by Felicien | Aug 15, 2018 | Education
Azure Stack has commanded plenty of loyal followers since its release, and it’s easy to see why. The platform provides many of the same great benefits users found in Microsoft’s Azure. Chief among them is the impact on multi-cloud environments. Building and deploying applications have become easier than ever before, and users are now able to enjoy the same familiar, tried-and-true tools to streamline their web operations. These factors plus a wide variety of others combine to create a solid case for Azure Stack.
Before you decide if a service like Azure Stack is right for your company’s IT structure, it’s important to know what benefits you’re dealing with. Knowing the basics of Azure Stack and its usage capabilities can help you determine whether it makes sense for your unique business needs.
What is Azure Stack?
It’s an extension of Microsoft’s Azure, and helps companies combine cloud computing with on-premises environments. Consistency is key with this type of platform, as it allows companies to deliver Azure’s unique services from their own unique datacenter for consistent hybrid cloud deployments.
What Are Some Benefits of Azure Stack?
There are many benefits associated with Azure Stack. For instance, users can apply Azure web and mobile services, architectures, and containers to extend legacy applications through the use of consistent processes in the cloud and on-prem. They can also build applications with a consistent set of tools and services, then deploy those applications to the appropriate location by writing code just once.
It allows companies the flexibility to seamlessly transition workloads between private and public environments, bringing a whole new world of potential for those who have long hoped for a turnkey solution to deploying applications. While deploying new cloud applications once took hours or even days, with Azure Stack, users can deploy them in mere minutes with the use of prebuilt solutions from Azure’s Marketplace. Add-on products, such as Commvault Hyperscale, are also integrated easily with Azure Stack.
One other perk users find in Azure Stack is its payment structure. Users pay only for the services they actually use, which can also be found in Azure.
How Can Azure Stack Be Useful For Federal Agencies And Financial Service Providers?
While Azure Stack is beneficial to companies across diverse industries, its capabilities are particularly helpful in the federal agency and financial services realms. Nearly all industries must comply with some sort of financial regulations, required either by internal policies or by customers. Security-wise Azure Stack satisfies requirements that dictate sensitive data must be stored in one tightly managed location.
Among the many benefits of Azure Stack for federal agencies is the ability to provide edge and disconnected computing for remote users, such as military members in a combat zone or other areas where access to the cloud may be difficult to come by. The ability to process big data at the edge and have this data sent to one central location is highly useful to federal agencies.
Additionally, Azure Stack allows large agencies to build out private clouds to serve their internal teams, which provides specialized services both cost-effectively and securely. Azure Stack allows federal customers to remain compliant with governing regulations that call for the security of privileged and classified information, which may later be moved to a public cloud once those security requirements expire.
Adequate security is vital in the financial world, and today’s top financial organizations simply can’t afford a breach. Large financial service providers have the opportunity to host Azure Stack-as-a-service to other business units, resulting in a private cloud that becomes a consumable service. With this, business units are able to avoid the security issues that come from operating outside of a private cloud. Financial service providers are also able to now scale quickly with Azure Stack, given their ability to transition to the public cloud during times of heavy traffic.
What Are Some Azure Stack Storage Options?
When it comes to persistent storage while using Azure, developers are faced with three basic options:
Tables
Blobs
SQL Databases
The latter is a database-as-a-service that offers a variety of the same features found in SQL servers, but without the overhead of one key figure: database administration.
Tables have the capabilities to support upwards of 200TB of basic structured data. This may be a good option for those who prefer a NoSQL database, similar to that of MongoDB, but without the need to manage a data store service.
There is also the option of Blobs, short for binary large objects, which are unstructured storage objects built for the storage of binary data. It can be accessed through API commands or REST, and has about the same storage capacity as Tables.
Wrap Up
All in all, Azure Stack has proven well worth its weight in terms of convenience for developers. If its current state is any indication, there should be plenty of exciting new features to look forward to in the years to come.
by Felicien | Aug 15, 2018 | Education
GDPR and Health & Life Sciences Organizations in the US: 5 Facts You Need to Know
The European Union GDPR (General Data Protection Regulation) that was officially enacted on May 25, 2018 doesn’t just apply to organizations operating in Europe – it has a major impact here in the United States, too. And among those being impacted are health and life science organizations. Few would argue the importance of GDPR compliance, but the vast majority of those in the United States who are affected by these regulations don’t necessarily understand what it means.
What follows are five key facts about GDPR that you need to be aware of if you work in health and life sciences.
