Monthly Archives: April 2022

It’s not necessarily devolution when you choose to go back to an outdated technology, although many people will be absolute in their thinking that it is. But there are plenty of instances where the way it used to be ends up working better, and often when new operating realities change the game. This can be true if we look at it from the perspective of data storage where companies are doing what everyone else is doing – that is, choosing to locate most of that data storage in the cloud. Now if we were to collectively lose our minds and revert back entirely to physical storage, that would be devolution.

Where we’re going with this is that some physical storage means are making a comeback, and for plenty good reasons. Tape storage for unstructured data is one example here that’s really at the forefront these days, and naturally anything related to data storage will be relatable for us here at 4GoodHosting or for any good Canadian web hosting provider. We’re always attuned to the need for data storage security, and it’s a priority for us in the same way it is for many of you.

So that is why we see tape storage’s ongoing resurgence as being at least somewhat newsworthy and we’re making it the topic for this week’s entry. Let’s get into it.

Obsolete? Not so Fast

The fact that a record 148 exabytes of tape was shipped last year definitely indicates that tape storage has not become obsolete at all. In fact, a recent report is showing that LTO tape saw an impressive 40% growth rate for 2021. The reason for this is many organizations are attempting to cut costs related to cloud storage when archiving their unstructured data. And while only 105EB of total tape capacity was shipped during the pandemic in 2020, the amount that was ordered for 2021 broke a new record.

What we’re seeing here is organizations returning to tape technology, seeking out storage solutions that have the promise of higher capacities, reliability, long term data archiving and stronger data protection measures that have what is needed to counter ever-changing and expanding cybersecurity risks.

Increasing prevalence and complexity of malware is a contributing factor too. Irreparable harm can come from an organization having its systems infected with malware and the potential for harm is nearly the same as when data is locked following a ransomware attack. It’s true there are many well-established ways a company can be proactive in defending against the latest cyberthreats, but at the same time tape storage prevents sensitive files and documents from being online to begin with.

Air Gap is Key

We’re also seeing many businesses and organizations turning to LTO tape technology for increased data protection in response to surging ransomware attacks. The key component in it that makes it superior and effective is an air-gap which denies cybercriminals the physical connectivity needed to access, encrypt, or delete data.

Also of significance in all of this is the 3-2-1-1 backup rule. You’ve likely never heard of that, so let’s lay out what it is. It means making at least three copies of data and storing them on 2 different storage mediums. And then with one storage location off site and another one offline. LTO-9 tape also makes it easier for businesses to store more data on a single tape because of its increased tape storage capacity that can be as high 45 terabytes when compressed.

As a last note promoting this type of storage for unstructured data, his medium also has the advantage of being backward compatible with LTO-8 cartridges in the event that any organization still needs to work with existing tape storage. It certainly is nice to have options, and sometime what is now old may be a better fit than what is newer and has replaced it.

Ransomware attacks can be headaches of the highest order, and in many instances they have disastrous repercussions and that is to say nothing of the way those repercussions are paired with major expenses no matter how the problem ends up being resolved. When Japanese automaker giant Toyota had to shut down 14 factories across the country for one day, it was staggering to see just how much in the way of financial loss could come from just 24 hours of dealing with an attack.

Most businesses will be of a much smaller scale, but there’s also been plenty of instances of data being breached for businesses that no one will necessarily be familiar with. No matter what size of operation, if you have sensitive data stored in digital format – and who doesn’t nowadays – then you will want to make sure you have all the defences in place there and ready to do their job if and when it’s needed of them. Ransomware attacks are increasing; between 2019 and the end of 2021 they had risen well over 200% overall worldwide, and again it’s not always just the big fish being attacked.

Likely goes without saying that data management and data security are two aspects of operation that we can relate to here at 4GoodHosting, and that will almost certainly be true for any other quality Canadian web hosting provider who has the same solid operating principles for their web hosting business. Like most we’re also as enthusiastic and bullish about the ever-evolving potential for cloud computing, which leads us to our topic of discussion for this entry – why do ransomware attacks tend to look past cloud computing environments when weighing potential victims?

Franchised Ransomware

A recent advisory from the Cybersecurity and Infrastructure Security Agency (CISA), the US FBI, and the NSA reveals the latest trend is now ransomware as a service. Where gangs of malicious hackers essentially ‘franchise’ their ransomware tools and techniques and then make them available to less organized or less skilled hackers. This works out to many more attacks, despite some of them being not as sophisticated as others for the same reasons.

