4 things IT Ops teams need to know about data management

Pic credit: Hexaware

Why is there so much confusion within IT Ops teams about data management and data operations (a.k.a. DataOps)? The answer isn’t simple. No, database administrators aren’t going to make this go away. Yes, it’s your problem in IT Ops. You need to learn to operate multiple databases and other data storage systems. To that end, there are four things you need to know to make your life easier.

But first, let’s set the table so you have a firm understanding of DataOps and its role in IT Ops.

What it is, why it matters

DataOps is typically a subordinate of cloud operations (CloudOps), which may include cloud and non-cloud systems. And now organizations tightly couple DataOps with machine-learning operations (MLOps). Of course, data must be protected and governed, so you also have security operations and governance operations (SecOps and GovOps, respectively). 

It’s little wonder so many operations jobs chase so few candidates. Operations skills in general, and DataOps skills in particular, now top the priority lists of all Global 2000 CIOs. 

Core to current ops issues is every enterprise’s intense focus on data growth. You don’t need site surveys to understand that data will continue to organically grow at an accelerating pace. Usage continues to expand as well, along with the deployment of key data analytical tools and AI that allow data to be leveraged for more strategic and tactical purposes. 

Data is growing in importance

Today, data defines a business. Enterprise data is no longer just a collection of information about customers and sales. It’s the manipulation and key use of that data as a force multiplier that drives the entire business model. 

Look at the use of recommendation engines, which most major e-commerce businesses attach to their sites. These systems leverage customer and sales data, along with external data (such as demographics), to drive key recommendations that in turn drive sales. 

Based on how a user navigates a website, recommendation engines can accurately determine demographics such as gender, age, race, income, career, hobbies, military service, and more, even if the user doesn’t log in or directly provide that information. 

The tracked data coupled with an AI engine can make uncannily accurate guesses and push certain products or services based upon the AI’s determination of your most likely desires. Thus, sales increase. 

Of course, data can be used in ways other than recommendation engines, and the list is exhaustive. The point is, businesses need to find the value in their data if they are to survive. The Global 2000 already understand this new fact of life. 

The DataOps hot potato 

Most IT Ops teams will tell you it’s the responsibility of the database administrators to deal with DataOps. After all, in most enterprises, IT Ops teams tend to focus on infrastructure such as storage and compute. But where have all the DBAs gone, and who’s minding DataOps? Sorry, ops teams, but the DataOps hot potato gets passed back to you. 

We’ve moved away from a simple on-site database management infrastructure with a few relational and some non-relational systems holding enterprise data. These days, organizations are using cloud-native databases that are part of a public cloud provider’s service offerings. Or they use a widely distributed and complex array of databases that are leveraged for special purposes that support the business. 

There are purpose-built databases such as in-memory databases that support high performance and databases that run on devices that support edge computing. 

While the business needs this sort of complexity to more effectively leverage data, it’s a lot for the operations team to deal with on an ongoing basis. This is an unexpected challenge for most in IT Ops that requires an expanded skill set. 

So, what do you need to know about data management when DataOps lands on your doorstep? How do you operate with multiple databases and other data storage systems?

The answers lie in the cloud. Here are the four major DataOps concepts every ops team should know to make their jobs easier.

1. You may not need to be an expert on a specific database to successfully operate it

Databases require access to the storage, compute, and memory they need to run effectively. You don’t need the ability to design and deploy a database using a specific database technology, but you must understand what it needs for successful operations and scaling. 

{{ Successful DataOps is not so much about knowing how the database functions as it is about knowing how the database finds its resources.}} 

Tradeoffs arise if you provide too many resources, and thus waste money, or if you do not provide enough resources and the database crashes. This is a Catch-22 that’s found in the world of cloud as well as in on-premises databases. 

The good news is that you can have a database operations specialist who can operate as many as five different databases without having a specific database skill set. Indeed, most database providers have simple ops training for those who keep the databases running but who do not build and deploy solutions. 

2. You can no longer separate security and data  

When we dealt with traditional systems, we could wrap data with a security system that had no clue how the database operates, including how the database stored its data. That is no longer the case, and if it is the situation in your organization, you’re likely to be breached very soon. 

Today’s SecOps and DataOps are joined at the hip, and all databases running, on premises or in the cloud, need to support security services such as data encryption, key management, and the ability to deal with credentialing systems such as identity access management (IAM)

Does this make the job of the ops teams more complex? Of course. Some good news: There are tools that can abstract you from that complexity and security tools that are often furnished by the database providers. 

So the GenOps pros need to understand DataOps, as well as how GenOps and DataOps relate to SecOps for data. Typically, this is accomplished by a data security operations specialist who provides SecOps for as many as 10 different databases, cloud and non-cloud. 

3. DataOps can be automated  

One of the nice features of living in 2021 is that we have ops tools that have a mind of their own. These are tools that can monitor databases, including resource usage, security issues (such as resource saturation indicating an attack), and performance. 

The monitoring tools can fix issues as they emerge as well as “learn” to fix issues to provide better operations and automation going forward. 

The dilemma is that many of the people charged with DataOps may not understand that these tools have this capability. Or, in some cases, they own the tools but do not leverage them for DataOps. 

At the end of the day, infrastructure issues constitute about 90% of the problems that databases will encounter. Again, this is true both in the cloud and for on-premises systems. 

Most AIOps tools include this “mind of their own” capability. But AIOps tools’ applicability toward the challenges presented by DataOps is often overlooked, or staff do not leverage AIOps tools to their fullest capabilities. My best advice: Automate all you can. Data management is no exception. 

4. Learn how to apply future-proof processes and tooling 

It’s no secret that technology quickly changes. Those charged with ops responsibilities, strategically at least, need to design and build ops systems and processes that account for this constant and consistent change. 

The solution? When you build ops systems and processes, and when you choose tools, the idea is to keep volatility inside one domain. In practice, this means you select general-purpose tooling that can be applied to databases operating today, as well as databases you may leverage five years from now. 

It’s tempting to pick whatever tool is native to a specific database; it’s often the easiest to use with that database. It’s typically a tool supported by the database, or perhaps by a public cloud provider where the database is a service. 

