Archive for September, 2015
95% of all firewall breaches are caused by misconfiguration. Here’s how to address the core problems
Firewalls are an essential part of network security, yet Gartner says 95% of all firewall breaches are caused by misconfiguration. In my work I come across many firewall configuration mistakes, most of which are easily avoidable. Here are five simple steps that can help you optimize your settings:
* Set specific policy configurations with minimum privilege. Firewalls are often installed with broad filtering policies, allowing traffic from any source to any destination. This is because the Network Operations team doesn’t know exactly what is needed so start with this broad rule and then work backwards. However, the reality is that, due to time pressures or simply not regarding it as a priority, they never get round to defining the firewall policies, leaving your network in this perpetually exposed state.
You should follow the principle of least privilege – that is, give the minimum level of privilege the user or service needs to function normally, thereby limiting the potential damage caused by a breach. You should also document properly – ideally mapping out the flows that your applications actually require before granting access. It’s also a good idea to regularly revisit your firewall policies to look at application usage trends and identify new applications being used on the network and what connectivity they actually require.
* Only run required services. All too often I find companies running firewall services that they either don’t need or are no longer used, such as dynamic routing, which typically should not be enabled on security devices as best practice, and “rogue” DHCP servers on the network distributing IPs, which can potentially lead to availability issues as a result of IP conflicts. It’s also surprising to see the number of devices that are still managed using unencrypted protocols like Telnet, despite the protocol being over 30 years old.
The solution is to harden devices and ensure that configurations are compliant before devices are promoted into production environments. This is something a lot of organizations struggle with. By configuring your devices based on the function that you actually want them to fulfil and following the principle of least privileged access – before deployment – you will improve security and reduce the chances of accidentally leaving a risky service running on your firewall.
* Standardize authentication mechanisms. During my work, I often find organizations that use routers that don’t follow the enterprise standard for authentication. One example I encountered is a large bank that had all the devices in its primary data centers controlled by a central authentication mechanism, but did not use the same mechanism at its remote office. By not enforcing corporate authentication standards, staff in the remote branch could access local accounts with weak passwords, and had a different limit on login failures before account lockout.
This scenario reduces security and creates more opportunities for attackers, as it’s easier for them to access the corporate network via the remote office. Enterprises should therefore ensure that any remote offices they have follow the same central authentication mechanism as the rest of the company.
* Use the right security controls for test data. Organizations tend to have good governance stating that test systems should not connect to production systems and collect production data, but this is often not enforced because the people who are working in testing see production data as the most accurate way to test. However, when you allow test systems to collect data from production, you’re likely to be bringing that data down into an environment with a lower level of security. That data could be highly sensitive, and it could also be subject to regulatory compliance. So if you do use production data in a test environment, make sure that you use the correct security controls required by the classification the data falls into.
* Always log security outputs. While logging properly can be expensive, the costs of being breached or not being able to trace the attack are far higher. Failing to store the log output from their security devices, or not doing so with enough granularity is one of the worst things you can do in terms of network security; not only will you not be alerted when you’re under attack, but you’ll have little or no traceability when you’re carrying out your post-breach investigation. By ensuring that all outputs from security devices are logged correctly organizations will not only save time and money further down the line but will also enhance security by being able to properly monitor what is happening on their networks.
Enterprises need to continuously monitor the state of their firewall security, but by following these simple steps businesses can avoid some of the core misconfigurations and improve their overall security posture.
Google may have renamed Glass in revitalization effort
New name hints of a big rethink of Glass and wearables
Google appears to be renaming its Google Glass effort and expanding its work on wearables.
The company has renamed its Google Glass work Project Aura and has scooped up staff from Amazon’s secretive Lab126, according to a report from Business Insider.
it resume roundup
IT Resume Makeover: How to start from scratch
Twenty-five years of successful consulting gigs left Malcolm Greene with a list of accomplishments a
Google declined to comment on the report.
If it’s accurate, though, the move is likely part of Google’s attempts to get out from under the negativity that had blossomed around Glass and revive its wearables effort.
Aura is also separate from Project Ara, Google’s push into modular smartphones, according to Insider.
In January, the company pulled Glass to give its engineers a chance to rework how the computerized eyeglasses both look and function.
