3 Ways Enterprise IT Will Change in 2014

The holiday season is a great time to look back at the year, with an eye toward what we in the ever-changing world of information technology can expect in 2014. These three trends warrant your close attention in the new year.

In Light of NSA Revelations, companies Will Be Wary of the Cloud
For most businesses, 2013 was the year of the cloud. Companies that still hosted their email in house would in large part move that expense and aggravation to someone else. Microsoft SharePoint and other knowledge management solutions could be run in someone else’s datacenter, using someone else’s resources and time to administer, thus freeing your own people to improve other services or, gasp, work directly on enhancing the business.

But then Edward Snowden came around in June and started to release a series of damning leaks about the United States National Security Agency’s capability to eavesdrop on communications. At first, most folks weren’t terribly alarmed. But as the year wore on, the depth of the NSA’s alleged capabilities to tap into communications – both with and without service provider knowledge – started to shake the faith of many CIOs in the risk/benefit tradeoff for moving to cloud services.

For companies in heavily regulated industries, it’s hard to ignore the continued discovery of the depths to which the NSA has the capability to read data both in transit and at rest. Patient privacy records, sensitive financial transactions and any other data that must by law be kept private – is it now considered private? Can you warrant that to your customers? Can you warrant that to your regulators? Can you afford the risk that NSA access to your data represents? Is it even something that you can control, or do you just ignore it and hope for the best? (That is said with no judgment; given the realities of your business, that could very well be a valid strategy.)

How-to: 5 Tips to Keep Your Data Secure on the CloudMore: Who Can Pry Into Your Cloud-based Data?
In 2014, we’ll see a continued analysis of just what services make sense in the cloud, but some old cherished low-hanging fruit, like email and collaboration, will no longer be considered “easy wins” because of these continuing allegations. Perhaps the cloud will not be the default choice going forward but, rather, a choice made after careful study of the environment, using these PRISM leaks as one important bit of context.

Microsoft’s CEO Search Will Define the Future of Their Products in Your Organization
The biggest story of the first part of 2014 will undoubtedly be Microsofts selection for only its third CEO in its history. This job is one of the most important positions in the technology industry; who is selected, and what he or she does in her first 100 days, will set the tone for the next five to 10 years.

Reports as of the Monday morning after Thanksgiving 2013 suggest that the Microsoft board of directors has narrowed its potential selections to two: Satya Nadella, the current chief of servers and tooling at the company, and outsider Alan Mulally, who currently is in charge of the Ford Motor Company and is widely credited for executing a fantastic turnaround of operations, profits, and shareholder return after joining the company from Boeing, a corporate neighbor of Microsoft. ( Mulally denies he’s interested in the Microsoft job, only heightening speculation.)

There are two main questions surrounding both the choice of chief executive and the immediate moves he makes in the first part of his tenure.

Will the new CEO continue the remake of Microsoft into a devices and services organization?
Steve Ballmer, the company’s current CEO, has tried to convert the software company into an organization that makes a variety of devices, such as tablets and phones, which connect to services that Microsoft runs. This has been done both to make those devices more rich and useful for the end user but also to monetize that usage through enhanced upgrade services, advertising revenue and subscription profits.

Of course, this represents a big switch from Microsoft’s traditional “pay us for the right to use this software in perpetuity” practice that propelled the business to its current height. Many investors and customers wonder if this transformation is beneficial to them. Will the new CEO elect to continue this transformation and carry on the vision of Steve Ballmer even after his departure? Or will the new CEO put pause on the progress and take a few months to assess whether that transformation is good for both Microsoft and its customers? The answers will have a big impact on the role Microsoft software and technology plays within your own business.

Will the cloud still be a huge focus of the company?
Will the continued preference of developing for Microsoft’ cloud-based services versus its traditional on-premises software erode the trust of corporate customers who still have significant investments in their existing on premises licenses?

Related: Why Microsoft SharePoint Faces a Challenging Future
Nowhere is this tension more evident than in the Exchange community, where Exchange Server 2013 customers feel as if they are a distant second cousin to the Office 365 subscription data center environment. Complaints abound, from poor patch quality to irregular updates to features arriving in Office 365 but not Exchange Server 2013 for some time. These on-premises customers, paying many thousands of dollars for their combined server and client access license fees, feel shafted on their investment. Will this tension bleed over into other areas? Is the Exchange model the new model, warts and all, for the company’s cloud focus? This is a trend to watch in 2014.

The Role of the Cloud Broker Will Emerge in 2014
Whatever Microsoft does and whatever the revelations about the NSA’s PRISM program mean for your business, the continued push around consumerization will mean more cloud services for your organization, not fewer. PRISM might eliminate email and other line of business data from being considered in a move to the cloud – but other, less sensitive data can still be stored in the cloud. The corporate IT department can take advantage of a number of cloud businesses that are designed to save money and lower the cost of access to data while revealing new insights and workflows that may not have been feasible for your organization before.

Blog: Dirty Secrets of Dropbox, Google Drive and Other Cloud Storage ServicesAlso: How to Find the Cloud Storage Service That’s Right for You
In 2014 that the cloud broker or cloud solution provider position will really come into its own and begin bearing fruit. Vendor neutral, pay-for-service cloud brokers will be able to consult on your situation and recommend both a provider and a strategy for making use of that provider’s products and services for any given task or workload.

IT departments will be in the drivers’ seats, able to really sit down with a knowledgeable set of professionals and figure out exactly what solution and what model works best. The cloud broker role will be best placed to help the furthering of the IT organization’s transformation from a cost center to a place where new revenues and profits are generated – an additional trend to watch in 2014.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Target hackers try new ways to use stolen card data

For the first time, hackers market stolen data with info on the location of store where card was used; experts say new strategy will slow detection

The techniques used by hackers to access credit and debit card data from target shoppers suggests that the cyber crooks have found a troubling new way to stay ahead of the latest fraud detection processes.

Security blogger Brian Krebs, who first reported the Target data breach news last week, said on Sunday that compromised cards are being marketed online with information on the state, city and ZIP code of the Target store where they were used.

