Daily Tech Digest - February 14, 2019

Stumbling with your public cloud deployments? An industry analyst offers advice.

advicecloud
Yuen went on to say lines of business (LOB) or other groups are not working with core IT as they deploy to the public cloud; therefore, they are not getting all of the advantages they can. “You want to maximize the capabilities and minimize the inconvenience and cost. Planning is absolutely critical for that -- and it involves core IT,” says Yuen. To ensure the best results possible, you should involve key players in the organization. For example, the organization’s procurement experts should be consulted to ensure you get the best deal for your money. Budgeting is also important. “Companies very quickly realize that they don’t have variable budgets,” continues Yuen. “They need to think about how they use cloud and the consumption cost for an entire year. You can’t just go about your work and then find that you are out of budget when you get to the second half of the fiscal year.” The beauty of an as-a-service model is you only pay for what you use. The risk is you have a virtually unlimited capacity to spend money.


Using the SharePoint Framework with Teams to build simple custom apps

SPFx goes further than integrating your Teams applications with SharePoint, building on the growing Microsoft Graph APIs to integrate with Office 365 and Microsoft 365. Like older SharePoint development technologies, you can use web parts from Microsoft, third parties, a growing set of open-source community components, or custom components developed by your own SharePoint development team. More complex code can be written in TypeScript, Microsoft's JavaScript-based language, which gives you strong typing and tools that make it easier to build and manage large-scale web applications. Using TypeScript will make it easier for server-side developers who've been using C# to build SharePoint applications to transition to client-side in-browser code, as TypeScript builds on many familiar C# development concepts. Using SPFx 1.7 you can now also use web parts to handle data connections, so you can extract information from a page and send it back to a server, and link different web parts in the same page.


Gartner: debunking five artificial intelligence misconceptions

Gartner: debunking five artificial intelligence misconceptions image
What is artificial intelligence? Well, these days, the answer depends on who you ask. For some, it means computers have finally achieved, just like us, general intelligence; what Ray Kurzweil would call the “singularity“. For others, it’s merely a conglomeration of existing tools; it’s machine learning, natural language processing, deep learning and so on. But, with AI technology making its way into the real world of business, it is crucial that business and IT leaders fully understand how AI can create value for their business and where its limitations lie. As Alexander Linden, research vice president at Gartner, said: “AI technologies can only deliver value if they are part of the organisation’s strategy and used in the right way.” ... human intervention is always required to develop AI-based machines or systems. The involvement may come from experienced human data scientists who are executing tasks such as framing the problem, preparing the data, determining appropriate datasets


The Short Life of Enlightened Leadership (and How to Extend It)


The history of socially responsible companies shows that when virtuous programs and policies exist primarily because an individual leader cares about them, his or her successors have no problem removing them. These practices are far more likely to last when they are institutionalized in rules of governance. Thus, a few enlightened capitalists have attempted, in one form or another, to institutionalize their practices in an organizational structure. Sometimes this involves a family business structure; sometimes, as with England’s 174-year-old Economist magazine, it involves a board of independent trustees charged with safeguarding its corporate and editorial independence. It can also rely on an independent trust or foundation that owns most of the company stock. Among the companies that have tried this solution are the Encyclopedia Britannica; the tea company Camellia; and some of Continental Europe’s largest corporations, including IKEA, Heineken, and Bertelsmann.


Ransomware warning: That romantic message may hide a nasty surprise


Subject lines used in this GandCrab campaign all relate to romance. Examples include 'This is my love letter to you', 'Wrote my thoughts down about you', 'My letter just for you' and 'Felt in love with you'. The body of the email only contains a * symbol and comes with an attachment - a zip file containing a JavaScript file. The file name follows the same pattern in every malicious email - 'Love_You_2018_' followed by seven or eight random digits. If the user chooses to extract and execute the JavaScript file, it'll download and excute GandCrab ransomware form a malicious URL embedded in the script. Before the ransom note is presented to the victim, they're asked to select a language to see it in – English, Korean or Chinese, something which researchers suggest indicates the main targets of those behind GandCrab. After this, the user is directed to a ransom note explaining that their computer has been encrypted and that they need to pay a ransom in Bitcoin or DASH cryptocurrency in order to get them back.


