Friday, 20 December 2013

The skills you need to succeed in Big Data

In the New Year, companies will have to make a decision, whether to hire new talent for Big Data or train existing data management talent with new skills. It will be a crucial decision, because Big Data is the next big deal.

Organisations, utilising big data differ from those with traditional data practices, because they:

  • Pay attention to flows as opposed to stocks
  • Rely on data scientists and product and process developers as opposed to data analysts
  • Move analytics from IT into core business and operational functions

How does this manifest itself in business? Companies aim to measure customer sentiment or respond to breaks in train tracks in time to effect pre-emptive change. They need to analyse the data coming in from remote points as it flows in, not after it has been 'stocked' in a master database or migrated to a data warehouse.

They also need the statistical analysis skills to know which questions to ask of this data, and how to ask questions to arrive at new processes and even new products that the business sees commercial potential in. To get there, companies must have people possessing these technical skills as well as a strong business understanding.

In-demand skills to succeed

Nowadays, many businesses struggle to find suitable personnel, who tick all the boxes. Thus, the competition between Big Data professionals gets more intense, because those who really got the skills need to stand out. On a different note, Big Data in businesses doesn't run well without contributions from traditional data competencies; therefore the required skills are quite mixed.

“For instance, 59 per cent of companies responding to a 2012 survey conducted by analyst firm Information Difference said that their big data projects were 'highly linked' to their master data repositories. In many cases, master data (e.g. customer data, product data, and so on) was being used as 'vectors' into big data queries that began the process of probing piles of unstructured and semi-structured big data for clues on how customers react to certain offers, or how products were being accepted in certain markets, and so on.”

“In these cases, it was traditional master data that actually formed the core of what big data queries were constructed from — and so it was no surprise that 67 per cent of respondents in the same survey also said that master data was driving big data, rather than the other way around.” –

Big Data skills vs. Traditional Skills

Big Data demands new programming and analytic skills, that today's typical data analysts lack. Most of these skills fall under the heading of 'data science'.

Key skills include:
  • Strong Background in Mathematics
  • Strong Background in Statistical Analysis
  • Knowledge of Statistical Programming Languages
  • Familiarity with Analytics Modelling Techniques
  • Knowledge of Data Subject Matter
  • Ability to Experiment with Data 

Big Data also demands a new set of technical skills that aren't readily found today in many enterprise data centres. These skills include data architecting that includes the build-out of databases that span terabytes of data, being able to administer software frameworks like Hadoop, expertise in databases like noSQL, Cassandra or HBase; or in analytics programming languages and facilities like R or Pig.

But if these are some of the hard skills areas, Big Data also demands a set of soft skills that enterprise IT has customarily been short on. These include the ability of people to think across the organisation, to be aware of the ultimate needs of the business, to know which analytics questions to pose to get to those ultimate needs, and to measure and communicate results.

To learn more about the essential skills in Big Data, read the full article on

Thursday, 19 December 2013

Christmas scams - four tips to keep your personal information safe

With the festive period approaching, many people are eagerly browsing the web to find some last minute deals on gadgets. Word of advice: if a deal is "too good to be true", it probably isn't.

Kaspersky Lab issued the following warning this week: "As we get ready for the latest round of Christmas-themed status updates, we should also prepare for a barrage of scams on social networks in the coming weeks too".

In the lead to Christmas, more and more gullible Facebook users are becoming targets and victims of scammers. There are hundreds of pages offering free gadgets such as PlayStation 4s, and insanely good deals on new Apple products, in exchange for your personal information.

Despite the fact that the majority of these scam posts rarely look legitimate, many people are falling for them. The below give-away received 646 entries. 

