Unleash Your Middle Market Business Potential with Cloud Adoption

In today's rapidly evolving business landscape, middle market companies are increasingly recognizing the transformative power of cloud technology. A recent collaboration between The National Center for Middle Market and Google Cloud services has shed light on the advantages of cloud adoption for middle market businesses. This blog will delve into the exclusive insights from their research, highlighting the benefits of embracing Google Cloud solutions and services, with a particular focus on the expertise of cloud partner. Read on to discover how cloud adoption can revolutionize your middle market business.

Embracing the Cloud: A Game-Changer for Middle Market Businesses

Understanding the concept of cloud technology and its impact on businesses.

The role of the cloud in enabling agility, scalability, and cost efficiency.

Harnessing the power of cloud solutions to drive digital transformation.

Unveiling the Research Findings: The National Center for Middle Market and Google Cloud Collaboration

Key research findings highlighting the advantages of cloud adoption in the middle market segment.

Insights into how cloud technology enhances operational efficiency and drives growth.

Real-life success stories showcasing businesses that have reaped the benefits of Google Cloud services.

Empowering Middle Market Companies on Their Cloud Journey:

Introducing Onix as a trusted Google Cloud partner specializing in middle market solutions.

The value of working with a knowledgeable and experienced cloud partner.

Leveraging Onix's expertise to tailor Google Cloud services to the unique needs of middle market businesses.

Benefits of Cloud Technology for Middle Market Businesses:

Enhanced scalability and flexibility to adapt to changing market dynamics.

Cost optimization through pay-as-you-go models and reduced infrastructure expenses.

Increased collaboration and productivity with cloud-based communication and collaboration tools.

Overcoming Challenges: Migration and Change Management

Addressing common challenges associated with cloud migration.

Strategies for seamless transition and change management.

How Onix can provide guidance and support throughout the migration process.

The middle market segment has the opportunity to unlock its full potential by embracing cloud adoption. The exclusive insights from The National Center for Middle Market and Google Cloud research reveal that middle market businesses can leverage Google Cloud solutions to drive innovation, agility, and growth. Partnering with a trusted cloud advisor like Onix can provide the expertise and support needed to navigate the cloud journey successfully. Embrace the power of cloud technology and propel your middle market business into a new era of success with Google Cloud services.

Computing in Real Estate: How Technology is Empowering Real Estate Agents in Jamaica

Dominating the Market with Cloud Power

Explore how leveraging cloud technology can help businesses dominate the market. Learn how cloud power boosts scalability, reduces costs, enhances innovation, and provides a competitive edge in today's digital landscape. Visit now to read more: Dominating the Market with Cloud Power

Cryptomator

Cryptomator is a free, open-source tool providing multi-platform, transparent client-side encryption for your cloud files. Compatible with nearly any cloud storage service, it integrates seamlessly into your workflow, allowing you to work with files as usual. It uses robust 256-bit AES encryption for security. Additionally, it is user-friendly and requires no separate accounts, key management,…

Western Digital ULTRASTAR Data 60 720TB Ultrastar Data60 Hybrid Storage ...

Data Protection: Legal Safeguards for Your Business

In today’s digital age, data is the lifeblood of most businesses. Customer information, financial records, and intellectual property – all this valuable data resides within your systems. However, with this digital wealth comes a significant responsibility: protecting it from unauthorized access, misuse, or loss. Data breaches can have devastating consequences, damaging your reputation, incurring…

View On WordPress

URGENT: 🚨🚨EARN IT ACT IS BACK IN THE SENATE 🚨🚨 TUMBLR’S NSFW BAN HITTING THE ENTIRE INTERNET THIS SUMMER 2023

April 28, 2023

I’m so sorry for the long post but please please please pay attention and spread this

What is the EARN IT Act?

The EARN IT Act (s. 1207) has been roundly condemned by nearly every major LGBTQ+ advocacy and human rights organization in the country.

