IT pros who don't take the time to lift their heads and assess the likely IT landscape five years out may be asking for career trouble. ... "The IT department isn't going away, and the role of the CIO isn't going to be marginalized. But as more workloads shift to the cloud, the construction of the IT department, by necessity, must change away from traditional roles to those more focused on vendor, business, security, and service management," Quin says. "This doesn't mean that development and administration jobs go away, just that there are fewer of them." The jobs that remain, Quin says, will focus on what he calls the "shim" layer that integrates different public cloud services with a few applications that must remain in-house. These could include highly sensitive corporate (or scientific) data or medical records and images, for example.
In any case, security positions are not entry-level positions, and if you treat them as such, you will have terrible security. The best security practitioners have experience in the technology and processes that they are supposed to secure. If you are not an experienced developer, you do not have the standing to tell people how to secure the code they write. If you have no experience as a system administrator, you cannot maintain the security of a system. If you have no experience as an administrator, you cannot secure a database. If you have no experience in designing a network, you cannot competently design a secure network.
Continuous delivery teaches us that small, frequent changes are easier to manage, test, and fix than large, infrequent ones. In the words of Jez Humble, “…continuous delivery becomes even more important when you’re risk averse. Big-bang releases are horribly risky.” Continuous change may seem to cause continuous failure; counterintuitively, though, it actually reduces the overall cost of failure. Systems rot over time, even when they sit unchanged. Rot can arise due to human forgetfulness, or due to drift between a past decision and that decision’s appropriateness for current conditions. Exposing rot is no different than doing integration testing. The more you try to do at once, the more complex it is to understand and repair the problems you find.
The immediate fix was to wipe the database, and this was easy as the application has a microservice architecture, and a specific service for adminsitrative functions called scaler, one of the 12 factors that make cloud native applications successful. So, once the database was wiped of any concerning images (using the /clear REST endpoint) and had newly collected a few innocuous images, the next step was to shut down collection of new images, so that the demo would stay somewhat static, but remain available. Again, because of the microservices architecture, it was a simple matter of stopping the watcher service with one simple command (cf stop watcher). From there were were safe to show the demo again, and I had time to play with solutions to the problem.
Most folks see impatience as impetuousness, but Wall's definition is about having a sense of drive. Put another way: "Patience is also synonymous with inaction," Brian said. As businesses embrace agile practices where speed and continuous improvement are standards, impatience might just become an advantage for IT organizations. And why shouldn't it? The business doesn't want to wait weeks and months for systems to be built and questions to be answered, nor should it have to. "I talk to a lot of teams who struggle with agility and, oftentimes, I think it has to do with delivery teams who don't fully appreciate the urgency of the job and the fact that things have to get done right now -- in the best possible way, of course," he said.
“Customers are skeptical when a solution provider they think of as their ‘HP VAR’ or ‘Microsoft reseller’ claims to be able to implement IOT solutions,” DeSarbo said. "IoT is where the cloud was five years ago; there’s a lot of hype and a lot of skepticism.” VARs can overcome that skepticism by clearly documenting and communicating the value and ROI every IoT solution they present to clients. “The absolute wrong thing to do is to say you’re into IoT without being able to back up the claim with actual implementations. There’s a lot of rolling of eyes now at IoT,” DeSarbo said. “Solution providers need to tell more stories about their applications that leveraged IoT. They have to tie those in with their real business impact economic value.”
Concerns about technology were a key focus in Australia, with distribution channels, change management, and product development featured among the top seven ‘banana skins’. The pace of change is a source of anxiety for insurers concerned that existing business models can remain viable in the face of disruptive technology. “The industry is on the precipice of an enormous amount of change, largely being driven by digital innovation. The impact of wearable devices and connected cars will be significant – once consumers get a level of comfort around sharing data with insurers, the expectations of more personalised and customised products and premiums will quickly follow,” Fergusson said.
Robert Knake, former head of cybersecurity policy at the National Security Council, said those advocating for hacking back are overreacting. “It’s bad. But it’s not devastating,” said Knake of the confidential data exposed by the breach. “The reason it’s not devastating is that we know about it.” Speaking at a recent Atlantic Council panel debating the consequences of cyber revenge, Knake said identifying the breach offers the opportunity to mitigate the damage. Once armed with this knowledge, the government can use the hack to its advantage, he argued. For example, in the event that a nation uses information gleaned from the breach to identify Americans involved in sensitive activities, Knake said the U.S. could respond with misdirection by changing personnel.
Performance measures reported in scorecards and dashboards is one of the core components of integrated enterprise and corporate performance management (EPM/CPM) rivaling in importance other improvement methods such as customer relationship management and managerial accounting. Regardless of the type of KPI, analytics (such as segmentation, correlation, regression, forecasting, and clustering) should ideally be imbedded in each method, and they are critical for employees to achieve and exceed KPI targets. ... Brett describes different types of KPIs in an article titled “Five Distinct Views of Scorecards – and Their Implications.” With Mr. Knowles permission, here they are abbreviated with my minor edits
Microservices are an architectural technique. It is a tool that we have in our bag of tricks as software engineers and it is not necessarily a means to an end. If you have some bottleneck or if you have some set of algorithms that can be subdivided and provided as individual services to the consumers of those services, then it may make sense to decouple them from the monolith and deploy them as microservices. But if you have a monolithic architecture and you have not thought through how the components in that monolithic architecture are working together, the interfaces between them, then going to microservices without doing your homework and thinking through the data for all of your architecture, what the pain points are, the potential bottlenecks and the performance issues, then going to microservices may be a mistake.
Quote for the day: "Just because we have the intelligence to stop every intrusion doesn't mean we should." -- Matthew Wong