Understanding Data Fabric

Srinivasan Sundararajan

In the recently announced Technology Trends in Data Management, Gartner has introduced the concept of “Data Fabric”. Here is the link to the document, Top Trends in Data and Analytics for 2021: Data Fabric Is the Foundation (gartner.com).

As per Gartner, the data fabric approach can enhance traditional data management patterns and replace them with a more responsive approach. As it is key for the enterprise data management strategy, let us understand more about the details of data fabric in this article.

What is Data Fabric?

Today’s enterprise data stores and data volumes are growing rapidly. Data fabric aims to simplify the management of enterprise data sources and the ability to extract insights from them. A data fabric has the following attributes:

  • Connects to multiple data sources
  • Provides data discovery of data sources
  • Stores meta data and data catalog information about the data sources
  • Data ingestion capabilities including data transformation
  • Data lake and data storage option
  • Ability to store multi-modal data, both structured and unstructured
  • Ability to integrate data across clouds
  • Inbuilt graph engine to link data for providing complex relationships
  • Data virtualization to integrate with data that need not be physically moved
  • Data governance and data quality management
  • Inbuilt AI/ML engine for providing machine learning capabilities
  • Ability to share the data both within enterprises and across enterprises
  • Easy to configure work-flows without much coding (Low Code environment)
  • Support for comprehensive use cases like Customer 360, Patient 360 and more

As evident, Data Fabric aims to provide a super subset of all the desired data management capabilities under a single unified platform, making it an obvious choice for future of data management in enterprises.

Data Virtualization

While most of the above capabilities are part of existing data management platforms for the enterprise, one important capability that is part of data fabric platform is the data virtualization.

Data virtualization creates a data abstraction layer by connecting, gathering, and transforming data silos to support real-time and near real-time insights. It gives you direct access to transactional and operational systems in real-time whether on-premise or cloud.

The following is one of the basic implementations of data virtualizations whereby an external data source is queried natively without actually moving the data.  In the below example, a Hadoop HDFS  data source is  queried from a data fabric platform such that the external data can be integrated  with other data.

AI Devops Automation Service Tools

While this kind of external data source access it there for a while, data fabric also aims to solve the performance issues associated with the data virtualization. Some of the techniques used by data fabric platforms are:

  • Pushes some computations to the external source to optimize the overall query 
  • Scales out computer resources by providing parallelism

Multi Cloud   

As explained earlier, one another critical capability of data fabric platforms is its ability to integrate data from multi cloud providers. This is at the early stages as different cloud platforms have different architecture and no uniform way of connectivity between them. However, this feature will grow in the coming days.

Advanced Use Cases 

Data fabric should support advanced use cases like Customer 360, Product 360, etc. These are basically comprehensive view of all linkages between enterprise data typically implemented using graph technologies. Since data fabric supports graph databases and graph queries as an inherent feature, these advanced linkages are part of the data fabric platform.

Data Sharing  

Data fabric platforms should also focus on data sharing, not within the enterprise but also across enterprise. While focus on API management helps with data sharing, this functionality has to be enhanced further as data sharing also needs to take care of privacy and other data governance needs.

Data Lakes 

While the earlier platforms similar to data fabric have worked on the enterprise data warehouse as a backbone, data fabric utilizes a data lake as it is the backbone. A data lake is a centralized repository that allows you to store all your structured and unstructured data at any scale. You can store your data as-is, without having to first structure the data, and run different types of analytics – from dashboards and visualizations to big data processing, real-time analytics, and machine learning to guide better decisions.

Data Fabric Players

At the time of writing this article, there are no ratings from Gartner in the form of magic quadrant for Data Fabric Platforms. However, there is a report from Forrester which ranks data fabric platforms in the form of a Forrester Wave.

Some of the key platforms mentioned in that report are:

  • Talend
  • Oracle
  • SAP
  • Denodo Technologies
  • Cambridge Semantics
  • Informatica
  • Cloudera
  • Infoworks

While the detailed explanation and architecture of these platforms can be covered in a subsequent article, a sample building blocks of Talend data fabric platform is illustrated in the below diagram.

AIOps Artificial Intelligence for IT Operations

Enterprises can also think of building their data fabric platform by combining the best of features of various individual components. For example, from the Microsoft ecosystem perspective:

  • SQL Server Big Data Clusters has data virtualization capabilities
  • Azure Purview has data governance and metadata management capabilities
  • Azure Data Lake Storage provides data lake capabilities
  • Azure Cosmos DB has graph database engine
  • Azure Data Factory has data integration features
  • Azure Machine Learning and SQL Server have machine learning capabilities

However, as evident, we are yet to see strong products and platforms in the areas of multi cloud data management, especially data virtualization across cloud providers in a performance focused manner.

About the Author –

Srini is the Technology Advisor for GAVS. He is currently focused on Healthcare Data Management Solutions for the post-pandemic Healthcare era, using the combination of Multi-Modal databases, Blockchain, and Data Mining. The solutions aim at Patient data sharing within Hospitals as well as across Hospitals (Healthcare Interoperability) while bringing more trust and transparency into the healthcare process using patient consent management, credentialing, and zero-knowledge proofs.

Moving Ahead as Managers

Bindu

Bindu Vijayan

When I was recently asked to drive employee experience at GAVS, I thought, what an opportunity to support a group who are deliverers of high-value systems! I have personally seen the Leadership’s wisdom and the passion to drive GAVS forward as a meaningful and purposeful company. This is an opportunity to help deliver fine-tuned responses through earnest feedback.  And thus, started a somewhat ministerial role – listening truly, relating to what is being heard, because we believe there is a huge potential to strengthen bonds.

