Tagged: 上海品茶夜网

28
Sep
2020

Damen to Open Service Hub in Novorossiysk

first_imgDamen Shipyards Group plans to establish a service hub in the Russian port of Novorossiysk as it has signed a letter of intent (LOI) with Delo Group of companies.The LOI was inked during the NEVA 2017 trade fair in Saint Petersburg, Russia. Under the terms of the agreement, the cooperation between the duo regarding the new service hub will commence before the end of 2017.As explained, the primary aim of the service hub will be to optimize services provided to the growing number of Damen vessels operating in the Black Sea area. Currently, more than 30 vessels that Damen built are operating in the region. This is set to increase in the coming months as Delo Services will take delivery of three Damen tugs in November. In addition, the handover of the fourth tug is scheduled for 2018.“Having a service hub here will allow Damen to react very quickly to any service or maintenance issues, by which Damen ship owners can increase the uptime of their vessels. Moreover, an ongoing service programme can also lengthen the entire lifetime of a vessel while reducing the total cost of ownership,” Damen said.In addition to providing service support to vessels in the area, the new service hub will also have relevance to operations at Aleksino Port Marina Shipyard, according to Damen.Part of DeloPorts, Aleksino Port Marina Shipyard is a ship repair facility located in the Port of Novorossiysk, on the north-eastern coast of the Black Sea.last_img read more

18
Sep
2020

The Latest: Conference Carolinas moves fall season to spring

first_img Associated Press August 15, 2020 The Latest: Conference Carolinas moves fall season to spring Richard Childress Racing says Dillon tested positive Saturday morning. He is now self-quarantining away from the team. His wife and son remain healthy and symptom-free, the team added. Kaz Grala will drive the No. 3 Chevrolet at Daytona. Dillon is the third Cup Series drive to test positive for the coronavirus, joining seven-time champion Jimmie Johnson and part-timer Brendan Gaughan. ___More AP sports: https://apnews.com/apf-sports and https://twitter.com/AP_Sportscenter_img The league’s board of directors announced the decision Saturday. The conference is made up of 11 schools spread throughout Georgia, North Carolina, South Carolina and Tennessee. The move affects men’s and women’s cross country, men’s and women’s soccer and volleyball. Schedules for those sports will be reduced so those athletes don’t lose a year of eligibility, under NCAA guidelines. The league said in July it intended to go through with fall sports. But commissioner Chris Colvin said the COVID-19 situation “evolved to the point where this decision had to be made.”—NASCAR driver Austin Dillon has tested positive for COVID-19 and will not compete in Sunday’s Cup Series race at Daytona International Speedway’s road course. Share This StoryFacebookTwitteremailPrintLinkedinRedditThe Latest on the effects of the coronavirus outbreak on sports around the world:___The NCAA Division II Conference Carolinas has pushed its fall sports competitions to the spring due to the ongoing coronavirus pandemic. last_img read more

21
Dec
2019

The world’s greatest ABBA show coming to Letterkenny

first_imgThe ARRIVAL tribute show comes to the Mount Errigal Hotel Letterkenny on Friday 7th February 2020.ARRIVAL from Sweden, featuring original ABBA musicians, promises to be the most authentic ABBA show ever!A one day discounted pre-sale begins on Friday 15th November at 9am. Tickets: £23 – €25 (Eventbrite only) General sale begins on Saturday 16th November from 9am. Tickets: £26 – €29.50 (Hotel reception, Ticketmaster.ie and Eventbrite)Ever since their breakthrough with ‘Waterloo’ back in 1974, ABBA’s music has captured the hearts of people all over the world.The 14 piece band ARRIVAL from Sweden brings this huge production THE MUSIC OF ABBA, featuring ABBA original musician Mike Watson on notable tracks such as SOS, Mamma Mia, If It Wasn’t For The Nights, The Winner Takes It All. Having performed over 70 tours in the USA since 2005, tours and concerts in almost 70 countries since 1995. ARRIVAL from Sweden have performed with over 100 symphony orchestras world-wide since 2007 and are also selling out arenas seated up to 50 000 people.This amazing production, at the Mount Errigal Hotel on 7th February 2020, features hit after hit including Waterloo, SOS, Mamma Mia, Dancing Queen and many more. This is the closest you will ever get to ABBA!Tickets on sale from Saturday 16th November from Ticketmaster.ie. Eventbrite and Hotel ReceptionA one day discounted pre-sale begins on Friday 15th November at 9am. Tickets: £23 – €25 (Eventbrite only)For more information follow Joe Gallagher Entertainments on FacebookThe world’s greatest ABBA show coming to Letterkenny was last modified: November 14th, 2019 by Staff WriterShare this:Click to share on Facebook (Opens in new window)Click to share on Twitter (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on Telegram (Opens in new window)Click to share on WhatsApp (Opens in new window)Click to share on Skype (Opens in new window)Click to print (Opens in new window) Tags:Abbamount errigaltribute showlast_img read more

