August 29, 2014

From Sensors to Big Data: Chicago Is Becoming a Smart City
Chicago is the first major city in the USA that is building a permanent infrastructure to collect Big Data. They are installing hundreds of environmental sensors that will measure temperature, humidity, light, sound and cellphone signals. All this data will enable Chicago to become a safer and cleaner city. The sensors will be placed on top of lampposts along Chicago’s Michigan Avenue. ... They are true data generators, where all sensors placed within a city gathers vast amounts of data. Chicago will open source all this data to the public, so that anyone can access the data and make use of it.

Poor data quality hindering government open data programme
A source working on the open data programme at the Cabinet Office said public data releases had been dirty and inconsistent. "I would agree the evidence is there to support that," said the source. "They talked about armchair auditors – there hasn't been a lot of that. You can look around and not find them. Some busybody can read through the PDFs, but to make some sense of the aggregated mass is almost impossible with the raw data you've got.”

One small step for IT security: a beginner's guide to threat intelligence
Armed with this knowledge, the organisation can procure the right threat intelligence feed that focuses on the relevant threat actors and provides signatures to help detect attacks before they impact. The board can be briefed about the general overall threat and how activities in the business could heighten the likelihood of attack. Technical teams can be briefed on attacker tools, techniques and procedures so that protective monitoring and software patching can be performed more strategically to identify or mitigate malware. And finally, staff can be made aware of attacks to reduce the risk of compromises.

Architectural Security aspects of BGP/MPLS
There are a number of precautionary measures outlined above that a service provider can use to tighten security of the core, but the security of the BGP/MPLS IP VPN architecture depends on the security of the service provider. If the service provider is not trusted, the only way to fully secure a VPN against attacks from the "inside" of the VPN service is to run IPsec on top, from the CE devices or beyond. This document discussed many aspects of BGP/MPLS IP VPN security. It has to be noted that the overall security of this architecture depends on all components and is determined by the security of the weakest part of the solution.

Three security practices that IoT will disrupt
The early days of cloud services provided a direct challenge to central management, but this challenge has largely been beaten back by cloud services that support “external authentication” (such as Active Directory agents or SAML). The BYOD movement also challenged this tenet, but is being defeated through integrations that require common credentials to access email, IM and file servers. Now a similar challenge to centralized credential management is being mounted by the onslaught of IoT devices -- most of which only allow local user management -- and associated IoT management systems, which frequently also only allow local user management.

Hidden Obstacles for Google’s Self-Driving Cars
Among other unsolved problems, Google has yet to drive in snow, and Urmson says safety concerns preclude testing during heavy rains. Nor has it tackled big, open parking lots or multilevel garages. The car’s video cameras detect the color of a traffic light; Urmson said his team is still working to prevent them from being blinded when the sun is directly behind a light. Despite progress handling road crews, “I could construct a construction zone that could befuddle the car,” Urmson says. Pedestrians are detected simply as moving, column-shaped blurs of pixels—meaning, Urmson agrees, that the car wouldn’t be able to spot a police officer at the side of the road frantically waving for traffic to stop.

Unravelling the anatomy of Archimate
To anyone working in enterprise-architectures, Archimate ought to be the first point we turn to when starting to model any aspect of the enterprise. Unlike Zachman, for example, it places just as much attention to the ‘lines’, the connections between the ‘boxes’ (the ‘things’) of the architecture ... But to me, and to many others, it just… I don’t know… just doesn’t seem to work? Something doesn’t quite gel… something like that, anyway. It gives the sense that it ought to be right, that itought to work – but somehow it just… doesn’t. And that sense of it not-quite-working gets more and more extreme the more we try to move outward from anything but the most IT-centric of architecture views. Odd. Very odd.

Cyber attacks on US banks fuel financial sector concerns
“These capabilities are in the realm of nation-state capabilities,” said Philip Lieberman, chief executive of security firm Lieberman Software. “JP Morgan and similar entities employ sufficient technology to protect themselves from criminals, but typically fail to invest enough in technology and processes to shield themselves from nation states’ ability to access their systems at will,” he said. According to Lieberman, most financial services providers have little to no protection from nation-state attacks and are not willing to spend the money to protect themselves.

