, , , , , , , , , , , , , , , , , , , , , , ,

Technology or Goose Eggs

Technology can be a wonderful thing but let’s get rid of some fluff first. Pie in the Sky technology – do not buy into snake oil maneuvers, do your due diligence and research as much and deep as possible before you jump into any technology. No matter how unicorn nice it may sound.

You know the line of ‘too good to be true,’ so I won’t be repeating it anywhere here (after this).

Right off the bat, the bottom line, return on investments will pay off. If you do your research, testing and obtain that better technology, everyone will benefit from it. Who will benefit, well, the CEO for one – he/she will be able to access pertinent data at their fingertips, at near instant speeds. Who else benefits – that person at the cash register (due to better lighting, workplace temperatures, learning/growth paths, corporate culture, technical tools to perform their job and more) who happily greets your customers and determines the fate of those customers who will return to your business, or not.

There are many, many aspects to moving smartly into a newer, higher, more productive and more efficient cyber technological plane and there is no way this fairly short paper can cover them all in depth. This paper is only brushing the surface of a deep technological ocean. Then too, the paper is not only about the tech, it is about the people, the corporate culture (personal, political, economic, gender, racial, etc.) surrounding the people and the business. It is about the physical environment, how well are the working spaces lit and maintained. Is there access to windows & green space for your staff? Is there modest areas of privacy and quietness where staff do not always feel that personal space is completely eroded? Are the security guards equitable to everyone or are they a dark brooding and overbearing force. Even if people are highly important, the focus of this paper however is mainly on tech.

Please note, we will not be diving into any technical specifics such as; what application ports and sockets; or T1 and OC line speeds various Telcos provide; which Next Generation Firewall or SIEM; or which database/warehousing application is the best package; or which cloud setup you should jump into (PaaS, IaaS or SaaS); or what virtual machine instance size you should use for all your staff; nor will there be discussion on Intelligence tools (human or national security); nor any Risk Management areas to be concerned with.

Do you want to move into the future or are you stuck with futility?

Are you realistic in your movement into newer technology or are you and your teams looking at fantasy?

What about your organizations’ desire to be a leader in its use of technology to be successful – or is your firm willing to be a complacent laggard? The firm must have a leader (or leaders) with a solid and forward thinking vision to move technology successfully, and profitably, into the forefront of the organization. The organization must have given very reasonable long-term forethought into that firms’ vision.

There is no need to go out and buy up as much ‘bleeding edge’ technology as you can, this move is only something a larger (or multinational) firm with deep pockets can afford to undergo. Especially if obtaining some of that tech does not pan out…

Going with ‘best of breed’ tech that other organizations have already proven as successful is the way to go. If your firm scrimps on any technology product (hardware/software) solely on cost, your firm may be doomed and already falling to the back of the pack. This is due to having to go back and obtain additional add-on products and/or training and/or licensing. Did I already mention doing your research and due diligence already…?

Besides my background (at the end), all of what is written here is available at the touch of a finger, a mouse click or a stylus, whichever you are comfortable with – it is all available in abundance. You just need to do a little effort to go out and gain that information on your own.


Productive Success

You know not to fall for pie in the sky, but success does not come easy. You must work at it, diligently and adroitly. You must plan for the hard and slow times that will most definitely cross your path to success for your:

  • Employees,
  • Customers,
  • Firm,
  • Partners and
  • Shareholders if any

The order above was specifically intended that way, without happy and productive employees, you will not have a successful business. Of course, without happy customers, well, you know that saga.

While your firm is grappling with the path forward, someone in the most senior leadership role (or even in the middle levels) must be considering how the organization can become more creative, innovative and doing so strategically.


Smart Investments

As you plot your strategic path into better technology, you must always remain cognizant – you will recover the costs of your investments. If you plan smartly, your CapEx and OpEx will improve. You are not necessarily eliminating employees; you are enabling the employees to do better and your firm to become more successful.

Everything in this section is happening; none of it is pie in the sky at this stage.