At the time, Google would not give a release date – or even a timeframe – for people to get a look at Glass version 2.0, only stating that its “team is heads down building the future of the product.”
A big part of what Google has to rework is Glass’ image. Many people had come to find Glass creepy since they didn’t know when a user might be recording them or what information they were seeing on the display when the user was talking with them.
Establishments from a casino to movie theaters and a bar all banned Glass users.
If Google is renaming its Glass project, that could be a good sign that the company is focused on rethinking the entire product, said Patrick Moorhead, an analyst with Moor Insights & Strategy.
“With the colossal market failure of Glass, they really had to name it something different,” he told Computerworld. “New names are indicative of a desired change but don’t guarantee a real change. The Glass name was a liability and needed to be replaced.”
Moorhead also said he hopes Google expands its wearables from Glass to a broader range of products.
“I would expect that,” he said. “They are clearly behind Apple on wrist wearables… They have a lot of ground to make up.”
Ensure a solid foundation for your Office 365 deployment with these essential setup tips
Microsoft has every incentive to ease your business into Office 365. Setup wizards, help videos, live telephone support — your transition to the cloud will be met with helping hands from the mothership all along the way. But the process isn’t necessarily foolproof. It’s still very possible to end up with an unsecured, minimally functional Office 365 environment even if you followed all of the helpful guides to the letter.
Also, it’s essential to remember that default settings are built for the lowest common denominator. They’re designed to get the average admin and the average user active in the system with the least amount of fuss. That doesn’t mean these settings are solid decisions, tailored to your optimal environment. They’re simply the easy ones.
And when have our jobs ever been about taking the easy route?
To ensure you have a solid foundation for your Office 365 deployment, you have to get the settings just right. If you want email to arrive safely to its destination free of malware or sensitive information, or your admin portal to be hardened against all but the most complex of tasks or your users’ mobile devices to be more of a productivity booster than a liability, you’ll have to go beyond Office 365’s defaults.
Here’s how to ensure your Office 365 environment is set up right.
When you first set up Office 365, you are prompted to configure your domains’ DNS to work with Office 365. Microsoft provides records for mail routing (MX), autodiscover (CNAME), and SPF (Sender Protection Framework). Failure to apply the correct settings here can mean complete loss of mail flow or lack of client connectivity.
List all authorized domains, including third-party services, as authoritative domains in Office 365’s Exchange admin center to ensure email delivery to all of your recipients.
SPF is a special consideration. This record type is used to inform other mail systems whether email from your domain is coming from an authorized system. The record provided by Microsoft is suitable if the only place your email will ever originate is Office 365. Often this is not the case, however, because you might use third-party tools such as Salesforce or MailChimp to send email on behalf of your domain or apps. In order to ensure delivery to your recipients, be sure to include any of these services in your SPF record. More information on SPF syntax can be found at The SPF Project.
Once you have full access to the Exchange admin center, you should verify that all of your domain names are listed and declared as authoritative (or of the appropriate relay type as necessary) under Mail Flow > Accepted Domains, as shown in the screenshot above.
Secure Mail Flow
You or your clients and vendors may require TLS encryption for email exchanges. Financial and health care providers will often be subject to government regulations that require this additional layer of protection. The default configuration provides opportunistic TLS encryption; in other words, Exchange Online will first try to connect to another mail system with TLS encryption and fail back to plain text if that doesn’t work.
If you require enforced TLS encryption, you will need to create two connectors: one for sending mail and one for receiving mail. To do so, open the Exchange admin center and navigate to Mail Flow > Connectors. Creating the sending connector is very straightforward. Click on the + (plus) sign and select “Sending from Office 365 to a partner organization.” Give the new connector a name and type an optional description. Finally, you will enter your partner organization’s domain name(s) and save the connector.
The connector for receiving mail is slightly more complicated but still rather straightforward. You begin as before by clicking the + sign. This time you will select sending from your partner organization to Office 365. You will then be prompted to specify whether you want to set this connector to apply to specific domain names or IP addresses. Choose whichever is appropriate for your scenario and enter the information on the next screen. Choose to reject any messages not sent using TLS encryption and optionally verify the TLS certificate. If you want to scope this domain to a specific IP range, you can do so here and save the connector.