Operational execution takes place from the Managers, and here at GAVS, the value system is entrenched in the belief that seniors serve the needs of others; the inverse pyramid.  I have seen our CEO, Sumit Ganguli, treating everyone like a Leader, and everyone is given the responsibility to know and understand the company and the business. The earnest attempt is to have employees relate to GAVS, be the best brand ambassadors for the values and culture we stand for. 

Often times, we as Managers are going through the stress from genuinely caring to get everything right and move projects and teams forward along with the company, but it might be a totally different story with the teams we are managing – things aren’t going too well, and even before we realize what is going on, people leave us.

This points us to a need to recalibrate ourselves and our managerial style, and sometimes our self-calibration can have profound implications for the organization.

Was it a single event that had team members leave? It most times isn’t, it is a collection of problems…no quick fixes or silver bullets, but let’s take the medicine, the whole course, that would turn things around. We have all been on both sides and know what it is to open up and give honest feedback, the genuine hope and excitement about change, and as Managers today, we are happy to actually have individuals open up.   

Who am I as a Manager?

Ed Catmull, President, and co-founder of Pixar writes, “We acknowledge we will always have problems, many of them hidden from our view; that we work hard to uncover these problems, even if doing so means making ourselves uncomfortable

As a Manager, let me take a real hard look at myself in the mirror to see what I might be doing wrong.  Why are my team members quitting? How do I lead? Is it through ‘Power’, as in our real inner power to lead with positivity and assertiveness, or is my leadership about ‘force’, where my authority, screaming, bullying, manipulating, sycophancy that drives my team along with me?

Making time for everyone

Let us make time to meet every single person in our team even when we are managing large teams. Scheduling that one crucial hour with each team member is giving them the opportunity to be a reviewer, exchange seats with them, and see it through their eyes.  Keep the agenda for the meeting to speak only about how we can improve managing them, all defenses down.

Demonstrate we see them as our peers, listen…

Listen to everything they have to say, without interrupting. Be a true listener, and promises are to be made and to be kept. The worst thing for us to do is to have that ‘excellent chat’ and go back to the ‘same old’.

Get straight forward feedback from the team and give them immunity for saying it the way it is

Sometimes we need to hear the little harsh truths about ourselves. And the team doesn’t want to see us defensive about our ways of impacting them wrong. We have to hear them out, and everything they want to say, and that’s the first step for them to choose to stay. People should feel safe to talk about things they want as improvements, and to be heard on what is working vs things that are not working.

Don’t wait on actions

Unless commitment is made, there are only promises and hopes, but no plans” – Peter Drucker

I don’t mean there is a magic wand that we can use for everything to turn good overnight. But continuous improvements, by way of small consistent steps, should be visible, and getting everyone involved in it would be a great way to get it right. Everybody wants to see progress.

Here are some toxic traits that call for recalibration;

  • Highly irritable, short-tempered
  • Arrogant, unapproachable
  • Getting defensive about constructive criticism
  • Overtly dominant
  • Belittling other people’s feelings
  • Highly controlling
  • Manipulative

Today, it is interesting to see lots of new-age companies where there are zero hierarchies, employees and leaders are like family. The millennials and the Gen Z are comfortable being who they really are, and we Managers from different demographics must simply jump in and learn from their signature authenticity.

About the Author –

Bindu Vijayan takes care of Employee Experience at GAVS, she works towards creating an environment that’s conducive to passion and make employees feel valued as individuals. She is an avid reader, enjoys music and poetry, and is a devoted mother and a grand-mother. An ardent Kafka fan, she relates to his famous quote, “Don’t bend; don’t water it down; don’t try to make it logical; don’t edit your own soul according to the fashion. Rather, follow your most intense obsessions mercilessly.”

Celebrating Inspirational Women

Rajeswari S

“Each of us has that right, that possibility, to invent ourselves daily. If a person does not invent herself, she will be invented. So, to be bodacious enough to invent ourselves is wise.”  – Maya Angelou

Yet another International Women’s Day is around the corner! Every year, our strength, perseverance, and glory reach newer heights. I would like to take this opportunity to celebrate some inspirational women.

The Prestigious Firsts!

All-women crew

Captain Zoya Aggarwal, Captain Papagari Thanmai, Captain Akansha Sonaware and Captain Shivani Manhas of the all-female pilot crew of Air India made history by completing the longest non-stop commercial flight ever. They covered more than 8,600 miles and flew over the North Pole.

Kamala Harris

She is the United States’ first female vice president, the highest-ranking female elected official in U.S. history, the first African American vice president, and the first Asian American vice president. Kamala Harris became the Vice President upon inauguration in 2021 alongside President Joe Biden in the 2020 US election.

Women with Amazing Minds and Hearts

Shalini Saraswathi

  • A modern-day woman, balancing her corporate job, blogging, and fitness.
  • A blade marathon runner and an adventure enthusiast.
  • Lost both her arms and legs to a rare form of bacterial infection. Hard work, focus, and perseverance became a pole of strength. She soon completed a 10k marathon with an outstanding record of 1 hour and 35 minutes!
  • Awarded several times with the ‘Iconic Woman Award’. 

Vandana Shah

  • At 28, abused by in-laws and thrown out of her marital home at 2 am; had little money, nowhere to go, and no one to turn to.
  • Today, a leading divorce lawyer and the founder of India’s first non-judgemental divorce support group that provides a positive perspective and focuses on rebuilding life even while going through a divorce.
  • Author of 360 Degrees Back to Life – a Litigant’s Humorous Perspective on Divorce.
  • Launched the world’s and India’s first legal app, DivorceKart, which aims to answer all legal queries regarding divorce instantly.

Daniela Rus

  • Romanian-American roboticist, an MIT professor and the first female head of MIT’s Computer Science and Artificial Intelligence Lab (CSAIL), one of the largest and most prestigious AI research labs in the world.
  • Rus’ ground-breaking research has contributed immensely to networked collaborative robots (robots that can work together and communicate with one another), self-reconfigurable robots (robots that can autonomously change their structure to adapt to their environment), and soft robots (robots without rigid bodies).

