November 30, 2014

Three Questions with Slack’s CEO
Slack emerged from the wreckage of Glitch, an online game that Stewart Butterfield, a cofounder of Flickr, built with his company Tiny Speck but shut down last year. While working on Glitch, the four-person Tiny Speck team was divided between San Francisco, New York, and Vancouver, so they cobbled together a new communications tool by slowly adding features—like the ability to archive and search messages—to a simple IRC-like instant-messaging app. They used the tool so much, Butterfield says, that they stopped using e-mail to communicate. After shuttering Glitch, the company switched its focus to popularizing the new communication tool.

Parallelism is not concurrency
The first thing to understand is parallelism has nothing to do with concurrency. Concurrency is concerned with nondeterministic compositionof programs (or their components). Parallelism is concerned withasymptotic efficiency of programs with deterministic behavior. Concurrency is all about managing the unmanageable: events arrive for reasons beyond our control, and we must respond to them. A user clicks a mouse, the window manager must respond, even though the display is demanding attention. Such situations are inherently nondeterministic, but we also employ pro forma nondeterminism in a deterministic setting by pretending that components signal events in an arbitrary order, and that we must respond to them as they arise.

Richardson Maturity Model
Recently I've been reading drafts of Rest In Practice: a book that a couple of my colleagues have been working on. Their aim is to explain how to use Restful web services to handle many of the integration problems that enterprises face. At the heart of the book is the notion that the web is an existence proof of a massively scalable distributed system that works really well, and we can take ideas from that to build integrated systems more easily. To help explain the specific properties of a web-style system, the authors use a model of restful maturity that was developed by Leonard Richardson and explained at a QCon talk. The model is nice way to think about using these techniques, so I thought I'd take a stab of my own explanation of it.

We need to be pragmatic about the principle of net neutrality
As an organising principle, net neutrality explains why the internet has enabled such an explosion of creativity over the past 30 years. It meant that if you were smart enough to invent something that could be done with data packets, then the internet would do it for you with no questions asked. What that meant was that the barriers to entry for innovators were incredibly low – which is why Tim Berners-Lee was able to launch the web and a Harvard sophomore named Mark Zuckerberg could unleash Facebook on an unsuspecting world. Net neutrality created what the Stanford scholar Barbara van Schewick calls “an architecture for permissionless innovation”.

API Best Practices: Spec Driven Development
One of the main reasons for REST was to focus on long-term design, or as Dr. Roy Fielding pointed out, we as humans, as developers are very good at short term design, but horrendous at long-term design. What may seem like a good solution in the short-term, if not carefully thought out and tested long-term is likely to create big problems down the road. Think of it like this, how many times have you written code only to look back at it three months later and wonder “what was I thinking?!” Your API is a contract, and unfortunately the one thing you cannot fix is poor design. For that reason it’s important to avoid editing your spec during the development cycle.

Integration Architecture: How We Got Here
Developers generally try to build loosely-coupled software components in their applications, so the basic concept of SOA is intuitive to many developers. In the late 2000’s, however, the perception of SOA became tied to the ESB architecture, which many argue is not the best way to build SOA. Though I’ve given the basic definition of SOA above, it is trickier to define in practice [1]. ESBs and SOA received some backlash from the development community because enterprise-scale ESBs often seem to have too many unnecessary features or too strict a tie to a vendor’s product suite. Developers using ESBs also tend to use them as a place to hide complexity, instead of dealing with it more effectively.

Steve Jobs Lives on at the Patent Office
Altogether, a third of the 458 patented inventions and designs credited to Jobs have been approved since he died. Jobs’s patent documents are a record of Apple’s history from startup to one of the world’s largest companies. His first patent, won in 1983, is titled simply “Personal Computer.” One of the newest, filed after his death and approved in August, covers the design of the dramatic glass cube that’s the entrance to Apple’s store on Fifth Avenue, in Manhattan. Some Apple watchers have questioned if Apple can succeed without its iconic founder. Its current CEO, Tim Cook, is a pragmatic supply chain specialist who rose through the company making sure Chinese factories delivered iPhones on time. Cook’s name has never appeared on any patent.

Harnessing Situational Awareness
To help you get started on your project assignment, you are given “high level requirements.” They are disparate materials that state business problems vaguely, but urgencies clearly. If the problems are not solved, the company will lose market share, revenue, and be beaten by its competitors. You assess all the project information. Nothing is clear except the following: (1) a fixed budget, (2) a fixed timeline, and (3) a partial project team of three full-time people, two more to be recruited, and a few others who are here part time for your project. In addition, you have some offshore developers that you can pull in. As you talk with various stakeholders and members of the project team, you begin to get a picture of the personalities you will be working with throughout the project lifecycle.

Distributed Configuration Management and Dark Launching Using Consul
The usage of Consul has also been driven by a need to improve an existing piece of our system – the Dark Launch mechanism. It’s one of the key ways Hootsuite is able to be nimble and keep our deployment rate up, without sacrificing quality. Dark Launching, or “feature flagging”, allows us to have control over very granular pieces of the codebase through an interface we created. We can modify the execution of our code at runtime by setting conditions on the execution of a certain block, such as boolean true or false, random percentage, specific members, and more.

Mitigating Mobile Risk: It’s Time for Action
Unfortunately, many security professionals continue to apply, or attempt to apply, traditional computing solutions to this new mobile reality -- and it's just not working. One big reason is that traditional network computing security features like firewalls and anti-virus protection do nothing to address the risks posed by unsecured mobile applications, or so-called "leaky apps." This seemingly harmless collection of icons, the individual squares we tap and access every day, can act as a gateway for attackers seeking to find and exploit weaknesses.

Quote for the day:

"Before you are a leader, success is all about growing yourself. When you become a leader, success is all about growing others." -- Jack Welch

November 29, 2014

First Robot, Networked Tablets Head to West Africa to Fight Ebola
"I think that this system is critical to fighting the outbreak," Theobald told Computerworld."This is the first time they'll be using digital records at all in any of the ETUs. Everyone has been using paper. If they have had a tablet, all the information they're capturing is stuck on that tablet because they haven't been able to data share across tablets." Theobald, who worked with VGo, a Nashua, N.H.-based robotic telepresence company, is focused on having the electronic medical record system -- it includes the wireless network, the tablets and a VGo telepresence robot -- up and functioning by Tuesday, when a new Ebola clinic is set to open in Monrovia.

China’s Future City
If it succeeds, Tianjin Eco-City would become a model. The country has 171 cities with populations over one million, and its total urban population is projected to rise to about one billion by 2030. By that time, close to 70 percent of China’s population will be living in urban areas. China’s cities can be difficult places to live. Beijing’s smog has become internationally famous. Water is an issue too. According to China’s Ministry of Environmental Protection, 57 percent of the groundwater in 198 cities tested in 2012 was rated either “bad” or “extremely bad.”

Forrester 2015 predictions report explains how cloud will be “the motivator”
Forrester also predicts 2015 to be the year when back end systems will use REST to communicate with one another. REST is an architecture style for designing networked applications, and is increasingly being used to drive agile development, ahead of other protocols such as SOAP. “If you want your back-office applications to be part of this move forward, relying on traditional integration methods such as enterprise service buses, JDBC connections and SOAP is inadequate for modern applications,” the report notes. “You’ll have to evolve your integration architecture to REST in 2015.” Other trends, according to ZDNet, include the prevalence of Docker, an open source platform to ship and run apps from anywhere.