Debugging multithreaded code in real time!
We all love Visual Studio, using its breakpoints and single stepping through code to find out why a program behaves differently than expected. Alas, setting a break point or single stepping will completely change the behaviour of a multithreaded application, where it matters which thread executes which instruction in which sequence, measured in microseconds or less. Stop or delay anything in the multithreaded system and it behaves completely differently. So obviously, we cannot stop a single thread when debugging. Which means we should use tracing, looking something like this

CEO praises Juniper team and anticipates success in the cloud
Looking forward Kheradpir highlighted his plans for success saying he wants to focus on cloud builders and high-IQ networks; “Why cloud builders? Because in this current, “everything-as-a-service” application-driven economy, the cloud is our customers’ new delivery engine of innovation to their customers. As enterprises and service providers adapt to this new business model, the network experience is critical to their business. Juniper understands how to unleash the power of the cloud through High-IQ Networks.”

Quote for the day:

"Success isn't magic or hocus-pocus - it's simply learning how to focus." -- Jack Canfield

August 28, 2014

Managing Risk With Big Data & Analytics
However, scale continues to be an issue. Recent mega-breaches are often precursors to large-scale attacks that are identified by network monitors, systems, or individuals responsible for managing risk. But because there is such a high volume of attacks against major corporations, important clues may be missed, and the most critical threat information may not reach the team or executive responsible for protecting the organization in a timely fashion. To combat this problem many institutions have brought information security professionals into the boardroom.

The hunt for your strategic blind spots: Assign data scientists to the case
To understand what's in your blind spot, look for places where your competition will leave a digital trail. First, look to the obvious: your competition's direct communication channels. Sometimes a company will signal what they intend to do by their marketing messages. You should have your data scientists comb through the information on competitors' pages on Twitter, Facebook, and other social media platforms to see if they can pick up on something you may be missing. Even a simple sentiment analysis may uncover a shift in market preferences that you missed.

NASA launches massive cloud migration
The space agency will continue to move apps to the cloud and build apps in the cloud. Its goal is to move or build another 20 to 30 apps by the end of the year. "I want to give people the ability to collaborate," Kadakia said. "I want to give them a repository on the cloud where we can be doing code sharing and code reuse within NASA. And we're looking at disaster recovery as a service." NASA didn't just inch its way into Amazon's cloud offering. The agency has about 60 apps, such as its public-facing websites, on Amazon's public cloud, and 40 more, including NASA's workflow and privacy-impact applications, on Amazon's virtual private cloud, which offers a certain amount of isolation in the public cloud.

CIOs: Stop hugging your servers, start hugging the business people
You can blame the cloud or the rise of the niche vendors but few in IT management would doubt that running an IT department is a much more complex task than it once was. Vendor management is increasingly important skill according to analysts because new ways of delivering IT services introduce a high degree of risk that requires tight control. Analyst Gartner has put together a four-step strategy which it says can help:

Thinking Open Source with Phil Haack
Carl and Richard talk to GitHub denizen and former Microsoftie Phil Haack about what it means to build open source software. The conversation starts off with a reminder that back in Phil's Microsoft days, he was a huge advocate of taking various Microsoft products open source - and today it's actually happening! Phil may have moved on to GitHub, but the spirit of open source has permeated the web team at Microsoft, the ultimate manifestation being ASP.NET vNext! So what about your projects? What does it takes to make them open source, and what benefits can you expect?

Revolution in Progress: The Networked Economy
In fact, the revolution is already under way. “Over the last few decades, we’ve grown beyond the industrial economy to the IT economy and the Internet economy, each of which led to significant inflection points in growth and prosperity,” says Vivek Bapat, SAP’s global vice president for portfolio and strategic marketing. “Now we’re looking at the Networked Economy.” This new economy, resulting from a convergence of the economies that came before it and catalyzed by a new era of hyperconnectivity, is creating spectacular new opportunities for innovation. And, like any revolution, the Networked Economy is going to be big. Very big.

