5 ways agile devops teams can support IT service desks
Devops teams should specifically tailor planning, release, and deployment
communications or collaborations to their audiences. For service desk and
customer support teams, communications should focus on how the release impacts
end-users. Devops teams should also anticipate the impact of changes on
end-users and educate support teams. When an application’s user experience or
workflow changes significantly, bringing in support teams early to review,
understand, and experience the changes themselves can help them update support
processes. ... Let’s consider two scenarios. One devops team monitors their
multicloud environments and knows when servers, storage, networks, and
containers experience issues. They’ve centralized application logs but have
not configured reports or alerts from them, nor have they set up any
application monitors. More often then not, when an incident or issue impacts
end-users, it’s the service desk and support teams who escalate the issue to
IT ops, SREs (site reliability engineers), or the devops team. That’s not a
good situation, but neither is the other extreme when IT operational teams
configure too many systems and application alerts.
Safeguarding Schools Against RDP-Based Ransomware
Most school districts now acknowledge that things will not be back to normal
this fall, and they are planning hybrid learning solutions for the school
year. Hackers are delighted with this development since distance learning is
often implemented using Microsoft's Remote Desktop Protocol (RDP), one of the
prime targets for cybercriminals, aiming for quick gains. Their primary
tactic: install ransomware that locks up data until ransoms are paid.
Recently, in June 2020, the University of California San Francisco School of
Medicine paid a ransom of over $1 million to regain access to important
scientific data. While a K-12 school or school district may not have data
worth millions, cybercriminals know that schools often lack the resources
large corporations deploy to guard against cyberattacks, which makes them
prime targets. One specific attack vector the FBI has warned about is Ryuk
ransomware, which is deployed via RDP endpoints, specifically students,
parents, and teachers in the K-12 environment. Ryuk uses a sophisticated type
of data encryption that targets backup files. Once the end user has been
infected, that person can propagate the virus to the school's servers, where
it can cause havoc.
Arm swimming in a sea of uncertainty that could sink its business model
"The risk with Arm going forward is Arm works because I can source Arm IP, and
I know that Arm will not compete with me. Some of Arm's other customers might
compete with me, but my supplier will not compete with me because they do not
sell chips," he said. "We're moving to a scenario now where there's a
potential that if I'm sourcing IP from a company that will compete with me for
product -- the selling of chips -- that's obviously going to cause concern for
quite a few companies that may also raise antitrust or anti-competitive issues
in terms of closing the deal as well." And this is before the situation with
Arm China enters the equation. Arm China is a joint venture -- the style of
arrangement many western companies enter into to do business in the Middle
Kingdom -- and in July, Arm sought to fire the CEO of that venture, Allen Wu,
for running another company that invested in Chinese Arm customers on the
side. That would normally be a pretty straight forward case of conflict of
interest, except Wu has Arm China's registration documents and company seal
and he has not given them up, Bloomberg reported in July. Arm China also
posted a public letter signed by 176 of its employees imploring Beijing to
protect it from the UK parent company.
Why You Should Stop Saving Photos From iMessage, WhatsApp And Android Messages
Check Point’s POC attack was that an image would be messaged to a victim over
a popular platform—iMessage, Android Messages or WhatsApp, and the content of
the image would tempt the victim to save the photo to their device. It’s
easily done—most of us do it all the time, even if just to share the image on
a different platform, rather than forward the message we have received. Check
Point’s Ekram Ahmed told me that this should serve as a warning. “Think twice
before you save photos onto your device,” he told me, “as they can be a Trojan
horse for hackers to invade your phone. We demonstrated this with Instagram,
but the vulnerability can likely be found in other applications.” That’s
almost certainly the case—the issue was with the deployment of an open-source
image parsing capability buried within the Instagram app. And that third-party
software library is widely installed in countless other apps. ... The issue
comes when you save that to the album on your internal phone’s storage or an
external disk. We saw this last year, with WhatsApp and Telegram exposed to an
Android vulnerability where images were saved to an external disk. That said,
earlier this year, Google’s Project Zero team warned that the image handling
by messengers themselves on iOS could be defeated when an unusual file type
was handled.
Why Data Intensity Matters in Today’s World
Data intensity won’t happen overnight. It’s a journey that brings together the
right technology, best practices, and infrastructure foundation. The first
step is to start with proven available technologies. Open Source offerings may
tempt us with the latest technical bells and whistles, but they aren’t always
the solution that aligns best with our business objectives. One reason that IT
projects fail so often is that people choose the wrong technology. As you
evaluate the tooling you will use with your data, consider whether you need
some of the scale and complexity that comes with these technologies. Not every
company is a Facebook or a Google. Choose the technology that lines up best to
your own use case and your platform, not merely the flavor of the month. Don’t
be afraid to purchase the technology and tools you need, rather than build it
yourself. Maximizing data literacy is another key step toward data
intensity. It starts with establishing a common way to talk about data, using
a baseline set of knowledge, such as SQL. Understanding the data is more
important than understanding the technology behind it. Even the best
solution won’t do you any good if you can’t bring it into production.