This is the third time the Senate has been trying to force this through, and I talked about it last year. It is a bill that claims "protects children and victims against CSAM" by creating an unelected and politically appointed national commission of law enforcement specialists to dictate "best practices" that websites all across the nation will be forced to follow. (Keep in mind, most websites in the world are created in the US, so this has global ramifications). These "best practices" would include killing encryption so that any law enforcement can scan and see every single message, dm, photo, cloud storage, data, and any website you have every so much as glanced at. Contrary to popular belief, no they actually can't already do that. These "best practices" also create new laws for "removing CSAM" online, leading to mass censorship of non-CSAM content like what happened to tumblr. Keep in mind that groups like NCOSE, an anti-LGBT hate group, will be allowed on this commission. If websites don't follow these best practices, they lose their Section 230 protections, leading to mass censorship either way.

Section 230 is foundational to modern online communications. It's the entire reason social media exists. It grants legal protection to users and websites, and says that websites aren't responsible for what users upload online unless it's criminal. Without Section 230, websites are at the mercy of whatever bullshit regulatory laws any and every US state passes. Imagine if Texas and Florida were allowed to say what you can and can't publish and access online. That is what will happen if EARN IT passes. (For context, Trump wanted to get rid of Section 230 because he knew it would lead to mass govt surveillance and censorship of minorities online.)

This is really not a drill. Anyone who makes or consume anything “adult” and LGBT online has to be prepared to fight Sen. Blumenthal’s EARN IT Act, brought back from the grave by a bipartisan consensus to destroy Section 230. If this bill passes, we’re going to see most, if not all, adult content and accounts removed from mainstream platforms. This will include anything related to LGBT content, including SFW fanfiction, for example. Youtube, Twitter, Reddit, Tiktok, Tumblr, all of them will be completely gutted of anything related to LGBT content, abortion healthcare, resources for victims of any type of abuse, etc. It is a right-wing fascists wet dream, which is why NCOSE is behind this bill and why another name for this bill is named in reference to NCOSE.

NCOSE used to be named Morality in Media, and has rebranded into an "anti-trafficking" organization. They are a hate group that has made millions off of being "against trafficking" while helping almost no victims and pushing for homophobic laws globally. They have successfully pushing the idea that any form of sexual expression, including talking about HEALTH, leads to sex trafficking. That's how SESTA passed. Their goal is to eliminate all sex, anything gay, and everything that goes against their idea of ‘God’ from the internet and hyper disney-fy and sanitize it. This is a highly coordinated attack on multiple fronts.

The EARN IT Act will lead to mass online censorship and surveillance. Platforms will be forced to scan their users’ communications and censor all sex-related content, including sex education, literally anything lgbt, transgender or non-binary education and support systems, aything related to abortion, and sex worker communication according to the ACLU. All this in the name of “protecting kids” and “fighting CSAM”, both of which the bill does nothing of the sort. In fact it makes fighting CSEM even harder.

EARN IT will open the way for politicians to define the category of “pornography" as they — or the lobbies that fund them — please. The same way that right-wing groups have successfully banned books about race and LGBT, are banning trans people from existing, all under the guise of protecting children from "grooming and exploitation", is how they will successfully censor the internet.

As long as state legislatures can tie in "fighting CSAM" to their bullshit laws, they can use EARN IT to censor and surveill whatever they want.

This is already a nightmare enough. But the bill also DESTROYS ENCRYPTION, you know, the thing protecting literally anyone or any govt entity from going into your private messages and emails and anything on your devices and spying on you.

This bill is going to finish what FOSTA/SESTA started. And that should terrify you.

Senator Blumenthal (Same guy who said ‘Facebook should ban finsta’) pushed this bill all of 2020, literally every activist (There were more than half a million signatures on this site opposing this act!) pushed hard to stop this bill. Now he brings it back, doesn’t show the text of the bill until hours later, and it’s WORSE. Instead of fixing literally anything in the bill that might actually protect kids online, Bluemnthal is hoping to fast track this and shove it through, hoping to get little media attention other than propaganda of “protecting kids” to support this shitty legislation that will harm kids. Blumental doesn't care about protecting anyone, and only wants his name in headlines.

It will make CSAM much much worse.

