The Register Columnists

Dave Cartwright

Contact Mail Follow Twitter RSS feed
Dave Cartwright has worked in most aspects of IT in his 20-year-or-so career, though the things he claims to be quite good at are strategy, architecture, integration and making broken stuff become unbroken. His main pastime is shouting at people who try to install technology without considering whether it actually fits the business or the requirement. Dave is a Chartered Engineer, Chartered IT Professional and Fellow of the BCS, and lives with his family on a small rock in the English Channel.
Heartbeat graph

Graphite core? There are other ways to monitor your operation's heart

The BBC and NHS epitomise enterprise: the BBC has 23,000 staff while the NHS is one of the world's largest employers, with 1.4 million. Their IT estate is vast and central to the delivery of their services. The BBC's iPlayer is on the front line in a world of on-demand TV defined by Netflix, and among its layered infrastructure …
Dave Cartwright, 13 Apr 2017
business meeting, debate over data. Photo by shutterstock

The 'data driven enterprise' is actually just the enterprise

Many, many moons ago – OK, more than 25 years ago – I studied computing science at university. Yet there are still many instances in my modern life where I find myself thinking back to something I was taught in the 1980s. One recent example was a flurry of conversations and articles about the “data driven” enterprise. Back in …
Dave Cartwright, 27 Mar 2017
Layered clothing for warmth, photo by Shutterstock

Defence in Depth: A 'layered' strategy can repel cold attackers

The principle of Defence in Depth (“DiD”), says OWASP, is that “layered security mechanisms increase security of the system as a whole”. That is, if one layer of protection is breached, there’s still the opportunity for the attack to be fended off by one or more of the other layers. If anyone’s ever drawn something that looks …
Dave Cartwright, 23 Mar 2017
Pop art style illustration of man exclaiming "WHAT?" in shock/horror/bemusement. Illustration via Shutterstock

Surprise! Thanks to the cloud, you've got a hybrid infrastructure

Hybrid IT infrastructures are rapidly becoming the norm. Even if there isn’t a conscious decision to adopt a hybrid of on-premises/cloud networks and servers (for instance, on-premises servers replicating near-real-time to failover partners in the cloud), the adoption of cloud apps is making many setups hybrid by default, even …
Dave Cartwright, 22 Mar 2017
Zombies photo via Shutterstock

Zombie webcams? Pah! It's the really BIG 'Things' that scare me

I have a new name for the abundance of widgets springing up around the world: the Internet of Little Things. I’m playing with an IoLT starter kit in my office right now, and it lets me do things like sense when doors open or close, turn sockets on and off and fiddle with the mood lighting. I can spend a couple of hundred quid …
Dave Cartwright, 15 Mar 2017
Clone army star wars

Clone it? Sure. Beat it? Maybe. Why not build your own AWS?

You can't move without IT companies telling you about the "amazing" new technologies and features they've just launched, how you can't live without them, and what a shock it is that you've managed all these years before they were developed. And of course the bigger the company, the more new stuff they tend to pump out and the …
Dave Cartwright, 22 Feb 2017
This Damn War image via Shutterstock

Fire alarm sparked data centre meltdown emergency

This Damn War Fire alarm tests are a good idea; you generally want the warm feeling that when something decides to combust, you'll be able to tell people about it with a loud ringing or wailing noise. I used to run what you might consider a traditional machine room. We had a pile of ageing Sun kit – socking big CPU units and cabinets full …
Dave Cartwright, 10 Nov 2016

Data integrity and failover in the hybrid cloud

Discussions of information security tend to revolve around keeping confidential information confidential: preventing intruders from compromising the protection of the systems and gaining access to data they're not entitled to see. But there's more to security than just keeping information secret: it's a three-pronged concept. …
Dave Cartwright, 19 Oct 2016
spies_648

Adding trendy tech SIEM to a hybrid computing setup

As I write this, Security Information and Event Monitoring is considered rather hip and cool. Everyone's talking about it, and the vendors of SIEM software are promoting the life out of it. The thought process that prompts consideration of SIEM is: “No matter what I do to protect myself, an attack is possible so I need to pre- …
Dave Cartwright, 14 Oct 2016
Office 365, photo by dennizn via Shutterstock

Securing Office 365? There's always more you can do

Wherever you look there's yet another SME or enterprise migrating to Office 365. This says a lot for the attractiveness of cloud-based office suites, and perhaps it also says something about the attractiveness of letting someone else look after one's SharePoint and Exchange servers rather than having to fight with their …

How does a hybrid infrastructure fit my accreditations?

Security-related certifications such as ISO 27001 and, more particularly, the Payment Card Industry Data Security Standard (PCI-DSS), have stringent requirements regarding the controls on infrastructure, how data is routed and stored around it, and so on. Particularly in the cloud components of a hybrid setup, the control you …
Businessman makes A-OK sign. Photo by Shutterstock

Avoid the dreaded auditor's smirk: Smart policies and procedures for the hybrid cloud

When you get to a certain age, and you've been in the IT industry for enough years, you start to get an idea of what auditors are looking for when they descend on you and ask you pointed questions about your systems. And I don't just mean security auditors: if your company has an annual financial audit the team which comes to …
Man sloppily eats a hamburger... chips and pickle fall out. Photo by Shutterstock

WAN, bam, thank you... oh @£$%. We've gone dead. Drop the burger. RUUUUUN!

