Daily Tech Digest - November 27, 2018

Mass data fragmentation requires a storage rethink
It’s been estimated that up to 60 percent of secondary data storage is taken up by copies, needlessly taking up space and cost and raising risk. Worse, there is no re-purposing of the data for other use cases, such as test/develpment (where frequent copies of data are made for developers to test or stage their apps) or analytics (where data is copied and centralized in a lake or warehouse to run reports against). Today’s distributed, mobile organizations and easy access to cloud services mean there are more options than ever for data to be stored in multiple locations – perhaps without IT’s knowledge or control. And with the advent of edge computing and the Internet of Things (IoT), some data will never move from its edge location but will need to be managed in situ, away from conventional infrastructure and control. The specialized and siloed nature of secondary infrastructure and operations means IT is burdened with extra Opex and organizational overhead just to "keep the lights on," as well as extra cycles for coordination across functions to meet SLAs, recover from failures, manage upgrade cycles, troubleshoot support issues, and so on.



How to avoid the coming cloud integration panic

Enterprises typically don’t think about data, process, and service integration until there is a tactical need. Even then, they typically get around the issues by pulling together a quick and dirty solution, which typically involves FTP, a file drop, or even Federal Express. The result of all this is that a lot of integration between the cloud and on-premises systems remains undone, be it data integration, process integration, or service integration. This will become a crisis in 2019 for many enterprises, because they can spend the entire year, or more, just pulling together integration solution for their public cloud systems—which they now depend on for some mission-critical processes. To avoid that crisis, here’s what you need to do. First, catalog all data, services, and processes, using some sort of repository to track them all.. You need to do this for all on-premises systems and all public cloud systems, and you need to do so with the intent of understanding most of the properties so you can make sure the right things are talking to the right things.


TLA calls on tech industry to hire one million tech workers by 2023


TLA suggested increasing the amount of funding for female-founded businesses to increase diversity in the city’s tech sector, and recommended encouraging women to join investment firms to push up the likelihood of funding for female-led firms. Linda Aiello, senior vice-president of international employee success at Salesforce, said the “cognitive diversity” of teams created by having a mix of talent will help firms to better reflect their customers, and considering diversity in the tech industry is not only becoming “increasingly important” for product design, but should be considered at all levels of a company. “The technology sector, like almost every other industry, faces a diversity gap,” she said. “This is an issue that’s felt across all organisations and all sectors and it crosses so many threads from gender and race to religion, sexuality and socio-economic backgrounds – each of which contributes to the cognitive diversity of a team.” 


Researchers Use Smart Bulb for Data Exfiltration

For their experiment, the researchers used the Magic Blue smart bulbs, which work with both Android and iOS, and which rely on Bluetooth 4.0 for communication. The devices are made by a Chinese company called Zengge, which claims to be a supplier for brands such as Philips and Osram.  The bulbs are marketed as supporting Bluetooth Low Energy (Bluetooth LE or Bluetooth Smart) and the researchers focused on those using the Low Energy Attribute Protocol (ATT). Some of the bulbs are only Bluetooth Smart Ready, the researchers said.  The bulbs use Just Works as pairing method, which allowed Checkmarx to sniff the communication with the mobile application used for control. The Android application, the company discovered, works with other bulbs that have the same characteristics as well.  The researchers paired the mobile phone running the iLight app with the smart bulb and started controlling the device, while also attempting to capture the traffic.


How to implement Enterprise DevOps: 5 steps

istock-881484354.jpg
Under a traditional IT operating model, there are generally too many handoffs between teams, said John Brigden, vice president of Amazon Web Services (AWS) Managed Services, during a Monday session at AWS re:Invent 2018. "You've got lots of handoffs when a change is made, or any kind of adjustment is made to the environment ... and that can result in loss of innovation, loss of speed, and a lot of other challenges the enterprise faces today," Brigden said during the session. The notion of DevOps and DevOps teams in general can also be flawed, he added. "You might have tens, even hundreds of DevOps teams in your environment, and if these DevOps teams are left to figure everything out for themselves—network configuration, security compliance, compliance with PCI, change management, automation, in addition to writing the application to achieve their business outcome —you can get to a place where you have a lot of non-standardization, a lot of complexity, and perhaps create an environment that could slow down what you're really trying to achieve," Brigden said.