One of the many reasons this bill is so dangerous: It totally misunderstands how Section 230 works, and in doing so (as with FOSTA) it is likely to make the very real problem of CSAM worse, not better. Section 230 gives companies the flexibility to try different approaches to dealing with various content moderation challenges. It allows for greater and greater experimentation and adjustments as they learn what works – without fear of liability for any “failure.” Removing Section 230 protections does the opposite. It says if you do anything, you may face crippling legal liability. This actually makes companies less willing to do anything that involves trying to seek out, take down, and report CSAM because of the greatly increased liability that comes with admitting that there is CSAM on your platform to search for and deal with. This liability would allow anyone for any reason to sue any platform they want, suing smaller ones out of existence. Look at what is happening right now with book bans across the nation with far right groups. This is going to happen to the internet if this bill passes.

(Remember, the state department released a report in December 2021 recommending that the government crack down on “obscenity” as hard the Reagan Administration did. If this bill passes, it could easily go way beyond shit red states are currently trying. It is a goldmine for the fascist right that is currently in the middle of banning every book that talks about race and sexuality across the US.)

The reason these bills keep showing up is because there is this false lie spread by organizations like NCOSE that platforms do nothing about CSEM online. However, platforms are already liable for child sexual exploitation under federal law. Tech companies sent more than 45 million+ instances of CSAM to the DOJ in 2019 alone, most of which they declined to investigate. This shows that platforms are actually doing everything in their power already to stop CSEM by following already existing laws. The Earn It Act includes zero resources for proven investigation or prevention programs. If Senator Bluementhal actually cared about protecting youth, why wouldn’t he include anything to actually protect them in his shitty horrible bill? EARN IT is actually likely to make prosecuting child molesters more difficult since evidence collected this way likely violates the Fourth Amendment and would be inadmissible in court.

I don’t know why so many Senators are eager to cosponsor the “make child pornography worse” bill, but here we are.

HOW TO FIGHT BACK

EARN IT Act was introduced just two weeks ago and is already being fast-tracked. It will be marked up the week of May 1st and head to the Senate floor immediately after. If there is no loud and consistent opposition, it will be law by JUNE! Most bills never go to markup, so this means they are putting pressure to move this through. There are already 20 co-sponsors, a fifth of the entire Senate. This is an uphill battle and it is very much all hands on deck.

CALL YOUR REPRESENTATIVES.

This website takes you to your Senator / House members contact info. EMAIL, MESSAGE, SEND LETTERS, CALL CALL CALL CALL CALL. Calling is the BEST way to get a message through. Get your family and friends to send calls too. This is literally the end of free speech online.

(202) 224-3121 connects you to the congressional hotline. Here is a call script if you don't know what to say. Call them every day. Even on the weekends, leaving voicemails are fine.

2. Sign these petitions!

Link to Petition 1

Link to Petition 2

3. SPREAD THE WORD ONLINE

If you have any social media, spread this online. One of the best ways we fought back against this last year was MASSIVE spread online. Tiktok, reddit, twitter, discord, whatever means you have at least mention it. We could see most social media die out by this fall if we don't fight back.

Here is a linktree with more information on this bill including a masterpost of articles, the links to petitions, and the call script.

DISCORD LINK IF YOU WANT TO HELP FIGHT IT

TLDR: The EARN IT Act will lead to online censorship of any and all adult & lgbt content across the entire internet, open the floodgates to mass surveillance the likes which we haven’t seen before, lead to much more CSEM being distributed online, and destroy encryption. Call 202-224-3121 to connect to your house and senate representative and tell them to VOTE NO on this bill that does not protect anyone and harms everyone.

Cloud Based Storage - 2023, Q1 Quarterly Cost Report

Introduction

The cloud storage pricing report is a quarterly cost report comparison of cloud storage across multiple providers and tiers. The purpose of this report is to provide the reader with deeper insights into how cloud providers charge for storage while enabling end users to make better decisions when selecting a cloud provider and tier that matches their data and usage scenario.

