Presentation on theme: "Slide 1 Mark Pick – Vice President Reality Mark Fuller – Reality Development Gail Lawrence – Customer Development Texas MultiValue User Group – June 2009."— Presentation transcript:
Slide 1 Mark Pick – Vice President Reality Mark Fuller – Reality Development Gail Lawrence – Customer Development Texas MultiValue User Group – June 2009
Slide 2 AGENDA Welcome – Mark Pick Is your data safe and secure? Mark Fuller Web Services – Mark Fuller
Slide 3 Who is Northgate? You might remember….. ► Microdata ► McDonnell Douglas ……..All part of Northgate’s history! Dick Pick – circa 1973
Slide 4 Reality Yes. But much more. It’s the REALITY you remember.
Slide 5 Continuous Enhancements REALITY V1.0First commercial PICK release1974 REALITY V7.2 Last proprietary O/S release1990 Reality X V2.0First UNIX release 1992 Reality X V5.0Last UNIX (only) release1996 Reality X V8.0First Windows NT release1998 Reality V9.0Windows 2000 Support2001 Reality V9.1AIX, Linux, Sockets2002 Reality V10.0GUI Admin, Rapid Recovery2003 File System, 2TB database, SQL View, Foreign Database Reality V11.0Auto File Sizing, GUI Spooler, Databasic from English2004 Reality V12.0 Web Services, XML Parser Fast Backup and Restore 2006 Reality V14.0Data Encryption at Rest, DR 2007 Reality V14.1 Case insensitivity D3 flavor 2009
Slide 6 About Northgate Reality the first commercial Multivalue release (1974) 38 years + experience (company established in 1969) 07/08 revenue of $1.1 billion Company worth $2 billion Approximately 8,000 staff 46 locations worldwide Head Office: Hemel Hempstead, UK
Slide 7 Northgate has three major divisions Northgate HR is the specialist HRS division of Northgate Information Solutions. We are the UK and Ireland’s leading supplier of HR, Payroll and Pensions software solutions and services to all market sectors. Moorepay is Northgate’s small HR & Payroll specialist division. Northgate Public Services is the number one provider of community justice technology solutions. Our task is to enhance public sector value through the intelligent use of information technology and to share in the economic and social benefits that this brings. Northgate Managed Services provides infrastructure solutions to organisations across the public, private and not-for-profit sectors, and specialist ICT managed service solutions in education, local government and utilities. Reality
Slide 8 Reality Core Characteristics Proven, Industrial Strength, Standards-Based Database Exceptional Resilience and Recovery ► No loss of data Rich, Web-Enabled Application Development Tools Exceptional Interoperability Excellent MultiValue Compatibility
Slide 9 Heritage with a Future Back to Reality Where are we going? The sky’s the limit! Future ► Continual development and commitment to the Reality product and to MultiValue. Third Party Vendors ► DesignBais ► MITS ► Sierra Bravo
Slide 14 Introduction Investigate what is meant by the terms Disaster Recovery & Business Continuity Plan What is a disaster? What is their effect? What techniques can reduce the risk? How can Northgate’s Reality Help?
Slide 15 What is disaster recovery? (DR) is a coordinated activity to enable the recovery of IT/business systems due to a disruption. DR can be achieved by ► Restoring IT/business operations at an alternate location, ► Recovering IT/business operations using alternate equipment, ► Performing some or all of the affected business processes using manual methods.
Slide 16 What is Business Continuity Planning? BCP - All encompassing term covering both disaster recovery planning and business resumption planning. Set of procedures for sustaining essential business operations while recovering from a significant disruption. This umbrella term also refers to other aspects of disaster recovery ► Emergency management, ► Human resources, ► Media or press relations, ► Building Control
Slide 17 Disaster Recovery & Business Continuity ► Business Continuity/Organisational Resilience has gained in importance over the last five years. ► Interest & Focus is at International Level ► UK - Civil Contingencies Act 2004 & National Risk Register 2008 ► NFPA1600 (North America), HB221 & HB292 (Australasia), ► 2008 saw the launch of a new BSI Standard (BSI 25999) ► Insurance Companies now take ‘preparedness’ into account ► Weather in particular has shown events happen ► Pandemic – hot topic ► Organisations have become more complex, more reliant.
Slide 18 Which one is a potential disaster and may cause you to implement your DR/BCP plan or parts of it? Security Breach ► Dishonest Member of Staff ► Stolen Data ► Stolen/Loss of Computer System Loss of Service ► Fire/Flood/Tornado/Earthquake/Explosion etc. Hardware Failure ► Complete server failure ► Disk Crash ► Network failure ► Power fail
Slide 19 Security Breach - Impact Incident Cost ► Management time ► Operational effort Legal Compliance Issue ► Breach of Data Protection Act ► Breach of HIPPA ► Breach of Contract Reputation ► Negative press attention … seen as a ‘blunder’ ► Are we a ‘safe pair of hands’?
