Open Source Security Issues Emerge Again
March 20, 2013
When discussing software that essentially powers an entire organization, security should always be a concern. Many tout open source for being a powerful answer to many of the security issues (mainly viruses) that target proprietary solutions. However, with a recent scare, some give reasons to be caution about open source software security also. Read more in the TechWorld article, “Security of Open-source Software Again Being Scrutinised.”
The article begins:
“A recent round of flaws discovered in open-source software has reignited concerns that security is getting bypassed in the rush to continue expanding the large and extremely popular code base used by millions. For instance, although the Java-based Spring Framework was criticised by security researchers in January as having a major flaw that allowed remote-code execution by attackers against applications built with it, the updates to Spring this week don’t address this security problem.”
For many organizations, the answer to security concerns is to choose a value-added solution that is built on open source technology. In this way, users get the flexibility and affordability of cutting-edge open source technology. However, they also get the customer support, security updates, and training that goes along with a trusted name in the industry. Take LucidWorks for example, their support and training is unparallel.
Emily Rae Aldridge, March 20, 2013
Sponsored by ArnoldIT.com, developer of Beyond Search
Hadoop Attempts to Secure Big Data
March 8, 2013
Hadoop creates lots of headlines with its open source framework that can handle data-intensive distributed applications. Many recent headlines have focused on the fact that by adding Hadoop to their framework, many solutions can improve their security. TechCrunch addresses the issue in its article, “Intel Launches Hadoop Distribution And Project Rhino, An Effort To Bring Better Security To Big Data.”
The article begins:
“Intel has launched its own Hadoop distribution, entering an already crowded market of major players all looking to get a piece of the big data pie. The company also announced an open-source effort to enhance security in Hadoop. Earlier this week, EMC and HP each announced its own Hadoop distribution. But for Intel, the challenge is to fortify its market-leading position in the data center, where it will face increasing challenge from an emerging ARM ecosystem.”
While Big Data is in many ways a new issue and is therefore demanding new technology, security does not have to be an issue at every turn. For instance, there are solutions built by industry-leading companies that have a strong record of security as well as support and training. LucidWorks is one of them and is definitely worth a second look.
Emily Rae Aldridge, March 8, 2013
Sponsored by ArnoldIT.com, developer of Beyond Search
Murdock Says Wall Street Journal Still Under Hacker Attack
February 15, 2013
Now, isn’t this ironic? TNW reports, “Rupert Murdoch Claims Chinese Hackers Are Still Attacking the Wall Street Journal.” Didn’t Murdoch’s own News Corp. use improper methods to obtain information? I didn’t think Karma usually worked that quickly.
Following revelations that the New York Times had been hacked, the world learned that the WSJ had also been targeted. Now, the paper’s (in)famous owner claims the attacks have not been stopped. Writer John Russell tells us:
“The Australia-born media mogul took to Twitter to reveal that the newspaper was still being targeted by Chinese hackers over the weekend. That’s just days after the WSJ bolstered its network security last week after its computer systems ‘had been infiltrated by Chinese hackers for the apparent purpose of monitoring the newspaper’s China coverage’.
“Murdoch has not provided any further substantiation of his claims.”
These two news outlets, as well as Bloomberg, seem to have been targeted as a result of their coverage of Chinese politics. Though there is yet no evidence to support the theory, security experts suspect that the Chinese government is behind the intrusions. Such charges are nothing new to China, who is also known for its embrace of Internet censorship.
Cynthia Murrell, February 15, 2013
Sponsored by ArnoldIT.com, developer of Augmentext
Security Solutions Find Greater Dependence on Open Source
January 16, 2013
Information technology security is always on the top of the list in terms of priorities. Increasingly, open source is playing a larger role in developing security solutions. Open source brings lots of good things to the table including agility, creativity, and cost effectiveness. The article, “Risk I/O Lowers Risk by Raising IT Security Intelligence,” discusses how Risk I/O is building security on top of an open source foundation.
The article gets to the point with Risk I/O’s utilization of Apache Solr:
“According to Bellis, the Risk I/O platform uses the open source Ruby on Rails framework on the front end, as well as the open source Apache Solr search technology. Risk I/O’s prioritization and predictive analytics capabilities are proprietary technologies. From a security perspective, all of the data used on the platform is encrypted both while at rest and while in motion.”
