February 28, 2015

Process Trumps Innovation in Analytics
A good analytic process, however, needs more than a sensibility for how to derive and think about questions; it needs a tangible method to address the questions and derive business value from the answers. The method I propose can be framed in four steps: what, so what, now what and then what. Moving beyond the “what” (i.e., measurement and data) to the “so what” (i.e., insights) should be a goal of any analysis, yet many organizations are still turning out analysis that does nothing more than state the facts. Maybe 54 percent of people in a study prefer white houses, but why does anyone care? Analysis must move beyond mere findings to answer critical business questions and provide informed insights, implications and ideally full recommendations.

Virtual Creatures in a Box, Controlled by You
A projector inside the lid of Holus beams four images of the same object onto the walls of the prism, which are reflected to form a single 3-D image that users can control with a smartphone connected via Bluetooth or Wi-Fi. A tablet computer or laptop attached to the box runs an app that feeds images to the projector, and adjusts what you see based on input from the controller. At this year’s International Consumer Electronics Show in Las Vegas, H+ used Holus to let visitors play a multiplayer dice game controlled with an iPod Touch.

Kaspersky Lab Unveils Cybersecurity Startup Accelerator
The SSC is a mentor-driven acceleration programme developed and implemented by the Kaspersky Academy in partnership with venture industry players Mangrove Capital Partners and the ABRT Venture Fund. SSC will provide startups with access to business, cybersecurity and cross-industry expertise from around the world. Eugene Kaspersky, CEO of Kaspersky Lab, said: "As the cyber threat landscape becomes more and more dangerous, the world needs new ideas, new concepts and new approaches to cybersecurity. As a result, there's been a significant increase in venture funding of early-stage startups in the industry."

Google reveals plans for futuristic cityscape campus
The design of the office “motivates people to move around the office and interact in casual, unscheduled ways,” he explains–just like the well-planned public spaces of a great city. Early concepts for the office were motivated by old 18th-century maps of cities. “When I think about a city,” Gorman says, “I shop, I go get coffee, I go to the park, I go for walks. We wanted to create that same variety in the office.” In addition to its in-house café (and in-house debugger/barista), Square has been experimenting with pop-up stores and artisan merchants appearing within Square’s own offices.

UK poised to relax rules on employing overseas workers for some IT jobs
Rules would be loosened so employers no longer have to demonstrate they have tried to fill the job domestically before recruiting workers from outside the European Economic Area (EEA). Currently employers must prove they have advertised a job in the UK for 28 days and were unable to find a suitable worker. However, the MAC recommends that only start-up companies should be able to recruit from abroad in this fashion, stating it failed to receive much evidence from large tech firms that they are suffering from a skills shortage. "Any significant shortages within the sector, on the basis of the evidence we received, seem presently to mainly be confined to firms at the start-up/scale-up end," the report states

Red Hat wants you to contain yourself and your workloads
The cool part is that containers require no additional overhead or stress on the system. In fact, to the kernel, it's just running applications like any normal server does. For users and for the contained application, it's a separate and independent world. You can assign IP addresses to containers. Each container can have its own users, including the root user. From the container's point-of-view, it is a fully functional system. You can even reboot it without affecting any other container or the host system.

Net Neutrality Decision: What You Need to Know
The 3-to-2 Federal Communications Commission vote largely enshrines current practices of the major providers, such as Comcast, AT&T, and Verizon Communications, and as such probably won’t hold any immediate effects for the average consumer. It does, however, prevent a tiered Internet where companies and content providers can pay for speedy access to customers. “If this goes well, consumers will not notice a difference,” says Christopher Mitchell, an official with the Institute for Local Self-Reliance, an advocacy group for community development that supported the net neutrality proposal. Mitchell says the FCC rules are aimed at “preventing things from getting worse.”

Corporate Leaders Aren't Prepared for the Internet of Things
Fewer than one-quarter of survey respondents have established clear business leadership for the IoT, either in the form of a single organization unit owning the issue or multiple business units taking ownership of separate IoT efforts. Exacerbating this lack of leadership is a lack of understanding about the IoT by senior executives, the board of directors, and non-IT workers. Overall, the survey results show that there is a clear need for more internal education and ideation at all levels in the organization to explain the potential of the IoT and to seek innovative ways to exploit it.

Blockchain Technology Explained: Powering Bitcoin
So what is blockchain? Bitcoin blockchain is the technology backbone of the network and provides a tamper-proof data structure, providing a shared public ledger open to all. The mathematics involved are impressive, and the use of specialized hardware to construct this vast chain of cryptographic data renders it practically impossible to replicate. All confirmed transactions are embedded in the bitcoin blockchain. Use of SHA-256 cryptography ensures the integrity of the blockchain applications – all transactions must be signed using a private key or seed, which prevents third parties from tampering with it. Transactions are confirmed by the network within 10 minutes or so and this process is handled by bitcoin miners.

Building Software for the Long Term
Big software might survive but that might be just because it might be terrible software but it's just too expensive to replace, I mean I think there is probably a lot of software in financial institutions, I mean everywhere really that has been around for 40 years but nobody is able to change it. ... as software engineers we often want to improve things but we can’t describe it well enough to be able to convince people, so being able to make a business case to improve software and because actually bad software has significant costs and it’s not hard to find business cases for a lot of improvement work, that make sense for a business, it's not just our instincts tell us that we want to live in a nice software environment, there is a real business case usually in there.

Quote for the day:

"So much of what we call management consists in making it difficult for people to work." -- Peter Drucker

February 27, 2015

eBay Open Sources Pulsar, a Real-Time Analytics Framework
Pulsar uses an “SQL-like event processing language,” according to Sharad Murthy, eBay’s corporate architect, and Tony Ng, the company’s director of engineering — the blog post’s authors. It is used to collect and process user and business events in real time, provide key insights that systems can react to within seconds. Atop of the CEP framework the company implemented a real-time analytics pipeline, which relates how different parts can work together. Some of the processing it performs includes enrichment, filtering and mutation, aggregation, and stateful processing.

As mobile wallet market matures, MCX sits on the bench
"The fact that CurrentC is not up and running is not a bad thing," John MacAllister, principal at consulting firm Dorado Industries, said during a panel discussion this week at the All Payments Expo in Las Vegas. Steve Mott from consulting firm BetterBuy Design, and Tim Sloane, vice president of payments innovation at Mercator Advisory Group, joined MacAllister in the conversation about how current mobile wallet technologies jibe with the current market. All three consultants agreed that MCX can experience a modicum of success if it can push its CurrentC wallet beyond the current limited pilot phase. But the slow journey to a CurrentC launch has been filled with more tragedy than "Hamlet" or "Macbeth."

Cloud and the need for microservices
Cloud changes the way IT supports the business. In essence, every action within an organisation is part of a process. These processes need to change to reflect market conditions and the needs of the business. Any monolithic application will struggle to meet this overriding requirement – and this is where cloud comes in. A well-architected cloud platform enables services to be picked up from across a hybrid private/public cloud ecosystem. By the correct use of application programming interfaces (APIs), data can flow across the service boundaries to fulfil the needs of the overall process. As needs change, any one or more of the services can be unplugged and replaced with a different one.

4 reasons why cloud spending is set to explode this year
In terms of the ratio of clouding spending versus traditional IT expenditure, Karl Deacon -- Chief Operating Officer at Canopy -- says that the Atos cloud, "has shown that the percentage of contracts requiring or including digital or cloud solutions in outsourcing deals more than doubled in 2014 compared to 2013". The Atos cloud is a joint venture backed by Atos, VMware and EMC. Atos claims on its website that it doesn’t: "sell widgets, and we don’t theorize about the future…as business technologists with a pure client focus, we are orchestrators who can put your entire cloud puzzle together".

