Decoupling Frontends and Backends with GraphQL
GraphQL combines the best of APIs and Query Language. It is an API because a
simple POST returns the data requested. And it is a query language because the
user can ask for what she wants (as long as it is permissible in the definition
of the GraphQL API endpoint). GraphQL has three distinct concepts: Types
(such as Customer, Order, etc.) that the user (frontend developer) interacts
with. These types are linked together in a graph — for example, a customer might
have orders — hence the name GraphQL. It has an additional abstraction, an
interface, that can be used to further hide types. This is particularly useful
when there are multiple different implementations; Queries, such as
customerById (queries are just entry points into the graph) return data of a
type; and Resolvers, which describe the implementation of the queries and
generation of the bits of data associated with types. For example, there might
be a resolver that says the query customerById can be executed by issuing a SQL
statement against a MySQL database, whereas the query orderByCustomer requires a
GET against a REST endpoint.
IoT in Mining
Mining companies have overcome the challenge of connectivity by implementing
more reliable connectivity methods and data-processing strategies to collect,
transfer and present mission critical data for analysis. Satellite
communications can play a critical role in transferring data back to control
centers to provide a complete picture of mission critical metrics. Mining
companies worked with trusted IoT satellite connectivity specialists such as
‘Inmarsat’ and their partner eco-systems to ensure they extracted and analyzed
their data effectively. Cybersecurity will be another major challenge for
IoT-powered mines over the coming years As mining operations become more
connected, they will also become more vulnerable to hacking, which will require
additional investment into security systems. Following a data breach at Goldcorp
in 2016, that disproved the previous industry mentality that miners are not
typically targets, 10 mining companies established the Mining and Metals
Information Sharing and Analysis Centre (MM-ISAC) to share cyber threats among
peers in April 2017.
BazarLoader Malware Abuses Slack, BaseCamp Clouds
According to researchers at Sophos, in the first campaign spotted, adversaries
are targeting employees of large organizations with emails that purport to offer
important information related to contracts, customer service, invoices or
payroll. “One spam sample even attempted to disguise itself as a notification
that the employee had been laid off from their job,” according to Sophos. The
links inside the emails are hosted on Slack or BaseCamp cloud storage, meaning
that they could appear to be legitimate if a target works at an organization
that uses one of those platforms. In an era of remote working, those odds are
good that this is the case. “The attackers prominently displayed the URL
pointing to one of these well-known legitimate websites in the body of the
document, lending it a veneer of credibility,” researchers said. “The URL might
then be further obfuscated through the use of a URL shortening service, to make
it less obvious the link points to a file with an .EXE extension.” If a target
clicks on the link, BazarLoader downloads and executes on the victim’s machine.
The links typically point directly to a digitally signed executable with an
Adobe PDF graphic as its icon.
How the Biden Administration Can Make Digital Identity a Reality
Digital identity has already gained bipartisan support on Capitol Hill. In 2020,
Representatives Bill Foster (D-IL) and John Katho (R-NY) introduced the
Improving Digital Identity Act, designed to establish a nationwide approach to
improving digital identity. Now, the Biden administration plans to leverage
digital identity for modernization of public services, ranging from government
assistance to healthcare to licensing. The act would be a step forward but
wouldn't completely address needs in the public and private sectors. Rep. Foster
notes that the bill would primarily address the government's need for digital
identity, paying less attention to issues (e.g., transaction friction, fraud)
facing enterprises and consumers. That said, the Biden administration must take
a broader, holistic approach to digital identity, eliminating data siloing that
would make future digital IDs unnecessarily purpose-specific. Any error would
allow bad actors to access sensitive data and impersonate customers, resulting
in fraudulent requests for government services, credit cards, loans, or
licenses.
Manufacturing Performance Intelligence: How digital unlocks resilient, agile operations
Digital solutions have a huge role to play in enabling Industry 4.0 and driving
sustainable practices. As manufacturers rapidly accelerated their adoption of
digital operating models, they have been able to safeguard employee health,
ensure commercial resilience and elevate performance using digital intelligence.
