In May of 1974, singer-songwriter, Dave Loggins released his first hit single, titled, "Please Come to Boston." Before this week, Dave was best known to us at Gazzang as the slightly older cousin of movie-soundtrack legend, Kenny Loggins. Today however, the opening verse to Dave's song, "Please come to Boston for the springtime," takes on a new meaning.
This morning the MIT Sloan CIO Symposium announced the ten companies that were selected to exhibit at their 2012 Innovation Showcase. Gazzang was the lone Austin-based company chosen and the only one focused on providing big data security solutions to enterprise customers.
The event takes place on May 22nd on the MIT campus.
I hear Boston in the springtime is nice. Maybe we'll sell some sidewalk paintings while we're out there.
Happy almost Earth Day everyone. I really hope you’re planning to spend your Sunday mulching, weeding, watering, nurturing, composting, recycling and not doing a single thing to pollute or damage the earth. To do my part, I’m going to spend the day reading poetry to a bale of turtles that congregate at Lady Bird Lake.
In honor of earth day, this week’s Friday Top 4 focuses on sustainability. Namely four trends that I hope stick around awhile, and one that needs to go away as quickly as possible.
Also, please do not print this blog post. Think of the trees.
Look for more news from Gazzang in the coming weeks and months as we continue to bring innovative solutions to market that help organizations protect sensitive information and analyze their IT data.
Anonymous? Really? This hacker collective is stealing sensitive data from organizations, and in some cases, making life and work more dangerous for law enforcement. Shouldn’t they at least be in the rogue’s gallery?
Anyway, controversial or not, I simply love anything in list format.
The other day I was helping a prospect install Gazzang ezNcrypt on a server with what we THOUGHT was a typical installation of MySQL. In fact, the ezNcrypt Configuration module (for MySQL, Apache and PostgreSQL) identified a common MySQL configuration with everything in the locations we expected to find them. For example, the MySQL Data Dir was found to be /var/lib/mysql/, and the MySQL daemon was found in /usr/sbin/mysqld.
We followed the Configuration script and ended up with two ACL rules. We had our @mysql rule which we planned to use to encrypt the database files, and a very similar @log rule.
They looked like this:
# - Type Category Path Process
1 ALLOW @mysql * /usr/sbin/mysqld
2 ALLOW @log * /usr/sbin/mysqld
Thinking everything was good, we then proceeded to encrypt the database they wanted to encrypt. Expecting that the customer would go to /var/lib/mysql to the database folder, I was a little bit surprised when they navigated to /opt/lampp/mysql/. This wasn't a big concern, as Gazzang's ACL rules can be applied to any directory. So we encrypted the database and tested the application's web site used to access information in the database.
When we opened the web application, we discovered that the database we just encrypted was not visible. As one more test, we logged in to phpMyAdmin on the customer's desktop (where most administration and maintenance of the server was handled), but the database was not visible there either.
Since this was a fresh install of Gazzang ezNcrypt, I knew that everything was installed properly and running, so it was very likely the ACL Rules were not configured properly.
The fastest and easiest way to figure out what's wrong in a situation like this is to check dmesg. The "dmesg" command prints the messages in the buffer of the Linux kernel. Gazzang ezNcrypt sends failed access attempt messages to the "dmesg" output, giving us an easy way to figure out what scripts / processes / applications are trying to access and use the encrypted files.
When we ran dmesg, the error message showed that the "mysqld" process that needed to access the files was actually in /opt/lampp/mysql/mysqld. This server had MySQL installed in two different directories, with the MySQL daemon that was actually running and needing to access the encrypted database files residing NOT in /usr/sbin/mysqld, but /opt/lampp/mysql/mysqld!
SOLUTION: Add the appropriate "MySQL" ACL Rules that ALLOW the "correct" mysqld process access the files. So, when we added the @mysql and @log ACL rules using the process shown in our dmesg output, everything worked the way we expected. Here are the two "corrected" rules (#3 and #4) just below the incorrect rules we started with so you can compare them.
