Daily Tech Digest - October 13, 2017

Digital banking priority: Make it personal

“We’re seeing a pretty big demand from banks for acquiring new data sources, investing in data and analytics tools and data-related services,” said Nilesh Vaidya, senior vice president at the technology and consulting firm Capgemini. “They’re trying to know their customers better, better identify customer segments and offer more customized products.” Vaidya said that the industry is still in the early stages of this evolution and that much of it is being done by top-tier institutions with larger IT budgets and resources — and it will take time before customers get an Amazon or Netflix-type experience from banks. “There’s a long way to go, but it is something that’s being driven not only [by technology people] but marketing departments and others that want improvements in how they target customers,” he said.


15 Essential Project Management Tools

15 essential project management tools
Top-level project managers are in high demand, thanks to the high-level leadership, knowledge and capabilities they bring to bear on vital business projects. But having the right set of tools is also essential to project management success. Project management tools and templates not only increase team productivity and effectiveness but also prepare the organization for changes brought about by high-impact projects. To perform at their best, project managers need to make the most of tools aimed at business intelligence and analytics, business requirements, change management and project management, as well as a wide array of forms and templates. Here we have compiled the ultimate project manager’s toolkit to help you plan, execute, monitor and successfully polish off your next high-impact project.


Here's Google's biggest secret to not failing at security

Yes, security tends to be viewed as a mundane and necessary evil, but in our world where everything connected to the internet can be hacked, it's suddenly sexy to be able to deliver real security. To better understand BeyondCorp and its implications, I sat down with Sam Srinivas, product management director in Google's Cloud Security and Privacy team. Srinivas came to Google from Juniper Networks where he was chief technologist in the Security Business Unit. He is also president of the security industry's FIDO Alliance, which is working on open standards for strong authentication. ... The fundamental idea is that access control should be identity and application-centric, not network-centric. The current model that depends on a remote access VPN connection to access applications give an all-or-none type of access that doesn't fit with the way organizations work today.


Hacking Is Inevitable So It's Time To Assume Our Data Will Be Stolen


As Telang sees it, a determined hacker is probably going to succeed, yet there’s far too little focus on limiting the damage. Credit freezes could be automatic, and wherever possible data could be aggregated to protect individual identities and private information. The types of fraud-protection services that Equifax sells to customers could be made available to victims as a default. Government intervention may be necessary, as consumers are vulnerable to the credit raters’ mistakes but have little choice but to accept their role in finance. Consumers aren’t really customers for Equifax—the company makes money from banks and credit card companies that buy data from it. US senator Elizabeth Warren has said she wants to see the consumer credit rating industry—which is more lightly regulated than banks and credit card companies


Big Data: Out of the Server Room and Into the World

Sensing a lucrative business emerging, most of the major technology companies have rushed in to create and refine new big data tools to satisfy business needs. Microsoft's Azure platform, for example, now offers a cloud-based service that aims to unify big data tools and applications for their customers. It includes tools to discover and classify data from a wide variety of data collection systems. This approach creates a data catalog, which is independent of data storage location and provides searchable, centralized access to all available business data. The end-user can then utilize the data they find in their own business application, as well as contribute new information to the set. Microsoft's hardly alone in the space, having already been joined by industry heavyweights including Oracle, I.B.M., Amazon, and SAP.


Cybersecurity Strategy, Risk Management and List Making

A person writing in a notebook.
Frameworks are becoming the strategic tools of choice to assess risk, prioritize threats, secure investment and communicate progress for the most pressing security initiatives. They provide assessment mechanisms that enable organizations to determine their current cybersecurity capabilities, set individual goals for a target state, and establish a cybersecurity strategy for improving and maintaining security programs. Frameworks help you understand the maturity of your security activities and can adapt over time to meet the maturity level of the threats you face and the security capabilities you employ. There are various security frameworks that look at different types of needs, but one of the most popular is the National Institute of Science and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity


Awareness training is key to reducing security risk

This also needs to be part of a broader top-down effort starting with senior management. Awareness training should be incorporated across all organizations and not just limited to governance, threat detection and incident response plans. The campaign should involve more than serving up a dry set of rules, divorced from the broader business reality. If done the right way, employees will come away with a keen understanding how their cyber behavior can impact the overall business. According to the Global Cyber Security Capacity Centre, this hinges on the organization’s ability to influence attitudes as well as intentions. Unlike training, where employees are quizzed on their knowledge of instructions, the focus of awareness training should be on changing behavior. In terms of making this happen, organizations should make clear to everyone on staff that cybersecurity adherence isn’t optional any longer. It’s strategic.


SAML Explained: What It Is, What It's Used For

authentication
In order for SSO to work, a user must be able to authenticate once and receive authorization, based on his or her confirmed identity, to access multiple other computers. This can also work the other way: a single computer may provide services to users authorized on multiple other computers. The SAML standard defines how all these computers communicate with each other securely. ... A SAML assertion is the XML document by which all the information we've been discussing is transmitted from one computer to another. Once an identity provider has determined that you are who you say you are and have the right to access the content or services you're interested in, it sends a SAML assertion to the server that actually can actually provide those services to you. A SAML assertion may be encrypted for increased security.


What to do when SQL servers can't keep up with data demands

If anything is likely to change SQL server performance in the next few years, it will be the introduction of 5G connectivity and cloud-based systems. First, the launch of 5G will enhance remote system connection, breaking down front line communication delays necessary for server-side operations. Cloud storage, on the other hand, will be a boon to scalability. As with cloud-based SaaS, cloud storage is regularly updated, eliminating network upgrade delays and preventing slowdowns caused by insufficient storage within the system. Additionally, many companies prefer to operate via the cloud for security and stability reasons. Even with replication throughout, onsite physical operating systems tend to be much more prone to damage or failure than cloud storage. With more companies moving to cloud-based storage systems, choosing the proper protocols will be more important than ever


The Java Evolution of Eclipse Collections

Eclipse Collections is a drop in replacement for the Java Collections framework. It has JDK-compatible List, Set and Map implementations with a rich API, as well as additional types not found in the JDK such as Bags, Multimaps and BiMaps. Eclipse Collections also has a full complement of primitive containers. It was developed internally at Goldman Sachs for 10 years before being open sourced in 2012 as GS Collections. In 2015, it was migrated to the Eclipse foundation, and since then, all active development for the framework was done under the Eclipse Collections name and repository.  ... Optional is one of the most popular new features for Java 8. From the Javadoc, "A container object which may or may not contain a non-null value. If a value is present, isPresent() will return true and get() will return the value".



Quote for the day:


"The task of leadership is not to put greatness into humanity, but to elicit it, for the greatness is already there." -- John Buchan