Open source not only contributes to security solutions themselves, but also increases the security advantage of any software solution built on open source. Another open source software offering is LucidWorks, also built on Apache Solr. LucidWorks specializes in enterprise search technology, with a new LucidWorks Big Data suite devoted to the emerging Big Data phenomenon. LucidWorks is worth a look for a secure and cost effective enterprise search solution.
Emily Rae Aldridge, January 16, 2013
Sponsored by ArnoldIT.com, developer of Augmentext
Big Data on National Security
January 15, 2013
Big Data is all the buzz these days and its impact on national security, or security in general, is really growing. Security implications are obvious when technologists start talking about extracting data from minute data. On that note, Cloudera is hosting a forum on the national security of implications of Big Data on January 30th. The conversation is focused on Apache Hadoop. Read all the details in Bob Gourley’s blog entry, “Are You Architecting Sensemaking Solutions in the National Security Space? Register for 30 Jan Federal Big Data Forum Sponsored by Cloudera.”
Gourley begins:
“Friends at Cloudera are lead sponsors and coordinators of a new Big Data Forum focused on Apache Hadoop. The first, which will be held 30 January 2013 in Columbia Maryland, will be focused on lessons learned of use to the national security community. This is primarily for practitioners and leaders fielding real working Big Data solutions on Apache Hadoop and related technologies.”
The forum would be worth a look for those in this line of work. Many open source vendors, particularly those who deal with Big Data, are trying to address the issue of national security. LucidWorks is another company making an impact on security with its Big Data work. Their partnership with ISS brings their Big Data solutions to the federal government to tackle Special Operations, Counter-Drug, and Counter-Terrorism among others.
Emily Rae Aldridge, January 15, 2013
Sponsored by ArnoldIT.com, developer of Augmentext
Attivio Offers Attractive Security Options
January 7, 2013
Attivio makes a very strong case for its own security solution in “The Pitfalls of Early Binding, Late Binding and Hybrid Security Models.” The well-organized article begins by describing each model and its pitfalls. For example, early binding requires constant content reprocessing, while late binding tends to slow response times considerably. The hybrid model, naturally, retains flaws from both its parent models. This section would actually make a good primer on the subject.
Next, the piece explains Attivio’s unique approach, which began by looking at how organizations actually used access controls. Steve Bower, director of client engineering and author of the post, discusses his company’s method:
“The first thing we came to understand was that changes in access control are primarily changes in access to sets – sometimes large – of content, as well changes to the user/group structure itself. . . .
“At the root of our Active Security model is the idea of breaking up the access control problem into its constituent parts; users, groups, documents and ACLs. To accomplish this, Active Security models documents, ACLs and user/group hierarchies as independent records within the Attivio universal index, enabling discrete control by allowing for independent updates to any part of the system. At query time these pieces are brought together, in a single query execution, using a combination of Attivio’s patented JOIN operator and Attivio’s GRAPH operator.”
Bower states that this innovative approach results in improvements over the traditional options, including latency reduction and a reduced load on security systems. He also lauds the platform’s scalability, simplicity, and extensibility.
Headquartered in Newton, MA, Attivio also has offices in the UK and Germany. The company offers high-performance, cost-effective approaches to the complex data challenges faced by government agencies and their defense and aerospace colleagues. Attivio prides itself on innovatively integrating enterprise search, intelligence, and analytic capabilities to provide the best solutions.
Cynthia Murrell, January 07, 2013
Sponsored by ArnoldIT.com, developer of Augmentext
Established Search Providers Like Intrafind Design a Big Data Future with Results
November 23, 2012
What is Big Data and what can it do for businesses today? That seems to be the billion dollar question, as businesses literally spent billions on Big Data programs, software and projects this past year. The irony is that despite all the headline hype and the funds being invested, companies are still not sure what they are getting out of Big Data according to Business Insider’s article “Enterprises Are Spending Wildly On ‘Big Data’ But Don’t Know If It’s Worth It Yet”.
This is not to say that corporations do not have Big Data designs in mind for the future:
“Big Data” means scooping up large quantities of information, often from nontraditional, server-busting sources like Web traffic logs or social media, and using it to make business decisions in real time. Including things like watching competitors, monitoring their own brands, creating new services that they can sell, and tracking product and pricing information.”