To be successful, you simply must invest in enhanced technology that can rapidly be put into play, while at the same time, removing the older tech. Here is where ‘the Cloud’ (and virtualization) comes into the foreground, of which, all the following are part of:

  • SDDC (software defined data centers),
  • SDN (software defined networks),
  • IoT,
  • Commodity components – servers, desktop devices,
  • NAND Flash storage

Your firm no longer has to pay complete costs for all of your hardware, software and physical space. What you paid in full costs was a huge number – software licenses (per seat), maintenance costs, hardware maintenance costs (for the different levels of being on call) plus the hourly service rate, hot & cold (& warm) disaster recovery sites, backups that get lost (or stolen), these costs keep going.

You can start paying/leasing/renting/what-have-you for what you need, when you need it. This is where elasticity and scalability goes. You dynamically gain the hardware/software you need at near instant speeds. Think of a disaster scenario, your physical location may be decimated but you can shift your business to another part of the city, state or another country (but you will need to be careful of international business and privacy laws and regulations – remember that).

Desktop devices and servers are at such a level of commoditization that many hardware companies no longer make them. But even so, servers as well are changing thanks to AWS’ version of serverless infrastructure.

Every firm having a dedicated physical data center is a thing of the past. Even the U.S. government is on a tear now with the DCOI (Data Center Optimization Initiative) as of June 2016. It is a move to consolidate and reduce the number of physical data centers, while any new data centers fully embrace virtualization and green energy standards. This is where SDDC, SDNs and the cloud come up. It is plug and play, to a degree. You acquire and allocate your commodity:

  • Servers (or serverless) with the massive CPU and storage capacity (SSD) you need,
  • Routers / Switches (virtualization in the form of NFV and using VMware, AWS, RackSpace and other companies can pick up some of that slack)

and design your datacenter around that.

Plus, even your software is becoming ever more virtually accessible and feature rich via companies like Saleforce and others (see small list in definitions).

IoT is going to continue blazing ever faster. The IoT drive is eventually going to be successful with tech such as NAND, 5G Wi-Fi (expected globally between 2017-2020) and Bluetooth version 5 (late 2016 or early 2017) to push access and productivity in all strata – vehicles, farm machinery, schools, businesses, urban structures, homes. We could go on quite a bit here. The IoT lives in the cloud, whether anyone thinks about it or not, is a simple fact – it is where all the components live. We are becoming more and more dependent on an entire ecosystem and we have to ensure the viability of its security in order to keep moving forward. Let’s keep our collective fingers crossed that Quantum Computing, when it comes to fruition, does not blow holes in everything we have built over the past decades…

Network access. This is probably one of the areas any executive will to focus on at their company. No one, from CEO to the sales clerk that was mentioned above, wants to sit at their desk watching an hour glass or green inch worm processing on the screen. For the executive board, this is a great deal of revenue drain, having employees waiting for network transactions to go through. While waiting, each time they have to wait, employees lose focus of the current task and move to something else and then have to re-focus and try to rapidly pick up where they left off. Cat 6 and possibly Cat 7 Ethernet cabling, or better yet – move to fiber if not already there. Or even better still, look into 5G Wi-Fi, below, as it comes online…

Look at the development of NAND Flash storage, it is on a tear, this is for SSD (solid state drives) components. We are seeing companies such as Toshiba stepping up the game and introducing QLC (quad level cells or 4 bits to a cell) NANDs. This is a step up from 2LC (2 level cells) and TLC (triple level cells). It is a game of how much data can we put in a smaller and smaller area, density, while achieving greater access to that data, at a lower cost of power, heat and most of all money (manufacture and sell).

Bluetooth version 5 is expected to move data up to 50 Megabits per second (Mbps) at a range of up to 800 feet. BT 4 is at max speed of 25 Mbps, up to 200 max. feet.

Then we have 5G Wi-Fi. Major telecom vendors such as Verizon, AT&T, Japan’s NTT DoCoMo and South Korea’s KT are all working at a breakneck pace to get 5G out into the consumer sphere. 5G is another game changer at a higher level than when 4G rolled out. The International Telecommunication Union (ITU) has defined 5G network speeds as being 20 Gigabits per second (Gbps) according to an article in the Korea Times in June 2015. Users will speeds up to 1.2 Gbps per user (in S. Korea). Even though we in the U.S. will see a 5G network as well, we may be lucky to see ~300-450 Mbps (no definitive numbers yet) per user. However, something that customers, at home, have already had access to are femtocell devices (mini-cell towers for home use). These mini-towers improve cell phone/Wi-Fi usage everywhere besides the home – bus stops, conference halls, schools, etc. Wi-Fi coverage is going to continue to improve to get away from latency and congestion.