This Damn War This Damn War image via Shutterstock Big, global WAN roll-outs have their hazards. Size is one of them, but you can deal with this with effective project planning and management. Complexity is another, but combining design and a team of highly effective and competent engineers can address that one too. And of course there …
Dave Cartwright, 28 Sep 2016

Reg Programming Compo: 22 countries, 137 entries and... wow – loads of Python

Roundup Our latest programming competition was our most popular yet in terms of the number of entries – 137 in all once we'd de-duplicated them. The judges were intrigued to see just how popular Python is these days: nearly half (a smidge over 48 per cent) of the entries used this as the language of choice, with Java the next most …
Dave Cartwright, 21 Sep 2016

Hybrid infrastructure: You did it. You switched over. Now lock it down. Yes, really

Hybrid infrastructures – where you combine on-premise equipment with systems that sit in a public cloud installation – have their own particular foibles when it comes to management. It's really not so hard, though – here are 10 things to think about when you're looking at the security aspects of managing your hybrid world. …
Dave Cartwright, 19 Sep 2016
A US police officer smiles while standing in front of her patrol car. Photo by Shutterstock

Your colleagues will lie to you: An enterprise architect's life

Enterprise Architects … well, among other things they design and build corporate infrastructures. It's very easy, though, for these highly technical masters of electronic wizardry to concentrate on making the technology work at the expense of the more tedious corporate governance stuff. Here are my favourite five things that …
Dave Cartwright, 10 Aug 2016
People fight in cartoon cloud. photo by Shutterstock

Hybrid cloud: Deciding the right mix for your workloads

Blog Anyone who's read much of what I write for The Reg will know that I'm a believer in hybrid cloud – using the cloud for some elements of your world whilst retaining components on-premises too. But precisely which elements? We'll look at how you might decide what belongs where: on-premises, in the private cloud, or in the public …
Two execs in a server room. Has to have happened some time heh. Photo by Shutterstock

No supercomputer cash? Time for a systems squeeze

Many companies have, understandably, a burning desire to learn things from their data. There's a cost and this manifests itself in one – or, frequently both – of two forms: money and time. Big data equals big storage and big processing power, and both of those equate to a financial cost. (And yes, we could go into the idea of …
Hand holds green tea and sweetpotato soft serve ice cream cone. Looks delicious if you didn't know about the flavours though. Photo by Shutterstock

Bimodal IT: Let the backlash begin

Gartner defines Bimodal IT as: “the practice of managing two separate, coherent modes of IT delivery, one focused on stability and the other on agility. Mode 1 is traditional and sequential, emphasizing safety and accuracy. Mode 2 is exploratory and nonlinear, emphasizing agility and speed”. I find myself more than a little …
Angry man on laptop. Illustration via Shutterstock

Sealed with an XSS: Popular vulnerabilities probed

If we have internet-facing web servers (and other types of server, for that matter) we care about how vulnerable they are to attack. There are loads of services out there that you can use to probe your public-facing systems, and they'll tell you loads of useful stuff about why they might be vulnerable. But of course they're only …
An eraser

OK, we've got your data. But we really want to delete it ASAP

Storage is a big deal for IT people and beancounters alike. For the IT team the story is pretty consistent: there's never quite enough, and the users seem to eat it up and an amazing rate. For the finance team it's a seemingly endless queue of IT people asking for funds for yet more storage because the rate of growth in stored …
Colleague high fives in the office. Photo by Shutterstock

Why Big Business is usually last to the party

Big businesses tend to be exceptionally risk averse. There's a general reluctance to adopt new, bleeding-edge technology because the priority – understandably – is to be able to maintain productivity. Small companies can live with the occasional glitch in systems – a couple of dozen people without email for a couple of hours …
Dave Cartwright, 29 Jul 2016

Hybrid Cloud: The new IT service platform?

So. Hybrid cloud. Let's start with a quick definition, courtesy in this case of TechTarget which describes it as: “a cloud computing environment which uses a mixture of on-premises, private cloud and third-party, public cloud services with orchestration between the two platforms”. I like this particular definition as it sums it …
Dave Cartwright, 28 Jul 2016
wrecked cargo ship abandoned on sea bay. pHOTO BY shUTTERSTOCK

Hyperconvergence: Designing for failure

Hyperconvergence is one of those relatively new names for something that many of us having been doing for years: consolidating sprawling infrastructures into tight, largely virtualized setups that vastly reduce the number of devices one has to manage (not to mention the number of things to spend maintenance fees on, and the …
Dave Cartwright, 28 Jul 2016

How to make the move from ISDN to SIP

ISDN is fast becoming a technology of the past. Today's telcos have networks that bypass traditional telephony signalling technologies for IP networks: the hardest thing they do is present a “legacy” connection such as an analogue line or an ISDN connection to a customer, as layering a non-IP service on an IP network is non- …
Dave Cartwright, 25 Jul 2016

Biting the hand that feeds IT © 1998–2018