March 31, 2014

SmartThings Founder Sees a Limitless Internet of Things
SmartThings builds a hub that connects to a home router and to sensors that can detect states like motion, moisture, temperature, or presence, such as the comings and goings of pets. But more important, it's building an open development platform for independent developers and device makers developing tools for the Internet of Things. For instance, in SmartThings offices, a Sonos wireless speaker suddenly blares with the sound of a barking dog. It sounds very real. A developer created a connection between a door bell and a virtual guard dog that will bark if no one is home.

Reading the Global Threat Intelligence Report (GTIR)
The GTIR was based on threat intelligence and attack data from the NTT Group companies which include Solutionary, NTT Com Security, Dimension Data, NTT Data and support from NTT R&D. The security experts have analyzed approximately three billion worldwide attacks occurred in 2013, the Finance and Technology industries are that most targeted by attackers which used mainly botnet for their offensives. The majority of the vulnerabilities listed in the report are related to patch management, firewall and application settings.

McAfee CSO article stirs up the whitehat infosec community
The article itself may be some kind of link bait – Security Magazine has a wide readership that brings in all types of roles and it asks you to register and give up a bunch of info. (There is a non-registration version here: on PasteBin). That being said, when you consider the title and that the level of reader that would most likely read an article regarding the hiring of ethical hacker would be high level CSO or CISO, it’s quite possible it was written just to find out what decision makers are interested in the topic. Whether this was written by Conran himself or not, his name is still on it and his word is attached to this article.

Ensuring HIPAA Compliance
Any company dealing with protected health information is required by HIPAA to make sure that security measures are in place for every record kept, from physical copies, to network and digital copies. HIPAA also extends to the processing of information, requiring measures to be taken to ensure that even during administration, the privacy of information is maintained. The penalties for violating HIPAA are severe, ranging from $100 to $50,000 per violation, up to maximum of $1,500,000 a year with the threat of criminal charges also present. Not something which you and your business want to get mixed up with.

With a piracy rate of 80 percent, can the tech world convince Africa to buy legitimate software?
"Everybody knows somebody that can get a hold of any software," he says. "In most cases no fees are involved as it usually involves a form of bartering, where software you want is exchanged for software you already have. Established IT shops won't typically sell pirated software off the shelf, but you'll still be able to obtain pirated software from them via interaction with their employees." Coetsee is managing director of Noctranet, a software company specializing in cloud. He says it isn't uncommon for him to find people, even clients, pirating his own software.

Smartphone kill-switch could save consumers $2.6B per year
If a kill-switch led to a sharp reduction in theft of phones -- something supporters argue would happen because stolen phones would lose their resale value if useless -- most of the $580 million spent on replacing stolen phones would be saved. A further $2 billion in savings could be realized by switching to cheaper insurance plans that don't cover theft. Not all consumers would make the switch, but Duckworth said his research suggests at least half would. As part of the report, Duckworth contracted a survey of 1,200 smartphone users in February 2014 by ResearchNow.

How the open transport switch will make operator SDN a reality
Most SDN technology has been developed for Ethernet networks. Generally the control plane and the data plane are disaggregated from the physical network and centralized into a software controller that manages flows all over the network. But optical transport networks often vary in architecture and protocol, making it a big challenge to decouple the control and data planes and apply one kind of controller over the network. To tackle this challenge, a number of vendors are currently developing open transport switches (OTSes) that act as the intermediary between an SDN controller and an optical transport switch.

Business counts cost of cyber attackers’ secret weapon
“Hackers already know about advanced evasion techniques and are using them on a daily basis,” said Ashish Patel, regional director, network security UK & Ireland at McAfee. “What we’re hoping to do is educate businesses so they know what to look for and understand what’s needed to defend against them. Education is absolutely key,” he told Computer Weekly. This will be in the form of roadshows, reports, security summits and client briefings. “The study has shown the real lack of understanding, knowledge and awareness in the community,” said Patel.

Orchestrating Your Delivery Pipelines with Jenkins
Here, we will discuss how to put a number of these recommendations into practice in a concrete setting, namely setting up a delivery pipeline in Jenkins. Many of the steps we will present carry over to other Continuous Integration (CI) and orchestration tools, and there are analogous extensions or core features for many of the plugins we will introduce, too. We are focussing here on Jenkins, however, because it is the most widely-used Continuous Integration server out there. Even if you are using different CI servers or services in your environment, it should be relatively easy to experiment with the steps we will cover in a “sandbox” Jenkins installation, before carrying them over to your own CI environment.

Q&A with Jim Hietala on Security and Healthcare
There’s a plethora of things out there right now that organizations need to be concerned about. Certainly advanced persistent threat, the idea that maybe nation states are trying to attack other nations, is a big deal. It’s a very real threat, and it’s something that we have to think about – looking at the risks we’re facing, exactly what is that adversary and what are they capable of? I think profit-motivated criminals continue to be on everyone’s mind with all the credit card hacks that have just come out. We have to be concerned about cyber criminals who are profit motivated and who are very skilled and determined and obviously there’s a lot at stake there. All of those are very real things in the security world and things we have to defend against.

Quote for the day:

"When winds of change blows, some build walls while others build windmills." --  Chinese proverb

March 30, 2014

Why Twitter, Facebook, Google and Amazon Want to be Each Other
Speaking of tweets, the use of the word tweet is one of Twitter's charms. Others include endearingly antiquated features like the use of @ replies and hashtags. Suddenly, however, all this is in peril as Twitter appears to be suffering a fit of Facebook-envy. ... Facebook, meanwhile, is suffering from Google envy. While Mark Zuckerberg has been toiling away trying to prevent a general flight from Facebook to smaller social sites by first creating the Poke app to stem the flow to Snapchat and then spending a fortune on Instagram and Whatsapp, he's no doubt looked with envy at all the fun Sergey Brin and Andy Rubin have been having at Google.

Turning Emotion-Based Decisions into Fact-Based Decisions
Today, the human is the bottleneck in the decision-making process. The computer is able to deliver oceans of information on a variety of devices-desktop, tablet, and mobile phones. And that creates a new challenge for us: We must now sift through all this information at our fingertips and decide what is relevant and what isn't for our task at hand. We're no longer searching for information; we're drowning in it. I know that we've been talking about this for a while at TARGIT, but it's never been truer. If we're not careful with how we process that information with our brains, we won't find the courage to act; we'll just be confused.

The Enterprise of Things
The EoT wave will encompass many different device types, some of which haven't even been developed yet. While EoT is not a near-term phenomenon, needing the next three to five years to mature, it nonetheless will impact nearly all corporate systems. If your organization had trouble dealing with user demands for BYOD, this will present an order-of-magnitude-bigger challenge. EoT will have a profound effect on an organization's infrastructure, including its network connectivity, VPN, identity access management, security infrastructure and management functions.

14 Mobile Certifications That Meet IT Demands
Certification, then, is a great way to determine the effectiveness of an employee's ability to meet business demands and expectations. This article looks at several types of mobile certifications — app development, networking, security and a mixed bag of mobile workforce and digital forensics offerings. Most of the featured companies and cert programs provide training courses, which are typically not required, along with self-study materials, sample exam questions, candidate forums and other certification prep resources. All prices are in U.S. dollars.