19
Dec
2019

It’s Hard to Break a Bone

first_imgPeople wearing a cast right now may not feel comfortable, but should be thankful it’s hard to break a bone.  Scientists at Max Planck Institute discovered “a novel construction principle at the nanoscale which prevents bones from breaking at excessive force,” making them “nearly unbreakable.”  Because of the way the rigid components of bone tissue are arranged in a hierarchical structure, the ability for bones to deform and absorb strain far exceeds the ability of the components themselves.    There was no mention of evolution in the press release, but there was mention of “natural design principles.”  The scientists also thought bone design could be utilized by engineers:The natural design principles quantitatively observed here in bone – hierarchical deformation, matrix sensitivity, and nanoscale strengthening – may provide guidelines for the development of bio-inspired and new nanocomposite materials as well.  Furthermore it may help bone biologists to understand how a molecular level change can cause whole bones to become more prone to fracture in diseases like osteoporosis.The press release is based on a paper by Gupta et al in PNAS,1 “Cooperative deformation of mineral and collagen in bone at the nanoscale.”  There was no mention of evolution there, either.  They ended,We believe that the effective load sharing mechanism between mineral and collagen may result in damage shielding, which prevents the fibrils from being exposed to excessive strains.  The hierarchy of deformation mechanisms observed in bone may guide us in designing new strong nanocomposite materials.1Gupta et al, “Cooperative deformation of mineral and collagen in bone at the nanoscale” Proceedings of the National Academy of Sciences USA, 10.1073/pnas.0604237103, published online before print November 9, 2006.“Natural design principles.”  Interesting phrase.  It has the D word, but is nondescript enough to avoid tripping red alarms on the NCSE radar.  Maybe they need to tighten their algorithms.  If a paper mentions design but not evolution, alert the ACLU.    The theory of intelligent design states that certain features of the natural world are best explained as the result of intelligent causes, rather than as the result of undirected natural causes.  How could you get a hierarchically arranged system by undirected natural causes?  Suppose there was deformation at the nanoscale, but not at the millimeter or centimeter scale.  Bones would not be nearly as resistant to breakage.  How many fish and amphibians had to die of broken bones before all the levels of the hierarchy arrived independently at their own optimum design principle?  Remember, evolution does not allow for coordinated effects toward a common design goal.  Do an experiment: try the Random Mutation Generator simultaneously at the letter, word, sentence, paragraph, page and chapter levels independently, and see if you get a meaningful book.    This article illustrates again that science would get on just fine without Darwinism.  The authors had no need of that hypothesis.  They would have done the same experiments with the same equipment, drawn the same charts and graphs, and reached the same conclusions had they been working explicitly on the basis of intelligent design.  Tacking on a Darwinian tale about how bones got this way would have been useless and pointless – a mere wishbone.  Thinking “design” at the outset, by contrast, would have motivated them to expect to see design, and to find it.  Furthermore, it would have stimulated even more interest in imitating the design.    So we’ve got a bone to pick with the Darwin Party.  The strain of accumulating facts has deformed your theory beyond the breaking point, leaving it limp and lame.  Intelligent design is the biology and biophysics of the 21st century.  No dead-Charlie bones about it.(Visited 9 times, 1 visits today)FacebookTwitterPinterestSave分享0last_img read more