Kaspersky’s four tips to keep your social profile and personal data safe:
  • Don’t give away too much. Sharing is caring, especially at Christmas, but it doesn’t mean you have to share your personal information. Try keeping it safe by not sharing too much. If you lose control of your social media account to a hacker, it could mean more than just having your privacy infringed upon. They can also use your information to potentially breach other accounts, such as online banking services or e-commerce accounts, like Amazon.
  • Don’t click on untrusted links. Scammers use various techniques to get people to give away their Facebook login details. Clicking on an email link entitled "Facebook X-mas Specials", for example, could lead to a fake Facebook portal which invites users to enter their credentials. Since the interface seems identical to the real entry page, users don’t realise what’s happening until it’s too late. Once the victims have entered their details, the hacker has their passwords. You should, therefore, never click links that don’t come from trusted sources. But even if a link has been posted from a friend, still watch out - they may have been hacked.
  • Use two-factor authentication. Social media sites, such as Facebook and Twitter are becoming more and more security-conscious. They both have introduced two-factor authentication, which means the user can give another credential, such as a unique number sent to them via text or an application, when logging in. So even if someone gets hold of your details, they won’t be able to login as they won’t have that extra credential.
  • Get the right security. Different types of malware are circulating the web trying to steal social media passwords, such as the innocent-sounding Pony virus. Others, like Kelihos, are spread across Facebook and attempt to steal other personal data. Outside of taking precautionary measures, such as thinking before clicking on links, users need to invest in a decent anti-virus solution that can deal with the latest and most prevalent threats. A properly configured firewall is also essential. 

Wednesday, 18 December 2013

Learn how to code on your smartphone

Earlier this year, Firebrand published an article, entitled “What most schools don’t teach” It discussed the great opportunities offered by learning how to code, at an early age. Well, those opportunities are getting even greater, so there is no time to waste. Especially because in a few years’ time, coding will be a basic requirement for many job roles.

To educate people, interested in coding, Codeacademy just launched a new, interactive way of getting to know the basics. It’s free, designed for all age groups and you can use it on the go. You just need to have an iPhone.

The startup and its ‘start-app’

The mission statement of the “Hour of Code” app is that in just a one-hour lesson, you can learn the basic fundamentals of coding, through a variety of activities and tutorials. 

Codecademy was founded in 2011 by Zach Sims and Ryan Bubinski. In 2012, more than 450,000 users signed up for online courses as part of the company's Code Year initiative. Although headquartered in the United States, Codeacademy has undoubtedly gone global, with now over 60% of its users located outside the US.

Co-founder Zach Sims said: "Codecademy was originally built for someone like me to learn how to code. Now, we want to help provide an easy way for people to get the programming skills they need to learn skills, start businesses, and find new jobs.”

"We're all looking to make learning as interactive and fun as possible, and to continue helping our users change the world. Most other programming instruction companies teach by using videos or text-based approaches. We think the best way to learn how to code is to learn by doing – to actually code."

How you can learn coding fundamentals

The app uses much of the free introduction material available on to create five new, mobile-focused lessons that explore the foundations of code within 60 minutes. “Hour of Code” breaks down coding fundamentals into small bits and gives lesson-by-lesson guidance, to build the right foundations.

According to Codecademy co-founder Zach Sims, you can “do Codecademy online, on a walk, in transit and use that time to be productive and learn skills instead of playing games”.

In an email conversation with Gigaom’s Lauren Hockenson, Sims also said that this is only the beginning of Codecademy’s mobile ventures. The company will continue to expand the variety of courses in the "Hour of Code" app, and also work on future mobile applications.

If you’re interested in coding, download “Hour of Code” or check out our Microsoft MTA Software Development & .NET Fundamentals training course, where you'll learn the basics in just four days.

Monday, 16 December 2013

Andre Villas-Boas sacked – we are offering him FIVE courses for ZERO money

Dear Andre,

Sorry to hear of your recent defeat(s) and sacking. Perhaps you might consider a change of career?

The IT industry is full of great opportunities and a committed individual like yourself, should have no trouble finding a job. You just need some training.

We are running the Certified Ethical Hacker course, which only takes five (5) days. Oh sorry, too soon? Take the CompTIA A+ instead, that’s only four days. It’s running soon, so you can quickly complete the cert and be ready by early 2014 for a first line support engineer role.

Salaries are starting from about £30k, which might be a sudden drop for you, but it’s still better than going on the dole.

We look forward to welcoming you on our course!

Kind regards,

Cyber-criminals seek ransomware creation kit

Following the grand-scale damages (12,000 victims per week) caused by Cryptolocker, cyber-criminals are now seeking to mass-produce and customise new forms of ransomware. As we’ve discussed in a previous article, Crytoplocker is an increasingly common Trojan horse malware, which encrypts its victim’s files and then demands a bitcoin payment for the decryption.

According to James Lyne, global head of security research at Sophos, there’s evidence that many cyber-thieves are willing to cash in to get a share from the success of ransomware programs such as Cryptolocker.

