September 30, 2014

DevOps in Telecoms – Is It Possible?
Unlike IT and Internet platforms, they don't create a virtual service to be deployed somewhere in the cloud, nor can it be “continuously” patched in an Agile manner. They deliver hardware that may cost millions to commission and is maintained over years with strict SLA's. So on a technical level, by using OpenStack, Puppet, Chef, Salt or other technologies DevOps isn't going to do anything for the Telco guys. When I first asked my former colleagues from my time working in SaaS in 2012 what DevOps actually was, the confusing answer by advocates was:

6 Key Defenses Against Shellshock Attacks
Security vendor Cloudflare reported Monday that it has counted more 1.5 million distributed-denial-of-service attacks against the Shellshock flaw daily on its network. Web application firewall vendor Incapsula reported Monday that over the four days since Shellshock was made public Sept. 25, it has deflected more than 217,000 exploit attempts on over 4,115 domains. Incapsula has documented attacks originating from more than 890 IP addresses worldwide. So, what should companies do to defend against attackers? Experts from the SANS Institute, which provides data, network and cyber security training, offer the following advice:

Why Great CEOs Often Work Less to Achieve More
We are endlessly told that hard work creates more profit. Work harder to create more profit in your new business. Does more work really mean more profit? Do we have to put in ludicrously long hours to be successful? We have been brought up to believe that working more equates to being more successful. More input equates to more output. Well, I am not sure I agree. I think the logic (and many of the assumptions behind it) is flawed.  Sure, if you are a one-person-business, charging per unit of time, then more units equals more money. But most businesses try to grow by employing people to spread the workload. Or, maybe you should simply charge more per unit of time!

Is the cloud instable and what can we do about it?
Like many of the web-scale applications using cloud-based infrastructure today, enterprise applications need to rethink their architecture. If the assumption is that infrastructure will fail, how will that impact architectural decisions? When leveraging cloud-based infrastructure services from Amazon or Rackspace, this paradigm plays out well. If you lose the infrastructure, the application keeps humming away. Take out a data center, and users are still not impacted. Are we there yet? Nowhere close. But that is the direction we must take.

"Upgrading" Pair Programming
Pair Programming it is a highly effective practices, but the remaining question if has enough coverage to describe the needed cooperative work inside the team. Unfortunately, the practice name it is interpreted too literally, only for direct coding activities. Yes, Agile has restore the importance of the coding in the overall development, but let think a little: what is the meaning of “Programming” from XP name? In fact it is “Development”, where the effective programming/coding it is, of course, very important. An XP programmer it is, in fact, a multi-role developer involved also in planning, requirements, architecture, and design, coding and testing. A much better term could be then “Pair Development”.

Enterprise Cloud Architecture: 3 Questions You Should Ask to Determine the Right Approach
Looking to minimize capital expenditures and convert to an OpEx-based model? Then a third-party cloud solution should probably be part of your equation. Want to move to the cloud but constrained by data storage regulations? A private cloud solution or a public cloud offering that meets your compliance requirements might be more up your alley. Have some apps that would easily convert to the cloud, as well as other legacy apps that wouldn’t be quite so easy to virtualize? A hybrid approach could be the right answer. As with many things in life and in business, the answer to the cloud computing architecture question is, “It depends.”

Through microservices, a renewed push for simplicity and IT minimalism
So what are microservices, and is there anything new about them? It feels like deja vu all over again. Microservices are, in essence, finely grained services, deployed without middleware or brokers -- such as an enterprise service bus. There are shades of Jim Webber's "Guerrilla SOA," which he advocated a number of years back as a way to quickly build and deploy services for tactical quick hits. APIs and RESTful services also fit this mold. Gruman and Morrison suggest that MSA is all of these things, with an emphasis on taking a minimalist approach to services:

Service model driving cyber crime, says Europol report
"The inherently transnational nature of cyber crime, with its growing commercialisation and sophistication of attack capabilities, is the main trend identified in the IOCTA,” said Rob Wainwright, director or Europol. “It means issues concerning attribution, the abuse of legitimate services, and inadequate or inconsistent legislation are among the most important challenges facing law enforcement today," he said. EU home affairs commissioner Cecilia Malmström said the fact that almost anyone can become a cyber criminal is putting ever-increasing pressure on law enforcement authorities.

Report: Crime-as-a-Service tools and anonymization help any idiot be a cyber-criminal
Almost any idiot with malicious intentions can jump into the cybercrime arena thanks to 'Crime-as-a-Service' tools that lower the entry barriers into cybercrime; wannabe cyber-criminals who lack technical expertise can simply buy the tools and skills needed. In fact, “Crime-as-a-Service business models” and anonymization have helped many traditional organized crime groups move to cybercrime, according to the 2014 Internet Organized Crime Threat Assessment (iOCTA) published today.

Trust in cloud security at all-time low: Execs still betting on the cloud
BT says this trust drop (82 percent in the US, 76 percent globally) is "a substantial increase of 10 percent globally from previous research in 2012." With recent news of serious cloud security breaches, such as the Xen bug forcing Amazon to reboot its EC2 instances, and Xen making Rackspace do the same this weekend, plus consumer fears fanned by the "celebrity nudes iCloud hack" -- it's no wonder IT is losing its faith. But with cloud security trust as rock bottom, is enterprise IT nuts for putting its data security into cloud and SaaS?

Quote for the day:

“If we did all the things we were capable of, we would literally astound ourselves.” -- Thomas A. Edison

September 29, 2014

Smarter algorithms will power our future digital lives
Basically, even though most people haven't even heard of deep-learning algorithms, better ones could mean a future that includes smarter homes, and robots that care for parents and walk our dogs. "This type of research is important in that it could yield better ways to wade through the infinitely expanding pool of data driven by the Internet of Things and mobility," said Patrick Moorhead, an analyst with Moor Insights & Strategy. "Deep learning is a critical part of the future of the digital world even though most people don't know anything about it."

Can “Agile” break the Iron Triangle? Can open allocation?
Without further exploring the rabbit hole of subordinacy, let’s return to a question that I’m sure many readers have asked. Why is this set of three traits (subordinacy, dedication, and strategy) called an Iron Triangle? The answer is that an organization gets at most two from each person. To see why that is, it’s useful to examine the eight combinations formed by the absence or presence of each trait. People with zero or one of the Iron Triangle traits tend to be organizationally inert, so I won’t focus on them. At 2 out of 3, we get the MacLeod archetypes.

Jeff Hawkins on why his approach to AI will become the approach to AI
We’re very confident that by the end of the 2020s, we’re going to be settled on a dominant paradigm. It’s going to be quite different than the one we’re currently in today, where specific algorithms that excel at one task dominate. We believe it’s going to be based instead on the universal algorithms that work on many problems. They’re going to be memory-based, not mathematically based. They’re going to be based primarily on time-based patterns, and they’re going to be online learning paradigms. Our belief in this comes really from studying the brain. This is what the neocortex does.

Samsung to offer PC gamers a 27-inch curved display
Critics who have reviewed curved TVs report that pictures seem to have more depth, and that objects at the edges of the screen look sharper because the curve of the display tracks the curve of your eye. But those reviews have been of TVs with screens that are at least twice as big as a computer monitor, and that are viewed across much greater distances. On the downside, faultfinders have noted that distracting reflections—especially from ambient light sources—are much more prominent in curved displays.

Be open and honest
What prevents leaders from apologizing freely, from owning up to mistakes and taking full responsibility for them? One contributor, no doubt, is the cultural axiom that leaders, particularly aspiring ones, should hide weaknesses and errors. However, we need to realize that it is not only healthy for leaders to admit their wrongdoings, but such practice can be a powerful tool for them, increasing their legitimacy among their co-workers. People need courageous leaders in order to feel there is someone to make the tough calls and to take responsibility for them; they need to know that the buck truly does stop with the leader.

