November 05, 2014

Remote working puts business data at risk, study shows
Banks said that – even though eight in ten of the employees interviewed read or write work emails on the move, and around seven in ten work on electronic documents outside their office – businesses fail to provide tools for secure remote working, or put the right security policies in place. Fewer than six in ten respondents said their organisation had a remote working policy. Of those that did have a policy, over a quarter admitted they had broken the policy to work remotely, either knowingly or unwittingly.

Using PouchDB for Offline/Data Sync
PouchDB offers not only client data replication to remote servers, but also provides a robust key/value data store for the browser as well. And not only the browser, but any JavaScript environment with disk access, including Node.js. The PouchDB web site has an introductory tutorial that steps you through the process of building a simple single page app (SPA). The app is modeled after the vanilla JavaScript implementation of the excellent TodoMVC benchmark for JavaScript frameworks. If you’re looking for a great comparison of SPA frameworks by the way, I’d highly recommend checking out TodoMVC.

Driving Innovation with IaaS
New technologies and service models can change how businesses operate, and become key drivers in innovation and cutting back operational expenditure. Infrastructure-as-a-Service (IaaS) is one such model where servers and other resources are provisioned as required over the cloud. This model provides self-service, on-demand access to IT resources, which means users can create and access tools they need within minutes, instead of days, weeks or months.

BlackEnergy cyberespionage group targets Linux and Cisco
Variants of the BlackEnergy plug-ins developed by the cyberespionage group were discovered for both Windows and Linux systems. They enhance the malware program with capabilities like port scanning, password stealing, system information gathering, digital certificate theft, remote desktop connectivity and even hard disk wiping. Different selections of plug-ins are deployed from command-and-control servers for every victim, depending on the group's goals and the victim's systems, the Kaspersky researchers said.

A CIO fights to keep his tech options open
"The impact on customer choice and negotiating positions" is very strong, he added. The concern about a narrowing of choices isn't limited to platforms. The industry consolidations resulting from mergers and acquisitions could lead to the discontinuation of development work on certain systems. "That may force us to switch tools and vendors," Spears said. The impact of consolidation can be particularly acute in certain markets. The banking sector, in particular, may be the canary in the coal mine that offers an early sign of the risks of IT consolidation.

AT&T, Others Launch OpenDaylight SDN Alternative
OpenDaylight has seen some recent momentum with two code releases, and heightened support from its own member companies. Brocade will ship this month an OpenDaylight-based SDN controller. And initial skeptics HP and Dell have raised their investment and participation in the effort. Like OpenDaylight, ONOS delivers an SDN control plane featuring northbound and southbound APIs, and a range of management, control, and service applications. Initially targeted to service providers, the community’s goal is to extend the platform for cloud service providers, enterprises and mainstream deployments.

The Only Way to Save Your CRM from Failure
Data also decays naturally, compounding the effect of human error. Estimates put the rate of data decay at around 2 percent per month. It is a completely natural process, and it is unavoidable. As your contacts change jobs, get married, change email addresses or get promoted, your CRM will start to lose track. Looking closely at CRM failure rates, we have a range of statistics to work from. C5 Insight estimates that the failure rate of CRM software is around 16 percent. It says that this figure is “optimistic”, and puts its own estimates at 38 percent.

Despite skeptics, security awareness training for employees is booming
"Effective education is a non-trivial thing, and it takes a very solid understanding of the audience and how you're going to measure the effectiveness of that education," said Walls. "Within the industry, the history of security education has ignored all that. It doesn't worry about impact; it doesn't worry about [asking] 'Is this effective?' "As a result, the word on the street is that security training isn't worth the time and money," Walls continued. "It's the classic syndrome of blaming the tools … the fault lies with you, not the audience."

Why coding's cool for school
There are some initiatives leading the way here. Google's Made with Code, for example, provides great inspiration for young women by showcasing the diverse career routes taken by those with an interest in tech. And Capability Jane is another notable organisation, aiming to improve diversity across sectors by encouraging businesses to hire working mothers on a more flexible basis. Such initiatives are crucial in encouraging the next generation of young women to study STEM subjects with a view to a career in tech.

A Look at ETW – Part 3
Although a strength of ETW is its strongly-typed events, after seeing several examples which use more “generic” events yet still benefit from ETW and its tooling, I’m going to try that and go with a few general-purpose events. Several of the logging frameworks use the concept of “category” (or a dictionary of categories), so I’ve decided that might be useful here too. Since I want to trace both methods and code blocks I use “Action” and “actionName” to designate either. I also want to make timing optional: ETW events have a high-resolution timestamp and some tools will pair up start/stop events, so doing my own timing isn’t always necessary.

Quote for the day:

"Doing the same thing over and over, yet expecting different results, is the definition of crazy." -- Unknown