The full details of configuring these connectors is available on Microsoft’s TechNet Library.
Finally, you will want to ensure line-of-business applications, multifunction copiers, ticketing systems, and other applications and devices will be able to send through your new Office 365 account. There are three options available to you, and Microsoft has documented them all with step-by-step guides.
Now that all of your email and service settings are stored in the cloud, you must pay very close attention to your security settings. It takes only one lucky phishing attempt or social engineering call to give up the keys to the kingdom.
At a minimum, you should establish and use a separate account from your main mailbox as an administrator account and configure your other administrators in the same fashion. In addition, each administrator account should have an enforced minimum password length and expiration period (Service Settings > Passwords), and use multifactor authentication (Users > Active Users > Set multi-factor authentication requirements > Set up), and only the minimum set of permissions required to do the job through Role Based Access Control (RBAC) settings (Exchange admin center > Permissions > Admin roles).
Administrator accounts should be set with the bare minimum number of permissions required to do the job through RBAC.
The security of your mail is equally important. The built-in Exchange Online Protection offers basic forms of protection against spam and malware but doesn’t prevent address spoofing. You should spend some time evaluating third-party products to provide a solid email security foundation for your Office 365 environment.
You should also consider creating transport rules to match against common financial and personal data types. You can do this using Data Loss Prevention (DLP) templates that create transport rules you can tweak, or you can create transport rules directly using sensitive information types. To create a transport rule to block the sending of unencrypted credit card numbers and Social Security numbers, open the Exchange admin center and navigate to Mail Flow > Rules. Click on the + sign and choose “Generate an incident report when sensitive information is detected …” Choose the type of sensitive information you want to detect, select a recipient to notify and the information included in the notification, and (optionally) add an extra action to block the message with or without a Non-Delivery Receipt (NDR).
Mobile device settings
Most of your users will probably want to use their own mobile devices to access company email. This benefits the user in that they will only need to carry one device, and it benefits the company in that it doesn’t have to purchase and manage devices and contracts for its users. Those mobile devices, however, are now portable access points into your mail system or, if you use line-of-business applications or have a mobile VPN, your entire network.
If your users will be accessing Office 365 or email from their own devices, setting up Office 365 MDM is essential.
Once you have completed MDM setup, click on “Manage device security policies and access rules.” Click on the + sign to create a new policy, providing it with a name and optional description. There are a number of options available to you here. You can enforce PIN locking (or more complex passwords), sign-in failure counts, inactivity locks, device encryption, and preventing “rooted” or “jailbroken” devices from connecting.
You should at least configure a six-digit PIN, wipe after 10 tries, force data encryption, and disallow hacked devices. This should prevent the largest number of basic attacks against your devices without greatly inconveniencing your users.
Data and disaster recovery
It’s important to note that Office 365 does not back up your email. Microsoft offers native data protection, which includes multiple passive copies (lagged copies) split between two data centers. That is a fantastic solution for providing availability of existing data, but it doesn’t ensure a point-in-time recovery of data deleted that has gone past the deleted item retention period. In addition, that retention period is 14 days by default and can be extended to 30 days (you read that correctly: 30 days) through a remote PowerShell connection. You should be aware that your data can be lost.
Luckily there are ways to mitigate this. For starters, Microsoft recommends you put all mailboxes on legal hold. To do so requires a more expensive Office 365 plan (E3), which may make this solution prohibitive for some organizations. In addition, it’s not an interactive, read-only archive solution for your users, but it does ensure that all data is held and discoverable. It also doesn’t give you the ability to do a point-in-time restore, so it’s not a backup solution in the traditional or modern sense of the word.
Knowing these limitations may mean you need to look to a third-party backup/recovery solution for Office 365 or a solid online archive solution. You want to know your data is safe and discoverable (for compliance and more). This is another area, like security, where you may need to look to the Office 365 partner ecosystem to find the solution that bolts on and can resolve these concerns.
As you put together your optimal Office 365 environment, remember that the above settings recommendations are merely the basics. Consider them the absolute must-have settings to get you up and running. If your organization has a security operations center, you should consult with them about further improving your security. Compliance team? Check on adding more transport rules and setting up further data loss prevention.
But whatever you do, don’t settle for the default.
