August 01, 2014

Cloud app development can reap the benefits of Agile
The first step is to think of the cloud as an ever-changing organism, rather than a static platform. "A developer may not realize that the infrastructure beneath them is shifting constantly in the cloud and [may need to] incorporate responses to common transient failures." One example of this would be scalability. What would happen if a cloud application got popular and the traffic suddenly spiked? Developers would need to know beforethis happened in order to carry out an effective scalability plan. When it comes to the cloud, quality is not an end result. It is a constant process, and cloud applications need to be designed with a process-oriented mindset.

In a hyper-social world, some seek a little privacy
"Companies have realized there's some privacy boundaries to what people want to share," said Justin Brookman, director of consumer privacy at the Center for Democracy and Technology, a nonprofit group in Washington, D.C. Comments from Zuckerberg reflect the shifting tide. In an onstage interview in 2010, Zuckerberg suggested people were happy to share widely. "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," he said at the time.

How to reach a software-defined operational state of bliss
It is an "operational state" achieved by eliminating current silos of compute, storage, network and software and adopting a new way of managing and controlling all the moving parts within the infrastructure. With the trend toward software-defined infrastructure comes a new level of complexity that can only (says Cirba) be controlled through sophisticated analytics and purpose-built control software. The ability to make unified, automated decisions that span compute, storage, network and software resources, that are based on the true demands and requirements of the applications, and that are accurate enough to drive automation without fear, is the foundation of the next generation of control of IT infrastructure.

Surrounded by 'code halos'? Here's how your IT organization can embrace this new religion
These security, privacy and compliance issues are not simple, but every day different companies across the world are making tremendous progress on being able to solve some of these issues. That’s part one. The second side of the coin is people in many cases are willing to share more and more information, right? What we’re seeing is more and more of an opt-in economy. So people are saying, “Yes, I am willing to share this information, my information, with you, as a company, but you have to treat it with respect. ” Companies have to be compelling and honest in their ability to manage that information in an ethical and trustworthy way, and they have to deliver a level of value that makes it worth the give. We call this the "give-to-get" ratio.

Emotional intelligence: Key to our success
It is important to realize that emotional intelligence is the primary determinant of the quality of relationships in our business as well as in our personal lives. Emotional intelligence is often referred to as our soft skills. I have mixed feelings about that, as some may be inclined to downplay the importance of soft skills, and our EQ is very, very important! Emotional intelligence is having empathy, being able to put ourselves in the shoes of others to sense how they feel and even why they may feel that way. EQ is knowing how to put people at ease, to connect with them and convey the sense that we care.

When tracking defects, make efficiency the end goal
Tracking defects to provide insight also seems suspicious. It allows management by spreadsheet. I would prefer that management get involved in the work. If your team doesn't fix all the preproduction bugs, and customers care about them, then tracking bugs to remember those details might make sense. My preference is only to file a bug report if the issue is not fixed, but is deferred and still worth documenting. The fourth idea is to change the test strategy to find the defects that are actually emerging. To do this, I would look at both preproduction and production defects along with our test approach to see what defects we are missing and what tests we could run to find them.

CISOs still struggle for respect from peers
Those companies that have a CISO have tended to relegate them to a purely operational, fire-fighting role with little say in overall risk management. Over the years, CISOs have often complained about not having enough clout within their organizations to effect real change. The situation stems from an overall misunderstanding of the CISOs role in enterprises, said ThreatTrack Security president and CEO Julian Waits. Many in the C-suite view the CISO function as purely technology related and fail to appreciate the broader role that security executives can play in mitigating and managing overall operational risk, Waits said.

What the IBM and Apple deal means to you and me
Basically, it's going to mean that your devices and your apps learn you. Think about combining Google, Amazon, Facebook, your best friend, and your mom into a device. That's what this new Watson-powered Apple device is going to be. And you thought Watson was cute when it won on Jeopardy. You thought it was just an IBM research project that had no real world application. You were wrong. Watson is at the epicenter of this new phase of computing. Your phone, your tablet, your car, your computer, and even your home will become extensions of you. Forget the Jetsons—that's as far from what's coming as the Jetsons were from the Flintstones.

