our flagship Gazzang ezNcrypt product.

Take that CVS!

Gazzang ezNcrypt is all about securing that last line of defense between your sensitive data and unauthorized access or attack. In today’s Friday Top 5, we’ll take a quick look at five features of ezNcrypt.

1. Advanced key management - Key management is often cited as the most difficult task associated with encryption. Gazzang ezNcrypt stores cryptographic keys separate from the encrypted data (either in the cloud or on-premises) to ensure a breach of any kind does not also result in the loss of the key.


2. Process-based access controls - Who, or more appropriately, what has access to the data stored in your environment? Our patent-pending ACL rules limit access to encrypted data and files to specific processes rather than by user. That means only the processes (not individuals) that absolutely require the data and have been authorized access can get to it. Now you don’t have to worry about someone who may have recently left the company still being able to retrieve sensitive data.


3. Transparent data encryption - Gazzang ezNcrypt makes enterprise-class TDE affordable. The software encrypts data within data files to prevent access from the operating system. This means no complex changes to databases, files, applications or storage are required. And because we’re securing data ‘at rest’, the performance impact is virtually unnoticeable.


4. Dynamic Kernel Module Support (DKMS) - Gazzang ezNcrypt now supports virtually any Linux kernel version, ensuring maximum uptime for Gazzang customers during a security patch or kernel modification. This support is delivered via RPM and Debian packages.


5. Parent/child controls - New ACL features provides maximum flexibility and control by letting child processes inherit access from a parent. Just like Camille Mae Kirkland.

An energetic staff member in our marketing department signed us up for a local kickball league. I didn't even know those things existed. Turns out we are in the "super social" category, which means we can drink beer during the game (as long as it's in a cup or an unmarked bag), and it is not supposed to be hyper-competitive. Well we got the beer part down pat, but the team was pretty darn competitive and dug deep for the muscle memory of 3rd-grade kickball. Even with the effort and refreshments, we lost our first game. But, we learned a lot, and we'll be better next time. The experience is somewhat like being in a software start up.

First, a group of people with a range of past experiences, mostly different experiences, are brought together. Just like our kickball backgrounds. From "The Star" in junior high to the "I don't even understand how baseball goes," recent immigrant to the U.S. Yet, we all now share a common goal and have to figure out how to best leverage each team member's skills. Sound like your start up staff?

There is a pitcher. He/she sets the pace, surveys the field, starts the play - YET - everyone else on the field really does the heavy lifting and work. Turns out you CAN'T win kickball with only good pitching. It is not like baseball. I think there was only one strike thrown the entire game, so the ball enters the field of play on EVERY kicker. In a start up, there is a founder or CEO, but for it to work, the team has to be prepared to make things happen. It can't be won by the one leader.

That kickball is giant. I mean, the size of those huge pumpkins you see on the news being hoisted by a forklift at Halloween. Because of this, it moves slow and placement is the secret for success. You must kick the ball to where the fielders AREN'T. In a start up, you have to find a hole in the market, an underserved need or an open space. It is difficult to get a start up going in a crowded market. Just like in kickball where it is best advised to find open field.

Because that giant kickball is so difficult to toss around the bases, you can't get too excited and celebrate after an out on first. Because the runners on the rest of the bases can easily advance to home while you are all high fiveing each other. Yes, this happened to us. In a start up, you need to put a bunch of wins in a row, but you can't get too elated by one small victory. It is step after step, victory after victory, that builds a great company.

You win some and lose some in kickball and in start-up land. You will have failures. That is why kickball has multiple innings and multiple games. In start ups, you will have failures. That is ok. Just make sure you "fail fast" and then make changes. Learn from each failure.

We will be moving people around into different positions, we will change our approach to covering for opposing team short kicks, and we will probably practice throwing the ball into the small of the back of runners. It seems to be such an efficient way to get a runner out (and it is allowed in the rules). In your start up, learn and make changes.

Finally, remember to have fun. At kickball and in your startup. Life is too short. Get pleasure from the journey, the experiences, the success and the failures. Enjoy the Game.

Cyber security is nothing new. For nearly two decades people have talked about and spent billions of dollars on solutions that protect information on the Internet. The problem is those same security evangelists, the people who are supposed to protect consumers, have focused far too much on credit card data.

Last week we had another sobering reminder about the sensitive nature of data stored in the cloud. This extends far beyond the 16 digits on your credit card to include things like addresses, birth dates, social security numbers, physicians’ names, national provider identifiers, tax identification numbers, and procedure codes designed for billing purposes. These were just some of the bits and bytes of information that were compromised when hackers broke into the Utah Department of Health servers.

