Able-One Blog

By: Gavriel Meir-Levi, Enforcive Inc and Brian Olson, Able-One Systems Inc.

In order to ease the password management experience for their end-users, many enterprises are considering implementing Single Sign-On (SSO). SSO provides many benefits, such as requiring a user to only sign on once in a multi-server environment. SSO server becomes the “keeper of the keys” of your IT estate.

Challenges of Single Sign-On

The challenging aspect of SSO is that implementation usually takes a couple of months and requires considerable investment of staff hours and capital. The other major problem with SSO, is that it creates a single point of failure both in terms of system resiliency and security. If your SSO server fails or is compromised, EVERYONE IS IMPACTED!

Imagine a castle where the draw-bridge fails. Worse yet, if your SSO server gets compromised, it has all of your organization’s credentials. Single sign-son’s greatest strength is also its greatest weakness; single point of failure.​

Password Self-Service

Password Self-Service by Enforcive takes a different approach. Instead of locking all of the passwords up in a single sign-on castle, Password Self Service creates a resilient on-going password management strategy that’s more like an ​EZ Pass to a city’s roads, bridges and tunnels or a passport that allows you to travel throughout Europe.​

Password Self Service does not store any of your passwords locally, it just synchronizes and monitors them throughout all of your systems; IBM i, AIX, Linux, Windows AD, OpenLDAP and others.​ The passwords stay exactly in the same place they were before PSS was installed, thus solving the single point of failure problem. 

Empowering your end users is a crucial piece of this puzzle. You do not want your Help Desk getting that 2AM call from the CEO who is in Indonesia getting ready for a meeting and is literally locked out of everything.

Integrating Password Self-Service

If you run IBM iSeries as well as Windows servers, setting up the IBM i server to interface with Windows Active Directory is relatively easy, creating single sign-on functionality between Windows and the iSeries. This solves the problem of having to sign on separately for Windows and the iSeries. 

From a password management perspective, once you bring the Help Desk into the equation, things get a bit trickier.  ​Your iSeries team will have to make a difficult choice to:

1. ​Give the Help Desk SECADMIN privileges, or
2. Turn your iSeries support staff into the Help Desk​

​Neither option is particularly attractive. ​  Giving your users the power to reset their own passwords eliminates this issue.

In terms of implementation, while SSO often turns into a complex and costly project, Password Self Service by Enforcive can be implemented in a manner of days. It provides critical help for your Help Desk by enabling your end-users to securely reset their own passwords 24/7, vastly improving your organization's ROI in terms of Help Desk staffing and resources.​

PSS uses challenge questions, secure tokens and an authentication server call to make sure your end-user is who they say they are​ and​ administrators ​have ​great flexibility in how they implement the tool. Once an end-user has been validated, passwords can be synchronized so that they only have to remember one password.

Empowering your end users to better and more seamlessly manage their credentials while enabling access for different parts of your IT estate without creating a single point of failure is a great way to harden security, improve user experience and help your Help Desk.

Contact Brian Olson of Able-One at brian.olson@ableone.com or 519-570-9100 ext 7316 for more information or to set up a PSS demonstration webinar for you today.  ​

Guest blog post by John Kelly, Founding Partner of KOgent Systems, LLC.

I started a new software consulting company, KOgent Systems LLC., exactly five years ago today.

I was coming from a twenty year consulting career focused primarily on the IBM i. In my previous life, I had worked for two of the largest software tool vendors for the IBM i, and over the previous decade, I had managed an eCommerce solution designed to integrate into all the major ERP systems (i.e., JD Edwards and others). We had implemented 100s of eCommerce projects working within a wide variety of customer markets. The product was well-known in the industry, widely used and the services practice had been profitable under my watch.   

Now, I was on my own with a new staff. I had to consider which way to go, and what tools and products I would invest in for the transition to a new development platform. I chose ZEND PHP. Why?

1. Platform Independence

Did I want to be free of the IBM i? No. I was raised on the box, and I’ve had too many successes on the platform to cast aspersions on the technology. But we all know all good things come to an end, and I want the freedom to run anywhere. I want the freedom of choice. Zend PHP provides this choice for me.