Leila Jana

  • A social entrepreneur and a great young Indian origin humanitarian.
  • Pioneer in the field of impact sourcing.
  • Leila founded Samasource in 2008 with the mission of giving work, not aid, by hiring workers in impoverished areas, training them in AI data annotation, and providing the technology to plug their skills into the global digital economy where they could earn living wages. 

Pappammal

  • 105-year-old Pappamal, a centenarian from Tamil Nadu, India, was conferred the Padma Shri (fourth-highest civilian award in India) for her work in organic farming for the past 70 years!
  • Does organic farming in about 2.5 acres of her land; cultivates a variety of crops including millets, bananas, and okra.
  • A part of the TN Agricultural University’s advisory committee, and keeps abreast of the latest developments in organic farming by taking part in conferences.

Why Women make Great Leaders

While we see men and women leaders run several successful businesses, does the word “leadership” mean the same to them? A survey conducted by a US talent management solutions company says, 65% of women (versus 56% of men) said they view leaders as those who share their knowledge and connect with their colleagues to help the team and business. When women bring this attitude into managerial roles, it makes them more effective as leaders.

Emily He, Oracle’s Sr. VP of the Human Capital Management Cloud Business Group says “In contrast to men, who tend to be career-centric and want to maximize their financial return from work, women view work more holistically, as a component of their overall life plan. They’re more likely to approach their careers in a self-reflective way and value factors such as meaning, purpose, connection with co-workers and work-life integration.”

Hear it from other women leaders too.

On being nurturing

“One of the key aspects of leadership is the ability to help your team members develop their own skills and strengths. Women are naturally nurturing, which in the best scenarios can translate to helping those around you succeed.” – Marilyn Heywood Paige, VP Marketing, FiG Advertising

On valuing work-life balance“We are able to balance professional and personal leadership skills. It’s easier to approach a women leader with a personal request, or a sensitive question. I care about my team and their well-being. I also find women more proactive in becoming mentors, and sometimes it’s already such an open and communicative relationship that the transition to mentor is easy.” – Amy Killoran, Creative Manager, I Love Travel

On wearing many hats

“They often balance careers, households and even aging parents, among other things. Women pivot, adjust and focus on solutions. Resting in the doom and gloom can be time-consuming, so many shift to find positive solutions to life and work problems.” – Gretchen Halpin, Chief Strategy Officer, Hewins Financial Advisors

We’re Tough, We’re Ambitious, We’re Different!

References:

About the Author –

Rajeswari is part of the IP team at GAVS. She has been involved in technical and creative content development for the past 13 years. She is passionate about music and writing and spends her free time watching movies or going for a highway drive.

From Good to Great – DNA of a Successful Leader (PART II)

Rajeswari S

Before you are a leader, success is all about growing yourself. When you become a leader, success is all about growing others” – Jack Welch

In my previous article, I wrote about a few qualities that make for a good leader. In this article, I discuss a few ways in which a leader can become great from good.

  1. Seek to understand and be understood: Seeking feedback and taking criticisms is not an easy task for anyone. When you are holding a leadership position and people look up to you, it is even more difficult. But a true leader does exactly that and does it HONESTLY. A good leader focuses on the needs of others. When you are open to feedback and constructive criticism, you have the right to give the same to others. Make genuine efforts to listen when your team speaks. Great leaders listen first, speak second.
  1. Be there: Being there is just not about being the center of attention. You need to be there for your people during critical times and help members across your organization find solutions to roadblocks. Mentorship is an art. Your people should accept you as their mentor and gaining that space is not as easy.
  1. Demonstrate empathy and compassion: This quality is an extension of the previous point. When you are laser-focused on your goals, it can be difficult to focus on the needs of others around. You need to know not only how your actions affect people, but what you need to do to show understanding and sympathy for others.
  1. Get curious: Leaders are often driven with an insatiable desire to learn; they push the limits of what’s possible and explore opportunities as a continuous process. Expanding your mind can often be as simple as reading and asking ‘why’ more often. Curiosity can help you to get to the root of a problem and promote better ideas and thoughts. Leaders think and embrace others’ ideas. A correctly asked question with the right intention could lead to many opportunities and achievements.
  1. Be in the know: Leaders go out of their way to stay educated and up-to-date. Intentional learning is a continuous process of acquiring, understanding information with the goal of making yourself more intelligent and prepared on a specific subject. People cannot always see your work, it is how you talk that creates the first impression. When you make an informed or up-to-date speech, you get the edge over others.
  1. Enjoy the ride: Smart leaders know that their journey is often more rewarding than their destination. Which is why they take the time to enjoy life and what they have already achieved because they know nothing can last forever. When you can enjoy the journey, you’ll be amazed by what you can learn. A great leader embraces each day as an experience. They grow every day!
  1. Celebrate and Connect: Leaders working toward a brighter future share their success with the people they care about – business partners and customers, family and friends, employees, and their families, etc. Great leaders celebrate other’s victory as their own; this creates a high-performing team and culture. A true captain takes time to know about the people around her and their lives. It goes a long way in running not only a successful business but a happy one too!
  1. Pursue new experiences: Mountains are interesting to watch and hike. Why? Because of its rugged terrain and unpredictable nature. Straight roads are boring, that is why we sleep on a highway drive! An intelligent leader is never complacent and constantly pushes himself out of his comfort zone. To stay prepared for any bumps along the road, leaders actively pursue new experiences that allow them to learn and grow. From starting a new venture to coaching a little league to diversifying the business.