Fraud experts say the location information will likely allow buyers of the stolen data to use spoofed versions of cards issued to people in their immediate vicinity, Krebs wrote. “This lets crooks who want to use the cards for in-store fraud avoid any knee-jerk fraud defenses in which a financial institution might block transactions that occur outside the legitimate cardholder’s immediate geographic region,” he said.

This is believed to be the first time that security experts have observed hyper-localized selling of stolen credit and debit card information following a retail breach.

Target last week disclosed that hackers had accessed data stored on some 40 million credit and debit cards belonging to shoppers who bought merchandise in its stores between Nov. 27 and Dec. 15.

The information exposed in the incident includes the cardholder’s name, the credit or debit card number, the card’s expiration date and the CVV security code used to activate the card in a store, Target said.

The breach is believed to have exposed data from cards distributed by most major U.S. credit card issuing banks and credit unions. JP Morgan Chase on Saturday announced that it had put restrictions on the amount that customers affected by the Target breach could spend or withdraw daily.

James Huguelet, an independent consultant who specializes in retail security, said Krebs’ report concurs sporadic reports after the breach that that stolen Target cards were used fraudulently in areas close to where the owners of the cards lived.

Local use of a card makes it more likely that the crooks can use it for a relatively long period of time before a block is put on it, he said. “That makes such cards much more valuable to a criminal. This is a very clever tactic to increase the monetary value of each stolen card. It’s one I’ve not seen used before,” Huguelet said.

Card thieves typically sell stolen data to buyers around he world, making it likely that fraud detection tools used by banks will detect the crimes.

Fraud detection tools used by banks and other card issuers look closely at the location where a card is used and the frequency of its use to determine potential criminal use. Banks often decline transactions or require additional authentication for card transactions that originate from new or unexpected locations.

Such detection is harder when a stolen card is used within the area where the card is typically used.

“Whoever is behind this breach appears to have a tremendous amount of not only technical, but also retail operations and payment industry knowledge. This could indicate someone who has previously worked in the retail payments industry.” Huguelet said.

Gartner analyst Avivah Litan said that card issuers and others have to significantly ramp up fraud detection capabilities to deal with the new threat.

“It’s very significant because it shows how sophisticated the criminals are,” Litan said. “They are trying to avoid being spotted by fraud detection systems that check the location of a transaction against the individual’s home zip code and the location of that individual’s most recent transactions.”

This level of sophistication, combined with the sheer large volume of active cards that were compromised, makes fraud detection far more difficult, Litan said. “Companies will need to beef up their fraud detection capabilities and strategies to overcome the criminals’ tactics, which is not a simple task and which does not happen overnight,” she said.

Major data breaches often have provided a window into the systemic weaknesses exploited by cyber criminals to infiltrate networks and to profit from data theft.

The 2007 breach at TJX Companies, in which hackers accessed data on 45 million credit and debit cards, showed how easily a poorly protected wireless network can be exploited to gain access to a payment network. Massive data compromises at Heartland Payment Systems and Hannaford Brothers in 2009 hammered home the dangers of SQL injection flaws in Web application software.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com



Microsoft manager charged with insider trading

SEC says Brian Jorgenson, friend, reaped $393,000 in effort to start hedge fund

A Microsoft portfolio manager and his business partner are charged with insider trading that profited them $393,125.

According to the SEC, Brian Jorgenson of Lynwood, Wash., leaked confidential information about upcoming Microsoft announcements to his partner Sean Stokke of Seattle in order to parlay profits, which they then split.

+ Also on Network World: ZeroAccess bot-herders abandon click-fraud network | 13 FREE! Windows 8.1 apps to make you more productive +

Their goal, the SEC says, was to stockpile enough cash to start a hedge fund.

“Abusing access to Microsoft’s confidential information and generating unlawful trading profits is not a wise or legal business model for starting a hedge fund,” said Daniel M. Hawke, chief of the SEC Enforcement Division’s Market Abuse Unit and director of the SEC’s Philadelphia Regional Office.

The U.S. Attorney in Washington is seeking criminal charges.

The SEC cited three instances when the pair conspired to commit insider trading.

The first, from April 2012, called for investing $14,000 in Microsoft just before it announced it was investing $300 million in Barnes & Noble’s e-reader, Nook. That reaped them $185,000 when Microsoft’s stock rose after the announcement.

The second instance was that they bought $50,000 of Microsoft stock options in July 2013 at a low price just before Microsoft announced its quarterly earnings would be off more than 11% from what was expected. When the stock dropped after the announcement, Stokke sold at a profit of $195,000.

The third charge says Jorgenson told Stokke Microsoft’s quarterly earnings in October 2013 would be higher than expected. They bought more than $45,000 in a fund that included Microsoft stock, then sold it when the fund went up on the release of the news. They netted $13,000.

The SEC wants the pair to pay back their ill-gotten gains and fines, and to bar Jorgenson from becoming a director or officer of a corporation.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com



2013 computer crime blotter

Anonymous, LulzSec members and plenty of others sent to the slammer for exploiting technology and human flaws

Prisons around the world this year made way for techie criminals alongside the more garden variety murderers, thieves and schemers.

Here’s a rundown of those who got sent to the slammer this year for tech-related crimes (based on a compilation of reports from the IDG News Service and Network World’s other sister sites):

• Hacker sentenced to 18 months for peddling computer access to US national security lab
A Pennsylvania man who hacked into multiple corporate, university and government computer networks and tried to sell access to them, including supercomputers from a U.S. national security laboratory, was sentenced in December to 18 months in prison.

Andrew Miller, 24, pleaded guilty in August to one count of conspiracy and two counts of computer fraud for actions committed between 2008 and 2011, when he was part of the Underground Intelligence Agency hacking group, the U.S. Department of Justice said. Miller asked an undercover FBI agent in 2011 for $50,000 in exchange for access to two supercomputers at the Lawrence Livermore National Laboratory, according to the DOJ.

