September 26, 2016

Why CIOs are embracing SaaS ID management

Shelving several legacy ID management products with one single sign-on tool is a common business case for Okta, as well as rival solutions from Centrify, OneLogIn and Ping Identity, says Gartner analyst Gregg Kreizman. Such solutions also compensate for companies' inability to retain skilled IT workers schooled in traditional ID management.  In 2016, Experian CTO Joe Manna began testing Okta for a mobile app that enables consumers to access their credit reports. Manna told Libenson both the software and company were great to work with so Libenson instructed his staff to use Okta to manage Experian identities worldwide across cloud, on-premises and mobile applications, including authentication into its core Oracle ERP system.

IT operations automation requires code-wielding sys admins

Once, IT delays were caused by waiting for deliveries and hardware installation; today, an administrator who is taking too much time to deploy VMs is the problem. Using a graphical user interface (GUI) for IT tasks simply takes too much time. Administrators are asked to manage hundreds to thousands of VMs thanks to the explosive growth in virtualization and the VM sprawl that accompanied it. This has led to growth in automation to help admins cope with these tasks and duties. While some level of IT automation has existed for years, it was often smaller scripts and batch jobs that took care of a few stand-alone tasks. Today, automation has become a critical part of data center operations as our applications scale out while staffing stays the same.

Blockchain-Based Smart Identity Will Free World of Paper ID’s

An interesting facet of the Deloitte project is that Smart Identity as a protocol is portable on different Blockchains while the current version of the prototype has been using Ethereum Blockchain. We also asked Deloitte about who is going to hold the actual data and we were told that there is a number of trusted data repositories available but there is also scope for using a hybrid model with a network of trusted custodian services as well as distributed data services in the future. ... In order to migrate from the current system of paper based identity that we have today, there will invariably be the need for all parties involved like governments, corporations and individuals to work in tandem. Cointelegraph asked Shelkovnikov about the issue of provenance of identification and how it would all work.

The Emergency Alert System: Failure IS an option

While many reported a complete failure of the EAS, the FCC issued a report showing that the failure rate was close to 18 percent. Certainly not perfect, but when coupled with social media and other forms of communication that would likely have been deployed on an individual basis, I believe it's safe to assume the word would have gotten out in a timely fashion. The biggest problem I saw with the test was significant technology inconsistencies with what people heard and saw. Some stations showed the textual message but no audio and no alert tones, certainly a problem for someone who was blind, while other stations broadcast the audio for the emergency messages but did not show the text for those messages, leaving a person who is deaf or hard of hearing completely unaware of the situation at hand.

Why Amazon can't possibly be the only cloud winner

Enterprises have many workloads. Some workloads run best on one specific public cloud or another. For example, we've found that Google has far and away the best internal network performance. So, a network-intensive workload should probably run there. Microsoft has GPUs available in Azure for video rendering and HPC workloads. Amazon does a very good job at storing files and objects and distributing them globally for fast access. Enterprises also have troves of legacy data and applications. The reality of IT is that 90% or more of the budget goes to maintenance. That leaves very little for new development. Enterprises choose between migrating legacy applications to the cloud and writing new applications.

Robotic process automation technology gets to work

RPA, or robotic process automation, has a sexy ring to it these days, especially in the C-suite and company boardrooms. And why not? There's a lot about this emerging technology to pique a boss' interest. Robotic process automation technology -- defined in simple terms as software that automates other software -- promises to improve efficiency, boost productivity and save money by helping with or entirely replacing the manual, routine and often error-prone digital processing jobs still done with human labor at many companies. ... The software robots of RPA ilk -- virtual workers, if you please -- interact with computer systems the way most employees do, at the presentation layer through the user interface, requiring minimal code-based programming or deep back-end systems integration.

802.11ad is the fastest Wi-Fi that you might not ever use

“To date, the Wi-Gig products that are shipping in the market have been largely confined to peer-to-peer applications. Once infrastructure mode is widely available on Wi-Gig capable clients, enterprise radio vendors will rapidly follow,” he said. And while Qualcomm’s Grodzinsky hinted at major product releases coming within the next couple of weeks, nobody is particularly clear on the timeframe for widespread 802.11ad adoption, whether as a traditional Wi-Fi technology or, as Forrester’s Kindness suggests, as a wireless backhaul carrier. For the enterprise IT department, Kindness argues, it’ll be three years before decision-makers really need to get their arms around 802.11ad. “It takes about a year to two years to become mainstream, because it doesn’t have product support, you have to understand where you’re going to use it,” he said.

Biometric Skimmers Pose Emerging Threat To ATMs

The devices apparently act just like regular skimmers do in stealing payment card data. They are designed to connect physically to a target ATM and to steal fingerprint data that users may be required to input while authenticating their identity with the device. The stolen data can then be used to authorize other fraudulent transactions, the researchers say. Available evidence suggests that the first wave of biometric skimmer machines, which surfaced last September, were buggy and had to contend with multiple issues during initial tests in the European Union. The biggest hurdle apparently was the fact the GSM modules that the underground sellers used in their skimmers for transferring stolen biometric data, and were too slow to handle large data loads.

Data Interchange Flexibility

JSON and XML are two complementary standards, each suited to different situations. JSON’s popularity is in no small part owing to the fact that it is built into JavaScript. That is JavaScript can read JSON directly without any additional parsing. This is a huge convenience for JavaScript developers. Given that it is also less verbose than XML, it is the often logical choice for sending transient data between the client and server layers within many web applications. Whilst being more verbose, XML offers many other advantages. For example, XML schemas allow one to describe, extend, communicate and validate XML datasets. XSLT allows for easy transformation of XML from one format into another, and XPath/XFormat engines allow for deep querying of native XML files.

The Internet of Things is broken. We need better security to fix it

Even if individual devices are designed with device-level security, an interconnected architecture may still expose vulnerabilities. Electronic devices in general have accessible interfaces such as JTAG ports and MAC addresses that provide an increased 'attack surface' and make devices vulnerable to invasive attacks that reverse engineer security. Also, devices invariably share components and firmware across product lines, allowing a vulnerability detected in one system to be exploited in another one using the same chipset. Most IoT systems also have field sensors that can be subject to physical security issues: critical sensors can malfunction if subjected to higher operating temperatures or voltage ranges. They can simply be vandalised, or even replaced with rogue devices connected to a cybercriminal’s Bot network.

Quote for the day:

"Give your past a Teflon coating. Be honest with yourself and others making sure you’ve fully let go of the past." -- Karen Keller