They look like this:
# - Type Category Path Process
1 ALLOW @mysql * /usr/sbin/mysqld
2 ALLOW @log * /usr/sbin/mysqld
3 ALLOW @mysql * /opt/lampp/mysql/mysqld
4 ALLOW @log * /opt/lampp/mysql/mysqld
Once we had the correct "mysqld" process defined in our ACL rules, the database that contained the sensitive data was fully encrypted on the disk, but readily available to MySQL (our trusted application) as well as the customer app that uses this database. We were able to do all of this without making any changes to the database or the customer app.
To sum up, using dmesg to troubleshoot your access control issues with the encrypted files can help any Gazzang ezNcrypt user quickly and efficiently figure out what processes need to access the encrypted files.
It’s been a week of ups and downs here at Gazzang. We started on a high note with an excellent all-hands meeting. It’s always great to see and interact with colleagues from out of town, and it really gets you geared up for the exciting quarter ahead.On the downside, our previously undefeated (with a record of 0-0) kickball team was absolutely steamrolled by a group from the local CVS pharmacy. You wouldn’t know it from this photo though. It’s amazing what turning a 0 into a 5 on the score sheet when the ref isn’t looking will do for morale. We at Gazzang are a resilient bunch, however. As Texas Longhorns head coach Mack Brown likes to say, “you can’t let one loss beat you twice.” So how did we recover, you ask?
Well, our left centerfielder and Gazzang chief architect, Dustin Kirkland, welcomed his new baby girl, Camille Mae, into the world. And we released the latest version of our flagship Gazzang ezNcrypt product.
Take that CVS!
Gazzang ezNcrypt is all about securing that last line of defense between your sensitive data and unauthorized access or attack. In today’s Friday Top 5, we’ll take a quick look at five features of ezNcrypt.
An energetic staff member in our marketing department signed us up for a local kickball league. I didn't even know those things existed. Turns out we are in the "super social" category, which means we can drink beer during the game (as long as it's in a cup or an unmarked bag), and it is not supposed to be hyper-competitive. Well we got the beer part down pat, but the team was pretty darn competitive and dug deep for the muscle memory of 3rd-grade kickball. Even with the effort and refreshments, we lost our first game. But, we learned a lot, and we'll be better next time. The experience is somewhat like being in a software start up.
First, a group of people with a range of past experiences, mostly different experiences, are brought together. Just like our kickball backgrounds. From "The Star" in junior high to the "I don't even understand how baseball goes," recent immigrant to the U.S. Yet, we all now share a common goal and have to figure out how to best leverage each team member's skills. Sound like your start up staff?
There is a pitcher. He/she sets the pace, surveys the field, starts the play - YET - everyone else on the field really does the heavy lifting and work. Turns out you CAN'T win kickball with only good pitching. It is not like baseball. I think there was only one strike thrown the entire game, so the ball enters the field of play on EVERY kicker. In a start up, there is a founder or CEO, but for it to work, the team has to be prepared to make things happen. It can't be won by the one leader.
That kickball is giant. I mean, the size of those huge pumpkins you see on the news being hoisted by a forklift at Halloween. Because of this, it moves slow and placement is the secret for success. You must kick the ball to where the fielders AREN'T. In a start up, you have to find a hole in the market, an underserved need or an open space. It is difficult to get a start up going in a crowded market. Just like in kickball where it is best advised to find open field.
Because that giant kickball is so difficult to toss around the bases, you can't get too excited and celebrate after an out on first. Because the runners on the rest of the bases can easily advance to home while you are all high fiveing each other. Yes, this happened to us. In a start up, you need to put a bunch of wins in a row, but you can't get too elated by one small victory. It is step after step, victory after victory, that builds a great company.
You win some and lose some in kickball and in start-up land. You will have failures. That is why kickball has multiple innings and multiple games. In start ups, you will have failures. That is ok. Just make sure you "fail fast" and then make changes. Learn from each failure.
We will be moving people around into different positions, we will change our approach to covering for opposing team short kicks, and we will probably practice throwing the ball into the small of the back of runners. It seems to be such an efficient way to get a runner out (and it is allowed in the rules). In your start up, learn and make changes.
Finally, remember to have fun. At kickball and in your startup. Life is too short. Get pleasure from the journey, the experiences, the success and the failures. Enjoy the Game.
Cyber security is nothing new. For nearly two decades people have talked about and spent billions of dollars on solutions that protect information on the Internet. The problem is those same security evangelists, the people who are supposed to protect consumers, have focused far too much on credit card data.