In total, more than 500,000 records and 280,000 social security numbers were stolen. The agency is cooperating with law enforcement in a criminal investigation, but that’s little assurance to the hundreds of thousands of Medicaid and CHIP clients who were affected.

The Utah Department of Technology Services servers have multi-layered security systems with many controls, including: perimeter security, network security, identity management, application security and data security. But they were missing the one step – transparent data encryption - that might have prevented this ordeal. Sure this wouldn't have prevented hackers from circumventing the security system via a configuration error, however if the data had been encrypted, it would've been meaningless to those who stole it.

Gazzang enables organizations to transparently encrypt sensitive, proprietary data in any cloud environment on any NoSQL platform (including Hadoop, Cassandra and MongoDB). For more information, visit www.securingbigdata.com.

It’s been quite an eventful week for big data and cybersecurity. The White House announced its plans to spend $200 million on big data R&D. Meanwhile, credit card processor, Global Payments Inc., acknowledged a massive security breach may have impacted at least 50,000 customers.

We’ll continue to follow both of these stories and will most certainly comment on them in upcoming blogs and announcements. Today though, we’re going to keep the Friday Top Five pretty light and focus on one of my favorite marketing items… the almighty Infographic.

Now, I willfully acknowledge that there’s a subset of the public that despises infographics. I presume these are folks who would rather read a lengthy white paper (Good news! We have those too) or Dostoyevsky novel. Personally, I can’t get enough of infographics.

If done well, they tell a compelling story using very little text. And any story that can be told in pictures vs. plain text is the best kind of story.

Here are a few security-related infographics caught my eye this week. See what you think:

1. What’s the origin of hacktivism, and how did we get to a point where hacktivists made up the majority of cybercrime in 2011? Check out A History of Hacktivism.


2. Data encryption continues to be a top concern among U.S. companies storing data in the cloud. Check out How Secure Is the Cloud to see whether we’re trusting the cloud just a little bit more these days.


3. 2011 was a painful year for a number of companies. Here’s a list of some of the worst hacking scandals from the past year.


4. How many Libraries of Congress does it take to screw in a lightbulb? I have no idea, but it takes about 18 million of them to house all the data we’ll create in 2015. More fun stats available at Big Data: Defining the Digital Deluge.


5. And finally, here’s an Infographic that unfortunately has absolutely nothing to do with my day job. Did you know the annual revenue from Girl Scout cookies is only about $40 million less than the total revenue from all NCAA sports combined? More delicious info about Thin Mints can be found here.

This past week, the Jumpstart Our Business Startup, or JOBS Act, which was endorsed earlier by the Senate, cleared the US House of Representatives by a (380-41) vote. The bill helps entrepreneurs looking for capital, and is a positive move that is pro-business, pro-jobs, pro-growth, pro-innovation, and pro-wealth creation. Kudos to Capitol Hill. BTW: why would any rational representative be “anti” all those things?

I have been closely watching the creation of the JOBS Act, and Gazzang even signed letters to our representatives to support the bills that undperinned this proposal.

The first is the Entrepreneur Access to Capital Act which makes it easier for businesses to raise capital through what has been called “crowdfunding.” This technique uses the Internet to solicit small investments from large numbers of people. The legislation allows businesses to use crowdfunding to sell unregistered securities as long as the total amount raised is $2 million or less. The bill also limits individual investments in crowdfunded securities to $10,000 or 10 percent of the investor’s annual income. So, it opens up the opportunity to invest in early innovation, while still protecting “Aunt Jenny” from losing her life savings if things don’t work out.

Second, the House voted 421-1 to reform the Securities and Exchange Commission’s Regulation A. This rule currently allows small companies to offer up to $5 million in stock to the public without registering it with the SEC. The Small Company Capital Formation Act raises that threshold to $50 million, which would allow more companies to raise capital without going through the lengthy and costly SEC registration process.

These are both good pieces of legislation that move government out of the way so companies and entrepreneurs can create jobs. We need to all retire the myth that the government can create private sector jobs. What it CAN do is create an environment that is productive and fosters the free movement of capital and ideas. That is how it works.

I spoke to the Austin American Statesman about this topic on Tuesday. Click here for the article: http://bit.ly/GVvnoS

I wanted to share another article on the topic of Securing Big Data. This one appeared in Database Trends and Applications (DBTA) following an interview we gave about our recently launched. Here’s a link to the article: http://bit.ly/HhANHS

Of course I’m a little biased when it comes to news about Gazzang. If you take us out of the equation, however, there are still some really compelling points for any company using data to advance its business goals (and what company isn’t?)