RealTime Medicare Data delivers caregiver trends insights by taming its healthcare data
The first thing we tried was to move to an analysis services back end. For that project, we got an outside party to help us because we would need to redesign our front end completely to be able to query analysis services. It just so happened that that project was taking way too long to implement. I started looking at other alternatives and, just by pure research, I happened to find Vertica. I was reading about it and thought "I'm not sure how this is even possible." It didn’t even seem possible to be able to do this with this amount of data. So we got a trial of it. I started using it and was impressed that it actually could do what it said it could do.

Canonical and Juniper team up on carrier-grade OpenStack SDN
In this cloud solution, Juniper will provide the service support for Ubuntu and Ubuntu OpenStack. This, in turn, will work in concert with Juniper's Contrail. Contrail is Juniper's open-source software-defined network (SDN) and Network Functions Virtualization (NFV) architecture. The point of this is that carriers and service providers are working feverishly on addressing their end-users' ceaseless data demands by making their infrastructure more agile and automated. If that sounds like a job for a cloud and SDN/NFV, Juniper and Canonical agree. Using their software stack, the two claim to be "providing open, scalable, cost-effective, and carrier-grade cloud solutions on which carriers can build a virtualized IP platform and support NFV."

James Grenning on Technical Excellence
About lines of code, people still see it that way, until they experience it. One thing I can't do for someone is experience how much better they will be in several weeks or months if they learn this. I can't make them experience that because these approaches have to be voluntary. For someone to get the benefit from TDD, they need to see that is might solve a problem they want to solve, try it, they are likely to convince themselves through their own experiences. Of the experienced people that started learning this years ago, most of them wouldn't stop and it's not because they want to be slower, less effective developers. It's because they want to be more effective.

The second-class internet? You're soaking in it
The net neutrality debate represents a third way in which the internet might be split. Rather than the neutral approach of treating all internet traffic equally, there could be fast and slow lanes, priced accordingly. Thursday's decision by the US Federal Communications Commission now makes net neutrality the law in that country, at least. There's nothing stopping the countries that make up the other 96 percent of the world's population from making their own rules for traffic within their own borders. All of those examples are theoretical. But look at Lenovo's recent issue with the Superfish software -- which inserted advertising into users' web browsing sessions -- introducing a nasty, nasty security vulnerability in the process. Doesn't this show that we already have a two-tier internet?

How to work for a macromanager
Working for a macromanager has its own set of challenges. A micromanager is always there when you don’t need them to be there; a macromanager is never around when you do have a question, need support, or need to get a decision made. They have a laissez faire style of management that assumes all employees are completely competent self-licking ice cream cones, needing no support, feedback, recognition, coaching, or direction. A macromanagement style may be appropriate when managing employees that are self-starters, experienced, high-performing, and self-motivated, but even these employees need a little attention now and then.

The Buzzkill Boss
Stress from conflicts at home can manifest itself in several negative ways at the office—worrying about off-the-job issues can drain employees of their energy and focus, causing them to withdraw from colleagues. On the other hand, employees’ lives are enriched when home life helps alleviate work stress—when a spouse offers much-needed support and perspective, for example. That ballast can help employees roll into the office on an even keel and in a buoyant mood.  But there is a more subtle aspect to the issue that researchers have so far failed to examine. That is, do supervisors’ feelings of work–life conflict or fulfillment spill over to their subordinates? Those higher in the organization chart are charged with inspiring and motivating their employees.

Quote for the day:

“Great works are performed not by strength, but by perseverance.” -- Samuel Johnson

February 26, 2015

Employing Enterprise Architecture for Applications Assurance
An enterprise architect will consolidate individual systems into a service-oriented architecture and eliminate one-off personnel datasets, asset inventories, and expense tracking and reimbursement processes. He or she can promote the adoption of a single technical architecture (such as Microsoft’s .NET or Java Platform, Enterprise Edition) to avoid the headaches of interconnecting incompatible technologies. Portability and interoperability are the key architectural objectives. Each of these actions will reduce the attack surface of the entire enterprise and enable security solutions that scale beyond what would be economical for individual systems.

Will Big Data Make Data Scientists Redundant?
The aim of Google’s Automatic Statistician is to create “an artificial intelligence for data science”. Specifically, it is creating software algorithms that can spot patterns, and report them in simple, easy-to-understand text. For example “The data shows that Saturdays were consistently warmer than Sundays throughout the year and this correlates to higher turnout at outdoor events”. As well as humans, machines can also interpret these results – and use it as the basis for further analysis, by automatically selecting appropriate models and predictions to test it against. The program was developed by a team of scientists at Cambridge University collaborating with others at MIT

Facebook’s Startling Report On The State Of Global Internet Connectivity
Although internet usage exploded over the last decade, this growth rate has slowed as developed nations effectively max out of active citizens. Facebook stated, “The rate of growth declined for the fourth year in a row to just 6.6% in 2014 (down from 14.7% in 2010). At present rates of decelerating growth, it won’t reach 4 billion people until 2019.” The message is a stark one – 40% of the world’s population hasn’t connected to the internet even once. Internet.org point out, “Without the cooperation of industry, governments and NGOs working together to improve the global state of connectivity by addressing the underlying reasons people are not connected to the internet, connectivity may remain permanently out of reach for billions of people.”

Cross-Border Data Restrictions Threatens Global Economic Growth
The motivations vary for restricting cross-border data flows. Some policy makers have embraced data-residency requirements as a tool to protect local tech companies from international competition. Others have pursued restrictions on data flows as a vehicle for safeguarding how consumers' personal information is used and transmitted, concerns that were only exacerbated by the disclosures of former NSA contractor Edward Snowden. Those privacy concerns have been prominent in the European Union, which has historically taken a more protective approach toward users' personal information than U.S. regulators.

Responsible Disclosure: Cyber Security Ethics
The debate over responsible disclosure of vulnerabilities has been going on for years, but has recently been reignited by Microsoft’s decision to end its public advanced notification system, as well as Google’s decision to publish details for a vulnerability found in Windows the day before Microsoft was set to make the patch available. It begs the question once vulnerabilities are discovered, should one disclose them? If so, what’s the appropriate amount of time? Do we as a security community, need to re-examine the process in which we disclose vulnerabilities?

Careful: Don't Drown in Your Data Lake!
In a data lake, everything is just poured in, in an unstructured way. A molecule of water in the lake is equal to any other molecule and can be moved to any part of the lake where it will feel equally at home. This means that data in a lake has a great deal of agility – another word which is becoming more frequently used these days – in that it can be configured or reconfigured as necessary, depending on the job you want to do with it. A data lake contains data in its rawest form – fresh from capture, and unadulterated by processing or analysis. It uses what is known as object-based storage, because each individual piece of data is treated as an object, made up of the information itself packaged together with its associated metadata, and a unique identifier.

Global Open Trusted Technology Provider™ Standard
This is not just a US issue; every country is concerned about securing their critical infrastructures and their underlying supply chains. Unfortunately we are beginning to see attempts to address these global concerns through local solutions (i.e. country specific and disparate requirements that raise the toll on suppliers and could set up barriers to trade). The point is that an international technical solution (e.g. a standard and accreditation program for all constituents in global supply chains), which all countries can adopt, helps address the geo-political issues by having a common standard and common conformance requirements, raising all boats on the river toward becoming trusted suppliers.