Unique brands of Leadership

A quick look at successful CEOs, new-age entrepreneurs, and their unique leadership mantras:

Ø  Sundar Pichai, CEO, Alphabet Inc. and its subsidiary Google LLC

Leadership mantra:

  1. Never forget your roots
  2. Focus more on others’ success than your own
  3. Empower the youth
  4. Stay humble and keep learning

Ø  Bill Gates, Founder, Microsoft

Leadership mantra: 

  1. Knowledge is different from wisdom
  2. Take a step-by-step approach to make progress towards your vision
  3. Empower people to create new opportunities to explore ideas; Embrace creativity
  4. Be caring and passionate

Ø  Suchi Mukherjee, CEO, Limeroad, an Indian online marketplace
Leadership mantra: True leadership is about enabling the voice of the youngest team member.

Ø  Amit Agarwal, CEO, NoBroker, a real estate search portal
Leadership mantra: Leaders provide employees the opportunity to be leaders themselves.

References   

About the Author –

Rajeswari is part of the IP team at GAVS. She is involved in technical and creative content development for the past 13 years. She is passionate about music and writing and spends her free time watching movies or going for a highway drive.

 

Tuning Agile Delivery for Customer and Employee Success

Ashish Joseph

What is Agile?

Agile has been very popular in the software development industry for empowering delivery to be more efficient and effective. It is a common misconception for Agile to be thought of as a framework or a process that follows a methodology for software development. But Agile is a set of values and principles. It is a collection of beliefs that teams can use for decision making and optimizing project deliveries. It is customer-centric and flexible, helping teams adapt accordingly. It doesn’t make the decision for the team. Instead, it gives a foundation for teams to make decisions that can result in a stellar execution of the project.

According to the Agile Manifesto, teams can deliver better by prioritizing the following over the other.

  • Individuals and Interactions over process and tools
  • Working Model over Comprehensive Documentation
  • Customer Collaboration over Contract Negotiation
  • Responding to Changes over following a Plan

With respect to Software Development, Agile is an iterative approach to project management which help teams deliver results with measurable customer value. The approach is designed to be faster and ensures the quality of delivery that is aided with periodic customer feedbacks. Agile aims to break down the requirement into smaller portions, results of which can be continuously evaluated with a natural mechanism to respond to changes quickly.

AIOps Artificial Intelligence for IT Operations

Why Agile?

The world is changing, and businesses must be ready to adapt to how the market demands change over time. When we look at the Fortune 500 companies from 1955, 88% of them perished. Nearly half of the S&P 500 companies is forecasted to be replaced every ten years. The only way for organizations to survive is to innovate continuously and understand the pulse of the market every step of the way. An innovative mindset helps organizations react to changes and discover new opportunities the market can offer them from time to time.

Agile helps organizations execute projects in an everchanging environment. The approach helps break down modules for continuous customer evaluation and implement changes swiftly.

The traditional approach to software project management uses the waterfall model, where we Plan, Build, Test, Review and Deploy. But this existing approach would result in iterations in the plan phase whenever there are deviations in the requirement with respect to the market. When teams choose agile, it helps them respond to changes in the marketplace and implement customer feedback without going off the plan. Agile plans are designed in such a manner to include continuous feedback and its corresponding changes. Organizations should imbibe the ability to adapt and respond fast to new and changing market demands. This foundation is imperative for modern software development and delivery.

Is Agile a right fit for my Customer? People who advocate Agile development claim that Agile projects succeed more often than waterfall delivery models. But this claim has not been validated by statistics. A paper titled “How Agile your Project should be?” by Dr. Kevin Thompson from Kevin Thompson Consulting, provides a perspective from a mathematical point of view for both Agile and Waterfall project management. Here both approaches were followed for the same requirements and were also affected by the same unanticipated variables. The paper focused on the statistical evidence to support the validity of both the options to evaluate the fit.

While assessing the right approach, the following questions need to be asked

  • Are the customer requirements for the project complete, clear and stable?
  • Can the project effort estimation be easily predicted?
  • Has a project with similar requirements been executed before?

If the answer to all the above questions are Yes, then Agile is not the approach to be followed.

The Agile approach provides a better return on investment and risk reduction when there is high uncertainty of different variables in the project. When the uncertainty is low, waterfall projects tend to be more cost effective than agile projects.

Optimizing Agile Customer Centricity

Customer centricity should be the foundation of all project deliveries. This help businesses align themselves to the customer’s mission and vision with respect to the project at hand. While we consider an Agile approach to a project in a dynamic and changing environment, the following are some principles that can help organizations align themselves better with their customer goals.

  • Prioritizing Customer Satisfaction through timely and continuous delivery of requirements.
  • Openness to changing requirements, regardless of the development phase, to enable customers to harness the change for their competitive advantage in the market.
  • Frequent delivery of modules with a preference towards shorter timelines.
  • Continuous collaboration between management and developers to understand the functional and non-functional requirements better.
  • Measuring progress through the number of working modules delivered.
  • Improving velocity and agility in delivery by concentrating on technical excellence and good design.
  • Periodic retrospection at the end of each sprint to improve delivery effectiveness and efficiency.
  • Trusting and supporting motivated individuals to lead projects on their own and allowing them to experiment.

Since Agile is a collection of principles and values, its real utility lies in giving teams a common foundation to make good decisions with actionable intelligence to deliver measurable value to their customers.

Agile Empowered Employee Success

A truly Agile team makes their decisions based on Agile values and principles. The values and principles have enough flexibility to allow teams to develop software in the ways that work best for their market situation while providing enough direction to help them to continually move towards their full potential. The team and employee empowerment through these values and principles aid in the overall performance.

Agile not only improves the team but also the environment around which it is established by helping employees to be compliant with respect to audit and governance.  It reduces the overall project cost for dynamic requirements and focuses on technical excellence along with an optimized process for its delivery. The 14th Annual State of Agile Report 2020 published by StateofAgile.com surveyed 40,000 Agile executives to get insights into the application of Agile across different areas of enterprises. The report surveyed different Agile techniques that contributed most towards the employee success of the organization. The following are some of the most preferred Agile techniques that helped enhance the employee and team performances.