16
Dec
2019

New Life for Toxic Land

first_imgPolluted sites are being restoredPritchard Park is just one illustration of efforts across the U.S. to put contaminated sites back to use for communities — as parks, playing fields, workplaces, homes, shopping centers, even renewable energy projects.“EPA places a high priority on land revitalization as an integral part of its Superfund cleanup mission,” says U.S. Environmental Protection Agency spokesperson Enesta Jones. “Superfund cleanups have allowed hundreds of communities to reclaim formerly contaminated Superfund sites for protective and productive uses.”Commercial uses tend to be the most popular: Such redevelopment can yield new jobs and tax dollars. Based on information collected at 487 of the 888 Superfund sites in reuse, the EPA estimates that cleaned sites supported approximately 6,600 businesses in 2017 with ongoing operations employing more than 156,000 people and generating annual sales of $43.6 billion.Lessons are emerging from Superfund reuses to date, including the importance of involving the local community and creating a vision for reuse early in the cleanup process. Warnings also abound about what can go wrong during and after redevelopment, especially if inadequate attention is given to remediation.Since passage of CERCLA in 1980, more than 1,700 sites around the U.S. have been listed on the NPL. As of late February, 399 sites have been fully cleaned up and deleted from the list. As more sites are added to the Superfund list, and as more sites on the list are cleaned up, environmental experts hope past experience will bring more efficiency and success to future repurposing projects. This post originally appeared at Ensia. Lynne Peeples is a Seattle-based science journalist specializing in the environment and health. When Charles Schmid first moved to Bainbridge Island, Washington, in 1970, the Wyckoff Company was still stripping bark from timber and treating the logs with creosote, an oily liquid processed from coal tar. The waterfront factory had used similar wood-preservation methods dating back to the early 1900s, when it began producing materials for some of the world’s largest infrastructure projects, including the Panama Canal, Great Northern Railroad, and San Francisco’s wharfs.In fact, Schmid used to pick up free bark from Wyckoff. “Everything seemed fine,” he recalls. But by the 1980s, he began to learn about contamination at and around the site — pools of creosote, fish with lesions, shellfish too toxic to eat. The emerging news spurred him and other members of this island community, a short ferry ride from Seattle, to push for cleanup.Fortunately for Schmid and his neighbors, seven years earlier the U.S. Congress had passed the Comprehensive Environmental Response, Compensation and Liability Act (CERCLA), which created a pool of money known as the Superfund that could be used to clean up such sites.In 1987 the site was added to the Superfund National Priorities List (NPL) a designation reserved for areas where contamination poses a significant threat to human health or the environment and demands a concerted, long-term, federally coordinated remedy. Energy opportunitiesThe East Chicago site is not alone in attracting the attention of energy developers. In New Bedford, Massachusetts, more than 5,000 solar panels are visible from a highway interchange. The array sits on Sullivan’s Ledge — once a granite quarry and then a town landfill, where electrical transformers, fuel oil, metal and scrap rubber piled up. The soil, sediment, and groundwater were left heavily polluted, leading to the site’s placement on the Superfund NPL in 1984.Solar farms are becoming an increasingly popular choice for Superfund sites, in particular those too contaminated to be sufficiently cleaned for residential or commercial reuse. Technological advances in panel mounting and framing also mean that solar panel systems can now have minimal impact on the integrity of landfill covers — making the use a more feasible option. The cap at this New Bedford site wouldn’t have supported the weight of a commercial building, according to John DeVillars, chairman of Boston-based BlueWave Solar, which helped with the project. But it can support the panels.Solar farms like this one at New Bedford, Massachusetts, are an increasingly popular choice for repurposing Superfund sites. [Photo courtesy of the City of New Bedford]Around 2010, Stanislaus partnered with the U.S. Department of Energy’s National Renewable Energy Laboratory to map Superfund sites with high opportunities for renewable energy development. The effort was part of the RE-Powering America’s Land Initiative, which encourages renewable energy on already developed or degraded land instead of green space.“Our company and every other solar developer company has chewed up too much farmland and forest land,” says DeVillars.The 1.8-megawatt solar array produces enough energy to save New Bedford about 30% on its municipal electricity bills and to offset carbon dioxide emissions from electricity use of more than 226 homes.