Business Innovation through Big Data
Have you any idea of the impact innovations such as the cloud, mobile, in-memory and Big Data have on you and your business? Innovation Evangelist Timo Elliott treats you to a whirlwind tour of a whole series of inviting uses for Big Data. Big Data is the ocean of information we swim in every day – vast zetabytes of data flowing from our computers, mobile devices, and machine sensors. With the right solutions, organizations can dive into all data and gain valuable insights that were previously unimaginable. Discover how Big Data technologies and analysis tools can transform your business today. Listen to the story of Timo Elliott!

The Agile Data Center
Thinking about agility within the data center opens up many new avenues for companies to explore. With agility in the forefront of data center planning combined with proper planning around security and operations, organizations can begin to think about utilizing their data center in new and innovative ways. With an agile mindset, the concept of the data center moves away from being a liability that continuously consumes resources to being an efficient and effective way to deliver services to internal and external clients. With all of this in mind, we can now take a stab at making a generalized answer to the question posed previously.

Accelerate Load Testing Cycles With SmartBear’s New LoadComplete
Load testing is often left to the last minute by many organizations since new revenue enhancing features almost always taking precedence over basic performance testing. By leaving performance testing to the end, companies erroneously believe that simple, quick and minor tweaks are all that are needed to meet application performance requirements. Teams are frequently left with a short amount of time before the deployment of an application, to identify, uncover and resolve serious performance issues. While these challenges affect all applications, they are especially poignant with mobile applications.

Tech set to revolutionise healthcare
Other tools, including smartwatches and wearable technology, could monitor a patient's voice and watch for notable changes in language patterns. Mr Grimm admits there challenges around data security and privacy, but says the potential for positive change is too strong to ignore. "Our approach to this should be, how do we collectively work through and resolve these issues so we can unlock the benefits?" he asks. "I note the concerns around data security, but I invite some positive dialogue and collaboration with people so we can resolve these problems." The mental health promoter believes the technology could help the country manage problems such as the high youth suicide rate.

How IT Will Change Healthcare Patient Engagement
Over the next decade, look to several sources of investment and several paths of research and development to take place to even more tightly couple software with care. In the years from 2020 to 2030, look for the vast array of innovation to be made globally operational as some of these significant investments start to affect the way in which most humans receive care. Creating electronic medical records and personal health records, taking in signals from wearables such as the watches that measure your sleep and activity, and embedding patient and administrative tools into the fabric of care so that patients will take more responsibility for their care is a beginning that is flourishing. But there is a darker side to all of this.

Machine Learning Will Make Its Mark On The Sciences
Things can get sticky when moving up the inference stack to discovery, though, because the data – the images taken by the telescopes – tends to be dirty and noisy, making it difficult to find new and real astrophysical objects. “We wanted to discover transients and variable stars in the sky without any people actually having to look at data,” Bloom said. Being able to use machines to do even such simple inferencing – to discover whether something in an image is real or bogus – can lead to great things, he said: It’s fast; it’s transparent as to why you got the answers you got; it’s deterministic so that you can go back and do the science on it without requiring humans to make potentially conflicting statements about the same data; and it’s versionable.

It's time for digital governance
Designing digital governance frameworks in an organization can be a challenge because working together collaboratively in large groups is hard. And more often than not, those who would lead a digital governance framework design effort (namely, your digital teams) are scrambling to keep up with the practical day-to-day work of maintaining websites and keeping on top of social channels. So, sometimes taking the time to work on a governance framework seems like it's beside the point. But it's not. As Vint Cerf and Tim Berners-Lee pointed out at Internet 2020, governing our online channels intentionally is important.

Quote for the day:

"Regardless of the changes in technology, the market for well-crafted messages will always have an audience." -- Steve Burnett

November 28, 2014

Microsoft study finds everybody wants DevOps but culture is a challenge
A new study sponsored by Microsoft finds that while everybody wants to adopt DevOps, the cultural barriers between developers and operations are way more of an obstacle to getting there than any shortcomings of technology. The study -- conducted by Saugatuck Research and given the lofty title of Why DevOps Matters: Practical Insights -- found that overcoming those barriers are both the primary challenge and biggest opportunity for helping customers get there. The survey polled "over 300 development and IT operations professionals and managers," and found that 71% of IT shops had pockets of automation, and 54% were testing DevOps practices on individual small projects.

Application Architecture Is Shifting towards Connected Apps
The time of large all-in-one applications focused on completeness is passing away, and we are witnessing a shift towards small apps focused on simplicity. The driving force for apps is the desire to provide the best user experience, so each app is created as simple as possible with a specific user in mind, leaving aside anything that is not absolutely necessary. Apps generally rely on highly scalable services to accomplish their tasks. Thomas also noted that many are turning towards microservices built on SOA principles and Domain-Driven Design patterns:

A Match Made Somewhere: Big Data and the Internet of Things
The close sibling of analytics, big data, also feeds off the Internet of Things. Admittedly, I think we’re much further along with big data than we are with the Internet of Things, especially since, as Forbescontributor Gil Press noted wryly earlier this year, the Internet of Things has surpassed big data on the Gartner hype curve. But once the Internet of Things gets rolling, stand back. We’re going to have data spewing at us from all directions – from appliances, from machinery, from train tracks, from shipping containers, from power stations.

Fastest LTE speed will be out of reach for most users
A lack of smartphones compatible with carrier aggregation hasn’t helped the technology’s progress. That has slowly started to change with the launch of products such as Samsung’s Galaxy Alpha and Note 4, and Huawei’s Ascend Mate 7, which use two channels to get to 300 Mbps. There have been some recent disappointments, though. The Moto X from Motorola doesn’t support carrier aggregation and Apple’s new iPhones use a version of carrier aggregation that tops out at 150 Mbps instead of 300 Mbps. They can combine two 10 MHz channels, instead of two times 20 MHz. The latter omission was especially surprising since Apple’s smartphones can handle more bands than any competing product.

Four Ways IT Headwinds Are Slowing Business Innovation
Pity the IT professionals. For years they've been bludgeoned for allegedly obstructing enterprise innovation. But in the increasingly mobile world, that "bludgeoning" is about to hit overdrive. According to a recent Forrester report ("Developers Are The St. Bernard For Mobile Projects"), there are four key ways that IT blocks mobile innovation. As power within the enterprise quickly gravitates to developers, IT needs to remedy these roadblocks if it wants to avoid a pink slip. The gist? IT needs to learn to become a heck of a lot more agile.

CRUD Operations Using the Repository Pattern in MVC
In this article we will implement a "One-per business model" approach to design a repository in which there is a repository class for each entity type. For the Book entity type we'll create a repository interface and a repository class. When we instantiate the repository in our controller, we'll use the interface so that the controller will accept a reference to any object that implements the repository interface. When the controller runs under a web server, it receives a repository that works with the Entity Framework. MVC controllers interact with repositories to load and persist an application business model. By taking advantage of dependency injection (DI), repositories can be injected into a controller's constructor.

Want a 100TB disk drive? You'll have to wait 'til 2025
The roadmap, released by the Advanced Storage Technology Consortium (ASTC), indicates technologies such as Bit Patterned Media Recording (BPMR) and Heat-Assisted Magnetic Recording (HAMR) will result in up to 10-terabit-per-square-inch (Tbpsi) areal densities by 2025, compared with today's .86 Tbpsi areal densities. "This implies that a 3.5-inch HDD built with that technology could have about 10X the capacity of the 10TB HDDs in 2025, or 100TB," industry analyst Tom Coughlin wrote in a recent blog post.