How Kanban Works
how (or may be why) Kanban works? Is it because it exposes the system and enables visual tracking of requests? Or is it due to limiting work-in-process and reducing the wasteful effect of task switching? Or may be due to frequent and granular feedback it provides to managers through simple measurements like cycle time and throughput? In this article, we will dig into details and study Kanban in the light of queuing theory and Little’s Law1. Also, using case studies, we will illustrate three typical problems which face managers of Kanban development systems, and how to resolve them. This will reveal some basic concepts and insightful ideas about how Kanban works.

IBM Acquires Security Software Provider CrossIdeas
“The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities,” said Brendan Hannigan, general manager of IBM Security Systems, in a statement. “IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers.” As part of IBM’s Identity and Access Management portfolio, CrossIdeas will deliver new identity and access governance capabilities to help mitigate access risks and segregation of duty violations.

Quote for the day:

"The first responsibility of a leader is to define reality. The last is to say thank you. In between, the leader is a servant." — -- Max DePree

July 31, 2014

Develop and Implement your customized plan for adopting healthy agile-lean practices
Effective impediment management can be learned with practice and improved with process maturity and experience; management support is still needed for removing organizational impediments. As multiplexing and multitasking reduces, and the team starts following Stop-Starting-Start-Finishing lean mantra, the number of NT events should reduce over a period of time. Moving away from non-lean behaviors (3B and 4B) to healthy agile-lean practices (3P and 4P), shown along the Y-dimension of Figure 1 is a challenge that can be addressed at the team-level. It usually doesn’t depend on and need not wait for senior management support.

Infographic: Capitalizing on the Internet of Things
Let us give you three figures that show why the IoT creates challenges both long-term and immediate. First, consider the number of IP-enabled devices such as cars, heating systems or production machines. Based on research by the analyst firm Machina Research 14 billion of those things will be connected by 2022. Second, the ITU predicts that by 2015, 75 percent of the world’s population will have internet access. And third, the omnipresent mobile revolution: according to the mobile forecast from Cisco’s Visual Networking Index, more than 3 billion smartphones and tablets will be in use globally by 2017.

Hulu Chooses Cassandra Over HBase and Riak
“We looked at HBase and Riak at first,” said Rangel. “Cassandra was an afterthought.” ... “With Cassandra, it managed to handle the load, it’s very reliable, it allows range queries without limitations, and it’s easy to maintain,” said Rangel. “It’s night and day compared to HBase.” The team had to do some hardware changes because Cassandra specs are different. Cassandra is optimized for SSDs, which improved performance. Rangel also said that Cassandra was better at replication.

Attention Agile Programmers: Project Management is not Software Engineering
Many software developers today are working on client/server systems such as Web sites and Smartphone Apps. These systems are based on the exchange of requests and responses between a client and a server. In such systems, the Latency is the time interval between the moment the request is sent and the moment the response is received. The Throughput is the rate the requests are handled, i.e., how many requests are responded per unit of time. In client/server systems it is essential to constantly measure the latency and the throughput. A small code change, such as making an additional query to the database, may have a big impact on both.

Answer to OTP Bypass: Out-of-Band Two-Factor Authentication
When users attempt to visit their bank’s landing page, they get redirected to a fake bank page that steals their username/password. Then, they’re asked to type in the one-time password (OTP) sent by their bank’s mobile app - but, the SMS never arrives, so then the website prompts the user to install a malicious mobile app that’s pretending to be an OTP generator. Whew. This malicious Android app actually intercepts the real two-factor SMS tokens sent by the bank, thereby gaining access to the user’s account and stealing all their monies.

