Daily Tech Digest - January 30, 2020

IT pros need to weigh in on that ‘sassy’ security model

access control / authentication / privileges / security / key
Cloud and SaaS adoption by enterprises has changed network traffic patterns, requiring fundamental change in network and security architectures. As Gartner notes, the role of the enterprise data center has changed dramatically. More user traffic goes to cloud services than to those data centers, and more workloads run in IaaS than the data centers. Cloud services contain more sensitive data than enterprise data centers. The use of the enterprise network has also changed, with more user work done off the network than on, and more applications accessed via SaaS than the enterprise, Gartner says. So, controlling access and applying security policies based on the user, device and application that are connecting to the network makes more sense than focusing access control on the data center. Advances in network/security software and cloud intelligence have enabled new solutions which are quick to deploy, scalable, flexible and simple to manage such as SD-WAN, SD-Branch and CASB. Edge computing and IoT applications require distributed, low-latency networking and security that are likely to be delivered as cloud-based services.



JetBrains taps machine learning for full-line code completion
JetBrains has laid out a 2020 roadmap for IntelliJ IDEA and its IntelliJ-based IDEs. The promised new capabilities range from additional machine learning driven code completion to collaborative editing. The company said the additional machine learning based code completion capabilities would make better use of the context for ranking completion suggestions and generate completion variants that go beyond a single identifier to provide full-line completion. Considered a major area of investment, full-line completion may take a while to appear in the product. JetBrains already had been exploring the use of machine learning for code completion, and some results of that research have made their way into products. IntelliJ now uses machine learning to improve the ranking of completion variants, and language plug-ins tag each produced completion variant with different attributes. IntelliJ also uses machine learning to determine which attributes contribute to item ranking so the most-relevant items are at the top of the list. In addition to machine learning based code completion, JetBrains cited a multitude of improvements to IntellIj for 2020, subject to change.



There are certain considerations when it comes to edge virtualization. For example, admins must determine whether their data centers are ready for edge virtualization and if they require a complex instruction set computing (CISC) processor or reduced instruction set computing (RISC) processor. However, edge virtualization can ease device management, introduce reduced costs and manage vast amounts of data, all of which significantly benefit modern data centers. A main benefit of edge virtualization is device management. In implementing virtualization at the edge, admins can track resources, monitor performance and ensure the health of their systems to better control their edge devices. Admins can use VMware ESXi to control their edge devices. This is beneficial because ESXi provides added isolation, which helps increase the security of edge devices. In addition, hypervisors such as ESXi help to ensure each VM within a network has the resources required to perform efficiently.



EU implements 5G infrastructure restrictions on ‘high-risk’ suppliers


The EU sees closely coordinated implementation of the toolbox as indispensable to ensure EU businesses and citizens can make full use of all the benefits of the new technology in a secure way. “We can do great things with 5G,” said Margrethe Vestager, executive vice-president for a Europe Fit for the Digital Age. “The technology supports personalised medicines, precision agriculture and energy grids that can integrate all kinds of renewable energy. “This will make a positive difference, but only if we can make our networks secure. Only then will the digital changes benefit all citizens.” Thierry Breton, commissioner for the EU Internal Market, added: “Europe has everything it takes to lead the technology race. Be it developing or deploying 5G technology, our industry is already well off the starting blocks. Today we are equipping EU member states, telecoms operators and users with the tools to build and protect a European infrastructure with the highest security standards, so we all fully benefit from the potential that 5G has to offer.”


Google looks ahead to the next decade of AI research


While Google and the industry at large have made significant strides in AI in the past few years, public awareness of the technology's potential drawbacks -- and corresponding regulation -- is only now beginning to catch up with the industry. Google has, in turn, started talking more about the ethical guidelines it applies to its AI research. About a year and a half ago, the company released a set of principles to help guide its development of AI applications. Google also committed to refraining from building AI for technologies that could cause harm, such as weapons.  "As we start to think about how these systems and this research gets out into the world, it's really important for us to think about what are the implications of this work, and how should we be thinking about applying it to certain kinds of problems, and the problems we shouldn't be applying it to," Dean said.  While it's easy to look at Google's commitments and scratch "weaponized drones" off its list of technologies to build, there are plenty of other AI-driven technologies -- even seemingly innocuous ones -- that could cause harm.