While this may save you some time up front, the number of tools you’ll have lying around will quickly become unwieldy, and any changes to the mix of databases will make DataOps come down like a house of cards. 

A much better approach is to create common processes and select tooling that can function across any number of different databases—on premises and in the cloud—today or five years from today. If you can keep change inside a domain, the processes and tooling will be consistent even though database management changes will continue to accelerate. 

Data management: The next ops frontier

This four-concepts approach is about adapting to a new responsibility that most ops teams now face: their need to deal with data

With a bit of planning and understanding of what needs to get done, how, and why, transferring DataOps responsibility to GenOps should result in a happy transition. Fingers crossed.

Source: https://techbeacon.com/enterprise-it/4-things-it-ops-teams-need-know-about-data-management

How CIOs can achieve work-life balance — and avoid burnout

Pic source: cio.com

Work-life balance, the loose principle through which you evenly split your time and focus between work and personal activities, benefits individuals and corporations in equal measure.

A healthy work-life balance can improve health, productivity, job retention and turnover, and in-turn stave off emotional burnout, say experienced CIOs. And yet, attaining a healthy equilibrium between personal life and career work has seemed further out of reach than ever.

The economic and social fallout from the COVID-19 pandemic has afforded CIOs more opportunity and accountability in the boardroom, and put additional pressure on project delivery teams to expedite multiyear digital transformation programs. Business expectations for IT teams have subsequently blossomed, but this in itself represents something of a double-edged sword.

CIOs, work-life balance and a global pandemic

Like many technology executives, Jason James, CIO at US-based EHR (electronic health records) software provider NetHealth, says that he threw himself into work at the start of the pandemic, “in retrospect … because it was one of the few things we could control.” He admits that work became an outlet, but an unsustainable one.

Jason James is CIO at software provider NetHealth.

“I was working through lunch, working nights, and weekends and sleeping way less than I should,” he says. “My family wasn’t getting the attention they deserved. I may have been succeeding as a CIO, but I wasn’t the top of my game as a father or husband.”

James developed a plan to make work more balanced, setting boundaries for checking emails and messages, and making time for lunch breaks to get outside. But it was still difficult to switch off, with work often eating into family time.

For Tariq Khan, CDIO (chief digital information officer) at the London Borough of Camden, work-life balance came to mean something else entirely. Starting his first CIO job last year, Khan had to juggle work and home-schooling children during the country’s national lockdown, meeting new colleagues virtually and standing up government services with limited resources.

“[It] could have been better,” he admits. “It’s been a steep learning curve, plus there has been a lot of reactive demand on local government services during the pandemic which has added to the workload.”

Working in isolation while leading teams

Other CIOs expressed difficulties in working in isolation, pointing to the lack of human contact, the transactional nature of videoconferencing and yet the same pressure to lead, motivate and support teams as well as an ecosystem of partners.

For some, fighting the itch to do more has been difficult, even during downtime. Michelle Kearns was new in her role when she joined Boots Ireland as head of IT last year, having previously spent 16 years at family doctor service Caredoc, most recently as its CIO. She admits it has been challenging to balance making an impression in a new job, while retaining some resemblance of normality at home.

“Even when I was on annual leave this year, because I was so new to the company, we had a project that was going and I was dialling in for calls at the end of the evening to see how it was going,” says Kearns. “It was partly because I was so new, but I also wanted the project to succeed. I think it can be quite difficult to disconnect.”

Mark Bramwell is CIO of Oxford Said Business School.

This disconnection came more abruptly for Oxford Said Business School CIO Mark Bramwell, when a heart attack last May forced him to evaluate life’s priorities. He describes the event, from which he is now fully recovered, as a “wake-up call” to take better care of himself.

“I have learnt that results are not solely driven by how hard and long you work, but how you prioritise, delegate and how smart you work,” says Bramwell, who also advocates for working to a set of personal values.

“I have definitely set out new boundaries for my working day, learnt how to say ‘no’ more and better protect some ‘me time’ in my diary to get work done, reflect, plan and exercise.”

To achieve work-life balance, set priorities

Work-life balance can be achieved through delegation and prioritization, as well as setting clear boundaries and taking breaks, CIOs say. But it is also, as Khan describes, about having a clear idea of what you want to achieve.

Tariq Khan is CDIO at the London Borough of Camden.

“Someone once described their inbox to me as ‘your to-do list controlled by other people,’ so as such it’s important to have a clear set of north star strategic priorities that dictate how you plan your day,” Kahn says. “One of the most valuable commodities we have to spend is our time and attention. So it’s important to invest wisely.”

Jot Sehmbi, CDTO (chief digital transformation officer) at Essex University, UK, has looked to do just that by setting daily habits, ring-fencing protected time but also taking up new hobbies outside of her day job.

“I’ve completed a few items on the hobby list, including going back to playing the piano and chess with a regular club,” Sehmbi says. “Having an activity scheduled where a group is dependent on your participation helps.”

Jasper McIntosh is CIO of the Gym Group.

For Jasper McIntosh, CIO at The Gym Group, balance has been about setting an end time in the evening, blocking out time in the day to get away from his desk and making time for informal conversations with team members.

“When things were really crazy, you would find yourself spending 12 hours a day talking,” says McIntosh, “but it was always on a work thing. It just didn’t engage the right side of your brain.”

How to create work-life balance for your team

These conversations can be part of something bigger, with Boots’ Kearns and Oxford Business School’s Bramwell saying that building trust, transparency and empowerment within teams can help all parties. Tom Catalini, CIO of the Boston Museum of Fine Arts, goes one step further by suggesting that rewards for a job well done can bring about a healthy work-life balance for all staff.

“If someone on the team has to put in some extra effort to get a job done, I want them to balance it out with a long lunch, an afternoon off or an extra vacation day — and soon. Making that an explicit policy is as important as modeling balance,” Catalini says.

NextHealth’s James, who recently became the first male employee at the company to take paid parental leave, says this goes back to the “softer” skills required by CIOs today, such as empathy and flexibility, which can in turn lead to improved talent retention.