Big data trend now being applied to managing human resources
"Statistics have their uses, but you don't want a number to sum up the whole employee- employer relationship," says MacDonald, who works atRyerson University's Ted Rogers School of Management. "It may well be a self-defeating mechanism if you're trying to manage people by being incredibly precise by measuring their performance. If that measurement process becomes demoralizing for staff, you've shot yourself in the foot." So called "big data" techniques have been embraced quickly by sales, finance and marketing departments eager to exploit trends that will help generate more revenue for their organizations. The move towards harnessing computer power has been slower in areas that don't generate profit, such as the personnel department. But that's beginning to change.

Changing Business Value Models
That’s certainly the way that it’s supposed to work. But it’s no good having a great business value model unless it is adequately supported by the right enterprise architecture. Enterprise architecture is the formal description of the components that make up an enterprise, the relationship between those components, and how collectively those components either enable or constrain the management of the organization and the operation of its businesses. The realization of an enterprise architecture is a working, performing system. Problems arise if there is a mismatch of any sort between the ways in which a business is expected to produce value and the ability of the system described by an enterprise architecture to deliver on those expectations.

Building an emergency internet in the white spaces
Comparing white spaces technologies with other radio technologies shows several key advantages. Firstly it's multipoint, with no need for line-of-site connections or to locate end points accurately. That means it's able to operate in high winds and when there are earthquake aftershocks that might cause misalignment of point-to-point systems and might break cables or fibre. Secondly, you don't need to worry about exact alignment, and can even operate through obstructions and over water. The equipment used in the Philippines was weatherproof, and could be installed anywhere, with a normal antenna. Base stations can be used as repeaters, though the current maximum range is an impressive 12km (with future systems promising up to 40km).

Quote for the day:

"Even the demons are encouraged when their chief is "not lost in loss itself." -- John Milton

February 25, 2015

APAC firms want security to support mobile, application development
Respondents also the need for better security to support efforts to make their data available and release application programming interfaces (APIs), in order to drive innovation and speed up the development of new applications. In Singapore, 86 percent of respondents said they had offered APIs to boost mobile and web application delivery, improve customer engagements as well as create new revenue opportunities. In comparison, 74 percent of their peers in the region did likewise. Increasing mobility and the need to ensure quality mobile user experience also underscore the importance of security, with 55 percent of Asia-Pacific businesses pointing to mobility as a significant factor on their security policies and practices that deal with customers.

How to make applications resilient on AWS
Amazon provides different services to decouple systems and make them more reliable. One of the first services was Simple Queuing Services (SQS). Amazon describes SQS as a distributed queue system that enables service applications to quickly and reliably queue messages that one component in the application generates to be consumed by another component. Later, other services such as Simple Notification Service (SNS) or Simple Workflow Service (SWF) followed. One of the main characteristics of the cloud is elasticity, which means not making any assumptions about the health, availability or fixed location of other components.

11 Mistakes that Come Back to Bite Experienced Java Developers
Naively assuming that external or other internal services that are invoked from your application is going to be reliable and always available. Not allowing for proper service invocations timeouts and retries can adversely impact the stability and performance of your application. Proper outage testings need to be carried out. This is very crucial because the modern applications are distributed and service oriented with lots of web services. Indefinitely trying for a service that is not available can adversely impact your application. The load balancers need to be properly tested to ensure that they are functioning as expected by bringing each balanced node down.

How the Internet of Things Will Affect Database Management
How do you collect, categorize, and extract business intelligence from such disparate data sources? Can RDBMSs be extended to accommodate the coming deluge of device-collected data? Or are new, unstructured data models required? As you can imagine, there's little consensus among experts on how organizations should prepare their information systems for these new types and sources of data. Some claim that RDBMSs such as MySQL can be extended to handle data from unconventional sources, many of which lack the schema, or preconditioning, required to establish the relations that are the foundation of standard databases.

Deutsche Bank signs 10-year deal to re-engineer wholesale banking IT
The bank wants to re-engineer its underlying technology platform globally and standardise its IT foundations to support modern technologies such as automation. Once this is achieved, the infrastructure, which will harness mid-range systems, will support the introduction of digital services in the back office and for customers. Deutsche Bank will retain control of IT architecture, application development and IT security. Henry Ritchotte, COO at Deutsche Bank, said the agreement will enable the bank to standardise IT and reduce costs.  "Having a more modern and agile technology platform will further improve the bank’s ability to launch new products and services and lay the foundation for the next phase of its digital strategy,” he said.

When Enterprise Legal Management and GRC Collide
“GRC is very convenient shorthand for a wide variety of solutions that address compliance and risk in a variety of different ways, and for a number of different audiences,” he says. “I don’t think ELM is quite as diverse. There is a real disparity between the opportunity presented by the concept of legal enterprise management, and the scope of what the implementations actually look like.” Others take a more dubious view. “We are not convinced this convergence will happen,” one ELM vendor admitted. “We’re looking at it, but haven’t formed a strong view.” Houlihan says convergence is logical, since GRC programs exist to manage incidents and investigations “on the front end,” and convergence would connect those efforts to what goes on at the legal department.

Gemalto: NSA and GCHQ probably did hack us
"At the time we were unable to identify the perpetrators but we now think that they could be related to the NSA and GCHQ operation," Gemalto said, adding that these intrusions only affected the outer parts of its networks. "The SIM encryption keys and other customer data in general, are not stored on these networks. It is important to understand that our network architecture is designed like a cross between an onion and an orange; it has multiple layers and segments which help to cluster and isolate data," the company said. The company said that while the intrusions "were serious, sophisticated attacks" no breaches were found in the infrastructure running its SIM business

Four pilot project best practices for IT leaders
One great thing about a small project is that, if it's not going well, you can cancel the project and no one is so far invested that they won't accept the decision, right? Not always. Benoit Hardy-Vallee, a former Gallup consultant, wrote, "Years ago, Gallup reported a key finding about human nature in the workplace: People have emotional needs, and if they are not attended to, the result is subpar performance and increased turnover. Even the best processes and systems are inefficient if the people who run them aren't emotionally invested in the outcome." He's right.

Analytics Trends 2015
The Internet of Things generates massive amounts of structured and unstructured data, requiring a new class of big data analytics to uncover and capture value. Analytics tools and techniques are already finding their way around the Internet of Things, but the integration of systems is lagging. Both consumer and industrial applications could potentially benefit from industry standards that help avoid the massive programming investments that would otherwise be required. Also, because sensor data tends to be noisy, analog, and high-velocity, there are major challenges that traditional analytics architectures and techniques don't handle well.

Optimizing Entire Data Center Without Breaking Budget
We have more users, more workloads, and a lot more data traversing the current cloud and data center platforms. Trends are indicating that this growth will only continue. When it comes to data center growth and big data, there something very important that needs to be understood. The value around data and information is much higher than it ever was before. With that in mind, content delivery, user optimization, and data quantification are critical aspects to the modern business. Through it all, we’re still being asked to optimize and have everything run as efficiently as possible. But what can you do to optimize and not break your budget? Well, there are some new technologies that can help take your data center to the next level.

Quote for the day:

"You have not lived today until you have done something for someone who can never repay you." -- John Bunyon

February 24, 2015

Technical Debt: A Repayment Plan
Just as how we plan to pay back known technical debt we can also build into our project plan a buffer with which to address bit rot each sprint. Though the specific tasks that fill this buffer may not be known at the time, having the buffer there gives us a dedicated space with which we can payback those unplanned issues such as bugs, minor refactorings that must be handled immediately, or small pieces of system maintenance that make themselves known as our codebase naturally ages and decays. But what about the larger issues that can’t be handled in a few hours of development time? Perhaps there are more systemic problems plaguing our system such as a failing infrastructure or aging architecture that no longer fits the shape of our business.

