March 31, 2015

Creating a Creative and Innovative Culture at Scale
The development managers are responsible for holding regular one-on-one coaching talks. Each has a team that is spread over different game teams in different studios (see figure 1). The development managers remain developers and typically their team members share a similar skill set so that the development manager understands the domain in which their team works. Although spread out in the organization, development managers work as a community. All of them come together weekly to discuss what’s happening in different parts of the company, which allows them to identify issues and address them quickly.

Repository pattern, done right
The repository pattern has been discussed a lot lately. Especially about its usefulness since the introduction of OR/M libraries. This post (which is the third in a series about the data layer) aims to explain why it’s still a great choice. ... The repository pattern is an abstraction. It’s purpose is to reduce complexity and make the rest of the code persistent ignorant. As a bonus it allows you to write unit tests instead of integration tests. The problem is that many developers fail to understand the patterns purpose and create repositories which leak persistence specific information up to the caller.

Data Transparency Transformation
Data standardization is essential but not sufficient to improve the quality of financial data, to reduce or eliminate duplication, and carry out our work. We also need to improve ways to securely share sensitive data, both among authorities within the same jurisdiction and across borders. Data sharing is essential because none of us no one regulator or company alone  possesses or has access to all of the data needed to paint a complete picture of threats to financial stability. The financial system is complex and ever-changing, so even if we put all of our data together in one place, significant gaps would remain and new ones would emerge. It is a puzzle with many interlocking types and pieces of data

If Everybody is Responsible, Nobody is Responsible.
The tough part of compliance is the coordination of multiple compliance efforts and filling the gaps. When compliance fails, it often fails because a piece of compliance was not handled properly. It might have been a simple piece, but nonetheless a critical one. Everyone wants responsibility for compliance, because they have a piece of compliance and they believe theirs is most important. If you have ever watched the congressional hearings of Enron, WorldCom, or Tyco, you will have seen a parade of people from Audit, Legal and the Board saying, “I had my piece covered. What failed was not my responsibility and I was as surprised as you that it failed.”

The Privacy Challenges of Cloud Computing
Where an organization engages a cloud services provider it is important to identify whether the cloud provider is a controller or a processor. In most instances, it is likely that the cloud provider will be a processor. The Information Commissioner has issued guidance on this issue which may be helpful in making more detailed analysis. The geographical location of the servers used to store personal data is often contentious. Where the servers are based outside of the European Economic Area (EEA), a customer will need to address the eighth data protection principle which, in broad terms, requires adequate safeguards to be in place when personal data is transferred outside the EEA.

Distributed Cloud?
Migrating applications to the cloud is more than just moving virtual machines into the cloud; many tools, such as HotLink,CloudVelox, Veeam, and Zerto do this well enough. Migration is more about how those applications work within the cloud. It is about the connections between tools running within the VMs. Ultimately, it’s about applications and their attendant data. The intersection of data and application needs to be considered when moving to the cloud. To provide resiliency for an application using a cloud service, you may use multiple data centers within a cloud, or even multiple clouds. When you use multiple clouds, you end up with a hybrid cloud approach to your application.

BI and Big Data: Same or Different?
Contrary to some of the market hype, data democratization and big data do not eliminate the need for the "BI 101" basics, such as data governance, data quality, master data management, data modeling, well thought out data architecture, and many others. If anything, big data makes these tasks and processes more challenging because more data is available to more people, which in turn may cause new mistakes and drive wrong conclusions. All of the typical end-to-end steps necessary to transform raw data into insights still have to happen; now they just happen in different places and at different times in the process. To address this challenge in a "let's have the cake and eat it too" approach, Forrester suggests integrating the worlds of BI and big data in a flexible hub-and-spoke data platform.

Taking IT reorgs to the extreme
What's different today is the degree of uncertainty about what the IT group is if virtually all companies are now built, top to bottom, on technology. CIOs themselves are divided about their own futures. In our 2015 State of the CIO survey, 49 percent of 558 IT leaders said they're destined to become managers of contractors and cloud vendors--hardly strategic. Indeed, sometimes old ideas and established leaders don't cut it. RSA Insurance Group in London cleaned house last year, replacing several senior executives, including all IT leaders and the CIO. RSA also created the position of chief digital officer as it tries to move to "more disciplined and effective use of technology."

Hologram - Finally, AWS Key Distribution that Makes Sense
Hologram is written in Go, Google’s “systems programming language” written by some of the original designers of C and Plan 9 from Bell Labs. It is a language explicitly designed for aggressive simplicity, both of programming itself and of deployment / operational concerns. The ability to create a static binary with assets compiled in allowed us to do a sophisticated multi-stage rollout of Hologram to developers, which we credit with how quickly developers adopted it. Go allowed us to produce a version of the binary that had some placeholder credentials compiled in, that was first deployed to developers. This version would simply use the compiled-in credentials to generate temporary ones, and expose the same metadata interface that applications expected.

Taiwan seeks stronger cyber security ties with U.S. to counter China threat
Taiwan was the most-targeted country in the Asia-Pacific region during the first half of 2014 for hacking attempts aimed at penetrating computer systems to steal data, according to U.S. data security firm FireEye Inc. Chang said the percentage of cyber attacks on government systems originating from mainland China was "very high", and warned that there was potential for hackers to use Taiwan as a back door into the U.S. systems. "The possibility is there," Chang said, while emphasizing that the main purpose of Chinese hacking attempts into Taiwan is not to steal U.S. data and that he has "no way of knowing" if an incursion into Taiwan has led to any U.S. intelligence leaks.

Quote for the day:

"Example is not the main thing in influencing others. It is the only thing." -- Albert Schweitzer