“People are more than just their jobs and the pandemic is forcing many companies to come to grips with that,” James says. “Many workers are pushing for roles that allow them to have greater flexibility in their careers and the companies that embrace that will retain and attract the greatest talent.”

For Catalini, work-life balance is ultimately about being smart. “A more balanced life is not just helpful — it’s essential to reaching your full potential. Not only is being happier just as important as being successful, being happier and more balanced actually leads to greater levels of success.”

Source: https://www.cio.com/article/189409/how-busy-cios-are-achieving-work-life-balance-and-avoiding-burnout.html

Riding high on rapid cloud adoption, India’s SaaS sector is all set to score big in 2022

Pic source: howitworksdaily.com
India’s software-as-a-service industry could reach $1 trillion in value and create nearly half million new jobs by 2030. There are more than a thousand funded startups and 10 unicorns in the country’s SaaS sector, generating as much as $3 billion in annual subscription revenues, according to a report by SaaSBoomi. The number of unicorns could increase 10-fold by 2030, reaching $1 trillion in value, they predict.

Technology and digital transformation has been the key buzz word since a couple of years now, with large to small scale businesses shifting their operational activities to cloud and online for better productivity and ease of business activity. Owing to the pandemic and the lockdown that took into effect, working remotely became a necessity and organizations across sectors and sizes adopted to the new norms of remote working and digitization in their processes and offerings.

With growing uncertainty of the times and the likely realities of the “new normal,” more and more organizations are now charting the course for transforming and moving towards cloud computing and digitization. Even looking at the global counterparts, Microsoft CEO Satya Nadella said that the company had seen two years of digital transformation in two months as even their customers had started adopting cloud solutions.

The global pandemic has somewhere pushed and accelerated the rate of adoption of cloud computing. It has acted like a catalyst and enabled flexibility with respect to cloud computation and acceptance. Gartner, in its research report stated that the worldwide end-user spending, post the pandemic, on public cloud services is forecast to grow 18.4% in 2021 to total $304.9 billion.

Some of the key reasons that businesses have adopted to this accelerated digitization is remote working, online education, focus on environmental sustainability, evolution of business operation with focus of Artificial Intelligence (AI), Virtual reality (VR), chatbots, digital payments, etc. increasing drastically.

SaaS companies like Freshworks and Salesforce are just two of the many in this space. Freshworks became the first Indian SaaS company to list on Nasdaq on 22nd September’21 and raised over $1 billion, with a market valuation to $10 billion. Freshwater IPO acted as a great deal in opening up doors for many other start-ups in the same space.

The Indian SaaS space has been growing rapidly, with projection expected to grow at ~30% CAGR over 2020–25 and double their share in the global market to 8%–9% by 2025. India now has 13 SaaS unicorns as compared to one in 2018, with India being the third largest SaaS ecosystem globally, after USA and China.

Pic credit: Economic Times

As mentioned earlier, Gartner estimates that SaaS will continue to maintain this dominance well into 2022. Recent research finds that:

  • The SaaS market is currently growing by 18% each year
  • By the end of 2021, 99% of organizations will be using one or more SaaS solutions
  • Nearly 78% of small businesses have already invested in SaaS options
  • SaaS adoption in the healthcare industry grows at a rate of 20% per year
  • 70% of CIOs claim that agility

We can oversee a few challenges also on the way such as finding the right skilled resources in the technological sector, the IT department would be needed to be more agile, proactive instead of depending on reactive models. There is also a challenge of compliance and data security to a certain extent which the companies would have to tackle during migration to cloud. However, I feel that overall, the rise of software as a service solution isn’t going anywhere. Businesses from all sector and services are currently utilizing SaaS in some shape or form and as these options are only rising and would witness an exponential increase.
(Pradeep Gupta is Co-Founder & Vice Chairman, Anand Rathi Group)

Source: https://economictimes.indiatimes.com/news/economy/policy/riding-high-on-rapid-cloud-adoption-indias-saas-sector-is-all-set-to-score-big-in-2022/articleshow/88967812.cms

7 Reasons on why to seek Microsoft Certifications for accelerating career growth!

Today, a successful technology professional is adjudged by technical skills, problem-solving capability, and IT certifications. These certifications play a vital role in helping the tech professional rise above the rest in their career ladder. Similarly, organizations can seek certifications of their relevant IT teams for growth and delivery. 

Microsoft, a global IT leader, offers a plethora of certifications that technology professionals can opt for as per their expertise and skillset. Moreover, Microsoft offers quality online and in-person training for these certifications at a pace and schedule suitable to them. Mind you, Microsoft Certifications are more prolific as they are role-oriented apart from empowering the candidate with technical skill and expertise.

Key features of Microsoft Certifications that set them apart from the rest are – 

Role-based training is available through various convenient options 

  • Self-paced learning with free, interactive
  • Hands-on browser based learning paths that are accessible online at any time
  • Training events that provide a combination of presentations demonstrations, discussions, and hands-on workshops
  •  In-depth, customizable, instructor-led training taught by Microsoft Certified Trainers, delivered virtually or in person.

Moving forward, let us review the top 7 possible reasons that Microsoft Certifications promise to offer-

  1. Value-added Certification – Microsoft is synonymous with offering seamless solutions to critical applications and processes to nearly 90% of the businesses worldwide. Hence, a Microsoft certification is of immense value and very much in demand. A technology professional with Microsoft Certifications will likely have better job prospects and compensation in today’s technology-based scenario. 
  • Solid Base for Growth – Microsoft has carefully devised three certifications depending on technology to solve business issues. The study material includes conceptual principles, applied learning at the foundation level, followed by role-based technical skills and knowledge for real-time capabilities. Moreover, these certifications are updated to provide requisite skills required by the market and the industry. 
  • Realize the dream job – A resume with relevant Microsoft certifications carries more weight than a resume with no certification. More than 50% of the hiring managers prefer applicants with certifications, while those already employed and certified are likely to get better and faster promotions provided they seek further certifications. A resume with Microsoft Certification means a level above the rest with chances of getting better jobs or career opportunities. 