Many attackers lurk undetected for months, then pounce
One of the main problems is that attackers are moving away from using malware that can be quickly detected. Instead, they're stealing authentication credentials and using them to log into systems remotely. In that way, they look like legitimate users logging into systems, which becomes difficult to detect. In two of the largest payment card data breaches, affecting Target and Home Depot, attackers obtained credentials used by third-parties to access those retailers' networks, allowing them to gain a foothold that eventually enabled attacks on their point-of-sale systems.

Memory Deep Dive - Optimizing for Performance
The two primary measurements for performance in storage and memory are latency and throughput. Part 2 covered the relation between bandwidth and frequency. It is interesting to see how the memory components and the how the DIMMs are populated on the server board impact performance. Let’s use the same type of processor used in the previous example’s the Intel Xeon E5 2600 v2. The Haswell edition (v3) uses DDR4, which is covered in part 5. ... Populating the memory channels equally allows the CPU to leverage its multiple memory controllers. When all four channels are populated the CPU interleaves memory access across the multiple memory channels. This configuration has the largest impact on performance and especially on throughput.

Security is CIOs' worst nightmare
"Disaster recovery and continuity are two things you just can't cut from your budgets, and I feel they're some of the most underappreciated vendors we work with. So much of budget planning for these services comes down to trust between a CIO and a CEO and others in the C-suite. There must be open and honest communication between all the parties involved so when we go to other executives they understand the absolute necessity of these services, and that we as CIOs are accurately representing the risks involved if budgets must be cut," says Jones. Downtime is more than just an inconvenience, says Martha Poulter, CIO at Starwood Hotels, it can greatly impact an organization's capability to generate revenue and grow business in the long-term, too, especially in a market such as hospitality.

Reaping global business benefits from software-defined data center
Columbia Sportswear has been going through a global business transformation. We’ve been refreshing our enterprise resource planning (ERP). We had a green-field implementation of SAP. We just went live with North America in April of this year, and it was a very successful go-live. We’re 100 percent virtualized on VMware products and we’re looking to expand that into Asia and Europe as well. So, with our global business transformation, also comes our consumer experience, on the retail side as well as wholesale. IT is looking to deliver service to the business, so they can become more agile and focused on engineering better products and better design and get that out to the consumer.

How Businesses Can Avoid Legal Risks of Social Media Usage
Ford says employers should answer a few questions before implementing social media for business purposes: what is the platform, how does it work, and why am I using it? “Just because you can use social media doesn’t mean it is building business, so use it in a way to build your business.” After answering those questions, employers should create a social media policy that addresses two audiences: employees who work on social media for the company and general employees—complementing other company policies, such as those addressing harassment or ethics.

Q&A with Matthew Carver on The Responsive Web
Bandwidth and memory exist in a budget and in order to accomplish tasks you must spend that budget. Developers might over spend in those budgets for a myriad of reasons but it's not a valid reason to dismiss responsive design as a whole. That's just silly. There's this old saying "A shoddy carpenter blames his tools". Responsive design is a tool to solving the problem of device parity on the web. Device fragmentation is a reality on the web and just because responsive design isn't perfect doesn't mean it's worth abandoning.

Welcome to the Age of Constant Attack
The perspectives on how best to address cyber security threats have gone through their own evolution. Headlines suggest that in the case of a threat like DDoS the challenge is simply having enough capacity to handle volumetric attacks. We know from experience that it just isn’t that simple. What’s needed to solve the problem of DDoS is based on three core characteristics of attacks: number of vectors, volume of attack, and finally, duration of attack. Escalations of all three present their own unique challenges, and the best approach will be one that balances a focus on preparation and response.

Creating a Simple Collection Class
No matter what limited set of features you intend to provide, if you're building a collection there are some features that you must provide. At the very least, for example, your collection will need to support processing all of its items with a For…Each loop. In addition, it's very unusual a collection doesn't support retrieving individual items in the collection by position (an indexer). In practice, if you don't supply those two features, then developers might not regard what you've created as a collection at all.

Teen hacks car with $15 worth of parts
Markey's office issued a report on vehicle security and privacy earlier this month, noting that automakers are developing fleets with fully adopted wireless technologies like Bluetooth and wireless Internet access, but aren't addressing "the real possibilities of hacker infiltration into vehicle systems. "Even as we are more connected than ever in our cars and trucks, our technology systems and data security remain largely unprotected," Markey, a member of the Commerce, Science and Transportation Committee, said in a statement. "We need to work with the industry and cyber-security experts to establish clear rules of the road to ensure the safety and privacy of 21st century American drivers."

Quote for the day:

"Take time to deliberate; but when the time for action arrives, stop thinking and go in." -- Andrew Jackson

February 23, 2015

Forget the tech bubble. It’s the biotech bubble you should worry about
The biotech craze isn’t, of course, built entirely on hot air. There was a jump in drug approvals last year, there are some potentially revolutionary drugs in development, and the US Food and Drug Administration (FDA) opened up a few ways of getting promising drugs approved faster. Biotech saw its first true blockbuster for some time in Gilead’s Hepatitis C drug Sovaldi, which was approved in late 2013, and quickly set sales records. Companies that have products on the market and are growing their revenues may warrant their high valuations. But others do not.

Burley Kawasaki on best tips for attaining speed in enterprise mobile apps delivery
If you look at the stats or the data, most industry analysts predict that up to 60 percent or 70 percent or more of mobile development is outsourced today, to either an interactive agency, a systems integrator, or someone else, because of lack of skills.  So it has been outsourced to some third party, and who knows what technologies they are using to build the app. It's outside the typical controls or governance of IT. So it's not only shadow; it's dark matter. You don't even know it exists; it’s completely hidden.  Yet, at some point, inevitably, those apps that you may have outsourced for your first version, it’s not just a first version release.

Apple, Linux, not Windows, most vulnerable operating systems in 2014
The top spot for vulnerabilities in operating systems no longer goes to Microsoft Windows; in fact, Windows isn't even listed in the top three. Instead, the most vulnerable OS was Apple Mac OS X, followed by Apple iOS and Linux kernel. As you can see in the list below, Mac OS X had 147 vulnerabilities, with 64 being rated as high-severity bugs. There were 127 in iOS, 32 of those rated as high. Linux kernel had a rough year, with 119 security vulnerabilities and 24 being rated as high-severity. The flip-side is that none of the security holes in Windows versions were rated as low severity.

The key to a successful security project
Being first held a couple meanings for us. When working with people - be first to understand what they needed and offer them help getting there. This is how we found out what to report on our scorecard line. We simply treated everyone we interacted with like our most valued customer. No matter where in the org chart, or when in the project cycle, we treated relationships like the success of our project depended on it, because it did. Second, when faced with a new idea - could we be the first to do something in our organization, could we lead it somewhere, improve something?

How to Systematically Incorporate Social and Cultural Factors into EA Practice
Ceri Williams drills deep into a key area of difference and explores what it means in practice for the Enterprise Architect. He considers how SSM is inclusive of all areas of the situation/action space (i.e. scientific, technological, mechanical, material, psychological, social and cultural), while an engineering approach excludes psychological, social and cultural influences. This paper describes how an Enterprise Architect can appropriate elements of SSM and related social and cultural disciplines, and blend them in as a defined part of a holistic approach to Enterprise Architecture.