LibreOffice 4.3: The best open-source office suite gets better
According to Coverity, "LibreOffice has done an excellent job of addressing key defects in their code in the short time they have been part of the Coverity Scan service." Like previous versions, LibreOffice is available for Linux, Mac, and Windows systems. You can also run an older version, LibreOffice 4.2, from the cloud using a Software-as-a-Service (SaaS) model. With the United Kingdom making LibreOffice's native ODF its default format for government documents, LibreOffice is certain to become more popular. Other cash-strapped governments, such as Italy's Umbria province, have found switching to LibreOffice from Microsoft Office has saved them hundreds of thousands of Euros per thousand PCs.

'Software-defined' to define data center of the future
Simply being written in software shouldn't qualify as "software-defined"; the term should also apply to the overall resource served (e.g., networking or storage). Just as there are network switches for SDN, appropriately designed hardware and firmware solutions should exist for software-definable infrastructure. In other words, a well-designed physically assembled pool of modular (possibly proprietary and/or highly specialized) resource units could be elastically provisioned, dynamically partitioned and configured programmatically.

A New Hat for Negotiators
Kopelman, who broadly defines negotiations, thinks that even more enlightened win-win negotiators can find themselves impaired by the hat they wear. It’s as if the negotiator’s hat includes a set of blinders that artificially limits the options of every party in the negotiation. She says that we all wear multiple hats in our lives, and that each one represents a different role that comes with its own resources and constraints. (For instance, a business executive may also be a parent, a child, a spouse, a soccer fan, a scuba diver, or a church deacon.) But, Kopelman says, if we can integrate our hats, we might be able to use their combined assets to negotiate in a more genuine way and craft superior outcomes.

Top 5 Wearable Tech You Haven’t Heard of Yet
Forecast calls for 19 billion connected things by 2016, and the wearable technology sector is set to skyrocket from $3-5 billion in revenue to $30-50 billion over the next 2 years. The economic impact estimates as high as $14 trillion over the next decade ( The products in beta and those already created are leading in the market. Fitbit fitness devices are available in 30,000 retail stores across 27 countries worldwide (Amazon published rankings). Google Glass expanded with Google Contact Lens. And the market for jackets that navigate, dresses that change color with mood, and bras that can track your heart rate are popping up everywhere.

Big Digital Leadership
Technology trends such as big data and the Cloud are driving the IT agenda, as are technology-fuelled trends such as mobility and social media. Increased user empowerment as demonstrated by the Byod movement is changing the CIO’s role from technology manager to digital leader. This white paper explores these trends from a strategic perspective. It also offers operational advice thus enabling you to turn these emerging themes into business value.

Quote for the day:

"Your time is limited, so don't waste it living someone else's life. -- Steve Jobs

July 28, 2014

Top 25 free tools for every Windows desktop
While smartphones descend on computer cognoscenti like Mongol hordes and tablets tempt the tried and true, the good ol' Windows desktop still reigns supreme in many corners of the modern tech world. That's where I live, and I'm not ashamed to admit it. If you haven't looked at free desktop programs lately, you'll be surprised. The inexorable shift to a post-PC world hasn’t deadened the market or dulled innovation. Quite the contrary. The current crop of free-for-personal-use (and cheap for corporate use) desktop apps runs rings around the best tools we had not long ago.

The Coming Human Body On A Chip That Will Change How We Make Drugs
Borrowing microfabrication techniques from the semiconductor industry, each organ-on-a-chip is built with small features, such as channels, vessels, and flexible membranes, designed to recreate the flow and forces that cells experience inside a human body. The structure can mimic the inhalation of, say, an asthma medication into the lungs and, later, how it’s broken down in the liver. It might one day help the military test treatments for biological or chemical weapons; hospitals to use a patient’s own stem cells to develop and test “personalized” treatments for their disease; and, of course, drug companies to more quickly screen promising new drugs.

Attackers install DDoS bots on Amazon cloud, exploiting Elasticsearch weakness
Security researchers reported earlier this year that attackers can exploit Elasticsearch’s scripting capability to execute arbitrary code on the underlying server, the issue being tracked as CVE-2014-3120 in the Common Vulnerabilities and Exposures (CVE) database. Elasticsearch’s developers haven’t released a patch for the 1.1.x branch, but starting with version 1.2.0, released on May 22, dynamic scripting is disabled by default. Last week security researchers from Kaspersky Lab found new variants of Mayday, a Trojan program for Linux that’s used to launch distributed denial-of-service (DDoS) attacks.