For Bitcoin Lessons In The History Of Failed Currencies
While payment systems tend to evolve, specific currencies have come and gone over the centuries. Take for example the Continental Dollar of early America. Writing by email from Mongolia Jack Weatherford, author of “The History of Money,” explained that Brits immigrating to the American colonies were not allowed to import British money. After failed attempts to use the Mexican silver dollar — there simply weren’t enough to finance a revolution — they started issuing paper dollars known as Continental Dollars. “Like the Bitcoin, it was a revolutionary idea that got out of hand and the value of the dollars dropped drastically,” writes Weatherford.

Shadow IT: Balancing productivity and security
Shadow IT typically refers to corporate staff going outside the confines of established IT department processes to procure computing resources. Line of business users create shadow IT when they go beyond the enterprise IT framework for cloud-based applications like Google Apps, Basecamp and Dropbox. Similarly, corporate developers use shadow IT to go around hardware procurement and licensing issues. For example, developers might do application development and testing in the cloud to deliver value with the speed the business demands.

What does the next big thing in technology mean for the data center?
New products promise a compelling increase in performance, efficiency, productivity or end results. Sometimes these improvements justify an immediate rip and replace, but it's more likely that a careful evolutionary approach is warranted. For example, big data presents a potentially disruptive opportunity. The amount of interesting and available data is growing fast. Our competitive natures make us want to mine all the value out of it as quickly as we can. In response, a multitude of emerging infrastructure systems offers to help us cruise through these floods of data. It can be hard to know where to look first.

Creating an IT Strategy & Succeeding in Strategic Execution
Well sure, if you’re busy 24/7 then there is no time, but perhaps there’s a reason why you have no time. It can be because your organisation really has overcommitted to that extent, the problem then is that without spending time with your head up looking around you may have missed the exact reason why you are overcommitted. It may be that further resource is required, or that time efficiencies are not being made, projects with little or no value are taking up valuable time or perhaps that ineffective management of systems or people is occurring.

Bring Data Governance To Your Cloud Backup Strategy
“You want employees to be able to get their data from anywhere but you don’t want someone else accessing it if their laptop is lost or stolen,” Venkataraman says. Especially when employees bring their own devices, it’s important for enterprise IT to have visibility into and policy control over the corporate data that’s on them. To ensure that it is automatically encrypted and backed up to the Cloud, and that, in emergency situations, that data can be remotely wiped off the device without affecting users’ personal information. IT also needs to be able to set policies for data access, so that workers can be authorized to self-restore their corporate information from the cloud to a new mobile device, to be back up and running quickly.

What Is the Relationship between Data Architecture and Data Governance?
Data Architecture provides an understanding of what data exists where and how it travels throughout the organizations and systems. It highlights changes and transformations made as data moves from one system to the next. These data inventory and data flow diagrams provide the information and the tools that the DGT needs in order to properly make decisions regarding data policies and standards. These artifacts also help the DGT perform root cause analysis when data issues are raised by business people, and they help to solve those issues.

Quote for the day:

“But better to get hurt by the truth than comforted with a lie.” -- Khaled Hosseini

March 29, 2014

Invasion of the body snatchers: Wearable devices are coming for you
The current boom in wearables can be traced back to around 2006 when Nike gave the pedometer a digital twist. Its small Plus device slipped into a running shoe and counted the steps taken and time elapsed on a run. The information was sent to an iPod application and to an online community where people could track and compare their workouts. Other companies followed, and in late 2008 Fitbit attracted considerable attention with its namesake fitness tracker. It captured the imagination of many because it was small, could be worn easily and silently collected data all day long -- no matter what shoes you were wearing.

Argentina's IT Industry Aims to Become Regional Leader
“We need to defy the myth that people here don't speak English, or that there are problems due to the time zone or to cultural differences,” Medica says. In fact, she argues that as a nearshore outsourcing destination, Argentina offers the advantages of cultural and geographic proximity for better cooperation with the client, less travel expenses and lower total cost of engagement. For now, the network consists of five country groups: Chile, Colombia, Mexico, Brazil and the US. The US group is the largest with 16 member companies, Colombia and Chile have 11 together, Mexico has six and Brazil has four.

Global Mobile Data Traffic to Surpass 15 Exabytes Per Month by 2018
"Our findings continue to highlight trends around the pervasiveness and continuing demand for mobile connectivity and services," says Thomas Barnett, marketing director for the Cisco Service Provider program. At the end of 2013, more than 4 billion people were mobile users, Barnett says. That number will grow to 5 billion by 2018. By then, the average mobile connection speed will have surpassed 2Mbps, Cisco says. "These numbers really speak to the pervasive nature of mobile technology," Barnett says. "This trend is particularly relevant in emerging markets where the mobile Internet may be some users' only connection to the Internet."

For Swiss Data Industry, NSA Leaks Are Good as Gold
Switzerland isn’t the only country hoping to cash in. Finland’s F-Secure recently released a Dropbox competitor called Younited. And a consortium of German telecoms, ISPs, and e-mail providers has backed an “E-Mail Made in Germany” program that aims to keep communication data routed and stored in-country when possible. In February, German chancellor Angela Merkel attended talks in Paris on building an all-European communications network so that “one shouldn’t have to send e-mails and other information across the Atlantic.”

The Big Data Era: How Should Consumers Deal With the New Definition of Privacy?
So, times are changing and for consumers it is important to be aware of the changed situation. More and more organisations will start using their data in the coming years, and they should if they want to remain competitive. So consumers should get used to the new situation. Of course, this does not mean that organisations can completely forget about the privacy of their customers. On the contrary. Customers should not become the victim of the Big Data era and organisations should stick to the four ethical guidelines to protect their customers.

IT-centrism and real-world enterprise-architecture
IT-centrism is, in essence, an extension of the delusions of Taylorism, that desire or hope or assumption that everything ‘should’ be subject to predictable control, and hence ‘should’ be controllable by certainty-oriented means. Unfortunately, this just doesn’t work in practice: any real-world context will always include elements of inherent uncertainty. In practice, the Taylorist delusion plays out in two distinct forms. The first is an assertion that if the (automated) system can’t handle it, we can safely ignore it.

OS upgrades are a right, not a privilege
Tech reporters who offer buying advice must recognize this. It seems utterly irresponsible for them to ignore the importance of a clear, free and defined upgrade path for the products they get paid to talk about. In the changing technology landscape the price of OS upgrades and the accessibility of those upgrades is as important as the specifications of the device, because software and cloud services will define the future of the industry. People who use devices to do things will want to do the latest things, and for this they will need the latest software.

EA Principles and Policies
If you are involved in business transformation, governance or technology alignment activities, you should access the Enterprise Architecture as a consistent and robust base of knowledge about the Agency. This page will enable you to access guidance and support to help you. The Enterprise Architecture is supported by the Enterprise Architecture Team who can provide detailed advice and assistance to your project as it progresses through the governance process. ... Check out here for Documents relating to the Highways Agency Enterprise Architecture Principles and Policies.

Refactoring tests for better application design
Through the act of writing a test first, we ponder on the interface of the object under test, as well as of other objects that we need but that do not yet exist. We work in small, controllable increments. We do not stop the first time the test passes. We then go back to the implementation and refactor the code to keep it clean, confident that we can change it any way we like because we have a test suite to tell us if the code is still correct. Anyone who’s been doing this has found their code design skills challenged and sharpened. Questions like agh maybe that private code shouldn’t be private or is this class now doing too much are constantly flying through your mind.