Documents have been circulating online looking for developers to write a kit that anybody could use to design their own ransomware. These kits have led to a huge rise in the number of other malicious programs, and by removing the need for any technical skill whatsoever; they are enabling more and more users to commit cyber-crimes for the first time. What’s more, some criminally minded developers even offer technical support for those that get stuck with creating their malicious software.

Because of its high success rates in making victims pay, Cryptolocker is expected to attract even more "investors" and followers, who will try to profit from launching modified versions of the program. "There could be a lot more mainstream cybercriminals looking to go "noisy"," said James Lyne. He also added that "Cryptolocker is very much a deviation from the norm," and “it is a sign of things to come.”

To learn more about the methods and dangers of Cryptolocker, read our previous blog entry and watch the following video: 

Wednesday, 11 December 2013

Only one day left to get your 25% discount

What’s your most wanted certification? Is it PRINCE2, CCNA or maybe an MCSD? Treat yourself to them now or choose from 100s of other courses and you’ll get 25% off the RRP. Book now for 2013 or early 2014, and you’ll be even better prepared for the challenges of the New Year.

Here’s what you need to do to get your discounted training: click on the image below or give us a call at 080 80 800 888 and our colleagues will guide you through the process.

Act fast, get the certification you need at the price you want. The offer ends tomorrow (12 December 2013) at 5.00pm. Don’t miss out! 

Tuesday, 10 December 2013

Neverquest – a virus designed to empty your bank accounts

Kaspersky Lab has recently published an article about a new “banking Trojan”, called Neverquest, which is a new Trojan horse virus, capable of recognising hundreds of financial sites, including hundreds of English, German, Italian and Indian banking platforms. This Trojan is particularly dangerous, as it spreads itself via social media, email and file transfer protocols.

How it can drain your accounts

When the infected users try to login to their banking sites the virus reacts by activating itself and stealing user credentials. Neverquest then sends the stolen credentials to its command and control server. After getting the credentials, attackers can use them to remotely log into compromised accounts via virtual network computing (VNC). With this technique, attackers are basically using the victim’s own computer to (potentially) empty their bank accounts, which makes it very hard to distinguish between legitimate transactions and thefts.

When your account is breached...

Once the attacker has complete control over the victim’s account, he can empty it into a different account under his control. However, to make the money more difficult to be traced, attackers often make several transfers to other victims’ accounts, before obtaining the money themselves.

It's not a new thing

Banking Trojans have been around for some time. According to Sergey Golovanov, principal security researcher at Kaspersky Lab, Neverquest is trying fill in some holes in the market:

“After wrapping up several criminal cases associated with the creation and proliferation of malware used to steal bank website data, a few ‘holes’ appeared on the black market. New malicious users are trying to fill these with new technologies and ideas. Neverquest is just one of the threats aiming to take over the leading positions previously held by programs like ZeuS and Carberp.”

To read more about Neverquest, visit the official blog of Kaspersky

Friday, 6 December 2013

87.2% of IT professionals think classroom-based training is better than self-study.

By Edward Jones

Firebrand recently conducted a survey to get the opinion of the IT industry on classroom-based learning vs. self-study, when it came to preparing for exam success. Using SurveyMonkey as the platform,  a total of 952 responses were collected and collated.

Outlined below are the results of the survey in more detail including the raw numbers and charts showing visual representation of the data:

Which form of training gives you the best chance to pass your exam and gain professional certification?

There were two options to answer this question, "classroom-based learning" or "self-study". A total of 952 IT professionals answered this question. The chart below shows the results:

This data tells us 87.2% of IT professionals think classroom-based training is better than self-study when it comes to preparing for exam success.

Why is self-study worse than classroom-based learning?

Respondents who preferred classroom-based learning (830), were then asked why self-study was worse. There were 5 options available, respondents were asked to select all which apply, options were: 

  • No qualified instructor to teach you and provide guidance.
  • It's easy to get distracted.
  • It takes too long.
  • Self-study material alone is often not enough to prepare you for the exam.
  • Other (please specify)

98.5% of respondents (818) chose to complete this question. The responses are contained in the bar chart below:

This data tells us that IT Professionals think ease of distraction (75.8%) and the lack of a qualified instructor (71.5%) are the two biggest reasons why self-study is worse than classroom based training when preparing for exams. Another common reason (59.5%) is that IT professionals believe the self-study material alone is not enough to prepare for the exam.

22.7% of respondents (186) selected "other", outlined below are a selection of reasons given:

"When studying alone you tend to think of all theories and practices in terms of your current working environment e.g local government, banking etc. Classroom study allows you hear of real life examples across a number of sectors which help to broaden thinking and fix learning."