Last week we had another sobering reminder about the sensitive nature of data stored in the cloud. This extends far beyond the 16 digits on your credit card to include things like addresses, birth dates, social security numbers, physicians’ names, national provider identifiers, tax identification numbers, and procedure codes designed for billing purposes. These were just some of the bits and bytes of information that were compromised when hackers broke into the Utah Department of Health servers.
In total, more than 500,000 records and 280,000 social security numbers were stolen. The agency is cooperating with law enforcement in a criminal investigation, but that’s little assurance to the hundreds of thousands of Medicaid and CHIP clients who were affected.
The Utah Department of Technology Services servers have multi-layered security systems with many controls, including: perimeter security, network security, identity management, application security and data security. But they were missing the one step – transparent data encryption - that might have prevented this ordeal. Sure this wouldn't have prevented hackers from circumventing the security system via a configuration error, however if the data had been encrypted, it would've been meaningless to those who stole it.
Gazzang enables organizations to transparently encrypt sensitive, proprietary data in any cloud environment on any NoSQL platform (including Hadoop, Cassandra and MongoDB). For more information, visit www.securingbigdata.com.
It’s been quite an eventful week for big data and cybersecurity. The White House announced its plans to spend $200 million on big data R&D. Meanwhile, credit card processor, Global Payments Inc., acknowledged a massive security breach may have impacted at least 50,000 customers.
We’ll continue to follow both of these stories and will most certainly comment on them in upcoming blogs and announcements. Today though, we’re going to keep the Friday Top Five pretty light and focus on one of my favorite marketing items… the almighty Infographic.
Now, I willfully acknowledge that there’s a subset of the public that despises infographics. I presume these are folks who would rather read a lengthy white paper (Good news! We have those too) or Dostoyevsky novel. Personally, I can’t get enough of infographics.
If done well, they tell a compelling story using very little text. And any story that can be told in pictures vs. plain text is the best kind of story.
Here are a few security-related infographics caught my eye this week. See what you think:
This past week, the Jumpstart Our Business Startup, or JOBS Act, which was endorsed earlier by the Senate, cleared the US House of Representatives by a (380-41) vote. The bill helps entrepreneurs looking for capital, and is a positive move that is pro-business, pro-jobs, pro-growth, pro-innovation, and pro-wealth creation. Kudos to Capitol Hill. BTW: why would any rational representative be “anti” all those things?
I have been closely watching the creation of the JOBS Act, and Gazzang even signed letters to our representatives to support the bills that undperinned this proposal.
The first is the Entrepreneur Access to Capital Act which makes it easier for businesses to raise capital through what has been called “crowdfunding.” This technique uses the Internet to solicit small investments from large numbers of people. The legislation allows businesses to use crowdfunding to sell unregistered securities as long as the total amount raised is $2 million or less. The bill also limits individual investments in crowdfunded securities to $10,000 or 10 percent of the investor’s annual income. So, it opens up the opportunity to invest in early innovation, while still protecting “Aunt Jenny” from losing her life savings if things don’t work out.
Second, the House voted 421-1 to reform the Securities and Exchange Commission’s Regulation A. This rule currently allows small companies to offer up to $5 million in stock to the public without registering it with the SEC. The Small Company Capital Formation Act raises that threshold to $50 million, which would allow more companies to raise capital without going through the lengthy and costly SEC registration process.
These are both good pieces of legislation that move government out of the way so companies and entrepreneurs can create jobs. We need to all retire the myth that the government can create private sector jobs. What it CAN do is create an environment that is productive and fosters the free movement of capital and ideas. That is how it works.
I spoke to the Austin American Statesman about this topic on Tuesday. Click here for the article: http://bit.ly/GVvnoS
I wanted to share another article on the topic of Securing Big Data. This one appeared in Database Trends and Applications (DBTA) following an interview we gave about our recently launched. Here’s a link to the article: http://bit.ly/HhANHS
Of course I’m a little biased when it comes to news about Gazzang. If you take us out of the equation, however, there are still some really compelling points for any company using data to advance its business goals (and what company isn’t?)
I’ve highlighted some of those points below with a little commentary:
“Right now, everyone is relying on just a simple layer of security like a firewall. What we found was that organizations want to really protect it by encrypting what's being stored and analyzed so that if there ever is a breach, the data is useless.”