The user acceptance testing conversation
User Acceptance Testing (UAT) focuses primarily on verifying that the functionality delivered, and proven in system and system integration testing, meets the end users’ business requirements. An often pressured and compressed phase of the testing lifecycle, UAT represents the final quality gate before delivery to the live environment. As such, it is critical that the testing performed by the business during this phase achieves the appropriate level of coverage and quality demanded by the business sponsor. Below are two fictional conversations between a test manager and a business sponsor, regarding a planned UAT phase.

Quote for the day:

“To handle yourself, use your head; to handle others, use your heart.” -- Eleanor Roosevelt

March 28, 2014

Amazon hints at new German datacenter, but probably not for the reasons you might think
What's significantly more likely, as Jassy hinted, is that it's more to do with "data sovereignty requirements" - specifically knowing where your data is stored, and under which legal jurisdiction. That's a major proponent of the new European data protection and privacy legislation that's currently going through the European Parliament, which sped up in the wake of the Edward Snowden leaks. There's no doubt there's a push-pull effect going on here, but it's not the be-all and end-all by a long shot.

Payment card security revamp becoming chip vs. PIN tussle
EMV chip cards are used widely around the world and are considered much safer than magnetic stripe cards, especially when used in conjunction with a Personal Identification Number (PIN). However, retailers, which have to bear the bulk of the migration costs to EMV, say it's possible to improve U.S. payment card security quickly by simply implementing a mandatory PIN requirement for all credit and debit card transactions. Just as PINs are required to withdraw money from ATMs, PINs should be required for all payment card transactions, they say.

Migrating to Office 365 requires planning, pilot-testing
With Microsoft Office 365, Microsoft has entered the hosted/cloud email hosting market, and it's now among the company's fastest-growing products. As with any such changes, though, it's important to do the Office 365 migration right; email communication is too critical to put at risk. Companies need to plan their migrations carefully and pilot-test and verify at every step.

A Cyber History Of The Ukraine Conflict
Over the last few months Ukrainian websites (within the TLD .ua) have seen their fair share of defacements. Evidence indicates that Muslim hacking groups with pro-Syrian or anti-Israeli agendas conducted the majority of the defacements. A recent round by a group named Cyber Berkut is particularly troubling. Based on the targets attacked and symbolism used it’s very clear that the Cyber Berkut is pro-Russian. Some of the group’s tactics, techniques, and procedures (TTPs) are similar to those used in cyber operations in 2007 and 2008 by the Kremlin against Estonia and Georgia.

Seagate Business Storage Windows Server review: No-nonsense NAS for business
You don’t set up this box as you would a NAS box that runs on Linux, by connecting the device to your network, typing a predefined IP address into your web browser, and having at it. You must first attach a keyboard and VGA display, and then define a password using its local interface. Once that’s completed, you can remove the keyboard and display, connect it to your network, and administer the box via Remote Desktop from another Windows PC on your LAN.

The Value of Being Approachable: Priceless
If you want to be approachable, the opportunities that come your way will dramatically increase. All you have to do is act as if you are wearing a name tag. When you wear a name tag, people know that you want them to be free to engage you in conversation. It’s an invitation that tells people, “Approach me, introduce yourself. It’s OK!” If you’re a manager, that’s the way you want people to see you and that’s the way you want your people to be seen. When people see you as approachable, all sorts of opportunities open up.

Pair Painting
We’ve established that there’s much to be gained from working as a pair - high standards, joint ownership, even fun! You need to be prepared to work at it, however. Simply sitting two people in front of a screen won’t automatically produce these results - but with a bit of effort and some careful inspect-and-adapt the magic will start to happen. If you and your team decide to give pair programming a go, there are many great resources available to help you get off the starting block

Conscious uncoupling in the enterprise: Time for the next phase of services
The API economy is well understood, as we've been working to put SOA practices in place for more than a decade now. However, what McNee calls the Internet of Everything is a vast, little-understood frontier. "Everything is a source of data, and everything is connected or connectable," he observes. "This emergent inter-connected business and IT reality brings with it unprecedented challenges, mainly due to its almost completely unpredictable scale and complexities.... its effects are likely to be outside of previous experience and its requirements will be beyond most existing skills and resources."

Cisco fixes denial-of-service flaws in IOS software for networking devices
The newly released IOS versions contain patches for two vulnerabilities identified in the software's Network Address Translation (NAT) feature that's commonly used in routing scenarios. One vulnerability could be exploited by sending malformed DNS packets to be processed and translated by an affected device and the other by sending certain sequences of TCP packets. "To determine whether NAT has been enabled in the Cisco IOS Software configuration, log in to the device and issue the 'show ip nat statistics' command," Cisco said in a security advisory published Wednesday

Software test management: Know which rules to follow, which to break
When you stop to think about the idea of 100% utilization as a measure of success, its absurdity is obvious. What if you kept all of your people busy all the time, but they were focusing on the wrong things? "When test managers hear me talk about this myth, they say, 'Oh my gosh,' and they look at me with their mouths open," Rothman said. To ensure success, test managers should focus on getting software projects – and features that are part of those projects -- out the door. The way to accomplish that is to optimize the team's workflow at a steady rate, according to Rothman.

Quote for the day:

"No man can think clearly when his fists are clenched." -- George Jean Nathan

March 27, 2014

OpenLDAP configuration tips for working smarter, evading common stress
OpenLDAP configuration is difficult for some, but your implementation may not be the source of the problem. Those who lament OpenLDAP configuration are actually having issues with Lightweight Directory Access Protocol (LDAP), said Howard Chu, chief architect of OpenLDAP. "It's a very broadly applicable protocol and that tends to leave people lost, wondering where to begin," Chu said. He advised IT pros installing LDAP to read, research and experiment. We asked OpenLDAP users to answer some frequently asked questions on configuring and deploying the protocol.

Dissatisfaction with IT grows
IT managers are being told that "you've got to grow the business, not just run the business," said Mark Peacock, an IT transformation practice leader and principal at Hackett. McKinsey & Co., in its online survey of more than 800 executives -- with 345 having a technology focus -- also found that executives want less of their budgets to go to infrastructure so more resources can be shifted to analytics and innovation. The McKinsey survey found that business executives are less likely to say now that IT performs effectively, compared to their views two years ago.

Hackonomics: Stolen Twitter accounts ‘more valuable’ than credit cards
Stolen Twitter accounts now fetch more than credit cards on the cybercrime black market, according to a new report released by the RAND Corporation. The report is the first in a series commissioned by Juniper Networks. "Markets for Cybercrime Tools and Stolen Data: Hacker's Bazaar" explains that a Twitter account now costs more to purchase than a stolen credit card, because Twitter account credentials potentially have a greater yield.

5 musts to get people on board with social business
It’s a fact that people are still struggling to get social business to take root across the organization. Heck, sometimes it’s still a struggle to get it to work within its own department, wherever it starts. Or to get people to even notice and pay attention to these ideas in the first place. The only way to scale social business is to get it out of its nesting place – marketing, customer service, IT – and get it all the way to the edges of the organization. That means having people buy into the vision for social business, invest the time and resources in the practices and tools, and enthusiastically do what they can to support those efforts.

Convincing the C-suite to fund IT security
"The C-suite doesn't understand the full vulnerabilities that their organizations face," Moss says. "This has always been the challenge. But now that they're finally seeing quantitative losses, they want to get ahead of the problem. They're tired of always acting post-breach." One of the biggest challenges Moss faces with his clients is helping them distinguish between vulnerability and risk. Vulnerability is the likelihood that an organization may suffer a security incident. Risk is the amount of damage that such an incident will inflict on the organization.

