Daily Tech Digest - September 02, 2019

Big Four and Blockchain: Are Auditing Giants Adopting Yet?

Big Four and Blockchain: Are Auditing Giants Adopting Yet?At this point, all of the Big Four companies have at least demonstrated some interest in blockchain, albeit their approaches tend to differ. Some companies, like Deloitte, have been mostly researching how this technology has affected the general market, while EY, for instance, has focused on releasing software solutions tailored for the needs of cryptocurrency businesses.  Such diversity can be explained by the very nature of those companies — being professional services networks, they offer a variety of services, including audit, tax, consulting, enterprise risk and financial advisory. ... “Because the Big Four work in such a wide scope of sectors, they are unable (or unwilling) to dedicate serious time to blockchain. This makes sense, given that they cannot invest in every new technology set which comes along (although we view blockchain as different). One key thing to note is that many of the big four only got into blockchain when Crypto projects began using them to show more transparency. The Big Four are known to only get involved with something when their client base is using it, blockchain was and is no exception.”

Social media and enterprise apps pose big security risks

“Today’s organisations are heavily dependent on applications, and employees will often use them to perform key parts of their job,” said Ollie Sheridan, security engineer for Europe, the Middle East and Africa at Gigamon. “However, it also means these applications can have access to sensitive corporate data, which could put an organisation at risk if it fell into the wrong hands. “Organisations should therefore treat applications as part of their own network and aim to have complete visibility of their functions. Security should always be paramount when new applications are being deployed.” Scott Crawford, a security analyst at 451 Research, told Computer Weekly in June 2018 that security threats arise because companies are using a diverse range of applications. Often, IT and security teams do not have the resources or time to identify and respond to attacks, he said. The Gigamon survey also asked IT security professionals which applications they believe bring in the most malware to the enterprise.

The Psychological Reasons of Software Project Failures

Image 1
Coding is not a challenge. In fact, code is the last thing anybody is willing to pay for (though, ironically, it is the most important thing that gets produced in the end). The real challenge, and the real duty of a programmer, is solving problems that customers face, most likely with code but not necessarily. These problems are usually only partially “technical”, often sociological, often complex, often wicked. As problem complexity grows, the required effort, intelligence, knowledge and dedication to solve it grows as well, sometimes exponentially. Recognizing complexity, confining it and minimizing it is the ultimate goal of a programmer. This raises the bar so high that an average person might fail to present the sufficient personal qualities required for the job, and turn out to be relatively stupid. As David Parnas states it: “I have heard people proudly claim that they have built lots of large complex systems. I try to remind them that the job could have been done by a small simple system if they had spent more time on "front-end" design. Large size and complexity should not be viewed as a goal.”

Beware this insidious word in the workplace

What is the most important aspect of leadership? Because of its nature, it’s possible to begin a sentence with “Leadership is about…” and choose from dozens of applicable words to finish it, all of which would prompt nods of agreement. But my vote would be for trust as the most important among them. If leaders consistently undermine their people, they will also undermine the expectation that their people will do the right thing, whatever the context. If that expectation goes away, so, too, does motivation. Another key to leadership, a close second for me after trust, is respect — not just because the leader needs to earn respect, but because the leader must respect the people who work for him or her. When I interviewed the Hollywood executive Jeffrey Katzenberg years ago, he shared a key insight that stayed with me. “By definition, if there’s leadership, it means there are followers, and you’re only as good as the followers,” he said. “I believe the quality of the followers is in direct correlation to the respect you hold them in. It’s not how much they respect you that is most important.”

Why do DBAs dislike loops?

So why do data people tend to avoid (or even actively dislike) loops? (Can you say cursor anyone?). Scaleability! Loops just don’t scale well. A loop that is fast at 100 loops is going to take twice as long at 200 loops, five times as long at 500 loops and one hundred times as long at 10,000 loops. That’s a problem in the database world when at 10,000 rows a table is still considered small and depending on your experience a mid-sized table might be 1,000,000 rows or more. As in all things I like examples, so here’s a simple one. I’m creating a table with an identity column and a date column. I’m going to record times spent updating each row one at a time and just updating the entire table. Then I’m going to add 10 rows and run again, 10 rows and run again, etc until I have 7500 rows. Quick note to everyone who reads this and thinks “But …”. I’m aware this is a really simple example. If you have buts that you think will significantly change the outcome feel free to run a test yourself and if by some odd chance feel free to put the results in the comments, or even better blog them and link the blog in the comments