Are You Ready for Web 40.0?
Personal and “desktop” computers will completely disappear. All single-purpose stationary machines – like fax machines and copiers – will completely disappear. Intelligent, networked tablets, watches, smart phones and wearables will integrate and become increasingly unnoticeable as they disappear into Web 40.0, the most important utility of the 21st century. Today’s discussions about “the Internet of Things” (IOT) and the “Internet of Everything” (IOE) represent the official launch of human/ digital/personal/professional integration.

Collaboration Techniques for Large Distributed Agile Projects
In past few years, it has become quite common for software development teams to be distributed across time-zones and comprise of multiple vendors with 50-100+ people. Agile practices encourage in-person interactions to foster collaboration, whereas, distributed and large teams force communication into the opposite direction. Therefore, it is important to achieve agility albeit with different, or modified mechanics, that work well for distributed and large team.I have shared examples for my project to explain Agile practices that work well in Large multi-vendor distributed teams.

How HTTP/2 will speed up your web browsing
The first way HTTP/2 speeds up traffic is by transferring all data as a binary format instead of HTTP 1.1's four text message styles. Besides making it simpler for web servers and browsers, this new format is more compact, because the more compact a web page is, the less time it takes to be transmitted. HTTP/2 uses multiplexing. This makes for a more responsive website by avoiding HTTP 1.1's "head-of-line blocking" problem. With earlier versions of HTTP, only one data request can be handled at a time, even though every time you visit a website, you start from four to eight TCP/IP connections. With HTTP/2, each website only gets one TCP/IP connection, but you can have multiple data requests being dealt with simultaneously.

NSA planted surveillance software on hard drives, report says
Surveillance software implanted on hard drives is especially dangerous as it becomes active each time the PC boots up and thus can infect the computer over and over again without the user's knowledge. Though this type of spyware could have surfaced on a "majority of the world's computers," Kaspersky cited thousands or possibly tens of thousands of infections across 30 different countries. Infected parties and industries include government and diplomatic institutions, as well as those involved in telecommunications, aerospace, energy, nuclear research, oil and gas, military and nanotechnology. Also, included are Islamic activists and scholars, mass media, the transportation sector, financial institutions and companies developing encryption technologies. And who's responsible for this sophisticated spyware?

Google and Apple Fight for the Car Dashboard
Here at Google’s headquarters, Android Auto is about to make its debut in Americans’ cars after two years in development. Plug in a smartphone with a USB cord and the system powers up on a car’s screen. The phone’s screen, meanwhile, goes dark, not to be touched while driving. Apple’s CarPlay works similarly, with bubbly icons for phone calls, music, maps, messaging and other apps appearing on the center screen. (Apple declined to comment for this article.) While the idea of constantly connected drivers zipping along roads raises concerns about distracted driving, both companies say their systems are designed with the opposite goal: to make cellphone-toting drivers safer.

Quote for the day:

“If you want to rebel, rebel from inside the system.That's much more powerful than rebelling outside the system.” -- Marie Lu

February 21, 2015

Kevlin Henney on Worse is Better and Programming with GUTS
Nonfunctional is a wonderfully vague English word. We're trying to define something by its negative. What qualities are important? Well, not the functional ones. It doesn't really make sense. ... So a nonfunctional behavior is generally and literally a thing you don't want. It's a thing we work against rather than for. What we're interested in are qualities of execution or qualities of development. As "nonfunctionals", these have merged together. Labelling these different categories as "nonfunctional requirements" mixes things together that happen at different times: at run time, such as speed and memory usage, versus development time, which is a completely different organism.

Tech essentials for the office and when on the road
When you think of tech it's easy to think of the big sticker items such as PCs and smartphones and tablets and such. But the small things can also make a huge difference. Here's a tour of some of the things that I take for granted, but which work hard for me every day, and without them I wouldn't be able to do as much as I do each and every day. Here you'll get to see some of the tools, batteries, chargers and other gear I personally use on a daily basis.

HP Latest to Unbundle Switch Hardware, Software
The disaggregated hardware/software model attempts to decouple switch hardware from networking software so operators of Web scale networks can quickly scale their networks at low cost with any product of choice, and without the entanglements of vendor-specific offerings. But by offering a branded white box option, vendors like HP –and Dell and Juniper before it – can sell into the Web scale opportunity and make money by providing follow-on service and support. ... To start, HP is introducing two brite box switches that enable 10G/40G spine and 10G leaf data center deployments. Both switches will be available in March with Cumulus Linux and offer OS installation using ONIE.

Hack gave US, British spies access to billions of phones: Report
The report by The Intercept site, which cites documents provided by former NSA contractor Edward Snowden, could prove an embarrassment for the U.S. and British governments. It opens a fresh front in the dispute between civil liberties campaigners and intelligence services which say their citizens face a grave threat of attack from militant groups like Islamic State.It comes just weeks after a British tribunal ruled that GCHQ had acted unlawfully in accessing data on millions of people in Britain that had been collected by the NSA. The Intercept report said the hack was detailed in a secret 2010 GCHQ document and allowed the NSA and GCHQ to monitor a large portion of voice and data mobile communications around the world without permission from governments, telecom companies or users.

Computing brains: neuroscience, machine intelligence and big data in the cognitive classroom
The field of educational neuroscience, or neuroeducation, is flourishing. At the same time, a number of initiatives based in computer science departments and major technology companies are also taking the brain seriously. Computer scientists talk of developing new braininspired cognitive learning systems, or of developing new theoretical and computational understandings of the brain in order to then build new and more effective forms of machine intelligence. The important aspect of these synchronous developments in neuroscience and brain-based systems is that they are beginning to come together in particular technological developments and products targeted specifically at schools.

Superfish security flaw exists in other apps, non-Lenovo systems
Superfish uses a man-in-the-middle proxy component to interfere with encrypted HTTPS connections, undermining the trust between users and websites. It does this by installing its own root certificate in Windows and uses that certificate to re-sign SSL certificates presented by legitimate websites. Security researchers found two major issues with this implementation. First, the software used the same root certificate on all systems and second, the private key corresponding to that certificate was embedded in the program and was easy to extract.

Inside the robot house: Is this your future? Photos
As part of the project, four robot houses were created in France, Germany, the Netherlands and in a residential area near the Hertfordshire University campus in England. The robotic environments share common features, such as overhead 360-degree cameras providing fish-eye views of the rooms below to track and record the movements and relative positions of robots and humans. The houses also employ sensors on doors and cabinets to show what has been opened, together with bot plugs, which can relay data on how much electricity is being consumed by individual devices. So if a fridge door is left open, triggering a rise in power consumption, that information is sent to the central computer and potentially to the robot as well.

Service-Oriented Architecture and Legacy Systems
Moving to SOA isn’t easy, and enterprises wishing to do so must be aware of the difficulties and inherent issues. Needless to say, every IT organization will experience multiple tradeoffs with SOA implementations; your mileage may vary. For effi ciency and fl exibility we recommend an incremental transition to SOA in legacy environments. ... Because legacy systems usually support key business processes, a step-by-step change plan should be developed and a feasible evolution of the current systems using a hybrid approach should be designed to achieve a pure SOA architecture. There are several strategies for converting legacy systems to SOA.

Why You Should Forget Your 'Right to be Forgotten'
It's easy to be misled on this issue. After all, privacy — on the Web, in the home or the in workplace — is a right most of us cherish. It's a right that's violated all the time by technology companies, advertisers and the government. I've certainly done my share of ranting about that issue, but erasing the past does not enhance our privacy. In many cases, deleting old information that pertains to a single individual hurts no one, and the banished bits will never be missed. But not always. The case that triggered the ruling illustrates its absurdity. The ruling concerned a specific request by a Spanish citizen, Mario Costeja González.