Younger IT workers are increasingly choosing independence over full-time employment. Is the ‘open talent economy’ right for you too? Three 20- and 30-somethings share their experiences.
Call it what you will — the “open talent economy,” “freelancing,” the “gig economy,” “contracting” — working for yourself is having a moment, particularly in high tech.
Once upon a time, IT pros went freelance only when driven there by circumstances like a bad economy, a layoff or an overabundance of their particular skill set. Or they turned to consulting in the sunset of their careers, tired of cubicle farms and long commutes. Now, millennials, who this year became the largest proportion of the labor force, are leading the charge to change the tech industry’s perception of self-employment.
It’s common knowledge that the cohort of workers 35 and under prefer a flexible, DIY workstyle, using their personal mobile devices to communicate and work from anywhere at any time. What’s not so commonly known, however, is that some millennials — some say it’s a growing number — are eschewing traditional employment altogether to work as independents.
“A large number of millennials are choosing a different path in terms of what they want in their professional life,” says Alisia Genzler, executive vice president at Randstad Technologies, a high-tech talent and solutions company. “We are seeing more and more of them choose freelancing and contract work over traditional jobs, more so than in previous generations.”
Millennials came of age and graduated from college during the Great Recession, many saddled with debt and unable to find a job. While some eventually made their way into the corporate workforce, others stayed independent, either by choice or by circumstance. “We now have a generation of workers who never had full-time jobs,” says Can Erbil, an economics professor at Boston College who studies the labor market. “That is not the exception but more the norm for them.” What’s more, millennials grew up in an educational environment that stressed project-oriented work, he adds, so short-term sprints are a natural cadence for them.
” We now have a generation of workers who never had full-time jobs. ”
Can Erbil, professor of economics, Boston College
The recession also taught millennials that a traditional job and long-term loyalty to an employer don’t necessarily mean security. “A lot of them look at their parents who had jobs with one company for a long time, only to be laid off, so [millennials] want to keep their options open,” says John Reed, senior executive director at Robert Half Technology.
And benefits are increasingly becoming decoupled from employers — with the Affordable Care Act guaranteeing individual access to health insurance, workers don’t have to be on a payroll to be covered. In fact, according to an article in Money magazine, only 31% of college graduates last year received employer-provided health insurance, compared to 53% in 2000.
High tech is gig-friendly
Millennials may be blazing the path, but freelancing is an option that can work for employees at any age, proponents argue. A 2014 study found that 53 million U.S. workers were freelancing to some extent — that’s 34% of the workforce. Millennials were the largest group of survey respondents who said they were freelancing, at 38%, according to the report, which was commissioned by Freelancers Union and Elance-oDesk, the freelance marketplace platform now called Upwork. But 32% of those over 35 likewise indicated they were working independently.
Daniel Masata, senior vice president at staffing and recruitment firm Adecco Engineering & Technology, says he’s seeing the trend across all age groups. Baby Boomers, for example, might freelance to keep their hand in or supplement retirement income. Gen-Xers may have been laid off during the last recession and either had difficulty getting rehired or just decided to go independent. Ten years ago, 75% of candidates for technology jobs were seeking full-time employment, Masata estimates. Today, it’s only about 50%.
The high-tech industry is particularly well-suited to the gig economy. The software development cycle, for example, has become well-defined and compartmentalized, making it easier to farm out, says Andrew Liakopoulos, principal within the human capital practice at Deloitte Consulting and an expert on what Deloitte calls the “open talent economy.”
In fact, IT is one of the first markets where Deloitte noticed the freelancing trend. “The millennials were the ones who, after being forced into [freelancing], actually have used what was happening in the macro environment to their advantage,” says Liakopoulos. “And IT was the first occupation where we saw them doing it.”
To discover what impact the gig economy might have on tech employees of any age, Computerworld sought out millennials who are working independently. Some are freelancing indefinitely, some are using freelancing as a stepping stone to a better job, and some of them say they are committed to contract work for their entire careers. Although freelancing has its downsides, specifically the risk of not finding enough good-paying work and the lack of benefits like paid time off and company-subsidized healthcare, all say their experience as independent workers offers many advantages.
Read on to hear their stories and determine whether gig work might be right for you.
Rejecting perfectly good jobs (at Microsoft!)