Fact #1: GDPR more broadly defines personal data than HIPAA does.
HIPAA focuses on Protected Health Information (PHI), which includes governing the use, disclosure, and protection of PHI by covered entities. As you probably already know, covered entities include health care providers and their business associates, along with service providers and third-party vendors who need access to PHI to perform their services.
GDPR, on the other hand, regulates how personal data is processed, not just PHI – and under the GDPR, almost all information is considered sensitive and therefore protected. This is a much broader definition of protected data. GDPR, therefore, also impacts much more than just the covered entities described by HIPAA. Any entity that processes the personal data (which includes maintaining, adapting, storing, transmitting, etc.) of a business or resident in the European Union falls under GDPR’s purview. Thus, the type of info protected and how it is processed under GDPR has a far broader definition.
Fact #2: GDPR differs from HIPAA in how it restricts the use and disclosure of personal data.
Both HIPAA and GDPR are structured to prohibit the use/disclosure of personal data unless there is a provision in the regulation that allows it. However, GDPR is far more restrictive than HIPAA and there are fewer exceptions to the provisions. To make matters more interesting, the GDPR is not always as clear in its guidance as HIPAA.
The GDPR affects all residents and business owners located in the European Union, and those who collect their PHI. HIPAA affects healthcare organizations located in the United States only, but there are healthcare organizations based in other countries who have offices in the US. These entities are required to comply.
Fact #3: HIPAA compliance does not mean GDPR compliance.
As you have probably guessed by now, just because you are HIPAA compliant does not mean that you are automatically GDPR compliant. As discussed, the GDPR covers much more than just PHI. However, being HIPAA compliant means that your company already has experience dealing with compliance issues and has an excellent foundation on which to build solid GDPR compliance. Just keep in mind that there are different requirements involved with GDPR.
Fact #4: GDPR can apply to US Health & Life Science Organizations.
If your organization is considered an establishment in the EU, then it must comply with GDPR. But what does it mean to have an establishment? In a nutshell, having an establishment in the EU means offering goods and services to EU residents. Even if your organization has no physical presence in the EU, or exists as an EU corporate entity, you are considered an establishment if you offer goods and services to residents of the EU.
Here’s another way your organization can be required to comply with GDPR: if you monitor the behavior of EU subjects. If EU residents go to your website and you analyze or track their behavior, this counts as monitoring the behavior of an EU resident. This is especially true if your website is aimed at EU residents, which includes factors such as using EU-specific language or currency symbols.
Fact #5: The timeframe for breach reporting is much shorter under GDPR than HIPAA.
Under HIPAA, your organization has no more than 60 days to officially report a breach to a regulatory body, the Health and Human Services (HHS) Office of Civil Rights (OCR), unless it can be demonstrated that there was a low risk that the data was actually compromised.
Under GDPR, that timeframe for making an official report to a regulatory body is shortened to just 72-hours. Under GDPR, the affected individuals must also be notified if the breach is a high risk to their rights and freedoms. Note that the focus of the GDPR is protecting the rights of the individual, while the aim of HIPAA is more about protection of the data itself.
Conclusion
Because healthcare is global, with diseases and illnesses refusing to acknowledge the existence of socio-political borders, the data related to healthcare is as well. In a very real sense, protecting our personal information including healthcare data is a global concern.
If you are part of a life science or healthcare organization in the US that has a presence on the web or works with entities (including business associates and vendors) who operate overseas, then you need to make sure that your organization is GDPR compliant. Being HIPAA compliant is an excellent foundation upon which to build GDPR compliance, but isn’t synonymous with GDPR compliance. While there are many similarities between HIPAA and GDPR, they involve very different goals and GDPR is much broader in its definitions of what constitutes protected data.
For most health and life sciences orgs, regardless of where they’re located, it’s important to understand both HIPAA and GDPR regulations. The fines and penalties for just one violation can be thousands of dollars.
by Felicien | Aug 14, 2018 | Education
Which Tablet Is Best For You: iPad Or Microsoft Surface Go?
Microsoft recently announced a new budget-friendly tablet called the Surface Go with a lower price than previous tablets. This new Surface Go 2-in-1 tablet is Microsoft’s attempt to make it more affordable and accessible for consumers. It doesn’t have the muscle of the Core i7-powered Surface Pro, but it’s half the price. To compete, Apple took a similar approach when it lowered the price of its baseline iPad to $329 ($299 for educators). It’s not as powerful as the iPad Pro, but it’s much less expensive for everyday customers.