Continuous Delivery - It’s Not All About Tech!

Changing habits is hard. A habit is something you automatically do so, you have to work at stopping doing the old habit and replacing it with a new one. Publishing the data that highlighted the problems in our release cycle helped create an acceptance of the problems, plus a will to fix them.  We tried a few things to help us form good habits. For example, we had hours of delay due to the people involved in the release process sending emails as the primary communication method. An email would get sent, a message was communicated, job is done. However, until the recipient has read and understood the email, you haven’t communicated anything. If they are in a meeting, or only check their emails once or twice a day (a good habit!), then it could be hours before they see it. To quote a friend, Rob Lambert (@Rob_Lambert), “communication is in the ear of the listener”.


That VPN may not be as secure as you think

VPN, security, network security, internet security
That’s more serious than unintended leaks, the team explains — users trust providers not to snoop. The point of a VPN is to be private and not get monitored. VPN use ranges from companies protecting commercial secrets on public Wi-Fi to dissidents. Some botches are actually “defeating the purpose of using a VPN and leaving the user’s online activity exposed to outside spies and observers,” the researchers say. Other problems the team discovered include that some VPNs allegedly lie about the server locations. “We found some VPNs that claim to have large numbers of diverse Internet connections really only have a few servers clustered in a couple of countries,” the researchers wrote. They say they found at least six VPNs faking routings through certain countries when they were actually going through others. That possibly creates potential legal issues for the user, depending on local laws. Other trouble areas included privacy policies. Fifty of the 200 VPN providers that were tested had no privacy policies published on their websites at all, the group says.


Impending takeover of Ultimate Software leaves its RPA solution for HR undiminished

RPA for HR: Impending takeover of Ultimate Software leaves its RPA solution for HR undiminished image
Before we go any further, we must deal with the elephant in the data centre: Ultimate Software is subject to an $11 billion bid from a group of investors led by private equity outfit Hellman & Friedman. In a statement, the company said: “Our customers will benefit from our ability to bring new features and services to market more quickly, while still enjoying the same high level of service they have with Ultimate today, or better, with new innovations to our offerings.” Or to put it another way, whatever happens next — and by the way, the agreement the company has with the prospective investors allows it a 50-day ‘go-shop’ period, to look for alternative deals — it’s in no ‘would be’ purchaser’s interest to limit the product offering. The bid represents a 19% premium on the share price before the offer. And the company says that post purchase, its existing management under the leadership of Chief Executive Scott Scherr, will still be at the helm.


A Look Back at 2018 and What’s to Come in 2019

On the topic of certification, one of the significant changes we made during 2018 was actually in our Professional Certification Programs for Open Certified Architects (Open CA) and Open Certified Technical Specialists (Open CTS). Using The Open Group Open Badges digital credentials program, individuals seeking professional certification as either a Certified Architect or Certified Technical Specialist can now achieve their certification in stages by working toward a requisite number of badges required for each program. We’re very proud of the work that has gone into creating milestone badges for these certifications—and we are looking forward to the launch of a new professional standard for Data Scientists early in 2019, as well. Open Badges for certification to many of our standards, such as TOGAF, ArchiMate, IT4IT, and Open FAIR are also now available.


OIG identifies risks related to NIH’s sharing of sensitive data

The agency also agreed with OIG’s recommendations to ensure security policies keep current with emerging threats and to make training and security plans a requirement. Nonetheless, NIH disagreed with the OIG’s call for additional controls to ensure training and security plan requirements have been fulfilled. In addition, the agency also informed auditors that it recently established a working group to address and mitigate risk to intellectual property, as well as to protect the integrity of the peer-review process. “We maintain that our findings and recommendations are valid,” concluded OIG. “We recognize that NIH reported that it is already taking certain actions, such as the working group that was recently established, that may address our recommendations. We also provided NIH with other potential actions to address our findings and recommendations. If NIH determines that it does not need to strengthen its controls, it should document that determination consistent with applicable federal regulations and guidance.”



Quote for the day:


"A company is like a ship. Everyone ought to be prepared to take the helm." -- Morris Wilks


No comments:

Post a Comment