5 features Windows 9 needs to succeed
On Tuesday Microsoft will preview the next-generation Windows operating system – currently codenamed Windows Threshold, but expected to be called Windows 9 – and it will be a keystone to Microsoft's plans over the coming years. With that in mind, here are five features that Microsoft must add to Windows 9 if it is to have a chance of not only tempting me back into the ecosystem, but also of dissipating the cloud of negativity that Windows 8 currently finds itself engulfed in.

Architecting IT for cloud integration platforms
Choosing an iPaaS product allowed InsideTrack to repurpose IT staff that had been doing back-office roles and other development activities to higher-value work. They created new roles for business analysts who could understand business process workflow and partner with other business units to ensure the company was getting what it needed. This made it possible for InsideTrack to use business analysts to do much of the integration work instead of technical experts. Sue found that individuals coming from the business side had a greater understanding of the business process and were able to work more effectively with the different business units than the traditional IT staff.

CTO to startup founder: The reprogramming process
Startups provide a polar opposite environment. You'll remain the decision maker, but you'll take on the role of chief producer as well. As a new founder, time is a luxury when it comes to product testing. This will inevitably change the way you look at production. "The biggest change in philosophy was to start thinking incremental vs large scale releases. As an engineer, you want the application deployed flawlessly, and without issues," said Larry Kiss, former Senior Design Engineer at Motorola, now co-founder of SpotHero. "But in a startup, every minute that a user isn't using the new production/feature, is lost time for user experience or production validation."

Citi Calls Coders to Develop Apps for 'Internet of Things'
Citi will make available a set of APIs (application programming interfaces) to individuals around the world selected to participate, and invite them to create apps for mobile devices, the Internet of things and wearable apps. An internal team from Citi will select applicants who can code while a panel of judges will determine who participates on one of three demo days. The innovation initiatives underscore what banking execs have publicly stated: They are strugglingto keep up with customers' digital demands at a time when the industry is getting disrupted on payments and other fronts while consumers are using branches less.

Let Me Graph That For You
Variably structured data is the kind of messy, real-world data that doesn't fit comfortably into a uniform, one-size-fits-all, rigid relational schema; the kind that gives rise to lots of sparse tables and null checking logic. It’s the increasing prevalence of variably structured data in today’s applications that has led many organisations to adopt schema-free alternatives to the relational model, suand document stores. But the challenges that face us today aren’t just around having to manage increasingly large volumes of data, nor do they extend simply to us having to accommodate ever increasing degrees of structural variation in that data.

Quote for the day:

"A culture of discipline is not a principle of business; it is a principle of greatness." -- Jim Collins

September 28, 2014

Emergence: the next efficient evolution of crowd-sourced innovation
While this model is great for generating mass content, having a large number of suggestions means there’s often a lot of ‘background noise’ which can drown out that one truly great idea. The average employee also has a fairly limited attention span, which is proven to plateau – meaning they lose interest after a certain point in the process and engagement levels drop. This killer combination creates tension in the innovation process. Current crowd-sourcing solutions and methods attempt to ease this by killing weak ideas as quickly as possible. Although this isn’t always for the best, as I’ll explain later.

3 Days on the Road and this is what is moving and shaking in Information Management
There were a number of themes and threads that arose over the couple of days that align, as it happens, align with numerous other inquires in the last few months. So thought I would detail some of these for you. There was one overarching theme that solidified in my mind, and that of complexity. More specifically how firms in general are tending to continuously overlay new complex processes and rules atop what was already a complex business or organization. This ‘adding to complexity’ seems to be everywhere and is creating all kinds of perverse or unintended consequences.

Too many cooks spoil the broth
There is a well-known case study of a major consulting firm being hired by a big airline company to help with its strategy formulation, and the consulting firm recommended a significant shift in strategy. The company later recruited the country head of the consulting firm to join its board, who then used his dominant influence to defend the strategy. The company pursued the new strategy until it was run into the ground. Apart from providing a lesson in harmful over-reliance on consultants, this case highlights the dangers of a board having too strong a vested interest in a particular strategy.

Agile Self Governance
Today in the Agile project world the idea of self-governance is pervasive. But the parallels with the Irish governance regime in the noughties is too close for comfort. The Agile principles guide that projects should be built around motivated individuals, given the environment and support needed and trust them to get the job done. Further valuing working software over comprehensive documentation is effectively encouraging teams to dispense with transparency and traceability. While this may work in small scale environments, in a large enterprise the idea that all teams will be highly skilled, properly resourced and motivated contradicts general experience.

Does IT Strategy Matter?
Increasingly, I have heard CIOs and other IT executives say, “There is no IT strategy; there only business strategy.” This sounds great, especially for a division of the corporate structure that has historically referred to itself as separate from “the business.” The problem is that this would seem to suggest that there is only one strategy: the enterprise strategy. When you extend this logic, it would suggest that there need not be a Marketing strategy, an Operations strategy, product or service strategies, HR strategies, and the like.

5 Realities about Agile Cost Savings
Every project has to juggle scope, resource costs, and schedule. If your scope is constant then you need a certain amount of resources and type of resource to achieve your goals. If you use fewer resources to complete your project, you will need more time in the schedule to complete all your scope. Ultimately, you need to strike the right balance between resources and time to achieve the scope. Either way, the cost will be the same for the most part. Here are five of our observations regarding agile’s impact on project costs:

The NHS journey to digital
By deploying a technology that is simple to use and does not require management overheads or IT specialists, the project has helped to reduce the time required by pathologists to input findings and, as a result, to diagnose cancer. It can be used on both computers and mobile devices allowing hundreds of simultaneous users and keeping costs to a minimum. Granted, healthcare provision is not the same as purchasing groceries in the supermarket. It is nonetheless important that it works for those it is designed to serve – whether they are patients or customers – just as a business,

The Open Group Panel: Internet of Things – Opportunities and Obstacles
The Internet of Things is more than the “things” – it means a higher order of software platforms. For example, if we are going to operate data centers with new dexterity thanks to software-definited networking (SDN) and storage (SDS) — indeed the entire data center being software-defined (SDDC) — then why not a software-defined automobile, or factory floor, or hospital operating room — or even a software-defined city block or neighborhood? And so how does this all actually work? Does it easily spin out of control? Or does it remain under proper management and governance? Do we have unknown unknowns about what to expect with this new level of complexity, scale, and volume of input devices?

Why Your SOC and NOC Should Run Together but Separately
Another reason the NOC and SOC should not be combined is because the skillset required for members of each group is vastly different. A NOC analyst must be proficient in network, application and systems engineering, while SOC analysts require security engineering skills. Furthermore, the very nature of the adversaries that each group battles differs, with the SOC focusing on “intelligent adversaries” and the NOC dealing with naturally occurring system events. These completely different directions result in contrasting solutions which can be extremely difficult for each group to adapt to.

Unconventional Approach to Shift-Left by Removing Scripting from the Equation
A scriptless approach can help overcome these challenges by providing greater agility to test automation teams. Script-based Test Automation Challenges Historically, test automation has been perceived as a process in which tests drive an application through its user interface (UI).2 Our experience with UI-based test automation finds that the typical bottlenecks limiting ROI are in the devel-opment of test scripts. Scripted approach limita-tions include: • Test scripts are developed in a tool-specific language, which non-technical users and busi-ness stakeholders do not understand. • There is often a steep learning curve before mastering the required technical skills.

