Daily Tech Digest - February 24, 2017

The Future of Serverless Compute

Serverless compute, or Functions-as-a-Service (FaaS), is a more recent part of this massive change in how we consider ‘IT’. It is the natural evolution of our continuing desire to remove all baggage and infrastructural inventory from how we deliver applications to our customers. A huge number of applications we develop consist of many small pieces of behavior. Each of those are given a small input set and informational context, will do some work for a few 10s or 100s of milliseconds, and finally may respond with a result and/or update the world around them. This is the sweet spot of Serverless compute. We predict that many teams will embrace FaaS due to how easy, fast and cheap it makes deploying, managing and scaling the infrastructure necessary for this type of logic.

Go-to People Considered Harmful

Dependency issues in social systems can take a variety of forms. One that comes easily to mind is what is referred to as the “bus factor” – how badly the team is affected if a person is lost (e.g. hit by a bus). Roy Osherove’s post from today, “A Critical Chain of Bus Factors”, expands on this. ... A particularly nasty effect of relying on go-to people is that it’s self-reinforcing if not recognized and actively worked against. People get used to relying on the specialist (which is, admittedly, very effective right up until the bus arrives) and neglect learning to do for themselves. Osherove suggests several methods to mitigate these problems: pairing, teaching, rotating positions, etc. The key idea being, spreading the knowledge around.

How to harden MySQL security with a single command

Chances are, your data center depends upon a MySQL database server or two. If that is the case, you'll want to make sure your databases are set up with an eye to security.Thankfully, MySQL offers a handy command that goes a very long way to improve the security of your MySQL installation. This single command will: update the password plugin; set a password for the root account (if one already exists, you can opt to keep it or change it); remove root accounts that are accessible from outside the local host; remove anonymous-user accounts; and remove the test database and privileges that permit anyone to access databases with names that start with test_. Although the above tasks aren't overly complicated, they are easily overlooked and, if you have a lot of databases, can be time-consuming.

The Rise in SSL-based Threats

The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let’s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half of the traffic that is inspected uses SSL. It is no surprise, then, that malicious actors have also been using the SSL protocol in their activities over the last several years. The increasing use of SSL creates problems for organizations that are unable to monitor SSL traffic, as they must rely on less-effective techniques like IP and domain blocking in an attempt to identify and block threats. In this report, we will outline trends we have seen in the use of SSL in the malware lifecycle and in adware distribution, based on a review of traffic on the Zscaler cloud from August 2016 through January 2017.

How Far Are We From ‘True’ Artificial Intelligence – And Do We Really Want To Go There?

The question has ethical implications, particularly if we bring the controversial topic of consciousness into the equation. From a scientific viewpoint, consciousness is a state that arises when a biological brain interprets the flood of sensory input streaming in from the world around it, leading, somehow, to the conclusion that it exists as an entity. It’s not well understood at all – but most of us can conceive how this massive flood of images and sounds is interpreted through a biological neuro-network which leads to “thoughts” – and among those thoughts are concepts of individual existence such as “I am a human”, “I exist” and “I am experiencing thoughts”. So, it’s only a small step of logic to assume that machines will one day – perhaps soon, given how broad the stream of data they are capable of ingesting and processing is becoming – in some way experience this phenomena, too.

Let’s Sell and Buy Fair: How Not Asking for a Discount Can Save You Money

If we stop asking to get something cheaper, you’ll eventually at some point be presented with the proper fair pricing. If we stop asking for discounts, we’ll settle the deal a lot faster, without days and weeks of delay and that ultimately saves money as well. The time for email ping pong and conference calls is nowhere listed. It’s not on a single bill. If you talked about a deal for weeks or months, you probably lost a lot of your money on the way and didn’t save anything at all. Your time is a currency as well. What comes now is a theory, and I don’t recommend it to any kind of operations. Yet, you might find it disruptive or at least intriguing. The counter conception to fight discount business culture is to put a price increase to every bit of interaction that unnaturally extended the required work to get to closure.

Transforming companies must put cyber security front and center

When you hear the term ‘cyber security’, there’s a very good chance that, like many executives, you immediately think of one thing: an IT infrastructure challenge. Of course, a strong IT security infrastructure is a critical part of any cyber security program. However, it is not the only part. In a 2017 world, this traditional ‘defense-first’ mindset is too limited and can actually hinder your company’s long-term growth prospects. Indeed, there is another important element at play and that is the potential impact of cyber under-preparedness to your company’s future business growth. This is particularly true in a business environment in which so many companies are undertaking ambitious customer-focused transformation programs amid widespread technological disruption and competitive threats.

Embracing a Strategic Paradox

Creating solutions that meet conflicting needs can do more than resolve a political dilemma. Because they are built with Aeon’s unique blend of local and national capabilities in mind, the complexity of the solutions often deters imitation. The consensus solution, whether it involves designing stylish clothes for women living in a Japanese ski village or finding a way to turn a tiny available quantity of pears into a national product, tends to be one that can be executed well by Aeon but not easily copied by anyone else. Of course, resolving these conflicts requires ongoing work. Managing this built-in strategic paradox of pursuing both localization and nationwide standardization demands the continual attention of management.

Why government-driven digital transformation is a train wreck

This is basically the case with all of the major government-driven digital transformation initiatives around the world. Each is positioned as game changing and disruptive in terms of impact and immensely beneficial to the economy and citizens’ lives, but this has not been the case. What has happened to these once-noble initiatives is that all have been whipsawed by politics and politicians, and driven to failure by feckless bureaucrats and civil servants – with a number of contractors thrown in for good measure. This toxic mix of politics, fecklessness and incompetence has produced some major train wrecks in terms of cost-benefit analysis and positive societal impacts. The three most visible of these are in the UK, the US and Australia, and their fate is seen by many as a pre-cursor to others on the horizon.

Untangling an API-first Transformation at Scale.

Business capabilities represent the core, reusable building blocks that your business needs to support the business processes required to function. By defining your business capability taxonomy, you establish a shared language that can be used by all domains to describe the logical relationships in any given process. This serves as a stable, business-driven (not technology-driven) context in which to discuss solutions that, hopefully, remains relatively consistent over time. Is also provides a critical link between how the Business thinks about its investments and how Technology leverages them. In a small company, the set of capabilities is quite limited. Being highly resource constrained, you may build some core services that differentiate your business and leverage other service providers for generic things like messaging, identity, payments, etc.

Quote for the day:

"Be a yardstick of quality. Some people aren't used to an environment where excellence is expected." -- Steve Jobs