Weren’t algorithms supposed to make digital mortgages colorblind?

Some online lenders, such as Upstart (which does not offer mortgages), have said their algorithms help reduce the cost of credit and give more people offers at better pricing than traditional lenders. Upstart uses “alternative” data about education, occupation and even loan application variables in its underwriting models. (For instance, people who ask for round numbers like $20,000 are a higher risk than people who ask for odder numbers like $19,900.) “A lot of variables that tend to be correlated with speed or lack of prudence are highly correlated with default,” Upstart co-founder Paul Gu said in a recent interview. “And indications that someone desperately needs the money right away will be correlated with defaults.” Such factors are less discriminatory than relying on FICO scores, which correlate to income and race, according to online lender. But in the mortgage area, it appears that bank and fintech lenders are baking traditional methods of underwriting into their digital channels.


It’s complicated: How enterprises are approaching IAM challenges


IAM is all of these things and more – and for those running security in the enterprise, it is clear that living with the multiplicity of IAM is par for the course because IAM is more than just identity provisioning or access governance or single sign-on (SSO) or any one of a long list of disciplines. The success, or otherwise, of identity management in companies today relies on moving from singular and isolated technical initiatives to a full IAM programme – or at least having a plan for such a journey. “If you had to single out a sector at the cutting edge of IAM, it’s financial services,” says Martin Kuppinger ... “That’s because finances need good protection – and regulators and the sector itself have long required secure digital identities and standardised processes. Yet that’s only one part of the IAM story now, because next to this security-first identity agenda is a parallel consumer-convenience move being driven by the large digital companies that are developing a different kind of expertise in consumer identity management.”


Pattern Recognition and Machine Learning

Download Bishop Pattern Recognition and Machine Learning 2006
This leading textbook provides a comprehensive introduction to the fields of pattern recognition and machine learning. It is aimed at advanced undergraduates or first-year PhD students, as well as researchers and practitioners. No previous knowledge of pattern recognition or machine learning concepts is assumed. This is the first machine learning textbook to include a comprehensive coverage of recent developments such as probabilistic graphical models and deterministic inference methods, and to emphasize a modern Bayesian perspective. It is suitable for courses on machine learning, statistics, computer science, signal processing, computer vision, data mining, and bioinformatics. This hard cover book has 738 pages in full colour, and there are 431 graded exercises. Solutions for these exercises and extensive support for course instructors are provided on Christopher Bishop’s page. Now available to download in full as a PDF.


Hiring tips: 9 secrets to working with IT recruiters

Hiring tips: 9 tips for working with IT recruiters
You can’t expect recruiting professionals, whether internal or external, to find the best talent if you’re not one hundred percent honest and open about the available role or roles, what you’re looking for, your timeline, what you’re willing to pay and the amount of competition for the vacancy, says Mondo’s Zafarino. “One thing that is key from the recruiter’s perspective is having full transparency from the CIO or IT hiring manager,” Zafarino says. “If there are internal candidates in the running, too; if you’re using other agencies as well, that’s fine. But you must communicate this to your recruiting partner. Let them know where your budget approval stands, or if you’re still working on getting the resources. And the most important thing is allocating the right amount of time for recruiters to fill the need. If it’s an urgent need, we’ll go full steam ahead, but if it’s a more passive potential hire then we’ll reallocate sources according to your needs and where you’re at in the process.”


Great Scrum Masters Are Grown, Not Born


Here's my assertion: Scrum Masters are Agile Coaches because they do what Agile Coaches at the program level do; they just do it within the scope of one or a few teams. They need all the skills and self-leadership that Agile Coaches at the program level need to be really effective for the teams they serve.  I am part of the working group ICAgile commissioned to refresh the Learning Path for Agile Coaching which was released earlier this year. When we got together, one of the main things we wanted to adjust in the community at large was this notion that a Scrum Master is somehow a less powerful role than Agile Coach or that it's even an administrative role that does not require a lot of skill. These were damaging applications of the roles that we saw across the industry. It resulted in stunted Scrum Masters who were not allowed to develop the skills needed to really help teams not only deliver, but deliver while improving team capabilities. The people on the ground need a full complement of skills because on the ground, with teams, day in and day out, is where the action is.



Quote for the day:


"Leadership happens at every level of the organization and no one can shirk from this responsibility." -- Jerry Junkins