"Feedback and questions from fellow students often raise issues that you might not think of when studying alone."

"Self-study rarely provides adequate synopsis and insights gained from the instructor's experience, which places new concepts into better context"

"1-Lack of lab facilities in technical study,  2-Inability to have mistakes corrected"

"Everyone has different learning styles and hearing real life examples from an instructor are more likely to be memorable than reading dry text from a book.

"I am a kinaesthetic learner with a borderline reading disability (oh yeah and an ex teacher): QED books don't work - have to hold, touch, see, talk, do, ask.... books are kinda *#?*# for that."

"It's the interaction with the other students. You may think you know / understand something, then someone else asks a question and you realise you didn't quite get it"

What do you think?

Share your thoughts with us. Maybe you prefer self-study, classroom-based learning or both, maybe you just think our results are plain wrong. Join the conversation by responding in the comments section below.

About the Author

As part of Firebrand's global marketing team, Edward actively works to serve the IT community with news, reviews and technical how to guides. Edward is an active member of the IT community contributing to a variety of tech publications including Microsoft TechNet, Channel Pro and PC Advisor among others.

Hacker Halted Europe Interviews Part 6 – Svavar Ingi Hermannsson

In October, EC-Council’s Hacker Halted came to Europe for the first time. Firebrand attended the conference in Reykjavik, Iceland and interviewed industry experts about the hottest topics in cyber security.

Svavar Ingi Hermannsson is an Information Risk Management expert at KPMG. He has over 20 years of experience in computer security. His expertise covers code auditing, penetration testing, and vulnerability assessment.

Until recently Iceland has been relatively untouched by serious cyber-attacks; however indications are that increasing sophistication is being used to target local entities. At Hacker Halted Europe, Svavar’s keynote presentation addressed the current level of Network Security in Iceland, based on a recent nationwide study undertaken by KPMG.

As part of the study, they scanned the entire IPv4 range of Iceland. This scan discovered over 2,000 Cisco boxes, which had open ports running and over 700 of them had open telnet ports.

To learn about further findings of the research and the increasing IT security awareness in Iceland, watch the full interview: 

Tuesday, 3 December 2013

100,000s of IT roles unfilled by 2015 - how can we get kids interested in them?

Astronaut, police officer, TV personality, singer, doctor. These are just a few standard answers to the question, that every single person on Earth has been asked when they were little: what do you want to be when you grow up?

Educating children about career opportunities is never too early, yet very few people do it. The IT industry offers 100,000s of roles, which guarantee variety, great earning potential and most importantly a job for life. Yet, according to the European Commission, "there will be a deficit of over 900,000 trained IT staff in Europe by 2015" which will increase even further if children and young adults don't get into IT.

How would you get your kids interested in pursuing a life-long career in IT?  

We rarely think about this, but...

Has anyone ever heard a child wanting to become a software developer for instance? Unlikely. (Okay, maybe Thomas Suarez.) But why is that? Kids love playing games and goofing around with fascinating apps on gadgets. Imagine how cool it’d be if they could create their own games. Not to mention, they’d be learning skills that would stand them in good stead for a high-earning career in IT.

The number of app developer courses and job opportunities are almost beyond imagination, yet interest is still relatively little. There are literally thousands of great IT apprenticeship opportunities for kids in the UK, many of which remain unfilled each year.

It's a win-win, if we do it right

It is obvious that we have to inspire and motivate more youngsters to pursue a career in IT, because it's for everyone's benefit. It'll benefit them, because they'll have challenging, well-paid jobs. It'll benefit technological development, because more committed and bright minds will be contributing to it. 

And most importantly, it'll benefit the economy. By meeting the growing demand for qualified workers, the UK IT industry can continue to expand, delivering billions of pounds in future revenue.

How do we make it happen?

Will the new national curriculum encourage more youngsters to get into coding? Will roles in Big Data, cloud computing or IT security one day be more popular than singing contests, media studies or acting? If so, parents, teachers and organisations should all participate to make it happen.

How would you encourage your children to take on the 1,000s of opportunities in IT? What would be your way to make them interested? Share your thoughts with us in comments or tweets @BeAFirebrand using #getkidsintoIT

Friday, 29 November 2013

Hacker Halted Europe Interviews Part 5 – Alexander Polyakov

In October, EC-Council’s Hacker Halted came to Europe for the first time. Firebrand attended the conference in Reykjavik, Iceland and interviewed industry experts about the hottest topics in cyber security.