With over $4.3 billion spent in 2012 and an estimated $34 billion expected in 2013 it is no wonder that Big Data has been generating a lot of buzz. However, all the hype means nothing without an eventual increase in efficiency and ROI. When it comes to finding the right data, companies would benefit from the use of an established search provider like Intrafind that offers rich tagging features and secure search within the enterprise.
Jennifer Shockley, November xx, 2012
Sponsored by ArnoldIT.com, developer of Augmentext
Enterprise Content Management in the Big Data Era is Complex
November 6, 2012
The evolution of ECM through the past years can be tough to follow, and the future can be even harder to predict. The challenges range from digitizing paper documents to constant process changes. The article “Maturing ECM Technology Tested by Increase in Data” on PropertyCasualty360 speaks on the various problems that can arise in the Big Data era, like analyzing and managing content in data warehouses and the cloud.
The article continues and elaborates on the future of enterprise content management:
“Through web services, carriers will call out to the ECM systems to restore, retrieve, and search through documents. They are not necessarily interacting with the ECM solution, but the new core system as the front end.
‘There are different approaches being taken and the effort going forward and finding how these systems work together and how the workflows work together is proving to be a big job for carriers,’ says [David Packer, a principal for the technology consulting group X by 2.]”
Enterprise content management has multiple layers and they are complex, and the systems are likely to remain elaborate. Working with vendors such as Intrafind that offer secure access and robust search is a good business practice that can help alleviate some of the complexity.
Andrea Hayden, November 6, 2012
Sponsored by ArnoldIT.com, developer of Augmentext
Google Search Appliance Updates for the Enterprise
November 2, 2012
The shiny new 7.0 version of Google Search Appliance has been updated for the enterprise, now allowing administrators to add information to the cloud, various social media outlets, and other online storage sites. According to the article “Enterprise Tools Added to Google Search Appliance” on PC Advisor, the upgrade includes a new Entity Recognition feature with auto suggestions for searches as well as a document preview feature.
The article tells us why the need for such an update is necessary for the enterprise:
“IDC analyst David Schubmehl said users would like enterprise searches to be as easy as Web searches, noting that slow searches can hurt productivity. A 2009 IDC study found that the time spent searching for data averaged 8.8 hours per week per employee, at a cost of $14,209 per worker per year.”
We believe Google Enterprise offers some great features, including the option for employees to add their own search results to existing results. However, if secure search and access is an enterprise priority for your corporation, then we would recommend a careful examination before opting for Google Enterprise. A company such as Intrafind offers a secure option for searching structured and unstructured enterprise data.
Andrea Hayden, November 2, 2012
Sponsored by ArnoldIT.com, developer of Augmentext
Secure Cloud Platform Product Addresses Search Woes
October 25, 2012
Cloud platforms present an interesting issue for those attempting to search across such siloed cloud applications in real-time. OneLogin, cloud identity management specialists, recently released a product to help businesses facing these woes. In the article “OneLogin Launches First-Ever Federated Cloud Search” on The Herald, we learn about the Cloud Search product which allows users to search across public cloud applications like Google Apps, Box, and Zendesk.
We learn more about the necessity and benefits of this type of search product in the enterprise:
“‘Employees at cloud-centric enterprises have to navigate a variety of cloud applications every day, yet they are unable to search across these applications with Google-like searchability,’ said Thomas Pedersen, founder and chief executive officer of OneLogin. ‘Cloud Search is a revolutionary product that provides users with actionable insights into products, projects and customer issues. It is also the realization of our platform vision to help CIOs securely leverage their cloud application portfolio.’”
OneLogin Cloud Search is also tied to an enterprise’s existing security model. This ensures that employees only have access to content that is authorized for them.
We are happy to see new players explore secure search. For a product that has been tested and in use for a longer period of time, Intrafind is a secure choice. Intrafind allows for users to search structured and unstructured enterprise data securely with a wide range of connectors.
Andrea Hayden, October 25, 2012
Sponsored by ArnoldIT.com, developer of Augmentext
-
- Subscribe to Beyond Search
Feature archive
News archive
-