Best AI Auto Discovery Tools

All the above Agile techniques help teams and individuals to introspect their actions and understand areas of improvement in real time with periodic qualitative and quantitative feedback. Each deliverable from multiple cross functional teams can be monitored, tracked and assessed under a single roof. All these techniques collectively bring together an enhanced form of delivery and empower each team to realize their full potential.
Above all, Agile techniques help teams to feel the pulse of the customer every step of the way. The openness to change regardless of the phase, helps them to map all the requirements leading to an overall customer satisfaction coupled with employee success.

Top 5 Agile Approaches

Best AIOps Platforms Software

A Truly Agile Organization

Majority of the Agile approach has been concentrated towards development, IT, and Operations. However, organizations should strive towards effective alignment and coordination across all departments. Organizations today are aiming for greater expansion of agility into areas beyond building, deploying, and maintaining software. At the end of the day, Agile is not about the framework. It is all about the Agile values and principles the organizations believe in for achieving their mission and vision in the long run.

About the Author –

Ashish Joseph is a Lead Consultant at GAVS working for a healthcare client in the Product Management space. His areas of expertise lie in branding and outbound product management. He runs a series called #BizPective on LinkedIn and Instagram focusing on contemporary business trends from a different perspective. Outside work, he is very passionate about basketball, music, and food.

Vision for 2021

Sumit Ganguli

CEO, GAVS Technologies

God, grant me the serenity to accept things, I cannot change,

Courage to change the things I can,

And the wisdom to know the difference.

The events of 2020 have reaffirmed in me the ethos conveyed by this stanza, from the Serenity Prayer.

For us, COVID has been up close and personal. One of our key clients, Bronx Care Hospital has been an epicenter of the pandemic in New York City. The doctors, staff and support staff, including GAVS’ IT support engineers have experienced the devastating effect of this pandemic, up close and personal. GAVS’ technical team supported the ICUs and patient care units at the hospitals during the peak of pandemic.

“Every day we witness these heroic acts: one example out of many this week was our own Kishore going into our ICU to move a computer without full PPE (we have a PPE shortage). The GAVS technicians who come into our hospital every day are, like our doctors and healthcare workers, the true heroes of our time.”

Ivan Durbak, CIO, BronxCare Health System

“GAVS Team was instrumental in assisting the deployment of digital contact less care solutions and remote patient monitoring solutions during the peak of COVID. Their ability to react in quick time really helped us save more lives than what we could have, with technology at the fore-front.”

Dr. Sridhar Chilimuri, Chairman, Dept. of Medicine, BronxCare Health System

The alacrity with which our colleagues in India addressed the remote working situation and the initiative that they have demonstrated in maintaining business continuity for the clients in the US have inspired us at GAVS and  have reaffirmed our belief that we are on the way to create a purposeful company.  

The biggest learning from 2020, is that we need to be mindful of the fragility of life and truly make every day count. At GAVS, we are committed to use technology and service for the betterment of our clients and our stakeholders; and anchor this with our values of Respect, Integrity, Trust and Empathy.

The year was not without some positives. Thanks to some new client acquisitions and renewed contracts we have been able to significantly expand the GAVS family and have registered a 40% growth in revenue. 

We have formed Long 80, A GAVS & Premier, Inc. JV and have started reaching out to Healthcare providers in the US. We are reaching out to some of the largest hospitals in North America offering our AI-based Infrastructure Managed Services, Cybersecurity solutions, Prescriptive and Predictive Healthcare Solutions based on Analytics.

“Moving from a vendor-only model with GAVS to a collaborative model through Long 80 expands Premier’s current technology portfolio, enabling us to offer GAVS’ technology, digital transformation and data security services and solutions to US healthcare organizations. We are extremely excited about this opportunity and look forward to our new relationship with GAVS.”

Leigh Anderson, President, Performance Services, Premier, Inc.

This year, we see the Premier team growing by an additional 120 persons to continue to support their initiative to reduce costs, improve efficiency, enhance productivity and faster time to market.

We aim to hit some milestones in our journey of enabling AI-driven Digital Transformation in the Healthcare space. We have constituted a team dedicated to achieving that.

We are contemplating on establishing the GAVS Healthcare Institute in partnership leading institutions in India and US to develop competency within GAVS in the latest technologies for the healthcare space.

GAVS is committed to being a company focused on AI, and newer technologies and promote GAVS’ AI led Technology Operations, Zero Incident Framework. In 2021, we will work on increasing our ZIF sites around the US and India.  

Based on inputs from our Customer Advisory Board, we at GAVS would like to build a competency around Client Relationship and empower our Client Success Managers to evolve as true partners of our Clients and support their aspirations and visions.  

GAVS is also making strong progress in the BFS sector and we would like to leverage our expertise in AI, Blockchain, Service Reliability and other digital technologies.

GAVS has the competency to support multiyear contracts and there will be a push to reach out to Sourcing Companies, Influencers and partners to garner these long-term predictable business.

We will continue to build competency and expertise around Innovation, and there are some initiatives that we will be putting in place to promote a Culture of Innovation and have measurable successes under Novelty of Innovation.

Our experience of 2020 has inspired us to once again remind ourselves that we should make GAVS an aspirational company, a firm that is purposeful and anchored with our values.

Palo Alto Firewall – DNS Sinkhole

Ganesh Kumar J

Starting with PAN-OS 6.0, DNS sinkhole is an action that can be enabled in Anti-Spyware profiles. A DNS sinkhole can be used to identify infected hosts on a protected network using DNS traffic in environments where the firewall can see the DNS query to a malicious URL.