Let’s break down what each of these tablets, the Microsoft Surface Go, and the iPad, offer you and find out what is the best tablet for you.
Software
How are they similar?
Both iPad and Microsoft Surface Go are 10-inch tablets with optional keyboards and stylus pens. They also allow you to use a bunch of apps for both work and entertainment similar to a smartphone. Aside from those similarities, Apple and Microsoft obviously are different in just about every aspect of the software hemisphere.
How are they different?
The Surface Go comes with Windows 10 S. This is the scaled-down version of Windows 10 created specifically for tablets. It is similar to Windows 10 Home, but can only use apps from the Microsoft’s Windows Store. Consumers are able, however, to upgrade to Windows 10 Home for free and use their Surface Go like a full Windows system.
The downside of this is that you can’t then revert back to Windows 10 S later. The upgrade, in the long run, seems worth it, because the full Windows experience offers more flexibility than a tablet-only Windows product. While there’s plenty of software available at the Microsoft app store, it pales in comparison to the amount you’ll find from other sources of Windows software, or the Android or iOS app stores.
The iPad uses Apple’s iOS, the same OS used by the iPhone. The iOS App Store features millions of apps of every kind, and you can enjoy the same user experience you do on the iPhone but in a larger version. The downside is that there’s no way to get access to macOS or OS X Mac software that is in the MacBook Pro on the iPad.
Display
How are they similar?
Both tablets have 10-inch screens, and they both are capable of stylus use.
How are they different?
Apple has much better resolution, but Microsoft has an edge in display size. The Surface Go has an 1800×1200 10.6-inch PixelSense display custom-built for the tablet. The iPad’s 9.7-inch Retina display has a narrower aspect ratio and a higher resolution, 2048×1536 pixels. In simpler terms, the iPad’s screen is slightly smaller than the Microsoft Surface Go, but it is crisper, featuring a pixel density of 264ppi as opposed to the Surface Go’s 217ppi.
Processor
Microsoft Surface Go
The Surface Go uses the Pentium Gold 4415Y CPU, which is a significant move down from a Core series chip. Not enough independent tests have been performed to see how exactly it will compare to the other Surface Pro tablets at this time.
iPad
The iPad uses Apple’s A10 Fusion chip, the same one that the iPhone 7 used. It’s a generation behind the A11 Bionic chip that the iPhone 8 and iPhone X uses, but it still does an extraordinary job inside a tablet.
Storage/RAM
The baseline Surface Go boasts 4GB of RAM and 64GB of onboard flash storage, twice as much as the iPad. The baseline $329 iPad features 2GB RAM, 32GB storage. Another edge the Surface Go has in this area is the ability to upgrade. The Surface Go has a microSD card slot, so you can expand storage, unlike the iPad.
Size
The iPad is marginally slimmer and lighter than the Surface Go. Apple’s 9.4-by-6.6-inch tablet is just 0.29 inches thick and weighs 1.05 pounds. The Surface Go is a tad bit thicker (0.33 inches), a little larger in footprint (9.6 by 7 inches) and weighs a tiny bit more (1.15 pounds).
iPad 2018 and Surface Go-Specs Side by Side:
iPad 2018 Surface Go:
A10 Fusion chip (2.34GHz quad-core) with 64‑bit architecture; embedded M10 coprocessor
1.6GHz Intel Pentium 4415Y processor (7th-gen Kaby Lake)
2GB RAM
4GB or 8GB RAM
32GB or 128GB storage
64GB, 128GB or 256GB storage
9.7in LED-backlit Multi-Touch display with IPS technology; 2048×1536 at 264ppi; 4:3 aspect ratio; supports Apple Pencil
Intel HD 615 integrated graphics
10in IPS screen; 1200×1800 at 217ppi; 3:2 aspect ratio; supports Surface Pen stylus
8Mp rear-facing camera; f/2.4 aperture; Live Photos; Panorama (up to 43Mp); 1080p HD video recording; slo-mo (120fps)
8Mp rear-facing camera
1.2Mp front-facing camera; f/2.2 aperture; Live Photos; Retina Flash; 720p HD video recording
5Mp front-facing camera
802.11a/b/g/n/ac Wi-Fi; Bluetooth 4.2; Lightning port; headphone jack
802.11a/b/g/n/ac Wi-Fi; LTE later in 2018; 1 x USB 3.0 Type C; 1 x Surface Connector; microSD; headphone jack
32.4Wh rechargeable lithium-polymer battery; estimated battery life 10 hours (Wi‑Fi), 9 hours (mobile data)
27Wh rechargeable battery; estimated battery life 9 hours
iOS 11
Windows 10 Home in S Mode
240mm x 169.5mm x 7.5mm; 469g/478g (Wi-Fi/cellular)
245mm x 175mm x 8.3mm; 522g
by Felicien | Aug 14, 2018 | Education
The Key Benefits and Potential Issues Involving Outsourced Healthcare IT That You Need to Know
Outsourcing refers to finding a third-party to deliver certain services. In the healthcare industry, outsourcing IT functions has been an acceptable alternative to an in-house IT staff for many years. As more and more healthcare providers are turning to managed IT services to meet their technology requirements, it is important to have a good understanding of the benefits and potential issues involved with outsourcing IT.