Implementing and Searching Deep Links with the URX API
Adding deep links to your app is platform specific. For Android apps, register the URL scheme in your manifest file. After you register your scheme, you need to map routes to in-app activities using intents. Intent filters can be added to your Android manifest file. Detailed information on how to add deep links to your Android app can be found in the Android Developer Portal. For iOS apps, register the URL scheme in your project settings or in your info.plist file. Then implement the openURL method in your AppDelegate. You can either manually parse the URL in this method, or you can use Turnpike, our open-source framework, to map the URL to defined routes.

On Programming Languages as Languages
We can look at programming languages in two possible ways. They can be a means for us to instruct the computer, and incidentally communicate with fellow programmers, or they can allow us to communicate with other programmers in specific terms that are ultimately executable. The first interpretation is technically more accurate. Or, more specifically, the worst kind of accurate. I like to think of programming languages as languages because, outside of trivial programs, above all else they enable programmers to communicate with one another when it comes to resolving a problem or completing a particular task, while incidentally producing code that is also understood by computers via “translators”

Two-thirds of UK staff bring wearables to work
Trend Micro CTO Raimund Genes said wearable technology is in its growth stages. “It’s a developing market," he said. "We are now talking about all the Fitbit devices and we’re talking about the Apple Watch, which have pretty basic sensors.” But the hardware is coming on in leaps and bounds and, as an example, Genes pointed to a wearable blood-pressure monitor available in Germany, which could be used for insurance and healthcare purposes.

Quote for the day:

"A leader is judged not by the length of his reign but by the decisions he makes." -- Klingon Proverb

November 27, 2014

Siemens patches critical SCADA flaws likely exploited in recent attacks
One of the vulnerabilities allows unauthenticated attackers to remotely execute arbitrary code on a Siemens SIMATIC WinCC SCADA server by sending specially crafted packets to it. The flaw received the maximum severity score of 10 in the Common Vulnerability Scoring System and can lead to a full system compromise.The other vulnerability can also be exploited by unauthenticated attackers by sending specially crafted packets, but to extract arbitrary files from the WinCC server. The flaw has a CVSS score of 7.8.

The Cloud in 2014 and Beyond
As we wrap up 2014, it’s time we took a look at some of the biggest cloud technologies that made an impact over the course of the year and thought about cloud predictions for 2015. I’m most likely not going to list all of the technologies that were big this year, so if you feel I missed something, feel free to add it in the comments section! That said, the concentration around the user and the information delivery model has allowed the modern data center and the cloud infrastructure in general to really evolve. We’re seeing new methods of optimization, cloud control and entirely new ways of controlling the user experience.

There’s an opportunity for tech in the EPA’s proposed smog rule
“It’s sparking new technology, which is increasingly important as we move forward,” McCarthy said about tightening the smog standard. “The good news is that California has become a birth place of innovative technology as a result and is providing a lot of opportunities across the U.S. to take advantage of their innovation.” California’s topography and large population, which leads to high electricity demand and puts lots of cars on the road, increases the production of smog and traps it, making it difficult to get rid of it. The state has put in stringent air quality standards over the past three decades to regulate emissions, but most residents still face smog levels that pose health risks, said the California Air Resources Board.

A Comparison of IT Governance and Control Frameworks in Cloud Computing
Providing the appropriate level and type of IT governance and controls in a cloud computing environment is a new challenge facing many CIOs and their organizations. While there are many commonalities among these frameworks, the authors identify the key components of each model as they relate specifically to the cloud computing environment. Governance in the cloud requires defining policies and implementing an organizational structure with well-defined roles for the responsibility of information technology management, business processes, and applications. Best practice IT governance considerations proffered by Weill and Ross, ITGI, and others are then included into our cloud framework.

A new way to map technology disruptions
For every innovation there are two challenges: It must be made, and it must be accepted. The first challenge is all about engineering and technology, the second one is all about mind and design. And both of them do not just consist of make-or-break leaps, but are continuous processes – on the way to the breakthrough, and beyond. Cisco and GDI Gottlieb Duttweiler Institute have found an innovative (sic!) way ( to show for some of the most promising technological disruptions to date, how far they have come in these processes; and how far they still have to go to reach the mind shift, and the technology shift needed to become part of our lives.

With Apple's Watch looming, is it time firms faced up to wearable security?
"Sooner or later, almost everybody will have these devices and if we haven't talked about these implications, if we haven't thought about it, it will be too late," Trend Micro CTO Raimund Genes told a London roundtable event this week. "We saw this with bring your own device, which for a few companies has been bring your own disaster. We saw it with the internet. The internet was never designed with safety in mind, and when I look at all the new battery-optimised communications protocols, nobody has designed in any security." Communications over battery-optimised communication technologies, such as Bluetooth Low Energy (BLE) and ZigBee, are not visible by monitoring IP network traffic.

Dealing with disruption in the digital business
The question that needs to be answered is, "What is fluidic about digital disruptions, and why does that change the ways that change happens?" The answer is that digital business is based on the manipulation of digital representations of virtual or physical assets, channels and capabilities. Because they are in digital form, they are easier, and often faster, to manipulate. The possibilities are limited only by the imagination. And these assets, channels and capabilities can be used in a wider variety of ways than their analog counterparts. As a result, change in the digital age is happening at such a high frequency, often in unexpected ways, that it seems like a stream of interconnected disruptions that are difficult to identify, let alone react to.

Building Relationships Between Agile Teams and Stakeholders
Our evolutionary wiring predisposes us to being social. Social connection is a fundamental need, as is food, water and shelter. When we are born, we must be connected to someone who can give us nourishment and shelter. And, we have evolved so that fundamental needs cause pain (such as, hunger and thirst) forcing us to seek relief. Social disconnection activates the brain’s pain circuitry and causes ”social pain” – which in our brains is the same as experiencing physical pain. The research also shows that we are able to keep track of our social interactions because we have a larger, more developed cortex than any other animals. Our brains have evolved to support social connection.

Intel roadmap update: Skylake on track for 2015, will debut alongside Broadwell-K
According to WCCFTech, Intel will also launch new desktop parts next year, with a Core i7 5000 unlocked CPU (Broadwell-K) and a second set of desktop SKUs dubbed the Core i7-6000 family, or Skylake-S. Broadwell-K is reportedly compatible with the Z97 family of chipsets that are already shipping, while Skylake-S will require a new motherboard. Broadwell is the 14nm refresh of Haswell, with a die shrink and a handful of minor improvements to the CPU, but not much more. Skylake, in contrast, is the full architecture refresh — so what are its (rumored) features?

Ensuring SDN and NFV Performance for a Future-Proof Network
Analysis is not reliable unless all network information is captured and collected by
network appliances. Network appliances receive data either from a Switched Port Analyzer (SPAN) port on a switch or router that replicates all traffic, or from passive taps that provide a copy of network traffic. They then need to precisely time stamp each Ethernet frame to allow accurate determination of events and latency measurements for quality of experience assurance. Network appliances also recognize the encapsulated protocols, as well as determine flows of traffic that are associated with the same senders and receivers.

API Security Testing – How to Hack an API and Get Away with It (Part 3 of 3)
Testing for insufficient SSL configurations is straightforward – make sure your tests accept only valid certificates. Taking an extra precaution for MITM attacks is also advisable – for example by adding signatures to a message, which makes it impossible (well, almost) for a eavesdropper to modify messages on the wire, even if they manage to insert themselves in the communication pipeline. Testing with signatures, that they are enforced, correctly validated, etc. – is equally possible.