Code Kingdoms teaches children to program through gaming
Targett told Computer Weekly that Entrepreneur First founders Matt Clifford and Alice Bentinck had encouraged them to apply. “We had the idea, and they convinced us it was a great idea,” he said. “They helped us to think about raising funds and to think about the customer. We put coding out to kids' imagination and let them build the games.” Code Kingdoms is now available online on desktop and mobile. In six months' time, the company plans to be generating revenue and to have a team of five on board.

Microsoft warns Word users of ongoing attacks exploiting unpatched bug
According to the security bulletin Microsoft issued today, three members of Google's security team reported the Word vulnerability to Microsoft. The bug is in Word's parsing of RTF files, which are often used to exchange documents when all users are not using Microsoft Word. Although the attacks seen so far by Microsoft have been aimed at Word 2010, the bulletin noted that the affected software also includes Word 2003, Word 2007, Word 2013 and Word 2013 RT, the version especially crafted for Microsoft's Windows RT tablet operating system. Office for Mac 2011's version of Word is also vulnerable.

Cloudification denotes opportunity, not despair, for mainframes
So is cloudification of applications a credible threat to the mainframe in coming years? Many people have likened cloud computing to mainframe time-sharing, and there are some viable parallels. The answer is not straightforward, and will depend on user- and application-specific scenarios. But a significant amount of mainframe-based workloads will likely migrate to private and public cloud deployments. On a pure infrastructure and software cost per workload basis, Linux-based open systems prevail over mainframes.

Reliability Series #1: Reliability vs. resilience
The Institute of Electrical and Electronics Engineers (IEEE) Reliability Society states reliability [engineering] is “a design engineering discipline which applies scientific knowledge to assure that a system will perform its intended function for the required duration within a given environment, including the ability to test and support the system through its total lifecycle.” For software, it defines reliability as “the probability of failure-free software operation for a specified period of time in a specified environment.”

Facebook Debuts Web-Scale Variant Of MySQL
In a move that could shake up both the commercial and open source database management system markets, Facebook announced on Thursday that it has worked with fellow Internet giants Google, LinkedIn, and Twitter to develop WebScaleSQL, an open source, web-scale branch on top of Oracle's publically available MySQL Community Edition. "Our goal in launching WebScaleSQL is to enable the scale-oriented members of the MySQL community to work more closely together in order to prioritize the aspects that are most important to us," wrote Facebook software engineer Steaphan Greene in a draft blog post shared with InformationWeek.

Quote for the day:

"Learn to see things as they really are, not as we imagine they are." -- Vernon Howard

March 26, 2014

Internet of Things (IOT): Seven enterprise risks to consider
Despite the opportunities of IoT, there are many risks that must be contended with. Any device that can connect to Internet has an embedded operating system deployed in its firmware. Because embedded operating systems are often not designed with security as a primary consideration, there are vulnerabilities present in virtually all of them -- just look at the amount of malware that is targeting Android-based devices today. Similar threats will likely proliferate among IoT devices as they catch on.

Use Daily Conversations to Promote Development
Rather than keeping professional development talk locked to the calendar, I’m a big fan of frequent “on the fly” conversations that directly support an individual’s developmental needs and goals. Frequent conversations keep the topic front and center and allow you to focus on providing active coaching that transcends a task orientation. And importantly, the regular development discourse helps build trust between you and your co-workers. After all, there’s no higher form of respect you can pay to someone in the workplace than helping them work towards achieving their career aspirations.

Google's new cloud strategy: Apply Moore's Law to prices
Touting that cloud pricing schemes should mimic hardware and "follow Moore's Law," Google is slashing prices for pay-as-you-go services, with Google's big data analytics BigQuery engine seeing its on-demand rates chopped down by as much as 85 percent. "Pricing is still way too complex," Hölzle lamented, adding that current cloud costs might seem cheap when compared to on-premise alternatives, but there's still a lot of room for reduction. Cloud Storage follows suit with up to 68 percent in price reductions, trailed by the Compute Engine fees lowered by up to 32 percent across all regions, classes, and sizes.

Scrabble-playing robot aimed at refining human interaction
‘We believe that for autonomous robots to be accepted, they will have to conform to the social conventions of people, rather than the other way around,’ Simmons said in a statement. The researchers are investigating whether changes in mood or emotions affect the desire to interact with robots and how personalisation, such as the robot remembering a person’s play from previous games, might affect the willingness to interact over time. Victor’s torso is topped with a mobile head on which a video screen displays its animated face, designed by Anne Mundell, associate professor of scene design.

In rare move, banks sue Target's security auditor
The lawsuit is one of the rare occasions where a PCI security auditor has been sued over a data breach involving a client. Companies like Trustwave are called qualified security assessors (QSAs) in PCI parlance. They are responsible for conducting security assessments of retailers and others covered by the PCI standard. In Trustwave's case, the company also provides a range of security services to help companies achieve PCI compliance status.

Coming Soon: Android Apps for Wearable Devices
Android’s dominant position in mobile software could give it an edge over Apple in smart watches. Cecilia Abadie, a developer at 33Labs, a mobile development company in Los Angeles, says she is building a personal fitness training app and personal assistant app for the Moto 360. “Android Wear has better chances of winning the next big battle of wearables against Apple, in the same way Android itself won the battle in number of [smartphone] units sold,” she says.

Go Directly To Fail
Despite ITs extensive experience in “implementations”, a quick review of projects shows that we seem to keep making the same mistakes over and over. Each failure (potentially) undermines our customer’s confidence in our ability to deliver on-time and on-budget. The good news is that this is entirely avoidable. Selecting and implementing an ITSM tool successfully isn’t hard, but it does take some work. The good news is that this work has benefits that can impact your implementation and beyond!

Gartner Says Asia Pacific Offshore Services Providers are Still Growing
“Although the use of Asian countries for offshore or nearshore services has not yet peaked, we are seeing some distinct changes in demand and supply patterns in the region,” Mr. Longwood said. “Ongoing cost pressures in Europe are driving some multinational corporations to consider moving their offshore services from mid-cost countries like Malaysia to lower-cost locations in Asia, Eastern Europe and Latin America. Some Western countries are becoming more protectionist, which is also having a negative impact on demand for offshore services from Asia Pacific.”

Advanced threat detection products yet to earn trust of enterprises
"We've had the capability for a long time across many different technologies to do automated blocking," Holland said. "We're never going to reduce the number of attacks that occur or speed the time to containment and remediation unless we have automation in the picture. So we need to move more in that direction, but most companies struggle with that." Andrew J., a security professional, ... said his organization has utilized FireEye's NX Series product, which provides detection and prevention capabilities for Web-based threats since 2011, but like Target has not enabled the product's automated response capabilities.

How Data-Sharing Can Keep Fraud from Spreading
"As stewards of the industry, our job is to share as much information as we can through our partners," says Aaron Glover, senior analyst at SunTrust Banks in Atlanta. SunTrust, for example, has built a relationship with the Internal Revenue Service in Atlanta in which the bank sometimes calls to verify Treasury checks. The bank recently asked the IRS about one $300,000 check, which turned out to be linked to an IRS investigation, so SunTrust put the check on hold. But despite such one-off successes, there's a strong need for protocols for information sharing about money laundering, corporate security and fraud, Glover says.