“Sullivan’s Ledge is a great example of our city turning an environmental liability into an environmental asset,” says Jonathan Mitchell, the city’s mayor. Today, most of the 50-plus acres of polluted property have been cleaned up. It’s also taken on a new life as Pritchard Park — complete with wooded trails, views across Puget Sound of downtown Seattle and Mount Rainier, and a man-made sandy beach — thanks to $8 million in government grants and private funds raised by community members, including Schmid, to buy the land. Since most of the island’s waterfront is privately owned, this new public parkland is particularly special.“It’s so important for people to get to the water,” Schmid says as he shows me around the site. “Kids always want to be in the water.” Symbols of hopeEPA administrator Scott Pruitt has called for accelerating the cleanup and reuse of Superfund sites across the country. “Today’s redevelopment list incorporates Superfund sites ready to become catalysts for economic growth and revitalization,” Pruitt said in a January statement with the release of a list of 31 Superfund sites he deemed prime candidates for reuse.Environmental policy experts generally agree that efforts to revitalize formerly contaminated land can generate benefits. However, some are concerned that too much attention on redevelopment could compromise the key goal of the Superfund program — to protect public health and the environment.“There are still over 100 sites where human health is not under control,” says Probst. “I would argue that redevelopment is not the most important aspect of this program.”Critics’ concerns are amplified by a proposed budget from the Trump administration that would not increase funds for the Superfund program despite Pruitt’s pledges of an increased focus. However, Pruitt has claimed that private investment in cleanup and reuse can fill funding gaps.With foresight, preparation and patience, some of the country’s past environmental nightmares can well become symbols of hope for the future.“You need to understand that it is going to be a long haul,” advises Bottcher, the Wyckoff site project manager. “The earlier the community can start planning and envisioning how sites will be used in the future, it helps everyone. It helps the EPA make smart decisions that would be compatible with that future use, and it helps the community or property owner to raise funds for that redevelopment.”The transformation of the Wyckoff site is a particularly poignant example of turning trouble to hope. During World War II, while workers at the creosote factory were excluded from the draft — the operations were considered too vital to national defense — more than 200 residents of Bainbridge Island became the first Japanese Americans exiled to internment camps. A short walk from the factory was the dock where they were ferried away. Now a memorial wall on this section of the Superfund site commemorates the history of the exclusion.In a recommendation report for the Superfund site, the Pritchard Park Design Advisory Committee, on which Schmid served, recognized the dual potential of the chosen reuse: “The park represents the opportunity for healing and restoration of two wrongs from the past — one to the social fabric of the community, the other to the land itself.”center_img No need to waitDelisting a Superfund site often takes many decades. Thankfully, experts note, reuse generally doesn’t need to wait that long. “In ideal circumstances, you can do the remedial action with components of redevelopment,” says Stanislaus.That dual effort is underway at the Wyckoff site, which remains on the NPL. A stroll northeast down the Pritchard Park beach ends at a barbed wire fence set atop a steel wall and adorned with warnings to keep away and to not to eat the crab, bottomfish, or shellfish from these waters. A faint petrochemical smell fills the air, a stark reminder that another 650,000 gallons of creosote and other toxic chemicals persist in the ground beneath the former facility.“There’s still a long way to go,” says Schmid. “This stuff doesn’t give up.”Inside the fence are the final 5-plus acres (2-plus hectares) of land with the heaviest contamination. This area, which juts out into Puget Sound, is probably also the site’s most prime real estate. Schmid imagines kids flying kites out here one day.Given the extent of the pollution and the constraints on money and manpower, that day is at least another decade away, according Helen Bottcher, the EPA project manager of the site. But plans for how the final piece of waterfront property will be incorporated into the park are on the drawing board, replete with accents that could include a wedding venue, a giant windmill, or a peace pagoda. Landfills Can Make Great Building SitesAre Hazardous Vapors Seeping Into Your Basement?Giving Nature a Chance for a Comeback Protect against injusticeAmong the adverse consequences to be alert for related to Superfund redevelopment is gentrification. Overall, 15% of the more than 50 million people who reside within three miles of a Superfund site live below the poverty line, according to a 2015 EPA report.