Quote for the day:

“It always seems impossible until it's done.” -- Nelson Mandela

November 26, 2014

Google Glass Is Dead; Long Live Smart Glasses
Despite Google’s missteps, the technology isn’t going away. The idea that Glass represents—allowing you to ingest digital information at a glance—has appealed for decades to die-hards like Thad Starner, a Glass technical lead who has been making and wearing these kinds of gadgets since 1993. Researchers are going to keep plugging away until we get to a point where the technology blends into the glasses themselves, rather than sitting so obviously atop them. So imagine that in a few years someone comes out with smart glasses that are pretty much unnoticeable. They have a tiny display in the lenses; the electronics and battery are neatly concealed in the frame.

Don't forget charisma when hiring an IT leader
Charisma often gets a bad rap in technical circles. It's perceived as the sizzle without the steak, or the "empty suit" who shakes the hands and kisses the babies, but underneath it all has no idea what he or she is talking about. In IT we often evaluate our peers and managers by their technical acumen, and anyone who doesn't make the cut is dismissed as incapable. However, these "soft skills" can be critically important, although they're rarely bundled with deep technical competence, requiring IT leaders to evaluate where to deploy their charismatic leaders vs. their strongest technicians.

What’s the Value of IT Security Investments for Security Intelligence?
Given the maniacal focus of senior executives on stock values, an alternative approach to expressing the value of IT security might be to use an event study approach. Eugene Fama, an American economist and Nobel laureate in economics, established the event study methodology based on his efficient market theory. This theory assumes stock market prices always immediately reflect all available information. Simply stated, event studies reflect the stock market reaction to a public announcement.

An Unconventional Solution to a Big IT Problem
No matter how you slice it, the user community believes that we will somehow divine the perfect system for them. And as much as we wish this unrealistic expectation would go away—or that we could just go ahead and write the systems without our users’ involvement—we all know that’s not possible. (At least, not if we want to have a hope of actually delivering on their real needs.) So what’s an IT professional to do when faced with the ever-present burden of unavailable stakeholders? Here’s a real-life story that may cause you to not only think a little differently, but to act a little differently in the coming year.

7 Leadership Tips for Women Tech Executives
"Female executives face the challenge of presenting themselves accurately in their first 90 days on the job. They need to balance proving both their competence and skill set with showing their true work persona. Male executives are judged first and foremost on how they do a job, and perhaps secondarily on their office demeanor and appearance. Women are immediately judged on both, and therefore need to set goals around performance in both areas," says Danielle Tate, founder and CEO of, an online name change service.

The Gap Between Big Data and Big Insights: Turning data into engaging stories
It’s not that big data isn’t important. Believe me, it’s the foundation for the future of business. It’s just that every time I hear about big data, it’s either in the context of social media, The Internet of Things, data technology, Nate Silver, or a combination of all of the above. What I don’t hear enough is the human side of data, the questions asked, the insights that are drawn, and the ways that insights are then executed against at every level that matters (internally and externally). The problem with big data is we think that by saying “big,” we automatically convey importance and urgency up, down, and across our organization.

Hybrid cloud growth leaves enterprises scrambling for control
Cairns explained that the reason why there has been such a quick uptake in such a short period of time is because enterprises have realised the advantages a cloud environment can provide, such as the increased freedom to be agile and innovative. "It's almost the freedom to fail quietly. So you can go out and be innovative, and if it does work, you can expand madly on public and on private. It's just so much more accessible," she said. But because the uptake has been so rapid, Cairns said many enterprises are now wrangling with multiple cloud accounts, while learning how to balance shifting workloads from legacy and into the cloud.

Review: Lenovo Yoga Tablet 2 Pro
Using the pico projector is a mixed bag. It's more of a gimmick than a useful feature. It projects the image out of the left side of the cylinder, and tablet placement is critical to get a level projection on a wall or screen. The stand must be in a low angle position, and tilted just right to get a good projected image. There is a slider next to the lens for focusing the projected display, which can be as big as 50 inches. This slider is stiff to move, making fine adjustments very difficult. This turns using the projector into an exercise in frustration. A button on the left side of the tablet toggles the pico projector on and off.

Making the Case for an API Roadmap
Access is often a significant API adoption barrier, so provide a self-service, resource-rich environment. Use API management infrastructure (e.g. WSO2 API Manager, Apigee, 3Scale) to expose an “API store.” The API Store application will establish your own API marketplace and promote APIs. Application developers easily find, explore, subscribe, and evaluate APIs within a marketplace experience similar to the Apple AppStore or Google Marketplace. The venue lets developers register as a potential API consumer, obtain API access credentials, and match project requirements to API capabilities.

Target Wants Data Breach Bank Claims Dismissed
"Target's gross security deficiencies enabled the breach, and Target's inaction and omissions worsened the breach's effect on plaintiffs," the lenders said in a court filing. The banks are relying in part on a Minnesota law — the Plastic Card Security Act — to support their claim that Target had a duty to shield them. The retailer contends the lenders aren't covered by the measure. The law prohibits the company from retaining certain card data after a sale is completed. Target's lawyers say the data theft happened at the point of sale and that the statute doesn't apply. Bank attorneys counter the company has said it retained card data and that the retailer voluntarily disabled data system security functions that would have detected the breach.

Quote for the day:

“If your actions inspire others to dream more, learn more, do more and become more, you are a leader.” -- John Quincy Adams

November 25, 2014

'Less' is more to malware authors targeting Linux users
Less does not allow file editing, which is a job for file editors like the widely used vi, but has the benefit of displaying data on the fly without needing to load an entire file into memory. This is useful when dealing with large files. Less is frequently used to view text files, but on many Linux distributions, including Ubuntu and CentOS, it supports many more file types including archives, images and PDF. That's because, on these systems, less is extended through a script called lesspipe that relies on different third-party tools to process files with various extensions.

Web services vs. cloud services: Are they the same?
The short answer is, "no," they are not the same. However, they are increasingly dependent on each other if users want the full speed and ease of use effect that such services offer. Technically, organizations can have a Web service without a cloud service or vice versa, but one gets greater business efficiency when the services are combined. Web services are the tools that allow users to interact with software over the Internet.Cloud services are the servers that store the data, security and other infrastructure pieces needed to allow Web services to provide unique value as Web-accessible applications.

The Art Of Being Consistently Less Wrong
The key concept to focus on is not to be exact but to be LESS WRONG. The only way you can be less wrong is to learn. The only way to learn is to do. In my opinion letting go of the concept of correctness in agile and embracing the desire to be less wrong can help a team change what they normally consider to be a painful, drawn out meeting into a quick, focused and collaborative discussion. Get past the estimation and get back to delivering features. So, how do we learn to be consistently less wrong? Here are a few things to consider:

Thwarting Attackers with Threat Intelligence
Intelligence and understanding are crucial to any defensive strategy. Cybersecurity teams are trying to learn more about malicious actors, including why and how they are attacking. This is where the extended network provides unexpected value, delivering a depth of intelligence that cannot be attained anywhere else in the computing environment. Much like in counterterrorism, intelligence is key to stopping attacks before they happen. Just as terrorists sometimes inflict damage disproportionate to their resources, such can be the case in cyberspace. Relatively small adversaries with limited means can inflict significant damage on larger foes. In these situations, intelligence is one of the most important assets for addressing threats.

