September 07, 2015

4 new cybercrime trends threaten your business

Hackers aren't sending attachments to everyone, though. The difference in this reincarnation of a tried-and-true tactic is that cybercriminals are targeting businesses, and sometimes masking as requests or files coming from within the company. They’re even sending them at a time when you'd expect to receive such a missive. "We see the highest point of entry on Tuesday at 10 a.m. local time, when everyone is really busy," Epstein says.  Clay Calvert, director of cybersecurity for MetroStar Systems, says that hackers are often searching for the names of comptrollers or CFOs from company websites – typically available on "about us" pages – and then sending them emails pretending to be from a higher up in the company. They're the targets because they control the money.

Apple and Cisco partner to bolster iOS in the enterprise

"The corporate market is one in which the Apple brand still has a strong pull with employees. It also allows them to sustain a prime premium that has become a little harder to sustain in the consumer market" because of competition from more inexpensive Android devices, he said, adding that strong employee demand for the iPad, in particular, is a market Apple wants to preserve. Cisco, which in turn benefits from its association with a popular name brand, can help do that. "It is a good partnership for both companies and helps Apple gain more credibility in the enterprise," agreed Gartner's Baker.

Who Will Own the Robots?

Those who are inventing the technologies can play an important role in easing the effects. “Our way of thinking as engineers has always been about automation,” says Hod Lipson, the AI researcher. “We wanted to get machines to do as much work as possible. We always wanted to increase productivity; to solve engineering problems in the factory and other job-related challenges is to make things more productive. It never occurred to us that isn’t a good thing.” Now, suggests Lipson, engineers need to rethink their objectives. “The solution is not to hold back on innovation, but we have a new problem to innovate around: how do you keep people engaged when AI can do most things better than most people? I don’t know what the solution is, but it’s a new kind of grand challenge for engineers.”

Is IT service continuity only for the rich?

Start on your IT continuity plan by creating an asset database of the enterprise's applications. For most organizations, continuity doesn't mean mirroring all the same applications with the same user experience as the primary infrastructure. Instead, the business needs to be able to continue with core processes until the main data center is back on line. A mission critical application running on a physical server must continue operating despite an outage, but it may not need to be replicated as a physical system. Running the app as a virtual machine allows IT to spin up the image rapidly when needed and provide a good-enough user experience as a stop-gap measure. A workload that is not deemed mission critical, for example a payroll or purchasing program, may be disregarded during outages.

Connectedness for the mainframe in the application economy: blessing or curse?

While this is simply one vector into a system, it’s possible to create a product (or put it into an existing product such as CA Auditor for z/OS) that can scan for these vulnerabilities on a system, plug them and report on the number of times these attempts were blocked. Last but not least, such news about technical exploits helps, but there is a huge cultural and communication barrier for mainframe security professionals in getting the broader organization and the rest of the security community to understand the risk. There is still a culture of denial or, “Wait my mainframe has never been compromised.” This is why we believe the mainframe reframed discussion is a timely and thoughtful conversation we need to have as a community.

The Internet of Things comes to the NFL

"Every NFL stadium is connected to a command center here in San Jose," Stelfox says. "That command center has to operate as sort of a central command of all the data. When the data is collected in the stadium, it's sent in the stadium to the broadcaster in the stadium — it never leaves the stadium from a broadcaster perspective — but it's also distributed out to the NFL cloud." All that happens in under a couple of seconds. "The command center is our point of clarity," she says. "We can see every tag on every player from San Jose when the game is live. If there's something that goes wrong, we know about it very quickly and we have dual recovery. All of that is controlled from a single point of coverage in San Jose."

10 ways IT can use self service

Like user ID issuance and renewals, data retention is another area where policies are manually executed. Decisions on how long to keep accounting, HR, manufacturing, sales, and other data are made in separate meetings between IT and these areas' managers—and the meetings can be long and tedious. A self-service approach to data retention could eliminate these one-on-one meetings. IT would send out an annual update screen to each area end-user manager that lists the area's data resources and current data retention policies and ask managers to either sign off on existing policy to continue it or to make changes. This self-service update could then be sent to the IT data administrator. The transaction log from data retention reviews could be stored for auditors to review when they check on data governance.

Enterprise data architecture strategy and the big data lake

The data lake takes a fundamentally different approach to data storage than the conventional data acquisition and ingestion method. The traditional method seeks to make the data conform to a predefined data model to create a uniform data asset that is shared by all data consumers. By normalizing the data into a single defined format, this approach, called schema-on-write, can limit the ways the data can be analyzed downstream. The approach that is typically applied for data stored in a data lake is called schema-on-read, meaning there are no predefined constraints for how the data is stored, but that it is the consumer's responsibility to apply the rules for rendering the accessed data in a way that is suited to each user's needs.

Case study: How Ebury took a cloud-first approach to delivering financial services

“We’re very aggressive in terms of adding value as fast as possible to our customers, and we would experience friction with them if we weren’t able to quickly make the decisions we need to or we would fail fast in terms of trying things out if we were slowed down by having to provision additional servers and on-premise hardware,” he says. It is this kind of attitude to business agility that has shaped the firm’s cloud-first approach to IT, which has markedly accelerated since Young joined the firm a year ago. “When I joined, we had most of our kit running in Rackspace, but there was no cloud approach at all regarding the desktop or other applications that don’t necessarily sit in the datacentre,” he says.

Q&A on the Book Agile Impressions

There are so many ways of people working well together that it's easier to tell when they're not working well together. The most common symptom I see is what you asked about previously: does each party make themselves readily available to work on the other's issues? If not, they're not even working together, so they're clearly not working well together. Do they know each other's names? They don't need to be best buddies, but they must treat each other with respect. When they're meeting together, do most questions get answered? The answers don't have to be what the questioner wanted to hear, but are their questions responded to, not ignored? Those are the signs I see most often that two parties are not working well together.

Quote for the day:

"Leadership cannot just go along to get along. Leadership must meet the moral challenge of the day." -- Jesse Jackson