Quote for the day:

“I must admit, that I have learned more from my negative experiences than I have ever learned from my positive one.” -- John Paul

March 25, 2014

IT is Growing Up: What the IT organization needs to do to be sustainable and valuable
Inspired by strategically minded CIOs and best practice competition winners, respected industry thought leader Jill Dyché is writing a new book about how IT is changing and, when in synch with organizational culture and strategy, its potential to transform how companies function. Trends like digital, analytics and big data are pushing the envelope for technology expectations within lines of business, and with business users often acting independently the traditional IT group simply can’t stand on its own. “The New IT” is about collaboration, working together to make IT effective and enculturating that to provide lasting business value.

Smartphone innovation is slowing, so what's next?
With smartphone innovation flattening, the next direction seems to be making the smartphone the hub -- connected via Bluetooth, primarily -- to emerging technologies. These systems include smartwatches, other wearable devices and everything in the much larger ecosystem of home appliances, cars and other products that, when connected, would comprise what's being called the Internet of Things. While this slowdown in innovation has been widely recognized, marketers for smartphone vendors still trumpet their devices' new features at large-scale events where the latest products are unveiled amid hype that overstates the new capabilities.

Finally, IPv6’s killer app: The Internet of Things
And the plan was so simple too: ISPs would start migrating to IPv6 well in advance of any address crisis. Everyone would run dual-stack for a few years and then when the IPv4 addresses started to run out, ISPs would turn their IPv4 networks off and we would all be running IPv6. Neat and orderly. Theoretically perfect. Well engineered. But not well financed. While the engineers thought this was a logical and great idea, the finance people, well… not so much. So while slipping down the first and steepest slope of the IPv6 hype cycle, the board decided we needed a plan B.

Microsoft Using Machine Learning, AI Across Product Lines
"Large amounts of that system are all done by machine learning because that's how you can do scale," Platt said. "The only way you can answer the billions of questions Bing answers is to have something that operates autonomously. In Xbox, the Kinect was also trained with machine learning. The fact that it can see you in the room even though it's poor lighting and you can wave your arms and it can track you—that's all done with a piece of software that was trained with machine learning."

How Enterprises Are Capitalizing On The Consumerization Of IT
Enterprises are capitalizing on the consumerization of IT and proliferation of mobile devices by developing applications aimed at improving employee productivity and customer satisfaction. These and many other findings are available in the IDG Enterprise Consumerization of IT in the Enterprise Study 2014 published today. The study shows that 83% of organizations are planning to invest in mobile technology in the next 12 months, with the majority of spending being for tablets and training (49%). A summary of the study and sample slides can be found here.

Obama to Call for End to N.S.A.’s Bulk Data Collection
As part of the proposal, the administration has decided to ask the Foreign Intelligence Surveillance Court to renew the program as it exists for at least one more 90-day cycle, senior administration officials said. But under the plan the administration has developed and now advocates, the officials said, it would later undergo major changes. The new type of surveillance court orders envisioned by the administration would require phone companies to swiftly provide records in a technologically compatible data format, including making available, on a continuing basis, data about any new calls placed or received after the order is received, the officials said.

Security black market as mature as any other free market: Juniper
"I don't think people expect to see it so mature," Greg Bunt, Juniper director of APAC security sales, told ZDNet. "Rather than it being described as a black market, I think it needs to be described as a pretty fully-featured, and fully-rich economy with payment systems, policing — all the sorts of things that you would see in a traditional economy, we see that permeate through this as well." Mirroring aspects of a traditional economy, the survey found that products sold by exploit vendors, often arrived complete with usage terms, tracking functionality, and enforcement functionality.

Oracle Has Sunny Forecast for Cloud Computing
These three cloud approaches have in common the Oracle database, running as a database as a service. Supporting it is the Oracle Fusion Middleware as a service that operates its business applications and is the basis to build custom applications by providing user, process, documents, information and identity services. Middleware is also where Oracle is advancing its support of mobile computing and big data as well as batch-to-real-time integration to applications and data across the enterprise and cloud along with Web services support through the REST and SOAP interfaces. Our research shows that integrating data from cloud applications is important to 80 percent of organizations.

ATM malware, controlled by a text message, spews cash
The malware is engineered to plunder a certain type of standalone ATM, which Symantec has not identified. The company obtained one of the ATMs to carry out a test of how Ploutus works, but it doesn't show a brand name. Ploutus isn't the easiest piece of malware to install, as cybercriminals need to have access to the machine. That's probably why cybercriminals are targeting standalone ATMs, as it is easy to get access to all parts of the machine. Early versions of Ploutus allowed it to be controlled via the numerical interface on an ATM or by an attached keyboard.

Fourteen Interview Questions to Help You Hire Your Next Innovator
The potential for innovation in your company increases when you have employees who demonstrate unrestrained thinking and the ability to connect seemingly disparate ideas. Is it possible to identify the people with these capabilities during a first interview? Absolutely—if you know what you look for and if you’re armed with the right questions. When searching for the next innovator to add to your team, start by looking for these five critical innovation skills and asking the relevant questions to find candidates who have them.

Quote for the day:

"There is only one thing more painful than learning from experience and that is not learning from experience." -- Archibald McLeish

March 24, 2014

Outdated mainframes putting businesses in debt
"The challenge for CIOs is keeping up with the accelerating pace of business and so they do need to actually introduce a lot more capabilities into the core system," he said. "For example, places like Korea uses mobiles to make touch payments via credit cards without any pin and in order for that to happen, core systems had to be changed. The modernisation of these things is more important at this point than just looking at the pure cost." Another key research finding was that 31 percent of current mainframe applications are accessible via the cloud, with this figure expected to rise to 41 percent in two years.

WebRTC standard is unfinished but enterprises are ready to adopt
Testing out the more recent browser-based communication technology gave McFarlane and his team the confidence that WebRTC was a viable option, and Twilio helped LiveOps achieve browser-based telephony quickly. "As of 2013, we were completely enabled for WebRTC," he said. The best part about the WebRTC standard lies in the fact that it's not a proprietary technology, he said. While Twilio is currently the sole provider of WebRTC for LiveOps, that doesn't always have to be the case down the road. "It's really big on the hype cycle, but I think the hype is worthwhile at this point," he said.

It's good business to let your business go social
Technology is the enabler of a social enterprise, but culture is its core. IBM uses the term “work-life integration” rather than “work-life balance” because the reality is for our people – and specifically people entering our work force – the lines between “work” and “non-work” are blurry. Team members are accustomed to continuous sharing of ideas on social platforms and often those ideas are related to a work project or a work relationship. If someone needs flexibility during traditional working hours to attend to a personal matter, as a leader you have to trust that that person will provide full value at other times during the day.

Microsoft to review policies after admitting it searched customer email
Court filings revealed that Microsoft's internal investigation involved searching through the French blogger's Hotmail account where it found emails from Kibkalo. Hotmail has since been rebranded as ... Microsoft also searched through Kibkalo's instant messaging conversations and his account with SkyDrive, the company's cloud file hosting service that's now called OneDrive. While it appears that the terms of service for Microsoft's online services allows the company to access users' content "to protect the rights and property of Microsoft," among other things, the incident drew criticism from privacy advocates and other users on social media.

NSA hacked into servers at Huawei headquarters, reports say
The NSA "pried its way" into Huawei servers at the company's headquarters in Shenzhen, China, according to an online report in The New York Times Saturday. The operation, code-named "Shotgiant," was to try to establish long-suspected links between Huawei and the PLA, and also to plant backdoors on Huawei equipment sold worldwide, according to the Times. Among the information cited by newspaper was a 2010 document detailing Shotgiant operations. However, covert operations against Huawei go as far back as 2007, The New York Times report said. The NSA also monitored communications of Huawei executives, the report said.