But the long and short of it is protecting against ransomware attacks must be part of any organization’s holistic cybersecurity strategy. And it turns out that is especially true if you’re still operating data center infrastructure and not cloud infrastructure. Hardening data centers and endpoints to protect against ransomware attacks is more and more needed every year, but it is true that cloud infrastructure faces a different kind of threat.

To be clear – if your organization is all in the cloud, ransomware can be less of a worry.

What, and Why?

First and foremost you shouldn’t be mistaking ransomware attacks as simply data breaches. A data breach only means data has been exposed, and it doesn’t even necessarily connote that data has been taken. Ransomware isn’t primarily ‘stealing’ either, and with it the aim is not to steal your data necessarily. Instead the aim is usually to take control of the systems that house or encrypt your data and prevent you from having access to it, unless you pay to have that access re-established for you.

The reason why ransomware attacks are not being carried out against cloud environments has everything to do with fundamental differences between cloud infrastructure and data center infrastructure.

For starters, any cloud environment is not simply a remote replica of its onsite data center and IT systems. Cloud computing is 100% software driven by APIs – application programming interfaces— which function as middlemen for the software and allowing different applications to have interactions with each other. The control plane is the API surface that configures and operates the cloud, and that control pane may be used to build a virtual server, modify a network route, and gain access to data in databases or snapshots of databases.

Key Resilience

Cloud platform providers have been working around the understanding that consumers who will pay for the technology and service are expecting data to be robust and resilient. Keep in mind replicating data in the cloud is both easy and cheap, and a well-architected cloud environment ensures multiple backups of data are done regularly. That’s the key means by which an attacker’s ability to use ransomware is impeded. Frequent takings of multiple copies of your data means they have less of the ability to lock you out. Should an attacker be able to encrypt your data and demand a ransom, you can take all their leverage away from them with simply reverting to the latest version of the data backed up prior to the encryption.

Effective security in the cloud is the result of good design and architecture rather than reactive intrusion detection and security analysis. Hackers have no other choice but to try to exploit cloud misconfigurations that enable them to operate against your cloud control plane APIs and steal your data. And to this point very few if any of them have had much success with that.

Automation is Best

Having cloud security protocols working automatically is best, as the number of cloud services keeps growing along with the number of deployments most of you will have. Add all the expanding resources and you can get why there is a need to not be manually monitoring for misconfigurations and enabling developers to write code that can be flexible for future revisions. Hardening your cloud security ‘posture’ is helpful too, with efforts to know your operating environment and its weak points on an ongoing basis as well as continuously surveying your cloud environment, to maintain situational awareness at all times.

Successful organizations evaluate all the time to know where they stand, where they’re going, and to quantify the progress they’ve made and are making towards addressing vulnerabilities and the security incidents that have or may result from them.

Patience may well be a virtue, but few of us have much of it when we’re doing whatever is we’re doing online. We all remember those ads from years ago when broadband internet was new where they compared the previous super slow speeds as sucking a milkshake through the narrowest of straws. We’re a long way from that, and while the standard 1.5 gigabyte-per second speeds have been quite nice if there’s improvements to be made well then let’s get right to that.

Bell is one of the big players as a home broadband internet provider and they are the first to now be making 3 Gbps internet speeds available to Canadian consumers. We don’t need to talk about how this will appeal to people, and the needs for ever-better download and upload speeds is something that those of us here at 4GoodHosting will relate to in the same way any good Canadian web hosting provider would. We are tops for VPS virtual private server web hosting in Canada and we know that is sites like these with dynamic content that will be among the many that are better served this way.

People with sites hosted are going to want to have uptime guarantees for sure, but let’s not forget that these faster Internet speeds in Canada are also going to pair exceptionally well with the new 5G networks, and what is most noteworthy there is what that will do for Internet of Things applications and all that is set to do for the welfare of humanity and more.

Toronto is Canada’s most populous urban area, so it likely makes sense that the new 3-Gig internet speeds are going to be made available there first. Exciting news for anyone in Hogtown, so let’s use this week’s entry to look into this in greater detail.

Sub-30 Seconds

Downloading a 10GB file might not have necessarily been daunting in the past, but you would certainly understand you wouldn’t be viewing anything anytime soon. With this new type of high speed internet, it is a whole different story. Bell announced this new plan on April 6^th, and as mentioned the fanfare expected for doubling existing Internet speeds to a full 3 Gbps is needing no explanation. That’s for both download and upload speeds, and we haven’t touched on what this will do for gaming either.