Slide 20 Security Breach - Examples ID theft concerns over Eden Project stolen laptop IT Pro UK – Fri, 15 Jun 2007 12:45...identity theft. The laptop was looked after by an employee of XXXXXX, a company the Cornish tourist attraction uses to handle its payroll. Cost $500,000! Cost potentially billions! (Compensation up to $600 per record, total 15 billion (UK) UK Chancellor admits HMRC lost 25 million people's data Alistair Darling says taxman lost disks containing the detailed child benefit information of 25 million individuals
Slide 21 Security Breach - Examples 40 Million Credit card numbers stolen from TJX 94% of large enterprises Had a security breach within the last 12 months Hotel chain falls victim To 14,000 data-stealing incidents
Slide 22 Database Security Is your Database secure? ► Can you control access? ► By user, location, time or type of connection? ► Can you detect inappropriate access? ► Do you know who is accessing your database and when?
Slide 23 Database Security – Reducing the Risk MV Account Based Security ► Many users share the same user name and password ► Advantages ► Simple to Administer ► Disadvantages ► Can’t identify individuals ► Hard to Audit ► Difficult to tell if the security has been compromised ► Passwords are difficult to secure
Slide 24 Database Security – Reducing the Risk User Based Security ► Each user has unique user name and password ► Advantages ► Simple to Administer ► Can Identify the individuals ► Auditable ► Individuals can change their passwords ► You should be able control how often, length and password history ► Disadvantages ► Identities can be conveyed to others or commandeered by others
Slide 25 Database Security – Reducing the Risk Location Based Security ► Extends User based security ► Limit individuals to pre-defined locations ► Individuals can have multiple security profiles ► Dependent on their location ► Disadvantages ► Have to define acceptable locations
Slide 26 Database Security – Reducing the Risk Time Based Security ► Extends User based security ► Logins are restricted to defined time periods ► Advantages ► Tighter control of User based security ► Pre-defines allowable login times per user ► Disadvantages ► Have to define acceptable time windows
Slide 27 Database Security – Reducing the Risk Server Based Security (linked to user based security) ► Allows same user different access rights to different services (Remote File, Web, SQL) ► Advantages over User based security ► Server processes can have different security profiles than associated users ► Disadvantages ► Have to define more access rights
Slide 28 Database Security – Using Reality Reality is used in security critical systems ► Police, Government, Health, Military ► Supports ► Account Security ► User Security ► Location based security ► Time Based ► Server Based
Slide 29 Data Security Is your Data secure? ► Can you prevent un-authorized access to the information on your media? ► Disk & Tape ► Can you control access to the data? ► You may want to give file access but not the ability to understand the data
Slide 30 Data Security– Reducing the Risk Encrypt any data leaving site ► Advantages ► Protects backups held off-site ► Disadvantages ► Managing the encryption keys
Slide 31 Data Security– Reducing the Risk Data stored in an encrypted form Data Encryption at Rest ► Advantages ► Protects data at source ► Transparent to the application ► Disadvantages ► Possible performance implications ► Need to manage the keys
Slide 32 Data Security– Using Reality’s Data Encryption at Rest What is it ► Transparently encrypts the data written to your database and any other media ► Access Management ► Defines who is allowed access to encrypted data ► Secure Management of encryption keys Advantages ► Selectively limits access to sensitive data
Slide 33 Loss of Service Sometimes the worst does happen … Northgate HQ, Boundary Way, Hemel Hempstead, UK 6 am 11 December 2005
Slide 34 Loss of Service- Entire Regions May Be Vulnerable Northeast Power Blackout August 2003
Slide 35 Loss of Service- Nature is full of surprises Katrina August 29 th 2005 Rita September 24 th 2005 Primary Data Center New Orleans DR Site Houston
Slide 36 Loss of Service - Impact Incident Cost ► Management time ► Operational effort Contractual SLA’s ► Breach of Contract? Reputation ► Negative press attention … ► Are we a ‘safe pair of hands’? Loss of business ► Companies that aren’t able to resume operations within 10 days of a disaster are not likely to survive’ (source: Strategic Research Institute, Jan 2002.). ► ‘Problems with IT cost small and medium enterprises (SME’s) £100 billion in lost turnover each year according to the London Business School. Computer crashes are estimated to cause losses of £31 million each year.’
