Daily Tech Digest - January 07, 2021

How to deploy 802.1x for Wi-Fi using WPA3-Enterprise

The enterprise mode of WPA has always allowed you to give each user a unique username/password to login to the Wi-Fi or to utilize unique digital certificates for each user to install on devices for even more security. Now with WPA3-Enterprise, the security is increased as clients are now required to make sure it’s communicating with the real authentication server before sending login credentials. That verification was optional with the earlier two versions of WPA. ... The difficulty of setting up a RADIUS server varies based on what solution you choose, and it’s usually streamlined if using a wireless controller or APs. If using an external server, you usually have to enter the IP address of the wireless controller or each AP and specify a shared secret that you later input in the controller settings or each AP. For traditional RADIUS servers, these are usually entered in the Network Access Server (NAS) list. On the RADIUS server you also have to configure user credentials either with usernames and passwords in a local database or external database/directory, or by generating digital certificates that you later install on devices. Some RADIUS servers support optional attributes you can apply to individual users or groups of users that become part of the policy applied to individual clients.

Why IoT has failed to take off and the impact for the world when it does

An IoT explosion will create previously unthinkable, disruptive business models. The first enabler for this is the ability to turn non-connected ‘dumb products’, such as running machines, lawnmowers and hairdryers, into connected ‘smart experiences’ which result in big data goldmines for their manufacturers. As more of these products are launched, more pressure will be exerted on competitors to follow suit and this will, in my view, result in accelerated adoption of IoT. Think of it as a form of accelerated Darwinism for product design. It’s the survival of the fittest. Businesses that don’t adapt and evolve will succumb to natural selection driven by the consumer. We will see a rapid rise in innovation, the likes of which we haven’t seen in decades. To give you an example of how this is already beginning to happen, within retail we’ve seen Costa Coffee disrupting the coffee industry with its Costa Express machines. Costa has essentially taken the coffee shop experience and distilled it into a machine that delivers a highly personalised coffee retailing experience akin to, or arguably better than, a traditional coffee shop. So much so that they market it as ‘a Barista without a Beard’. 

The rise of developer-led culture and how it can benefit your business

In a developer-led culture, companies recognize developers as innovators instrumental to solving some of the world's most complex problems. While in the past, only a small number of companies were able to succeed with a developer-led culture, we'll see the dramatic rise of this mindset permeate throughout the enterprise as business leaders and developers take advantage of new tools that make it easier for developers to drive innovation and that enable more technical collaboration between business and IT. Not only will far more developers have a seat at the table, they'll be the key drivers of the next wave of business innovation. ... A developer-led culture is best when it's rooted in collaboration between business leaders and IT. Today, despite massive amounts of money and effort, application development struggles to be effective and still runs up against the same roadblocks it did 20 years ago. Painfully few companies (e.g. Google, MSFT, Apple, Facebook, etc.) have the ability to take advantage of the full stack of traditional development by locking in the best engineering talent in the world and building massive teams. Everyone else has been left out—understaffed and stuck with complex, unapproachable technology that keeps them from using applications to their advantage. But, to be able to compete, companies need differentiated software, and to be able to build it themselves so that it adapts to always-evolving needs.

Strategic Agility at Scale: Applying Agile Across Your Organization

The Disciplined Agile (DA) tool kit is more sophisticated than the agile software development frameworks you may be familiar with. With DA we choose to address the actual challenge that you face, not just part of the challenge. As a result, DA distinguishes between four process layers as you can see in Figure 1. Each level is organized into several process blades , each of which describes in detail a process area or capability within your organization. The DA layers are:  The Foundation layer provides the conceptual underpinnings of the DA tool kit. This includes the DA mindset; foundational concepts from agile, lean, and serial/traditional ways of working (WoW); people-oriented issues such as roles, responsibilities, and teaming structures; and of course how to choose your WoW.  ... Disciplined DevOps is the streamlining of IT solution development and IT operations activities, and supporting enterprise-IT activities, to provide more effective outcomes to your organization. ... The value streams layer encompasses the capabilities required to provide value streams to your customers. A value stream is the set of actions that take place to add value to a customer from the initial request through realization of value by the customer.

A Covid-19 response to supply chain fragility

At the very beginning of the crisis, as country after country went into lockdown, we saw the supply chain start to dry up and major retailers and delivery services admitting that stock availability was limited or had run out completely – an almost unprecedented situation in peacetime. Even now, as national lockdowns are – in the main – giving way to more localised control methods, it is still difficult for businesses to predict demand effectively and control stock – especially in the run-up to Christmas, traditionally the busiest time for retail. Coupled with this, as a response to the pandemic, many businesses have switched to a truly multi-channel approach in order to survive and thrive. However, running a successful omnichannel strategy requires a change in mindset for most businesses – as well as being underpinned by the right technologies. Disparate teams must gain an understanding of each other’s value propositions and strategies, which can allow companies to reduce operational costs, improve productivity and boost efficiency, as well as being able to predict demand and control stock more effectively. Of course, nurturing any inter-departmental collaboration is easier said than done. It is challenging to integrate different domains. 