Global Standards and Publications
In the current environment, with constant changes and almost infinite ways of accessing information and communicating, it is essential to make communication as clear as possible and ensure the quality of information. Van Haren Publishing makes general Best Practices available to provide quality, practically validated information worldwide. The use of standards and frameworks gives everyone the same language thus minimalizing the chance of errors due to unclear communication. Best Practices regarding these standards and frameworks provide you with information summarizing years of experience by the best in the industry.

Corporate IT's Darwinian Challenge
Corporate IT organizations in general are still viewed as the people who slow down business opportunity and change and say "no" far more than "yes." Too many corporate IT organizations haven't evolved along with their ecosystem and, in my opinion, much of the necessary change starts with an evolution in thinking and purpose. For me, the following points are the required foundation to stop the gradual erosion, and ultimate extinction, of the corporate IT organization as we know it today.

Mobile Medical Apps: A Market on the Move
Smartphone technology is promising for use in remote patient monitoring for several reasons. David Pettigrew, Sagentia’s Vice President of Connected Health, sums up the advantages: “Benefits to medical-device manufacturers include cost savings through not having to develop a completely new device, leveraging existing platforms while adding more sophisticated sensing and data capabilities, and using an interface that consumers know and understand and is already part of their everyday life.” The result: Devices are far more likely to be adopted and used correctly.

The branded bug: Meet the people who name vulnerabilities
If the bug is dangerous enough, it gets a name. Heartbleed's branding changed the way we talk about security, but did giving a bug a logo make it frivolous... or is this the evolution of infosec? Criminals, such as bank robbers, are often named because there are too many to keep track of. Just as killers and gangsters end up in history marked and defined by where they murdered (the "Trailside Killer") or having a characteristic ("Baby Face" Nelson), the same goes for critical bugs and zero days. Stephen Ward, Senior Director at iSIGHT Partners (iSIGHT reported the "Sandworm" Microsoft zero-day), explained to ZDNet, "Researchers will often use unique characteristics discovered in malware or in command and control to give a team or a particular exploit a name.

Network security needs big data
Big data will change most of the product categories in the field of computer network security, including network monitoring, the authentication and authorization of users, identity management, fraud detection, and systems of governance, risk and compliance. Big data will also change the nature of the security controls, such as conventional firewalls, anti-malware and data loss prevention. In coming years, the tools of data analysis will evolve further to enable a number of advanced predictive capabilities and automated controls in real time.

7 Tools Tuned for Agile Development Success
The iterative alternative to fully mapped-out waterfall processes has become widely accepted in recent years, bringing with it software tools designed to help agile practitioners hone their processes, collaborate efficiently, and monitor progress. Companies like Atlassian, Axosoft, Microsoft, and others have been filling the niche for agile project management. Since we first rounded up agile project management tools in 2013, these tools have seen noteworthy improvements. Here's another look at the more effective agile-oriented project management tools and what's been improved in them in the past year.

Quote for the day:

"How you measure the performance of your managers directly affects the way they act." -- Gustave Flaubert

November 24, 2014

The Salesforce Platform: The Return of the Citizen Programmer
The last time this happened was in the 90’s, when Microsoft created Visual Basic. Legions of citizen programmers created large numbers of custom applications and solutions. Kids used VB, Grandparents used VB. Even managers used VB. Most of the code they wrote was awful, full of global variables, goto statements, and not a hint of object oriented programming, even after it was supported by the language. But it was fast and it was easy, and even the most elitist senior programmers were often forced to use VB because it was so incredibly productive compared to anything else.

The business rationale for cloud workspaces
Desktop virtualization technologies offer enterprise IT a new opportunity to deliver lower-cost, yet more responsive, end-user computing services across a larger range of endpoints. ... This makes them a high-risk investment. Desktop-as-a-Service (DaaS) offers a significant opportunity to realize the benefits of desktop virtualization through cloud-hosted desktops consumed as a service without the high upfront capital cost, and at a considerably lower risk, by leveraging a service provider’s domain expertise in creating and managing a high-performance virtual desktop infrastructure.

Open Cloud Alliance Formed to Answer Germany’s Data Privacy Concerns
“The European and US market is different,” said Laguna. “European companies are much more conscious and careful and more wary of big U.S. cloud providers. The big proprietary silos are very anti-competitive, very monolithic, and channel-unfriendly.” One example of how Germany and the U.S. view privacy differently is email. In Germany, it is considered extremely weird for an employer to have access to an employee’s email. In the U.S., sometimes you communicate with superiors by keeping a draft saved in your box. Data privacy concerns are born out of a history that saw the Gestapo, and later the Ministry of State security Stasi, encouraging spying on neighbors when the country was split, explains Laguna.

Android 5.0 Lollipop embraces the enterprise
Google took longer. Prior to the new version 5.0 (Lollipop), Android included precious little specifically to assist enterprises in their needs. Lollipop is a clear change in direction, addressing many of the most important enterprise needs. Finally, Google has included EMM/MDM APIs to allow a standard approach to the management and security of Android mobile devices. No longer will EMM vendors like MobileIron have to make different versions for the devices of different OEMs. Google has also moved to harden the base operating system, strengthen data security by default, improve the security update process and authentication and much more. There are thousands of new APIs, many of which help enterprises.

The five principles every corporate director should embody
NACD and ISA published a report titled the “Cyber-Risk Oversight” where they propose five key principles for boards in approaching cyber-risk ... The IIA and ISACA have built upon these five principles to provide well thought out implementation guidance in a publication titled “Cybersecurity: What the Board of Directors Needs to Ask” Here is how they recommend boards move out in turning the five principles above into action plans ... IIA and ISACA also suggest six questions any board should consider to prepare for discussions with management and audit

Symantec identifies sophisticated, stealthy 'Regin' malware
Regin is a back-door-type Trojan, "customizable with an extensive range of capabilities depending on the target," Symantec said, adding that "it provides its controllers with a powerful framework for mass surveillance." Its development probably took months "if not years" and "its authors have gone to great lengths to cover its tracks." Its first incarnation was used to spy on a number of organizations from 2008 to 2011 when it was "abruptly withdrawn," with a new version showing up last year, Symantec said. Nearly half of the Regin infections that have been identified involve private individuals and small businesses, with attacks on the telecommunication sector apparently aimed at gaining access to calls routed through that infrastructure.

IBM Courts DevOps With Dedicated Bluemix
DevOps has been a favorite mode of operation for startups and web companies that seek to change their production software frequently. Facebook and are noted for their ability to push dozens or hundreds of software updates a day. Robinson said competitive enterprises are beginning to adopt the same process. Among other things, Dedicated Bluemix will make available a Cloudant high-performance database-as-a-service; a data-caching service to make Bluemix applications speedier and more responsive; and the runtime environments in different languages so developers may launch applications in the language of their choice, Robinson said.

Tuning Java Servers
One mistake engineers often make is profiling the CPU without first determining whether it is truly a CPU bound use case. Although CPU utilization shown by top command is low, machine may be busy doing IO (e.g. reading disk, writing to network). Load average is a much better metric for determining whether the machine is loaded. Load average represents the number of processes waiting in the OS scheduler queue. Unlike CPU, load average will increase when any resource is limited (e.g. CPU, network, disk, memory etc.). Please refer to the blog “Understanding Linux Load Average” for more details.