GCA releases new version of the GCA Cybersecurity Toolkit for SMBs
The GCA toolkit provides small businesses a way to address these risks with
free tools and resources that they can implement themselves. For government
and industry, the toolkit is a valuable resource that can be provided to help
secure their supply chain and vendors. “Helping small businesses address
cybersecurity challenges requires that we meet them where they are, with
resources designed to match their resources and expertise. We worked with
partners and stakeholders to develop the GCA Cybersecurity Toolkit for Small
Business more than a year ago and since that time have evolved the toolkit to
be even easier to use, either all at once or a step at a time,” said Philip
Reitinger, GCA’s President and CEO. “This revision of the toolkit is a
significant step forward on this front, and we are pleased to share it to
further assist small businesses reduce cyber risk.” Since its initial launch
there have been more than 105,000 visits to the toolkit. Key to the success of
the toolkit has been partnerships with organizations such as Mastercard,
ICTswitzerland, and the Swiss Academy of Engineering Sciences (SATW), the
latter two of which resulted in the German translation of the toolkit and
makes an important contribution to the implementation of the National strategy
for Switzerland’s protection against cyber risks (NCS).
7 low-code platforms developers should know
Low-code platforms are far more open and extensible today, and most have APIs
and other ways to extend and integrate with the platform. They provide
different capabilities around the software development lifecycle from planning
applications through deployment and monitoring, and many also interface with
automated testing and devops platforms. Low-code platforms have different
hosting options, including proprietary managed clouds, public cloud hosting
options, and data center deployments. Some low-code platforms are code
generators, while others generate models. Some are more SaaS-like and do not
expose their configurations. Low-code platforms also serve different
development paradigms. Some target developers and enable rapid development,
integration, and automation. Others target both software development
professionals and citizen developers with tools to collaborate and rapidly
develop applications. I selected the seven platforms profiled here
because many have been delivering low-code solutions for over a decade,
growing their customer bases, adding capabilities, and offering expanded
integration, hosting, and extensibility options. Many are featured in
Forrester, Gartner, and other analyst reports on low-code platforms for
developers and citizen development.
9 Tips to Prepare for the Future of Cloud & Network Security
Discussions of cloud security are often complicated because different people
have different ideas of what constitutes cloud computing and what their
personal roles and interests are, Riley said. It's incumbent on organizations
to focus their attention on aspects of cloud security they can control:
identity permissions, data configuration, and sometimes application code. Most
cloud security issues that organizations face fall under these three areas.
"The volume of cloud usage is increasing, the sophistication is increasing,
the complexity is increasing, [and] the challenge is learning how to better
utilize the public cloud," Riley said. A growing dependence on the cloud will
also force businesses to rethink the way they approach network security, said
Lawrence Orans, research vice president at Gartner, in a session on the
subject. The future of network security is in the cloud, and security teams
must keep up. The changes related to cloud adoption extend to the security
operations center, which analysts anticipate will take a different form as
more businesses depend on the cloud, adopt cloud security tools, and support
fully remote teams. These shifts will demand a change in thinking for security
operations teams.
How Centralized Log Management Can Save Your Company
Dropping all logs into a SIEM spikes costs, so oftentimes only a portion is
collected, which creates fragmented or incomplete pictures and impacts
security monitoring and incident response. CLMs lift the burden of having to
hire staff, provide training and support for SIEMs. CLMs also reduce the costs
organizations would incur with their SIEM providers, as well as the risk of
endangering the SIEM infrastructure by storing unmanaged logs. Fragmented data
collection can become a unified data collection with a data highway.
Organizations can now filter unruly data and deliver only what you need. This
helps overcome the age-old strategy of letting separate teams have their own
sources of data, which could instead be directed to the appropriate team via
your data highway. The data highway lets you collect once and use it many
times, where it’s needed. ... One example of superfluous information is the
timed mark that many applications add into the log of their system to show
they are online. Unless a security auditor will need to see this, there is no
reason why an organization should be paying to store it in their SIEM.
Administrators are even able to filter out all extraneous text and add parsing
for specific events.
Applying Chaos Engineering in Healthcare: Getting Started with Sensitive Workloads
With critical systems, it can be a good idea to first run experiments in your
dev/test type environments to minimize both actual and perceived risk. As you
learn new things from these early experiments, you can explain to stakeholders
that production is a larger and more complex environment which would further
benefit from this practice. Equally, before introducing something like this in
production, you want to be confident that you can have a safe approach that
allows for you to be surprised with newer findings without introducing that
additional risk. As a next step, consider running chaos experiments in a new
production environment before it is handling live traffic by generating
synthetic workloads. You get the benefit of starting to test some of the
boundaries of the system in its production configuration, and it is easy for
other stakeholders to understand how this will be applied and that it will not
introduce added risks to customers, since live traffic isn’t being handled
yet. To start introducing more realistic workloads than you can get from
synthetic traffic, a next step may be to leverage your existing production
traffic.
Quote for the day:
"Challenges in life always seek leaders and leaders seek challenges." -- Wayde Goodall
No comments:
Post a Comment