Dependency Inversion Principle - Let's keep it simple
SOLID is an acronym in which D stands for Dependency Inversion. Its another famous name is Inversion of Control (IoC) but this often confuses people when people try to remember the five SOLID principles embedded in the SOLID acronym as there is an I in SOLID as well but do remember that I in SOLID stands for a different design principle known as "Interface seggregation" principle. I will not say that this principle is in anyway more or less important than other four design principles but it is used more explicitly a lot because market has huge number of products which are famously known as IoC containers which are used by most developers to induce loose coupling in their components and enhance unit testing capabilities of their modules.

Quote for the day:

"Integrity is the soul of leadership! Trust is the engine of leadership!" -- Amine A. Ayad

February 20, 2015

What will soar and fail in tech and business in 2015
No one does predictions like Mark Anderson, whose forecasts about the intersection of the economy and technology are closely followed in Silicon Valley. He has a global view of what’s the next big thing and place along an eye for hot products and countries that about to take a dive. Anderson is head of Strategic News Service, a newsletter publisher for industry leaders and venture capitalists. It claims a readership that includes Dell CEO, Michael Dell, Tesla CEO Elon Musk and Microsoft’s Bill Gates. Recently, Mark Anderson listed his predictions for 2015 during a gathering in San Francisco. Here are his key points:

Best Practices for Enabling Employee-Owned Wearables in the Enterprise
It seems as if wearables have appeared almost overnight. It’s a new area for people to use technology to enhance their lives, particularly around personal health and fitness. And it’s a new area for IT to support and manage. At Intel, David Byrne is one person paying close attention to this technology in its infancy. He’s a mobility specialist in the Intel IT engineering group. In this podcast he talks about the increased wearable use by employees, how Intel IT is developing best practices to help support their use in the enterprise, and the business opportunities wearables present.

Mobile networks prep for the Internet of Things
It's good news for mobile users that they may not hear much about. A more efficient network leaves more free capacity for the video or application you want to run, and a more flexible carrier could quickly launch services in the future that you don't even know you'll need yet. The new architectures may even change how some businesses pay for mobile services. Just as enterprises used to buy separate servers for each application, carriers often use dedicated hardware for each function involved in delivering a service, such as billing and authentication.

How Large Companies Can Leverage Startups to Innovate
Our three business innovation experts represent a broad spectrum from investing in startups to guiding startups to being an entrepreneur inside a large organization.Evangelos Simoudis is a venture capitalist and an expert on innovation based in Silicon Valley; Todd Schofield runs the Innovation Centre for the London-based Standard Chartered Bank; and Philippe Mauchard is a partner with McKinsey and the co-founder of McKinsey Solutions. It is my hope that both startups and large companies will benefit from their guidance on how the two can come together for their mutual success.

Enterprise IT faces upheaval to move to cloud-first computing
"Unlike the situation where you have full control on-premise, you are outsourcing some of the control," said Kalush. "Even with a cloud service that offers 99.9% uptime, you need to assume there will be 0.1% downtime." As such, he said when building enterprise software for the cloud, the application needs to assume there will be breakages and failures.  Kalush added that the design of a cloud-based application requires a far more robust disaster recovery capability from day one compared to on-premise software.

The future of ‘everywhere ergonomic’ technology
In a recent interview with the Economist Intelligence Unit on ‘The Future of Work’, (sponsored by Ricoh Europe), Alan Hedge, Director of the Human Factors and Ergonomics Laboratory at Cornell University, points out that this type of technology is just the start, “we are at the very beginning of a revolution in ‘active’ objects and products that have sensors built into them.” Professor Hedge terms this interaction between people and design technology ‘everywhere ergonomics’. While smart chairs and surfaces may not have made their way to all workplaces just yet, many people will already be using everywhere ergonomics at home. It’s only a matter of time before the boom in wearable devices begins to have a transformative effect on the workplace.

Cognitive Computing (Slowly) Changes Healthcare
After over a year of research, we are capable of saying that cognitive computing is important to healthcare and is more than a science project. What we have found is that there is a divide between big health care business and smaller ones. The big businesses, the ones that are true centers of excellence in the provider, payer, and drug research arena are using the advances of cognitive computing machine learning and big data to innovate in fundamental ways. We also see the march to the main stream, as is always true in healthcare will be slow.

7 Modern Marketing Frameworks Every Startup Need to Know
As a young marketer navigating the digital landscape, I love frameworks. Not only do they help me plan and prioritize, but they help me visualize how everything I’m working on fits together. No, I won’t be talking about (and I’m looking at you, classically trained marketers) the 4Ps, Porter’s 5 forces, or SWOT analyses. Sure, those frameworks have their place, but they don’t provide much direction for startups looking to focus their energy on growth. Plus, they’re getting pretty old. The frameworks below were developed by modern marketing gurus. Together, they’ll help you make a growth strategy, select traction channels, and influence your customers’ behavior.

Police lost 20,000 stop-search records after 'wrong button pressed'
Assistant Chief Constable Wayne Mawson told members of the justice committee that 20,086 stop-search records were corrupted last year - because a computer programmer pressed "the wrong button". Now, as a former computer programmer myself, I question this. Even if it were that easy to delete thousands of records with one keystroke, most database management systems have a way to retrieve data - and, even if they didn't, why weren't back-ups made? If there are no back-ups to a system that loses data then my advice would be to mark that pesky keyboard button in red, and encase it in unbreakable glass to avoid any future errors.

Security professionals warn against relying on cyber insurance
“While insurance may help mitigate some of the financial impact of a security incident or breach, the reputational impact and the impact to the business operation cannot be mitigated with insurance in the same way,” he said. Lay said that businesses should instead aim to be smart with their approach and consider the people, process and technology elements when it comes to responding to the threats they face. “By taking this risk-based approach, businesses can ensure that they are dealing with the largest and most dangerous issues first,” he said. Lay said recent Fujitsu stud on digital enablement showed that for the 12% of UK consumers who said they never use digital services, security was a top concern.

Quote for the day:

"The leader has to be practical and a realist, yet must talk the language of the visionary and the idealist." -- Eric H

February 19, 2015

Who's writing Linux today? Capitalists
All together more than 4,000 developers from 200 companies have contributed to the kernel. Half of the kernel developers were contributing for the first time. That number may look large, and it is, but the Foundation also found that "there is still a relatively small number who are doing the majority of the work. In any given development cycle, approximately 1/3 of the developers involved contribute exactly one patch." Since the 2.6.11 release, the top ten developers have contributed 36,664 changes -- 8.2 percent of the total. The top thirty developers contributed just over 17 percent of the all the code.

There's no way of knowing if the NSA's spyware is on your hard drive
According to a report by Reuters, a former NSA employee "confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it." ... "There is no way to understand whether your HDD is infected," Igor Soumenkov, principal security researcher at Kaspersky Lab, said in an email reply to Computerworld. "Once the hard drive gets infected with this malicious payload, it's impossible to scan its firmware."

Ansible CEO: A New Fold In The IT Automation Universe
Ansible brings a new aspect of IT automation to the Enterprise. The idea of being able to automate updates to your infrastructure simply and with higher flexibility has driven the high adoption rate we’ve seen in the past two years. This space has been dominated by what I call the “pre-virt automation” tools that made a name for themselves before Virtualization and Cloud was around. Ansible was built as a cloud native tool, able to manage both on-prem and cloud instances seamlessly and with greater flexibility ... We strongly believe that IT Automation should be a dull task; your IP competency should be your priority and the main focus for your software developers. Managing your infrastructure must be simple to a point that it’s almost boring.