*Man who hacked celebrity email accounts sentenced to prison
A man who admitted to illegally accessing email accounts belonging to more than four dozen celebrities to steal their private photos and confidential documents was sentenced in December to 10 years in federal prison by a U.S. District Court judge in Los Angeles.

Christopher Chaney, 36, of Jacksonville, Fla. was also ordered to pay a fine of more than $66,000 as restitution for his crimes. Chaney was arrested in November 2011 and has been in custody since March, when he pleaded guilty to nine felony counts, including unauthorized access to computers and wiretapping. He faced a maximum of more than 120 years in prison.

+ Also from Network World: Businesses offer best practices for escaping Cryptolocker hell +

According to the U.S. Attorney’s office in Los Angeles, Chaney gained access to the email accounts of Mika Kunis, Scarlett Johansson, Renee Olstead and dozens of other celebrities by resetting their passwords using the “forgot your password” feature. Chaney apparently used publicly available information on the celebrities to correctly answer the security questions needed to reset the passwords on the Gmail, Apple and Yahoo email accounts they used.

(via Jaikumar Vijayan, Computerworld)

*Wisconsin man sentenced for participating in Anonymous DDoS
A man from Wisconsin was sentenced in December for participating in a DDoS (distributed denial-of-service) attack by hacker group Anonymous on a Kansas company.

Eric J. Rosol, 38, is said to have admitted that on Feb. 28, 2011, he took part in a denial-of-service attack for about a minute on a Web page of Koch Industries — Kochind.com, using software called a Low Orbit Ion Cannon Code, which was loaded on his computer. LOIC is a popular DDoS tool used by Anonymous and other online attackers to overload websites with requests and disrupt the target server.

*Judge sentences Anonymous hacker to 10 years in prison
A member of the hacker group Anonymous was sentenced in November to 10 years in prison for hacking into the computers of a geopolitical analysis firm. Jeremy Hammond, 28, in May pled guilty to one count of conspiracy to engage in computer hacking under the Computer Fraud and Abuse Act. He was sentenced by Chief U.S. District Judge Loretta Preska during a hearing at the federal district court for the Southern District of New York in New York.

Hammond, of Chicago, was arrested in March 2012 and charged with hacking into the computer system of analyst company Strategic Forecasting, also called Stratfor, and obtaining subscriber and credit-card information and emails, among other data. Ultimately, credit-card details, emails and cryptographic representation of passwords were leaked. The credit cards were used to make $700,000 in purchases.

* Two sentenced to prison for point-of-sale credit card theft
Two Romanian men were sentenced in September to serve prison sentences for remotely hacking into hundreds of U.S. merchants’ computers and stealing payment card data, the U.S. Department of Justice said.

Adrian-Tiberiu Oprea, 29, of Constanta, Romania, was sentenced to serve 15 years in prison, and Iulian Dolan, 28, of Craiova, Romania, was sentenced to serve seven years in prison during proceedings in U.S. District Court for the District of New Hampshire. The two men were charged with hacking into hundreds of point-of-sale (POS) computer systems and stealing payment card data, with co-conspirators compromising cards belonging to more than 100,000 customers, the DOJ said in a press release. The compromises caused losses of more than $17.5 million in unauthorized charges and remediation expenses, the DOJ said.

*Bradley Manning sentenced to 35 years for classified document leaks
A military court judge sentenced U.S. Army Pfc. Bradley Manning to 35 years in prison in August on charges related to his leaking a large store of classified documents to Wikileaks, according to a number of published and broadcast reports.

Manning had faced a maximum potential sentence of 90 years. The judge in his case reduced the maximum sentence from 136 years earlier this month. Manning was also dishonorably discharged from the military.

* ‘Western Express’ credit-card fraud prosecution ends
The last member of a $5 million global credit-card fraud ring was sentenced in August in New York state court, ending an eight-year investigation and prosecution.

Douglas Latta, 40, was sentenced to between 22 and 44 years in state prison, according to Manhattan District Attorney Cyrus R. Vance Jr. in a news release on Thursday. Latta was part of a wide-ranging scheme that stole and sold more than 95,000 credit card numbers online as part of a group known as the “Western Express.”

* Pirate Bay co-founder sentenced to two years in prison for hacking
Gottfried Svartholm Warg
Gottfrid Svartholm Warg, the co-founder of Pirate bay, is pictured in Stockholm, February 16, 2009. (Reuters)

Pirate Bay co-founder Gottfrid Svartholm Warg was sentenced in June to two years in prison by a District Court in Sweden for multiple data intrusions, attempted aggravated fraud and aggravated fraud. An appeal reduced the sentence to one year.

The data intrusion charge is related to the hacking of a mainframe belonging to Logica, now CGI, an IT firm that provided tax services to the Swedish government, and a mainframe of Nordea bank. The fraud charges stem from a number of attempted money transfers from accounts at Nordea, of which one was successful. Two of the attempts that were part of the case were dismissed. The receiving bank couldn’t find a record of one transfer attempt, and the other transfer was interrupted, according to prosecutor Henrik Olin.

* Phishing gang jailed for plundering woman’s $1.6 million life savings
A heartless phishing gang that stole and frittered a British woman’s entire $1.6 million life savings on items including “gold and cheeseburgers” was handed heavy sentences in May by a judge at London’s Southwark Crown Court.

Nominal ringleader, Nigerian national Rilwan Adesegun Oshodi, was sentenced to eight years in prison and ordered to pay back $1.6 million under the Proceeds of Crime Act, although this might prove difficult given that the stolen money has reportedly already been spent.

The man who phished the victim’s bank account details and then sold the information to Oshodi, Egyption Tamer Hassanin Zaky Abdelhamid, was sentenced to six years and ordered to pay a heavy fine under the Proceeds of Crime Act.

