May 30, 2013

Beyond privacy policies: Practical privacy for websites and mobile apps
In this environment of growing attention to the risks of data security breaches, and in the midst of an explosion of mobile applications that make data storage an increasingly far-flung proposition, many organizations assume that the first line of defense for a company with a website or a mobile app is a good privacy policy.


Evernote beefs up security with two-step verification and access controls
Evernote also states they will give you a set of one-time backup codes in case you are traveling or do not have access to your phone and need to enter a verification code. Two-step verification is optional and before you enable it make sure you have access to your selected secondary verification method or you could be locked out of your account. This security level is available to Evernote Premium and Evernote Business user only. As they refine and establish the process, they will open it up to free account users.


Hackers exploit Ruby on Rails vulnerability to compromise servers, create botnet
"It's pretty surprising that it's taken this long [for an exploit] to surface in the wild, but less surprising that people are still running vulnerable installations of Rails," said Jeff Jarmoc, a security consultant with security research firm Matasano Security, Tuesday in a blog post. The exploit that's currently being used by attackers adds a custom cron job -- a scheduled task on Linux machines -- that executes a sequence of commands.


BSNL launches enterprise cloud services in India
BSNL will be leveraging the relationship it struck three years ago with Datacraft – which later became consolidated under the Dimension Data brand – to set up six new internet data centres (IDCs) in 2010. BSNL is providing connectivity and Datacraft is managing the cloud service and data centres. According to COAI, India’s GSM industry body, the carrier is currently the fourth largest in the country in terms of mobile subscribers, but has struggled to grow its user base in an increasingly competitive market.


How to successfully implement the principle of least privilege
The key is to give employees access only to what they need and when they need it, so that they can best perform their job in a safe manner. ... IT security has no chance of fully enforcing least privilege without complete buy-in from their non-IT colleagues (yes, this is true for all security initiatives). To maximize your chances of successfully implementing least privilege access, I suggest incorporating these critical steps:


Infographic: Mobile Payments Going Mainstream for Meals
According to the latest industry projections, mobile payment transactions are projected to reach $1.3 trillion by 2017. Not surprisingly, the food service industry will claim a large portion of this burgeoning market as worldwide physical goods sales from mobile devices will account for 30% of all retail within four years.


Great CEOs Roll With the Punches
According to the Board’s study, dismissals were on the rise because of increased accountability of directors and a greater scrutiny from shareholders and activists. The Conference Board suggests that the pressure of serving as the CEO of a large company in an increasingly competitive global marketplace has resulted in more voluntarily shorter tenures, implying that CEOs are leaving on their own terms after fewer years on the job. This is a case of “jump” before you are “pushed.”


Tech Career Advice From Google’s Women
“It’s a disruptive industry,” Ms. Wright said. “You, too, might someday be unemployed on your father-in-law’s couch. What matters is the energy and tenacity with which you pick up your next job.” Another piece of advice Ms. Wright gave, which helps explain her rise at Google, is that employees should seize opportunities, and managers should ask employees about their desires and believe they can achieve them.


Open source: Its true cost and where it's going awry by Monty Widenius
"Now the problem is that you have companies that are heavily using open source but refuse to pay anything back because they don't have to," Widenius said. "The whole problem with not having to is kind of new because the open-source movement doesn't go forward if nobody is prepared to pay. You actually make it harder for new companies to form around open source," he said.


Top 10 Ways to Blow Up an Agile Project
Everyone knows agile is better. But if you do it just right, agile can be fragile, too. Follow these 10 'tips' and your project is bound to come off the rails. In the spirit of David Letterman's "Top 10 Lists," it's time again for a list of worst practices that can make even the best agile team melt down. Here's David Taber-man's newest Top 10 List of things you can do to make that a reality.


Quote for the day:

"A man's accomplishments in life are the cumulative effect of his attention to detail." -- John Foster Dulles