Currently, the following cloud storage options are analyzed in this report:

The DNAfabric Cost Calculator

We utilize the “DNAfabric Cost Calculator” to contrast and compare multiple cloud providers and tiers. The DNAfabric cost calculator is a free tool that helps users build and compare cost models across multiple providers and tiers of storage.

For the purposes of this report, we rely on the cost calculator tool to build models across user data type, access scenarios, and cloud storage options.

The DNAfabric cost calculator tool is free to use.

DNAfabric: The Unstructured Data Management Platform

Along with the cost calculator, DNAfabric is a cloud-optimized, unstructured data management platform that offers multiple unstructured data management services. These services range from backup, archive, verification and synchronization services.

More information about DNAfabric.

Understanding The Cost Comparisons Below

Variables Used In Computing Cost

For the purposes of this report, we have taken a few different variables into account. While many more variables affect cloud price, the following three have the largest impact:

Type of data (Small vs Large Files): Small files result in far more API calls and IOs to be performed. This means that the same amount of data in GB will cost more if the file sizes are smaller. Hence it is important to consider file size when we are predicting cloud costs.

Data access frequency (Hot vs Cold Data): Cloud storage data access frequency refers to the rate at which data stored in a cloud storage service is accessed or retrieved by users or applications. Factors that can impact data access frequency include the number of users accessing the data, the types of applications and workloads using the data, and the overall performance of the cloud storage service itself.

Data egress (In-Cloud vs Out-of-Cloud): Cloud storage data egress refers to the transfer of data out of a cloud storage service to a different location or system. This can include data being downloaded to a local device or system, data being transferred to another cloud storage service or to a different network location, or data being backed up to an external storage system. Data egress can be a significant factor in the cost of using a cloud storage service, as many providers charge for data transferred out of their service.

Cloud Pricing Comparison

1. Large Files, Hot Access, In-Cloud/No Egress

In this section, we compare a 1 PB dataset consisting of large files (average size 1 GB) for hot data access (75% access/month)

Data is assumed to be accessed within the cloud, essentially negating the egress costs across all providers. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 1 GB – Total Time: 12 months

2. Large Files, Hot Access, Out-of-Cloud/With Egress

In this section, we compare a 1 PB dataset consisting of large files (average size 1 GB) for hot data access (75% access/month).

Data is assumed to be accessed outside the cloud e.g. on-premise thus requiring an egress. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 1 GB – Total Time: 12 months

3. Large Files, Cold Access, In-Cloud/No Egress

In this section, we compare a 1 PB dataset consisting of large files (average size 1 GB) for hot data access (10% access/month).

Data is assumed to be accessed within the cloud essentially negating the egress costs across all providers NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 1 GB – Total Time: 12 months

4. Large Files, Cool Access, Out-of-Cloud/With Egress

In this section, we compare a 1 PB dataset consisting of large files (average size 1 GB) for hot data access (10% access/month).

Data is assumed to be accessed outside the cloud e.g. on-premise thus requiring an egress. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 1 GB – Total Time: 12 months

5. Small Files, Hot Access, In-Cloud/No Egress

In this section, we compare a 1 PB dataset consisting of small files (average size 10 MB) for hot data access (75% access/month).

Data is assumed to be accessed within the cloud essentially negating the egress costs across all providers. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 10 MB – Total Time: 12 months

6. Small Files, Hot Access, Out-of-Cloud/With Egress

In this section, we compare a 1 PB dataset consisting of small files (average size 10 MB) for hot data access (75% access/month).

Data is assumed to be accessed outside the cloud e.g. on-premise thus requiring an egress. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 10 MB – Total Time: 12 months

7. Small Files, Cool Access, In-Cloud/No Egress

In this section, we compare a 1 PB dataset consisting of small files (average size 10 MB) for hot data access (10% access/month).

Data is assumed to be accessed within the cloud essentially negating the egress costs across all providers. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 10 MB – Total Time: 12 months

8. Small Files, Cool Access, Out-of-Cloud/With Egress

In this section, we compare a 1 PB dataset consisting of small files (average size 10 MB) for hot data access (10% access/month).