The DNS sinkhole enables the Palo Alto Networks device to forge a response to a DNS query for a known malicious domain/URL and causes the malicious domain name to resolve to a definable IP address (fake IP) that is given to the client. If the client attempts to access the fake IP address and there is a security rule in place that blocks traffic to this IP, the information is recorded in the logs.

Sample Flow

We need to keep the following in mind before assigning an IP address to DNS sinkhole configuration.

When choosing a “fake IP”, make sure that the IP address is a fictitious IP address that does not exist anywhere inside the network. DNS and HTTP traffic must pass through the Palo Alto Networks firewall for the malicious URL to be detected and for the access to the fake IP to be stopped. If the fake IP is routed to a different location, and not through the firewall, this will not work properly.

Steps:

  1. Make sure the latest Antivirus updates are installed on the Palo Alto Networks device. From the WebUI, go to Device > Dynamic Updates on the left. Click “Check Now” in the lower left, and make sure that the Anti-Virus updates are current. If they are not, please do that before proceeding. The Automatic Updates can be configured if they are not setup.

Fig1.1

IT Automation with AI

Note: A paid Threat Prevention subscription for the DNS sinkhole is required to function properly.

  1. Configure the DNS Sinkhole Protection inside an Anti-Spyware profile. Click on the Objects > Anti-Spyware under Security Profiles on the left.
    Use either an existing profile or create a new profile. In the example below the “alert-all” is being used:

Fig1.2:

Office 365 Migration

Click the name of the profile – alert-all, click on the DNS Signatures tab.

Fig1.3:

Software Test Automation Platform

Change the “Action on DNS queries” to ‘sinkhole’ if it is not already set to sinkhole.
Click on the Sinkhole IPv4 field, either select the default Palo Alto Networks Sinkhole IP (72.5.65.111) or a different IP of your choosing. If you opt to use your own IP, ensure the IP is not used inside your network and preferably not routable over the internet (RFC1918).
Click on Sinkhole IPv6 and enter a fake IPv6 IP. Even if IPv6 is not used, something still needs to be entered. The example shows ::1. Click OK. 

Note: If nothing is entered for the Sinkhole IPv6 field, OK will remain grayed out.

  1. Apply the Anti-Spyware profile on the security policy that allows DNS traffic from the internal network (or internal DNS server) to the internet. Click on Policies> Security on the left side. Inside the rules, locate the rule that allows DNS traffic outbound, click on the name, go to the Actions tab, and make sure that the proper Anti-Spyware profile is selected. Click OK..

Fig1.4:

Software Product Engineering Services

  1. The last thing needed is to have a security rule that will block all web-browsing and SSL access to the fake IP 72.5.65.111 and also :1 if using IPv6. This will ensure to deny traffic to the fake IP from any infected machines.

Fig1.5:

Security Iam Management Tools

  1. Commit the configuration

Fig1.6:

Rpa in Infrastructure Management

(To be continued…)

References:

About the Author –

Ganesh is currently managing Network, Security and engineering team for a large US based customer. He has been associated with the Network & Security domain for more than 15 years.

Container Security

Anandharaj V

We live in a world of innovation and are beneficiaries of new advancements. New advancements in software technology also comes with potential security vulnerabilities.

‘Containers’ are no exception. Let us first understand what a container is and then the vulnerabilities associated with it and how to mitigate them.

What is a Container?

You might have seen containers in the shipyard. It is used to isolate different cargos which is transported via ships. In the same way, software technologies use a containerization approach.

Containers are different from Virtual Machines (VM) where VMs need a guest operating system which runs on a host operating system (OS). Containers uses OS virtualization, in which required processes, CPU, Memory, and disk are virtualized so that containers can run without a separate operating system.

In containers, software and its dependencies are packaged so that it can run anywhere whether on-premises desktop or in the cloud.

IT Infrastructure Managed Services

Source: https://cloud.google.com/containers

As stated by Google, “From Gmail to YouTube to Search, everything at Google runs in containers”.

Container Vulnerabilities and Countermeasures

Containers Image Vulnerabilities

While creating a container, an image may be patched without any known vulnerabilities. But a vulnerability might have been discovered later, while the container image is no longer patched. For traditional systems, it can be patched when there is a fix for the vulnerability without making any changes but for containers, updates should be upstreamed in the images, and then redeployed. So, containers have vulnerabilities because of the older image version which is deployed.

Also, if the container image is misconfigured or unwanted services are running, it will lead to vulnerabilities.

Countermeasures

If you use traditional vulnerability assessment tools to assess containers, it will lead to false positives. You need to consider a tool that has been designed to assess containers so that you can get actionable and reliable results.

To avoid container image misconfiguration, you need to validate the image configuration before deploying.

Embedded Malware and Clear Text Secrets

Container images are collections of files packaged together. Hence, there are chances of malicious files getting added unintentionally or intentionally. That malicious software will have the same effect as of the traditional systems.

If secrets are embedded in clear text, it may lead to security risks if someone unauthorized gets access.

Countermeasures

Continuous monitoring of all images for embedded malware with signature and behavioral detection can mitigate embedded malware risks.

 Secrets should never be stored inside of containers image and when required, it should be provided dynamically at runtime.

Use of Untrusted Images

Containers have the advantages of ease of use and portability. This capability may lead teams to run container images from a third party without validating it and thus can introducing data leakage, malware, or components with known vulnerabilities.

Countermeasures

Your team should maintain and use only trusted images, to avoid the risk of untrusted or malicious components being deployed.

Registry Risks

Registry is nothing but a repository for storing container images.

  1. Insecure connections to registries

Images can have sensitive information. If connections to registries are performed over insecure channels, it can lead to man-in-the-middle attacks that could intercept network traffic to steal programmer or admin credentials to provide outdated or fraudulent images.

