Featured Posts

<< >>

Don’t Drain iPhone 6 Batteries

If you are one of the 10 million who just got their brand new waterproof flex-iPhone 6, charged it in the microwave got your network and WiFi connectivity back and updated it again. There is another rumor surrounding the smartphone that was not-right. Many people still believe it’s always best for the life of the iPhone

Internet of Things Full of Holes

The Internet of Things, is big and heading towards huge. The Internet of Things (IoT) is a system where unique identifiers are assigned to  objects, animals or people. These “Things” then transfer data over a network without requiring human-to-human or human-to-computer interaction. Whatis.com says IoT evolved from the convergence of wireless technologies, micro-electromechanical systems (MEMS) and

Super-Sized Storage Save Tape

The LTO Program Technology Provider Companies (TPCs) HP, IBM and Quantum Corp., recently announced the extension of the LTO tape product roadmap to include generations 9 and 10. SearchStorage says that Linear Tape-Open (LTO) is an open-format tape storage technology developed by Hewlett-Packard (HPQ), International Business Machines (IBM), and Certance. (Quantum (QTM)  acquired Centance in 2004).

10 Policies to Minimize BYOD Risk

The challenge for employers offering BYOD, according to schnaderworks, a labor and employment blog from Schnader Harrison Segal & Lewis LLP, is finding the right cost/benefit balance for their businesses. In developing an effective “bring your own device” (BYOD) policy, employers must first identify which employees will be eligible for the program according to the blog.

Cloud Storage, Back-Up Bust

It is heady times fans of cloud storage these days.  In case you haven’t been paying attention, the cloud file storage corner of the IT universe has been heating up for the past couple of months. Dropbox, Microsoft (MSFT), Google (GOOG) and Apple (AAPL) have been leapfrogging each other in an apparent effort to buy mind-share. Dropbox

Don’t Drain iPhone 6 Batteries

If you are one of the 10 million who just got their brand new waterproof flex-iPhone 6, charged it in the microwave got your network and WiFi connectivity back and updated it again. There is another rumor surrounding the smartphone that was not-right. Many people still believe it’s always best for the life of the iPhone 6 battery to let it drain fully before charging it again.

AppleNo so fastCaroline Moss at Business Insider explains that there was a time when cell-phones and most electronics ran on Nickel-Cadmium batteries. When a device uses a Nickel-Cadmium battery, you’d want to let your feature-phone fully drain before charging it again. Why? Nickel-Cadmium batteries, suffer from what’s known as memory effect.” When they are charged and discharged hundreds of times, they start to lose the ability to charge up to 100%, draining your battery life significantly over time.

In 2006, Lithium-Ion batteries replaced most NiCd batteries. Ms. Moss says these new batteries can be found in all Apple (AAPL) devices and do not suffer from “memory effect” the way NiCd batteries do. Apple says on its website:

Lithium-ion polymer batteries have a high power density, and you can recharge a lithium-ion polymer battery whenever convenient, without Batteryrequiring a full charge or discharge cycle.

Apple does recommend, however, that you should let the device go through at least one charge cycle each month to help keep the electrons moving (as opposed to a NiCd battery which needs to go through a full charge cycle every few days). Letting the device drain from 100% to fully shutting off at 0% helps to maintain the life of the battery.

Robin Lim at The Android Guy wrote that the typical modern lithium-ion battery you find in a mobile device should last for 500 charge and discharge cycles depending. Five hundred cycles should be enough to get you through two years.

Five hundred cycles is more than it sounds. A battery cycle means a full charge and discharge. So if you charge your battery before it is empty, it will not count as a full cycle. Ms. Kim claims that if you usually charge battery when it gets to 30%, it should be good for over 700 charges.

BatteryThe battery does naturally degrade over time. While the battery is designed to last 500 cycles, it does not mean that the battery will maintain a 100% charge throughout the 500 cycles. It also does not mean that after 500 cycles, the battery will die. After 500 charge and discharge cycles, your battery would be at about 70% of its original battery life. Your phone will still report that it is 100% fully charged, but it will really be at about only 70%. Basically, your battery deteriorates about 30%, gradually, over the 500 charge and discharge cycles according to the article.

Ms.Lim offers tips to maintain LI-on batteries.