Simulating Agile Strategies with the Lazy Stopping Model

The "Lazy Stopping Model" therefore just reflects the idea that we choose how much information to gather before taking an action. If we gather less than we "should", for some reason, then we can say that the agent (a simulated person or organisation) has stopped gathering info and is taking action before it should. But in practice, it may be impossible to avoid "lazy stopping," which is where agile strategies come in. Agility is mainly a defensive strategy against your own ignorance. It’s about dealing with the costs of previous decisions by either failing fast and thereby learning quickly, and/or by lowering the costs of adjustments and re-working them when you learn that what you had built or deployed at first is not quite right. This includes creating an environment and office culture where that is OK and expected, as long as you also learn quickly. In contrast, to maximise efficiency, a more offensive strategy would need to be used when you are confident you have enough information to act quickly in order to maximise your advantage over competitors. 


Data privacy: Top trends to watch in 2020

Flat illustration of security center. Lock with chain around lap
Technology (AI and ML) is being "blamed" for our current data privacy imbroglio, but technology is what can help solve it as well. Privacy enhancing technologies (PETs) represent a new, emerging category of technologies, and are increasingly being used to protect data privacy while enabling data use. Prior to the emergence of PETs, previous solutions tended to rely mostly on de-identification and anonymization, which usually involved removing personally identifiable information(PII) fields from data sets. However, anonymization technologies have been rendered insufficient by the advancements in AI and machine learning capabilities, which enable re-identification of anonymized data. PETs in the realm of secure computing, such as homomorphic encryption, multi-party computing (MPC), zero knowledge and differential privacy are introducing new paradigms for protecting various modalities of data usage. For example, my company, Duality Technologies, enables data science computations to be performed on encrypted data, which allows sensitive data to be analyzed and processed by our customers' partners while remaining protected.


Using Azure AD conditional access for tighter security


Legacy authentication is used for many types of attacks against Azure AD-based accounts. If you block legacy authentication, then you will block those attacks, but there's a chance you'll prevent users trying to perform legitimate tasks. This is where Azure AD conditional access can help. Instead of a simple off switch for legacy authentication, you can create one or more policies -- a set of rules -- that dictate what is and isn't allowed under certain scenarios. You can start by creating an Azure AD conditional access policy that requires modern authentication or it blocks the sign-in attempt. Microsoft recently added a "report only" option to conditional access policies, which is highly recommended to use and leave on a few days after deployment. This will show you the users still using legacy authentication that you need to remediate before you enforce the policy for real. This helps to ensure you don't stop users from doing their jobs. However, this change will severely limit mobile phone email applications.


Oracle customers complain of cloud coercion


In a number of instances, the Itam Review found that Oracle customers were being coerced into buying cloud services. “We have been in an audit situation three years ago,” one user told the Itam Review. “Even though we had been licensed properly, due to mergers and acquisitions, Oracle figured out that the licenses were not properly ‘transferred’ to the new companies. Oracle then threatened us with a fine of over €150,000.” The user then said that Oracle offered to waive the penalty if €50,000 of Oracle cloud licences were purchased instead. “We agreed to do so, fixed everything, got that certificate of compliance,” the user said. “We never used that Oracle cloud because we did not need it and because that cloud was not technically effective.” For Thompson, the poll illustrates the challenges that Oracle faces as it tries to establish itself as a major cloud provider in a market dominated by AWS, Microsoft Azure, Alibaba and Google Cloud.


Cisco offers on-prem Kubernets-as-a-Service to challenge public cloud

hyperconverged
The HXAP is designed to take the hard work out of Kubernetes and make it as easy as deploying an appliance, said Liz Centoni senior vice president and general manager of Cisco Cloud, Compute, and IoT. “We integrate the Kubernetes components and lifecycle-manage the operating system, libraries, packages and patches you need for Kubernetes. Plus, we manage the security updates and check for consistency between all components every time you deploy or upgrade a cluster. We then enable IT to deliver a Container-as-a-Service experience to developers – much like they are used to getting in the public cloud.” ... As part of the HXAP rollout, Cisco said instances can also be installed, operated and managed via its Intersight platform, the cloud-based management package for its Unified Computing System (UCS) and HyperFlex computing environments.  “Intersight also adds management and monitoring of virtual machines and containers allowing operators to create, expand and upgrade Kubernetes clusters from the cloud. With the addition of the Intersight Mobile App customers can also manage and monitor their global infrastructure and container footprint from the palm of their hand,” Venugopal wrote.



Quote for the day:


"Leaders are readers, disciples want to be taught and everyone has gifts within that need to be coached to excellence." -- Wayde Goodall


No comments:

Post a Comment