Erik Kennedy joined Microsoft as a program manager straight out of school after graduating in 2010 from Olin College of Engineering with a bachelor’s in electrical and computer engineering. But at age 25, after three years with the company, he decided to strike out on his own.
erik kennedy independent tech worker
UI/UX programmer Erik Kennedy says he makes money at about the same rate as when he worked at Microsoft, but as a freelancer, he’s able to take significant time off for travel.
Although Microsoft was a good employer, Kennedy says, he felt stifled by the atmosphere of a large company. He wanted to pick his own projects. “Hypothetically, my boss’s boss’s boss’s boss’s boss could make a decision that could affect what I did on a day-to-day basis,” he explains. “I wanted a little more freedom and was willing to take a little more risk.”
The inherent insecurity of freelancing means that it’s not suitable for everyone, says Kennedy. “You kind of ‘lose your job’ every two to six months” as projects turn over, he says. “If you can handle that, then it’s a great deal.”
The area in which Kennedy specializes — UI/UX (user interface, user experience) — is in high demand, which lessens his risk. Based in the Seattle area, Kennedy works mostly for startups and nonprofits, with a few name-brand technology companies like Amazon in the mix for variety.
So far, two and a half years in, Kennedy’s been happy with his decision. “I make money at about the same rate [as I did at Microsoft], but I’ve taken off more time for travel since becoming a freelancer,” he says. He even got married last year, after which he and his bride travelled the world for eight months. “It’s such a millennial thing to do, and we would have never been able to do that if I had a full-time job,” says Kennedy.
Paying off the mortgage — in your 30s
Steven Boyd, 33, went freelance in 2011 after working as a developer in a series of full-time jobs. At one employer he learned SketchFlow, a part of Microsoft’s Visual Studio, and now specializes in it. “At first I was scared” to go independent, Boyd admits. “I felt that I needed that stability you get from a full-time permanent position.” But then he realized that security was an illusion. One startup where he worked couldn’t make its payroll one month. He was tired of being assigned projects, rather than choosing his own, and felt underappreciated.
steven boyd independent contractor
SketchFlow developer Steven Boyd feels more appreciated as an independent contractor — and he’s paid off the mortgage on the family home.
Today, he picks his own projects and clients (which range from large corporations to startups and nonprofits), works when he wants to and by his estimation is financially secure. In fact, he makes much more money than he did at his previous positions, which topped out at $110,000 a year. “And I had to really negotiate hard for that.” In 2013, he made close to $250,000, but “worked way too much,” he says. In 2014, he scaled back to working 30 hours a week and still earned $180,000.
He’s paid off the mortgage on the family home in the Denver area, bought several rental properties and started a scholarship fund at his alma mater, Colorado State University, to encourage minority students to pursue computer science. “To be able to amass that sort of money in such a short period of time would be nearly impossible as a full-time employee,” he notes.
He doesn’t miss the benefits; his wife works full-time and so provides health insurance for him and their four-year-old son. Nor does he miss paid vacations — saying he never took them anyway — but relishes having the flexibility to take big chunks of time off when life requires it. Recently, for example, Boyd took a hiatus to care for his son for three months while their babysitter recovered from surgery.
Both Kennedy and Boyd recommend working a few years at a traditional job before trying freelancing. “I couldn’t see someone coming straight out of school and being successfully independent,” says Boyd. “It takes a while to learn how to deal with people and different types of scenarios.” By working a traditional job first, Kennedy says, he built up a good network that he could tap for business when he went solo.
Keeping skills sharp
Independent work can be as valuable to long-term career growth as a technical degree, says Katy Tynan, author of the book Free Agent: The Independent Professional’s Roadmap to Self-Employment Success. That’s because freelancers are typically required to pick up new skills quickly, says Tynan, who worked in IT for 15 years. Staying at a traditional IT job for years can cause employees to lose relevance, she says. “Things tend to stay the same within an organization; you don’t have to rapidly learn new things.”
In many enterprise shops, “You have to jump through all sorts of hoops just to learn a new technology,” says Ron Pastore, 35, who made the switch to freelancing two years ago. “You end up molded into what they need you to be, and then if they don’t need you anymore, you’re out there in the market with limited skills,” he says.
ron pastore independent IT contractor
Software engineer Ron Pastore works primarily with startups — for a reduced rate plus equity. “Going back to traditional employment would be my worst-case scenario,” he says.