Lithum Ion battery

  1. Avoid letting the battery drain below 20-30%. Partial discharges are actually better for your battery. The old rule that you had to fully discharge your battery, does not apply to the Lithium-Ion and Lithium-Polymer used in smartphones today. Battery University tests have shown one full discharge your battery once results in more wear and tear than charging it twice when it hits 30%.
  2. Recharge often. Given that recharging at higher levels of remaining battery life results in less wear and tear, it makes sense to recharge frequently.
  3. ParBattery Healthtial charge is okay. Plugging in the battery for your new iPhone 6 for even half an hour will keep your remaining battery level higher at the end of the day.
  4. Calibrate once every month or two. The Android Guy says continuous partial discharges create a condition called digital memory. Your smartphone does not really measure battery life, but really just estimates the remaining charge. Partial discharges decrease the accuracy of the device’s battery gauge. So once every month, or every other month, let the battery discharge to the cut-off point and then recharge. Once fully charged, leave it plug to the wall charging for another two hours. The power gauge will be recalibrated.

 

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Internet of Things Full of Holes

Internet of Things  Full of HolesThe Internet of Things, is big and heading towards huge. The Internet of Things (IoT) is a system where unique identifiers are assigned to  objects, animals or people. These “Things” then transfer data over a network without requiring human-to-human or human-to-computer interaction. Whatis.com says IoT evolved from the convergence of wireless technologies, micro-electromechanical systems (MEMS) and the Internet.

BI IoT device prediction Business Insider believes that the IoT will be the biggest thing since sliced bread. They claim there are 1.9 billion IoT devices today, and 9 billion by 2018, which roughly equal to the number of smartphones, smart TVs, tablets, wearable computers, and PCs combined. Gartner (IT) predicts that there will be 26 billion IoT devices by 2020. Based on a recent article on InfoSecurity Magazine is a very very scary thing.

The InfoSecurity article says HP (HPQ) found 70% of the most common IoT devices have security vulnerabilities. HP used its Fortify On Demand testing service to uncover the security flaws. HP detected flaws in IoT devices like TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers as well as their cloud and mobile app elements according to the new  study.

HP then tested them with manual and automated tools HP then tested them with manual and automated tools and assessed their security rating according to the vendor neutral OWASP Internet of Things Top 10 list of vulnerability areas. The author concludes that the results raised significant concerns about user privacy and the potential for attackers to exploit the devices and their cloud and app elements. Some of the results are:

  • A total of 250 security concerns were uncovered across all tested devices, which boils down to 25 on average per device,
  • 90% of devices collected at least one piece of personal information via the device, the cloud or its mobile application,
  • 80% of devices studied allowed weak passwords like 1234 opening the door for WiFi-sniffing hackers,
  • 80% raised privacy concerns about the sheer amount of personal data being collected,
  • 70% of the devices analyzed failed to use encryption for communicating with the Internet and local network,
  • 60% had cross-site scripting or other flaws in their web interface vulnerable to a range of issues such as the Heartbleed SSL vulnerability, persistent XSS (cross-site scripting), poor session management and weak default credentials,
  • 60% didn’t use encryption when downloading software updates.

Mike Armistead, VP & General Manager, HP Fortify, explained that IoT opens IoT opens avenues for the attackersavenues for the attackers.

While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface … With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats.

HP urged device manufacturers to eliminate the “lower hanging fruit” of common vulnerabilities. They recommend manufacturers, “Implement security … so that security is automatically baked in to your product … Updates to your product’s software are extremely important.”

Antti Tikkanen, director of security response at F-Secure, told InfoSecurity said the problems HP uncovered in this report were just the tip of the iceberg for IoT security risks.

One problem that I see is that while people may be used to taking care of the security of their computers, they are used to having their toaster ‘just work’ and would not think of making sure the software is up-to-date and the firewall is configured correctly … At the same time, the criminals will definitely find ways to monetize the vulnerabilities. Your television may be mining for Bitcoins sooner than you think, and ransomware in your home automation system sounds surprisingly efficient for the bad guys.

rb-

I covered the threats that IoT or “smart” devices presented back in 2012. I don’t know where HP (or the rest of the security community) have been.

The current generation of “smart” devices do not seem to have any security. Most likely the manufacturer did not consider basic security or worse calculated it was better to ignore secure design in their rush to gain market share.

It is also annoying that HP did not reveal the details on the products they tested.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

 

Super-Sized Storage Save Tape

Super-Sized Storage Save TapeThe LTO Program Technology Provider Companies (TPCs) HP, IBM and Quantum Corp., recently announced the extension of the LTO tape product roadmap to include generations 9 and 10. SearchStorage says that Linear Tape-Open (LTO) is an open-format tape storage technology developed by Hewlett-Packard (HPQ), International Business Machines (IBM), and Certance. (Quantum (QTM)  acquired Centance in 2004). The term “open-format” means that users have access to multiple sources of storage media products that will be compatible.

SearchStorage reports that the LTO tape vendors plan to grow the technology to super-size.  LTO-9 will offer up to 25 TB of native capacity and LTO-10 will offer 48 TB. Transfer rates are expected to increase over earlier generations. LTO-9 and LTO-10 will offer transfer rates of 708 MBps and 1,100 MBps, respectively.