Alexander Polyakov is the co-founder and CTO of ERPScan Security Monitoring Suite for SAP. He’s an expert on the security of enterprise business-critical software, such as ERP, CRM SR, as well as enterprise applications developed by SAP and Oracle. Alexander is the author of numerous surveys and whitepapers devoted to IT security research in SAP.

The conference organisers invited Alexander to speak about vulnerabilities, threats and trends of SAP in 2013. The presentation outlined the importance of raising awareness on securing ERP Systems based on SAP. As business critical data is often stored in the SAP system, it is absolutely essential to ensure that there are no vulnerabilities. Alexander also pointed out that the exposure of SAP systems to the internet can bear serious consequences, as cybercriminals might gain access to them, using simple vulnerabilities.

To learn more about the latest threats and trends of SAP systems, watch the full interview: 

Tuesday, 26 November 2013

“Culture of carelessness” – losing devices, endangering company data

BYOD (Bring Your Own Device) policies have been causing headaches to IT managers and company executives, ever since they became popular. However, a recent survey reveals that there is something even worse than careless employees using their own devices for work. Can you guess what it is? It’s none other than careless employees using and losing work devices. Information Age collected the most alarming figures from a recent survey of 2,500 UK adults, by Vision Critical and Trend Micro.

The most disturbing news to IT managers is that more than one quarter (27 per cent) of participants have reported having up to three work devices lost or stolen, while only 11 per cent have ever lost a personal device.

But the so-called “culture of carelessness” stretches well beyond losing devices. Although 31 per cent of participants use Wi-Fi hotspots on a regular basis, less than half of them (44 per cent) check security levels of networks before connecting. The same percentage said they are more concerned about losing personal content, like photos, documents and banking details, than sensitive business data. Only 3 per cent were concerned about enabling cybercriminals to access corporate data.

Rik Ferguson, global VP of security research at Trend Micro said: “The survey shows a worrying attitude of carelessness towards work devices and an ignorance of the full impact of losing data without the correct security measures being put in place.”

“Employees should take the same amount of care with their work device as they do with their personal ones, and be made fully aware of the procedures and risks before a device is given to them.”

Monday, 25 November 2013

Free PMP practice exercises help you prepare for certification success.


Over the last 10 weeks Firebrand Training have brought you all the course material from our official PMI PMP® course. Having worked diligently through all the modules, scribbling down notes and referencing a now slightly tattered PMBOK guide, you are probably asking yourself, how much of that information did I really take in? Am I really ready to take the exams?

Firebrand is here to take you one step closer to exam readiness. We have just launched a series of practice exercises specifically aligned to each module. Each exercise is aimed at helping you to gauge your understanding of individual modules, whilst helping put into practice what you have just learnt.

PMP Practice Exercises

Below are the full range of exercises currently available on the site. These can be worked through in isolation, or as part of your progression when working through the course material. 

Every exercise comes complete with a series of questions and answers, helping ensure your knowledge is up to scratch.

Project Management Process Groups
Project Integration Management
Project Scope Management
Project Time Management
Project Cost Management
Project Quality Management
Project HR Management
Project Communications Management
Project Risk Management
Procurement Management
Stakeholder Management

What Next...

Completed all the course material and exercises? Still looking for more information to boost your PMP knowledge? 

Over the next few weeks we will be preparing to launch a series of practice tests, which should take you one stage closer to exam readiness. Keep checking back on Firebrand's Google+ page for all the latest updates.

About the Author

As part of Firebrand's global marketing team, Edward actively works to serve the IT community with news, reviews and technical how to guides. Working in the Industry for almost 3 years years, Edward has a wide variety of experience with Microsoft Technologies including SharePoint and Windows Server and Exchnage Server. Edward is an active member of the IT community contributing to a variety of tech publications including Microsoft TechNet, Channel Pro and PC Advisor among others.

Yves Le Roux: How infosec pros can help EU data protection

(ISC)2’s information security professionals publish articles regularly on Computerworld UK’s Infosecurity Voice blog. This time the author is Yves Le Roux, policy group lead at the (ISC)2 EMEA advisory board, who blogged about how “infosec professionals can help shape EU data protection”.  