* Four former LulzSec members sentenced to prison in the UK
Four British men associated with the LulzSec hacker collective received prison sentences in May for their roles in cyberattacks launched by the group against corporate and government websites in 2011.
Mustafa al-Bassam
Mustafa al-Bassam arrives at Southwark Crown Court in central London May 15, 2013. (Reuters)

Ryan Cleary, 21, Jake Davis, 20, Ryan Ackroyd, 26, and Mustafa Al-Bassam, 18, were sentenced Thursday in London’s Southwark Crown Court after previously pleading guilty to charges of carrying out unauthorized acts with the intention of impairing the operation of computers.

Davis, who was known online as “Topiary,” received a two-year prison sentence. He acted as a spokesperson for LulzSec, writing some of the hacker group’s announcements and managing its website and Twitter account.

*Operator of German file-sharing site sentenced to almost four years in prison
A 33-year-old man was sentenced in May to three years and 10 months in prison by a German court for running the torrent site torrent.to between December 2005 and April 2008. He was sentenced by the local court of Aachen on April 30 for the commercial and unauthorized exploitation of copyrighted works, said the German Society for the Prosecution of Copyright Infringement (GVU) in a news release.

The man, who was only identified by the GVU as Jens R., was the former owner of torrent.to, a site that continues to operate under a new owner since 2008, and the GVU still aims to take down.

* Former LulzSec member gets prison sentence for Sony Pictures hack
Cody Andrew Kretsinger, a 25-year-old man from Decatur, Illi., was sentenced in April to one year in federal prison for his role in a May 2011 breach of a Sony Pictures website and database.

At the time of the intrusion Kretsinger, who used the online alias “recursion,” was a member of a hacker group called Lulz Security, or LulzSec, that went on a hacking spree during the first half of 2011. The group was affiliated with the international Anonymous hacktivist collective.

* AU Optronics executive sentenced for LCD price-fixing
A former executive with AU Optronics was sentenced in April to serve two years in prison and pay a $50,000 fine for participating in a worldwide LCD screen price-fixing conspiracy, the U.S. Department of Justice said.

Shiu Lung Leung, former senior manager of AU Optronics’ desktop display business group, was sentenced for price fixing in U.S. District Court for the Northern District of California. AU Optronics, based in Hsinchu, Taiwan, and its U.S. subsidiary, AU Optronics America, headquartered in Milpitas, Calif., were found guilty in March 2012, for participating in the thin-film transistor-liquid crystal display (TFT-LCD) price-fixing conspiracy, after an eight-week trial.

*Romanian citizen sentenced to five years in phishing scheme
A 28-year-old Romanian man was sentenced in March to five years in prison for his role in a phishing scheme, as part of a seven-year investigation by the U.S. Department of Justice.

Cristian Busca, who was sentenced in U.S. District Court in New Haven, Conn., pleaded guilty last November to one count of conspiracy to commit access device fraud, the DOJ said in a news release. He was extradited to the U.S. in December 2011. Prosecutors alleged that Busca possessed more than 10,000 stolen debit or credit card numbers in his email accounts.

Busca was part of a group based in Craiova, Romania, that amassed victims’ payment card details, PINs and Social Security numbers. They used the information to make fraudulent withdrawals from people’s accounts by creating counterfeit payment cards and taking out lines of credit.

* AT&T hacker ‘Weev’ sentenced to 41 months for iPad leak
Alleged hacker Andrew ‘weev’ Auernheimer in March was given an unforgiving prison sentence of 41 months for his part in the hugely embarrassing 2010 compromise of 114,000 iPad-using AT&T customers.

Found guilty in November of 2012, 26-year-old Auernheimer’s prison sentence is likely to become only the latest contentious chapter in complex story that has sharply divided opinion. As part of the ‘Goatse Security’ group, Auernheimer styled himself as a security researcher who did nothing more untoward than reveal a weakness on AT&T’s website that was of its own making.

(via John Dunn of Techworld)

* Dutch man sentenced in US to 12 years in credit card scam
A 22-year-old Dutch man who sold credit card details online was sentenced in February to 12 years in a US prison in a fraud prosecutors alleged caused more than $63 million in damages, according to the Department of Justice.

David Benjamin Schrooten, who was extradited from Romania last June, was part of a team that stole more than 100,000 credit card numbers and sold the details to other criminals on Kurupt.su, a so-called “carding” website or underground marketplace for stolen payment card data. He was sentenced in U.S. District Court for the Western District of Washington in Seattle, a DOJ news release said.

*Steve Jobs’ house burglar gets seven-year sentence
The man who broke into the Palo Alto, Calif., home of late Apple CEO Steve Jobs and stole laptops, iPads and other possessions was sentenced in January to seven years in a California state prison.

Kariem McFarlin, 35, was arrested in August last year by officers from the Rapid Enforcement Allied Computer Team, a Silicon Valley-based high-tech crime unit formed by local, state and federal law enforcement agencies.
REACT officers found McFarlin with help from Apple security, which tracked where the stolen devices were being used by matching their serial numbers with connections to Apple iTunes servers. The IP address in use matched a line in McFarlin’s apartment in nearby Alameda that was also being used by an Apple device registered to a member of his family, according to a police report.

* Internet piracy group leader sentenced to five years in prison
The leader of a U.S. online piracy group that covertly recorded movies showing in theaters and offered them online was sentenced in January to five years in prison.

Jeramiah Perkins headed a group that called itself “IMAGiNE,” which used camcorders as well as FM and infrared receivers to capture video and audio of movies, according to an indictment filed April last year in U.S. District Court for the Eastern District of Virginia, where he was sentenced. The captured files were then uploaded to the group’s servers and later pieced together and edited to reproduce the movies.

* Two former Anonymous members jailed in UK for PayPal, Visa DDoS attacks
Three men were sentenced in the U.K. in January for their roles in a series of distributed denial-of-service (DDoS) attacks launched against financial and music industry organizations in 2010 by the Anonymous hacktivist collective.
Christopher Weatherhead, 22, of Northampton and Ashley Rhodes, 28, of Camberwell, London, received prison sentences of 18 months and 7 months respectively for conspiracy to impair the operation of computers, a representative of the Southwark Crown Court Clerk’s Office in London said Friday.