DeitY Releases its Latest Draft IoT Policy
Focus is on developing IoT products precisely to our needs in the sphere of agriculture, health, water quality, transportation, security, automobile, automated metering and monitoring of utilities, waste management and many others. Structure of the IoT Policy has been planned to be implemented through a multi-pillar approach. It will have five vertical pillars (Demonstration Centres, Capacity Building & Incubation, R&D (Research and Development) and Incentives and Engagements, Human Resource Development) and 2 horizontal supports (Standardisation & Organisational structure).

Clearing up muddied waters in the 'Data Lakes'
Several companies have even designed products and services around the concept. Less pleasing is that since 2010 it's been gradually redefined, then subsequently refuted based on these new definitions. But hey, this kind of thing happens in any modern, digital debate and at least it indicates there's a healthy interest in the subject matter. However, as one who spends most waking hours conceiving new information architectures to solve modern data problems, I thought it was time to revive the original Data Lake definition and explain its original role and relevance.

Quote for the day:

"Management is nothing more than motivating other people." -- Lee Iacocca

November 23, 2014

Performance Impact of an IO-Intensive Application
The bottleneck of an IO-intensive app is usually when the system flushes the dirty pages to disk, not during the journaling step. The throughput of flushing is limited by the device bandwidth. A typical 15K RPM could reach a bandwidth of 120MB/sec in the best case of sequential access, in case of random IO the actual bandwidth is even less. To better illustrate, assuming the system uses the default Redhat Linux flush policy of 30 seconds, and the application writes at a rate of 20 MB/sec. After 30 seconds, the system would have accumulated 600 MB of dirty data to flush to disk. In Linux, the flushing is done by the pdflush daemon.

Tuning Large Scale Java Platforms
The session covers various GC tuning techniques, in particular focusing on tuning large scale JVM deployments and showing how to optimally size a platform for enhanced memory consumption. It also presents Pivotal Application Fabric reference architecture where a comprehensive performance study was done. ... Emad Benjamin is Principal Technocrat and CTO Ambassador at VMware. Jamie O'Meara is a Platform Architect and software engineer for Pivotal.

Aligning ITSM with Business Objectives
This discussion will focus on the need for the Business to understand what IT can do for them, things like: enter new markets, create new services, provide new solutions or industry shifts. Then we will look at why IT and in particular the importance of the CIO to be embedded within the business and understand it’s business goals and objectives to ensure both “lights on” and “strategic direction incorporating innovation”. The ITIL Service Strategy book will be used as part of our guide. So come and hear how to start aligning IT service management with the Business objectives.

How to align talent management with business strategies
Through informed alignment of talent management strategy with business strategy, organisations can identify the capabilities that are really needed (thus providing a realistic business case for the development investment). Strengthening this business case raises another challenge: developing effective criteria for selecting the right candidates for development and thereby using available resources as effectively as possible to support the maximisation of potential. This effective long-term thinking can override short-term pressure from shareholders, who are often reluctant to invest in talent management.

Why Isn’t My Strategy Working? It’s Broken That’s Why
Declare “WHY” you are in business and then build a culture to support your “WHY.” Share it in a way that defines the experience your customers, staff and partners will have every time. ... After you have declared your “WHY” and everyone is busting with passion about the vision, the brand and being part of the culture, it is time to monetize that dream. Level II determines if customers, partners and investors will join you by saying yes. ... With Level II in place, everyone is clear about the strategy to monetize the “WHY,” and now the next step is to deploy the revenue strategy complete with a “True North,” a Revenue RoadMap and aligned metrics. Deployment must be both aligned to the “WHY” and the revenue strategy.

Microsoft Strategy Vice President Teper: 'Minecraft is a development tool'
"Minecraft is a development tool" Teper told attendees of the UBS Global Technology Conference in Sausalito, Calif., last week. "People build worlds out of it. If we can get eight-year-old girls and boys building worlds and getting inspired by creating content digitally, as they grow up they'll want to create in PowerPoint, or Visual Studio. And in addition to being one of the few gaming franchises that doesn't have to be freemium, Minecraft can actually charge money. It turns out it's a great business with lots of upside." The full transcript of Teper's remarks from November 19 is worth a read.

Six Steps for Developing a Governance Model for Strategic Portfolio Management (Part 1)
In today’s business environment, we have to make decisions quickly to take advantage of such things as market-moving news and events, client requirements, new technology and other factors. In order to do all of this, you need a streamlined, customized approach that works with, and not fights against, your culture and best interests. At the heart of all of this, controlling and driving this process forward is the Governance Model. That’s why I call it the engine room. Without it, portfolio management can’t happen in any structured, purposeful way. So, whether you’re just getting started in portfolio management, or you need to re-think your approach, the Governance Model is where you start.

360 Degree Embedded Analytics: Inside Apps, Inside Processes
These technologies will sit close to Business Intelligence (BI), data integration tools and online analytical processing (OLAP) services – plus we will also focus here on data mining and ‘extract, transform, load’ (ETL) functionalities. In terms of facilitating technologies, let us also remember that Hadoop serves as a central processing hub here where ‘analytics-ready’ data sets can be blended, refined, automatically-modeled and then automatically published directly to analytical databases (like HP Vertica for example) for deeper usage. If this is analytics embedded into the application, then what of analytics embedded into the business processes.

How to Improve Teamwork in Your Agile Team
Presenting this pyramid to the team could be the second exercise. Based on my experience, most of the team members will identify at least one problem from the pyramid. Visualizing this will make them think a bit about the status quo situation while realizing that much is required to be done in order to have a great team. I think one hour should be enough to familiarise the team with the pyramid and to answer all their questions. Since the base of the pyramid forms from an Absence of Trust, I will focus on an exercise for improving this specific aspect. My team tried this exercise some weeks ago. Clearly, we had problems in the team and lack of trust was one of them.

Conversation Patterns for Software Professionals.
Years of experience in the industry have shown us that the best way to get concrete and detailed knowledge from the business is to structure it. Structuring can be defined as organizing the acquired knowledge according to predetermined criteria, for example: functional requirements, non-functional requirements, domain-specific rules, architecture and implementation limitations. Such an ordered collection of information is a checklist for those who collect it and it helps them answer the following questions - What do I already know? What else do I need to know? What do I have to specify?

Quote for the day:

"Nothing great was ever achieved without enthusiasm." -- Ralph Waldo Emerson

November 22, 2014

How to Improve IT Governance Maturity
Understand the operating style of organization. Who holds the decision making power, Is it with the CEO, Board, CFO, PE Investors or someone else. Know what view each of the CXO roles has on organization priorities and the role they consider IT has in the organization. The IT dollars are enterprise resource and are finite, and they must be leveraged to the benefit of the enterprise. IT governance's purpose is to facilitate all business units in competing for the dollars based on benefit to the enterprise. There is no reason the executive team shouldn't be completely aware of where and how IT assets are being deployed. The CIO is probably the last person to be setting IT priorities and when you take this approach,

4 Solutions To Build Apps For The Connected Car
Opportunities and choices abound for any consumer, company or entrepreneur attempting to connect the car. An in-vehicle dashboard can contain applications pre-installed in the unit or your smartphone app can connect via Bluetooth and offer content in the car. The applications world is moving to the car with consumers pleading at the chance to connect to the Internet in their vehicles. If you are interested in the connected car, there are four main types of development for in-car connectivity

Cisco crashes the enterprise mobile party with new collaboration app
Project Squared also complements Cisco's collaboration and UC (unified communications) product stack by extending it to mobile devices. Cisco already offers voice communications, video conferencing, IP telephony, IM and Web meetings via a variety of hardware devices and cloud and on-premise software for desktops, small and medium-size meeting rooms, and large conference rooms. "Cisco is filling in a gap in their portfolio, the use case for small, agile teams that want robust mobile apps but don't need more complex services and tools like WebEx or dedicated hardware endpoints for every bit of work, even if they have them," Gartner's Preset said.