2. Legacy Integration

Let’s face it, most of the software development work that I do is integration work into pre-existing packages, and ERPs. I don’t write from scratch anymore. I extend and improve. I extend the life of the legacy applications by transforming them to run on new devices – mobile or the web. The Zend server open source PHP toolkit for the IBM i provides me with this capability. It provides direct integration for all IBM i objects – RPGILE, CL, C, data areas, etc. There is nothing I can’t touch directly – this makes me happy.

3. MVC Architecture

PHP scares some people because they remember the days of SQL injections, and unmaintainable code. Back when PHP was a basic scripting language, it was easy to learn and easy to write code in bad form. The IBM i community has a long memory. This has long changed with the introduction of the modern PHP frameworks. The modern Zend Framework 2 architecture is a true enterprise level OO development platform. Its structure promotes highly modular design while supporting large groups of developers. This is a product built for professionals. 

4. Enterprise Level Support

I wanted an open source product with enterprise level support. I want to be able to tell my customers that the chosen technology has a strong support backbone, which means a long life. I don’t want to be the only guy on the block running Python on the IBM i. Yeah, I’m sure it can be done, and it would be cool, I just don’t want to be the only guy doing it.   

5. My Gut

Ok, this is the real reason. It felt good. I went with my gut like I always do. I tend to spend a lot of time researching, and analyzing something that my gut told me was the right choice from day one. Remember, this is a blog, I’m allowed to have opinions and back them up with nothing. My gut has never let me down (except for that one time with the redhead in the 8th grade). But otherwise, I tend to go with my gut.

Check back next week when I provide you with some real life examples of how listening to my gut worked out. I will explain how we used Zend PHP to integrate into the IBM i, and SAP running on Linux simultaneously to provide a new B2B site for one of the largest retail chains in the country.

Last week, Able-One Systems held our 19^th Annual Customer Appreciation Golf Tournament. Despite guaranteed thunderstorms in the forecast, the weatherman was wrong (yet again!) and it turned out to be a beautiful day and another successful event. Many thanks to the team at Conestoga Country Club for the hospitality!

Prior to teeing off, the attendees enjoyed a breakfast seminar including four presentations with the theme of energy efficiency. The speakers and some of the highlights are summarized below. If you would like to receive a copy of the presentations or get further information on any of the topics please contact us here.

Lenovo

• Configuration and usage tips to extend the battery life and improve the performance of your laptop
• The costs savings that result from these minor changes can be significant
• Maintaining old, non-virtualized servers in your environment is costing you and the environment more than you think

Exact Energy

• The Ontario Power Authority is offering 100% funded engineering studies and providing implementation incentives that lead to payback periods of months not years.
• Other saveONenergy programs to assist with:
  • audits
  • retrofits
  • processes & systems 
  • metering
• Several attendees of the presentation took advantage of the offer of a free site walk through with Exact Energy sponsored by Able-One. If you would like to learn more please click here.

Able-One Systems

• Our CTO discussed many of today’s green data center initiatives worth understanding:
  • Software Define Storage
  • Cloud Computing & Shared Infrastructure
  • VDI (Virtual Desktop Infrastructure)

Swing Master – Mackenzie Hughes 

The final presentation of the morning was a real treat for the golf enthusiasts in the room. Mackenzie Hughes, the 2013 PGA Tour Canada Order of Merit winner, provided the group with tips & tricks on achieving an energy efficient swing. If you would like to follow along with his golf journey you can visit his website: http://mackenziehughesofficial.com.

Here's the video of golf tips from Mackenzie Hughes:

Unfortunately the golf season is nearing its end; however these tips are certain to help me down the final stretch!

The War Amps of Canada

Every year a charity or non-profit is selected to benefit from our Charity Hole Challenge. We are proud to have selected The War Amps of Canada Child Amputee Program (CHAMP) as this year’s beneficiary. Since the beginning of CHAMP, generations of child amputees have benefited from financial assistance for artificial limbs, regional seminars and peer support.