Currently, 4G data speeds in the U.S. – 10 Mbps up to, if you are lucky…

V2V and V2I is about how vehicles talk to each other and their surroundings. Suffice it to say, many of us cannot wait for this. We want this now. If we can have vehicles communicate, safely, securely, accurately and in microseconds to each other, we will see the elimination of many deaths and accidents. Keep your fingers crossed.

Storage. Think about storage over the long term – think Petabyte to Zettabyte scale, the era of Gigabyte is about done… And be sure to consider and use the best possible compression algorithms as your firm packs away its data – because you will need to know the latency of decompressing that data when a customer requires it.


Strategy and Creativity

Besides the few technical areas above and the thought processes needed to be successful there, you must also have a strategy that encompasses everyone, from a sales clerk at the front of the store up to any manager, director and executive in the firm.

In any technical area, you absolutely cannot have business groups going solo and doing non-standard or non-approved products that management and IT are now aware of. This is a key strategic area, not one where different branches and divisions can go off and be creative on their own – while not knowing the significance of the technical complications they can be bringing about for the IT teams and the company.

You must have teams willing to gain and share knowledge – from the senior members to the junior members. This is an area where you want to encourage as much creativity and even innovation – the employees. Even the less technically adept may have synergistic ideas that jump starts an entire division.

Your firm must have foresight and forward thinking in order to reap the benefits of any and all smart investing the firm engages in. And to gain any beneficial payoffs, to all parties listed at the beginning of this paper – the executive leadership must engender and champion an open-minded culture that embraces all employees, from all educational, economic, racial and gender levels.

The primary aspect of strategy, creativity and innovation we should all engage in, is in trying your best to use both hemispheres of your brain – the logical AND the creative.

In the long run, we (this is a collective ‘we’) are not on some short term ‘this is mine’ endeavor and hoarding everything. We are on a long term movement to be successful, growing the people we currently employ. Many out there know that with any kind of attrition, the organization must spend more money, faster, to inculcate and train up for the firm. High attrition = High annual OpEx.

Your firm must be methodical (or spur of the moment with deep consideration) in any strategic, creative or innovative move.



Lest you believe that this was forgotten, security is another key area in your corporate technology and virtualization moves. You have got to be sure you implement and use digital security well, very well. Microsegmentation is one of the latest terms being used by firms like VMware and vArmour, even AWS uses microsegmentation in its own methodology. It boils down to segmenting or isolating portions of the infrastructure and software from each other and from unauthorized individuals.

Be sure you grant the proper amount of access to any user, no matter if they are the firm’s president. We know for fact that too many receive too much access to too much proprietary or sensitive (PII) data.

If done well, security will not have to be a hindrance. Using tools such as encryption for data at rest or in transit does not have to be a resource drain. Nor do security groups that act as a stateful firewall (AWS) or stateless firewall (VMware) have to be overly complicated. The same goes for stateful network access control lists to specifically allow or deny IPs, users from certain countries, etc. Only corporate users from a specific virtual private cloud group (or via VPN) can be granted access if you choose.

There are now more ways to isolate and protect your network and more companies have tools to check how secure the following areas are:

  • network,
  • databases,
  • storage systems,
  • virtual machines (instances)
  • etc.

And these vulnerability and security checks no longer take days and hours (at a significant cost) to perform as they used to….

Remember, we still have firms not adequately doing proper input validity checks that will prevent buffer overflows and SQL Injection vulnerabilities – two areas that have been poorly fixed over the past few decades.



If you are asking, where am I coming from? Well, most of my career has been in IT, Information Security, Cyber Security, Intelligence (national security) and the past couple of years, in Virtualization (in making a hard core effort to be part of this revolution).

My grad degrees are an: MBA in Technology Management with a focus on Strategy, Innovation and R&D as well as a MS in Cyber Security.

— I will always be in IT, in some form or fashion. Because of this effort, I’ve gained ISC2 CCSP knowledge; Cloud Security Alliance CCSK certification; VMware NSX (security & network virtualization) and DCV (data center) knowledge and AWS Cloud Solutions Architect Associate certification & SysOps knowledge & working on the Architect Professional cert.