Listen, learn and lead: Key communication skills for IT pros
Tom Catalini is a CIO by profession, accomplished blogger and writer. He said he decided to write his new eBook as a way of paying forward the great advice he had been given throughout his career. He also noted the important role that strong communication skills play in the success of IT professionals, especially if they wish to move up the technical and managerial ranks. I asked Tom what career advice he would like to give to those reading my column. He said that people should enhance their ability to listen, because it expands their ability to learn, which enhances their ability to lead.

4 Outsourcing Mistakes Companies Still Make
There's still no script for the Great American IT outsourcing project. But today's most common outsourcing pitfalls have less to do with technology and everything to do with relationships and communication. Or lack thereof. "Both companies have to rise to the occasion to make it work," says Romi Mahajan, president of marketing consulting firm, the KKM Group, which outsources some of its IT operations. Nevertheless, communication breakdowns and finger pointing frequently derail even the best-laid outsourcing plans. Here are four missteps to avoid.

Location Data Could Become Key to Fighting Bank Fraud
BillGuard said it has been testing the location-monitoring service with a limited beta group of 7,000 cardholders. The location monitoring methods are supposed to be battery life friendly. In an online FAQ, BillGuard said it may only sample a person's geolocation two to three times a day and can often do so without activating the phone's GPS, which is a battery hog. BillGuard did not immediately provide more detail on how it tracks the location data. Some companies gather location data through wireless triangulation, which works by collecting data from cell towers. The firm's efforts are applauded by industry observers who perceive a growing appetite among consumers to let them choose stronger card controls

Apache CouchDB: The Definitive Introduction
The most notable implementations of The Couch Replication Protocol are PouchDB, Couchbase Lite (née TouchDB), and Cloudant Sync for Mobile. PouchDB is implemented in JavaScript and is designed to run in a modern web browser (including mobile browsers). Couchbase Lite and Cloudant Sync come in two flavours: one for iOS written in Objective-C and one for Android written in Java and both are meant to be embedded in native mobile applications. They are all Open Source projects separate from Apache CouchDB, but they share the same replication capabilities, although some implementation details that we explain for Apache CouchDB below differ in the various other projects.

Quote for the day:

"If you want to reach a goal, you must "see the reaching" in your own mind before you actually arrive at your goal." -- Zig Ziglar

August 27, 2014

Clinical Intelligence and Analytics: The Future of Healthcare Delivery
Our opportunity is now to enable the processes that deliver the right information, in the right context, to the right person at the right time. Our opportunity is now to keep patients as healthy as possible while minimizing admissions and care cost. Our opportunity is now to deliver better, more efficient, more valuable healthcare. And while our opportunity may be ripe now, our future—the future of the healthcare industry and the impact we can have on our communities—is only just beginning. The question is whether or not we will turn opportunity into reality fast enough, or if we will continue to lag behind as an industry.

Mobile Health Apps Have Role In Ebola Crisis
A handful of applications already exist that allow users, aid workers, and other medical practitioners to test and share results for illnesses such as HIV, malaria, and flu using only a smartphone. Why are such technologies not being used to test and track Ebola? Geo-referenced, real-time maps of infected patients could be key to tracking and controlling the spread of the virus. In a potential global crisis such as this, the World Health Organization has already called on governments to use exceptional measures, and the US FDA has bypassed its normally rigorous approval processes to fast-track military technology for civilian use.

Big Data scientists get 100 recruiter emails a day
Offering salaries of $200,000 to $300,000 for data scientists with just a couple years of experience, tech recruiters are also going after academics with experience in areas like genome mapping and breast cancer research, dangling the big bucks to get them to help figure out what search terms people use and the impact of tiny changes in online ads. ... The Insight Data Science Fellows Program, in Silicon Valley and New York City, claims to be “your bridge to a career in data science,” offering an “intensive six-week post-doctoral training fellowship bridging the gap between academia and data science.” The programs’ website claims a 100% placement rate (duh) and notes fellows with doctoral backgrounds in astrophysics, biology, statistics, and so on.

