Daily Tech Digest - April 14, 2020

Microsoft and Google delay online authentication change

Companies are gradually replacing this method with more modern protocols. Microsoft and Google are both shifting to OAuth 2.0, which uses tokens to authenticate applications with online services, and gives them an expiry date. That way, an application stays authorised for a predefined period, minimising the need to exchange credentials. This also makes it easier to implement multi-factor authentication (MFA). Microsoft announced that it would switch off Basic Authentication in its Exchange Web Services (EWS) API for Office 365 back in July 2018. It planned to turn off support for the feature entirely on 13 October 2021. At the same time, it also advised developers to begin moving away from this API, instead using Microsoft Graph, which is its newer API for accessing back-end cloud services such as Exchange Online. It also expanded those plans in September 2019, announcing that it would turn off Basic Authentication in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP and Remote PowerShell.

How to achieve agile DevOps: a disruptive necessity for transformation

How to achieve agile DevOps: a disruptive necessity for transformation image
Organisations have accept that the transition to agile DevOps is going to be disruptive, but entirely necessary for effective and sustainable transformation. According to Erica Langhi, EMEA senior solutions architect at Red Hat, “the best way to mitigate this disruption is through transparency and openness — businesses need to make the benefits of this transition clear to their teams. After that, they should encourage their developers and operations teams to look at how other parts of the business are working.” After this, leaders will need to look at the company’s culture “and start making the tweaks necessary to promote collaboration and communication between teams; this isn’t optional, as nine out of ten organisations that try to make the change to DevOps without changing their culture and structure will fail,” she advised. Overall, to create a maximally agile DevOps, organisation’s “should also invest in a few other technologies and cultural changes. DevOps in fact brings together people, processes, and technology for better efficiency. ...” Langhi continued.

Defining the Database Requirements of Dynamic JAMstack Applications

To understand why multi-region distribution is desirable, let’s revisit why static websites on CDNs are incredibly fast. A CDN is fast to deliver your content because it contains copies of your content at different locations. When content is requested from the CDN from a specific location, it will attempt to deliver that content from the closest location to the requestor. In order to get an idea of how much that matters, take a glance at the Zeit CDN status page which shows you the difference in latency between your current location and other locations. By deploying our applications to a CDN, our pages automatically load from the closest location to the user, which results in low loading latencies. And low latencies result in a great user experience. In order to keep this user experience, the dynamic data that will be loaded from our APIs has to exhibit low latencies as well, and the best way to achieve this is to use a distributed database.

Talking Digital Future: Blockchain Technology

Talking Digital Future: Blockchain Technology
Indeed, the United Nations World Food Program, for example, is serving an incredibly large number of people. And we want the highest amount of good resources to go to those people — so they are. The U.N. did a first round of experimentation on blockchain so it could track the flow of aid from source to destination, and it was very successful. Now, it’s in the second or third round of expanding it. I think I like this technology because it directly and positively impacts human beings. This is probably one of my favorite cases at the moment. Another one is the real estate registries. Very often these are paper-based. I think about New Orleans when Hurricane Katrina came a few years ago. The city was flooded, and it was a complete disaster. It was a terrible tragedy. When the water subsided and the city was getting back on its feet, lots of houses were destroyed and the city had to find the titles for the homes. Well, they were destroyed because they were in boxes and the papers were in the basement of a building that was flooded. So, they had a lot of difficulty for a very long time identifying which properties belonged to who, and then how they could sell the properties.

Edge computing vs. cloud computing: What's the difference?

CIO Edge computing myths
Real-time performance is one of the main reasons for using an edge computing architecture, but not the only one. Edge computing can also help prevent overloading network backbones by processing more data locally and sending to the cloud only data that needs to go to the cloud. There could also be security, privacy, and data sovereignty advantages to keeping more data close to the source rather than shipping it to a centralized location. There are plenty of challenges ahead for edge computing, however. A recent Gartner report, How to Overcome Four Major Challenges in Edge Computing, suggests “through 2022, 50 percent of edge computing solutions that worked as proofs of concept (POCs) will fail to scale for production use.” Those who pursue the promise of edge computing need to be prepared to tackle all the usual issues associated with technologies that still need to prove themselves – best practices for edge system management, governance, integration, and so on have yet to be defined.

