July 10, 2014

Controversial data center building and operation practices
There are many new and exciting data center building design, configuration and operation choices, but many of them involve trade-offs. These newer standards and best practices have adherents and detractors, and potential detrimental effects or poor return on investment won't always be immediately obvious. Even some standards required by building codes are nonetheless controversial. The specific concerns surrounding hot-aisle containment designs and safety warrant their own discussion.

The Impact of Big Data on Linguistics
Linguistics is an area that is constantly changing from one day to the next. There’s no stopping the evolution of language, and with the web and social media the speed at which it’s evolving has increased dramatically.There are so many contributing factors to language that impact how and when it changes that it can be extremely difficult to track and completely understand what about the language is changing and why it’s changing. Big data technology, like Hadoop Hive, is vital in assisting interested parties in gaining deeper and clearer insights into linguistics. It simplifies processes from weeks and months to seconds and minutes. It opens up possibilities that weren’t available before. Big data takes linguistics to the next level.

Provisioning versus Configuration
It is important to recognize the difference between these two steps in the deployment process and take into consideration the impact of configuration after provisioning on that process. Depending on the method of configuration, this step can have a serious impact on the speed and efficiency of the deployment process as a whole. It is also important to note for monitoring purposes, as virtual machine health and status is not the same as the health and status of the service, whether that be an application or a network service. Both must be monitoring and managed in a virtualized infrastructure to meet MTTD (mean time to detection) and MTTR (mean time to resolution) objectives.

Botnet aims brute-force attacks at point-of-sale systems
Micros Systems is based in Columbia, Maryland, and provides software applications, services and hardware systems, including POS terminals, to the hospitality and retail industries. If the BrutPOS malware successfully guesses the remote access credentials of an RDP-enabled system it sends the information back to a command-and-control server. Attackers then use the information to determine whether the system is a POS terminal and if it is, to install a malware program that's designed to extract payment card details from the memory of applications running on it.

Building A Security-Aware Culture
Awareness and training is one of the most effective elements to any information security program because most of the risks that organizations face are caused by user error, misconfiguration of systems or mismanagement. In fact, according to IBM’s 2014 Cyber Security Intelligence Index, 95% of all attacks in 2013 involved some type of human error, the most prevalent being an employee double clicking on an infected attachment or URL. The goal of an information security awareness and training program is to stop these errors from taking place by educating users on their responsibilities for ensuring the confidentiality, integrity and availability of information as it applies to their roles within the organization.

My “Desert Island Half-Dozen” – recommended reading for resilience
When I speak with customers, they often ask how they can successfully change the culture of their IT organization when deciding to implement a resilience engineering practice. Over the past decade I’ve collected a number of books and articles which I have found to be helpful in this regard, and I often recommend these resources to customers. I’ve included my favorites below, in no particular order, with a short explanation of why I’m recommending them.

Shift Left Performance Testing - a Different Approach
This article will explain a different approach to traditional Multi User Performance testing; using the same tools but combine them with modern data visualisation techniques to gain early insight into location specific performance and application areas that may have "sleeping" performance issues. Most programs concentrate first on functionality and second on anything else. Multi User Performance Testing, performed with tools like HP LoadRunner or Neotys Neoload, usually is one of those activities that happen late in the testing cycle. Many times this happens in parallel with User Acceptance Testing when the new system is already exposed to the end users.

Finance Analytics Requires Data Quality
A main requirement for the data used in analytics is that it be accurate because accuracy affects how well finance analytic processes work. One piece of seemingly good news from the research is that a majority of companies have accurate data with which to work in their finance analytics processes. However, only 11 percent said theirs is very accurate, and there’s a big difference between accurate enough and very accurate. The degree of accuracy is important because it correlates with, among other things, the quality of finance analytics processes and the agility with which organizations can respond to and plan for change.

Considering cloud service tiers
As enterprises move to public cloud-based resources, the use of application and data categories will play more important roles, for the same reasons listed above. For instance, there are public cloud storage services that are guaranteed to support SLAs (service level agreements) that approach 100 percent up time, but the costs are much higher per gigabyte of storage. Of course, there are public cloud services that don’t offer the same amount of up time, but charge way less. You need to match the right storage or compute services to the right use of those services by application tier, based upon cost-to-value. Again, we’ve been doing this for years with hardware and software, now we’re just extending this to the use of cloud-based services. The concepts should not be new, for most enterprises.

The Right Fit: The Enterprise Architect Selection Dilemma
With the increasing focus on mapping Enterprise Architecture value towards delivering business outcomes, it may be time to start re-evaluating the process of hiring and career development of this vital role. And there are organizations that have recognized this. Waddell and Reed’s listing on LinkedIn, if it is still up, is a good example of a well-defined EA role. IASA’s skills matrix and job descriptions for architects can also serve as a useful reference for this purpose. IASA’s EA job description lists around fifteen distinct job responsibilities, with additional sub-items around knowledge management and engagement. IASA also lists twenty separate criteria covering education, skills and experience for an Enterprise Architect.

Quote for the day:

"Leadership cannot really be taught. It can only be learned." -- Harold S. Geneen