“If you come in and say you’re helping the community and then the community can’t afford to live there anymore, that’s a big issue,” says Katherine Probst, an environmental policy consultant with expertise in Superfund. The promise, for example, of a cleaner Gowanus Canal in Brooklyn — a Superfund site in a historically low-income area — has prompted development and driven up rental costs in the surrounding neighborhood.Debbie Chizewer, an environmental advocacy lawyer at Northwestern University Pritzker School of Law, is working with a low-income community in East Chicago on the future of polluted land targeted for redevelopment.“Since many Superfund sites are in low-income communities of color, I think it’s exceptionally important to protect against more environmental injustice,” says Chizewer. “You need to make sure the reuse is not something that threatens the community’s health.”The reuse plan is still unclear for the former housing complex and school, which were vacated due to lead and arsenic contamination. Some members of the community would like to one day call the site home again.“There’s a sense of loss in this community. Many neighbors have had to move out, leaving families separated,” Chizewer says. “On the other hand, there are people who don’t want to have anything like this happen to another family because their kids have ADHD and other problems associated with lead exposure.”Discussions so far have raised other possibilities for the site, including bus storage or a solar energy farm. Chizewer says she fears the former idea could bring yet more air and noise pollution to the vulnerable neighborhood. She is, however, a fan of the latter idea. “Then the adjacent residents could get the benefits of the energy created on the site,” she says. RELATED ARTICLES Matching cleanup and useSome 20 miles south, as the seagull flies, from Pritchard Park, another Superfund reuse story is unfolding.Starting in the late 1800s, Tacoma’s Thea Foss Waterway was part of a massive hub for shipbuilders, oil refiners, chemical manufacturers, and the like. The industries left the soil, groundwater, and bay sediment laden with pollutants including heavy metals, phthalates, and polychlorinated biphenyls (PCBs). The EPA added the site to the Superfund in 1983.Charles Schmid at the park he helped create at a former Superfund site on Bainbridge Island, Washington. The 50-acre Pritchard Park is one of hundreds of sites around the country that have been cleaned up and put to a new use. (Photo: Lynne Peeples)Reuse considerations were incorporated into many aspects of the site’s cleanup, according to the EPA. Today, marinas, apartments, and businesses line the waterway, and buildings, paved surfaces, and other structures hold remaining contamination in place. And, in designing the sediment cleanup plan, coordination with property owners ensured that water depths resulting from dredging and capping efforts were compatible with future land uses.Igor Linkov, a risk and decision scientist with the Army Corps of Engineers, notes that site use decisions are not always considered in developing cleanup strategies. The end result can be too little clean up — or too much, says Linkov, speaking based on his prior consulting experience and not representing government views.“In many cases, efforts end up overly conservative and can result in wasted resources,” he adds. “It doesn’t make sense to clean up a site to the level that’s appropriate for a kindergarten if it is going to be a parking lot.”A growing set of tools can help stakeholders explore how the cleanup of decades-old pollution can go hand-in-glove with reuse of the land. The EPA’s Superfund Redevelopment Initiative includes information for selecting cleanup remedies that are consistent with a site’s anticipated reuse. The EPA also leverages administrative and legal measures, or so-called institutional controls, to reduce toxic exposures by ensuring a change in land use is not allowed unless a state or federal environmental agency reviews and orders any necessary further cleanup.Under the Superfund law, land targeted for residential use must live up to a different standard than if it is intended for, say, industrial use. In practice, suggests Mathy Stanislaus, former assistant administrator at the EPA’s Office of Land and Emergency Management, designations tend to be generic — identifying the future use only as industrial, commercial, or residential. These categories can cover significantly different kinds of development, especially when considering potential toxic exposures. A commercial use, for example, may turn out to be anything from a daycare or library to a parking lot. So, when a specific end use has been determined, noted Stanislaus, it should be specifically considered.last_img read more