This is the new opportunity for industries and AVEVA’s portfolio combines the
operational data management of PI System with industrial analytics, enabling us
to lead the way. By harnessing the power of information with artificial
intelligence and human insight, AVEVA is leading the industry with Performance
Intelligence. Schneider Electric’s network of Smart Factories was among the
world’s first to transform operations, pioneering AVEVA’s Discrete Lean
Management software and pivoting to cloud-based operating models to safeguard
production. These changes transformed how we operate, cutting downtime by 44%
and driving 21% increases in energy efficiency in key factories. The World
Economic Forum recognized three Smart Factories as Advanced Manufacturing
Lighthouses as a result
Designing & Managing for Resilience
The concept of shared capacity and reciprocity within an organization is more
complex than simply directing teams to work together. Many organizations do have
cross-functional work teams or attempt to break down organizational silos by
rotating executives throughout the business. However, organizations are defined
by reporting structures, functional units or product teams - where each have
their own goals and objectives. In addition, an engineering leader is tasked
with setting direction, vision and priorities for their teams for a given
quarter or phase of the business lifecycle which may put them at different
tempos than their counterparts. Systemic and difficult problems that span
organizational boundaries can be emergent or continuously changing as different
teams make attempts to mitigate the problems within their own scope of
authority. This can make it difficult to coordinate clear goals and objectives
with peers for inter-organizational initiatives. Therefore, a function of the
resilient leader is to advocate for capacity sharing and reciprocity as part of
their team’s goals and priorities.
Cyber security for telehealth services
The goal of cybersecurity is to reduce the risk of cyber-attacks and to protect
organizations and individuals from intentional and deliberate exploitation of
security vulnerabilities in systems, networks, and technologies. You are done
with teleconsultation on Practo and now you are about to checkout and you are
offered cash withdrawal options with your debit or credit card or UPI, and like
you, there are millions of users who are sharing such sensitive information on
the platform, have you ever wondered how secured the information on practo is?
From updated privacy policies to security-focused patents to use AI for Data
Security each company increases its focus on data protection to promote user
trust. With the increasing growth in the digital world, cybersecurity threats
will continue to intensify as hackers learn to adapt to security strategies.
This will increase the overall need for cybersecurity by companies that will be
paying more and more highly qualified security professionals to protect their
vulnerable assets from cyber-attacks. Telehealth means you no more have to
travel, your appointment with the physicians takes place through a TV screen in
between you.
Beyond the Quickstart: Running Apache Kafka as a Service on Kubernetes
Kubernetes provides many networking options such as node ports, ingress, load
balancers and, with Red Hat OpenShift, routes as well. Kafka requires the
producers and consumers to talk to individual brokers based on the placement of
partitions and partition leaders. Based on the different networking options, you
have to configure your network correctly so that the producers and consumers are
able to individually address the brokers. Kafka exposes the
“advertised.listeners” option in the broker configuration, which allows the
clients to directly connect to the brokers. When configuring the Kubernetes
services to allow access to the brokers, you will also configure the
“advertised.listeners” in the broker to ensure that producers and consumers are
able to connect to the individual brokers. Kubernetes abstracts infrastructure,
following an interface pattern wherein third-party providers can create their
own plugins that follow a standard interface definition. So you could also build
your own routing layer to make sure you are able to address the brokers.
Kubernetes allows you to do this via ingress resources.
Using The Internet Of Things For Smart Office Automation
Scheduling is critical in a post-COVID office. IoT technology makes it much
easier to keep staff at an optimum number of people throughout the day to ensure
compliance with safety practices. Companies can create a check-in process and
monitor any potential warning signs. This system enables companies to keep track
of who was in the same room and parked their cars using smart parking
solutions. Smart scheduling can cut down overtime and stagger start and
leave times so that people can have a more flexible schedule while keeping the
number of people in the same areas at a minimum. Smart scheduling can
automatically create a master plan that considers all staff members’ preferences
and meets the company’s overall requirements. Smart scheduling for IoT-enabled
devices and networks is useful in a post-COVID office environment. Companies can
automatically create schedules for IoT items needed to match employee schedules.
This is convenient if employees call in sick because their workspaces can adjust
automatically if they are not at work. Making real-time changes to IoT schedules
is one of the best uses of smart office technology.
Bank Groups Object to Proposed Breach Notification Regulation
The four banking groups contend that compliance with the new regulation would
prove too burdensome for financial institutions. "We share the goal to develop a
flexible incident notification framework offering early awareness of
disruptions, while also being appropriately scoped to avoid over-reporting and
unnecessary burden for the banking industry, third-party service providers and
the supervisory community," the groups wrote. The proposed regulation bases its
definition of a reportable computer security incident on the National Institute
of Standards and Technology's definition. The NIST definition is: "An occurrence
that results in actual or potential jeopardy to the confidentiality, integrity
or availability of an information system or the information the system
processes, stores or transmits or that constitutes a violation or imminent
threat of violation of security policies, security procedures or acceptable use
policies." The four financial groups wrote that the NIST definition is too
broad, and if it's included in a breach notification requirement, it would
result in insignificant occurrences becoming reportable incidents.
Quote for the day:
"Effective team leaders realize they
neither know all the answers, nor can they succeed without the other members
of the team." -- Katzenbach & Smith
No comments:
Post a Comment