The stripped back Debian-based OS comes pre-installed with a number of Docker tools for Raspberry Pi versions 1, 2, and 3, as well as the Pi Zero and the compute module. HypriotOS utilizes the pre-installed Docker Engine 1.12.1, and Docker's Swarm Mode helps spread containers between a multi-node Pi cluster, which could be helpful for developers looking to build a network of Internet of Things devices. To get up and running, users will need to install the HypriotOS flash tool on an SD card, which is then inserted into a Raspberry Pi. Booting up takes less than five minutes, according to Hypriot. HypriotOS developers have optimized the toolset to only require 600MB of disk space and have reduced the size of the download packages to 232MB. They're also promising security out of the box by, for example, removing the 'root' user by default.
Although world-wide Continuous Integration is resoundingly popular, we have run into some problems. Communication pipes aren't as wide and reliable as we'd like, so many source control operations can get awkward from a remote site. In general we keep the build servers in the same site as the majority of developers, but remote sites can find it takes an annoyingly long time to get a fresh update from the mainline. The longer the communication lines are, the more they are prone to anything from glitches to lines being down for a while. Having the repository accessible 24 hours makes it annoying to take it down to do backups. All of these issues would mitigated by a clustered code repository, but we haven't experimented with anything like that yet.
“Bitcoin and the concept of the internet of money that it creates are this new model for a payment network that spans the globe, that has no borders, very much like the internet, that allows you to run financial applications that are controlled by software and, rather than political rules, are controlled by mathematical rules.” He says the fact that the network can process payments as small as hundredths of a penny or as large as billions of dollars will enable all kinds of applications that are impossible with the traditional financial system. Tune in to our fun and chock-filled conversation to hear why he says, “Bitcoin doesn’t care if you’re a person, a piece of software or an automatic dog-feeding bowl,” and for his far-out descriptions of how taxis and disaster relief could operate in the future.
Every industry is built around long-standing, often implicit, beliefs about how to make money. In retail, for example, it’s believed that purchasing power and format determine the bottom line. In telecommunications, customer retention and average revenue per user are seen as fundamental. Success in pharmaceuticals is believed to depend on the time needed to obtain approval from the US Food and Drug Administration. Assets and regulations define returns in oil and gas. In the media industry, hits drive profitability. And so on. These governing beliefs reflect widely shared notions about customer preferences, the role of technology, regulation, cost drivers, and the basis of competition and differentiation. They are often considered inviolable—until someone comes along to violate them. Almost always, it’s an attacker from outside the industry.
Operational excellence is a key success factor for enterprise IT. However, building operations to support growth and business innovation, while maintaining day-to-day operations can be challenging. Clearly, the public cloud offers compelling agility to support rapid change and growth. But successfully moving existing applications to the cloud requires good process, along with good technology that can bridge the gap between heterogeneous cloud environments. As enterprise IT departments attempt to match data center supply with growing and often fluctuating demand from users, balancing between a situation of under-utilized resources and that of over-commitment, becomes essential. The cost-effective, pay-as-you-go nature of the public cloud can complement existing private cloud computing resources.
For most companies, these requirements will mean updated privacy policies in dealings with customers and employees. Another key principle – the ‘choice’ principle – requires companies to offer individuals the opportunity to choose whether their personal data will be disclosed to a third party or used for a purpose that is different from the purpose for which such personal data was originally collected or subsequently authorised. Companies must respect individual choices and implement technical mechanisms so that data subjects may be informed, and be given the opportunity to opt out, of uses of their personal data. In addition, contracts with third party data processors will need to be reviewed to ensure that personal data will only be processed in a manner consistent with the basis on which the data was collected in the first place and with the level of protection required by the Privacy Shield.
The security around private keys is a particularly relevant topic now given the recent hacking of the Bitfinex exchange in which bitcoins worth about $70 million were stolen. Although the exact details of the attack are not yet available, it is clear that the hackers were somehow able to access the private keys that secured customers’ accounts and steal the bitcoin. Private keys can be thought of as secret codes or passwords that prove ownership of digital assets. Technology companies developing permissioned blockchains for financial services will need to completely rethink the multi-sig/cold storage approach currently employed by digital currency exchanges.
“With tens of thousands of malware variants being generated each day, this lack of defense may leave an organization wide open to compromise,” the report notes. Hospital data security professionals continue to fight for adequate budgets and resources, Kim notes. On the non-acute side, which includes physician practices and other providers such as long-term care facilities, the data suggests they are paying more attention and money to address security, but there is not yet a trend of small providers fortifying their cyber defenses. These providers are aware of looming threats, “but may not yet be aware of the pervasiveness of cyberattacks,” Kim says. Further, only 42 percent of surveyed non-acute providers have intrusion detection technology, so they may not even be aware that an attack has occurred.
Corporate leadership must make third-party risk management a priority for it to be successful. Such a program requires resources, and often involves delays in the purchase of products and services while the related risk is assessed. Without strong support from the C-Suite, managers will simply ignore third-party risk, and just buy whatever they want whenever they get in a hurry. Third-party oversight should begin with a structured program, with proper documentation and procedures. The program must be an ongoing effort, rather than a one-time review. This should include complete analysis of each vendor BEFORE a contract is signed. For ideas on how to structure such a system, I would suggest that you review "Third-party risk management -- not just papering the file."
Quote for the day:
"Gratitude is absolutely the way to bring more into your life." – Joe Vitale