This organization touches close to home as described by one of our very own Senior Engineers, Gary Evans, “if it weren’t for the technical training that the War Amps helped me achieve after my accident I would not have been able to join the Able-One team 15 years ago”. We would like to thank Kelly Campbell, Manager of the War Amps PLAYSAFE/DRIVESAFE Program for attending and speaking on The War Amps' behalf.

Fundraising Goals

This year we raised an impressive $1,800 on the charity hole, which Able-One Systems has once again matched, bringing the total donation to $3,600! If you would like to support the War Amps yourself please check out their Twitter account @TheWarAmps or their Facebook page. 

By Eden Watt, Vice President, Application Innovation, Able-One Systems

The importance of information technology – not only from the operational perspective of maintaining mission critical systems – but also strategically steering the organization to face competition and meet the needs of a new generation of customers who have unprecedented expectations on how you must engage with them – is a given in today’s business world. 

To stay on top of these ever-changing demands, an understanding of where technology is going should be in the wheelhouse of every C-suite executive (not just the CIO).

To help advise customers in this area, I’ve always found tracking the Top Ten Strategic Technology Trends that Gartner releases annually to be a good starting point. Anyone who has been involved in steering technology decisions over the last five years will know that mobile, analytics, social, and cloud computing along with security concerns, have been key drivers for buying decisions.

However, as technology matures and morphs, the complexity of these requirements (and offerings) take on new meaning. Consider the chart below which summarizes Gartner’s Top Ten Technology Trends for the past 7 years. I’ve highlighted Mobile topics in Green, Analytics in Purple and Cloud in Blue to give you a flavour for how these have all evolved and in many cases become intertwined.

For 2015, Gartner has grouped their Technology Trends into three areas, as follows:

Merging the Real World and The Virtual World

1. Computing Everywhere – This is an extension of the mobile evolution but encompasses computing everywhere around us, not just mobile devices but screens everywhere, wearable devices, car systems, etc.  and many form factors, screen sizes, interaction styles (touch, voice, keyboard, mouse, gesture), platforms, and architectures.
2. The Internet of Things – This encompasses the growing world of gadgetry, displays and smart sensors,  embedded intelligence and tracking with data streams and services created by digitizing everything with four identified usage models that must be considered — Manage, Monetize, Operate and Extend. Over 50% of Internet connections are “things”.
3. 3D Printing – is growing rapidly in key areas: 

• BioPrinting – still emerging but can be used today for products such as hearing aids and prosthetic limbs
• Consumer – 95% increase predicted for 2016, becoming pervasive
• Enterprise – 81.9% increase, injection molds cut tooling costs by up to 97%, Innovation opportunities to be more responsive and agile to customer needs

Intelligence Everywhere

Computing is all around us and embedded in everything that we do so that we can’t just think about “computing” and automation but intelligence; big data is not as important as BIG ANSWERS.

4. Advanced, Pervasive and Invisible Analytics - Analytics embedded everywhere, not just one data warehouse
5. Context-Rich Systems – Systems that understand and respond based on who, what, when, where, how and why
6. Smart Machines - autonomous vehicles, advanced robotics, virtual personal assistants and smart advisors are leading us to a new age of machine helpers

The New IT Reality Emerges

7. Cloud/Client Computing - unify cloud and mobile strategies
8. Software-Defined Applications and Infrastructure – everything is programmable, API’s for everything
9. Web-Scale IT - Global class of computing that can deliver capabilities similar to the large cloud services providers to the enterprise
10. Risk-Based Security and Self-Protection – security must be a consideration with a more and more digitized future, enable applications to protect themselves, security-aware application design

It’s a lot to absorb so we will try to tackle some of these topics in more depth in future posts. Just remember, much of the science fiction you enjoy have their ideas rooted in current science and technology and what is predicted in the future.  With ingenuity and a commitment to innovation, you can move your business forward to take advantage of emerging technology trends in a practical manner.

For regular updates on technology trends, sign up for our free monthly newsletter.