You should configure development tools and containers while running, to connect only over the encrypted medium to overcome the unsecured connection issue.

  1. Insufficient authentication and authorization restrictions

As we have already seen that registries store container images with sensitive information. Insufficient authentication and authorization will result in exposure of technical details of an app and loss of intellectual property. It also can lead to compromise of containers.

Access to registries should authenticated and only trusted entities should be able to add images and all write access should be periodically audited and read access should be logged. Proper authorization controls should be enabled to avoid the authentication and authorization related risks.

Orchestrator Risks

  1. Unbounded administrative access

There are many orchestrators designed with an assumption that all the users are administrators but, a single orchestrator may run different apps with different access levels. If you treat all users as administrators, it will affect the operation of containers managed by the orchestrator.

Orchestrators should be given the required access with proper role-based authorization to avoid the risk of unbounded administrative access.

  1. Poorly separated inter-container network traffic

In containers, traffic between the host is routed through virtual overlay networks. This is managed by the orchestrator. This traffic will not be visible to existing network security and management tools since network filters only see the encrypted packets traveling between the hosts and will lead to security blindness. It will be ineffective in monitoring the traffic.

To overcome this risk, orchestrators need to configure separate network traffic as per the sensitivity levels in the virtual networks.

  1. Orchestrator node trust

You need to give special attention while maintaining the trust between the hosts, especially the orchestrator node. Weakness in orchestrator configuration will lead to increased risk. For example, communication can be unencrypted and unauthenticated between the orchestrator, DevOps personnel, and administrators.

To mitigate this, orchestration should be configured securely for nodes and apps. If any node is compromised, it should be isolated and removed without disturbing other nodes.

Container Risks

  1. App vulnerabilities

It is always good to have a defense. Even after going through the recommendations, we have seen above; containers may still be compromised if the apps are vulnerable.

As we have already seen that traditional security tools may not be effective when you use it for containers. So, you need a container aware tool which will detect behavior and anomalies in the app at run time to find and mitigate it.

  1. Rogue containers

It is possible to have rogue containers. Developers may have launched them to test their code and left it there. It may lead to exploits as those containers might not have been thoroughly checked for security loopholes.

You can overcome this by a separate environment for development, test, production, and with a role-based access control.

Host OS Risks

  1. Large attack surface

Every operating system has its attack surface and the larger the attack surface, the easier it will be for the attacker to find it and exploit the vulnerability and compromise the host operating system and the container which run on it.

You can follow the NIST SP 800-123 guide to server security if you cannot use container specific operating system to minimize the attack surface.

  1. Shared kernel

If you only run containers on a host OS you will have a smaller attack surface than the normal host machine where you will need libraries and packages when you run a web server or a database and other software.

You should not mix containers and non-containers workload on the same host machine.

If you wish to further explore this topic, I suggest you read NIST.SP.800-190.


References

About the Author –

Anandharaj is a lead DevSecOps at GAVS and has over 13 years of experience in Cybersecurity across different verticals which include Network Security, application Security, computer forensics and cloud security.

Business Intelligence Platform RESTful Web Service

Albert Alan

Restful API

RESTful Web Services are REST architecture based web services. Representational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. In this architectural style, data and functionality is considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web.

RESTful Web Service

REST has some advantages over SOAP (Simple Objects Access Protocol) but is similar in technology since it is also a function call via HTTP protocol. REST is easier to call from various platforms, transfers pure human-readable data in JSON or XML and is faster and saves resources.

In the basic idea of REST, an object is accessed via REST, not its methods. The state of the object can be changed by the REST access. The change is caused by the passed parameters. A frequent application is the connection of the SAP PI via the REST interface.

When to use Rest Services

  • You want to access BI platform repository objects or perform basic scheduling.
  • You want to use a programming language that is not supported by another BI platform SDK.
  • You want to extract all the query details and number of records per query for all the reports like Webi and Crystal, etc.
  • You want to extract folder path of all reports at once.

Process Flow

RESTful Web Service

RESTful Web Service Requests

To make a RESTful web service request, you need the following:

  • URL – The URL that hosts the RESTful web service.
  • Method – The type of HTTP method to use for sending the request, for example GET, PUT, POST, or DELETE.
  • Request header – The attributes that describe the request.
  • Request body – Additional information that is used to process the request.

Common RWS Error Messages

RESTful Web Service

Restful Web Service URIs Summary List

URLResponseComments
  /v1Service document that contains a link to the /infostore API.This is the root level of an infostore resource
  /v1/infostoreFeed contains all the objects in BOE system/v1/infostore
  /v1/infostore/ <object_id>Entry corresponding to the info object with SI_ID=./v1/infostore/99
      /v1/logon/longReturns the long form for logon, which contains the user and password authentication template.Used to logon to the BI system based on the authentication method.
  /v1/users/ <user_id>  XML feed of user details in BOE systemYou can Modify user using PUT method and DELETE user using DELETE method.
    /v1/usergroups/ <usergroup_id>    XML feed of user group details in BOE systemSupport GET and PUT and DELETE method. You can Modify user group using PUT method and DELETE user group using DELETE method.
  v1/folders/ <folder_id>XML feed displays the details of the folder, can be used to modify the details of the folder, and delete the folder.You modify the folder using PUT method and DELETE the folder using DELETE method
  /v1/publicationsXML feed of all publications created in BOE systemThis API supports GET method only.

Extended Workflow

 The workflow is as follows:

  • To Pass the Base URL

GET http:///localhost:6405/biprws/v1/users

  • To Pass the Headers

  • To Get the xml/json response

Automation of Rest Call

The Business Intelligence platform RESTful Web Service  (BI-REST-SDK) allows you to programmatically access the BI platform functionalities such as administration, security configuration and modification of the repository. In addition, to the Business Intelligence platform RESTful web service SDK, you can also use the SAP Crystal Reports RESTful Web Services  (CR REST SDK) and SAP Web Intelligence RESTful Web Services (WEBI REST SDK).

