January 03, 2016

Enterprise Architecture - Guiding Principles

The usefulness of principles is in their general orientation and perspective; they do not prescribe specific actions. A given principle applies in some contexts but not all contexts. Different principles may conflict with each other, such as the principle of accessibility and the principle of security. Therefore, applying principles in the development of EA requires deliberation and often tradeoffs. The selection of principles to apply to a given EA is based on a combination of the general environment of the enterprise and the specifics of the goals and purpose of the EA. The application of appropriate principles facilitates grounding, balance, and positioning of an EA. Deviating from the principles may result in unnecessary and avoidable long-term costs and risks.


How to Flush DNS

There are wide arrays of DNS issues that can arise at the network administrator or power user level. For the end-user; however, the majority of DNS problems arise from either bad configuration entries or the local computer’s DNS storage requiring flushing. Independent of the type of operating system, many home computer users will input the DNS Server for their respective Internet Service Provider (ISP) incorrectly resulting in a failed Internet connection. Each ISP will have a slightly different configuration process; however, the IP address of the DNS server for your home network to use will be provided on registration for service. Many times the ISP will use the address for their actual DNS server, where others it will be the same as the Gateway IP for the service


The Disciplined Agile Framework

IT departments are complex adaptive organizations. What we mean by that is that the actions of one team will affect the actions of another team, and so on and so on. For example, the way that your agile delivery team works will have an effect on, and be affected by, any other team that you interact with. If you’re working with your operations teams, perhaps as part of your overall DevOps strategy, then each of those teams will need to adapt the way they work to collaborate effectively with one another. Each team will hopefully learn from the other and improve the way that they work. These improvements with ripple out to other teams. The challenge is that every area within IT has one or more bodies of knowledge, and in some cases published “books of knowledge”, that provide guidance for people working in those areas.


Designing the Business of IT

One of the core benefits that organisations can expect is a more cost-efficient IT environment. Senior IT leaders from MunichRe, Shell and Achmea, as well as research from Gartner, predicts that IT4IT will help organisations manage an increasingly complex IT estate in a more cost-effective fashion. It will also free up time and budget for innovation and new products. They feel the Reference Architecture provides a strong framework for managing multi-sourcing approaches, which are becoming more prominent in organisations around the world. Another key benefit of IT4IT is that it is not being introduced as an alternative to methodologies or frameworks such as TOGAF and ITIL.


Google's 'Lego' Smartphone, Smarter TVs: What We're Excited About In 2016

The Internet of Things should continue to provide the foundation for the technology industry's ambitions next year, framed by machine learning, analytics, networking, and ever-smaller devices. Connected sensors will proliferate. Intelligent software agents will learn new tricks that automate discrete tasks in a way that's similar to Gmail's Smart Reply service. Robots will emerge from private businesses to begin grocery deliveries on public sidewalks. If regulatory approval can be secured, drones will begin lawful package deliveries, following in the footsteps of flying contraband couriers.


TLS Client Authentication

Why TLS client authentication? Because that’s the most standard way to authenticate a user who owns a certificate. Of course, smartcard certificates are not the only application – organizations may issue internal certificates to users that they store on their machines. The point is to have an authentication mechanism that is more secure than a simple username/password pair. It is a usability problem, especially with smartcards, but that’s beyond the scope of this post. So, with TLS clientAuth, in addition to the server identity being verified by the client, the client identity is also verified by the server. This means the client has a certificate that is issued by an authority, which the server explicitly trusts.


Market Police Deploy New Algorithm Weapons Against Spoofers

“We have to capture every trade now,” O’Brien said. “In today’s markets it’s all about analyzing patterns and contexts.” Yet given how rapidly fraudsters can change their methods to hoodwink human beings, outwitting surveillance software could be even easier. Algorithms are sophisticated but they’re incapable of determining whether a flurry of buy and sell orders are legitimate or unlawful. “The surveillance tools are merely the first line of defense,” said Haim Bodek, founder of Decimus Capital Markets, a New York-based algorithmic investing firm. “These tools can help bring suspicious activity to the attention of regulators, trading venues and brokers, but they’re a poor substitute for a compliance program that monitors activity across affiliated accounts and groups of traders.”


2025: the five key attributes for your business surviving the next ten years in tech

The two make-or-break traits that rose to the top for these leaders were being able to spot new opportunities predictively and being able to innovate in an agile way. The survey also asked these leaders how prepared they believe their organisations are in each of these two dimensions. The gaps were quite remarkable. While 62% of those surveyed identified predictively spotting opportunities as being very important for their businesses, only 12% thought that their businesses had this capability. And only nine percent believed their organisations were capable of innovating extremely well in an agile way.


Podcast: Portfolio Management & The Agile Extension

In agile, we need to be prepared to constantly adapt our plans. That approach works extremely well at the project or initiative level, but at an organizational level, budgets and plans tend to be longer term and less adaptable. The current rate of change often means that those plans are negated and organizations find it difficult to adapt quickly to changing market conditions. We need to take the concept of backlog management and apply it at a higher level to programs and portfolios so that we are able to adaptively respond to changes in the world around us. The traditional definition of project success has been on time, on scope, and on budget. Those constraints still exist, but they are not the driving factors today.


Cybersecurity in 2016: will it come down to luck or leadership?

Unfortunately in most respects, 2016 won’t change much: users will still unknowingly click on malicious links; IT departments will still be bad at staying up to date with patching; the bad guys will continue to attack; and the tide of misery from breaches will persist. What matters most is whether your organisation will be a victim or not. Of course you could do nothing, and be lucky. But the only way to control your fate is to lead your organisation to the high ground based on a well-considered, security-first strategy. It is important to remember that, despite their claims, most security vendors cannot help you. Within the market we see too many 'me too' vendors, who’s main focus in on the staple of detection.



Quote for the day:

"It is literally true that you can succeed best and quickest by helping others to succeed." -- Napoleon Hill