Pastore has no college degree, but excelled in programming at an early age. He worked as a software engineer in various full-time positions for 10 years, but ultimately wanted more flexibility and felt limited by traditional employment, he says.
Married with two children, the Rockland, N.Y.-based Pastore says he is more secure financially today than before, because he’s not depending on one source of income. He estimates he makes 15% to 20% more today than he did at corporate jobs, “though this is not an apples-to-apples comparison,” he says. “I work mainly with startups, at a reduced rate plus equity.” He also works many fewer hours than he did as an employee and says he has no trouble finding clients.
Pastore hopes he’ll never hold a corporate full-time job again. “Going back to traditional employment would be my worst-case scenario,” he says. For his part, Kennedy says he is not averse to going back to a full-time job, but for now freelancing makes sense for him.
The job you want, not the job that’s offered
Whether they stay in freelancing or not, younger programmers are showing just how confident they are in their ability to fashion the career they want, not the one that’s offered by corporations. If the job doesn’t suit, they have no problem walking away from it. Boyd, for example, says he recently rebuffed the advances of a recruiter for Microsoft. The job sounded attractive, “and I probably would’ve taken it if it wasn’t so much travel,” he says. “I like this flexibility of being independent.”
With the proportion of millennials in the workforce continuing to grow (some forecasts say they will make up 75% within the next decade), this is likely to be a permanent change in the labor market. “As you look where this is heading, there’s no turning back,” says Deloitte’s Liakopoulos. A substantial proportion of younger workers do not want to become part of the old economy, he says. “They don’t want to be tethered to an organization. They want to continue being entrepreneurial. And they [plan] to use freelancing to create the flexibility they want in their lives.”
It was used to manage Microsoft’s internal Oneweek hackathon and is slated for release next year
Microsoft is planning to bring its internal tool for running hackathons to the public next year, starting by allowing a few select colleges to test drive it at their own events.
It’s part of a plan by the company’s Garage division to help other organizations get better at handling the administrative side of organizing marathon hack sessions like the three-day-long bonanza Microsoft held in July as part of its Oneweek employee team-building session. Known inside Microsoft as the “Hackathon interactive project site,” it was built to help 13,000 employees and interns work on 1,700 projects during the Oneweek hackathon.
A screenshot of the OneNote for Learning project’s page in Microsoft’s Hackathon interactive project site.
Computerworld’s Best Places to Work in IT 2015: Company Listings
Now, Microsoft wants to make it available more widely to provide other hackathon organizers with the same tools it uses. The interactive project site gives hackathon participants several useful tools: They can search for projects to join, search for other people to work with, and share code from the projects they’re working on. Once they’re done, it serves as a showcase for projects that people have completed so that other participants can see what their peers have been up to.
Hackathons — marathon sessions where groups of people work on projects that are usually technical in nature — have become popular ways for people to get together and try out interesting concepts. At Microsoft, the Garage runs a number of hackathons every year around different themes, including its massive Oneweek session.
Those hackathons are important tools for Microsoft’s internal development efforts. Project teams from the Oneweek hackathon will be meeting with engineering teams around the company who are interested in the technology they’re working on so they can talk about potentially integrating the projects into Microsoft’s products.
Team Deep Vision worked during the Oneweek hackathon to create a machine vision system that uses an Android phone and two Microsoft Bands to help blind people navigate.
Garage Senior Director Jeff Ramos said Microsoft also expects to get 275 patents out of the Oneweek hackathon projects, which included a system for helping blind people navigate and a system to improve hydroponic lettuce growing on the company’s campus.
Microsoft’s tool was created to make it easy for people to get together and work on a project. Users can search for fellow hackers based on the skills those people have outlined in a personal profile. The site allows searches by both technical skills and non-technical skills, so hackers can find C# programmers, database engineers, graphic designers, marketers and everyone in between.
In addition to connecting hackers with projects, the tool also provides easy access to resources that teams need when they’re preparing to work on a project. As you might expect, users can easily get to Microsoft development tools like its Visual Studio development software and Azure cloud services through the platform.