Time
One of the established benefits of outsourcing healthcare IT functions is that it can significantly reduce the time it takes to implement new technology and industry best practices. IT providers are pressured to stay on top of the latest developments in order to remain competitive with others.
There is another aspect to the pros when it comes to time: 24/7 operation. Many healthcare employees who must interact with IT systems to do their job do not always follow the traditional 9-to-5 work schedule. Outsourcing makes it possible to offer around-the-clock IT staffing and support to respond to user needs anytime they appear. It also makes 24/7 management of IT feasible. In addition, having an outsourced IT staff can have a positive impact by reducing system downtime. You’ll have someone available to work on the system whenever it fails (e.g., midnight on a holiday).
Qualified IT Staff
Smaller healthcare providers and those in more rural geographic areas can’t always compete for the best talent in the IT field. It can sometimes be difficult to recruit qualified IT staff in these situations, but outsourcing IT functions free healthcare providers from this constraint. They can make use of the best talent regardless of geographic location and are able to obtain access to that talent at a lower price.
Focus Onsite Talent
In addition, it makes it possible to have an onsite team that focuses on items that are more critical to the company’s mission, such as improving patient satisfaction. The more boring, repetitive aspects of IT can be outsourced, allowing a healthcare establishment to better optimize their use of talent they have successfully recruited.
Flexibility and Scalability
Another benefit of outsourcing IT is that it’s much easier to scale up IT resources as needed, as well as respond to temporary fluctuations. Many vendors offer burst capacity options that are only paid for when they are needed. You can scale down during low-peak seasons for your business, but the ability to scale up is always there. That’s real flexibility.
Compliance
Compliance is a major issue in healthcare. There are two major compliance-related pros to using a managed IT provider: more up-to-date knowledge of changing compliance landscape and the ability to conduct external audits without as much of a vested interest in the results.
However, there can be drawbacks related to compliance, too. If you outsource to someone outside of your region, they may not be familiar with the compliance regulations that need to be implemented. When the vendor is outside of your geographical boundaries, there can be potential complications with exporting data as well.
Costs
When it comes to costs, there is an abundance of benefits to hiring a healthcare IT managed service provider, including the following:
Cheaper than having an on-site IT staff
Reduces the capital investment required for on-site equipment
Can help reduce costs that are passed on to patients
Reduces the need for full-time IT employees
In addition, for smaller clinics there may not be funding for the infrastructure and security needed to support an on-site IT staff, making outsourcing an ideal solution.
Managing and Monitoring the Vendor
Without a reliable managed IT provider in the healthcare industry, especially in today’s climate of cybersecurity dangers, outsourcing IT functions could prove disastrous. However, it is still important to monitor the vendor. There is a critical need for someone to be the main resource who is responsible for interacting with each vendor. Failure to do so could have consequences.
Morale
If a healthcare group has an existing IT department, there is a strong probability that any on-site IT employees, whether officially or unofficially part of an IT department, may feel threatened by outsourcing. To minimize this, management needs to be honest and transparent about what is being outsourced and what is not.
Unrealistic Expectations
There is often a gap between what the healthcare business is expecting and what the managed IT professional actually provides. In fact, one of the biggest issues in healthcare IT is unrealistic expectations on behalf of the healthcare leaders. This can result from a poorly defined scope of work that invariably leads to major issues later on. That is why it’s vital that the key performance indicators are established early. Communication is so important when successfully working with any vendor. In addition, a failure to honestly communicate existing problems when evaluating potential vendors will only lead to more unrealistic expectations.