Wozniak still aims to simplify: Now, all of enterprise storage
The company’s software separates the control of data from the gear where it’s stored. All storage capacity, from cloud to server-based flash, becomes part of a single global data space that can be allocated as needed for high performance or high capacity, Smith said. That virtual space can span block, object and file storage systems, keeping specific transport protocols such as Fibre Channel in place but treating all data as files. Instead of using a new protocol, Primary Data’s software is based on the widely used NFS (Network File System). The software consists of a Data Director, which holds metadata about the contents of storage and policies for each application, and a hypervisor in the application server that carries out changes.

The Programmer's Price
Rock-star developers are, not surprisingly, very different from actual rock stars. Solomon told me, “Generally speaking, the egos are the opposite.” Programmers tend to undersell themselves. (One potential client described himself as “pretty fast”; it later emerged that he’d won a speed-coding competition in India.) Solomon surmised that this has to do with the nature of feedback in the two professions. If you put a product in Apple’s app store, your interaction with customers consists mostly of anonymous griping. Meanwhile, he said, “even a low-level musician is onstage playing to fifty people, and after that show they have ten people who come up and tell them, ‘Dude, your song saved my life!’ ”

Bank CEOs Fear Data-Driven Decisions
One challenge is that getting an analytics practice up and running requires coordination and buy-in from multiple groups, points out Deva Annamalai, a banking technologist in Salt Lake City. "In today's scenario, most banks have an existing enterprise data warehouse, a finance and analytics reporting group, and IT wanting to do this. The ownership and roles around who is responsible for customer analytics becomes a little muddled. Organizations are starting to realize this overlap and some are even dedicating chief data officers (a relatively new C-suite title) to solve this problem."

Microsoft warns that Kerberos bug allows hackers to compromise entire networks
“This security update is rated Critical for all supported editions of Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. The update is also being provided on a defense-in-depth basis for all supported editions of Windows Vista, Windows 7, Windows 8, and Windows 8.1.” If you’re a system administrator and you haven’t already applied the patch, you should do so immediately.If your domain has already been compromised – and Microsoft has said that it was ‘aware of limited, targeted attacks that attempt to exploit this vulnerability’ – then the only remedial action is a complete rebuild of the domain.

Web API Thoughts 1 of 3 - Data Streaming
The target is to reach services to various platforms using HTTP technology, which is supported by many end user applications, browsers, mobile devices, other services. ASP.NET Web API is a request-response message exchange pattern, in which a client can request certain information from a server and a server responses the request to the client. The response can be expected synchronously or asynchronously. When you think about a web service usually several things pop up in your mind. Personally I'll point out these three basic key points regardless of the service implementation.

Interview: 'Government is the best digital startup in London'
“I think government is the best digital startup in London,” he says from behind his glowing Apple MacBook. “We really do have multi-functional teams, and when we talk about agile we really mean it. And we’re really serious about user research and understanding what the user needs are.” Shetler has dabbled in startup companies himself, creating two startups in London, the place he now calls home. His career also spans financial services, including working for the Republic National Bank of New York and companies such as Oracle, Microsoft and Swift – the financial transaction messaging company.

Gartner's four steps on how to better manage public APIs
APIs, a set of regulations that enables one program to interact with another, are in high demand among business and IT users alike for a whole host of reasons, Olliffe said. APIs offer accessibility, ease of use, platform independence and an attractive cost structure. Moreover, APIs are an operational expenditure, which means developers, architects and even the business can bring new capabilities into the enterprise without "a big approval from the CIO," he said. But along with this new API abundance come new complications. ... Startups go bust, companies decide to change directions, and a public Web API could easily disappear.

Quote for the day:

"A business of high principle attracts high-caliber people more easily, thereby gaining a basic competitive and profit edge."-- Marvin Bower

November 21, 2014

7 great MOOCs for techies -- all free, starting soon!
Big data, open source software, security -- these are some of the IT skills most in demand today and for the near future. Fortunately, free classes, in the form of Massive Open Online Courses (MOOCs), are available to help you keep pace with these and many other IT-oriented subjects. Offered by top universities as well as online education platforms (often in partnership), IT MOOCs can help you keep your skills sharp and resume updated. ... If you don't find what you want here, browse the lists of other courses offered by these institutions, or check our last MOOC roundup for ideas. Then log on and start learning.

Retired CIOs: 5 Rewarding Second Acts
Is there life after information technology leadership? You bet. While some "retired" CIOs immediately dive back into the industry as consultants to those currently serving as CIOs, others decide it's time to do something completely different. InformationWeek specifically went looking for people who had an interesting "Second Act" story to tell. Of our five examples, one is embarking on a career of voiceover work and acting after years of using funny voices to amuse his colleagues. Another is working almost as hard as a volunteer civic leader as he did in his former profession (but without the stress of worrying about the next system outage). Several are actively trying to relax but are still active as volunteers.

Smartphone Encryption – What Does it Mean to You?
As forensic experts we truly understand the probative value of the data and metadata contained on smartphones. These devices are routinely imaged, preserved and analyzed as part of the discovery process in cases where communications are directly or indirectly related to the underlying issues. The data and metadata automatically stored on smartphones can include entire email chains, geographical locations, contacts, logs of who was texted or called, and a host of other information depending on what apps were installed and used (see “Alternative Keyboard apps: Too risky for your smartphone?”).

Digital Transformation and IT: The CIO´s balancing act
We live in times of accelerated change. Smart and innovative challengers leapfrog industry borders and disrupt business models, selling digital services into former physical product markets and leaving established market leaders perplexed and behind. The digital Darwinism predicts that not the strongest (market leaders), but those companies that are able to adopt change the fastest, will survive. And as an example - the arrival of the smartphone taught us that torch producers and camera producers, for example, ended up between a rock and a hard place. Their business model was disrupted from outside the niche. Smartphones disrupted several other businesses and will keep doing so – financial credit card organizations are next in line.

Are Telepathy Experiments Stunts, or Science?
In a paper published last week in the journal PLOS One, neuroscientists and computer engineers at the University of Washington in Seattle described a brain-to-brain interface they built that lets two people co√∂peratively play a simple video game. Earlier this year, a company in Barcelona called Starlab described transmitting short words like “ciao,” encoded as binary digits, between the brains of individuals on different continents. Both studies used a similar setup: the sender of the message wore an EEG (electroencephalography) cap that captured electrical signals generated by his cortex while he thought about moving his hands or feet.

Smart guns: Can tech bring transparency to law enforcement?
Technology like Yardarm's could be beneficial in creating change without changing federal or state regulations. The company was founded just five months after the Sandy Hook shooting. ... "We're not a bunch of gun guys figuring out how to put tech in guns," Schaff said. "We're a bunch of tech guys trying to figure out how to put tech in guns." The team received a lot of messages from interested organizations like private security firms, police forces, and foreign governments, who wanted more information -- more data -- to use as evidence, and more ways to monitor the safety of officers out in the field.