LTO

The new generations will include read-and-write backwards compatibility with tapes from the previous generation and read compatibility from the previous two generations. The new generations will also continue to support LTFS, WORM functionality and encryption.

LTO Generation
Product shipped
Storage capacity (TB)*
Transfer Rate (MBps)*
Compatible with
Notes
LTO-12000.120LTO-1
LTO-22003.240LTO-1
LTO-32005.480LTO-2 & 1
LTO-42007.8120LTO-3 & 2
LTO-520101.5140
LTO-4 & 3
LTO-620122.5160LTO-5 & 4Current Standard
LTO-72015?6.4315LTO-6 & 5Development
LTO-82017?12.8472LTO-7 & 6Development
LTO-9TBD26708LTO-8 & 7Development
LTO-10TBD481100LTO-9 & 8Development

In case you are not a LTO user, FierceCIO reports that Sony (SNE) has developed super-sized storage tape. The Sony magnetic tape cassette capable of storing 185TB of data by optimizing its nano-technology process.

Sony optimized its “sputter deposition” technology to create a soft magnetic layer, allowing it to shrink magnetic particles on the storage layer to an average size of 7.7nm, and increasing density according to the article. This allows the  Japanese firm’s forthcoming cassettes will be able to store 74 times more data than conventional tape media or the equivalent of 3,700 Blu-ray discs.

Tsuper-sized storage tapehe creation of a 185TB cassette will no doubt be welcomed by large enterprises as they try not to be overwhelmed by the explosion in big data. Various studies estimate that in the next decade the amount of data stored will increase by 50 times. IDC predicts in 2020, over 40 trillion gigabytes of data will be stored around the globe.

rb-

Not so fast, these developments are not the holy grail of backup’s.

I know of several organizations that have dragged their fiscal feet and are still running LTO-1 or LTO-2.  They have limited their own upgrade path. Right there in the LTO.org spec’s it says that LTO only allows for support of the previous two generations of cartridges on LTO Tape Drives.

FierceCIO speculates that after cost, Sony’s biggest challenge with a 185TB tape will be making it sufficiently fast in terms of its read and write performance, and the possible need for non-conventional peripheral interconnects so that data backups can be completed within increasingly decreasing backup windows.

 

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

10 Policies to Minimize BYOD Risk

10 Policies to Minimize BYOD RiskThe challenge for employers offering BYOD, according to schnaderworks, a labor and employment blog from Schnader Harrison Segal & Lewis LLP, is finding the right cost/benefit balance for their businesses. In developing an effectivebring your own device” (BYOD) policy, employers must first identify which employees will be eligible for the program according to the blog.

Once the basic parameters are set, the lawyers stress a written policy is essential to set up ground rules and permit enforcement to protect the company’s data and other interests.  They suggest the following steps are key to establishing an effective BYOD policy:

1. Establish a Mandatory Authorization Process:  The lawyers say this should be completed before an employee can access company data and systems on a personal mobile device.

password protection2. Require Password Protection:  Each authorized device should have the same password protections as an employer-issued device.  According to the article, such protections include limiting the number of password entry attempts, setting the device to time out after a period of inactivity, and requiring new passwords at regular intervals.

3. Clarify Data Ownership:  A BYOD policy should specifically address who owns the data stored on the authorized device. It should be clear that company data belongs to the employer and that all company data will be remotely wiped from the device if the employee violates the BYOD policy, terminates employment, or switches to a new device. The policy should also alert employees that it is their responsibility to backup any personal data stored on the authorized device states the article.

data security risks4. Control the Use of Risky Applications and Third Party Storage:  Schnader Harrison Segal & Lewis recommends employers may want to ban the use of applications that present known data security risks, such as the use of “jailbroken” or “rooted” devices and cloud storage.

5. Limit Employee Privacy Expectations The BYOD policy should clearly disclose the extent to which the employer will have access to an employee’s personal data stored on an authorized device and state whether such personal data will be stored on the company’s back up systems. The article recommends  minimizing the co-mingling of company and personal data. Employers may want to install software which permits the “segmenting” of authorized devices.  However, no matter what measures the company takes to preserve employee privacy, the policy must emphasize that the company does not guarantee employee privacy if an employee opts in to the BYOD program.

6. Address Any Business-Specific Privacy Issues:  Certain businesses are subject to legal requirements about the storage of private personal information (such as social security numbers, drivers’ license numbers and credit and debit card numbers, etc.) which may need to be addressed in a BYOD policy.  The blog points out that HIPAA requires native encryption on any device that holds data subject to the act. An employer may need to put in place processes prohibiting or limiting remote access for certain categories of sensitive data.