Summing it up, a Microsoft certification means a validation of skills and abilities coupled with the dedication and perseverance to learn and adopt new technologies.  

  • Better paychecks – Reports suggest that nearly 30% of technology professionals agree that certifications imply better salaries or increments. More than 210% have got jobs promotions; also 50% of the IT professionals state their promotions have been faster than those of the non IT professionals. Thus, certifications accelerate career growth with better salaries and incentives. 
  • New Skills and Capabilities – A technology professional who is always eager to learn and acquire latest skills and knowledge is the one who stays ahead of the rest. And, these efforts when validated through a certification of a global IT leader relate to a great achievement. 

The latest and relevant certifications imply the intent of the professional to delve deeper into new tools and acquire the right technology competencies to become capable of solving critical IT challenges for growth and excellence. 

  • Explore new career paths – Tired of an existing profile and looking out for a change within the IT segment? Make it possible with Microsoft Certifications!

Microsoft Certifications are solid, and they are role-based. They are the best industry-endorsed proof of skills and abilities in emerging technologies across the current IT world. How about a ‘switch job track opportunity’ sound even more convincing? Microsoft Certifications for Azure are specially offered for those who wish to become cloud professionals, as almost all businesses are adopting the cloud environment at a rapid pace.

  • Certified and Credible Professionals – Be there, be valued, and at the right time! Yes, this should be the mantra for most technology professionals who wish to make the best of the situation. Today, with more than 90% of the organization adopting cloud solutions, the requirement of professionals with relevant and certified cloud skillsets is very high, so go ahead and seek the right certification that ensures the right opportunity at the right time. 

Reports Microsoft Certified professionals reveal these interesting figures – 

  • 91% say they feel more confident 
  • 84% say they are more determined to succeed professionally. 
  • 76% say they experienced greater job satisfaction and respect from their co-workers.

Nearly 90% of the certified colleagues have emphasized that Microsoft Certifications have genuinely added value to their career and personal growth.  

Also, organizations express their trust in employing certified team members as they are more trustworthy, reliable, focused, dedicated, goal-driven, and even capable of assuming leadership profiles.

Finally, we would like to stress home the fact that the most technology analysts prefer a certification from the most relied and resilient provider of IT infrastructure or a certification of an industry standard which is best met by Microsoft. It is the unrelenting effort of Microsoft training and developers that their certifications are comprehensive and go beyond the industry standards. Rest assured, Microsoft Certified professionals are likely to stay well ahead of their crowd.

About Synergetics:

Synergetics is a learning solutions company that offers Microsoft certifications to individuals as well as corporates. Our bespoke learning solutions are well developed and comprehensive for their best results. Moreover, we also provide training, workshops, and webinars on these certifications on request. Our well-trained and expert Microsoft-certified learning partners conduct all our learning solutions.

For more details do get in touch with us on info@synergetics-india.com or you can Call or What’s App us on +91 8291362058 or visit our contact us page to discuss your learning requirement.

Microservices Adoption and the Software Supply Chain

Pic Credit: White Source Software

Software development is undergoing industrialization, with more and more software rapidly assembled out of components and an emphasis on building automation around software validation and release processes.

Modern cloud-native software is no longer a monolithic application living in a single repo with the majority of its dependencies self-contained. It is integrated from third-party components provided by vendors, cloud providers and open source software (OSS) components, with as much as 90% of code coming from such dependencies. This allows developers to build applications much faster but makes maintenance much harder as it is no longer entirely under their control. If the third-party vendor makes a change to their API, developers are on the hook to update their applications before they break. 

Each microservice interacts with hundreds of other microservices and each is built and released independently, making it hard to understand how to coordinate API changes across them. For example, if you want to make an API change to a microservice, what impact will this have on the consumers in the organization? Who will need to coordinate the change? When it was all within the same repository and released all at once, it was much easier to make such changes.

The Changing Nature of Technical Debt

What we continue to call technical debt is really the activities that are related to tending to and upgrading our software when third-party components are evolving or have common vulnerabilities and exposures (CVEs) and need to be upgraded.

These are tedious, repetitive tasks that usually fall to the most experienced engineers as they require technical expertise to do correctly. Such activities can paralyze engineering organizations and are a tremendous burden on engineers; that often leads to burnout. Up to 30% of engineering time is spent on technical debt. The perception that somehow developers were responsible for accruing this technical debt and are doing something wrong that prevents them from keeping up is hugely demoralizing and demotivating. 

However, if we reframe technical debt as software supply chain management and stop blaming engineering for it, we can make maintenance more predictable and consistent. By taking steps like inventorying third-party components and determining how pervasive they are in the application (frameworks take more effort to maintain than a third-party API that you just call from one part of the application), an organization can arrive at a maintenance estimate. 

These activities are highly repetitive across organizations, as everyone is integrating some subset of the same third-party components to create business value. This high level of repeatability points us to automation. 

Specialized Developer Tools for Software Maintenance Don’t Exist

When developers write code, their hands often lag behind their thoughts. They think much faster than they are able to type the code. You often hear developers finishing a tedious task and complaining, “My fingers hurt.” When their IDE can autocomplete syntax, it helps reduce this lag to minutes.

When a major framework version is released, developers contemplate the codebase. Maybe they need to change this type to that, reorder some method arguments or change dependencies. The types of changes they need to make are enumerable and must be made almost immediately; again, the ability to implement them lags far behind their recognition of the problem. Often, this type of lag can represent months or years of work when dealing with a large codebase. Accumulate enough of this lag and the codebase can grind to a halt.

That lag kills the joy in development for most senior developers and leads to burnout. Upgrades/migrations amplify that lag by orders of magnitude.

However, there are few (if any) tools that focus on helping developers automate these remediations/upgrades/migrations. The IDE’s focus is rightly on helping developers write new code and maintain their own code, but code maintenance needs to be coordinated across multiple places across the codebase, within the same repository or across the repository boundaries. Often, developers have a pattern they want to change in their repository, but the IDE only suggests this as an improvement in their current location (one file). Other times, changes need to be coordinated across repository boundaries if developers want to change APIs and their consumers. That’s why this technology needs to exist outside of the IDE.