French Minister Thinks Netflix Needs To Pay ISPs A 'Bandwidth Tax'
This reasoning is incoherent and stupid, since customers and content companies alike already pay plenty for bandwidth and infrastructure. Still, somehow Whitacre's absurd attempt to try and offload network operation costs to others went viral globally, and we've repeatedly seen overseas telcos trying to argue the same point ever since. Of course, whereas Google used to be the global telco whipping boy, we're increasingly seeing Netflix playing that role given its more vocal support of net neutrality.

Is Microsoft still the CIO's best friend?
"Licensing has probably been the single biggest reason why CIOs would not count Microsoft as a friend," he says. "The fact that there are specialists whose sole purpose is to interpret and explain how these licensing models work tells you all you need to know about the complexity, mystery, and confusion that exists around the myriad of Microsoft licence agreements." Even more frustratingly, Cox says that CIOs are often none the wiser as to which licensing model represents best value for the organisation after spending time with these specialists.

Heroku Expands Cloud Services For Enterprise Development
A new collaboration feature allows a wider team of developers, project managers, system administrators, partners, and contractors to work together on an application or a group of apps. "Enterprises are looking for a more powerful collaboration capability," noted Jesper Joergensen, senior director of product management, in an interview with InformationWeek. Heroku is trying to provide wider collaboration that is still under the review and control of a few overall managers, he said. For example, an application that made use of the language combination available on Heroku could be worked on by different teams under the new Enterprise collaboration umbrella.

To cloud or not to cloud for mobile enterprise security?
The cloud service providers, because of the nature of their service, have specific people to manage and provide the service. In the case of a dedicated infrastructure, an organization will need to train its own personal. As for provisioning, with a dedicated infrastructure, the client has to provide the infrastructure resource for their projected user baseline for the next 2-3 years. This means the resource will be oversized for the first couple of years. In a cloud-based model, the client doesn’t need to worry about this because he can pay just for the infrastructure that he is currently using. Finally, in terms of process, cloud service providers will have their own processes for meeting the requirements.

Microsoft adds HTTP Strict Transport Security support to Internet Explorer
HSTS addresses SSL stripping attacks by allowing websites to instruct browsers that they should always connect to them over HTTPS. Websites can express this policy through a Strict-Transport-Security HTTP header sent in a response. Once a browser sees such a header for a website, it will remember the preference and only accept HTTPS connections for that site in the future. Internet Explorer is actually the last major browser to get support for HSTS and even now it's not for all versions. Google Chrome has had HSTS support since 2009, Firefox since 2010, Opera since 2012 and Safari since 2013.

Microsoft: big data analytics for everyone
This news comes just 24 hours after HP announced its Haven Predictive Analytics software was fit for operationalising large-scale machine learning. These new services from Redmond reaffirm that "Microsoft is embracing open source" (the team is saying that a lot) and simplifying Hadoop (every body wants to do that, Hadoop is hard) for simplicity and ease-of-use. Updates to Azure HDInsight include a public preview of HDInsight on Linux and general availability of Apache Storm for HDInsight.

Metadata Driven Design - An Agile Bridge Between Design and Development
Usually, when metadata is put into use, it exists as simply a configurable set of data that can determine some aspect of behavior in an application. C# attributes can designate the preferred mode of a defined class, and a set of .properties files can contain the values needed by a Java application in order to establish a database connection. To some extent, one can scrutinize this metadata alone and deduce its intended effects upon the program’s execution. In some cases, it even has the power to tell a narrative, and if formed meticulously, it can tell the story of an entire architecture. Truthfully, there’s no reason that the very same metadata can’t also drive such an architecture, but we’ll get to that part later.

Quote for the day:

A community is like a ship; everyone ought to be prepared to take the helm." -- Henrik Johan Ibsen

February 17, 2015

Why Improving Emotional IQs Makes for Better IT Leaders
Why is this important to you? Because your IT and technology managers are a key part of your execution and retention strategies; those with a higher emotional intelligence will deliver better results in areas like team leadership, influencing people, organizational awareness, self-confidence and overall leadership. The good news, says Angela Yochem, CIO of BDP International is that, "The great thing about the technology field is that it attracts intelligent, passionate, interesting people, and I believe that, in general, the same openness to new ideas that attracts people to technology brings motivation, integrity, and comfort with change - all elements of high EQ."

Highly Distributed Computations Without Synchronization
Under this model, objects are no longer susceptible to these “concurrency anomalies”, because objects that observe Strong Eventual Consistency are designed to converge correctly under both concurrency and failure. This property makes these data types very powerful for ensuring correctness in distributed systems, especially distributed databases which use optimistic replication techniques. These data types come in two flavors: state-based, which rely on the properties of semilattices, and operation-based, which are more space-efficient and rely on the commutativity of all operations.

Neptune Duo inexplicably reverses the roles of smartphones and smartwatches
Ultimately, the Neptune Duo reeks of a device built by geeks for geeks, but with little thought about how normal people actually use technology. We can't imagine too many people would be eager to trade in their slim smartphones for a giant sci-fi movie prop. And there are still plenty of usability concerns to to deal with, like the mere act of taking phone calls. You can use the wearable's speakerphone or a wireless headset to chat with people, but you can't take calls over the Pocket (even though that seems like the most obvious way to do so). We'd have a bit more faith in the project if we saw the Duo working, but right now it's just a dumb prototype.

15 Hot Skill Sets For IT Pros In 2015
Security is one of the hottest fields for IT recruiters this year. "Security is a huge issue. Mobile and cloud computing is everywhere," said Laura McGarrity, VP of digital marketing and recruiting firm Mondo, in an interview with InformationWeek. McGarrity lists "security architect" and "security engineer" among her most sought-after titles this year. "Users are now connected on multiple devices, with multiple endpoints, making it tough to manage security risks," she said. If you want to ensure your skills stay sharp, it certainly pays to keep tabs on emerging and, dare we say, trendy technologies, as well as on the technology news headlines. That doesn't mean every marketable IT skill is a buzzword. In fact, far from it. Java developers are still highly employable -- the language remains ubiquitous in enterprise IT.

Gartner Says Managing Identities and Access Will Be Critical to the Success of IoT
The Identity of Things (IDoT) is a new extension to identity management that encompasses all entity identities, whatever form those entities take. These identities are then used to define relationships among the entities — between a device and a human, a device and another device, a device and an application/service, or (as in traditional IAM) a human and an application/service. Since devices have not traditionally been part of IAM systems in this way, the IDoT must draw upon other existing management systems to aid in developing the single-system view for the IoT. IT asset management (ITAM) and software asset management (SAM) systems have traditionally managed IT and software assets of all types.

IBM Redefines Storage Economics with New Software
IBM Spectrum Accelerate enables clients to layer their infrastructure with intelligent features derived from XIV. These features include unique architecture with zero-tuning that can help clients dynamically add storage capacity in minutes versus the months it takes today to add, install and run storage hardware systems. The software can help provide business continuity upon disaster for all committed data, compared to the risk of losing 15 minutes of data or more with certain other competing storage software. Both speed and data protection are essential to clients in data-driven industries such as financial services, healthcare, retail and telecommunications as they seek to deploy new workloads on the hybrid cloud.