7. Consider Wage and Hour Issues:  Permitting employees to use an authorized device for work purposes outside of the employee’s regular work hours may trigger wage and hour claims. The lawyers suggest the BYOD policy should set forth the employer’s expectations about after-hours use  (such as a requirement that non-exempt employees must refrain from checking or responding to work emails, voice mail and texts after hours) (rb- Yeah).

BYOD man8. Insure Compliance with Company Confidentiality Policies.  The author says a BYOD policy should reiterate that an employee using an authorized device must comply with all company policies regarding confidentiality and the “acceptable use” of company information.

9. Spell Out Procedures In Case of Loss or Theft:  The employer should set up a specific protocol to be followed in the event an authorized device is lost or stolen. The blog says the process should include the prompt reporting of a lost or stolen device and the remote wiping of the device.

1remote wiping of the device0. Document Employee Consent:  Finally the law firm, in good lawyer form, suggests the employer should get an employee’s written consent to all terms and conditions of the BYOD policy.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Cloud Storage, Back-Up Bust

Cloud Storage, Back-Up BustIt is heady times fans of cloud storage these days.  In case you haven’t been paying attention, the cloud file storage corner of the IT universe has been heating up for the past couple of months. Dropbox, Microsoft (MSFT), Google (GOOG) and Apple (AAPL) have been leapfrogging each other in an apparent effort to buy mind-share.

Dropbox recently announced that its Dropbox Pro plan will now provide 1TB of capacity for $9.99 a month, or $99 for a full year subscription. Paul Mah at FierceCIO says this is a significant reduction, especially when recent monthly Dropbox Pro storage prices were:

Dropbox

  • $9.99 for 100GB,
  • $19.99 for 200GB, and
  • $49.99 for 500GB of storage.

Mr. Mah, says the latest move by Dropbox allows them to stay on par with the latest price cuts from Apple iCloud in September, Google Drive in June, and Microsoft OneDrive in May.

In September Apple updated its porous iCloud storage plans. CNET says the basic 5 gigabytes of storage remains free, though prices for paid tiers were significantly reduced and larger storage options made available. CNET says the new monthly iCloud storage costs are:

  • Free for 5GB,
  • $0.99 for 20GB,
  • $3.99 for 200GB,
  • $9.99 for 500GB and
  • $19.99 1TB

Previously, 10GB of storage would have cost $20 per year, 20GB for $40 per year, and 50GB for $100 per year.

At Microsoft, the cloud based file storage game also changed. According to Redmond Magazine, the improvements include a new file load limit (10GB max), an easier way to share links to OneDrive folders and support for folder drag-and-drop operations using the Google Chrome browser. Microsoft is also working on speeding up the synchronization of files with OneDrive. The updated per month price for OneDrive are:

  • Free for 15GB,
  • $1.99 for 100GB,
  • $3.99 for 200GB,
  • $5.99 1TB

In an attempt to trump MSFT, Google released Google Drive for Work, a paid service targeted at business users and priced at $10 per user per month. FierceCIO noted that the new service offers unlimited storage, the ability to upload files of up to 5TB in size, and access to productivity apps such as Docs, Sheets, Slides, Hangouts and Sites. Importantly, Google also announced that files uploaded to Google Drive can be encrypted, and will stay that way while in transit or when at rest on its servers. Here are the current prices per month for Google Drive space pace according to CNET:

  • Free for 15GB,
  • $1.99 for 100GB,
  • $9.99 for 1TB,
  • $99.99 10TB,
  • $199.99 for 20TB and
  • $299.99 for 30TB.

Mr. Mah argues that price drops are good news for consumers. The extra space would certainly be useful for users who rely on it for long-term file archives or backing up large local files. The author correctly argues that 1TB of online storage does not deliver the same value to business users. The reason is simple: cloud storage is a terrible backup solution for large volumes of data, especially if you need to get it back quickly.

Mr, Mah observed that cloud storage vendors do not share information about any guaranteed uploading or downloading speeds when using them. This is noteworthy considering that 1TB of files can take a really long time to transfer over the Internet.

He explains that downloading 1TB worth of files with zero data overhead–which is impossible, across a reasonable 10Mbps broadband connection would take over 222 hours, or close to 10 days of continuous downloading. You can be assured that real life conditions on your broadband connection would likely mean that this is at least doubled or even tripled.

And that’s assuming that the cloud service provider isn’t experiencing any congestion on its end, which is not something that cloud vendors are offering any guarantees on. Notwithstanding that, you can check out this nifty online calculator.

So while there is no question about the value of cloud storage for data synchronization across multiple devices, it is important for businesses to understand that the cloud just isn’t ideal for data backup. Mr. Mah concludes that users should use their 1TB of cloud space for all its worth, but users and firms need to do proper local backups for important files, as well as those that need to be restored quickly.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.