Another co-conspirator, Peter Gibson, 24, of Hartlepool, received a six-month prison sentence suspended for two years and 100 hours of community service, the court’s representative said.

The conspiracy charges brought against the three men were in connection with DDoS attacks launched in 2010 against PayPal, MasterCard, Visa, the British Phonographic Industry (BPI), the Ministry of Sound record label and the International Federation of the Phonographic Industry. These attacks were part of an Anonymous DDoS campaign called Operation Payback.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com



Microsoft tries to lure Gmail users with automated Outlook.com migration tool

The announcement comes after Outlook.com suffered several outages and interruptions this year

Microsoft has opened another front in its webmail war against Google with the release of a new tool designed to automate the migration process for Gmail users who want to switch to Outlook.com.

The functionality, built into Outlook.com, guides users through a step-by-step process that Microsoft describes as very easy and that transfers messages and contacts from Gmail to the Microsoft webmail service. The tool doesn’t migrate calendar data.

“The structure of your inbox, including read/unread status of your emails, will be preserved. The new tool will even set up your Gmail address as a ‘send-only’ account so you can continue to send email from your @gmail.com address, right from Outlook.com, if you still want to,” wrote Microsoft official Naoto Sunagawa in a blog post Wednesday.

Microsoft launched Outlook.com in mid-2012, saying the service, which eventually replaced Hotmail, was a top-to-bottom reinvention of webmail from the user interface to the back-end platform that provided significant improvements over Gmail, Yahoo Mail and other competitors.

Along with the rollout of Outlook.com, Microsoft has attacked Google via its Scroogled marketing campaign, in which Microsoft argues that Gmail disrespects its users’ privacy by matching ads to the text of their messages and positions Outlook.com as an alternative that is more privacy-friendly.

By going after Gmail in the consumer webmail market, Microsoft is also looking out for its enterprise email and collaboration products, like its Office 365 cloud suite, which includes Exchange Online, according to Gartner analyst Matthew Cain. In addition to being a free webmail application for individuals, Gmail is also part of Google Apps, a workplace email and collaboration suite that competes against Office 365.

“Microsoft is well aware that consumer preferences can impact enterprise decisions for social and collaboration services, including email. The popularity of Gmail, for example, may contribute to the decision for an organization to chose Google Apps over Office 365. Microsoft, therefore, may be interested in poaching Gmail seats to buttress its enterprise efforts around Office 365,” Cain said via email.

However, Outlook.com has been hit by several high-profile outages and bugs this year, and there are indications that the service is misfiring on the business side of things as well.

In October when it reported its first fiscal quarter financial results, Microsoft said its 31 percent year-on-year revenue drop in display advertising was caused “mainly” by a drop in ads in Outlook.com.

Among this year’s Outlook.com service interruptions are an extended incident that made it malfunction in different ways for several consecutive days in August, and an outage in March.

In fact, in July, Microsoft marked Outlook.com’s one-year anniversary with a long list of positives, but also acknowledged that the service hasn’t been as stable as expected.

“We had some bumps over the last year and there were places where our performance hasn’t met the high standard we set for ourselves,” Dick Craddock, group program manager of Outlook.com, wrote in that blog post, published July 31.

There are about 400 million active Outlook.com accounts, according to Microsoft.

Cisco CCNA Training, Cisco CCNA Certification

Best CCNA Training and CCNA Certification and more Cisco exams log in to Certkingdom.com




18 Hot IT Certifications for 2014

For years premium pay for IT certifications has been on the decline, but top pay for IT certifications has increased for two consecutive quarters and is up 1.5 percent; the largest quarterly increase since 2006. Read along as we look at the IT certifications predicted to grow in early 2014.

18 Hot IT Certifications for 2014
Foote Partners just released the November update to their quarterly report, the 2013 IT Skills Demand and Pay Trends Report in which they look at both certified and non-certified IT skills, 641 in all. They use what David Foote, founder and CEO of Foote Partners, refers to as, “a specialized methodology for collecting, and validating compensation data for workers with identical jobs titles that need to be differentiated pay-wise for specific IT and tech skills they possess.”

There are some surprising changes to the market over the last two quarters. The certified skills that seem to be flourishing the most fall into the architecture, engineer, security and database categories.

Certified in Risk and Information Systems Control (CRISC)
Premium pay for this ISACA certification has risen 9.1 percent in the last three- and six-month periods. In general, IT certifications from ISACA tend to center on IT governance. Originally offered in 2010, this certification focuses specifically on risk management. “The CRISC is awarded to those experienced in business and technology risk management, and the design, implementation, monitoring and maintenance of IS control,” according to CRISC.

Vendor: ISACA
Certification: Certified in Risk and Information Systems Control (CRISC)


A minimum of three years of cumulative work experience executing the tasks of a CRISC pro across at least three CRISC domains.
Take and pass the CRISC exam
Adhere to the ISACA Code of Professional Ethics
Meet the terms of CRISC Continuing Education…

CWNP Certified Wireless Security Professional
Wireless security is hot, according to Foote, who goes on to say, “CWNP is a really small company and for them to be on this list is a headline.” This wireless security certification has been riding high. Premium pay is up 35 percent over the last 12 months, 28 percent in the last six months and 20 percent in the last three months, making it a marketable bullet point on your resume.

This advanced certification teaches individuals how to securely set up and run enterprise wireless LAN.

Vendor: CWNP
Certification: Certified Wireless Security Professional


To earn the CWSP certification, you must pass two exams

CWNP/Certified Wireless Network Expert
Here is another CWNP certification that is seeing a huge spike in premium pay. Value/demand for this role is up 42 percent in the last 12 months, 37.3 percent in the last six months and 30 percent in the three months.

This is the highest level of certification offered by CWNP. Recipients should have a mastery of skills relating to the installation, configuration, troubleshooting of enterprise Wi-Fi networks.