Slide 37 Loss of Service - Causes Loss of: ► Data ► Hardware ► Network infrastructure ► Site ► Business! ► Forced to cease trading and wind company up! ► Staff! ► May lose key staff members
Slide 38 Loss of Service – Reducing the Risk Business Continuity & Disaster Recovery Planning Put a BCP & DR plan in place & above all test it! Some things to consider ► Emergency Management Team ► names, numbers, meeting venues, con. call numbers ► Business Recovery Actions ► an ordered list of the actions to be taken by the EMT ► Site Details ► site plan, departments, services delivered, key suppliers, tenants ► IT Recovery ► the site's IT facilities, switchboard lines, DR arrangements for these ► Office Space Recovery ► teams on site, contacts, numbers, alternate office locations ► Site Management ► site protection, salvage, security and safety ► Support Services ► from HR, int/ext communications, finance, property & security ► Longer Term Recovery Actions ► the task of returning to "business as usual"
Slide 39 Loss of Service – Reducing the Risk Resilient Hardware ► Duplicate key hardware components ► Disk Mirroring ► Redundant power supplies, processors etc. ► Redundant Networks ► Hot Swappable Components ► Advantages ► Quick recovery ► Little Admin ► Disadvantages ► Can still cause the system to fail and need to be restored ► Only protects individual machines
Slide 40 Loss of Service – Reducing the Risk Regular backups (Offsite!) ► Backup key data to removable media Tape, Disk ► Advantages ► You do have a copy of your data ► Can be kept offsite ► Disadvantages ► Media deteriorates over time ► Slow! ► Costly! ► Only protects individual machines
Slide 41 Loss of Service – Reducing the Risk ► Resilient File System ► Journaling file system, allows the file system and database to recover to the last completed transaction when the machine unrepentantly stops ► Advantages ► Recovery can be to last completed transaction ► Can be very quick to recover ► Disadvantages ► Additional load on system ► Relies on storage devices being intact
Slide 42 Loss of Service – Reducing the Risk ► Hot standby systems ► Second machine is maintained as a near real-time copy of the live running system ► Advantages ► No loss of service ► Disadvantages ► Normally ‘closely coupled’ – Requires real time data link ► Can still lose both systems ► Additional hardware costs
Slide 43 Loss of Service – Reducing the Risk ► Remote Hot Standby systems ► A remotely hosted machine is maintained as a near real-time copy of the live running system ► Advantages ► Data copied off-site at the end of each transaction ► Off-site machine can be ready to run ► Disadvantages ► Dependant on external communications link ► Requires a communications link which can handle the throughput of the system ► Can be costly – depending on options taken
Slide 44 Loss of Service -Reality Resilience HardwareReplay Logs Shadow Manual Switch Heart BeatAutomatic Switch Service Restoration Time HardwareData RestoreRe-key from last restore Unprotected Data Primary System Unprotected Database Shadow Database Data HardwareData RestoreReplay Logs Transaction Logging Logs Transaction Logging Failsafe LogsData Manual Switch Secondary System Heartbeat Gateway Failsafe
Slide 45 Loss of Service - Reality Automated DR Maintains remote disaster recovery systems ► Further extends resilience options to support: ► Remote hot backup systems ► Operation over slow or intermittent communication links ► Sourced from one or more machines ► Secured up to the last completed transaction Reality Environment Reality Failsafe Environment or Standalone System Remote standby system(s)
Slide 46 Loss of Service - Fast Backup and Recovery Backup & Restore your Database at near Media Speed ► Backup while the system is still in use ► In practice ‘near media speed’ is estimated to be up to 30 times faster than the current logical backup. ► ‘Point in time’ backup ► Examples ► MOD ► from 4 days to 9 hours ► Wolseley ► from 2 hours to six minutes (50GB)
Slide 47 Loss of Service – Using Reality Reality Supports ► Fast backup & Restore ► Backup & Restore your database at ‘media speed’ ► Journaling ► Rapid Recovery ► If hardware survives crash, quickly recovers database ► Offline backup databases ► Shadow Database ► Stored on same machine, separate offline disks ► Hot backup standby systems ► Failsafe & Heartbeat ► No loss of service ► Automatically switches to secondary system ► Remote Disaster Recovery systems ► RealityDR ► Low Cost, Offsite system kept up to date in real time
Slide 48 Conclusion Plan in advance ► Create Business Continuity & Disaster Recovery plans (NOW) Be aware of the Risks ► Security Breach ► Loss of Service ► Data, ► Hardware, ► Network infrastructure, ► Site, Business, ► Staff!