While learning virtualization, I also wanted to learn some of Microsoft’s Azure and Google’s cloud platforms. But, if one does not have the time or bandwidth at home at night and weekends, one cannot force it…

This effort cannot be done at work quite yet, because my role is as a senior Information Security Engineer and Intelligence Officer, so, I can’t do learning and getting paid for it while I’m supposed to be doing what they hired me for. (Yes, I’ll be leaving the job behind as soon as I find the right technology and/or cloud/virtualization role in or near DC.)



So. Where do we go from here?

Make smart technical investments that are beneficial. Stop any and all corporate in-fighting just because someone was not the first one to think of it. Share the success but take the fall for mistakes and failures (but learn from them).

We do have a wonderful future coming up, many of us are looking at the optimistic aspects of ‘the cloud’ and IoT. If technological tools are well thought out, we can all reap the benefits. And I am not even going to touch on using better technology in the areas of; national infrastructure, cleaner air, better lighting, noise abatement, jet engine quieting and fuel efficiency, improved aids for the deaf and the blind and other areas that can use newer and better technology.

Have a vision (and a mission) for your technology and business and people path forward.

Technology, some of us truly believe, will be something to continue looking forward too and not just ‘Pie in the Sky’ talks of blarney…



Definitions:  These terms are available for reference at multiple site locations

CapEx            Capital Expenditures (or Expenses) the money a company uses to purchase major physical goods or services to expand the company’s abilities to generate profits. These purchases can include hardware (such as printers or computers), vehicles to transport goods, or the purchase or construction of a new building

Cloud             (or “the cloud”) a metaphor for “the Internet,” so the phrase cloud computing means “a type of Internet-based computing,” where different services — such as servers, storage and applications — are delivered to an organization’s computers and devices through the Internet. Cloud computing is a type of computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications. Cloud computing is comparable to grid computing, a type of computing where unused processing cycles of all computers in a network are harnesses to solve problems too intensive for any stand-alone machine

Iaas               Infrastructure as a Service – a form of cloud computing providing virtualized computing resources over the Internet (Hard drives & compute capacity, servers, number of CPUs, network speed/bandwidth) – vendors = Amazon AWS, Microsoft Azure, Google Compute Engine, Rackspace, others

IoT               a.k.a. Internet of Things – a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data

NAND            NAND flash memory is a type of non-volatile storage technology that does not require power to retain data. An important goal of NAND flash development has been to reduce the cost per bit and increase maximum chip capacity so that flash memory can compete with magnetic storage devices like hard disks

NFV               Network functions virtualization is an initiative to virtualize the network services that are now being carried out by proprietary, dedicated hardware. If successful, NFV will decrease the amount of proprietary hardware that’s needed to launch and operate network services

OpEx             Operational Expenditures (or Expenses) the money a company spends on an ongoing, day-to-day basis in order to run a business or system. Depending upon the industry, these expenses can range from the ink used to print documents to the wages paid to employees

Paas              Platform as a Service – a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app – vendors = Amazon AWS, Microsoft Azure, Google App Engine, Heroku, others

Saas              Software as a Service – a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as “on-demand software” and is typically accessed by users using a thin client via a web browser – vendors = Salesforce, CloudSwitch, Apprenda, others

SDDC             Software-defined data center is the phrase used to refer to a data center where all infrastructure is virtualized and delivered as a service. Control of the data center is fully automated by software, meaning hardware configuration is maintained through intelligent software systems

SDN              Software-defined networking is an umbrella term encompassing several kinds of network technology aimed at making the network as agile and flexible as the virtualized server and storage infrastructure of the modern data center

V2I               Vehicle-to-Infrastructure the wireless exchange of critical safety and operational data between vehicles and highway (as well as city) infrastructure, intended primarily to avoid or mitigate motor vehicle accidents but also to enable a wide range of other safety, mobility, and environmental benefits

V2V               Vehicle-to-vehicle is an automobile technology designed to allow automobiles (or any vehicle) to “talk” to each other. The systems will use a region of the 5.9 GHz band set aside by the United States Congress in 1999, the unlicensed frequency also used by WiFi