Vendor: CWNP
Certification: Certified Wireless Network Expert


Valid and current CWSP, CWAP and CWDP certifications (requires CWNA).
Three years of documented enterprise Wi-Fi implementation experience.
Three professional endorsements.
Two other current, valid professional networking certifications.
Documentation of three enterprise Wi-Fi (500 word essays.)
Re-certification every three years.

GIAC Certified Forensics Analyst (GCFA)
This intermediate forensics certification is targeting individuals in the information security, incident response and computer forensics field who focus on only Windows and Linux operating systems. Value/demand for this role has climbed an impressive 16.7 percent in the last 12 months.

Vendor: GIAC
Certification: Certified Forensics Analyst (GCFA)


One proctored exam
115 questions
Time limit of three hours
Minimum Passing Score of 69 percent

*No Specific training is required for any GIAC certification.

HP/Accredited Solutions Certification
Each of these HP certifications has seen gains of at least 9 percent over the last two quarters and Foote Partners is predicting that this trend will continue for at least the next three-six months. There are a number of different certifications offered.

Vendor: HP
HP/Accredited Solutions Expert (ASE – all)
HP/Master Accredited Solutions Expert (MASE – all)
HP/Master Accredited Systems Engineer (Master ASE)

You can download the different HP certification paths here

Information Systems Security Engineering Professional (ISSEP/CISSP)
Developed with input from the NSA, this vendor-neutral security certification is about integrating security into all forms of information systems applications and projects. In a recent interview David Foote, the CEO mentioned that employers are paying less for security in a time where security is at the forefront, an interesting trend an keep an eye on.

Demand/pay premium has risen 8.3 percent in the last 12 months, 30 percent in the last six months and 18.2 percent in the last three months.

Vendor: ISC2
Certification: Information Systems Security Engineering Professional (ISSEP/CISSP)

There are several prerequisites for these IT security certifications.

Microsoft Certified Architect (MCA)
Microsoft announced in late August that this certification and others would be retired as of December 31 with no clear replacements, angering many people who are current or on the path to Microsoft’s highest level IT certifications. We reached out to Microsoft and was told that the program was too costly and time consuming for both MCSM candidates and Microsoft. They are now investigating future ways to make this program more scalable.

With that said, premium pay for this cert rose more than 10 percent in the last quarter and will likely continue to do so, according to Foote Partners.

Vendor: Microsoft
Certification: Microsoft Certified Architect (MCA)

Microsoft Certified Solutions Master (all)
This is another elite Microsoft certification that is being retired December 31st with no clear successor. However, employers are still willing to pay extra for these certifications. Individuals with this certification, according to Microsoft, have the deepest level of product expertise.

Here is Microsoft official statement on why the certifications are being retired: “The IT industry is changing rapidly and we will continue to evaluate the certification and training needs of the industry to determine what the right certification is for the pinnacle of our program.”

Vendor: Microsoft
Certification: Microsoft Certified Solutions Master (all)

Open Group Certified Architect (Open CA)
Currently, this vendor-neutral certification is focused squarely on IT architecture, but according to the Open Group website, the plan is to incorporate more business and enterprise architecture into the programs. Employers have paid a premium of 16.7 percent over the last 12 months to individuals with this certification under their belt.

Vendor: Open Group
Certification: Open Group Certified Architect (Open CA)

The program is based upon four key documents:

The Certification Policy, which sets out the policies and processes by which an individual may achieve certification.
The Conformance Requirements, in which the skills and experience that a Certified Architect must possess are documented
The Accreditation Requirements

Conformance requirements for the Open Ca program can be found here

Open Group Master Architect
Another vendor-neutral certification from the Open Group, this is the 2nd level of architect certification it offers. Business and enterprise architect certifications are in development but currently the focus is on IT architecture.

Premium pay for this architect certification is up 14.3 percent in the last 12 months and is forecasted to grow in the next three-six months.

Vendor: Open Group
Certification: Open Group Master Architect

Candidates must meet experience and skills requirements, Certification Policy, either from the Open Group or an ACP.

The Open Group Certified Architect (Open CA) program requires candidates to submit a comprehensive certification package detailing their skills and experience gained on working on architecture related projects, followed by a rigorous peer review process.

Oracle Certified Expert MySQL 5.1 Cluster Database Administrator
This certification was formerly known as MySQL Cluster Database Administrator (SCMCDBA). IT pros with his certification are experts at administrating designing, deploying, configuring and maintaining databases that utilize MySQL cluster technology and they are in demand in the enterprise according to Foote Partners 2013 IT Skills Demand and Pay Trends Report. Premium pay for this certification is up a 37.5 percent over the last 12 months.

Vendor: Oracle
Certification: Oracle Certified Expert MySQL 5.1 Cluster Database Administrator

You must have one of the certifications below first:

Oracle Certified Professional, MySQL 5 Database Administrator


Sun Certified MySQL Database Administrator (SCMDBA)
Then you need to pass the exam

Oracle Certified Professional MySQL 5 Database Administrator
IT pros awarded this IT certification have mastered all Oracle server related issues. Premium pay/demand for this certification is up 12.5 percent over the last six months.

Vendor: Oracle
Certification: Oracle Certified Professional MySQL 5 Database Administrator

You must pass these two exams to get certified:
1Z0-873 MySQL 5 Database Administrator Certified Professional Exam, Part I
1Z0-874 MySQL 5 Database Administrator Certified Professional Exam, Part II

Oracle Database Administrator Certified Master
Oracle’s master level certification has risen 8.3 percent in value/demand over the last 12 months. Database certifications are another area that, according to Foote, is a headline. These certifications have been declining for years but recently the pay premium for them has risen. “What’s driving this is not the relational database stuff but the non-relational database stuff. It’s the NoSQL stuff. We’re seeing a lot of spending in data analytics, but we don’t see companies getting a lot out of it,” says Foote.

Vendor: Oracle
Certification: Oracle Database Administrator Certified Master

There are several paths to this certification.

PMI Risk Management Professional
The PMI-RMP certification ensures that the holders are capable risk management professionals schooled in international best practices for managing project and operational risks. Premium pay for this certification has risen 9.1 percent over the last year.