DigitalOcean Adds Managed MySQL and Redis Services

Both Managed MySQL and Redis options support up to two standby nodes that take over automatically if the primary node fails. Managed MySQL customers can provision read-only nodes in additional geographic regions for horizontal scaling. Managed MySQL customers also get access to monitoring and proactive alerting functionality, and the ability to fork an entire cluster based on a specific point in time. Bearfield says that Managed Redis will also get database metrics and monitoring upon general availability. Both the Managed MySQL and Redis offerings come with two cluster types: single node or high-availability. The single node clusters start at $15 per month and provide 1 GB of memory, 1 vCPU, and 10 GB of SSD disk storage. As evident by the name, the single node clusters aren't highly available, but do support automatic failover. The high availability clusters offer up to two standby nodes and begin at $50 per month. The single node plan offers database instances as large as 32 GB of RAM, 8 vCPUs, and 580 GB of storage.

CISOs turn to AI, detection, response and education

CISOs believe that AI, like machine learning, and analytics relieve IT teams of monotonous tasks, so they can focus on business-critical jobs such as identifying anomalous behaviour in their networks and responding to threats quickly. According to the survey, security leaders are currently allocating an average of 36% of their security budget to response. However, most would like to shift their resources from prevention to bolster detection and response capabilities and increase response investments to 40% of their budget. “There is a growing realisation that breaches are inevitable, and that strong detection and response practices are a greater priority,” the report said. CISOs believe talent and training constraints have a significant impact on their organisations, the survey found, with CISOs paying more attention to educating their own employees on best practices and building cyber security awareness in order to prevent and reduce internal threats.

People And Machines – A Workplace Reality

For people to seize this kind of opportunity they must be able to embrace change, as well as having access to learning and reskilling programmes to help them on their journey. As mentioned above, this is one area where HR cannot afford to drop the ball. Similarly, another crucial factor to consider is ensuring that all employees are able to benefit on an equal basis. “We have to ask ourselves,” says Cable, “if we don’t act and invest with new technology, who might be left behind? 15 per cent of organisations were saying they didn’t see any need to invest in new technology. Those organisations are essentially taking a back seat, and choosing not to take advantage of all the new things around us.” Worryingly, Cable observes, an area where that investment is least likely to be made is HR. HR departments tend to have a slightly more female workforce. Is this therefore another inhibitor to women being able to contribute in technology-enabled organisations? It’s a subtle point, but this is certainly something that HR – and organisations in general – should be aware of.

Software Deployment Strategy: How to Get It Right the First Time

Software Deployment Strategy: How to Get It Right the First Time
There is an intense focus today on customer experience (CX). Ensuring that your website visitors have access to the information they want, and they can find it quickly and easily, is just part of your overall CX. This makes your customer-facing technologies – the ones that power your website or mobile app – critical investments, even though they may not carry the price tag of an ERP system. Even the smallest investments need to be vetted to make sure they work with existing infrastructure and processes. One small piece of website tech that ends up degrading your online CX can cost your organization millions in a very short amount of time. There’s simply too many choices just a click away today if something isn’t working properly. Differentiating technologies are also more likely to be customized than an application like ERP, which can often use a number of out-of-the-box processes. These are areas where a software deployment strategy involving your EA team can help guide the software purchase and deployment process.

Figure 1. Adaptive Attack Protection Architecture
To help determine which combination of cloud email security products might work best for any organization, we believe, a thorough analysis of existing email security products to understand the current solution’s capabilities completely. Gartner recommends, “Leverage incumbent email security products by verifying and optimizing their capabilities and corresponding configurations. This will serve as the start of a gap analysis to determine where supplementation or replacement may be required.” The Cisco Threat Analyzer for Office 365 quickly detects security gaps in Office 365 email inboxes to provide visibility into threats that may have gone undetected and identify security vulnerabilities. In addition, to support this growing cloud email platform user base, Cisco Email Security now has data centers with global coverage located in North America, Europe and Asia. These locations allow for local customers to satisfy data access and sovereignty requirements in their specific regions and provide the confidence that their data will remain within region. For those install base customers using an on premise or hybrid solution, this global coverage gives them the peace of mind for migrating from on premise to cloud email.

Quote for the day:

"Tenderness and kindness are not signs of weakness and despair, but manifestations of strength and resolution." -- Khalil Gibran

No comments:

Post a Comment