OpenRewrite is an open-source project that offers semantic analysis and refactoring of code as standalone operations so that everyone can use and contribute over time; composing more and more refactoring operations that make whole framework migrations possible. It is integrated with build tooling and can be plugged into different workflows, from CI integrations to mass refactoring of multiple microservices/repositories. Similar to an IDE or other developer tools, OpenRewrite manipulates an abstract syntax tree (AST) representation of code, but this AST has special characteristics that allow it to transform this AST and generate code back to the standard text representation. 

The OpenRewrite AST is produced by guiding the compiler through the first two phases of compilation to generate compiler type-attributed AST. This is then mapped to the OpenRewrite AST, preserving formatting and breaking cycles in the AST. The three unique characteristics of OpenRewrite AST are:

  • Type aware, allowing 100% correct semantic code analysis and transformation.
  • Style-preserving, so transformations produced are idiomatic within the projects they are applied to. So, the same transformation applied to multiple projects will potentially look different.
  • Serializable, allowing to output the AST from the build and operate on it outside of the build en masse.

OpenRewrite ASTs is full of metadata about code. Visualizing the code itself as a highly connected tree of various vertices and edges, we can start to get an idea of the density of this representation. Syntactic elements alone are blue, type attribution is yellow and formatting information is red. If we were to just represent syntactic elements, the tree might look something like this.

Pic credit: devops.com

Adding type attribution and formatting, the tree looks quite a bit denser.

Pic credit: devops.com

A spanning tree of the data involved in this AST can be laid out in three-dimensional hyperbolic space and then projected onto the unit sphere similar to the way that two-dimensional space can be projected onto a disk—the famous Poincaré disk model. This three-dimensional approach was pioneered by Tamara Munzner at Stanford.

Every edge that isn’t part of the spanning tree is rendered as a lighter gray, and, as you can see, it is dense! In fact, to make this layout more tractable, we’ve omitted in this view an additional 600,000 vertices representing type information that make the syntax itself seem tiny.

OpenRewrite calls a single code search or transformation operation a recipe. It provides a number of building block recipes such as find method, change method, find transitive dependency, upgrade or exclude dependency. These recipes, in turn, can be composed into more complex recipes by grouping them together into a composite recipe. When the building blocks are not enough, a recipe can be written as a program in the same language as the code we want to transform, allowing us to encapsulate complex logic with the full expressiveness of the language already familiar to developers. We don’t need to learn a new DSL or programming language.

These building blocks abstract away many of the details to ensure that edits that we make to source code obey the original style of the project. This is possible for even complex changes like this automated migration from Spring Boot 1.x @ConditionalOnBean to Spring Boot 2.x AnyNestedCondition looks idiomatically consistent in the context of the project that it is inserted into:

Pic credit: devops.com

It is important to note that OpenRewrite is not a replacement for an IDE. With software now composed of so many independent components, we need to start to remediate and manage it using new approaches that go beyond single lines of code to looking across entire code repositories.

Source: https://devops.com/microservices-adoption-and-the-software-supply-chain/

Microsoft launches Azure Availability Zones in its Central India datacenter region

Pic source: Microsoft

New Delhi, December 8, 2021: Microsoft India today announced the launch of Availability Zones in its Central India datacenter region, providing additional resilience options for customers’ cloud applications. Azure Availability Zones allow businesses to spread their infrastructure and applications across dispersed datacenters, delivering additional protection and isolation from localized failures, which can range from mechanical or electrical issues, structure fires or flooding, or any unforeseen disaster. They also provide access to mission-critical applications, data, and services to every Azure customer to support their most important workloads and processes.  

Azure Availability Zones are physically and logically separated datacenters with their own independent power source, network, and cooling. If one becomes unavailable, the others ensure resiliency. They provide the scale, business continuity, and the security businesses need to run their most important applications in the cloud. The new Azure Availability Zone in Pune ensures uptime of up to 99.99%, empowering Microsoft customers in India to spread their infrastructure and applications across the data centers’ locations, increasing security and accessibility.  

Commenting on the announcement, Rajiv Sodhi, Chief Operating Officer, Microsoft India, said, “Microsoft’s cloud infrastructure comprises more than 60 announced datacenter regions around the world – more than any other cloud provider – and has been essential in connecting people, businesses, and governments while running mission-critical applications. We are continually upgrading the infrastructure in India to provide support for customers building and operating applications and workloads. From facilitating architectures for modern cloud applications, to meeting data residency requirements, the new Azure Availability Zones in Central India will bring resilience to businesses, as they accelerate digital transformation.”

Azure Availability Zones enable many core Azure services that provide the necessary support for deploying, building, and operating highly available applications. As part of the design process, Microsoft evaluates more than 30 viability and risk-based criteria which are considered to determine the configuration of Availability Zones.   

Abhijit Mazumder, VP & Chief Information Officer, Tata Consultancy Services said “Cloud First is an important component of the TCS’ Business 4.0 framework that guides our internal IT strategy, and which our Microsoft Business Unit uses extensively to further our customers’ growth and transformation agenda. We believe this launch of a new Azure Central India Availability Zones from Microsoft will further enhance the resiliency and availability of mission-critical applications for us, as well as our clients in the region.”

Microsoft continues to build Azure to support customer needs for low-latency, high-availability cloud services, with the ability to both store and process data within a country or geography. This is essential in providing a trusted cloud that is secure, reliable, and supports regulatory compliance.  

Source: https://news.microsoft.com/en-in/microsoft-launches-azure-availability-zones-in-its-central-india-datacenter-region/

Cybersecurity Talent Gap Narrows as Workforce Grows

Job satisfaction and salaries have both increased for cybersecurity professionals, as younger workers seek specific training to prepare for a cybersecurity career.

(ISC)2 2021 Cybersecurity Workforce Study

An estimated 700,000 cybersecurity specialists entered the global workforce in the past year, shrinking the gap between supply and demand to an estimated 2.7 million unfilled positions, according to (ISC)2‘s new annual Cyber Workforce Study.