Vendor: PMI
Certification: PMI Risk Management Professional

A secondary degree (high school diploma, associate’s degree or the global equivalent), with at least 4,500 hours of project risk management experience and 40 hours of project risk management education.


A four-year degree (bachelor’s degree or the global equivalent), with at least 3,000 hours of project risk management experience and 30 hours of project risk management education.

Program Management Professional (PgMP)
The vendor-neutral program management professional certification from PMI is a way to demonstrate your ability to oversee several projects and programs. Premium pay is up 7.7 percent in the last 12 months and is expected to continue upward, according to Foote Partners research.

Vendor: PMI
Certification: Program Management Professional (PgMP)

A secondary degree (high school diploma, associate’s degree, or the global equivalent), with at least four years (6,000 hours) of project management experience and seven years (10,500 hours) of program management experience.


A four-year degree (bachelor’s degree or the global equivalent), with at least four years (6,000 hours) of project management experience and four years (6,000 hours) of program management experience.

Program Management Professional (PgMP)
The vendor-neutral program management professional certification from PMI is a way to demonstrate your ability to oversee several projects and programs. Premium pay is up 7.7 percent in the last 12 months and is expected to continue upward, according to Foote Partners research.

Vendor: PMI

Red Hat Certified Architect (RHCA)
The RHCA is Red Hat’s highest level of certification and recipients must hold the RHCE as a prerequisite. From deployment to systems management in larger enterprise environments this is the top tier. This certification has grown 25 percent in the last three months and is expected to trend upward in the next 3 to 6 months according to Foote Partners.

Vendor: RedHat
Certification: Red Hat Certified Architect (RHCA)

RHCE certification must be current in order to be eligible.
Earn the following Red Hat Certificates of Expertise:
Deployment and Systems Management
Directory Services and Authentication or Red Hat Certified Virtualization Administrator
Clustering and Storage Management
Security: Network Services or Red Hat Certificate of Expertise in Server Hardening
Performance Tuning

Teradata: Certified Enterprise Architect
Premium Pay for this architect certification is up 11.1 percent over the last 12 months. It’s made gains in the last three quarters and is expected to continue to grow. IT pros with this advanced certification will have an advanced knowledge of Teradata fundamentals such as SQL, design and implementation. It’s associated with data warehousing and big data.

Vendor: Teradata
Certification: 12 Certified Enterprise Architect

Candidate must currently hold one of the certifications below.
Teradata 12 Certified Technical Specialist
Teradata 12 Certified Database Administrator
Teradata Certified Solutions Developer
Teradata 12 Certified Enterprise Architect
Candidate must be in good standing with the TCPP program and not have violated security policies and procedures on the previous certification track.

MCTS Training, MCITP Trainnig

Microsoft ends Windows 7 retail sales

Microsoft ends Windows 7 retail sales
Sets October 2014 cut-off for sales to OEMs

Microsoft has quietly ended retail sales of Windows 7, according to a notice on its website.

The company’s policies for shutting off sales to retailers and shipping licenses to OEMS (original equipment manufacturers) are posted on its site, which was recently updated to show that Windows 7’s “retail end of sales” date was Oct. 30.

The next deadline, marked as “End of sales for PCs with Windows preinstalled,” will be Oct. 30, 2014, less than a year away.

Microsoft’s practice, first defined in 2010, is to stop selling an older operating system in retail one year after the launch of its successor, and halt delivery of the previous Windows edition to OEMs two years after a new version launches. The company shipped Windows 8, Windows 7’s replacement, in October 2012.

As recently as late September, the last time Computerworld cited the online resource, Microsoft had not filled in the deadlines for Windows 7. At the time, Computerworld said that the end-of-October dates were the most likely.

A check of Microsoft’s own online store showed that the company has pulled Windows 7 from those virtual shelves.

In practical terms, the end-of-retail-sales date has been an artificial and largely meaningless deadline, as online retailers have continued to sell packaged copies, sometimes for years, by restocking through distributors which squirreled away older editions.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Today, for example, Amazon.com had a plentiful supply of various versions of Windows 7 available to ship, as did technology specialist Newegg.com. The former also listed copies of Windows Vista and even Windows XP for sale through partners.

Microsoft also makes a special exception for retail sales, telling customers that between the first and second end-of-sale deadlines they can purchase Windows 7 from computer makers. “When the retail software product reaches its end of sales date, it can still be purchased through OEMs (the company that made your PC) until it reaches the end of sales date for PCs with Windows preinstalled,” the company’s website stated.

The firmer deadline is the second, the one for offering licenses to OEMs. According to Microsoft, it “will continue to allow OEMs to sell PCs preinstalled with the previous version for up to two years after the launch date of the new version” (emphasis added).

After that date, Microsoft shuts off the spigot, more or less, although OEMs, especially smaller “white box” builders, can and often do stockpile licenses prior to the cut-off.

But officially, the major PC vendors — like Dell, Hewlett-Packard and Lenovo — will discontinue most Windows 7 PC sales in October 2014, making Windows 8 and its follow-ups, including Windows 8.1, the default.

Even then, however, there are ways to circumvent the shut-down. Windows 8 Pro, the more expensive of the two public editions, includes “downgrade” rights that allow PC owners to legally install an older OS. OEMs and system builders can also use downgrade rights to sell a Windows 8- or Windows 8.1-licensed system, but factory-downgrade it to Windows 7 Professional before it ships.

Enterprises with volume license agreements are not at risk of losing access to Windows 7, as they are granted downgrade rights as part of those agreements. In other words, while Microsoft may try to stymie Windows 7 sales, the 2009 operating system will long remain a standard.

As of the end of November, approximately 46.6% of all personal computers ran Windows 7, according to Web measurement vendor Net Applications, a number that represented 51.3% of all the systems running Windows.

Examkingdom Releases Training Courseware and Test Prep for the MCSE 2012 Private Cloud Certification

Prove your expertise in managing and implementing Microsoft private cloud computing technologies with Examkingdom.