IBM's Anti-Fraud Push Strikes a Chord with Banks
Banks are said to need such products to sift through vast repositories of data and get the left hand of their large operations, say the anti-fraud group, to compare notes about suspicious activity with the right hand, perhaps the anti-money-laundering team, in order to catch the bad guys. In the same way, IBM executives have to make sure their products do a good job of talking with each other to be effective. If such anti-fraud technologies "aren't connected and in sync with each other, that creates gaps for the fraudsters to cut through," says Richard Hoehne, global counterfraud and financial crimes leader at IBM.

Dell Acquires StatSoft
The acquisition of StatSoft bolsters Dell Software’s growing portfolio of information management solutions, while further enhancing the company’s open approach to data management. StatSoft adds advanced analytics to a robust set of software capabilities that includes database management and optimization, application and data integration, and big data analytics, all underpinned by Dell’s myriad software, storage, server and services offerings and industry relationships.

How a digital Cold War with Russia could threaten the IT industry
While the European Union has imposed similar travel bans and asset freezes of key Russian individuals, political realities will likely stop them from imposing wider-range sanctions like those the US is threatening, due to their heavy reliance on Russian natural gas. While the United States, unlike Europe, is not a major consumer of Russian gas exports, it would be simplistic to say that Russia has no impact on US business at all. A full-on Cold War with Russia and imposition of the kind of wide-ranging sanctions that we currently impose on Iran and other hostile states would actually have a real and costly impact on the technology industry, should the situation degrade further.

Government open data proves a treasure trove for savvy businesses
Hoping to capitalize on this open data revolution, IT leaders are taking the lead in discovering the value of converting terabytes of data into new revenue streams. Forget about the open-source movement's clarion call for free software, greater collaboration and anti-establishment bootstrapping. Today's open data trend is driven by a desire for both greater government transparency and a fatter bottom line. And as more and more techies clamor for a seat at the table, they're finding that the era of open data represents a prime opportunity to prove that they're indispensable revenue-generators, not just server-room sages.

Career Watch: The rise of people architecture
For employers, people architecture can mean improved individual and team performance and more predictable execution, more consistent availability and quality of skills and workers, higher utilization rates, and optimized resource supply/demand management. For IT professionals, it can mean more tangible career paths, more useful feedback on how they fit into the overall IT and business mission, and less confusion about job options. And we hear stories about better morale.

Quote for the day:

"Many of life's failures are people who did not realise how close they were to success when they gave up." -- Thomas Edison

March 23, 2014

Hosted Desktop Services – Take Advantage of BYOD
“There’s a big demand for cloud services to cover enterprise mobility management,” said Absalom. He added that most mobility management vendors provide a mixture of both cloud and on premise services, depending on the demands of the business. Many entrepreneurial ISV’s have started to offer cloud based BYOD management tools including Armor5, MobileSafe, and Cisco-acquired Meraki. Absalom added there is much scope for further innovation, even when the addition of major vendors to the market – IBM, HP, Dell, Microsoft –is considered.

What Makes a Perfect Business Requirements Document?
A Business Requirements Document is an essential part of any major project. It is often written based on a company template especially in large corporations, which can vary from industry to industry, and which may have been in use for many years. But businesses change rapidly so the template you are using may not be perfect and if you work for a start up business then you may not even have a template to work from. So here are some top tips for what to include in a Business Requirements Document; getting the BRD right is a major factor in successful projects. But just what makes a perfect business requirements document?

4 Ways to Cure Your Technological "Distraction Addiction"
It’s easy with social media to forget that there are real, live people behind those goofy Twitter avatars. “The fact that you’re interacting through technical intermediaries should not distract you from their humanity,” Pang notes. To make sure you’re reminded of the humans behind Twitter and Facebook’s cheerful blue design schemes, Pang suggests “mindful” engagement with social media. Pang writes, “Tweeting mindfully means knowing your intentions, knowing why you’re online right now and asking yourself if you’re on for the right reasons … As a practical matter, this means that if you read something and your first impulse is to post a sarcastic comment or to blather on, stop and consider why this is the case.”

Embracing the cloud: How Microsoft is radically changing its vision
As it enters its fourth decade, Microsoft is on a tear. The company’s stock price, hovering around the $40 (U.S.) mark, is higher than it has been at any time since the dot-com boom. In its most recent quarterly earnings report this January, Microsoft posted revenue of $24.52-billion and profit of $6.56-billion – beating analysts’ expectations. Yet the company still finds itself in the unfamiliar role of underdog, struggling to keep up with younger foes such as Facebook, Google and Amazon for dominance in the tech industry’s triple crown of social networking, mobile devices and cloud computing.

10 Best Cloud Tools For SMEs
Though many companies are confident that their networks are protected, this confidence might be misplaced as the recent events in which the networks of even large companies were hacked means that the CIOs (Chief Information Officers) and the system administrators cannot take things easy. It is in this context that the provision of “security as a service” or a cloud based network protection tool would come in handy for the systems staff in SMEs. The following list of ten best cloud tools for SMEs should provide the information necessary for the SMEs to protect their networks.

Erik Bussé: “TV will become the portal to the digital home”
I expect the average new house will have sensors connected to doors and windows, a doorbell with a camera, wireless light switches smoothly integrated in a smartphone app. Apart from the smart phone, the TV screen will become the portal to all digital home solutions. I expect even that appliances like refrigerators and washing machines will become connected. This will enable preventive maintenance but also will allow customers to be informed that it is time to empty the dishwasher or to warn them that the temperature in the fridge is getting to high because someone left the door open. This way, there will always be a nice cold beer waiting for you!

When is software patentable? The Supreme Court is about to weigh in
Software patents have always been controversial, in large part because the dividing line between a patentable software-based invention and one that is not has never been clearly defined. But the often hazy body of law that determines software patentability could be about to change. On March 31, the U.S. Supreme Court will hear oral arguments in Alice Corp. Pty. Ltd. v. CLS Bank Int’l., No. 13-298, a case that could have wide consequences in the tech community and beyond. At stake is when and how a particular software-based invention—that is, an invention that incorporates the performance of a computer and software—is entitled to a patent.

The Green Grid Unveils Energy Productivity Metric for Data Centers
DCeP is an equation that quantifies useful work that a data center produces based on the amount of energy it consumes. The Green Grid is no stranger to attempting to quantify data center efficiency, coming up with many of the standards used today, such as Power Usage Effectiveness (PUE), which compares a facility’s total power usage to the amount of power used by the IT equipment, revealing how much is lost in distribution and conversion. DCeP allows an organization to define “useful work” as it applies to its business. For example, a retail business may use number of sales as the measure for useful work, while an online search company may use the number of searches completed.

How David Rockwell Reinvented The Theater For The TED Era
Rockwell traveled to Vancouver to look at the space with the TED team, sketching the first plans on a restaurant napkin. "Like most great things, it was slightly terrifying, but kind of the perfect intersection of what I’ve been thinking about for 30 years," he says. Rockwell is interested in exploring why, in an age when we can be connected through technology anywhere and at any time, we still crave a live experience. Harnessing the idea that the experience of TED is as much about the audience as it is the speaker, he designed a 20,000-square-foot temporary theater that can be assembled within the convention center's 40,000-square-foot ballroom, one that he says is "very much bespoke around [TED's] DNA.”