Implementation

An application has been designed and implemented using Java to automate the extraction of SQL query for all the webi reports from the server at once.

Tools used:

  • Postman (Third party application)
  • Eclipse IDE

The structure of the application is as below:

The application file comprises of the required java jar files, java class files, java properties files and logs. Java class files (SqlExtract) are the source code and will be compiled and executed using command prompt as:

Step 1

  • Javac -cp “.;java-json.jar;json-simple-1.1.jar;log4j-1.2.17.jar” SqlExtract.java

 The above command compiles the java code.

Step 2

  • Java -cp “.;java-json.jar;json-simple-1.1.jar;log4j-1.2.17.jar” SqlExtract.java

 The above command runs the compiled java file.

The java properties file (log4j) is used to set the configurations for the java code to run. Also, the path for the log file can be set in the properties file.

RESTful Web Service

The logs (SqlExtractLogger) consist of the required output file with all the extracted query for the webi reports along with the data source name, type and the row count for each query in the respective folder in the path set by the user in properties file.

RESTful Web Service

The application is standalone and can run in any windows platform or server which has java JRE (version greater than 1.6 – preferred) installed in it.

Note: All the above steps required to execute the application are consolidated in the (steps) file.

Conclusion

SAP BO provides Restful web service to traverse through its repository, to fetch structural info and to modify the metadata structure based on the user requirements. When integrated with programming languages like python, java, etc., extends the scope to a greater extent, allowing the user to automate the workflows and to solve the backtracking problems.

Handling Restful web service needs expertise in server administration and programming as changes made to the metadata are irreversible.

References

About the Author –

Alan is a SAP Business Intelligence consultant with a critical thinking and an analytical mind. He believes in ‘The more extensive a man’s knowledge of what has been done, the greater will be his power of knowing what to do’.

Center of Excellence – .Net

Best Cyber Security Services Companies

“Maximizing the quality, efficiency, and reusability by providing innovative technical solutions, creating intellectual capital, inculcating best practices and processes to instill greater trust and provide incremental value to the Stakeholders.”

With the above mission,we have embarked on our journey to establish and strengthen the .NET Center of excellence (CoE).

“The only way to do great work is to love what you do.” – Steve Jobs

Expertise in this CoE is drawn from top talent across all customer engagements within GAVS. Team engagement is maintained at a very high level with various connects such as regular technology sessions, advanced trainings for CoE members from MS, support and guidance for becoming a MS MVP. Members also socialize new trending articles, tools, whitepapers and blogs within the CoE team and MS Teams channels setup for collaboration. All communications from MS Premier Communications sent to Gold Partners is also shared within the group. The high-level roadmap as planned for this group is laid out below.

Best DCaas Providers in USA
<!–td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}–>
Best DCaas Providers in USA<!–td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}–>
Best DCaas Providers in USA

The .NET CoEfocused on assistingourcustomers in every stage of theengagement right from on-boarding, planning, execution, technical implementation and finally all the way to launching and growing. Our prescriptive approach is to leverage industry-proven best practices, solutions, reusable components and include robust resources, training, and making a vibrant partner community.

With the above as the primary goal in mind the CoE group is currently engaged inor planning the following initiatives.

Technology Maturity Assessment

One of the main objectivesof this group is to provide constant feedback to all .NET stack project for improvement and improvisation. The goal for this initiative is to build the technology maturity index for all projects for the below parameters.

Best Virtual Desktop Infrastructure Software

Using those approaches within a short span of time we were able to make a significant impact for some of our engagements.

Client – Online Chain Store: Identified cheaper cloud hosting option for application UI.

Benefits: Huge cost and time savings.

Client – Health care sector: Provided alternate solution for DB migrations from DEV to various environments.

Benefits: Huge cost savings due to licensing annually.

Competency Building

“Anyone who stops learning is old, whether at twenty or eighty.” – Henry Ford

Continuous learning and upskilling are the new norms in today’s fast changing technology landscape. This initiative is focused on providing learning and upskilling support to all technology teams in GAVS. Identifying code mentors, supporting team members to become full stack developers are some of the activities planned under this initiative.  Working along with the Learning & Development team,the .NET CoE isformulating different training tracks to upskill the team members and provide support for external assessments and MS certifications.

Solution Accelerators

“Good, better, best. Never let it rest. ‘Till your good is better and your better is best.” – St. Jerome

The primary determinants of CoE effectiveness are involvement in solutions and accelerators and in maintaining standard practices of the relevant technologies across customer engagements across the organization.

As part of this initiative we are focusing on building project templates, DevOps pipelines and automated testing templates for different technology stacks for both Serverless and Server Hosted scenarios. We also are planning similar activities for the Desktop/Mobile Stack with the Multi-Platform App UI (MAUI) framework which is planned to be released for Preview in Q4 2020.

Blockchain Solution and Services

Additionally, we are also adoptingless-code, no-code development platforms for accelerated development cycles for specific use-cases.

As we progress on our journey to strengthen the .NET CoE, we want to act as acatalyst in rapid and early adoption of new technology solutions and work as trusted partners with all our customer and stakeholders.

If you have any questions about the CoE, you may reach out to them at COE_DOTNET@gavstech.com

CoE Team Members

  • Bismillakhan Mohammed
  • Gokul Bose
  • Kirubakaran Girijanandan
  • Neeraj Kumar
  • Prasad D
  • Ramakrishnan S
  • SaphalMalol
  • Saravanan Swaminathan
  • SenthilkumarKamayaswami
  • Sethuraman Varadhan
  • Srinivasan Radhakrishnan
  • Thaufeeq Ahmed
  • Thomas T
  • Vijay Mahalingam