24
Oct
2019

ICAO/UNDP Solar-At-The-Gate Project Being Piloted in Jamaica

first_img Solar facilities designed to provide electricity for Terminal Gate Number One at the Norman Manley International Airport (NMIA) in Kingston were, on Tuesday (April 24), handed over to the management by representatives from the International Civil Aviation Organization (ICAO)/United Nations Development Programme (UNDP) Global Environment Facility. Story Highlights Jamaica was selected for the pilot of a project dubbed ‘Solar-at-the-Gate’, following the country’s submission of an Environmental State Action Plan. Speaking with JIS News at the handover ceremony, Deputy Director General, Regulatory Affairs, Jamaica Civil Aviation Authority (JCAA), Rohan Campbell, said the project aims to reduce power usage from the public grid as well as aircraft generators to provide power while an aircraft is at the gate. Solar facilities designed to provide electricity for Terminal Gate Number One at the Norman Manley International Airport (NMIA) in Kingston were, on Tuesday (April 24), handed over to the management by representatives from the International Civil Aviation Organization (ICAO)/United Nations Development Programme (UNDP) Global Environment Facility.Jamaica was selected for the pilot of a project dubbed ‘Solar-at-the-Gate’, following the country’s submission of an Environmental State Action Plan.Under the project, there has been the successful installation of gate electrification equipment at the island’s two main international airports and a solar power-generation facility at the NMIA.Speaking with JIS News at the handover ceremony, Deputy Director General, Regulatory Affairs, Jamaica Civil Aviation Authority (JCAA), Rohan Campbell, said the project aims to reduce power usage from the public grid as well as aircraft generators to provide power while an aircraft is at the gate.“There are two scenarios that could take place. When the aircraft is parked at the gate, an engine, which is called an Auxiliary Power Unit, would be running. It uses the fuels that are on board the aircraft to supply electrical power to the aircraft while it is there for boarding, loading of cargo, bags, passengers and if there are any maintenance activities,” he informed. Mr. Campbell noted that during these processes, the unit produces carbon emissions.He said that in the second scenario, when the aircraft arrives at the gate, it is supplied with power from the public grid through the airport power supply.“It will connect directly to the terminal, and the power is supplied from the grid to the aircraft and also will run air-conditioning units for the aircraft. So the demand of the aircraft will be pretty high at the gate to support boarding and other services,” he said.The Deputy Director General points out that the ‘Solar-at-the-Gate’ power supply facility will replace the two power sources and, therefore, reduce the carbon footprint of the aircraft while at the gate.According to Mr. Campbell, the ICAO has committed to contributing to the reduction of carbon emissions, and that Jamaica, through the JCAA, remains united with the global aviation community in the thrust to ensure global environmental sustainability in relation to aviation industry emissions. The project, which is the first of its kind to offer zero carbon dioxide emissions, is expected to provide a model for all ICAO States and, in particular, Small Island Developing States.last_img read more

30
Aug
2019

NFL MLB to Supreme Court If Aereo Wins Youll Have to Watch

first_imgNovember 18, 2013 Growing a business sometimes requires thinking outside the box. 2 min read Opinions expressed by Entrepreneur contributors are their own. For digital TV startup Aereo, the road to growth has been a difficult one. And it’s not getting any easier.Actually, the four major broadcasters that are suing Aereo over the startup’s ability to provide digital streams of broadcast signals have a lot to lose, too. Many programmers who provide valuable primetime content have already said they’ll move their shows to paid cable networks if Aereo prevails in court.Now, Major League Baseball and the National Football League seem to be of the same mind.In a document called a “friend of the court brief” which has been submitted to the Supreme Court, the leagues argue that what Aereo does is a violation of their “exclusive retransmission licensing rights.””Those stations will become less attractive mediums for distributing copyrighted content,” the brief says. “The option for copyright holders will be to move that content to paid cable networks (such as ESPN and TNT) where Aereo-like services cannot hijack and exploit their programming without authorization.”Related: Digital TV Startup Aereo May Wind Up in the Supreme CourtThe four broadcasters that are suing Aereo are ABC, CBS Broadcasting Inc., NBCUniversal and Fox Television Studios.In order to carry major league sports, cable and satellite providers pay $300 million in “compulsory” licensing fees, about $100 million of which goes to the leagues.If Aereo wins, it’s still not clear how quickly the NFL and MLB could yank their programming.Aereo, a service that allows users to stream live TV over the internet for a small monthly fee, has been embroiled in a legal battle with the four major broadcasters that’s gone all the way to the Supreme Court.The broadcasters argue that Aereo is stealing copyrighted content. But Aereo, which does not pay the broadcasters, argues that it isn’t doing anything that individuals couldn’t do themselves with their own antennas.In several other cases where litigation is pending, courts have denied broadcasters’ requests to make Aereo cease its operations until a decision is reached. Related: 7 Technologies That Are Disrupting the Cable TV Business Free Webinar | Sept. 9: The Entrepreneur’s Playbook for Going Global Register Now »last_img read more