How To Build A Federal Information Security Team
The National Initiative for Cybersecurity Education (NICE) was established in 2010 to raise national cyber security awareness, broaden the pool of cyber security workers through strong education programs, and build a globally competitive workforce. NICE developed a national cyber security workforce framework to codify cyberwork and to identify the specialty areas of cyber professionals. An update to the framework was announced in May of this year. But initiatives such as NICE need additional time and effort in order to achieve tangible and lasting results. What can agencies do in the short term? Here are some recommendations:

Big Switch Networks Launches Mature Hardware-Centric Data Centre SDN Solution
One of the biggest concerns I hear is about hardware and software SDN is reliability and what happens if the controller fails ? I spoke with Rob Sherwood, CTO at Big Switch on this issue. The network can sustain the loss of both SDN controllers and will continue to operate. In the event that both controllers are down and the network changes, the flow table in the device will have pre-calculated redundancy paths to cover failures in the physical network through cascading flow rules in Switch Light tables. If this sounds impossible, you should get in contact with Big Switch to understand it (they call it Sunny and Cloudy Day flow management).

Mobile Now Mission Critical
Mobile budgets are increasing, according to Forrester. Last year, 52 percent of insurers surveyed said they would increase mobile budgets by at least 5 percent and 14 percent said they would increase more than 10 percent, as insurers’ market positions increasingly depend on mobile strategies. Insurers also are responsible for responding to evolving customer demands in order to increase market share and build brand loyalty. As a result of these and other factors, mobile has become business critical for insurers. Deployed successfully, mobile applications can help insurers accomplish three objectives:

Can Data Analytics Make Teachers Better Educators?
Teachers are an excellent example. They've always been data workers — assessing students' understanding of the material based on test scores, classroom engagement, quality of homework, etc., with the goal of improving that understanding. Knowing that individual students learn in different ways, many schools today have adopted the idea of personalized learning as their pedagogical approach: They assess each student on their learning needs, interests, aspirations and cultural backgrounds to create a personalized education program designed to maximize education outcomes.

RackWare Adds Disaster Recovery to Cloud Migration Software Suite
The newly added capability provides whole-server protection and failover. It’s an alternative but not necessarily a replacement to more expensive DR options, such as running a fully replicated data center architected for high-availability or clustering technologies. RackWare’s benefits over traditional disaster recovery are set-up speed and simplicity. Workloads are protected in as little as an hour, compared to days and weeks it takes to deploy more complex disaster recovery options. The disaster recovery in RMM 3.0 is already being used in production by a few select customers. Sunkara said the limited access period helped the company gather feedback and fine-tune the product. It’s now widely available.

Bank of America: When software relationships turn sour
"This is a relationship that has gone bad. It is very rare to get this kind of escalation," said Neil Ward-Dutton, research director at MWD Advisors. "Part of the way to maintain revenue is by enforcing audits, but normally if the [customer] has been using software outside the agreement, you negotiate and come to a compromise." Commenting on the challenges Bank of America could face if the Tibco software it uses is “impounded”, he said: "If Bank of America has fairly well-defined projects, then migrating modern middleware should not require much recoding, since the applications would use standard coding. But there is always some vendor proprietary tools, which may need workarounds."

Why a Media Giant Sold Its Data Center and Headed to the Cloud
"As we moved down this digital path -- everything from creation to distribution -- we started looking at our operations and looking at what we should be and shouldn't be in," Simon says. "One of the questions we asked ourselves was: 'Do we really want to be in the business of running data centers anymore?'" Reaching the answer to that question was difficult. But in the end, Simon's higher-ups agreed: CondA(c) Nast would get out of the data center game. "The transition was a lot less challenging that the decision to do it," Simon says.

Quote for the day:

"Whenever you see a successful business, someone once made a courageous decision." -- Peter F. Drucker