Slide 49 Conclusion Deploy techniques to mitigate those risks ► Security Methods ► Database Security ► Data Security ► Protect Your Service ► Resilient Hardware ► Regular backups ► Resilient File System ► Hot standby systems ► Remote Hot Standby systems Move to Reality ► Northgate and Reality have the tools to protect your business
Reality Web Services Texas User Group – June 2009 Mark Fuller – Reality Development Team
Slide 52 Web Services & XML What are they? ► Technologies involved ► Examples of them being used today Why Web Services? ► Making your services available to a wider audience ► Greater efficiency ► Greater interoperability ► Reduced integration costs ► Simplified Business communication protocols Demo of Reality Web Services using C# to produce a GUI application. Reality’s XML capabilities ► Parsing ► Generating
Slide 53 Web Services – They are not… Not exclusive to Web Browsers! Not exclusive to web based applications! “Web” - Is used in the name purely because they typically use HTTP as their transport mechanism and are served by a web server.
Slide 54 Web Services - What are they? “A software system designed to support interoperable machine-to- machine interaction...” W3C
Slide 55 Web Services - What are they? A “Web service” is an evolutionary technology that allows businesses to integrate their internal/external computer systems, leverage legacy systems, and automate communication with their business partners in ways never before possible..
Slide 56 Web Services - What are they? Web Services are standards driven Key standards ► Based on Extensible Markup Language (XML) ► Simple Object Access Protocol (SOAP) ► Universal Discovery, Description and Integration (UDDI) ► Web Services Description Language (WSDL) Have standard communication mechanisms ► Enables interoperability of applications ► Different languages ► Different platforms
Slide 57 Web Services - What are they?.net Application Java App Others Consumers Provider SOAP XML WSDL HTTP SOAP XML WSDL HTTP Reality DataBasic Application
Slide 59 Web Services - Why? Key Business Drivers ► Greater efficiency ► Allows IT departments to grow organically by hooking into third party software systems rather than building from scratch. ► Greater interoperability ► Allows greater communication between systems that would benefit from more automation. Dramatically reduces the #1 cost to IT departments – Application Integration!
Slide 60 Web Services - Why? Service Orientated Architecture market place estimated at $43bn by 2010 We must allow you to work in a SOA ► Expose existing applications as Web Services ► Calling Web Services
Slide 61 Web Services – Statistics (eBay) As of December 2005, the eBay Developers Program had more than 25,000 members who created 1,900 live applications Approximately 47% of eBay.com listings are through eBay Web Services ► Nearly 50% are from third-party developer tools created by companies. Q4 2005, the eBay Platform handled more than 8 bln Web service requests The number of eBay Web Services transactions through APIs increased 84% annually
Slide 62 Reality Web Services Convergence of Northgate Technologies Inbound ► Ability to expose Reality DataBasic Subroutines as Web Services ► Very simple interface to create a web service. Outbound (future release) ► Ability to call Web Services from within your Reality application ► DataBasic API – to call an external web service.
Slide 63 Reality Web Services Advantages No Knowledge of Web Technologies required by developers ► WSDL ► XML ► SOAP ► HTTP/S ► You focus on Business Rules and we do the plumbing!
Slide 64 Reality Web Services – In use today! Challenge ► The Northgate Integrated Incident Management Framework integrates disparate control room applications into a single user interface. Automatic Resource Locations GIS Call Handling Event Management Control Room
Slide 66 Reality Web Services – In use today! Challenge ► Reduce error rate of picking and packing exam papers ► Integration with warehouse hand-held devices Behaviour ► Real-time ► Fast response ► Simple to implement Target System ► Handheld WiFi Barcode readers Interface ► Web Services
Slide 67 Reality Web Services – In use today! Web Service Call CUP’s Reality System Wifi Access Point Handheld Device With Barcode Reader Barcoded Exam Paper
Slide 68 Reality Web Services Demo Reality Web Services from Microsoft Office ► Integrate your Reality applications into Office Reality Web Services from Visual Studio.net ► C# See just how simple it is!
Slide 70 Reality XML Parser Numerous applications exchange information in XML format. Reality supports an XML parser, ► create XML ► simple data extraction from an XML document using a query template.
Slide 71 Reality XML Parser Example XML Source Document ‘Time]TimeL’ Result in Attribute 1 XML Query
Slide 73 Reality XML Generator Example N Kelly 24 Some road HP21 6NW Created XML Document “N Kelly^24 Some road^^^HP21 6NW” Source Data XML Template \1\ \2\ ] \3\ ] ] \4\ ] \5\
Slide 74 Web Services & XML - Summary What are they? ► Technologies involved ► Examples of them being used today Why Web Services? ► Making your services available to a wider audience ► Greater efficiency ► Greater interoperability ► Reduced integration costs ► Simplified Business communication protocols Demo of Reality Web Services using C# to produce a GUI application. Reality’s XML capabilities ► Parsing ► Generating