December 12, 2015

When it comes to cloud security which is better? Heavy hand or gentle policing?

Gentle policing based on very strong knowledge of how their organization is using cloud is very important. This way, they look at what people are trying to accomplish with cloud, and can step in and consult. Gentle policing isn’t meant to inhibit cloud usage as much as help to guide the organization to the more secure options that are available, if users chose an option that wasn’t secure. ... Enterprises can gather all of their different data points across their infrastructure and cloud systems and see that certain data indicators probably increases their confidence level that a breach occurred, and then those data will help them to figure out what to do there.


How to deal with the aftermath of a data breach

Jay Abbot, managing director of Just Advanced Security Consulting, said that most companies could not detect a breach if it occurred, and the ones they do notice are the ones where the attackers go public with the outcome. “The biggest part of preparedness is the ability to actually detect a breach,” Abbot says. “In security, we typically think defensively and layer up controls that place defences at different locations, but we rarely actually put in place a dedicated monitoring solution that can look at everything and identify anomalous activity.” The Sans Institute recommends a six-point plan when dealing with incident response, including preparation, identification, containment, eradication, recovery and lessons learned.


Puppet Labs CEO talks containers, infrastructure, and the implications of an IPO

His opinion stands beside a well-appreciated, but seldom articulated, understanding in the industry - that a significant number of occasions in which an acquisition is heralded as a win for both sides are no more than a soft landing for a business gone mad. Further, the reality is that most technology acquisitions are dismal failures, and that politics, silos, and ulterior motives within large companies mean that success from an acquisition is a relatively rare thing. An acquisition is, in Kanies's mind, a relatively good way to get rich, but the worst way to achieve anything.


Is There a Correlation Between Employee Happiness and Agile?

Startup culture is a quasi-religion for this group, and they strive to protect it. This makes sense: it's naturally iterative, focused on delivering working code in weeks or even days. Agile has focused on managing the work and this may reek of control, which is an anathema to these companies. ... The Tech Titans leadership doesn’t want Agile because Agile isn’t good for their questionable labor behavior. Notice I didn’t say labor practices - that smacks too much of unionization and blaming the execs, which I’m not going to get into. The labor behavior is different. It comes from a tightly wound knot of employee expectations, peer pressure, and management dictate - the social norms of a company, its culture.


The Languages And Frameworks You Should Learn In 2016

In the last few years, there has been a trend towards shifting the business logic of web apps from the backend to the frontend, with the backend being delegated to a simple API. This makes the choice of a frontend framework that much more important. Another significant advancement for the web as a platform in 2015 was the release of the Edge web browser. This is the successor of Internet Explorer which has an updated interface and faster performance. What sets it apart from IE is that it adopts the same quick release schedule that Firefox and Chrome follow. This is going to move the JavaScript community forward as updates to JavaScript and web standards will be available in weeks rather than years everywhere.


Why CIOs need to worry about Chennai

Newspaper reports indicate offshore providers have kicked in with contingency plans and have been flying out associates from Chennai to other locations to try and maintain service levels. But with airports and railway stations shut now, and no way to get in or out of the city, CIOs can only keep their fingers crossed and hope for the best. Indian firms, rightly, are focusing on the safety of their employees. The impact of these floods could go far beyond Chennai, and potentially touch our daily lives in the US and elsewhere. Besides the immediate human costs of this disaster, the impact could go far beyond Chennai, and potentially touch our daily lives in the US and elsewhere.


How to avoid bloatware, the persistent PC security pest

Bloatware, otherwise known as junkware or crapware, is software that comes preinstalled on new PCs and laptops, and some Android devices. And for many consumers it's the bane of their computer's existence. With the holiday season already in full swing and gift giving just around the corner, expect to hear a few stories about the long-expected bloatware resurgence. But did it ever go away? Despite promises that PC and phone makers would ditch the bloatware in the wake of a high-profile privacy controversy involving the unwanted software, it seems as prevalent today as it ever has been. One quick look at a number of laptops in Best Buy shows clearer than ever how prevalent unwanted software can be.


Disaster recovery planning: Where virtualisation can help

Server virtualisation is a great tool to consolidate and simplify the deployment of application workloads. Where hardware was underutilised – typically with a single application per operating system instance – virtualisation has provided the isolation and management benefits of the server while concentrating the physical estate into a much more efficient footprint.  Virtual servers are a combination of virtual disk files that represent the physical disk, plus configuration information for processors, memory and other attached devices. This makes the virtual server – or virtual machine (VM) – highly portable, and allows virtualisation to provide capabilities such as high availability and fault tolerance, without lots of additional hardware or complex configurations.


The Paleo Diet: Unstructured Data for the Enterprise CEO

Essentially, while the stream of structured (transactional) data readily explains what is happening at the moment, the stream of unstructured data can yield insights into what’s going tohappen, or why something happened. To date, structured data has been the basis of enterprise analytics because it’s relatively easy to interpret: structured data is primarily numeric, repeatable in type, and predictable in timing and treatment. Unstructured data is far more challenging. Not only is the data volume vastly greater, but unstructured data has (by definition!) no inherent format or repeatability, and brings with it an extremely unfavorable signal-to-noise ratio.


Beyond the Law: A Common Rule for Data Research

No doubt, privacy and data protection laws provide a backstop against abuse of commercial data use with boundaries like consent and avoidance of harms. But in many cases where informed consent is not feasible and where data uses create both benefits and risks, legal boundaries are ambiguous and rest on blurry-edged concepts such as “unfairness” or the “legitimate interests of the controller.” Misgivings over data ethics could diminish collaboration between researchers and private-sector entities, restrict funding opportunities and lock research projects in corporate coffers, contributing to the development of new products without furthering generalizable knowledge.




Quote for the day:

"A positive attitude will let you do everything better than a negative attitude will." -- Zig Ziglar