Data is assumed to be accessed outside the cloud e.g. on-premise thus requiring an egress. NOTE: *Access costs (where applicable) are still computed. [Access costs are a separate cost to egress costs charged by some providers. Refer to the Cost Calculator for more details.]

Inputs used for the DNAfabric Cost Calculator:

– 1 PB – Avg File Size: 10 MB – Total Time: 12 months

Kindly take a break from scrolling to read this, it's important.

Take your time to grieve and come to terms with the election results, but once you've done that, it's time to get to work. We have two months. And a lot to do in that time. We have to prepare, to be ready.

Be careful about what you post or say online. Anything potentially incriminating should be avoided. Threatening language, even if clearly a joke, can be used against you.

Know someone who's trans? Someone who's had an abortion? Someone who's LGBTQIA+? Someone who's an immigrant? Someone who attends protests? Someone who's disabled? Someone who might in any way be at risk due to laws being put into place? No you don't.

Move away from social media platforms and browsers that require you to use your real identity or input a large amount of personal information. Now's a good time to find alternate means of communicating online. Tails, Element, Tor, Mastodon, Firefox, and Lemmy are all decent options.

Find a community. Someone you can talk to, either online or in real life, that you'll have reliable contact with. We need to try and create a network, but one that's as anonymous as possible.

Start scrubbing your trail as much as possible. Get rid of old accounts that can still be traced to you but are no longer used, delete personal data off the internet. There are websites out there that will freely remove your data from the internet, but be careful about which one you use, make sure it's safe and legitimate first.

Change any usernames that you can that contain any personal information. Names, birthdays, anything.

Plan B has a four year shelf life. Stock up, but don't take more than you you'll need. We don't want a COVID repeat where everyone buys an excessive amount of things and leaves none for everybody else.

There are doctors that will sterilize you, if that's the way you want to go.

Stop using online period trackers right now. Delete all data from it if possible first, then delete the app itself. If you must, write it down, but in a subtle manner and on something you keep at home. Don't label it, just put the dates. If you're really worried, discard older records and only keep the most recent few, and label the dates as other random events, like "go to mall" or "chicken salad for dinner this night"

Get your vaccines now.

Save money.

Archive. We have to start collecting records, media, data, books, and articles now. On racism, on fascism, on homophobia, on gender, on self-reliance, on survival, on safe travels routes, on equality, on justice, on anything that may be useful and/or censored soon. We can't let them erase it.

Collect those online resources. Bookmark them, copy files into your storage, Screenshot pages. Create a decentralized library where everyone is working to be part of a whole, storing what they can individually and sharing it between one another. Again, be careful about doing this.

Second-hand bookstores are your best friend. Books are usually very cheap in them, and they often have a decent stock. See what you can find.

When buying ANYTHING I have mentioned above, or anything else that maybe put you in danger, try to use cash to reduce your spending trail.

Check your car information online, many newer models can be remotely tracked.

Turn your phone completely off if you may be at risk due to your location and current activities. Turning off your GPS also helps.

Take note of where you are. Who are your friends? Who's a safe person? Where can you go besides your own home that you know you'll be safe? Establish these connections now.

Who around you is not safe? Who and where do you need to avoid? Do you need to move? If you cannot afford moving but need to, there are fundraisers that can help you. If even that is not an option, at least try to make sure your home is secure. Have someone who can help you. Have a fallback safe place.

And finally, I want anyone with resources to put them in the replies. Flood it with useful links, information, tips, anything. We're in this together. Do not panic. Organize.

EDIT: Please be civil in the replies.

Nodes and clusters are two of the most important components of distributed computing by cloud solutions provider. Nodes are individual computers that are connected to a network, while clusters are groups of interconnected nodes that work together to complete a task. Both nodes and clusters can be used for computing tasks such as data processing, storage, and analysis. 

Unclaimed assets often happen when families are unaware of a deceased person's investments or assets due to a lack of communication or a missing will/estate plan. It's vital to keep financial information up-to-date and communicate with family members to prevent assets from going unclaimed.