Quote for the day:

"Leadership is a privilege to better the lives of others. It is not an opportunity to satisfy personal greed." -- Mwai Kibaki

September 27, 2014

Fluentx: A Special .NET Library
Fluentx covers all major C# control statements, and eliminates the limitations within them, and adds more features, the assembly holds 5 major categories: C# control statements, Helper Classes, Extension Methods, Specifications Pattern, Object to Object Mapper, the assembly will get bigger and bigger by time as we will add more and more to it to make it used and helps everybody out there. It also has an implementation of Specification Pattern as a validation for any type of code, whether its a business validation or anything.

Leaders in Lean Software Knowledge
The primary thing that we are advocating is not to think of software development as coding and testing. Rather to think of it as figuring out what is worth doing, what’s going to delight the customer, doing it, making sure it’s working well, getting it in service to the customer, and getting feedback from the customer. The really important metric is how fast you can get feedback from a customer about the actual, deliverable application that you are creating. That is beyond the realm of most people who are thinking about software all by itself. It gets toward the devops on one end, and it gets toward the design thinking on the front end.

CAPEX Deferred Eventually Makes the Company Sick
The constant deferral of CAPEX has the real potential to make your company sick. Investments in computers, machines, plants, equipment, buildings and more are the backbone of a company. When CAPEX is intentionally constrained in favor of parking cash for a rainy day or buying back stock (at already high prices), much needed upgrades are deferred.  Worse, constant deferrals of capital upgrades are like a “hidden tax” in that by not spending cash on upgrading creaking systems and infrastructure, it’s highly likely something much worse can happen down the road (i.e. the millions extra Los Angeles has to spend just to clean up the messes resulting from infrastructure failures).

Fighting fraud in banking with big data and analytics
Current systems often cannot handle the volume, frequency or the complexity of today’s fraud activity. Also many banks have, over time, cobbled together numerous fraud point solutions, making a holistic view of threats impossible.  The old model of responding to attacks and fraud well after the fact just won’t work in today’s world of sophisticated and organized financial crimes. Adding to the problem, banks have created a corporate silo mentality that’s often a barrier to successfully fighting fraud. As a result, too many organizations remain vulnerable to fraud because they aren’t taking advantage of new capabilities to fight these threats.

Need for Speed: Parallelizing Corporate Data
A critical success factor is enabling iterative, variable, and transparent results tuned to the personal and organizational work tempo of analysts, managers, and business product delivery. In almost all mission-critical activities, the specific requirements of the business on the data environment are neither static nor known at a level of detail sufficient to supply traditional tools and methods. This leads to the accursed business-technical organizational chasm. - See more at:

5 tips for keeping IT projects on track
After more than 20 years managing IT projects at global enterprises, I have seen and experienced many situations. I’ve celebrated many successes and also faced many challenges. Some of these experiences have served as good examples of what works and what doesn’t in IT project management. Now I am putting these lessons to work in my current role as chief technology risk officer at GE Capital. My job includes oversight of our IT investments, making sure our largest-scale IT projects stay on track and remain strategic to our business. Based on this broad set of experience, here are five key lessons that have proven particularly useful:

SQL Server unit testing framework
This unit test framework has no dependencies beyond SQL server and does not rely on the common language runtime. The tables and functions in the downloadable source files (.sql) should ideally be created in a separate database on the server that hosts the databases being tested. The process will be familiar to anyone who has used the unit test frameworks such a NUnit, MSTest etc. First you set up the prerequisites for the test (pre test setup) then you perform the assertion (unit test) then you clean up anything created by the unit test (tear down).

Shellshock: How to protect your Unix, Linux and Mac servers
A more serious problem is faced by devices that use embedded Linux — such as routers, switches, and appliances. If you're running an older, no longer supported model, it may be close to impossible to patch it and will likely be vulnerable to attacks. If that's the case, you should replace as soon as possible. The real and present danger is for servers. According to the National Institute of Standards (NIST),Shellshock scores a perfect 10 for potential impact and exploitability.

Freaky Data Science
Practical freak advice pertinent for data science includes focus on solving small problems, being wary of “moral” solutions to practical problems, acknowledging what you don't know – “Everyone's entitled to their own opinion but not to their own facts” – and being cognizant of when it's time to quit. And of course the gold standard of determining truth for freaks is the randomized experiment “The impulse to investigate can only be set free if you stop pretending to know answers that you don't.” Perhaps no chapter has more to offer the budding data scientist than “How to Persuade People Who Don't Want to Be Persuaded”.

Take Aways from the Reifer 2014 Quantitative Analysis of Agile Methods Study
Reifer Consultants LLC recently published a benchmarking report that compared the productivity, cost and quality performance achieved by software development projects that use agile methods against similar ones that employ traditional, plan-driven approaches. The results of the analysis were based on 1,500 projects, 500 of which employed a variety of agile methods, over a ten year period using data supplied by 100 organizations. This condensed white paper summarizes seven ‘trends and take-aways’ taken from our report entitled “Quantitative Analysis of Agile Methods1.”

Quote for the day:

"There are many elements to a campaign. Leadership is number one. Everything else is number two." -- Bertolt Brecht

September 26, 2014

The modern workforce: an evolving culture of work
We are seeing a rapid move toward more mobile workers, changing patterns of work and communications, and changing work-life balance. Those changes are creating the 3D workforce, which is distributed, discontinuous, and decentralized. Technology decision-makers and business leaders are adapting to this changing culture of work.

Web caching: Facebook’s Problem of a Thousand Servers
Mcrouter is a piece of middleware that sits between a client and a cache server, communicating on the cache’s behalf, Nishtala explained. It has a long list of functions, three of the most important ones being cache connection pooling, splitting of workloads into “pools” and automatic failover. Pooling cache connections helps maintain site performance. If every client connected directly to a cache server on its own, the cache server would get easily overloaded. Mcrouter runs as a proxy that allows clients to share connections, preventing such overloads.

The Role of Technology in Managing Anti-Bribery, Corruption & Fraud
The distributed and dynamic nature of business makes anti-bribery, corruption, and fraud compliance a challenge. Compliance in the context of a complex and dynamic business environment is particularly challenging as organizations face broadening anti-bribery and corruption laws and regulations. Ultimately, the best offense is a good defense. Regardless of the models, technologies and strategies enabled to help, organizations must be prepared to show they have a strong compliance program in place to mitigate or risk exposure to investigations, penalties and possible prosecution.

Three Questions with the CEO of D-Wave
Computers capable of exploiting quantum physics for computation on a large scale promise to solve in mere seconds problems that would take conventional machines millions of years. But whether D-Wave’s machine uses quantum tricks to process data more efficiently is still an open question. Nonetheless, the company has attracted significant investment funding, and it has struck deals to supply its hardware to companies including Google and Lockheed Martin for research

White House blames IT systems for immigration data problems
"Their IT systems are ridiculous," said Donnelly. "I think there is a disconnect between the people who do the IT systems and everyone else," he said. Criticism about U.S. immigration data, its quality and availability, was a continuing refrain at a National Academies conference this week on high-skilled immigration. Politics and incompetence were blamed for the problem. Immigration data often includes mistakes and is being typed in by people "whose highest priority is not the accuracy of the data," said Madeleine Sumption, director of international research at the Migration Policy Institute, who spoke at the conference.

In pursuit of universal IoT standards
Dozens of consortiums, commercial alliances, and standards groups have been formed in the past few years to address that question. All of them profess essentially the same goal: to speed the growth of the Internet of Things (IoT) and its subset, Machine-to-Machine (M2M) systems, by creating common standards for, as standards group AllSeen Alliance outlines, “interoperable products that can discover, connect, and interact directly with other nearby devices, systems, and services regardless of transport layer, device type, platform, operating system, or brand.”