Examkingdom is pleased to announce the addition of its Training Courseware and Certkingdom Test Prep for the 70-246 and 70-247 MCSE 2012 Private Cloud Certification exams.

For professionals seeking to expand their career path, cloud computing has become the dominant IT protocol in corporate culture. Cloud computing and cloud-related skills represent virtually all IT growth opportunities through 2015. Businesses worldwide are in need of IT professionals with verifiable experience in private cloud implementation. The MCSE 2012 Private Cloud certification equips IT professionals to build private cloud solutions which can elevate IT service delivery within companies.

Required prerequisite for the MCSE 2012 Private Cloud is the MCSA: Windows Server 2012 certification. Earning an MCSE 2012: Private Cloud certification will qualify candidates for such jobs as server administrator, systems programmer, and network manager.

Examkingdom Training Courseware will help develop a thorough understanding and real world knowledge of Microsoft’s approach to cloud computing. Combined with Certkingdom Test Prep, Examkingdom ensures you maximize the learning experience for success on exam day. Let Examkingdom assist in expanding your career to a Microsoft Certified Solutions Expert today.

About Examkingdom
Examkingdom was founded in 2010 to assist individuals and organizations with preparing for and passing IT certification exams. Since our inception, our industry recognized materials have assisted countless people in growing their knowledge and advancing their careers. Examkingdom develops and sells labs, training videos, practice test software, audio preparation programs, study guides and flash cards for the Information Technology, Financial and Trade marketplaces.



MCTS Certification, MCITP Certification

Best Microsoft MCSE Certification, Microsoft MCSE Training at examkingdom.com

8 iPad Apps That Are Complex, Powerful and Advanced

Most people don’t think of the iPad as a high-end computing device. These eight apps prove otherwise.

The iPad isn’t known as a high-end computing device. Most users will buy the iPad Air because of the games and consumer apps like Skype and Evernote. However, there are many advanced apps that use a wealth of back-end data, provide a high-quality video stream, and can handle processing tasks normally reserved for a Windows or Mac computer. Here’s a look at eight robust apps with uses as varied as home security, computer-assisted design and stock trading.

Vivint: Advanced Home Security
Vivint is a security and connected home service, and the Vivint app for iPad is one of the most advanced offerings around. It’s not just a “viewer” with simple lock and unlock controls: The app also lets you adjust your home temperature, view live security camera feeds, arm and disarm the security system and control lighting. You can also see a history of all connected home events — each time the front door was opened, for example — and you can lock all doors or shut off all lights in one click. The app itself is free, but security systems and video and connected home system pricing varies.

Wolfram Alpha: Math and Science at Your Fingertips
Having quick access to a wealth of knowledge isn’t always a good fit for the iPad. After all, the device has a limited amount of memory for local storage, and its mobile processor is designed for email and Web browsing. The Wolfram Alpha app ($2.99) proves you can do real work on a tablet. Thanks to an extensive back end (Wolfram has thousands of servers processing requests), you can search for answers related to mathematics, thermodynamics, physics, chemistry and much more using a simple search field. There’s a browsing component as well; you can use the Examples sidebar to create queries and search the vast research archive.

NGRAIN: 3-D Augmented Reality Player
This app, free for NGRAIN Augmented Reality users, provides a 3-D augmented reality overlay on top of a physical object. It might be used to explain how to fix a part in a vehicle or overlay a medical drawing over a piece of human anatomy. The app uses millions of data points, or voxels, that are fed to the iPad in real-time. Each voxel can contain measurements, such as the temperature of the object or size. The diesel pump shown at left consists of 376 parts and 1.2 million polygons — yet NGRAIN manages to reduce this massive CAD image down to about 7MB to work on the iPad.

New Relic: Track Website Transactions
This app gives you access to the New Relic service (free), which tracks website transactions and back-end application activity in real time. Importantly, the app is not a simplified viewer. An ecommerce retailer can monitor about 85,000 transactions per minute, for example, and not just a simple subset of those transactions. The app has the same color-coded charts as the Web-based New Relic app to help make those massive data sets easier to comprehend.

Bloomberg: Visualization Tool for Financial Data
Another highly complex app that does a good job of making the information accessible, the Bloomberg visualizer (free) shows data for equity indexes, bonds, futures, commodities and currencies, along with breaking news and info about the debt crisis. You can also track your personal holdings and use tools such as Leaders & Laggers to help you with investments. The app also lets you browse video and audio clips. The home page gives you a quick snapshot of performers using color-coded queues for stock prices.

MLB at Bat: Everything a Baseball Fan Could Ever Want
For diehard baseball fans, especially those who want to track offseason activities, this Major League Baseball app shows how data-driven the iPad can be. There are full stats available, including those for pitching, batting and fielding — all of which the MLB recently added. You can listen to real-time audio for current games and see real-time indicators for each pitch and hit. MLB At Bat recently added classic game videos and highlights. Finally, stats are searchable by player, team or keyword. Price depends on a user’s subscription plan.

Weatherbug Elite: Check Weather, Avoid Lightning Strikes
The complexity of an app is often based on how much data it collects. Many weather apps just use data from the National Weather Service. Weatherbug Elite, meanwhile, culls from the NWS but also from a sensor network that tracks weather conditions and lightning. The app also lets you avoid lightning: Set your location and the app can send minute-by-minute reports on lightning strikes near you. This is in addition to the usual forecasts, maps and other weather data. The Elite version ($2.99) recently increased forecast algorithms from seven to 10 days.

Dish Anywhere: Watch Live TV, Manage Recordings
While some video players give you only basic options to watch a show, the Dish Anywhere app (free to Dish subscribers) includes a full remote control, the ability to search quickly for upcoming and recorded shows, schedule your recordings and adjust any conflicts and — of course — watch live television. Even the search function is advanced: You can query by show title, actor, network channel, keyword or genre. Dish Anywhere has a 5-star rating on iTunes after about 800 votes.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com