September 09, 2014

DNSSEC Adoption - A Status Report (Part One)
The final step in the deployment of DNSSEC is the use of validated information by services and applications to provide enhanced and innovative security services to users, with browsers obviously being first in line. Businesses need to see better online security as a market advantage — especially financial services firms. More signed domains are needed to demonstrate full viability, and that's currently a huge gap in the DNSSEC chain of trust. New TLDs will help to some degree, but more needs to be done. There are two obstacles standing in the way of more secure domains, one related to policy and one technica

Dear Apple: Thank you for not measuring up
Indeed, throughout the course of using an Android device you steadily come to realise that it's the little things that make it a superior mobile experience: the much-improved keyboard, for example, which learns from your typing and predicts your next words with uncanny accuracy, or the amazingly useful widgets that make Apple's icons-R-Us interface seem positively archaic. That Apple is now playing catchup on these and other points, confirms that even its own engineers realised they had remained too inflexible, for too long.

Closing the High-Tech Gender Gap
The Lemelson-MIT Prize is an award for invention, for making discoveries useful through commercialization, and for inspiring the next generation. ... My biggest fan and mentor has always been my dad, himself a serial entrepreneur. When I became a professor, he had mixed feelings about me climbing the ivory tower. To encourage me, he asked one simple question: “When will you start your first company?” (As it turned out, I started my first company within five years. Since then, my students and have founded 10 companies between us.)

6 Strategies for Cancelling a Major IT Project
Before ever cancelling a project, make sure it can't be saved, says William Gutches. As part of a thorough investigation into whether a project must be cancelled, review the original scope of work, the skillsets of those involved, the requirements materials, the testing process, ... "The fundamental decision is whether or not there are sufficient reasons and support and agreement of the project sponsors to allow the project to proceed knowing what the new time, cost, budget and expectations are at the point of this investigation," he says. "If that agreement can be made, then proceeding is possible."

Risk appetite and its influence over ISO 27001 implementation
ISO 27001 implementations use the risk appetite concept implicitly, through the risk assessment probability vs. impact matrix, defining risks as acceptable, manageable, and unacceptable. Even though this approach may have benefits related to ease of use, some considerations must be taken when applying the risk appetite concept: With a high risk appetite, even a risk assessed as high can seem attractive if the potential gain is high enough; and Greater risk appetite can expose you to more risks, by making you use less strict controls in pursuit of a specific opportunity

Facebook’s Open Compute Servers Still Tough Sell for Corporate IT Shops
Facebook has publicly said it saved more than $1 billion as a result of using Open Compute gear in its data centers, and companies like Rackspace and IO have built cloud infrastructure services using Open Compute server designs. Earlier this year Microsoft said it had adopted OCP specs for the infrastructure that supports its entire portfolio of online services, including Azure. While there are some individual success stories, however, there has been little public information about how OCP is doing in the traditional data center space. Are banks and corporate IT shops using Open Compute servers? The most likely answer is not really or very little.

Easy Android file encryption with Encdroid
In light of the recent debacle with the iCloud hack, it's nice to find out you can find some easy-to-use third-party tools on Android to encrypt your more sensitive files and folders. One such tool is Encdroid. This particular encryption tool creates volumes that are compatible with EncFS, so they can be read from Windows, Linux, and Mac. ... Encdroid allows you to encrypt your files/folders with Dropbox, Google Drive, or the local storage of the device. The app is free and quite simple to use. Let's walk through the process of installing and using Encdroid to encrypt files and folders within Google Drive.

How to Test if Your Strategic Goal Is Really Strategic
“The community is healthy” is the effect of the other two performance results. This cause-effect relationship helps to position the second two results as causes of the first. When you get this cause-effect relationship embedded into a single strategic goal, it suggests that the goal is actually made up of performance results that sit at different levels or tiers in the organisation. It means that we can set the strategic goal as “The community is healthy” and cascade the other two performance results as operational goals. It makes sense, because the two operational performance results would naturally be the responsibility of one or two divisions of the organisation.

Why It Makes Sense to Transition to Managed Services Model?
This model is attractive as the pricing structure is based on regular monthly billing around service levels and volumes, rather than per diem fees associated with staff augmentation. This greatly reduces volatility in costs and supports accurate and predictable budgeting. Moreover, as compared to staff augmentation, the relative increase in costs in this model as business requirements grow and the service expands are significantly lower than the costs involved in further augmenting staff numbers and skills due to economies of scale, labour cost arbitrage and flexibility with staffing.

Busting cloud myths: Four user instances where cloud computing failed
It backfired because the developers kept buying instances without any restraints. “If you give someone a red button to press every time they want a candy, they will keep pressing it,” said Barnett. The company had predicted about 30 cloud instances, but ended up paying for 750. Barnett emphasised the importance of governance, staff training and awareness, as well as having policies in place to make sure cloud strategies pay off. “It is not just AWS. The same thing would have happened if they were with any other cloud service – Microsoft Azure or HP, for example.

Quote for the day:

“Every great leader has incredible odds to overcome.” -- Wayde Goodall