While the gap shrank from last year’s 3.1 million, demand continues to be strong, and most cybersecurity workers (77%) continue to be satisfied or extremely satisfied with their jobs, up from 66% in 2019, according to the survey of 4,750 professionals responsible for cybersecurity at companies. Ironically, some of that satisfaction may have been caused by changes wrought by the coronavirus pandemic, with more than half of security professionals (53%) citing better workplace flexibility, more impetus behind digital transformation initiatives (37%), and better communication and collaboration (34%).

The workforce and training continue to be a dynamic space for companies, says Tara Wisniewski, executive vice president of advocacy, global markets and member engagement at (ISC)2.

“This is an incredibly important and exciting workforce, but one that is in great need for more trained professionals to come into it,” she says. “Key recommendations for organizations looking to build their workforce are, first and foremost, that organizations understand their own gap and what their individual needs are.”

With ransomware, data breaches, and nation-state attacks continuing to target companies, cybersecurity continues to be an in-demand calling. Currently, about 4.2 million people are working as cybersecurity specialists, but that population needs to grow by 65% to satisfy demand, according to the (ISC)2 report.

In North America and the UK, the cybersecurity workforce continues to be mostly Caucasian (72%) and male (76%), while women make up about 25% of the cybersecurity workforce globally. Efforts to diversify and promote inclusion require more mentorship opportunities, increased flexibility in working conditions, and hiring managers focused on workforce diversification.

“The cybersecurity workforce – the very people on the front lines defending our critical assets around the world – are telling us where talent is needed most; that old habits in hiring need to change; that technology spending alone won’t fix our problems; that remote work is a greater opportunity than a threat; and that they expect meaningful diversity, equity and inclusion (DEI) initiatives from their employers,” the (ISC)2 report stated.

Overall, the global cybersecurity community is highly educated, with 86% having a bachelor’s degree or higher; technically proficient, with more than two-thirds having a math or engineering degree; and well-compensated. In 2021, the average salary among survey respondents was just shy of $91,000, up from $83,000 in 2020 and $69,000 in 2019. Nearly a third of workers — almost half in the US — make $100,000 or more.

Some countries, such as South Korea, had less than 5% growth in their cybersecurity workforce. Meanwhile, other nations suffered a drop, such as the United Kingdom, which experienced an 18% drop in the number of working cybersecurity professionals. But most saw significant increases in their workforce, with Germany leading the pack with a 165% increase in cybersecurity professionals — or 465,000 currently working in the industry compared with 175,000 in 2020.

Hiring Disconnect
One problem for the average company: Businesses continue to have unrealistic expectations when hiring cybersecurity professionals, often looking for far more experienced candidates than a given position requires. Hiring managers often call for a level of expertise not needed for entry-level positions, Wisniewski says.

“There is pretty severe competition for the talent, and we are hearing from people that they are getting multiple job offers,” she says. “It is a challenge for organizations, for small and medium enterprises are often very lucky if they have anyone who is considering security. And that challenge gets more severe if you are talking about the federal workforce in the US.”

More workers, especially younger ones, are training either in college or through skills-focused courses for a career in cybersecurity, rather than starting in IT and moving laterally to the cybersecurity field, the study found. 

Four in 10 workers under 39 years old, classified as Generation Z or Millennials, either have a degree in cybersecurity or learned on their own before taking a job in the field, while only 14% of workers over the age of 55 did the same.

“We cannot rely on a four-year degree as the only way in for cybersecurity professionals,” Wisniewski says. “The pandemic has really heightened some of those gaps and also changed the higher education universe and I see that as an opportunity for cyber.”

Source: https://www.darkreading.com/careers-and-people/cybersecurity-talent-gap-narrows-as-workforce-grows

Key Security Certifications from Microsoft for a prospective career in Cybersecurity 

The ongoing digital wave significantly virtual work scenario has raised the demand for certified cybersecurity professionals. Taking a cue from this, Microsoft has put forth a series of security certifications that could enable more prospective IT professionals to choose or switch over to security and compliance.

The four new security certifications in Microsoft’s portfolio are:

  • Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals
  • Exam SC-200: Microsoft Security Operations Analyst
  • Exam SC-300: Microsoft Identity and Access Administrator
  • Exam SC-400: Microsoft Information Protection Administrator

All these certifications have been recently updated in the past two months. Let us get a brief overview of the topics covered and the audience profile, along with the requisite skillsets,

Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals

As the name suggests, it is the first in the series of certifications that offers basic knowledge and fundamentals of security, compliance, and identity across cloud-based and related Microsoft services to those interested in becoming data security professionals and experts.

The SC-900 exam – Microsoft Certified: Security, Compliance, and Identity Fundamentals” certification is the stepping stone for those who wish to acquaint themselves with security and compliance fundamentals across the relevant Microsoft and cloud services. 

This certification is suitable for a business user or a student keen to become a security engineer. Microsoft explains that familiarity with Microsoft Azure and Microsoft 365 to understand their security, compliance, and identity solutions and how to use them to offer comprehensive solutions.

Candidates suitable for this certification are new or existing IT professionals, business stakeholders, and students interested in making a career in cyber security. Hence, the inclusion is relatively broad for this certification.  

Topics covered include:

  • Concepts of security, compliance, and identity
  • Capabilities of Microsoft identity and access management solutions
  • Capabilities of Microsoft security solutions
  • Capabilities of Microsoft compliance solutions

Exam SC-200: Microsoft Security Operations Analyst

The SC-200 is an associate-level exam that judges the knowledge and capabilities of using Microsoft 365 Defender, Azure Defender, and Azure Sentinel to mitigate threats. 

The candidates will be dealing with several technical challenges and tasks that involve the three most critical Azure Defender, Azure Sentinel, and Microsoft 365 Defender.

Before appearing for the exam, it would be ideal for the candidates to know, understand, and explore them in detail. The more they are acquainted with these three services, they will be in a better position to secure the infrastructure and assets of the organization. 

Microsoft suggests that this exam is ideal for a Security Operations Analyst who acquires information technology systems and the organization’s stakeholders and security engineer administrator and security operations analyst. 

The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems to reduce risk by having remedial measures to the attacks in the environment. 

Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, offering sound advice on how to improvise the threat protection measures, and highlighting the violations of the organizational policies to their respective stakeholders. 

The certified security analyst will use Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products to manage threats, monitor, and respond using the most suitable security solution across their platform. The security analyst is also responsible for the configuration and deployment of security technologies. 

The candidates will earn the “Microsoft Certified: Security Operations Analyst Associate” certification by passing the SC 200 exam. If they wish to advance in their career, it is a must-have for security engineer administrators and security operations analysts. 

Topics covered include:

  • Mitigating threats using Microsoft 365 Defender
  • Mitigating threats using Azure Defender
  • Mitigating threats using Azure Sentinel

Exam SC-300: Microsoft Identity and Access Administrator

The SC-300 is yet another associate-level exam that tests the candidate’s ability to undertake and complete technical jobs such as implementation of identity management solution, authentication and access management solution, access management for apps, and plan and implement an identity governance strategy, and so on. 

Microsoft suggests this exam is ideal for an Identity and Access Administrator whose task is to set up an organization’s identity and access management systems, including designing, implementing, and operating based on Azure AD. The candidate should be able to provide secure authentication to enterprise applications along with authorization access. Also, the administrator must ensure that the users can seamlessly navigate and manage their capabilities. 

Key elements in this role are adaptive access and governance, along with monitoring, reporting, and troubleshooting the identity and access environment. The individual in this profile must be brilliant and astute as its deliveries include spearheading strategic identity projects to modernize identity solutions, implement hybrid identity solutions, and identity governance. This profile can be handled by either a single person or a team.

Candidates who successfully pass the SC-300: Microsoft Identity and Access Administrator exam will receive the “Microsoft Certified: Identity and Access Administrator Associate” certification. 

Candidates suitable for this exam include security engineers and identity and access administrators in their current profile. In addition, they should be familiar with Azure Active Directory, multifactor authentication, access management, and identity governance, which make up the core elements of identity and access business roles and security of policy of any organization. 

Topics covered include:

  • Implementing an identity management solution
  • Implementing an authentication and access management solution
  • Implementing access management for apps
  • Planning and implementing an identity governance strategy

Exam SC-400: Microsoft Information Protection Administrator

The SC-400 associate-level exam judges the candidate’s ability to perform and deliver critical tasks such as implementing information protection, data loss prevention, and data loss prevention.

As per Microsoft, this profile of an Information Protection Administrator includes planning and implementing the compliance requirements of an organization. In addition, the candidate will be responsible for fulfilling the compliance controls and requirements technically across the entire organization. This profile includes working in cohesion with several departments such as human resources, legal stakeholders, business application owners, information technology (IT) personnel, and so on, along with security and compliant officers. 

“Microsoft Certified: Information Protection Administrator Associate” certification will be available to those who complete the SC-400: Microsoft Information Protection Administrator exam. 

This exam is suitable for candidates who are security engineers, administrators, information protection administrators, and risk practitioners. The SC- 400 evaluates knowledge and skill required to provide utmost protection and security to company information, especially leakproof storage of sensitive information and data against theft, intentional loss, and even accidental loss.

Topics covered include:

  • Implementing information protection
  • Implementing data loss prevention
  • Implementing information governance

As mentioned earlier, the right approach to a successful security profile is, to begin with, SC 900 certification, which contains exhaustive information on fundamentals of security, compliance, and identity followed by the remaining three exams viz. SC-200, SC-300, and SC-500. These exams and certifications cover the core and most critical security and compliance aspects, an important requisite for every organization. 

Synergetics Learning offers valuable training and educational resources to existing security professionals and fresh candidates who wish to make a career in security and compliance in today’s world of emerging technology. 

Synergetics has a special ongoing offer on “Microsoft Security” certifications. To know more you can visit our site or refer to the details given below:

Important Announcement:

Synergetics is conducting special series of dedicated virtual learning sessions on SC-900 certification. During these full-day sessions, attendees will be provided with the best insights from the MCTs and beyond that, we are distributing MOCs (Microsoft Official Curriculum) for no cost. There is a live practice test and based on criteria you will also be provided with “Exam vouchers” again for no cost. Do not miss to Register Now!

SC-900 Exam: The best industry-endorsed certification for cyber-SCI

There has been an exponential demand for security professionals considering the remote work scenario. The most reliable and certified for a career in IT security is to seek the Microsoft SC-900 Exam.

This exam offers an exhaustive overview of Security, Compliance, and Identity (SCI) fundamentals with Microsoft services and/or other cloud-related services.

SC-900 exam is a part of Microsoft Certified: security, compliance, and fundamentals. The focus of this exam is to ascertain and evaluate your knowledge and expertise in Security, Compliance, and Identity. On the same grounds, it assesses your expertise in management solutions and Microsoft identity and Microsoft compliance solutions, and Microsoft Security solutions.

This certification is for those individuals who wish to make a career in Security, Compliance, and Identity (SCI) fundamentals amongst the existing array of Microsoft services or other cloud-related services.

Who should appear for the SC-900 exam –

  • Current or fresh IT professionals
  • Active Business people 
  • Nextgen students with an inclination towards security, compliance, and identity solutions

Prerequisites for SC-900 Exam

Knowledge of Microsoft 365 and Microsoft Azure

Ability to understand the concepts and feasibility of security, compliance, and identity (SCI) within the Microsoft 365 and Microsoft Azure framework

Provision to offer end-to-end and holistic solutions.

Before going for a Microsoft SC-900 Exam you must follow all the instructions given by Microsoft.

Course Outline of SC– 900:

The syllabus of the SC-900 course exam consists of four major parts – 

SC-900 part 1: Topics covered are Security, Compliance, and Identity.

SC-900 part 2: Topics covered are Access Management and Microsoft Identity Solutions.

SC-900 part3: This part comprises Microsoft Security Solutions.

SC-900 part4: Exhaustive coverage of capabilities of Microsoft Compliance Solutions.

