June 24, 2016

Mobile Payments: Where’s the Benefit?

Mobile payments continue to be less common than mobile banking — more consumers are checking their bank account balances and paying utility bills online, for example, than paying for their Starbucks coffee with their phones. But there were some positive signs for mobile payments adoption: For example, 24% of all mobile phone owners reported having made a mobile payment in the 12 months prior to the March 2016 survey, up from 20% in 2015. In addition, of current mobile payments users, 10% had started using mobile payments in the six months prior to the survey, and 20% said they had started using mobile payments in the prior one to two years. Younger individuals are adopting mobile payments faster. Of those with a mobile phone ages 18 to 29, 30% had made a mobile payment. Of those ages 30 to 44, 32% had done so.


How Smart Data Lakes are Revolutionizing Enterprise Analytics

Smart Data Lake solutions permit organizations to focus on the data that provides real business benefit. Currently, Smart Data Lakes are being adopted by pharma and financial institutions in use cases ranging from competitive intelligence and insider trading surveillance, to investigatory analytics and risk and compliance. For instance, the regulatory reporting environment for financial institutions is evolving quickly, placing unprecedented demands on legacy processes and technology. Two areas where new smart data solutions are already adding value for banks include report preparation as well as data and technology. Smart Data Lakes also improve the quality of your competitive intelligence by allowing subject-matter experts to curate, correct, and augment the data they know best.


Real Time Audit within the Capabilities of Blockchain

Some studies have even shown that firms are reporting downward pressure on audit fees due to clients questioning the value of audit services, especially given that they are now increasingly ‘commoditised’ as a result of being heavily regulated, and thus there is little differentiation among the services being offered by various auditors. Many believe that #blockchain could transform this process, in part because the #technology removes the need for auditing to depend on trust. Blockchain provides a globally distributed, decentralized ledger of which everyone has the exact same copy. Whereas auditing at present entails the confirmation of transactions and balances on a company’s accounting ledger at the end of the period, a transaction on the blockchain would provide a permanent and immutable record of the transaction almost immediately.


Five Reasons Traditional IAM Can’t Handle the Internet of Things

One particular problem area for IoT security is Identity Management. In many ways, the Internet of Things is fueled by the identities of things to enable connections between people, devices, and apps, all of which require Identity and Access Management (IAM). Indeed, managing identities and controlling access to this valuable information is a critical step in securing the Internet of Things (IoT), but legacy identity and access management (IAM) systems cannot handle the extreme scale and complexity that the IoT brings to the enterprise. The Identity of Things requires a new class of IAM system. The best practice for managing identity in the Internet of Things is to employ a next-generation IoT IAM platform. But what exactly does next-gen IoT IAM entail? And how does it succeed where traditional, workforce IAM fails?


How the blockchain could kill off national currencies

“Money isn’t valuable by itself,” Meiri says, “it’s what you can do with it that matters.” Neighbourhood community managers and municipalities around the world are already agreeing with him and are using Colu to keep wealth circulating within their local communities. The startup also just closed a $9.6 million funding round including investment from venture capital firms Spark Capital and Aleph. Technology requires a perfect storm of circumstances before an innovation really takes hold, Meiri adds. If Spotify was pitching way back in 1995 it would have been a great idea, but it took the widespread growth of high-speed internet to turn music streaming into a reality.


Next-generation enterprise security architecture to combat cyber weaponry

What's interesting is there's almost an inverse correlation of those steps between genius required to do them and criminality of the steps. What we mean by that is it is not illegal to create an attack, create an exploit or discover a vulnerability. If it were, there would be entire universes of white hat attackers and cyber researchers who would no longer exist. That's their job. They're supposed to go around and look for vulnerabilities and see how they respond under attacks. It just happens to be a very hard thing to do, which is why the genius requirement is so high. The other end of this ecosystem, laundering money, is clearly illegal, regardless of whether it's cyber money or real money or anywhere in between. And monetizing that information -- selling things like Social Security numbers -- is obviously pretty illegal as well.


How Does It Work: IPTables

In the Linux ecosystem, iptables is a widely used firewall tool that interfaces with the kernel’s netfilter packet filtering framework. For users and administrators who don’t understand the architecture of these systems, creating reliable firewall policies can be daunting, not only due to challenging syntax, but also because of number of interrelated parts present in the framework. The iptables firewall works by interacting with the packet filtering hooks in the Linux kernel’s networking stack. These kernel hooks are known as the netfilter framework. Every packet that enters networking system (incoming or outgoing) will trigger these hooks as it progresses through the stack, allowing programs that register with these hooks to interact with the traffic at key points. The kernel modules associated with iptables register at these hooks in order to ensure that the traffic conforms to the conditions laid out by the firewall rules.


Gartner's Top 10 Security Predictions

“By 2018, the need to prevent data breaches from public clouds will drive 20% of organizations to develop data security governance programs.” Data security governance will be promoted by insurance companies that will set cyber premiums based on whether businesses have these programs in place. Prediction: “By 2020, 40% of enterprises engaged in DevOps will secure developed applications by adopting application security self-testing, self-diagnosing and self-protection technologies.” Here Perkins looks to maturing technology called runtime application self-protection (RASP) as a way to avoid vulnerabilities in applications that might result from problems overlooked due to the rapid pace at which DevOps teams work. RASP does its work rapidly and accurately to provide protection against vulnerabilities that might be exploited, he says.


Hey ops teams, developers want control of the data center

Application teams are tired of integrating with each and every SDDC to make their apps portable. Instead of integrating with the SDDC, app teams can integrate with a container runtime like Kubernetes, Swarm, or Mesos. All of the "portability" work now happens in the container runtime. Crucially, the industry is making Kubernetes, Swarm, and Mesos work on top of all of the SDDCs so you don't have to. Ops teams and the vendors who love them (like VMware) are rushing to support these new system management tools. In turn, the tools, like Kubernetes, are starting to build in developer-oriented features. According to the Kubernetes blog: "Kubernetes defines not only an API for administrators to perform management actions, but also an API for containerized applications to interact with the management platform." This latter API is new to Kubernetes, but we should expect it (and more like it) to cater to developers.


Multi-cloud is a safety belt for the speed-freaks

In the case of "multi-cloud," then, it's your application and organizational-knowledge portability you're hedging with in return for locking into the cloud native method of application development and delivery. What you get in return is the ability to run your cloud platform on any IaaS, public or private, that comes up. You'll probably want to choose a platform based on open source, like Cloud Foundry that's ensconced in a irreversible foundation. Then, even if you use a commercial, "open-core" distro of it, you'll have a huge degree of portability because the same application packaging, services and microservices architectures, and overall runtime will remain similar no matter which distro you choose in the future. At this point, many people look to build their own platform to maximize their future freedom to leave.



Quote for the day:


"The truth will set you free, but first it will make you miserable." -- James A. Garfield