Getting Started with Google Cloud Hands-on Labs: An Introduction

Google Cloud Hands-on Labs is a platform that provides a hands-on experience with Google Cloud technologies. The platform offers a range of labs that cover different aspects of Google Cloud, from basics to more advanced topics. Whether you are new to Google Cloud or an experienced user, there is something for everyone on Google Cloud Hands-on Labs.

The platform provides a safe and isolated environment for users to experiment and test Google Cloud technologies without the risk of affecting their own systems or data. Labs are designed to be self-paced and can be completed in less than an hour, making it easy for users to quickly learn about Google Cloud technologies and how they can be applied in real-world scenarios.

One of the key benefits of Google Cloud Hands-on Labs is that it provides an interactive learning experience. Users can follow step-by-step instructions to set up and configure Google Cloud services and see the results of their actions in real-time. This hands-on approach to learning helps users understand the concepts behind Google Cloud technologies and how they can be applied in practice.

Google Cloud Hands-on Labs is a valuable resource for anyone looking to get started with Google Cloud, whether they are a developer, system administrator, or data scientist. The platform provides a wide range of labs that cover topics such as computing, storage, databases, security, and machine learning.

In conclusion, Google Cloud Hands-on Labs is a platform that provides a hands-on experience with Google Cloud technologies. It is designed to be easy to use, interactive, and self-paced, making it an ideal resource for anyone looking to learn about Google Cloud. Whether you are new to Google Cloud or an experienced user, Google Cloud Hands-on Labs is a great place to start exploring the power of Google Cloud.

Mobile Backend as a Service (MBaaS): A Comprehensive Guide 2023-2024

Explore this blog and know about how to work mobiile backaens as service 2023-2024.

Why should you choose MBaaS for app development? In this blog, we have covered all the technical aspects of MBaaS including its features, functionalities, and benefits, along with some interesting statistics. To make it easier, we have also added a list of top-MBaaS service providers.  https://haripatel.me/mobile-backend-as-a-service-guide-2023-2024/

[Azure DataLake] Métodos para dar acceso

Hay muchos artículos que hablan sobre la creación de una plataforma unificada de datos, donde equipos de Analítica (bajo diferentes nombres) arman un data lake con ETLs y procesos de ingesta tomando datos de múltiples fuentes de información, almacenando y organizando datos para alimentar modelos de Business Intelligence, Data Science, Machine Learning, y otras ramas relacionadas de la analítica.

En este proceso de crecimiento, tanto en volumen como en fuentes de datos a considerar, siempre llega el momento en el que hay que compartir datos que tenemos en nuestro data lake con personas/equipos que desean usarlos y accederlos, externos al equipo que desarrollo la ingesta y transformación de datos. Este es un punto que muchos saben que eventualmente habrá que hacer, pero como no es vital al comienzo de un proyecto entonces se saltea (la conocida “deuda técnica”) y luego cuando aparece la necesidad, ¡estamos en un apuro por resolverlo! En este articulo voy a mostrar algunas de las opciones que tenemos para dar este tipo de permisos sin que esto sea un peligro para todo el trabajo que venimos realizando.

1- Azure Data Share

La primera opción que vamos a ver es Azure Data Share. Este recurso (distinto al data lake), nos va a permitir compartir snapshots de determinadas carpetas dentro de nuestro data lake. Esta opción es práctica pero tiene varias desventajas, la principal es que estamos replicando datos fuera de nuestro data lake (quien recibe el Data Share, debe mapear el snapshot a su propio data lake), esto da pie a que haya diferentes “versiones” de los datos y quien desee consultarlos no estará usando los datos actualizados, además de estar pagando por almacenamiento que no debería con otras opciones.

2- SFTP

¡La segunda opción que veremos es más directa que la anterior! El único requisito es que nuestro data lake debe tener activada la jerarquía de carpetas (Hierarchical Namespace en un Data lake Storage Gen2). Si tenemos eso deberíamos ver la opción en el portal para activar SFTP (preview por ahora). Esta opción nos permitirá levantar un servidor SFTP (ssh file transfer protocol) que leerá directamente desde nuestro data lake. La configuración es bastante sencilla, simplemente se crea un usuario (local al FTP, no será parte del Active Directory), se selecciona el contenedor que queremos compartir y los permisos (el mínimo sería READ y LIST). ¿Desventajas de este método? El permiso elegido en el FTP será independiente de la configuración de permisos RBAC, ABAC o ACLs que tengamos dispuesto en nuestro data lake, y los permisos rigen para todo el contenedor, no solo una carpeta. Otras desventajas son: esta opción no permite que el usuario lea directamente el data lake como otras opciones, y este servidor SFTP no es accesible por Data Factory (por ahora, ojalá cambie esto en un futuro).