Lost Devices Cause 68 Percent of Health Care Data Breaches
A recent study by Bitglass shows just how much damage the insider threat can cause. In its 2014 Healthcare Breach Report, Bitglass discovered that 68 percent of the data breaches in the health care industry since 2010 were caused by lost or stolen devices. The survey results nearly mirror a study conducted by theCalifornia Attorney General’s Office, which found that 70 percent of compromised health records were the result of a lost or stolen device. This is not to say that cybercriminals aren’t doing any damage. Almost a quarter of breaches in the health care industry are caused by hackers infiltrating the network.

Is your Java application hostile to JIT Compilation?
The key point about JIT compilation is that Hotspot automatically monitors which methods are being executed by the interpreter. Once a method has been called often enough it is marked for compilation into machine code. These "hot methods" are compiled by a JVM thread in the background. Until this compilation finishes, the JVM keeps running - using the original interpreted version of the method. Only once the method is fully compiled does Hotspot patch the method dispatch table to point to the new form. Hotspot has a large number of different optimization techniques for JIT compilation - but one of the most important for our purposes is inlining.

Healthcare Interoperability: Who's The Tortoise?
"It's very easy to point fingers at folks. People underestimate how challenging this work is," Sawyer told InformationWeek. "I think the vendors are being cautious before spending lots of research and development money before a standard is more clearly defined." Some EHR systems, like Epic, were designed long before cloud and APIs, executives said. Others leveraged newer technologies like cloud and APIs from the start. But clinicians and patients want them all to exchange files with one another -- just like financial firms, which enable consumers to withdraw funds from any ATM, regardless of bank. Or like Amazon, which lets consumers browse and order items from stores -- both Amazon and other sellers -- via one platform.

CIOs make progress, but still get no respect
Fair or not, the body of research described here is compelling. For this reason, every CIO should consider the possibility that some of their peers and management share views presented by the data. The solution is spending more time with business departments and leaders, learning nuances of their needs and goals. As CIO, delegate the technology to staff while you focus on solving business problems around the company.

Quote for the day:

"Experience is not the best teacher; evaluated experience is the best teacher." -- John Maxwell

November 20, 2014

Data Is Not the New Oil, It's the New Soil
Not long ago companies began waking up to the fact that people everywhere were generating huge volumes of data. Data that could be collected and used to understand people in ever finer detail. The phrase “data is the new oil” started to spread like wildfire across the web. The buzz around “big-data” emerged . Oil is valuable. If you find, collect and store oil it will remain valuable. Data is a very different thing. Data is generated when people do something. It is a record of an event. That means it starts losing value almost as soon as it is generated because it ages.

DOT chief data officer prepares for forthcoming ‘wave’ of digital transportation data
“One of the things that makes it really important we get our acts together around data is the digital transportation world that is about to unfold,” McKinney said in October at ACT-IAC’s Executive Leadership Conference in Williamsburg, Virginia. Pointing to information generated from vehicles connected thanks to the Internet of Things and bridges and roads with sensors talking to cars, he said, “All of that data is sort of like standing on the beach and seeing that wave that’s building. It’s way out there, but you can see it. So you can either get ready for that, or you can get swamped.”

The Fantastic Four: Chief Analytics Officer, FICO World Panel
“Analytics as a function grew at Ford Motor Credit because we had a president who joined from American Express who had a vision,” explained Cateriano. “For me the Chief Analytics Officer appointment is about developing a skilled team for credit. Originally we had to push our services but now our key executives turn to our data analytics to solve the problem. I would say 80% of the time they are pulling us to the table”. ... Sigala explained there has been a deep shift towards analytics at Caesars. “It’s deeply integrated. When we deliver financial results it’s the Chief Analytics Officer that delivers the results and that has been a conscious decision.

Nine Steps to Unlock Big Data's Hidden Value
It is being billed as the next big thing and every business appears to be surfing the big wave. But if the hype makes you feel you’ve been left behind, fear not. Gartner poll results released in September 2014 revealed that while 73 percent of firms surveyed in 2014 are interested in adopting big data, only 13 percent have actually deployed these technologies. Without a clear place to start, many organizations are either misusing big data or not using it to its full potential. However, a focused approach can help make the transition less daunting, minimize the hurdles along the way, and enable organizations to take advantage of this valuable and growing corporate asset.

Only Engaged Innovation Teams Succeed
Managing innovation is making choices and dealing with constant trade-offs about different issues, particularly the ones related to people. The ultimate goal should be to make innovation a collective responsibility of the entire organization. However organizations cannot afford to have a single policy for keeping continuous motivation and engagement among all people. They should draft a plan to encourage that at least key people actively contribute for the innovation program and become long-term supporters. Key people are the stakeholders that have the interest and the power to influence the success of the innovation program.

Dynamic Duo of Analytic Power: Business Intelligence Analyst PLUS Data Scientist
The data science process is highly collaborative; the more subject matter experts involved in the process, the better the resulting model. And maybe even more importantly, involvement of the business users throughout the process ensures that the data scientists focuses on uncovering analytic insights that pass the S.A.M. test –Strategic (to the business), Actionable (insights that the organization can actually act on), and Material (where the value of acting on the insights is greater than the cost of acting on the insights).

Facebook’s Open Source Virtual Machine HHVM Stabilized
HHVM itself isn’t widely deployed or even widely known. It is extremely fast, but has not been considered production-ready because it sometimes causes system reboots. For the first time PHP and HHVM can run side by side on the same server, which increases speed, performance, and stability in production environments. WP Engine’s latest release, called Mercury, leverages the new capability. “HHVM is extremely fast running WordPress,” said Tomas Puig, head of labs at WP Engine. “Getting it ready and stable is truly an accomplishment.”

2015 prediction: Expect massive spikes in global information security threats
PWC rightly points out that cyber security has become a persistent business risk and that threats (both to the economy and intellectual property) are on the rise. The report goes on to identify some very troubling incidents, including ... With the idea of a security paradigm shift on the table, today's cyber-defenders should be thinking in different terms than just traditional security initiatives, shifting their focus towards an ideology of "cyber risk management", which is being fueled by an initiative founded by the NIST. The NIST has set forth a security framework (NIST Cybersecurity Framework) that stresses management over technology and highlights several best practices that should help organizations defend against the imminent threats posed by increasing cyber-attacks.

Cloud Comfort for Financial Services
"You're giving your data to some third party," Alexander Southwell, a partner at Gibson, Dunn & Crutcher and former cybercrimes prosecutor, told attendees during a panel presentation. "Do you know where in fact the data is? Do you know who is housing that data? How well [are] they funded? Are they gonna be around?" Indeed, many financial services organizations are specifically required to assess factors such as these when contracting with third parties, as a matter of due diligence. These questions and others concerning how client data is stored are especially important because most cloud providers are not yet SEC- or FINRA-compliant.

The Open Group IT4IT™ Reference Architecture, Version 1.3
The IT Value Chain and IT4IT Reference Architecture represent the IT service lifecycle in a new and powerful way, providing the missing link between industry standard best practice guides and the technology you need to select and execute those processes. The IT Value Chain and IT4IT Reference Architecture are a new foundation on which to base your IT4IT operating model and provide a welcome blueprint for the CIO to accelerate IT’s transition to becoming a service broker to the business. This Snapshot is intended to make public the direction and thinking about the path we are taking in the development of the IT4IT Reference Architecture.

Quote for the day:

"Leadership is the wise use of power. Power is the capacity to translate intention into reality and sustain it." -- Warren G. Bennis