SC-900 Exam Course Outline

Exam details:

The student will have to attempt approximately 40-60 questions in the Microsoft SC-900 exam questions. The format of the questions is as below-

  • Choose the right answer questions.
  • Questions based on scenarios.
  • Drag-and-drop questions.
  • Mark review, drag and drop questions.
  • Questions like configuring in the right series, etc

Additional details relating to SC-900 Exam 

Microsoft has a predefined set of rules and policies that the students need to follow during the examination, especially at the exam centre and when appearing for it. 

Retake of Examination 

In case of failure in the first attempt, the student can retake the exam within 24 hours. 

In case of failure in the second attempt, the student can reappear for it after 14 days. 

Cancellation or rescheduling of exam – Microsoft allows the student to cancel the exam date or reschedule it. The student can choose to cancel the exam date six days before the scheduled date at no charge, but if the request to cancel is made five or fewer days before the scheduled date, the student has to pay the exam fee. 

Tips related to preparation for the Microsoft SC-900 Exam

It is essential to gain adequate knowledge to pass the exam on the first attempt. The various preparation options available include – 

Microsoft learning platform: It is considered to be one of the most relied upon learning platforms. The students can browse through their website to collate and learn all the relevant information and knowledge related to the SC 900 exam. 

Practice Tests: Practice tests are yet one of the preferred methods to prepare for the exam. Ideally, attempting practice tests gives a fair idea of the type of questions likely to be asked along with time management and which aspect of the exam to focus on 

Microsoft Docs: 

Microsoft Docs is also a powerhouse of knowledge simply because it is a repository that provides extensive information on all certifications and clarity in the varying scales of the exam. It also contains modules that prove helpful in understanding the concepts of SC-900.

Study Online: Students can go ahead with online training sessions offered by expert and certified Microsoft trainers. These trainers are experts in explaining the concepts of the SC 900 fundamentals thoroughly. You can even attend a demo class to experience it.

Synergetics Learning is eager to provide students with online training in SC 900 exam. All their trainers are Microsoft Certified and industry experts. They have acquired extensive teaching experience, and hence they can explain the concepts clearly with actual examples. 

How are the results of the SC 900 exam announced?

The students will get their results instantly as soon as they finish the exam. They also receive a printed report with the test score and feedback. 

Is there a numerical score for every domain?

No, the student receives a single score with either a pass status or a fail status. 

How is the score calculated?

Once the exam is complete, the system collects the points and compares them with the cut-off score to generate a pass/fail status displayed by a bar chart.

Can the student review the answers?

Yes, reviewing the answers is possible for most of the questions. However, reviewing is not feasible for yes/or no questions. There will be an alert sound in case the student tries to do so. 

What happens if a student fails?

No worries, but the student can work towards their weak points, study harder, and pay more attention to the difficult concepts. Also, the student can reappear for the exam after a gap of 24 hours.

Important Announcement:

Synergetics is conducting special series of dedicated virtual learning sessions on SC-900 certification. During these full-day sessions, attendees will be provided with the best insights from the MCTs and beyond that, we are distributing MOCs (Microsoft Official Curriculum) for no cost. There is a live practice test and based on marking criteria you will also be provided with “Exam vouchers” again for no cost. Do not miss to Register Now!

Grow your skills and advance your career with security training from Microsoft Learn

One of the most dramatic areas of technical growth today is the field of cybersecurity. According to Pearson VUE’s The Value of IT Certification, the growth forecast for the cybersecurity specialty in 2021–2022 is 405 percent. It’s no wonder that 67 percent of survey respondents said they were interested in cybersecurity training and certification.

Cybersecurity careers is the theme for this week of Cybersecurity Awareness Month. At Microsoft Learn, we offer many different pathways to help you explore the future of work in cybersecurity.

Explore free learning paths and modules to deepen your security training

Learn for free with interactive self-paced learning featuring various aspects of Microsoft security technologies. Explore these training options to master the fundamentals, deepen your technical proficiency, or start preparing for Microsoft Certification exams.

In response to the recent Executive Order on Cybersecurity, Microsoft Learn offers resources and training designed to help government learners modernize and improve the nation’s cybersecurity. In addition to highlighting specific resources available to help agencies meet key milestones in the Executive Order, you can also explore a variety of learning paths, including:

Learn about cybersecurity with a Microsoft Learning Partner

If you prefer in-depth structured learning with personal attention and you want support from technical subject matter experts, a Microsoft Learning Partner is ready to help. To get started, take a look at Find a Learning Partner.

Courses and workshops for designed for security professionals who protect their organizations against cyberattacks include:

Attend free Microsoft Virtual Training Days on security

Learn with us at free Security Virtual Training Days, which Microsoft hosts around the world to help you gain the technical skills and knowledge that you need to work securely. Regardless of your skill level, you can go to Microsoft Virtual Training Days for upcoming security training options.

Earn security certifications

Learn and earn an industry-endorsed Microsoft Certification by passing an exam that validates your skills and experience. Having a certification can distinguish you from your colleagues. The Global Knowledge 2020 IT Skills and Salary Report found that IT professionals with certifications, on average, earn more than their peers.

If you want to get started with security, explore our fundamentals certification, Microsoft Certified: Security, Compliance, and Identity Fundamentals (take Exam SC-900).

If you’re a security operations analyst who collaborates with stakeholders to secure IT systems for your organization, consider earning the Microsoft Certified: Security Operations Analyst Associate certification (take Exam SC-200). People in this role investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products.

If you’re a security engineer or an administrator with experience designing, implementing, and operating your organization’s identity and access systems by using Azure Active Directory (Azure AD), check out the Microsoft Certified: Identity and Access Administrator Associate certification (take Exam SC-300). Professionals in this role collaborate with others across the organization to drive strategic identity projects to modernize identity solutions, implement hybrid identity solutions, and implement identity governance.

If you’re an administrator, security engineer, or risk practitioner who has experience planning and implementing controls that meet an organization’s compliance needs, the Microsoft Certified: Information Protection Administrator Associate (take Exam SC-400) certification could be a great fit for you. Information protection administrators are responsible for creating policies and rules for content classification, data loss prevention, governance, and protection.

Source: https://techcommunity.microsoft.com/t5/microsoft-learn-blog/grow-your-skills-and-advance-your-career-with-security-training/ba-p/2847188