In the future, Ramos plans to include links to non-Microsoft technologies like GitHub, Python and other popular development languages and tools so the product isn’t just parochially tied to the company’s ecosystem.
“So the aim here is really just to make it brain-dead easy for someone to walk into a [hackathon], open their lid and start working on that hack project,” he said.
The idea for the tool came about when Ramos attended a hackathon at the University of Washington. He said that when attendees arrived on the morning of the hackathon’s first day, they attended a small fair to learn about the different projects they could work on, before having to listen for over an hour to someone describe how they could get set up with different tools. It echoed experiences he had heard about from other hackathon attendees who also had to spend time on administrative tasks before getting to work on their projects.
“It was like man, these guys are going to have to spend half a day just to get ready to start hacking,” he said. “Wouldn’t it be great if they could just come in and start writing code, and not have to worry about any of that stuff?”
Oneweek hackathon team meets around a table
A Oneweek hackathon team focused on building an adaptive learning platform sits together on a group of large bean bags.
The tool was designed to be used inside Microsoft, but Ramos said people inside the company loved it so much they wanted to share it with others. Marketers and salespeople who participated in hackathons wanted to let people outside Microsoft have access to it.
“I think it happened by enough people consistently telling us, ‘This is great, can I share it with my customer?'” he said.
Ramos wants to test the external version of Microsoft’s hackathon tool with two or three hand-picked colleges next year. Those schools can give Microsoft feedback about what worked and what they would like to see changed as Microsoft heads towards a final release, which is also slated for 2016.
Of course, getting this tool in front of college students also provides advantages for Microsoft. The Garage is actually a part of the company’s developer tools group, and Ramos sees the tool as a way to get Microsoft products in front of people early in their careers who might not have had much exposure to things like Visual Studio.
“It’s fascinating to me that when you talk to early-stage career people about Microsoft tools, there’s an information gap,” Ramos said.
In his experience, student developers are most familiar with free tools like GitHub. However, Microsoft has found that students tend to react favorably toward the company’s tools once they get access to them. The company is already trying to create those encounters: It has a “Community” edition of Visual Studio 2015 that provides free access to a basic version of the company’s development tools.
There’s still plenty of ground to cover if the Garage is going to ship this tool to the public. Piloting it with colleges will be a key step towards it release, but Ramos said there’s still work to be done before schools can get their hands on it, including handling issues related to privacy and drawing up license agreements.
So many big data and analytics-focused startups are getting funding these days that I’ve been inspired to compile a second slideshow highlighting these companies. This new batch has reined in some $250 million this year as they seek to help organizations make sense of the seemingly endless pool of data going online.
So many big data and analytics-focused startups are getting funding these days that I’ve been inspired to compile a second slideshow highlighting these companies (see “13 Big Data and Analytics Companies to Watch” for the previous collection). This new batch has reined in some $250 million this year as they seek to help organizations more easily access and make sense of the seemingly endless amount of online data.
Headquarters: Redwood City, Calif.
Funding/investors: $9M in Series A funding led by Costanoa Capital and Data Collective.
Focus: Its data accessibility platform is designed to make information more usable by the masses across enterprises. The company is led by former Oracle, Apple, Google and Microsoft engineers and executives, and its on-premises and virtual private cloud-based offerings promise to help data analysts get in sync, optimize data across Hadoop and other stores, and ensure data governance. Boasts customers including eBay and Square.
Headquarters: Menlo Park, Calif. (with operations in India, too)
Funding/investors: $15M in Series B funding led by Scale Venture Partners and Next World Capital, bringing total funding to $23M.
Focus: Data science-driven predictive analytics software for sales teams, including the newly released Aviso Insights for Salesforce. Co-founder and CEO K.V. Rao previously founded subscription commerce firm Zuora and worked for WebEx, while Co-founder and CTO Andrew Abrahams was head of quantitative research and model oversight at JPMorgan Chase. The two met about 20 years ago at the National Center for Supercomputing Applications.
Headquarters: San Francisco
Funding/investors: $156M, including a $65M round in March led by Wellington Management.