Governments have finally realised the importance of recognising and controlling information security risk. With the new draft data protection legislation the EU’s cyber security strategy has made its first steps towards addressing the risks that people and businesses face on a daily basis in today’s technology-dependent world.

Although the initiative is taking on a serious matter, it does not mean that legislators have the relevant experience and knowledge to understand the impact and response that may be needed.
The new legal framework will affect us all; therefore it is vital that everybody involved considers the influence of such legislation.

It’s a task of great significance, so the advising security professionals must get to know the legislation first. Once all aspects, including the overall intent as well as the actual measures, have been assessed, infosec pros may point out all infeasible elements and make suggestions.

All in all, “the job ahead for legislators, privacy and compliance professionals as well as technology and information security professionals  is to understand the intent of what needs to be achieved , and then come together to understand the structures required to govern and properly manage the intent.”

To read the full article by Yves Le Roux visit Infosecurity Voice

Friday, 22 November 2013

SQL Server 2014 Event at Microsoft Redmond - Final Day

Today is my last day at Microsoft, flight this evening at 6:10pm back into Heathrow.

It has been a busy week and my plans to blog every day just didn't happen so here is a final update on my week at the SQL Server 2014 TTT.

Seattle is a cosmopolitan and vibrant city and evenings after class have been filled with taking in the atmosphere and the many retail experiences on offer in downtown Bellevue, so yes after class I have been "out & about" soaking up the local attractions!!

That is not to say that I didn't forget to visit the on-campus shop at Redmond to see what "geek-gifts" were on offer, ofcause I purchased many items that I don't really require but "hey" its all about capturing memories of an iconic visit, and you can never have too many pens!

I couldn't quite believe how large Microsofts Campus at Redmond actually was, it's a town in its own rights and getting from 1 building to the next can be quite a long walk so being able to catch one of the Shuttle Connect taxis to take you to your destination whether that be on campus or downtown Bellevue and even into Seattle itself was a blessing, and what a great service for the 60,000 Microsoft employees who work on campus for getting to and from work.

For me the highlight of the week was Day 3 focusing on the Self-Service BI tools and services for discovery, analysis and visualisations of on-premises and cloud based data.

Our presenter was a "SQL BI God" Peter Myers and for me this was a moment of being totally "Star Struck" as for many years I have followed and read Peters blogs and to finally attend an event where he was presenting was true "SQL Momemt" for me.

We started the BI story looking at PowerPivot in Excel 2013 which was an refresher on skills and to set the starting point before our dive into the realm of Power BI, Power Query and Power Map.
Power Query was previously known as Codename “Data Explorer”. Similarly, Power Map was previously known as Project codename “GeoFlow”.

Available as an add-in for both Microsoft Excel 2013 and Excel 2010, Power Query makes it easy to discover, combine, and refine data from both public and private data sources, including HDInsight.

Being able to pull in any public dataset from the internet, such as census information, geographic data  or anything that is of interest to an organisation opens up the possibilities of analytical and data mining queries outside of organisational data. Ofcause IT can still have an involvement publishing their own organisational datasets and providing a controlled gateway with security and scheduled data refreshes to provide a more managed way of making data available.

The last 2 days were all about HDInsight and Big Data using tools such as MapReduce, Hive and Sqoop, Bill Ramos was the presenter for these 2 days.

HDInsight is a Hadoop-based service from Microsoft that brings a 100 percent Apache Hadoop solution to the cloud. A modern, cloud-based data platform that manages data of any type, whether structured or unstructured, and of any size, HDInsight makes it possible for you to gain the full value of big data. And running up a HDInsight Cluster couldn't be easier taking less than 45minutes to run up a 4 node cluster with 25 cores. At the moment only 4 of the Azure Datacentre locations support storage for HDInsight. 
This was a tough 2 days as the realms of Big Data was relatively new to the whole class and after the first 1 hour session my head was pounding with so much information. HDInsight and it's possibilities are going to take some time to digest and get my head around and at the moment I can only see large multi-national corporations utilizing such technologies to crunch data.

Our fun using HDInsight came to a crashing end when a gremlin popped up and brought down the internet and our access into the Windows Azure Portal. Questions were flying around the class had we brought down Microsoft Datacentres, or was it the Windows Azure team performing updates or was it even the millions of new Xbox1 customers somewhere in the world registering their new accounts and brining down Microsoft Cloud Services. My bet was on the Xbox1 customers!

