August 11, 2015

Defusing The Internet Of Things Time Bomb

What complicates the landscape is that the majority of devices are dependent on apps, mobile platforms and back-end cloud services that often integrate with “home automation hubs” — all of which can become an attack vector for any new devices added to the network. Suggested IoT privacy practices parallel those in place today for general web services, yet the sensitivity of IoT data tied directly to an individual and the form factors used present additional challenges and concerns. Key recommendations here include sufficient notice in a format consumers can easily access, limitations on data sharing with third parties, data retention policies and clearly defined implications of a customer’s refusal to accept a privacy policy


To shine a light on cybercrime, go Dark

“The hardest part of monitoring is really learning where to look. Many of the sites on these obscure networks move locations or go offline periodically. However, once an individual has identified a handful of sites, they frequently lead to others.” He also agrees with McAleavey that it is labor-intensive, and does not always yield useful intelligence. On the “slow” days, “you might not see anything of value,” he said. “Furthermore, this requires an analyst's fingers on keyboard. Deploying a 'tool' to do this job is not effective. Scraper bots are detected and regularly purged.” Others are a bit more dubious about the average IT department doing effective Dark Web surveillance, even if the budget is there.


The Key to successful project management is closing the loop

These first six steps include initiation, planning, design, building, testing, and ‘go-live’. The missing step, though, is what I like to call ‘closing the loop,’ or benefits realisation, and is sorely needed to close a project. This missing step is, more often than not, the reason why the rewards of a successfully implemented project are seldom felt by the project management team. Other reasons include the fact that the results are only seen months after the implementation is complete, which means that the team leading the project leave the job with a sense of it never being fully complete, and little sense of achievement. Consequently, they probably will never know if the implementation was a complete success.


Why CIOs Need a Chief Data Officer

The report, titled "The Chief Data Officer: Bridging the Gap between Data and Decision-Making," reveals that CIOs and other senior tech leaders are under pressure to provide better data to the business side more swiftly. However, their efforts are stymied due to a lack of an enterprisewide approach to data management, without any "ownership" over data-driven decision-making. As a result, inaccurate data is causing business-impacting issues while creating regulatory risks. By hiring a CDO who can take command of data management, companies can avoid such outcomes. "Business leaders need to create a culture around data," said Thomas Schutz, senior vice president and general manager of Experian Data Quality.


3 Things Patients Secretly Expect from Healthcare Providers

Over the last couple decades, customer service processes — and the expectations that drive them — have transformed entirely. Attention spans are waning, consumers are becoming more informed,mobile devices consume our every moment and anything less than a Ritz Carlton experience may earn companies a scathing Yelp review. Most businesses have made great waves in responding to these changes, but, up until recently, the healthcare industry has remained mostly exempt. Now, thanks to HCAHPS surveys and popular online review sites dedicated entirely to ranking private practices, the healthcare world is feeling the sting of shifting consumer behaviors. Many organizations are striving to understand what patients want, and discovering it’s not as easy as they’d hoped.


A Gateway to the New Internet: What to know about HTTP/2

While the IETF doesn’t mandate encrypted (HTTPS) web communication for HTTP/2, all browser implementation of HTTP/2 does require a secured (HTTPS – SSL/TLS encrypted HTTP) connection. This means that if a site doesn’t support HTTPS URLs, or can’t be upgraded to support HTTPS, it can’t use the new protocol. In many cases, even if the site can use encrypted HTTPS communication, it may have some severe performance penalties, having to encrypt all communication to/from the server. So only sites that have a good infrastructure that can efficiently handle HTTPS communication will be able to de-facto benefit from the performance boost HTTP/2 has to offer.


The Lean Machine: Bringing Agile Thinking to the Database

Truth is, while Agile and continuous delivery have been sweeping through application development like wildfire, there’s been a lot of Agile movement in the database development arena too. It’s a natural extension because business is moving faster, features need to be released sooner, and the database can’t be a bottleneck. In database development, testing, and deployment, there are tools and processes that can be adopted alongside those used for applications. By treating the database as another piece of source code and using Agile practices, Database Lifecycle Management (DLM) becomes easier. Used correctly, DLM relieves the burden on database administrators (DBAs), makes testing easier and faster, and turns deployments from occasional big bang releases full of worry to frequent releases that are simple and error-free.


Data capitalization makes governance run smarter

Capitalizing on enterprise data gives firms a head start on building and sustaining stronger, more strategic governance Underlying the concerns most firms share about workflow, efficiency, transparency and regulatory compliance is a deeper concern about data governance: where data originates, what processes govern it, whether users are following these rules and whether firms can prove this is the case. Data capitalization helps firms build smarter governance programs. It spurs the investments in time and budget required to map out the entire data environment and start improving it.


Digital certificates key to mobile security, says researcher

Analysis of apps has also revealed that while some claim to encrypt all data in motion, when passwords are changed, this information is sent in clear text over the network. “Having that level of intelligence is key, but it is quite difficult if you are managing an enterprise and all those apps across all those mobile devices to have that level of visibility, it is not scalable, which is why is affirmation services have emerged that analyse apps when they are downloaded and cross-reference it with all known risky apps,” said Raggo. Adding to the complexity of the challenge, he said, is that there are several different ways Apple devices can be jailbroken, there are tools that can hide the fact that devices are jailbroken from enterprise management systems, and there have been cases of brand-new Android devices that have been found to be rooted.


Why Bluetooth could be the game-changer in mobile payments

While both technologies can be used for short-range communication, BLE has a longer distance with a reach of up to 50 meters compared to less than 0.2 meter for NFC. When it comes to mobile payments, using NFC involves having customers tap and pay for their purchases where close proximity to a terminal is a requirement. The longer distance provided by BLE leaves room for creating a truly frictionless experience. The consumer and merchant have the flexibility to manage payments in multiple ways, which includes enabling hands-free payment where the customer does not need to pull out her phone or wallet. This allows for better customer-merchant relationship building during that limited time for interaction during checkouts, since customers are not distracted by their devices.



Quote for the day:

"I have learned that the best way to lift one's self up is to help someone else." -- Booker T. Washington,