4 Outsourcing Mistakes Companies Still Make
There's still no script for the Great American IT outsourcing project. But today's most common outsourcing pitfalls have less to do with technology and everything to do with relationships and communication. Or lack thereof. "Both companies have to rise to the occasion to make it work," says Romi Mahajan, president of marketing consulting firm, the KKM Group, which outsources some of its IT operations. Nevertheless, communication breakdowns and finger pointing frequently derail even the best-laid outsourcing plans. Here are four missteps to avoid.

IT Leaders Aren't All Coming From Tech
"Our theory is that within leadership roles, folks have to understand the entire business so they can better serve customers -- both external and the internal customers, users, that IT supports," Van Noort says. "Our external clients are facing skills shortages not with technology and certifications, but with business skills and seeing the larger business strategy," she says. "Instead of focusing so much on speeds, feeds, technical specifications, what we advise our clients is to treat their internal users as customers. We want them to ask, 'What does success look like? What does successful business usage look like?' and that takes a cross-functional, multifaceted approach," Van Noort says.

SDN warning: Firms will be affected by skill shortage and increasing complexity
The chase to plug this skills gap is causing conflicts between departments, the NetEvents conference where Oakley was speaking heard yesterday. He said: “There are challenges in terms of skills - what we are seeing is a diversification in skills required for people to be able to both understand complexity of data plane environment but also understand the control plane and the higher orders.” But Citrix’s group vice president and general manager, John Bukowsky, said this will be solved by increasingly easier-to-use cloud services.

Apple to release fix for Bash bug
"With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced Unix services,” Apple said, adding that it is working on a software update. However, Apple has not indicated which “advanced Unix services” could make Mac OS X users vulnerable to attack. The biggest threat is to the enterprise because many web servers are run using the Apache system, software which includes the Bash component. But, while most of the main Linux distributions have rushed to release updates, security experts have raised concerns about Unix-based embedded systems in internet of things (IoT) devices.

Quote for the day:

"Great things are done by a series of small things brought together." -- Vincent van Gogh

September 25, 2014

In Evolving Healthcare Business Model, Tech Plays Vital Role
This scenario mirrors what happened in the banking industry in the 1990s, when independent banks sold out to "super-regional" firms in large part to be able to afford the move to a common IT platform. Many of the health system transactions Hagood has seen in the last two years have included specific IT commitments – namely, migrating to a common system (typically Meditech, Cerner or Epic) and subsequently taking advantage of group licensing.

Digital Business Technologies Dominate Gartner 2014 Emerging Technologies Hype Cycle
As you leave for work in the morning, your house automatically turns down the heat and places an order for milk (connected home) and your virtual personal assistant (VPA) alerts you that Cindy will be late to your 9 a.m. meeting and besides, the forecast you prepared has already changed (big data). You allow your car to navigate the traffic to your office (smart machines and Internet of Things [IoT]) while you manage the latest crisis. In this scenario, much of the possibility stems from the growth of digital business and continued adoption of the related technologies as they move through the Gartner 2014 Emerging Technologies Hype Cycle.

Everything you need to know about the Shellshock Bash bug
The risk centres around the ability to arbitrarily define environment variables within a Bash shell which specify a function definition. The trouble begins when Bash continues to process shell commands after the function definition resulting in what we’d classify as a “code injection attack”. Let’s look at Robert’s example again and we’ll just take this line: http-header = Cookie:() { :; }; ping -c 3 The function definition is () { :; }; and the shell command is the ping statement and subsequent parameters. When this is processed within the context of a Bash shell, the arbitrary command is executed.

Understanding Partitioned Indexes in Oracle 11g
By breaking an index into multiple physical pieces, you are accessing much smaller pieces (faster), and you may separate the pieces onto different disk drives (reducing I/O contention). Both b-tree and bitmap indexes can be partitioned. Hash indexes cannot be partitioned. Partitioning can work several different ways. The tables can be partitioned and the indexes are not partitioned; the table is not partitioned but the index is; or both the table and index are partitioned. Either way, the cost-based optimizer must be used. Partitioning adds many possibilities to help improve performance and increase maintainability.

Backing Up SaaS: The Challenge
However, replication or backup doesn't protect against hack attacks, which suggest that data should be moved off to a cloud-based archiving service such as AWS Glacier. Even there, the risk of a really smart hacker going after the final tape copy exists. It will take a bit longer, but we've seen recent situations, such as Target's debacle, where the hackers had weeks of access. Someone needs to write-prevent that tape, either by offlining it or by clicking the write-protect button.

Rackspace Re-architects its OpenStack Private Clouds
With the new release Rackspace also decided to get away from Open vSwitch, the open source software defined network platform used as a plug-in for Neutron (the network element of OpenStack), conceding it was not quite ready for production and high-volume workloads. The team switched to traditional hardware load balancers and firewalls, still leveraging Neutron SDN capabilities within customer clouds. These and other changes have enabled Rackspace to offer “four nines” API Service Level Agreements for each of the core OpenStack services.

Don’t Overlook the Operationalization of Big Data, Pivotal Says
“We’re at the cusp of a tectonic shift in how organizations manage data,” Mongo vice president of business development Matt Asay said at the time. “It’s such a big opportunity it’s frankly far too big for any one company.” The folks at Pivotal might not totally agree with that assessment. While Cloudera and Mongo are working on connectors and joint solutions, the EMC spinoff–which owns its own in-memory, NoSQL database called GemFire–is looking to provide an all-in-one, soup-to-nuts big data solution.

Data Science That Makes a Difference
In a world filled with dangerous individuals who fund terrorist activities and imperil lives, data has helped the world's banks learn more about their customers and share watch lists to flag signs of trouble. This is a tremendous initiative to help fight money-laundering all around the world. As a result of data analytics and technology, financial institutions can be more confident that they are doing business with people and businesses they know, and they can vet customers regardless of where they are. Such collaborations across geographies are helping solve major problems in global business.

Android smartwatches to retail at average of $US30 by 2015: Gartner
The worldwide smartwatch market is poised for lift off and could gobble up 40 per cent of the consumer wristwatch market by 2016. That according to Gartner anlaysts, who have also predicted Android-based smartwatches could retail at an average price of $30 by 2015 as OEMs capture the consumer mass market in China and internationally. Gartner analysts say that nine out of the top 10 smartphone vendors have entered the wearables market to date or are about to ship a first product, while a year ago only two vendors were in that space.

The Pursuit of Excellence is a Choice
Many organizations struggle with a number of very common issues. They lack cogent direction. Strategies are incomplete or missing in action or in some state of flux. Employees are unengaged and unaware of how their efforts and functional or vocational goals plug into the bigger picture. Priorities are fuzzy and ever-shifting. Customers aren’t particularly loyal or happy. There’s cross-border conflict between functions where there should be cooperation and collaboration. Metrics are fuzzy and mostly rear-view mirror looking. And finally, there’s an incredible amount of waste and inefficiency due to poor and undocumented processes.

Quote for the day:

"At the heart of great leadership is a curious mind, heart, and spirit." -- Chip Conley

September 24, 2014

How Agile Can Yield Effective IT Business Alignment
In her talk Klasien showed how can you apply lean thinking to decide which architecture documentation is needed and when it is needed, discussed why Agile practices are often only used by the IT Teams in many projects, and provided suggestions on how to increase the involvement of stakeholders from business, demand and supply in agile projects. Klasien presented her experiences from working in different architectural roles with the council for the Judiciary and with the Dutch tax authority, both governmental organizations.