Gradually the class came back online and we were to some point able to carry on with our HDInsight Clusters, unfortunately this was only for a small percentage of the class, myself not having the opportunity to complete my hands-on labs.

My week in downtown Bellevue, Seattle attending the SQL Server 2014 TTT Enablement Program has been an interesting one and I am sad to be leaving hoping that I will get another chance soon to return to Microsoft.

About the Author:

Angela works for Firebrand Training as a subject matter expert and instructor for SQL Server and System Centre. For over 10 years Angela specialized in SQL Server, delivering training and consultancy services to a number of companies throughout the UK and Europe guiding and mentoring customers to follow Microsoft Best Practice and assist in their understanding and adoption of SQL innovative features.

Wednesday, 20 November 2013

CryptoLocker attacks on the rise – SMEs in danger

By Peter Orban

Imagine the following scenario: you are surfing on the web, checking your emails, opening the attachments and then suddenly your monitor displays a splash screen with a countdown timer and the message “Private key will be destroyed on [date]“, unless you pay. Your PC has just been infected by a relatively new, increasingly common Trojan horse malware, called CryptoLocker. All your photos, videos, documents and other important files have been encrypted and your only option appears to be to satisfy the demands of this ransomware and its creators by paying, hoping that your files will be decrypted and the nightmare ends.

The UK’s National Crime Agency has issued an urgent alert to PC users about CryptoLocker and the threats it poses. As described in the statement, tens of millions of UK customers are receiving emails that appear to be from banks and other financial institutions. However, the primary targets appear to be small and medium businesses.

According to recent reports and the NCA’s warning, the amount of “ransom” demanded by CryptoLocker is 2 Bitcoins (£550 as at 18/11/13).

What can you do against it?

Similarly to many other cases, preventive measures are more useful than trying to find a cure, especially when it’s too late. So what can we do? According to Graham Cluley’s extensive article on the matter, the answer is three-fold.
  • Keep your PC up-to-date with anti-virus and security patches and don’t open unsolicited email attachments.
  • Set a software restriction policy on your PC to prevent executables from running from certain location on your hard drive.
  • Make regular backups of your important data and keep them separate from your computer.
To learn more about CryptoLocker, read the full article on

About the Author:       
Peter writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself.

Tuesday, 19 November 2013

SQL Server 2014 Event at Microsoft Redmond - Day 1

I couldn't quite believe my luck when I received an email from Microsoft inviting me to attend the SQL Server 2014 Trainer Enablement event at Redmond, Seattle.

Of course my answer was "YES YES YES I would love to attend" !!

It was an early start arriving on campus at 8:30am, seeing that Microsoft sign as the shuttle bus entered campus sent me into geek overload, and as expected Microsoft really looks after it's visitors.

So after a long day I am now relaxing in my hotel in downtown Bellevue digesting the information of Day 1 and the roadmap for SQL Server 2014 Data Platform.

The first speaker was Ramink Gulati who presented the story of SQL Server 2014, a story that would wet the appetite of many customers proving that SQL Server is not a "toy database" as many do see it but a true runner to go up against the likes of Oracle, IBM and SAP.

Over 600 business's in the last year have moved from Oracle to SQL Server and we are not talking a hybrid database environment but pure SQL, this strengthens the position of SQL Server in the market place, soon to be Number 1 and knock it's competitor off the top spot once and for all. Currently SQL Server is 2nd in the marketplace and that's pretty good.

The second speaker was Darmadi Komo a senior technical product manager who presented the new standards for mission critical platforms.

For me the most exciting aspects of Darmadi presentation was SQL Server 2014 and it's hybrid capabilities, on-premise and cloud.

My top hybrid features covered today:

  • SSMS built-in tools for moving an on-premise SQL Database to an Azure VM, just a few clicks of the mouse and the database is in Azure, a good reason to implement Contained Databases now in SQL Server 2012 for ease of migration into Azure when upgrading to 2014.
  • Implement an AlwaysOn Availability Group with a asynchronous readable secondary in Azure for reporting requirements.
  • Backup an on-premise SQL Database to Azure storage and encrypt the backup. 
  • Take an on-premise database and move it's file structure into Azure Storage but still keep the compute environment of SQL Server local.

Let me expand on the last point as this was mind boggling! 

