June 02, 2014

In baffling move, TrueCrypt open-source crypto project shuts down
The website provided detailed steps for TrueCrypt users to migrate to BitLocker, a commercial encryption tool. BitLocker is also Microsoft's encryption tool that ships with Windows. "This page exists only to help migrate existing data encrypted by TrueCrypt," the website stated. "The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images." The message urged users to migrate data encrypted by TrueCrypt to encrypted disks or virtual disk images supported by their operating system platform.


How to Create High-Performing Project Management Teams
What makes a "victim"? A victim mindset, Winquist says, is one where cost-cutting, micromanagement, excessive control of information and reporting and a "command and control" philosophy is enacted. "Victims are constantly cutting costs, locking down processes, not sharing information or collaborating, micromanaging, and they have a harder time dealing with complexity and change," Winquist says. Because of this mindset, Winquist adds, many organizations become so focused on controlling the production and delivery process that they miss the mark of what the customer really wanted, too.


SaaS Security Needs Heightened by Adobe Breach
The Adobe breach should be a cautionary tale to the SaaS community to step up security, according to Ethan Oberman, the CEO of SpiderOak, an online backup, syncing, and file sharing service. "In the SaaS model, the moment data is generated on a third-party server, the privacy of that data is compromised. That was the known tradeoff -- less data security for heightened usability," Oberman told me. SpiderOak positions itself as offering a more secure service with what it calls "full end-to-end encryption all the time, every time," he said. The company calls its security approach "Zero-Knowledge" security, because even SpiderOak doesn't know what's in its customers' data.


Coding Principles Every Engineer Should Know
Throughout my engineering career, I’ve had the opportunity work alongside and learn from many incredibly talented people, solve some serious technical challenges, and scale several successful companies. Recently, I was talking with the engineering team at Box about what I’ve learned along this journey, and what came out of that conversation were my personal engineering principals. These aren’t rules or engineering guidelines. They’re simply the principles that I pay attention to when I write and operate code.


U.S. companies seek cyber experts for top jobs, board seats
"The trend that we are seeing is that organizations are elevating the position of the CISO to be a peer of the CIO and having equal voice associated with resource priorities and risk decisions," said Barry Hensley, executive director at Dell SecureWorks' Counter Threat Unit. With many companies looking for security executives with military or defense backgrounds, people with the right expertise can command increasingly higher salaries. Large corporations have recently hired CISOs for between $500,000 and $700,000 a year, according to Matt Comyns, global co-head of the cybersecurity practice at search firm Russell Reynolds Associates.


Employee Engagement Everywhere: The Wheel of Engagement at Work
Engagement offers a relatively new thread that weaves together a wide variety of elements in organizations and work. The word began to appear in reference to work in the late 1990s and is gathering increasing attention and prominence as we determine how to move forward with so many different facets of work. It moves well beyond employee satisfaction, motivation or compliance into authentic partnership and co-creation, to enhance relationships and improve results. It supplants the old systems of "command, control and tell", with "invite, co-create and ask".


Google Drive leads in features, lags in ease-of-use
Google has the best file printing of any of the three suites. Print from any of the Google apps by clicking File->Print. The app kicks in Google's Cloud Print, which can print in many ways. If you have your printer set up for Google Cloud Print -- very easy in most cases -- the printing experience closely parallels the way you would print from any desktop app. If there aren't any Google Cloud Print printers around and you can't get to one remotely, you can opt to print from your local computer or to generate a PDF that gets stored in Google Drive.


Happiness is… a handhold on Hadoop
“Very low cost commodity hardware can be used to power Hadoop clusters since redundancy and fault resistance is built into the software instead of using expensive enterprise hardware or software alternatives with proprietary solutions. This makes adding more capacity (and therefore scale) easier to achieve and Hadoop is an affordable and very granular way to scale out instead of up. While there can be cost in converting existing applications to Hadoop, for new applications it should be a standard option in the software selection decision tree.”


75% of mobile security breaches will result from misuse, misconfiguration
Jailbreaking and rooting can also allow malware to be downloaded to the device, enabling malicious exploits that include extraction of enterprise data. These mobile devices also become prone to brute force attacks on passcodes. According to Dionisio Zumerle, principal research analyst at Gartner, a classic example of misconfiguration is improper use of personal cloud services through apps residing on smartphones and tablets. “When used to convey enterprise data, these apps lead to data leaks that the organization remains unaware of for the majority of devices," he said.


Are Chief Digital Officers the Result of CMO/CIO Refusal to Change?
So who is this relatively new beast? Gartner VP David Willis says, “The Chief Digital Officer plays in the place where the enterprise meets the customer, where the revenue is generated, and the mission accomplished.” In other words, where the rubber meets the road. They aren’t just another “C” heading up a unit. They’re the CEO’s personal SWAT team, able to call the shots necessary across all units to affect what has become job one…customer experience. And what are the CMO’s and CIO’s doing while this is going on? Playing corporate games.



Quote for the day:

"To command is to serve, nothing more and nothing less." -- Andre Malraux