IT Dress Code: 10 Cardinal Sins
Just as we might sometimes try a little too hard for our own fashion good, there are those among us who grossly misinterpret the meaning of the word "casual." It's a lasting artifact of the first dot-com boom, the offices where soccer sandals and flip-flops are de riguer. Maybe we don't need to dud up in suits every day, but a decent pair of shoes might still behoove everyone. Then there are variables of common sense -- and common decency -- to consider. No, we don't want to talk about the sprawling ERP upgrade with you while you're sporting super-snug bike shorts and an equally form-fitting tour jersey. That's just awkward, your upcoming triathlon notwithstanding.

Predictive Analytics in Health Care: Helping to Navigate Uncertainties and Change
Changes to payment models will likely cascade across the industry and affect all participants, from private insurers and government which will develop new models, to providers and patients who will change their behavior accordingly. Each of these steps can affect the eventual decision to prescribe or use a specific health care product or service, as well as how much this product will cost and how it will be paid for. And it is clear that ACA will result in additional future price pressures, the impact of which will vary greatly by product, therapeutic area, service and state.

How a CIO Shift to Strategic Management can Eliminate IT Hero and Firefighter Mentality
It may sound odd, but sometimes laziness has its place in the business. Some of the best IT folks I know work very hard, but they don’t realize they’re working hard because the work they’re doing is helping them avoid work they don’t like doing. Every IT organization needs a few leaders and contributors who can look at the job at hand and say, “How can I fix this so I never have to do it again?” If you celebrate the contributions of firefighter martyrs, you are to some extent, rewarding bad behavior. There may be a wide range of reasons for the fires in the first place, but you certainly don’t want to make it worse by establishing the wrong success motivators.

5 Ways Data Warehousing Is Changing
In today’s world, it’s important to deal with data in its raw format, including semi-structured, first-class formats such as JSON and XML. Data warehouses must be able to not only bulk-load large data sets as is, but also scale linearly in a cost-effective manner as volumes and formats grow, without upfront planning. This ability preserves the richness of the data while also circumventing the need (and cost) of writing custom code in order to build, collect, model and integrate data from various streaming and semi-structured sources before analysis.

Secure Computing as Threats Evolve (Infographic)
Data breaches have dominated the headlines for months, but the overall cyber security landscape is far from bleak. Researchers have made significant inroads battling spam bots, closing up mobile vulnerabilities, and keeping users away from malicious web domains. This infographic highlights some of the positive developments in the war against malware and illustrates Symantec’s unique position in the security intelligence market. You’ll discover: Which threat vectors are shrinking vs. growing; How spear phishing attacks have evolved; and How Symantec’s security intelligence helps block more attacks, more quickly

The Dangers of Dark Data and How to Minimize Your Exposure
Most discussions of dark data tend to focus on its potential value and utility to an organization. Indeed, for those outfits willing to expend resources (money, tools and time) to develop and exploit the information and value locked up inside dark data, such potential is undoubtedly attractive. This also explains why many organizations are reluctant to part with dark data,  ... or perhaps more chillingly, the dark data about them, their customers and their operations that's stored in the cloud, outside their immediate control and management – can pose risks to their continued business health and well-being.

Puppet Server's Big Revamp
Puppet is a project that has built a widely used configuration management system, one designed to let an IT administrator or "puppetmaster" to pull the strings inside the data center and create servers for whatever infrastructure was needed. In the commercially supported version, Puppet Enterprise from Puppet Labs, the core piece of the system, Puppet Server, has been rewritten to allow add-on applications. ... With Node Manager, servers can be quickly grouped together "based on its job rather than its cute, assigned name" or other manually-inspired designation.

How to choose the right Linux distro
Unlike most other desktop and server operating systems, Linux comes in a wide variety of flavors, each based on a common core of the Linux kernel and various GNU user space utilities. If you're running Linux servers -- or Linux desktops, for that matter -- you should understand the important differences and be discerning about which flavor of Linux is best suited to any given situation. This article will help you do just that. Because Linux is open source software, the number of discrete Linux distributions is hard to know for sure.

Technical Architecture in Banking and Gaming
By contrast, when gamers have formed a major emotional attachment to a particular game they can be much more tolerant of outages. For popular games which deploy regular, largeish patches (often a few hundred MB in size) potentially slow download times seem to be mostly accepted by users - and no mass exodus to another game occurs. Even the occasional crash of a server seems to be regarded as a fact of life. As long as it doesn't happen too often gamers seem to regard crashes and even the loss of a small amount of game state and experience as acceptable.

Quote for the day:

"The growth and development of people is the highest calling of leadership." -- Harvey S. Firestone

September 23, 2014

Securing virtual machines still a dark art, says Kaspersky Lab
Virtualisation is becoming a core part of mission-critical IT infrastructure, yet securing a virtual network is still a dark art, says David Emm, senior security researcher at Kaspersky Lab. “All too often businesses apply security measures developed for physical machines, which can leave the business exposed to a whole raft of risks,” he said. Despite the reliance on the virtualised environment moving the issue of securing it up the business agenda, Emm said five common myths, or misconceptions, continue to put organisations at risk.

5 things to prepare the CIO for disruption
Consumption expectations for customers and users changed as well. Consumers became more technologically savvy and demanded more. Overnight, consumers become familiar, and more comfortable with solutions quicker than IT organizations could adopt them. The technology available to consumers rapidly became more sophisticated. The combination of these two drove a change in consumer behaviors. Consumers, and customers became more demanding of technology…and by extension, corporate IT. So, how does the CIO respond to these changes in a timely and meaningful manner? Start at the top and work down.

The Open Group panel: Internet of things poses massive opportunities and obstacles
This so-called Internet of Things means more data, more cloud connectivity and management, and an additional tier of “things” that are going to be part of the mobile edge — and extending that mobile edge ever deeper into even our own bodies. Yet the Internet of Things is more than the “things” – it means a higher order of software platforms. For example, if we are going to operate data centers with new dexterity thanks to software-defined networking (SDN) and storage (SDS) — indeed the entire data center being software-defined (SDDC) — then why not a software-defined automobile, or factory floor, or hospital operating room — or even a software-defined city block or neighborhood?

Singapore reiterates call for industry collaboration in security
"Cybersecurity incidents highlight the importance of a robust cybersecurity framework to prevent any cyberattack, or its possible spillover impact on the physical world. This is especially critical for Singapore as we depend on IT in many aspects of our lives [and] are susceptible to cyber threats due to our high internet connectivity across the country," he said. The minister added that Singapore is targeting to become the world's first smart nation, providing citizens easier access to public services and data on their smart devices. However, this ability to retrieve data remotely also increases vulnerability to cyberattacks, so efforts have to go toward ensuring the country's cyber infrastructure remains secure and resilient.

Parameterization Part 5: Two Common Mistakes
In this post I would like to focus on two common mistakes that developers do, which make parameter sniffing a really bad thing, even when it would be a great thing otherwise. The reason I’m focusing on these two mistakes is because I see them so often, and they usually have such a dramatic impact on performance. There is a good chance that if you check the code in your system, you’ll find a few occurrences of these mistakes, and you might suffer from performance problems due to these mistakes without even knowing about it. OK, I hope I made you curious enough, so let’s get to business. In order to demonstrate the two mistakes, I’m going to use the following use case

Importing Excel Data into SQL Server Via SSIS: Questions You Were Too Shy to Ask
Retrieving data from Excel, and importing it into SQL Server hasn't the same appeal or glamour as, for example, performing heroics with ill-performing queries. This could be why one hesitates before asking questions about how to do it. Rob Sheldon calms your private doubts and fears by answering those embarrassing questions.