Focus: Cloud-based business intelligence and analytics that works across compliance-sensitive enterprises but also gives end users self-service data access. This company, formed by a couple of ex-Siebel Analytics team leaders, has now been around for a while, has thousands of customers and has established itself as a competitor to big companies like IBM and Oracle. And it has also partnered with big companies, such as AWS and SAP, whose HANA in-memory database can now run Birst’s software.
Headquarters: Mountain View
Funding/investors: $39M, including a $20M Series C round led by Intel Capital in August.
Focus: A founding team from VMware has delivered the EPIC software platform designed to enable customers to spin up virtual on-premises Hadoop or Spark clusters that give data scientists easier access to big data and applications. (We also included this firm in our roundup of hot application container startups.)
Headquarters: San Francisco
Funding/investors: $76M, including $40M in Series E funding led by ST Telemedia.
Focus: Big data analytics application for Hadoop designed to let any employee analyze and visualize structured and unstructured data. Counts British Telecom and Citibank among its customers.
Deep Information Sciences
Funding/investors: $18M, including an $8M Series a round in April led by Sigma Prime Ventures and Stage 1 Ventures.
Focus: The company’s database storage engine employs machine learning and predictive algorithms to enable MySQL databases to handle big data processing needs at enterprise scale. Founded by CTO Thomas Hazel, a database and distributed systems industry veteran.
Headquarters: Santa Cruz
Funding/investors: $48M, including a $30M B round in March led by Meritech
Focus: Web-based business intelligence platform that provides access to data whether in a database or the cloud. A modeling language called LookML enables analysts to create interfaces end users can employ for dashboard or to drill down and really analyze data. Founded by CTO Lloyd Tabb, a one-time principal engineer at Netscape, where he worked on Navigator and Communicator. Looker claims to have Etsy, Uber and Yahoo among its customers.
Headquarters: Palo Alto
Funding: $14M, including $11M in Series A funding in May, with backers including Chevron Technology Ventures and Intel Capital.
Focus: Semantic search engine that plows through big data from multiple sources and delivers information in a way that can be consumed by line-of-business application users. The company announced in June that its platform is now powered by Apache Spark. Co-founder Donald Thompson spent 15 years prior to launching Maana in top engineering and architect jobs at Microsoft, including on the Bing search project.
Headquarters: Cambridge, Mass.
Funding/investors: $20M, including $15M in Series B funding led by Ascent Venture Partners.
Focus: This company, which got its start in Germany under founder Ingo Mierswa, offers an open source-based predictive analytics platform for business analysts and data scientists. The platform, available on-premises or in the cloud, has been upgraded of late with new security and workflow capabilities. Peter Lee, a former EVP at Tibco, took over as CEO in June.
Headquarters: Redwood Shores, Calif.
Funding/investors: $10M in Series A funding in March, from Crosslink Capital and .406 Ventures.
Focus: The team behind Informatica/Siperian MDM started Reltio, which offers what it calls data-driven applications for sales, marketing, compliance and other users, as well as a cloud-based master data management platform. The company claims its offerings break down silos between applications like CRM and ERP to give business users direct access to and control over data.
Headquarters: Palo Alto
Funding/investors: $900K in seed funding from investors including Andreessen Horowitz and Formation8.
Focus: A “data science platform for the unstructured world.” Sensai’s offering makes it possible to quantify and analyze textual information, such as from news articles and regulatory filings. The company is focused initially on big financial firms, like UBS, though also has tech giant Siemens among its earlier customers. Two of Sensai’s co-founders come from crowdfunding company Rally.org.
Funding/investors: $13.25M, including a $10M Series A round led by Foundry Group, New Enterprise Associates and Madrona Venture Group
Focus: This iPhone app enables businesses to tap into smartphone users (or “Fives”) to clean up big data in their spare time for a little spare cash. The idea is that computing power alone can’t be counted on to crunch and analyze big data. Micro-tasks include everything from SEO-focused photo tagging to conducting surveys.
Headquarters: Mountain View
Funding/investors: $23M, including $15M in January in Series B funding led by Scale Venture Partners.
Focus: Provides cloud services designed to simplify the collection, storage and analysis of data, whether from mobile apps, Internet of Things devices, cloud applications or other sources of information. This alternative to Hadoop platforms and services handles some 22 trillion events per year, according to the company, which has a presence not just in Silicon Valley, but in Japan and South Korea as well.