The real deal: How edge and IoT technologies boost business

Utilities are using edge and IoT technologies to improve customer service. Hoping to enhance customer loyalty by delivering better service, one energy production company in Italy looked for ways to increase the uptime of its equipment. “Instead of calling service technicians to deal with outages, this utility decided to prevent them,” says Wallis. “Using edge and IoT services from SAP, the company began collecting data at the edge, which is wherever assets run.” Then the company went one step further: by using predictive maintenance software, the utility scores the health of its assets. “An asset can be more or less healthy,” she states. “We provide that information right on the shop floor and also on dashboards, which users can access remotely.” In fact, no human workers need to be on the shop floor to get insight into the asset health information. But as soon as a problem is spotted, technicians can perform preventative maintenance – avoiding downtime and creating happier customers. “Real-world IoT information about the asset, the product, the worker, and the shop floor matters,” she continues. “Otherwise you’re just ‘guess-timating.’ And all of your planning is better when it’s married to real-world data like IoT data. Then you can constantly baseline yourself against what is happening in reality.”

Disaster recovery lessons from an island struck by a hurricane

The first lesson from this disaster is one of the most profound: as important as backup and recovery systems are, they might not pose the most difficult challenges in a disaster recovery. Getting a place to recover and a network to use can prove much more difficult. Mind you, this is not a reason to slack off on your backup design. If anything, it’s a reason to make sure that at least the backups work when nothing else does. Local accounts that don’t rely on Active Directory would be a good start. Services such as Active Directory that are necessary to start a recovery should have at least a locally cached copy of the service that works without an Internet connection. A completely separate instance of such a service would be much more resilient. Rehearse large scale recoveries as best as you can, and also make sure you are aware of how to do them without a GUI. Being able to login to the servers via SSH and run restores on the command line is more power efficient and flexible. As foreign as that seems to many people, a command-line recovery is often the only way to move forward. On Atlantis, electric service was at a premium, so using it to power monitors wasn’t really an option.

Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

The shift to a remote work model for a lot of non-healthcare professionals, including IT and security personnel, also likely disrupted certain IT and security programs and operations, leaving organizations more vulnerable. The situation was likely exacerbated by the fact that the healthcare industry traditionally has lagged behind many other industries in IT. Zscaler's Desai says healthcare organizations often lack security controls that others have deployed and are often vulnerable to known issues. Prolonged FDA approvals also can hinder the adoption of more secure technology, making it harder for healthcare entities to implement new security controls. "For example, security in the healthcare sector is often hindered by legacy technology, with updates often delayed by prolonged FDA approvals," Desai says. They also face the challenge of preserving compliance with the security and privacy provisions of HIPAA while looking to migrate to potential more secure channels for operation, he says. "Without unified controls and centralized visibility and policy enforcement, the healthcare industry will continue to face gaps in their security controls that will always draw the attention of cybercriminals," Desai notes.

Data Architecture with Data Governance: A Proactive Approach

Key features of an effective Data Architecture include a Data Strategy that is in alignment with business drivers, targets essential data, delineates clear activities and milestones, and is flexible enough to evolve with the business needs and the technology available. Most importantly, architecture must be manageable. “You can never sort out all your data everywhere. You need to focus on the things that really make a difference.” ... Turner outlined a simple path to a Data Strategy. Start with the Business Strategy and determine what data is critical to supporting that strategy. Evaluate the data you have and decide if it’s up to the task, and if it isn’t, decide what is needed to improve it. Turner pointed out that improvements may need to come from the business side, rather then exclusively from IT. For example, if every department uses a different code or term to indicate “customer,” “Then that obviously would influence the business strategy, which might need to change in order to accommodate that barrier.” ... The volumes of data that companies and organizations are handling have increased phenomenally in the last ten years. Ninety percent of all the data currently stored today has just been created in the last two years.

The Convergence of Infrastructure and Security

Converging infrastructure and security allows an organization to put security anywhere on any edge -- the WAN and Remote Worker Edge (using things like SD-WAN and SASE), the cloud edge (using proxies), or the datacenter or LAN edge (through secured WiFi and ethernet controllers). This allows security to function as a fully integrated element of the network, and the integration of deployment, management, configuration, and orchestration ensure that all elements work together seamlessly across the entire network as a single framework. The convergence enabled by a security-driven networking strategy will be especially critical as new smart edge solutions are adopted. A smart edge is a collection of endpoint devices connected using cloud-native, highly scalable, and secure virtual platform that enables Software-as-a-Service (SaaS) applications to be deployed in or as close to the network edge as possible. It relies on things like 5G to ensure high performance and reliable connectivity. With a smart edge network in place, enterprises and communications service providers can enable cloud-like services closer to the user, whether on the customer-premise or at the network edge. But it absolutely depends on having a fully converged security and networking solution.

Quote for the day:

"Growth and change may be painful sometimes, but nothing in life is as painful as staying stuck where you don't belong" -- Daniel Goddard

No comments:

Post a Comment