I think this statement speaks for itself. Firewalls and intrusion protection are simply not enough anymore, especially with rise of ‘hacktivism’ where data, not money, is often the target. If your data is encrypted, it basically has no value outside the organization.
“Isolate the key from the actual data to ensure that the key is just as secure as the data.”
Key management is often one of the very first conversations we have with our customers. It’s probably the most difficult thing to do associated with encryption, and it’s also the most important. It’s surprising how many companies with homegrown encryption solutions store their keys in the same place as their data.
That’s kind of like “hiding” the key to your car in the ignition. If a thief breaks into your car, you just made it that much easier for them to steal it. Our advice is to store the key far away from the data. So, if we continue with the car analogy, you would store the key in another town, in a safe.
“If it [encryption] is really inexpensive, and it's really fast, why wouldn't you do it?"
Open source tools like eCryptfs are driving down the price of encryption. Meanwhile technologies that enable “transparent” encryption are allowing organizations to maintain big data performance and availability.
Put it this way. If I told you that for a $100, I could rig your car so that only you and those you authorize could operate it, and that parts of the automobile would melt if someone tried to disassemble it, would you do it?
Of course you would. And encrypting big data has a similar effect.
The downside of encryption is you don’t get the awesome flame decals.
We’re going to have a little fun today, both at the hype surrounding big data, and at our CEO, Larry Warnock’s expense. This week, Larry gave an interview to CIO.com in which he likened big data to “"a giant fishing net dragging the bottom.”
Here’s the full text of that quote:
"It's like a giant fishing net dragging the bottom," Warnock says. "There's big fat tuna and swordfish in there, but also mussels and lobsters and flounder. They're just scraping data and they don't know yet what they're going to do with it. The correlations that could be drawn from that data haven't even been determined yet."
You can determine whether that’s really the best analogy for big data. Cleary someone needs to explain what the hubbub is about, because there’s apparently a lot of confusion over what big data actually is.
So with tongue firmly planted in cheek, I’d like to present five other big data analogies that have nothing to do with the fishing industry:
5) Big Data is like the WOPR. If HAL 9000 and Johnny 5 had a baby, it would look like the War Operation Plan Response (WOPR) from WarGames. For most of the movie, the WOPR sits idly by with lights blinking randomly. But what we don’t realize is this machine is ingesting and analyzing data in real-time about potential nuclear strikes and the effectiveness of countermeasures. If only the WOPR was smart enough to realize it’s primary source of information was a high-school kid with a bad haircut and a penchant for ditching class.
4) Big Data is like a vacuum cleaner. Credit this one to Larry too. Big data is quickly sucking up tons of content. Some of it good (coins, lost jewelry, etc…); but some seemingly useless at the time. In many cases you don’t realize what you have until you sift through it, and make sense of it.
Usually, I find crushed cheerios and raisins. Thanks kids.
3) Big Data is like a box of chocolates. On a related note, if Whitman’s actually used big data, they’d realize nobody like the ones with the raspberry filling.
2) Big Data is like fine liquor. Gazzang chief architect, Dustin Kirkland came up with this one. The basic idea is that the whole is greater than the sum of its parts. To realize the whole, or in this analogy, the keen insight, you need the right ingredients (data), a precise distillation process (parsing and analytics), yeast (different data) and fermentation (time).
With big data, you don’t often get brilliant results the first time out, so you need to repeat the process. In much the same way, the best liquors are distilled several times over. Where the analogy changes a bit is this. A great tequila or scotch may take several years to reach its full potential. With big data, however, all you need is extra hardware and software, and you can hit your destination in hours, even minutes.
I guess what I'm saying is, it’s Friday and I'm thirsty.
1) Big Data is like The Matrix. I think I’m going to save this explanation for a future blog, but just know this. There’s absolutely no way Keanu Reeves learns Kung Fu in five seconds without using big data.
In fact, I’d go so far as to say if the Matrix weren’t an enormous big data project, the world the computers created probably would probably resemble a crudely animated cable show:
Regardless of how you define big data, it’s important to remember that if the data is important enough to be analyzed, it’s important enough to secure.
What do you think? Send us your best big data analogies?