We just might put a dent in data breaches
Payment data can be compromised at retailers both big and small, but the nature of the compromise is very different depending on the merchant’s size. With small-scale retailers, the threat is that someone, probably an insider, will simply snatch the relevant data (credit card numbers, for example). That affects one customer at a time. The high-profile compromises, of course, hit large-scale retailers like Home Depot and Target, where cyberthieves are able to access millions of accounts all at once. These attacks have succeeded by compromising firmware on payment terminals directly, thereby snagging account data during the payment process.

Ebay under fire for inaction over phishing attacks
Security professionals found that attackers were using cross-site scripting (XSS) to embed malicious JavaScript code in eBay’s product listing pages in a link that appeared to be from a trustworthy source. When someone clicks on the link, the embedded programming is submitted as part of the client's web request and can execute on the user's computer, typically allowing the attacker to steal information. In the case of the compromised iPhone listing, the XSS code redirected users through a series of other websites, so they ended up at a legitimate-looking page asking for their eBay login and password.

Q&A on Kanban in Action
Kanban is a scheduling system used in lean production. It was developed at Toyota as a way to improve production by challenging people to continuously improve the Just-in-Time flow of goods and services while avoiding overburdening of the system and the workers. This was achieved mainly through limiting WIP, visualization and managing flow. Very much like kanban in software development. Kanban is only a part of Lean but it embodies some of the most important principles of Lean just like Scrum is only a part of Agile.

This is How Banks Need to Manage People Risk
Before you know it those issues can become major concerns and the cause of a perhaps untimely departure. A firm culture that pushes against this natural tendency is very important but also difficult to create. Yet taking time to understand what your employees can offer — especially where natural contact is limited - and any issues they have that may be bubbling up could pay dividends down the road. For employees also, making sure they have their manager's attention by sharing accomplishments and ideas proactively – new trading products, or new trading risk controls — will also make sure they are on the radar at promotion time.

Quote for the day:

“You have enemies? Good. That means you've stood up for something, sometime in your life.” -- Winston Churchill

September 22, 2014

What you need to know about the robots that feed humanity
The Department of Agricultural and Biological engineering at the University of Illinois,divides agricultural robots into three generations. The first gen is comprised of basic ones that can collect data, while the second gen bots are capable of harvesting, seeding, spraying and cultivation. Finally, the third and most advanced generation are comprised of autonomous robots capable of caring for plants without (or with minimal) human intervention. As you can see below, American farms already use machines from across three generations, though most of the ones that fall under the third are still in development.

Identity Crisis: Should Employees Create Their Own Job Titles?
"We think the main reason is that it gives people a chance to rethink their work and what is important about it, and what they add to the work that is unique and important," said Dan Cable, professor of organizational behavior at London Business School and co-author of the report. "Then by developing their own job title, they get to inject a little bit of themselves into the title, and make it more accurate and descriptive." Cable also noted that self-reflective job titles tend to reduce formality and hierarchy in a business, which makes people feel better and less threatened at work. It can also serve as an icebreaker in meetings with external stakeholders, Cable said.

Radar Gun Targets Texting & Driving
The gun distinguishes the unique signal from sending and receiving texts from other background signals. This would allow police to meet their ticket quota... er... keep the roads safe with a simple device. Presumably, it could even be combined with a traditional radar gun to put the bite on you twice... er... save you from your own poor choices. Next, the company will develop a gun that checks to make sure you are wearing your seat belt -- or that you're not getting too much of a groove on to your favorite jam, daydreaming about winning the lottery and quitting your job, or looking for the french fry you dropped behind the seat.

CIOs Must Actively Engage in Opportunities to Influence IT Decisions in Business Budgets
"In the past, the use of IT to support the business came almost as an afterthought, long after the business strategy and strategic initiatives for the coming period had been designed and sanctioned by top management," said Cassio Dreyfuss, research vice president at Gartner. "Over time, IT has graduated from being a support tool to being a business enabling and a business creation tool. Under that much broader and inclusive perspective, it makes more sense to talk about IT-related expenditures in each and every business initiative and respective budget. In this way, the CIO is challenged to adopt a higher profile and actively engage in opportunities to influence IT decisions in business budgets."

Hands on with Microsoft's Internet of Things platform
The Windows IoT tools add support for Arduino-style Wiring apps to its Visual C++ compiler, along with tools for monitoring Galileo devices connected to a network. While I could have just connected my Galileo to my existing wired network, it was easier to just set up a simple peer-to-peer connection over the provided USB adapter and cable. That way the device could sit next to my keyboard, and I could monitor its status LEDs while I worked. Booting a Windows Galileo is easy. Plug in the Windows microSD card, turn on the power, and wait for the onboard LEDs to stop blinking. Once its booted, you can log in using a telnet client, which drops you in at the familiar Windows command prompt.

What microservices architecture really means
SOA initiatives tended to be a top-down, driven by managers frustrated with multiple, siloed dev teams reinventing the same functionality. From what I can tell, microservices architecture appears to be more of a grassroots developer trend. Developers don't like duplication of effort, either, especially when they're under greater pressure than ever to build more and better apps -- many of them Web and mobile apps with different presentation layers but similar services behind the scenes. You've probably heard that SOA failed. That's not entirely fair, since it succeeded in some cases -- famously, at Amazon -- but as a trend it pretty much tanked in 2008 or 2009. Why might microservices fare better? Here are a few reasons:

Brocade unveils OpenDaylight SDN controller
Brocade says the tested and commercially supported Vyatta Controller supports a range of underlying physical and virtual network infrastructure, such as multivendor switches, routers, firewalls, VPNs and load balancers. Brocade says it will be continuously updated with OpenDaylight code, which means it will attain the group policy model and Cisco-developed OpFlex policy protocol in the “Lithium” release of OpenDaylight expected next year. Juniper is also offering an open source controller with OpenContrail, but it is not based on OpenDaylight even though Juniper is contributing to the consortium.

GS Collections by Example – Part 1
Why would you use GS Collections now that Java 8 is out and includes the Streams API? While the Streams API is a big improvement to the Java Collections Framework, it doesn’t have all the features you might want. As shown in the matrix above, GS Collections has multimaps, bags, immutable containers, and primitive containers. GS Collections has optimized replacements for HashSet and HashMap, and its Bags and Multimaps build on those optimized types. The GS Collections iteration patterns are on the collections interfaces so there’s no need to “enter” the API with a call to stream() and “exit” the API with a call to collect(). This results in much more succinct code in many cases.

How the Data Explosion Changes the Way We Do Business
Companies seem to be doing a variety of things. One angle is to kind of turn a blind eye, pretend it’s not happening, but the other more thought provoking and beneficial angle seems to be to embrace this new wealth of data and find new and creative ways to do that. For those companies then it becomes the question of build or buy or amend. One of the trends I’m seeing is in the core applications that run businesses, like ERP systems. It’s very difficult to change those in any significant way without lots of upheaval. I see a lot more activity around the ERPs, taking bits and pieces of data from them as needed but building solutions that don’t circumvent the ERP but run adjacent to it. Is that a fair assessment?

Dell bets on its end-to-end datacentre infrastructure strategy
“Virtualisation is running across the entire datacentre – so all layers of storage, network and servers are becoming virtualised. All elements in the datacentre are becoming applications running in virtual machines,” Dell said in his keynote address. “Everything is going to the cloud. We’re seeing this idea of the integrated appliance taking hold,” he added. Dell emphasised how its datacentre products such as VRTX and PowerEdge, as well as its datacentre management strategies and the company’s acquisitions – including Quest Software – are helping businesses shape their IT plans.