Why an InfoSec Pro is Like a Doctor
"There is a shortage of common approaches to the education process in Information Security," Loeb says. "The long term approach needs to include influencing curriculum in the academic community to establish some of the principles of the cybersecurity mindset." In this exclusive interview with Information Security Media Group, Loeb speaks about the expectations being set by the new Modi government and how the ecosystem is poised for a change. He shares insight on how a sustainable training mechanism can be brought about to meet the nation's need for capacity building in the skilled information security workforce. Loeb also addresses:

Chips under the skin: Biohacking, the connected body is 'here to stay'
While the idea of chips embedded under the skin brings to mind the idea of cyborgs, Sjoblad was quick to point out at the conference that they are "already among us" -- thanks to pacemakers, medical implants, insulin pumps and neurally controlled prosthetics. Over time, the development and cost of materials to produce such technology becomes cheaper -- only 10 years ago mapping the human genome costed over $100,000, now it is closer to $10,000 -- and in the same way, rapid miniaturization of technology, lower production costs and demand for increased connectivity will propel under-the-skin smart technology forward.

Microsoft claims compliance with ISO data privacy standard
Cloud competitors are likely to call this a PR stunt — a concept that Microsoft is familiar with — but a security expert said ISO/IEC 27018 certification could become a major selling point to privacy obsessed consumers who balk at the notion that Google, because of its advertising business, uses customer data to sell stuff. Said this expert, who requested anonymity because he works with both Google and Microsoft: “Google would never agree to this since advertising is everything to them … Personally when I pay someone for a service, I expect my data to be private. When I use a service for free I accept that it is being paid for by sacrificing my privacy.”

Increasing Enterprise Agility and Agile Innovation
With the mainstreaming of Lean and Agile work practices, teams and employees are now increasingly "at war" with middle managers who have not been given a new role and continue to believe their value comes from directing and managing work and teams. Their mistrust of the self-direction and self-management that these practices promote cause them to increase their command and control management style, build silos of power and information, and worse, block access and direct engagement with executives (which keeps them in the dark and unaware of the problem).

Quote for the day:

“The greatest mistake we can make is to stay on the ground after falling.” -- Victor Manuel Rivera

February 15, 2015

5 Ways Data Virtualization Can Enhance Your Investment in the Enterprise Data Warehouse
As a replacement platform, Hadoop (as well as other high performance NoSQL tools) can be used to simplify the acquisition and storage of diverse data sources, whether structured, semi-structured (web logs, sensor feeds), or unstructured (social media, image, video, audio). In addition, data distribution and parallel processing can speed execution of algorithmic applications and analyses, and provide elastic augmentation to existing storage resources. However, at the current level of system maturity Hadoop does not necessarily address our aforementioned challenges. While there is a promise of linear scalability, migrating reporting and analytics to a big data platform does not address data dependencies and synchronization requirements.

Simple TOSCA Orchestration for Docker
TOSCA orchestration is already fairly mature, with a proven track record and speed of development, and many organizations are betting on and contributing to its success. TOSCA is now beyond its second major revision, has been around for a couple of years now, and is gaining traction in both commercial and open source projects such as: Juju, Cloudify, IBM Cloud Orchestrator, OpenStack Heat. It’s also being adopted by leading Telco vendors such as Alcatel-Lucent, Huawei, and Cisco. The fact that TOSCA is backed by a standards body (OASIS) makes it a great platform for defining a standard container orchestration specification that is portable across various cloud environments and container providers.

Thinking About Gamifying Your Workplace? Think Again
Gamification is hot. And why not? Turning mundane tasks into games will better engage your employees... and make coming to work a lot more fun, right? Maybe not. According to research conducted by Bonusly, a web platform that helps companies reward and motivate employees by using peer-to-peer bonuses--workplace gamification can result in a number of problems ... But that doesn't mean gamification won't work in the right situations. Check out the infographic for ways to effectively use gamification strategies.

The great internet swindle: ever get the feeling you've been cheated?
Part of the problem here, argues Keen, is that the digital economy is, by its nature, winner-takes-all. “There’s no inevitable or conspiratorial logic here; no one really knew it would happen,” he says. “There are just certain structural qualities that mean the internet lends itself to monopolies. The internet is a perfect global platform for free-market capitalism – a pure, frictionless, borderless economy … It’s a libertarian’s wet dream. Digital Milton Friedman.” Nor are those monopolies confined to just one business.

Can the Internet be archived?
The average life of a Web page is about a hundred days. Strelkov’s “We just downed a plane” post lasted barely two hours. It might seem, and it often feels, as though stuff on the Web lasts forever, for better and frequently for worse: the embarrassing photograph, the regretted blog (more usually regrettable not in the way the slaughter of civilians is regrettable but in the way that bad hair is regrettable). No one believes any longer, if anyone ever did, that “if it’s on the Web it must be true,” but a lot of people do believe that if it’s on the Web it will stay on the Web.

9 Generic Big Data Use Cases to Apply in Your Organization
Big Data means something different for every organization and every industry. What Big Data can do for your organization depends on the type of company, the amount of data that you have, the industry that you are in and a whole lot of other variables. Whenever I advise organization on their Big Data strategy, this is the main problem; there are so many different possibilities and often it is a struggle to find the right use case to develop into a Proof of Concept. That’s why I have developed the Big Data Use Case framework, to help organizations understand the different possibilities of Big Data and what it can do for their business. The framework divides 9 generic Big Data use cases into three different pillars

Stop Data Misuse, Speed Data-Driven Innovation
So, a main idea of its technology is for organizations to create those policies independent of individual data elements, instead applying rules to a higher layer. “The power to represent those policies at a higher semantic level is important,” he says, because it leads to the ability to speedily update policy changes at an organizational level. “Being able to do that and not have to tie things down to data fields is a great opportunity for the whole privacy and governance world,” Towvim believes. The angle TrustLayers takes to get organizations quickly started and able to scale up with Big Data authorization activities begins with capturing its policies for modeling, including the option to use policies pre-built at a higher abstracted level for specific industry sectors.

Microsoft tightens leash on POODLE attacks against IE11
With Tuesday's update to IE11, the browser is now set to stymie by default what's called "SSL 3.0 fallback," a mechanism that forces the browser to switch to the buggy SSL 3.0 from more secure encryption protocols, such as TLS 1.2. In December, an IE11 update offered the kill-SSL-fallback only as an option. With another update now slated for April 14 -- that month's Patch Tuesday -- Microsoft will completely disable SSL 3.0, the final step in its defensive change. Rival browser makers moved much faster than Microsoft to dump SSL 3.0.

Information Governance v Search: The Battle Lines Are Redrawn
Where are the rights to both privacy and security in the challenge of too-much-information? I am a strong proponent of privacy, and so are many in the IG world. I am also a strong proponent of cybersecurity. I think it is possible to have both. In both the Search and IG camps their are people who agree with me on these points, and others who disagree. Many see it as one or the other, especially people in government. They take extreme views favoring either security or privacy. Many in both tech and government simply dismiss the importance of privacy, and say just get over it. Advocacy for individual privacy is a separate battle in both worlds, IG and Search. The same is true over cybersecurity. I favor a balanced approach, and so do many in the IG world.

The more IT changes, the more technology issues remain the same
What is worse, according to Beighton, is that some CTOs are failing to track technology trends effectively. He says: "A good CTO should be naturally inquisitive. But a lot of CTOs are not keeping up with the times and the knowledge." Often he says, the CTO is not leading the technology direction of their organisations. Speaking at a Rackspace roundtable in London on e-commerce search, he said that product search had not evolved. He argues that most e-commerce sites work on the basis of publishing the availability of product or stock and hope the user buys from them. Often, sites will have spent a lot of money on Google Ads to get people there. "There’s so much more opportunity for these sites to help people and give them inspiration," he says.

Quote for the day:

"Earn your leadership every day." -- Michael Jordan