At peak performance, users can download a 10GB file in under 30 second and the plan is ideal for users like content creators who have ongoing needs to move data to and from the cloud, and in very large quantities. Downloading games is going to benefit in a big way too, and downloads of tens or even hundreds of gigabytes isn’t going to seem like such a big deal. Small businesses and home offices may see higher productivity levels resulting from the higher bandwidth to increase productivity.

Start in TO, but Expansion Soon

This is all part of making broadband and higher-speed Internet available to all, and Bell is only one of many providers who are taking part in the initiative. They are in the midst of their most aggressive fibre buildout ever in 2022, aiming to connect 900,000 more homes and businesses across much of Canada with direct fibre connections and making this type of upload and download speeds available to all of them.

Bell’s 2-year capital expenditure program has put almost $10 billion into this, and it is now in its second year where the focus is on an efficient and timely rollout of its broadband fibre, 5G and rural networks.

All of this stands to be fairly reasonably priced too – currently this new internet package from Bell is available to GTA area residents for $150 a month, and they are at this time offering the Home Hub 4000 router-modem with Wi-Fi 6 capabilities. If the highest of high-speed internet is music to your ears then get set to be as pleased as can be.

If there has been any time in human history where technological advances in computing have come as fast and furious as they have recently, we’re not aware of it and likely you aren’t either. What comes with so much promise also comes with some level of trepidation for people, but that has always been the case with any type of game-changer advance that’s been seen in human society. A.I. is a great example where we wouldn’t even think about slowing the speed of change it is promising but at the same time most of us hope this doesn’t go sideways in any regard.

But one aspect of this where the potential positive ramifications absolutely must be encouraged is with making better use of data. This is something that any Canadian web hosting provider will be able to relate to, and here at 4GoodHosting we are no different. We understand the magnitude and potential for data management, but can also relate to a lot of shortcomings in how this data is understood and utilized properly.

Which leads us to the topic at hand here today. Advances in AI research have made it so that the use of computer algorithms to differentiate patterns from noise in data is entirely possible, and we now have open-source software and many data scientists streaming into the field. All of this leads to the belief that computer science, statistics, and information technology can lead to a successful AI project with useful outcomes. Teaching humans to think like AI will have value, but will have more of it is teaching AI to understand the value of humans.

Deep – and Deeper – Learning for Neural Networks

One of the most notable ways deep learning neural networks are being put to use is in healthcare, and specifically with more accurately predicting health outcomes. What we are seeing now is state-of-the-art AI algorithms for predicting health outcomes fairly accurately. This could be for whether a patient should be readmitted to the hospital following a surgery, or any number of other very significant decisions that can be better made by AI and its modeling as compared to what a doctor might advise.

While it is true that the deep learning models performed better than some standard clinical models, they still came up short in regards to logistic regression, a widely used statistical method. This suggests that AI learning does have limitations, but it seems the consensus those limitations are a) not significant enough to scale back deployment, and b) likely addressed in future advances with the technology.

Use of AI in healthcare is a great example of how the technology projects, so we’ll stick with it for now. There are indeed limitations, and to address them the early days of this roll out had the readers harmonizing all the data and feeding it into a deep learning algorithm before endeavouring to make sense of it. Some factors that may not be useful for clinical intervention weren’t included, and primarily because they can’t be changed.

The factors that were prioritized for incorporation into neural network architecture were the ones that would improve the performance and the interpretability of the resulting predictive models. Still, until recently there was less of a focus on how all of this would work when dealing with the human operation end of the equation, and that’s where the focus needs to be now.

Advantage to Human Side of AI

Human involvement with an AI project needs to start with a programmer or engineer formulating the question the AI is to address. Let’s say right off the bat that AI will not be able to master this anytime soon. It will require depth, breadth, and synthesis of knowledge of different kinds and AI simply isn’t there yet. Imaging what is missing or what is wrong from what is known is – at least for now – very difficult for modern AIs to do.

Humans are also needed for knowledge engineering. This part of it has been important in the AI field for decades and the current focus is on domain-specific knowledge in the right format to the AI. Reason being so that it doesn’t need to start from scratch when solving a problem. As powerful as AI can be, we should remember that humans have an ability to synthesize knowledge that far exceeds what any computer algorithm can do. That right there is the crux of why valuable human input and reciprocal learning is going to be absolutely essential if AI is going to do what we hope it will.

As AI moves ever forward in being a big part of our lives, it is important to remember that users and those who stand to benefit from it have a key role to play in the data science process attached to the development of it. Done right it will improve the results of an AI implementation and reduce the potential for harm or misuse.