So you have an on-premise database which has many data files and a log file, as a DBA I can choose to move all or some of these files into Azure. Why would I do this I here you ask? We'll maybe 1 of those data files has archived data and is read infrequently so rather than using local disk space we can just move that 1 data file into Azure while the rest remain in local storage.  An application does not need to be aware of this remote file as SQL will just pull the data down from Azure, all you need is good bandwidth.

That's just amazes me that an on-premise database can have local storage and Azure storage, I think this will keep me thinking for many hours if not days.

The in-depth dive on day 1 into the Data Platform roadmap for SQL Server 2014 has strengthened my love affair with SQL Server and as an Instructor I am looking forward to sharing my knowledge
with my SQL classes.

A good nights sleep is needed after day 1 as tomorrow is all about Data Warehousing and more cloud features and a trip to the campus shop, so more to follow soon. 

About the Author:
Angela works for Firebrand Training as a subject matter expert and instructor for SQL Server and System Centre. For over 10 years Angela specialized in SQL Server, delivering training and consultancy services to a number of companies throughout the UK and Europe guiding and mentoring customers to follow Microsoft Best Practice and assist in their understanding and adoption of SQL innovative features.

Monday, 18 November 2013

UK needs IT apprentices. Right now

By Peter Orban

According to the estimations of the CPHC, the demand for new staff in the UK IT sector is between 150,000 and 180,000 people per year, yet there’s still an annual shortfall of around 40,000 skilled professionals. What's more, the European Commission states there will be 900,000 unfilled IT jobs across the EU in 2015. 

The opportunities are vast, career paths and jobs are varied, challenging and well-paying, yet there are still not enough young people pursuing a career in IT. What can be the reason for this rather paradoxical situation? It’s what they call the IT skills gap.

As written very accurately by “We have a bold ambition for the UK to be a leading information economy; however getting there will be a task not just for the Government and its central policies, but one for the industry.” But what can the industry do to help the process? It’s a no-brainer: hire apprentices.

Attracting school leavers and other talented youngsters and persuading them to pursue a career in IT isn’t always easy, but more and more companies are recognising the value of apprentice schemes and hire hundreds of apprentices each year.

The Skills Show

The UK’s largest skills and careers event took place last week at the NEC Birmingham. Firebrand co-exhibited with Microsoft and BAFTA to answer the questions of aspiring apprentices and teach them how to code their own games.

The stand of BAFTA, Firebrand and Microsoft at The Skills Show 2013

Deputy Prime Minister Nick Clegg, who also attended The Skills Show, said:

"We need to get beyond this rather fusty, old-fashioned view that the only good thing for a young person to do after school or a college education is to take an academic qualification.

There are lots of really, really bright youngsters who will provide the economic backbone of this country for decades to come who just don't want to have their nose stuck in a book for three years.

They are people who actually want to get their hands dirty, literally and metaphorically. They want to learn while they earn."

Deputy Prime Minister Nick Clegg with Apprentice Assessor Charlotte Preece while visiting the Firebrand stand

Mr Clegg said he had met motivated and committed young people during his visit. He also added that he’d be happy to see his children choose an apprenticeship over a degree. 

About the Author:       
Peter writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself.

Friday, 15 November 2013

Point out ‘zero-days’ to Microsoft or Facebook and collect your bounty

Zero-days by definition are previously unknown vulnerabilities to applications, online platforms or computer systems. The name originates from the simple fact that when an attack occurs, exploiting an unknown vulnerability, the developers have zero days to take preventive action.

Companies like Microsoft, Google, Yahoo! or Facebook run regular “bounty hunts” to encourage (ethical) hackers to track bugs and point out potential vulnerabilities in exchange of a cash prize. For firms like Facebook it is absolutely essential to secure knowledge and details of potential weaknesses before they hit the black market and fall into the hands of cyber-criminals. Therefore bounties are becoming higher, generating greater participation from researchers and cyber-security enthusiasts.  

Last week, it was announced that Microsoft and Facebook teamed up to sponsor the HackerOne programme, which rewards ethical hackers who ‘contribute to a more secure internet’.

Facebook’s Product Security Lead, Alex Rice, said even if companies tend to compete with each other, their security teams should not be rivals, as they have a common competitor: The bad guys.  

Zero-day attacks bear enormous technological threats, however they don’t stop there. According to internet security expert Graham Cluley companies also risk a PR catastrophe if hackers were to exploit an unknown vulnerability.

But then why don’t companies just hire the best security experts and pay them loads of money? Well, they do. However, as long as codes are written by man the potential of human error will always be there.