Enterprises regard the cloud as critical for innovation, but struggle with security

Only a little over half (58%) said their organization has clear guidelines and policies in place for developers building applications and operating in the public cloud. And of those, 25% said these policies are not enforced, while 17% confirmed their organization lacks clear guidelines entirely. “Enterprises believe they must choose between innovation and security—a false choice we see manifested in the results of this report, as well as in conversations with our customers and prospects,” said Brian Johnson, CEO at DivvyCloud. “Only 35% of respondents do not believe security impedes developers’ self-service access to best-in-class cloud services to drive innovation—meaning 65% believe they must choose between giving developers self-service access to tools that fuel innovation and remaining secure. “The truth is, security issues in the cloud can be avoided. By employing the necessary people, processes, and systems at the same time as cloud adoption, enterprises can reap the benefits of the cloud while ensuring continuous security and compliance.”

Developers: Getting ahead is about more than programming languages

From a career perspective, IT professionals will often reach a point where they have to choose between becoming a technical specialist or moving down the management path. But even for those on the management path it is incredibly important that they stay up to date with what is new in tech as it becomes all too easy to fall out of step, he said. Gill says another trend within the IT industry is for companies to become more customer-focused in how they develop their products and services. In light of this, ambitious IT professionals must develop an understanding of the clients' needs as well as the intricacies of the code. "They should discuss requirements directly with them where possible or else with their points of contact within their own organisation, such as sales or business development. Having direct feedback and input from clients means the IT professionals will have a far greater chance of delivering something that will meet their needs," says Gill. Malcolm Lowe, head of IT at Transport for Greater Manchester (TfGM), is another tech chief who believes focusing on the needs of the user is the key to career-development success. He advises other IT professionals to couch everything they do in business outcomes and user needs – because, at the end of the day, that's what you're providing.

How to build a DevSecOps strategy

How to build a DevSecOps strategy image
Almost every DevOps guide talks about implementing the practice at a cultural level, and the same is true with DevSecOps. Developers tend to be incredibly creative and talented people who take a lot of pride in what they do. Get out of their way and allow them to grow. Think of it as future-proofing your security design through a more holistic approach. That’s precisely why the first step on this list is training and educating team members. When given a chance, they will work to further their skills and experience. They will also take everything they learn and incorporate it into the code and content they’re creating. It’s all about giving them the tools they need to succeed, which will only further improve the end product. ... Most likely, there are projects and segments already in place, and your teams created existing code with a different method. Don’t look at this as a negative or obstacle. It provides an excellent opportunity to revisit the foundations of a system to implement the protective armour we’re discussing.

As cybersecurity concerns grow, so does need for security professionals

For people who already work in IT but choose to refocus their energies in the area of cybersecurity, the switch can be lucrative. Job-market analytics company Burning Glass Technologies has been tracking the cybersecurity job market since 2013. In its June 2019 report, it states that the number of cybersecurity job postings has grown 94% since 2013, compared to only 30% for IT positions overall. This growth is three times faster than the overall IT market. Burning Glass’s research shows that cybersecurity jobs account for 13% of all IT jobs. On average, however, cybersecurity jobs take 20% longer to fill than other IT jobs and pay 16% more. This works out to an average of $12,700 more per year. According to the U.S. Bureau of Labor Statistics, the average salary for an information security analyst is $98,350. Analysts plan and carry out security measures to protect an organization’s computer networks and systems. “Their responsibilities continually expand as the number of cyberattacks increases,” Li says.

What Is A Data Passport: Building Trust, Data Privacy And Security In The Cloud

Data passport technology is based on classic mainframe technology, which today, can include full encryption of your data, to ensure that every piece of data is encrypted. When each piece of data is encrypted, even if it is stolen, it can’t be used.  Data passports allow you to extend the encryption technology that used to be only available on a physical mainframe to cloud computing. Each piece of data in the cloud has a passport assigned to it, and with the passport, you can verify if the data is misused, if the passport is still valid, etc. These data passports also give companies the ability to protect data and revoke access to it at any time, across a multi-cloud environment. Because the data carries its passport — and its encryption — with it, it will help enterprises secure their data wherever it travels. And that's the most significant development that makes data passports so unique and important: the protection and enforcement of data privacy and security are available on and off any given platform as it travels with the data.

Quote for the day:

"Leaders must know where they are going if they expect others to willingly join them on the journey." -- Kouzes & Posner

No comments:

Post a Comment