Infographic: Four Actions to Help Employees ‘Live’ Quality
A strong quality culture not only reduces the risk for customer-facing errors, but also helps companies find new sources of value in the form of improved customer experience and employee productivity. Unfortunately, 60% of employees say they work in an environment with a weak culture of quality. Our latest infographic outlines what it means to have a “culture of quality” and the four actions quality leaders should take to build and sustain it. For more culture of quality insights, join our September 10th webinar that shows how to get business partners to act on planned quality initiatives.

Disaster Recovery and Business Continuity: Putting Your Plan in Place
Many organizations are looking increasingly to third party solutions to perform a Business Impact Analysis (BIA) and handle DR and BC/BCM initiatives. For small to medium sized businesses however, many large scale DR systems can be cost-prohibitive. Before you throw a whole lot of cash at the problem, there are four key areas you need to consider ... Take the time to calculate how much you could lose with just one to two days of downtime, and then compare this to the cost of aggressively managing your DR plan. Take the time to discuss what your current plan is, train your employees – and then test it out. If it works, you will sleep well knowing that your data is protected!

Regulatory compliance challenges mount in recession’s wake
U.S. companies, particularly those in the financial services industry, continue to wrestle with compliance regulations: Recent headlines show that the current regulatory environment remains a top issue for CEOs and that many companies have difficulty measuring the effectiveness of compliance training programs. Meanwhile, in recent weeks, PricewaterhouseCoopers was fined for watering down a bank report, and a complaint filed with the Federal Communications Commission (FCC) alleges that 30-some U.S. tech giants are violating Safe Harbor agreements.

Eight steps for comprehensive BYOD governance
A comprehensive BYOD governance roadmap must therefore include goals, objectives, value statements, operating principles, policies, procedures, standards and guidelines that address the scope of required cultural and operating model changes. The roadmap should carefully balance strategies for device management and used with a focus on good user experience. Let's look at some good practices for establishing and maintaining safe and effective mobile BYOD practices. The good practices described below are adapted from "BYOD in the Enterprise – a Holistic Approach", ISACA Journal, Volume 1, 2013, S. Ravindran, R. Sadana and D. Baranwal.

Surge pricing is the next wave of digital ordering
Airlines and hotels have been surge pricing for years. But other than a “market price” for fresh fish or other rare commodities, the restaurant industry has largely stayed away. All this could soon change as mobile ordering gains momentum. Uber raises pricing on the fly based on real-time data gathered via mobile devices, the primary source for ride requests. Digital ordering for restaurants allows a similar opportunity by enabling fluid pricing. If, for example, a concert lets out at Madison Square Garden, Uber might charge higher rates to encourage drivers to come to the area.

Intel reveals world’s smallest wireless modem for the Internet of things
The entire XMM 6255 chip board with modem and other features is 300 millimeters square. It includes a SMARTi UE2p transceiver component, which operates on a tiny amount of electrical power. It has transmit and receive functionality, power management, and integrated power amplifier — all on a single chip. The smaller the chip and its components, the less electrical power they need and the less heat they dissipate. That helps them survive in conditions where Internet of things sensors are deployed. A farmer, for instance, may deploy a bunch of sensors to detect ground moisture in fields. Those sensors can send data over 3G modems to a computer, which can produce a report for the farmer on where and when he or she should water the field.

Tips for addressing cybersecurity with the board
"As hackers get better at their exploits, corporate security is failing to keep up, resulting in the main thing keeping directors up at night." ... To help those executives sleep a bit better, BitSight co-founder and CTO Stephen Boyer has shared advice with FierceCIO targeted to both board members and IT security executives on how they can "clear up the confusion and start moving the conversation forward" on cyber-security. Boyer's advice follows. Tips for board members:

Quote for the day:

"Courage is what it takes to stand up and speak; courage is also what it takes to sit down and listen." --Winston Churchill