Virtual Panel on Immutable Infrastructure
“Immutable Infrastructure” is a term that has been increasingly talked about lately among the Ops community. InfoQ reached out to experienced ops engineers to ask them what is the definition and borders of immutable infrastructure as well as its benefits and drawbacks, in particular when compared to current widespread “desired state” configuration management solutions. Is it a step forward or backwards in effective infrastructure management?

Quote for the day:

"This one step, choosing a goal and sticking to it, changes everything. " -- Scott Reed

March 22, 2014

Emergency response vehicle puts IoT on wheels
“The internet of everything brings together people, process, data and things to make networked connections more relevant and valuable than ever before,” said Ken Boal, vice president of Cisco Australia and New Zealand. “The National Safety Agency’s Emergency Services Integrated Communications vehicle is a phenomenal showcase of how public safety can significantly improve the real-time flow of information through a mobile command and communications center to allow better informed decisions to be made more quickly and ultimately lead to safer Australian communities.”

Court approves first-of-its-kind data breach settlement
A federal court in Florida broke the mold by approving a $3 million settlement for victims of a data breach in which personal health information was exposed when multiple laptops containing the unencrypted data were stolen. The Dec. 2009 theft of laptops belonging to AvMed, a Florida-based health insurer, exposed the patient records of tens of thousands of its customers. Several victimes later filed a putative class action lawsuit against AvMed. The plaintiffs suffered no direct losses or identity theft from the breach but nevertheless accused AvMed of negligence, breach of contract, breach of fiduciary duty and unjust enrichment

“Modernizing” Your Data Warehouse with Microsoft
Modernizing your data warehouse with new technologies can help you meet the needs of today’s enterprise to connect all volumes of any data with agile and familiar BI to business decision makers. This was validated by The Data Warehousing Institute (TDWI) who published a checklist to enable the modern data warehouse. ... Microsoft has a comprehensive solution to modernize your data warehouse across software, appliance, and cloud for this new world of data.

Hadoop and NoSQL Now Data Warehouse-Worthy: Gartner
The shift to include non-relational data warehouse products opens Gartner’s report to three new vendors, including Cloudera, MarkLogic, and Amazon Web Services, the first two of which are in the lower left “Niche Players” quadrant, while AWS is in the upper left “Challegers” quadrant. Teradata, by the way, remained the king of the data warehouse hill, with the best rating in the upper right “Leaders” quadrant, along with other established giants like Oracle, IBM, Microsoft, SAP, and HP, which crawled up from the “Visionaries” quadrant to sit with the big dogs.

Hybrid Cloud: Creating a Roadmap for a Cloud-enabled Enterprise
Hybrid cloud, which draws from multiple in-house and external resources, is the hot trend in 2104. To date, organizations have taken a “lite” approach for in-house private cloud using commodity hardware, virtualization and dynamic provisioning technology. However, the increased availability of ‘cloud operating systems’ such as OpenStack make it easier to replicate public cloud capabilities in-house. Thus, the concept of a hybrid cloud infrastructure really became popular.

Beware this big iOS flaw -- and it's not alone
Apple, he explained, recognized that the method of generating random numbers in iOS 6 could be improved on. Its security engineers leveraged the phone's CPU clock counter on earlier version of iOS, Mandt said. "That's not very good, but still somewhat unpredictable," he said. The problem with the new generator in iOS 7 is that it uses a linear recursion algorithm, Mandt said, which has "more correlation" between the values it generates. That makes them easier to extrapolate and guess, he said. "Normally, you shouldn't be able to get any of these values in the first place," Mandt said.

The Right-Time Enterprise: Time to Take Advantage
In the past, bringing data from these disparate islands of technology in a single data store would have been unaffordable and working on them separately was too laborious to be worthwhile. Today, cheaper and better storage and big data solutions make that possible, and applying analytics tools to the data generates valuable and actionable insights for the business far more quickly. One practical application lies in production management, where streaming data enables the company to exercise opportunities to reduce the risk to supply and save costs of operations by responding to the performance of its production systems in near real time.

The End of the Cloud Experiment – What’s Next for Business?
One of the most disruptive aspects of this is now emerging, in what many are calling the “API economy,” wherein developers, ISVs, and enterprises increasingly build and share interfaces to their applications’ functionality that enable more flexible consumption of solutions across a variety loosely-coupled IT and business environments. The accelerating adoption of API-driven development strategies is causing significant shifts in software architecture, software security, and partner relationships, which in turn pose new challenges for ISV business models and Cloud services providers.

IT's hottest jobs: IT technician
IT technicians can be found working in a variety of industries, as IT technicians and support personnel are among the most in-demand positions companies are seeking to fill. Some of the most common scenarios include working in a retail electronics store that repairs hardware or software; as a member of an internal IT team within large and medium sized companies; and as a technical support advisor who helps customers over the phone with tech issues.

Is Cloud Computing Secure for Financial Services Industry?
This is a typical argument we hear from old school IT or legacy vendors such as Oracle. They tell you multitenancy is bad for you, either because they haven’t upgraded their skills (and are fighting to save their jobs) or because they want to sell you dedicated hardware. CPU power is commoditized and getting cheaper every day, so the “non-trivial CPU usage” claim doesn’t hold water. In fact, I realized that the case against cloud security now rests heavily on the recent hacking incidents, as some of these comments suggest:

Quote for the day:

"The value of a company is the sum of the problems you solve." -- Daniel

March 21, 2014

Google tightens HTTPS protections in Gmail in light of government snooping
"Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email," Nicolas Lidzborski, Gmail Security Engineering Lead, wrote in a blog post Thursday. He highlighted the security benefits of having HTTPS permanently on. "Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail's servers -- no matter if you're using public WiFi or logging in from your computer, phone or tablet," Lidzborski wrote

Technology focus in securing BYOD is a mistake, say experts
“Any enterprise cannot apply appropriate controls before it understands how employees are using mobile technology and it does a risk assessment to ascertain if there are any privacy issues,” he said. Many organisations fail to define what they are trying to protect, said Paul Swarbrick, global CISO at legal firm Norton Rose Fulbright. “The biggest danger of BYOD is not understanding the risks,” he said. “Security should not be about the technology; it should be about the data and protecting that data wherever it is used, and about educating employees to access data securely," said Swarbrick.

On Handling Dates in SQL
The date fields contain non-negative integer values, constrained by the natural rules for dates using the Common Era calendar. Please note a few things you might not think about if you are not a “data junkie” who stayed up to watch the leap-second one night. There is no year zero. There are no negative years, either. The correct postfix is “CE”, and “BCE” for “Common Era” and “Before Common Era” dates, replacing AD (“Anno Domini ') and BC (“Before Christ). Standard SQL also has an INTERVAL data type. This is a “mixed measurement”, made up of temporal fields, just as we Americans mix feet and inches.

Logitech ConferenceCam CC3000e review: Room-based HD video conferencing
Logitech has maximised layout flexibility by connecting everything via a small (9.5cm by 7.4cm by 3.4cm, 50g) powered USB 2.0 hub. You get 5-metre (16-foot) Mini-DIN cables for attaching the camera and the speakerphone, and a 3m (10ft) USB 2.0 cable for connecting to the PC or Mac that's hosting the video conference. If you want to keep the hub and wiring out of the way, you can use the provided mounting kit to attach it to the underside of a desk or table. The CC3000e is officially compatible with a range of UC platforms, including Microsoft's Lync and Skype, Cisco's WebEx and Jabber, Vidyo and the Logitech-owned LifeSize ClearSea.