Muchos clientes son capaces de conectarse a un servidor SFTP como si se tratase de una “carpeta remota” para descargar o subir archivos, de modo que es una opción practica para compartir datos con usuarios de todo tipo (negocio o técnicos). Los clientes clásicos para windows son WinSCP o FileZilla, pero ¡hay muchos más! (ni hablar para linux)

3- SAS

El tercer método que veremos para conectarnos es mediante un SAS (Shared Access Signature) y este sí que nos permitirá conectarnos y leer directamente el data lake desde cualquier software que pueda hacerlo (por ejemplo, código Python, desde Databricks, u otros servicios de Azure como Data Factory). Un SAS es básicamente una cadena de conexión, generada a partir de las Access Keys del lake, que permite que nos conectemos al data lake con determinados permisos que son elegidos al momento de crear esta SAS. Crear un SAS es muy sencillo, vamos a la opción homónima en el portal de Azure, elegimos que servicio deseamos habilitar (por lo general Blob), completamos las siguientes opciones según nuestras necesidades y finalmente damos click en Generar. La desventaja de este método es que los permisos que definamos valen para TODO el data lake, no solo para un contenedor o una carpeta, por lo que es fácil caer en dar demasiados permisos con este método. Arreglarlo es sencillo, ya que como los SAS son creados a partir de las Access Keys, renovando estas últimas todos los SAS que la utilizaron quedaran sin efecto.

Desde el explorer del lake, podemos generar SAS para una carpeta o archivo especifico, con lo que ganaremos mucho en seguridad sobre el método de creación de SAS anterior. Les dejo una imagen, no es para nada complicado, simplemente navegamos hasta la carpeta que queremos y damos click con el botón derecho:

Recordemos que los permisos mínimos para poder conectarnos y ver que archivos hay dentro de la carpeta son READ (obvio) y LIST. Este último es fácil de olvidar, pero si no lo agregamos el SAS podrá leer los archivos solo si le indicamos el nombre y la ruta exactos del archivo que queremos leer.

4- Service principal

El cuarto método que veremos para conectarnos es mediante un Service Principal. Esto es crear un usuario de servicio (App Registration) y luego asignarle los permisos necesarios para conectarse y leer el data lake. Este método es el recomendado por ser el más seguro de todos, ya que podemos definir los permisos de este usuario como lo haríamos con cualquier otro, mediante RBAC, ACL o el nuevo ABAC. 

SPOILER: Si no sabes que significan estas siglas, atentos porque habrá un artículo sobre esto próximamente. 

Básicamente, este método es el único mediante el cual tendremos un control más granular sobre los permisos que estamos dando dentro de nuestro data lake.

5- Autorizar usuario AD - ¡NO recomendada!

Este método es prácticamente igual al anterior, solo que en lugar de autorizar un Service Principal, lo haremos con un usuario de AD. La razón por la que no es recomendado hacer esto es porque no ofrece ninguna ventaja sobre hacerlo con un Service Principal y compartir sus credenciales (secret key o certificado). Además, como regla general y buena práctica, ningún proceso automatizado debería estar autenticándose con un usuario de AD.

Con esto concluye el artículo, por supuesto que ¡estas opciones no son todas las disponibles! Siempre hay muchas formas de lograr el mismo resultado, y decidí dejar afuera los requisitos específicos de algunos recursos como Synapse por ejemplo, que requiere que asignemos permisos RBAC al MSI del workspace, pero eso puede ser tema para otro post 😊

¡Espero que les sea de ayuda! Nos vemos en la próxima.

Escrito por Martin Zurita