January 29, 2014

VPN bypass vulnerability affects Android Jelly Bean and KitKat
A malicious app can exploit the newly identified Android vulnerability to bypass an active VPN connection and route all data communications from the device to a network address controlled by an attacker, the Ben-Gurion University researchers said Monday in a blog post. "These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure."

Crafting a data lifecycle management strategy to control capacity
As with data being classified, ILM also requires storage to be classified. Storage arrays offering specialty features such as fast access or slower access but low cost per-GB, or that offer special data protection services such as mirroring, replication or continuous data protection, can be given their own target classification, thereby providing discrete destinations for data writes and data moves.

When Design Best Practices Become Performance Worst Practices
It conforms to known design and usability best practices, and your testers loved it in the lab. You push the design to your live site and the results are … well, a little disappointing. Not terrible, but your conversion rate hasn’t made the leap you expected. Why? You’ve done everything by the book, but perhaps the book is missing a chapter or two. Chances are, you’ve accidentally made one of three common design mistakes, and these mistakes have affected how your pages load, which ultimately hurts page views, bounce rate, conversions, and pretty much every business metric you care about.

India Ranked 7th in Attacks by Trojans in Banking
The Internet among many things has made our daily activities very convenient, especially when it is percolated to mobile devices. Among other activities consumers now prefer ‘armchair banking’ where banking transactions are carried out easily. However, attackers who are financially motivated, target these online banking services and financial institutions by leveraging advanced Trojans to commit large scale financial fraud.

Leading by Taking a Step Back
We aspire to do more, dream more, learn more, and become more, and for better or worse, the traditional wisdom has been that we need to accomplish more in order to get more. But for many, experience, trial and error says differently. We pile on more projects, goals and objectives and lose sight of the one unifying vision that defines us as a company and as leaders. So how can leaders learn to step back and only move forward by putting one foot in front of the other at a time? How do we avoid becoming task managers and get back to being leaders? When everyone is “leaning in” to get ahead, does it make sense to “lean out” for a change?

Big Data's Opportunity for Information Optimization
Businesses are always looking for ways to grow and to streamline their operations. These two goals can come into conflict because as organizations become larger it becomes more complicated to be agile and efficient. To help them understand and modify their processes, businesses can derive insights from analytics applied to their data. Today that data is available not only in the enterprise and cloud computing environments but also from the Internet. To collect, process and analyze it all is a challenge, one that an increasing number of organizations are meeting through the use of big data technologies.

BYOD and the Internet of Things bring unique challenges for hospital CIOs
Both of these trends offer special security and interoperability challenges for hospitals. Developers are still working on how to merge this data with the various electronic medical records (EMRs) in use, but that’s the easy part. Data security is the more difficult issue. Not only do you need to ensure that unauthorized people do not access the network via any of these devices, you need to ensure security in transmission of the data. Again, this is a scenario that would (or at least should) create a high level of concern for any CIO.

Executives debate need for the CIO title
When it comes to appointing an organization's IT strategy leader, how important is it to dub that person the CIO? In the absence of a CIO title, does the title of IT director carry the same weight? Technology experts debated these questions and more during the recent "CEO/CIO Marriage Proposal" panel at the American Society of Association Executives (ASAE) Technology Conference in Washington, D.C.

Kanban’s service orientation agenda
Service orientation with Kanban starts with viewing the organization through the Kanban “lens” of service delivery, work flow and knowledge discovery. Typically, this begins with the identification of customer needs, expectations and frustrations, matched to the corresponding capabilities and frustrations of internal systems. The tools of the sustainability agenda (visualization, WIP controls, feedback loops, and so on) are then applied with a deliberate end-to-end emphasis, extending to the customer both upstream and downstream.

Get Ready, It's the Year for Big Data Heists
These security breaches were all different but had a common cause: negligence. Although the technology and techniques to protect data, or at least to make life more difficult for hackers, have been around for years, companies and their customers mostly assumed that data theft was something that happened to other people. They need to start getting wise. The U.S. retail attacks are part of a recent trend, reported by the cybersecurity firm CrowdStrike, in which the hackers (or "adversaries," as the company describes them) target point-of-sale devices in which physical credit cards are swiped.

Quote for the day:

"An inventor is simply a fellow who doesn't take his education too seriously" -- C. Kettering