OneNote vs. Evernote: A personal take on two great note-taking apps
With Microsoft's release of OneNote for the Mac and iOS , and its announcement that the Windows application is now free as well, the company has taken dead aim at the popular program Evernote. The two applications now both work on the same platforms (including mobile OSes such as Android, iOS and Windows Phone), sync your notes to your devices and include Web-based versions. But they also have some very distinct differences. So which is better?

Unleashing Creativity
The authors of this paper examined eight managerial competencies that have been recognized as promoting creativity and innovation, and measured whether supervisors’ success or failure at implementing these competencies corresponded to organizational outcomes. After providing their demographic information, employment history, and record of management training, a diverse group of 1,337 supervisors from 19 countries took an Internet-based test designed to gauge their abilities to elicit creativity.

The world's unlikely leader in mobile payments: Kenya
"The idea of mobile banking was born in Kenya," said Calestous Juma, the director of the science, technology, and globalization department at Harvard and a recognized authority on technology and development in Africa. "Africans did not invent mobile phones, but they invented a new way of using mobile phones, which is for money transfer." If Africans had waited to invent their own phones, Juma said, they wouldn't have been able to take advantage of this opportunity and create a new market.

Shortage of Project Managers Sends Businesses Scrambling
The problem isn't a lack of project management professionals overall, says Bashrum, but rather it's finding experienced, senior talent. Add to that the larger issues of shortsighted hiring practices, a lack of competency planning, and a reduced focus on training and development, and many companies' business objectives are at risk, according to the study. "Finding and retaining junior project managers is not so much the problem; it is really the mid-level and senior PMs who are so difficult to find," says Bashrum.

Why HR Pros will Turn to Video Conferencing in 2016
The survey also showed that video is becoming more pervasive for Human Resources teams across the globe. When asked to choose their preferred methods of business communication today, HR respondents ranked video conferencing as a top-three tool for communications, placing third (46 per cent) after email (88 per cent) and voice/conference calls (62 per cent). Other methods of business communications these HR executives said they use included Web conferencing, instant messaging and social media.

Offloading Work from Your Application with a Queue
You can always improve your application's response time by doing less. One way of doing less is to move tasks offline for processing later. "Later" in this case might mean "this evening" or even "five seconds later on another computer." The easiest way to do that is to have your application write the necessary information to a Microsoft Message Queue (MSMQ) and have another application read it and process the information. The queue can even be transactional; should you roll back the transaction, your MSMQ entries will also be backed out.

Quote for the day:

"Those who hate you don't win unless you hate them, and then you destroy yourself." -- Richard M. Nixon

March 20, 2014

A Retrospective on User Interface Development Technology
It seems so simple and so obvious, but a lot of work—and a lot of changes—have shaped how we interact with our devices since the dawn of the computer age. In this brief survey of UI history, we look back to when desktop computers became ubiquitous (early 1990s) and give a short retrospective on UI development technology all the way up to the modern era. To set the ground for novel, state-of-the-art UI API, we were eager to find out how the API for building UIs evolved and what it looks like today.

Measuring Architecture Sustainability
The measures for architecture sustainability we’ve described so far primarily refer to requirements, architecture design, and source code. Additional indirect measures for architecture sustainability include documentation quality and development process maturity. Another important factor is the development organization, after which a software architecture is often modeled. Organizational changes could compromise architecture sustainability if, for example, teams working on specific modules are restructured. However, these indirect and organizational measures for architecture sustainability are out of this article’s scope.

Ex-Microsoft employee arrested, accused of stealing Windows RT, product activation secrets
Email from Kibkalo's own Hotmail account was discovered in the blogger's inbox. Further digging, presumably on Microsoft instant chat service, found messages between Kibkalo and the blogger. "The sample code in Kibkalo's accounts was the same sample code that the Microsoft source received from the blogger, prompting Microsoft's investigation," Ramirez told the court. ... when he allegedly admitted that he "leaked confidential and proprietary Microsoft information, products and product-related information to the blogger," the charge sheet stated.

ERP contradictions in 2014: Smaller projects, more delays
The report states that "organizational issues" were the primary contributor to time overruns, with more than half of respondents spending between 0-25 percent of their budget on change management. While this explanation makes sense, it does not fully explain why less costly projects in 2013 took longer to run, and delivered lower benefit, than those in prior years. The research attributes lower project budgets to smaller companies implementing ERP:

Threat Landscape in the Middle East and Southwest Asia – Part 5: Socio-economic Factors and Regional Malware Infection Rates
This research revealed that there were correlations between 34 socio-economic factors and regional malware infection rates, among the 80 factors studied. A full list of these factors and the sources of data for each are available in the study. Figure 1 contains some samples of the factors and their correlation with regional malware infection rates (Computers Cleaned per Mille or CCM). Most of the factors identified were negatively correlated with CCM; as the indicator value rises, CCM will decrease. For example, as gross income per capita increases, CCM decreases. It is important to keep in mind that correlation does not mean causation.

Digital reality: When IT meets the business
"Enterprise IT departments face increasing pressure to emulate the success of consumer mobile applications as businesses become convinced this is the way to offer technology that is attractive to consumers, and business users demand mobile access to corporate IT and data via consumer devices, and expect these to be quickly developed and delivered." But given the wider social and commercial acceptance of mobile web, she says there is a growing feeling that this could be the right time to start offering apps as a way to help the business and reinvigorate the IT function.

Advanced Technologies Park: An ecosystem of tech innovation in southern Israel
For the Advanced Technologies Park (ATP) at Ben-Gurion University (BGU) of the Negev, located in the Israeli city of Beer-Sheva, the ultimate vision is as high as the desert sun. Inaugurated in September 2013, the park is the brainchild of former BGU president Prof. Avishay Braverman. "My dream that Ben-Gurion University will do for Beer-Sheva what Stanford University did for Silicon Valley begins," said Braverman in a message pre-recorded for the inauguration (PDF). Also present at the ceremony were Prime Minister Benjamin Netanyahu, current BGU president Rivka Carmi, and several Israeli government ministers.

Surfacing elephants and new ideas
When loud leaders and quiet leaders learn to moderate their natural tendencies while remaining true to who they are, modeling and setting expectations that others will do the same, the organization can enjoy a collective wisdom that was kept dormant. Can you imagine what might happen when that occurs? I can, and it’s a compelling vision of fully functional companies that actually listen and hear what’s being said. Creativity is no longer an issue. Collaboration rides on the coattails of this imagined company ripe with rich, deep listening and all voices being heard — with bottom-line results.

Leveraging Big Data Analytics to Reduce Healthcare Costs
The healthcare sector deals with large volumes of electronic data related to patient services. This article describes two novel applications that leverage big data to detect fraud, abuse, waste, and errors in health insurance claims, thus reducing recurrent losses and facilitating enhanced patient care. The results indicate that claim anomalies detected using these applications help private health insurance funds recover hidden cost overruns that aren't detectable using transaction processing systems. This article is part of a special issue on leveraging big data and business analytics.

Protecting your MSP practice against security risks
Besides the cost, MSPs and customers both suffer loss of customer confidence and uncertainty around what was compromised following a data breach. In healthcare in particular, the HIPAA omnibus final rule summary, which was released in September 2013, specifies enforcement of breach notification requirements that began in January 2014. "People in healthcare are going to be held accountable and they're going to get hit in the pocket. When you have these kinds of laws in place, it's our responsibility to help them understand the risk if you don't do it," Gomes said.

Quote for the day:

"Your big opportunity may be right where you are now." -- Napoleon Hill