Quote for the day:

"Leadership offers an opportunity to make a difference in someone's life, no matter what the project." -- Bill Owens

September 21, 2014

What to Expect With Windows 9
That's what we know for sure. Everything else is conjecture, but it's backed by a string of revelations based on build 9834 of the Windows Technical Preview, which appears to have fallen into the hands of the folks at the German-language site WinFuture is dribbling out screenshots and videos, turning a buck by pasting Netflix, Hornbach, and Peugeot ads on the front of their leaked videos. Somebody in Redmond must be fuming. Here's a recap of what's been revealed, starting with the features I described last week:

To Integrate or Not to Integrate – That is the Question.
If all the data exists in centralised data warehouse, then developing the integrated view is about modelling and pre-building the relationships. If the data is distributed, integrating is about modelling and pre-building the relationships. You read correctly, logically there is no difference for there is no silver bullet to integrated data, you must still do the analysis to uncover the relationships between the data entities and the expose the pathways. When data exists on multiple platforms, the key is to understand the business driver for integration; often this is to achieve a holistic view of customer, citizen, employee, service provider, program, etc.

Why Are Organizations Still Struggling with Their Data?
Best practices exist for organizations to follow to achieve a strong information management framework and tie data to business processes enabling decision makers the ability to take actions on the insights they’ve gleaned. A variety of solutions exist in the market place providing BI access to any type of user and that are geared towards a strong IT infrastructure or small business with little to no internal IT support. Additionally, organizations understand the value their data brings to the table.

Enterprise Architecture: A Practitioner View
This article highlights our framework of Enterprise Architecture and its roadmap for the development and management of various components. It depicts how these components work together, what are the various measures of business units, enterprise and their outcome. The framework includes putting in place the proper organizational structure and hybrid business/IT roles, consolidating and standardizing information and data stores, and integrating applications and infrastructure to support the right business processes across the enterprise. The key Components of Enterprise Architecture are depicted below.

A New Era for Enterprise Architecture?
“Stop trying to explain what enterprise architecture is. Don’t talk about it. Forget IT. What you need to do, is talk to people about the problems and challenges that keep them up at night. What programs or projects need to be fixed now. As the enterprise architect, it is your job to make the connection as to how to align the technology to the mission, not theirs,” said Burke. Wang agreed. “You have to put all the focus on the mission and the outcomes. Effectively, it doesn’t matter to anyone but you how you get results. You need to ask the stakeholders, ‘What do you need?’ That’s how you get enterprise architecture to matter at agencies, you have to reframe the conversation.”

Choosing API Security Options and Fostering API Ecosystems
Rather than rely on a static random string known by both the client, authorization server, and resource server, the MAC token profile does not directly pass the access token to the resource server. The profile relies on client-side code to sign the resource request with a shared session key, and the resource server checks the signature. The client uses the signature algorithm, access token and the MAC key to calculate the request token passed to the resource server. The OAuth authorization server will issue a MAC key along with the signature algorithm, session key, nonce and an access token. The access token can be used as an identifier for the MAC key.

Security Visibility in the Enterprise
Many security tools or services promise to provide protection, deliver insight, achieve compliance, and many other things. And many projects run using vendor “best practices” leave the customer feeling either unsatisfied or overwhelmed. This program took a large corporation from basic logging for compliance using an external managed monitoring service on a journey to bringing monitoring and analysis into the core of the organization. More than a “how to” on deploying a SIEM, this paper describes common pitfalls and at least one way to avoid them. While by no means the only way to improved security visibility, the results show that success is within reach.

Critical Security Controls: How to Apply the Lessons Learned
So, why don’t we take what others have learned from previous incidents and apply it to our own security practices? The good news is that we are heading in the right direction. A new SANS analyst survey recently reported that now 90 percent of participating organizations have implemented or are planning to implement the Critical Security Controls (CSCs), including a greater increase in adoption from entities in the financial and government sectors. With the survey respondents ranging across all industries, job roles and workforce size, the results show greater overall security awareness and support of the benefits brought by implementing the CSCs.

Data, Data Everywhere, With Governance Around the Corner
Data quality issues are common in the industry, but they are less common among carriers with formal data governance initiatives in place. The top challenge carriers face when it comes to data is collecting and analyzing data quickly enough. A fragmented data environment follows, with poor data quality the third top issue. These problems build on each other; a fragmented data environment makes it difficult to collect the data quickly, and poor data quality makes it difficult to analyze and use the data to make better decisions.

Factoring Security Into Data Governance
The European Union's Cybersecurity Strategy and the European Commission's Directive on Network and Information Security, now in place, was a long-shot for passage a year ago, Crisp notes. There is a social element to data, namely the possibility that hackers can use social engineering to gather information on data users and deceive them through social familiarity to gain access, Crisp says. Along with the EU directive, regulators in European nations want firms to demonstrate what systems and organization they have in place, for data protection.

Quote for the day:

"A healthy attitude is contagious but don't wait to catch it from others. Be a carrier." -- Tom Stoppard

September 20, 2014

The Perfect Storm: Service Aggregation, Automation and Management
Generic IaaS portfolio’s with little creativity. Limited to no service automation capability, a huge skills shortage in the areas of service creation, demand creation and workload integration / technical planning and a gross under estimation of how quickly the demand side of this market would develop because reality is, most of these organisations likely to use Cloud (Read : Demand) are still trying to work out how to virtualise and deal with the costs and complexity of consolidating legacy and physical systems in an intelligent and coordinated way.

Design your own KPIs, like this bar manager did with limes
Some vendors of CRM applications might be dismayed to hear such advice, entertaining as the story is. For an emerging trend among some of these companies is to coax users of their product into sharing metrics -- from sales to compensation -- with the other users of the product to establish very specific benchmarks for these indicators. One example is Xactly's recently rollout of Xactly Insights. Xactly offers an application that supports sales compensation and Insights is an add-on that compiles the compensation data of the customers that the flagship applications is managing -- and then releases it in anonymized form to the users. Users have to opt in and most have, according to Xactly.

The Growth of Data Science
Data Science is a discipline that has been evolving rapidly over the last couple of years as a large number of companies have embarked on Big Data projects that seek to put the vast stores of data that they are collecting to good use.  Software such as the hugely popular Splunk has made it easy for non-specialist staff to carry out rudimentary Big Data analysis - a recent CompTIA study found that staff in both sales and research departments have seen a rapid rise in involvement in Big Data projects. But to get the full benefit from all this data companies are increasingly recruiting from the small pool of highly skilled specialist Data Scientists.

Detroit's IT Systems “Beyond Fundamentally Broken”
Detroit’s financial IT systems are so bad that the city really hasn’t known what it is owed or in turn, what it owes, for years. A Bloomberg News story last year, for example, told the story of a $1 million check from a local school district that wasn’t deposited by Detroit for over a month. During that time, the check sat in a city hall desk drawer. That isn’t surprising, the Bloombergstory noted, as the city has a hard time keeping track of funds electronically wired to it. The financial systems are so poor that city income-tax receipts need to be processed by hand; in fact, some 70 percent of all of the city’s financial accounting entries are still done manually.

Adopting a Multi-Pronged Approach to Cyber Risk
Traditional security controls are no longer sufficient to address the risk, according to the executives. Thomas says insurance companies need to consider their threat landscape and take a right-sized approach. In addition, various stakeholders need to work together to share intelligence about who is trying to attack, especially among public and private sectors. Companies also need to get their boards involved. “There’s a growing sentiment among investors that cyber risk requires persistent involvement and oversight,” he says. Insurance companies, and the industry at large, also need to focus on talent, so there’s the expertise and “muscle memory” on hand to know how to detect and respond to threats.