30
Aug
2019

How OneLogin Was Compromised and the Lessons for the Rest of Us

first_img Register Now » Opinions expressed by Entrepreneur contributors are their own. June 16, 2017 5 min read Free Webinar | Sept 5: Tips and Tools for Making Progress Toward Important Goals Attend this free webinar and learn how you can maximize efficiency while getting the most critical things done right. Last week, OneLogin, one of the leading U.S. Cloud Single Sign-On (SSO) services, suffered a major breach, compromising U.S. customer data. The good news was that OneLogin was able to identify the compromise within hours and respond by shutting down the rogue instances responsible for the service failure. However, highlighting the swiftness with which these attacks can take place and have effect, that was still enough time for the thief to likely purloin customer data and more ominously, their login credentials for accessing cloud services and even their encryption keys for decrypting data in those cloud services.As painful as breach incidents are for the service provider and affected companies, they also offer a teaching moment that can help inform future behaviors and defenses. In the case of OneLogin, because the attacks intersected a service that essentially managed passwords in a central location in the cloud that can be configured through an API, there are many lessons at the nexus of many modern challenges including cloud, API, consumer passwords, privileged administrator identities, event notifications, breach mitigation and breach response regulations.Related: Just Being Proactive Isn’t Enough: What Entrepreneurs Should Do During a CyberattackThe inherent risks of centralizing keys to the kingdom in the cloudThe cloud has revolutionized how businesses consume IT services over the last seven years. It offers on-demand flexibility, no startup cap-ex and ease of use. However, it comes with its own set of risks. Cloud SSO services symbolize both the convenience and risks of the cloud. Firstly, accessing cloud services using an on-premise credential management system is extremely challenging. There are firewall issues, connector update issues and operational complexities. Running a cloud SSO service from the cloud makes sense on many technical and business levels. However, it of course creates a single point of failure by placing all credentials in a central place that acts as an attractive honey pot for bad actors. This means both SSO providers and their customers need to take extra precautions.Managing the administrative logIns for the logIn serviceFor the service provider, the simplest and most critical security that can be built around the service is to protect against potential administrative hijacking of the service. That is apparently what felled OneLogin; an attacker was able to steal an administrative credential that was then used to provision a rogue service that then accessed provisioning/admin APIs to copy customer credentials to the rogue instance. As it happens, technology exists to limit risk around stolen administrative credentials and protect APIs. PIM, or Privileged Identity Management, tools provide single use password vaults for administrative accounts that limit their access and utility if stolen. Similarly, API security products exist that can provide stronger access protections and detection of unusual activity around administrative APIs and shut down sessions before they can prove damaging.Related: What Happens When Your Small Business Is HackedSplitting keys, stepping up authenticationFor customers, there are also actions they can take if their service provider is compromised. The simplest is to split encryption key management from access credentials. Isolation and separation of duties is always a good security strategy. So is stronger authentication. Many services now offer authentication based on not just something you know, like a password, but also something you have or bring, like a mobile phone or fingerprint. The latter are far harder to compromise because the possession of passwords alone is insufficient to access a client account. In this day and age, with the prevalence of mobile phones and biometric authentications, there are no excuses for not insisting on stronger authentication from your service provider.Related: The Worst Hacks of 2017 — So FarAfter the breachNow, while the OneLogin incident provides many lessons to both service providers and their customers on how to prevent or limit fallout from a similar attack, it also tells a story on what needs to be done in response to a breach.For a service provider, of course the top concern is detecting the breach and limiting any damage. Good audit/security information and event management (SIEM) tools can help here, especially if they offer anomaly detection to detect strange activities. But, then comes the step that arguably is the most difficult and costly: understanding who was affected and making appropriate notifications and responses.Fast breach responseToday 48 U.S. states and most foreign countries have laws on breach response requiring a specific type of notification within a prescribed time period. What makes this difficult for service providers (and the affected companies) is that they rarely track customers by residency and almost never have an inventory of that person’s or organization’s data so they can properly audit who was compromised and what data was taken. To answer this problem, new tools exist in the privacy management space that can map data for every customer by state or country and make legal response easier while also helping the service provider audit what was taken.Related: Security for Startups: Protection on a BudgetFor the affected companies, there is a similar need to understand the scope of damage from a compromised service provider. Keeping an inventory of what sensitive data is accessed through what service can insure impacted downstream users can be adequately forewarned to take appropriate actions before damage can spread.The lessons of OneLoginThere is a saying that no bad experience should be experienced without something learned. What happened at OneLogin was painful for both the service provider and affected companies. However, rather than run away from using cloud services, for the affected companies there are many takeaways that can be learned to limit future fallout and impact. For the service provider, there are similar lessons around extending the protective umbrella to administrative accounts and APIs. OneLogin showed how even a security service can be compromised by one set of credentials; therefore it’s recommended to always take extra steps to protect your most vital assets.last_img read more