Conclusion
Outsourcing healthcare IT can provide numerous benefits, including faster setup, 24/7 IT operations management, state-of-the-art implementation, and significant cost reduction. However, there are risks to existing IT staff morale, the danger of unrealistic expectations, and potential issues with compliance issues. Do your research and make sure that the company you’re considering understands HIPAA and other regulations now required in the healthcare industry. Make sure you have a clear understanding of the services your managed healthcare IT provider will deliver.
by Felicien | Aug 14, 2018 | Education
Is It Safe For Me To Use The Airport’s Public Wi-Fi When I Travel?
Most airports around the U.S. and abroad provide free Wi-Fi service to travelers stranded in their terminals, waiting for their flights. While this service may appear to be generous, a recent study by Coronet, a cybersecurity company, suggests you might want to think twice before connecting to the airport’s Wi-Fi.
According to Coronet’s findings, most airport public networks are unencrypted, insecure, or improperly configured. Hackers, therefore, have easy access to devices connected to the networks and they can potentially steal your personal data.
What Can Hackers Take?
Most public connections are either unsecured or require shared passwords. Hackers want to get between you and the websites you visit in order to look at your information. They do this with little effort on public Wi-Fi networks.
A weak network makes it easy for a hacker to gain access credentials to cloud apps, such as Microsoft Office 365, G-Suite, Dropbox, and iCloud. They can send malware to your device and the cloud, as well as breach your various forms of infrastructures. Although it’s not horribly difficult to cancel and replace credit cards and void unauthorized transactions, once passwords and business digital frames are exploited, it’s incredibly challenging to recuperate complete control over them.
How Were These Findings Conducted?
Coronet revealed which airports have the most vulnerable networks. They came up with a ranking system of airports by their threat level. Coronet amassed data from more than 250,000 consumer and corporate endpoints over a 5-month period that went through the 45 busiest US airports. They gave each of the airports a threat index score after assessing the vulnerability of the traveler’s devices who used the airport’s network.
“Far too many U.S. airports have sacrificed the security of their Wi-Fi networks for consumer convenience. As a result, business travelers, in particular, put not just their devices, but their company’s entire digital infrastructure at risk every time they connect to Wi-Fi that is unencrypted, unsecured, or improperly configured. Until such time when airports take responsibility and improve their cybersecurity posture, the accountability is on each individual flyer to be aware of the risks and take the appropriate steps to minimize the danger.” – Dror Liwer, Coronet’s founder and CISO
Top 10 Most Cyber Vulnerable Airports:
Boston Logan International Airport
Detroit Metropolitan Wayne County Airport
Charlotte Douglas International Airport
Phoenix Sky Harbor International Airport
Dallas Love Field
Newark Liberty International Airport
Southwest Florida International Airport
William P. Houston Hobby Airport
John Wayne Airport-Orange County Airport
San Diego International Airport
How Did The Hackers Specifically Get Traveler’s Information?
In its report, Coronet revealed some specific ways in which hackers were able to infiltrate the airport’s network and steal people’s information. In the worst rated airport, the data revealed that hackers in San Diego set up an “Evil Twin” hotspot with the name “#SANfreewifi” at the airport to trick users into connecting to it. This allowed them to have access to all of the files that the victims downloaded or uploaded while they were connected. Similarly, at Houston’s William P. Hobby Airport, which was rated third weakest, hackers created a network named “SouthwestWiFi.”
Top 10 least vulnerable airports:
Chicago-Midway International Airport
Raleigh Durham International Airport
Nashville International Airport
Washington Dulles International Airport
San Antonio International Airport
Louis Armstrong New Orleans International Airport
Kansas City International Airport
Lambert St. Louis International Airport
Miami International Airport
Tampa International Airport
How Do I Prevent Hackers from Attacking Me?
You don’t have to stop using public Wi-Fi for the rest of your life, and it’s not exclusively the airport’s fault. Let’s look at an easy solution to protect you from the majority of hackers.
Make Passwords Stronger
You have the ability to turn on two-factor authentication for all your web services. How this works is when you try to login to a website, the website will text message your phone with a code that you’ll enter into the site in addition to your password.
Even if a hacker has your password, they won’t have your phone — which makes it much harder for them to log in to your account.
Use a VPN
A VPN (virtual private network) is a secure and private solution within the wider internet itself that allows you to send and receive data while maintaining the secrecy of a private network.
If you access your data remotely via a VPN connection when you use public Wi-Fi, it can protect data from interception and networks from compromise.
Stay Vigilant
Most importantly, remember to always be alert and use caution when browsing the internet. In your browser, block cookies and remove tracking. Avoid unsafe or untrusted software recommendations. And lastly, avoid suspicious links in your inbox or on your social media feeds.