Service Locator Pattern
The basic idea of pattern is to decouple service Consumers from their Providers. It allows a Consumer to easily change its service Provider. .... The Service Locator pattern is used for applying Dependency Inversion Principle (DIP) in your application. The DIPstates "A High level module in an application must not be directly dependent on Low level module, but must rely on abstraction". This allows modules to change their implementation without effecting each other providing loose coupling and easy extension.

How Do I Become a Data Scientist?
Capital One hired me for my logical thinking and not for the knowledge of the tools, I would need to use. In the following years, by working with several employers, freelancing and doing a few pet projects – I learnt several tools and techniques – SAS, SPSS, R and Python included! Having said that, if I was starting my career today, would I choose the same path? The answer is NO. I would take up a very different path, than what I did. This path would not only cut out the period of confusions I had, but also uses some of the dramatic shifts which have happened in analytics industry in past few years.

Human-Computer Interaction: Present and Future Trends
New forms of HCI will significantly change our lives. New interaction paradigms offer the chance to improve quality of life for people who can't take advantage of current interfaces — due to physical disabilities, for example. On the other hand, new issues will arise — particularly related to privacy, security, and ethics — thus potentially slowing the diffusion of new hardware and software products based on wearable (and "invisible") devices. Although some researchers have already investigated relationships between interface design and legal and privacy issues, national legislations are heterogeneous and not yet ready to cope with present and future advances in HCI.

Applying the 4Cs Map to Enhancing Team Performance
Learners retention is key so that not only they can learn from the mistakes but not repeat the same mistakes. Henrik Kniberg, an Agile and Lean coach says it best in one of his articles when he said, “The only real failure is the failure to learn from failure”. So, how can we accelerate learning and ensure that we retain what we learned? This leads us to the 4Cs Map which is a brain-based instructional design model that also apply to enhancing team performance. The 4Cs stand for Connections, Concept, Concrete Practice and Conclusion.

5 Case Studies in Mobile Payments
The embedded mobile payments feature in the iPhone 6 is breathing new life into a controversial product category that has numerous billion dollar corpses floating in its innovation ocean. Regardless of the well-publicized mobile payment failures in recent years, it is inevitable that a few successful players will emerge. The skyrocketing growth of mobile, online and social technologies have transformed global trade. Current and future generations of consumers will continue to expect new services that support multi channel commerce with non-intrusive (yet targeted) advertising and big data analytics, with ever-easier ways to make payments.

Quote for the day:

"Try to learn something about everything and everything about something" -- Thomas Huxley

September 19, 2014

Wearable tech pioneer and Google Glass mastermind
Starner said he hasn't experienced any negativity while using Glass in public. He said the media has overstated the complaints against Glass wearers in public. While wearing Glass at the UbiComp and ISWC conference in Seattle this week, he deftly tapped the side of Glass and turned it on and off. "You can see when this is on," he said, pointing to the small light that appears when Glass is in use. "You can look closely and see what I'm doing. The gestures are socially appropriate." Priest-Dorman said, "People aren't threatened by eyewear. Both that the device becomes more accepted and more commonplace and doesn't stand out as much."

PaaSLane 2.5 optimizes Java and .NET apps for the cloud
This release of PaaSLane adds support for Google's AppEngine and Compute Engine. It also makes it possible for a customer's code to be analyzed locally rather than requiring the code to be uploaded to the cloud. The company calls this "local profiling." Profiling .NET applications has also been improved. ... CTP's move to offer local scanning and optimization will help companies that were uncomfortable loading their source code into a cloud environment. This one change could result in more of them consider integration with or migration to cloud computing environments.

Pragmatic Functional Refactoring with Java 8
You may be hearing a lot of buzz around functional programming. For example, Java 8 recently introduced new features (lambda expressions and method references) and APIs (Streams, Optional and CompletableFutures) inspired from functional ideas such as first-class functions, composition and immutability. However, what does this mean for my existing codebase? In this talk we show how you can refactor your traditional object-oriented Java to using FP features and APIs from Java 8 in a beneficial manner.

Why you should tap into the power of Ruby from the comfort of the JVM
The most important piece of JRuby for Java developers is one known as JRuby Embed. RedBridge is an small part of JRuby used to embed Ruby code atop a Java program. You can use it using a bare metal API, which means that you use internal classes provided by RedBridge to execute Ruby code inside Java; alternatively, you can you can use the JSR 223 spec as well. The disadvantage of the latest approach is that it raises the level of abstraction and probably you will end up by mixing both approaches, so for these examples we are going to use the JRuby Embed API directly.

Beyond Big Data: Consider the Impact of Emerging Technologies on Data Management
In today’s data management processes, data experts devise ways to measure the relevancy and currency of information stored in the companies’ databases. Methods are developed to score information based on recent usage. “Best record” methods are developed to identify duplicates and determine the surviving records. All these methods take time to develop and implement. Also consider that today most employees find it very difficult to report on the quality or usefulness of the data in a database. Employees need to find who in the company is responsible for the quality of the information or the appropriate data owners.

Developers Failing at Mobile App Privacy, Security
"Apps are becoming central to our lives, so it is important we understand how they work and what they are doing with our information," said Simon Rice of the United Kingdom's Information Commissioners Office (ICO), which issued a news release about the study. "Today's results show that many app developers are still failing to provide this information in a way that is clear and understandable to the average consumer. "The ICO and the other GPEN members will be writing out to those developers where there is clear room for improvement," Rice continued. "We will also be publishing guidance to explain the steps people can take to help protect their information when using mobile apps."

Big Success with Big Data
Organizations that start and complete big data projects see practical results and significant value, according to a recent study by Accenture Analytics. Those standing on the sidelines may be left behind. Executives report big data delivering business outcomes for a wide spectrum of strategic corporate goals — from new revenue generation and new market development to enhancing the customer experience and improving enterprise-wide performance. Organizations regard big data as extremely important and central to their digital strategy.

10 free analytics tools to help you manage social media
Everyone is after data. If you're running social media for a brand or company, it's best you're armed with information on the social accounts you manage -- not only so you can show how social efforts are lining up with business goals, but also for the sake of a deeper understanding of what works and what doesn't. There's no shortage of tools that will tell you various parts of the story, from who is mentioning you and where, to what hashtags mean and how to best to use them. The following 10 tools, however, are built for giving users analytics. Most of the them are free or have a free version to get you started.

Web Application Security Vulnerabilities
Vulnerability is any weakness or flaw in the application that exposes the application to the attacker who can use it to perform unauthorized actions such as retreiving confidential information. Many website security problems come from believing that users will perform only the actions that they are supposed to perform. A malicious user may try to perform the actions that he is not supposed to. Software vulnerability is one of the biggest challenges of the software industry. Particularly public web sites are more prone to vulnerability attacks since they are exposed to lot many users.

Why big data evangelists should be sent to re-education camps
"Too often, big data enables the practice of apophenia: Seeing patterns where none actually exist, simply because enormous quantities of data can offer connections that radiate in all directions. In one notable example, Leinweber (2007) demonstrated that data mining techniques could show a strong but spurious correlation between the changes in the S&P 500 stock index and butter production in Bangladesh," they wrote. In her paper The Surveillance-Innovation Complex: The Irony of the Participatory Turn, Julie Cohen noted that surveillance has become increasingly privatised, commercialised, and participatory. Surveillance is no longer something to fear and regulate.

Quote for the day:

"Vision is a picture of the future that produces passion." -- Bill Hybels