I’ve highlighted some of those points below with a little commentary:

“Right now, everyone is relying on just a simple layer of security like a firewall. What we found was that organizations want to really protect it by encrypting what's being stored and analyzed so that if there ever is a breach, the data is useless.”

I think this statement speaks for itself. Firewalls and intrusion protection are simply not enough anymore, especially with rise of ‘hacktivism’ where data, not money, is often the target. If your data is encrypted, it basically has no value outside the organization.

“Isolate the key from the actual data to ensure that the key is just as secure as the data.”

Key management is often one of the very first conversations we have with our customers. It’s probably the most difficult thing to do associated with encryption, and it’s also the most important. It’s surprising how many companies with homegrown encryption solutions store their keys in the same place as their data.

That’s kind of like “hiding” the key to your car in the ignition. If a thief breaks into your car, you just made it that much easier for them to steal it. Our advice is to store the key far away from the data. So, if we continue with the car analogy, you would store the key in another town, in a safe.

“If it [encryption] is really inexpensive, and it's really fast, why wouldn't you do it?"

Open source tools like eCryptfs are driving down the price of encryption. Meanwhile technologies that enable “transparent” encryption are allowing organizations to maintain big data performance and availability.

Put it this way. If I told you that for a $100, I could rig your car so that only you and those you authorize could operate it, and that parts of the automobile would melt if someone tried to disassemble it, would you do it?

Of course you would. And encrypting big data has a similar effect.

The downside of encryption is you don’t get the awesome flame decals.

We’re going to have a little fun today, both at the hype surrounding big data, and at our CEO, Larry Warnock’s expense. This week, Larry gave an interview to CIO.com in which he likened big data to “"a giant fishing net dragging the bottom.”

Here’s the full text of that quote:

"It's like a giant fishing net dragging the bottom," Warnock says. "There's big fat tuna and swordfish in there, but also mussels and lobsters and flounder. They're just scraping data and they don't know yet what they're going to do with it. The correlations that could be drawn from that data haven't even been determined yet."

You can determine whether that’s really the best analogy for big data. Cleary someone needs to explain what the hubbub is about, because there’s apparently a lot of confusion over what big data actually is.

So with tongue firmly planted in cheek, I’d like to present five other big data analogies that have nothing to do with the fishing industry:

5) Big Data is like the WOPR. If HAL 9000 and Johnny 5 had a baby, it would look like the War Operation Plan Response (WOPR) from WarGames. For most of the movie, the WOPR sits idly by with lights blinking randomly. But what we don’t realize is this machine is ingesting and analyzing data in real-time about potential nuclear strikes and the effectiveness of countermeasures. If only the WOPR was smart enough to realize it’s primary source of information was a high-school kid with a bad haircut and a penchant for ditching class.

4) Big Data is like a vacuum cleaner. Credit this one to Larry too. Big data is quickly sucking up tons of content. Some of it good (coins, lost jewelry, etc…); but some seemingly useless at the time. In many cases you don’t realize what you have until you sift through it, and make sense of it.

Usually, I find crushed cheerios and raisins. Thanks kids.

3) Big Data is like a box of chocolates. On a related note, if Whitman’s actually used big data, they’d realize nobody like the ones with the raspberry filling.

2) Big Data is like fine liquor. Gazzang chief architect, Dustin Kirkland came up with this one. The basic idea is that the whole is greater than the sum of its parts. To realize the whole, or in this analogy, the keen insight, you need the right ingredients (data), a precise distillation process (parsing and analytics), yeast (different data) and fermentation (time).

With big data, you don’t often get brilliant results the first time out, so you need to repeat the process. In much the same way, the best liquors are distilled several times over. Where the analogy changes a bit is this. A great tequila or scotch may take several years to reach its full potential. With big data, however, all you need is extra hardware and software, and you can hit your destination in hours, even minutes.

I guess what I'm saying is, it’s Friday and I'm thirsty.

1) Big Data is like The Matrix. I think I’m going to save this explanation for a future blog, but just know this. There’s absolutely no way Keanu Reeves learns Kung Fu in five seconds without using big data.

In fact, I’d go so far as to say if the Matrix weren’t an enormous big data project, the world the computers created probably would probably resemble a crudely animated cable show:

Regardless of how you define big data, it’s important to remember that if the data is important enough to be analyzed, it’s important enough to secure.

What do you think? Send us your best big data analogies?