Daily Tech Digest - November 10, 2021

All your serverless are belong to us

Though serverless has been enabled by the clouds, serverless functions aren’t simply a big cloud game. As Vercel CEO (and Next.js founder) Guillermo Rauch details in the Datadog report, “Two years ago, Next.js introduced first-class support for serverless functions, which helps power dynamic server-side rendering (SSR) and API routes. Since then, we’ve seen incredible growth in serverless adoption among Vercel users, with invocations going from 262 million a month to 7.4 billion a month, a 28x increase.” From such examples, and many others (including ever shorter function invocation times, which indicate that enterprises are becoming more proficient with functions), it’s clear that serverless computing has taken off. Vendors will continue to press the “no lock-in” marketing button, but customers don’t seem to care. Rather, they may care about lock-in, but they care much more about accelerating their time to customer value. In enterprise computing, as in life, there are always trade-offs. The cost of a perfectly lock-in-free existence is lowest-common-denominator code that is generic across hardware/cloud platforms.

5 Things To Remember When Upgrading Your Legacy Solution

In opposition to a common idea, a legacy framework does not necessarily be old. The most negative part of these frameworks is that they are still employed, even despite the fact that they frequently fail to meet critical demands and support core business operations as they are meant to. So, let’s face it - when there is legacy software you cannot replace, you should at least go for modernization. "Legacy systems are not that safe," says Daniela Sawyer, Founder and Business Development Strategist of FindPeopleFast.net. "This happens because, being the older technology, they are not usually supported by the company or the vendor who created it in the first place. Also, it lacks having regular updates and patches to maintain the pace with the modern world. So the new update should ensure the security aspect precisely." Although it might appear as though you're saving costs when you don't spend money updating your digital product, that might cost you much more over the long haul. 

The role of visibility and analytics in zero trust architectures

There are three NIST architecture approaches for ZTA that have network visibility implications. The first is using enhanced identity governance, which (for example) means using identity of users to only allow access to specific resources once verified. The second is using micro-segmentation, e.g., when dividing cloud or data center assets or workloads, segmenting that traffic from others to contain but also prevent lateral movement. And finally, using network infrastructure and software defined perimeters, such as zero trust network access (ZTNA) which for example allows remote workers to connect to only specific resources. NIST also describes monitoring of ZTA deployments. Outlining that network performance monitoring will need security capabilities for visibility. This includes that traffic should be inspected and logged on the network (and analyzed to identify and reach to potential attacks), including asset logs, network traffic and resource access actions. Furthermore, NIST expresses concern about the inability to access all relevant and encrypted traffic – which may originate from non-enterprise-owned assets or applications and/or services that are resistant to passive monitoring.

How business and IT can overcome the data governance challenge

Business heads and their teams, after all, are the ones who have the knowledge about the data – what it is, what it means, who and what processes use it and why. As well as what rules and policies should apply to it. Without their perspective and participation in data governance, the enterprise’s ability to intelligently lockdown risks and enable growth will be seriously compromised. However, with their engagement, sustainable payback will be achieved and the case for continuing commitment by the enterprise to data governance will be easier to justify. It is vital, however, that modern data governance is a strategic initiative. A data governance strategy is the foundation upon which to build a muscular data-driven organization. Appropriately implemented – with business data stakeholders driving alignment between data governance and strategic enterprise goals and IT handling the technical mechanics of data management – the door opens to trusting data and using it effectively. Data definitions can be reconciled and understood across business divisions, knowledge base quality can be guaranteed, and security and compliance do not have to be sacrificed even as information accessibility expands. 

Data Advantage Matrix: A New Way to Think About Data Strategy

For SAAS companies, the funnel is everything. Optimizing metrics at every stage of the funnel is what accelerates SAAS companies from average to exponential growth. So for any SAAS founder, if you don’t have basic operational analytics set up on day one, you’re probably doing something wrong. This fictional SAAS startup would start at the top left of the matrix with basic operational analytics. These analytics don’t have to be complicated. At Stage 1, it’s all about getting the basics right — measuring the number of leads per day, users converting on the site, users signing up on the product, free trials that end up paying, etc. Given the importance of operational analytics, it would make sense for this startup to move to Stage 2 pretty quickly — converting its basic analytics into something more scalable like a centralized intelligence engine. This would include investing in a data warehouse that brings all data into one place, adding a BI tool, and hiring the first analysts to drive data-driven decisions where it matters most.

Fintech has a gender diversity problem — here’s how we tackle it

Diversity can both empower individuals and spark feelings of inclusion across society. It encourages different perspectives and promotes tolerance and understanding amongst workplaces. And in business, quite rightly, the topic has entered the mainstream. Take the engineering industry as an example, where gender equality figures are showing an encouraging steady upwards trajectory. In law, female representation across the world is also reputable. Both show gender equality is slowly, but surely, moving in the right direction, but sadly in financial technology (Fintech), the same is yet to be realised. A report by Innovate Finance found women still account for less than 30% of the Fintech workforce, with less than 20% in executive positions. By 2026, the industry is estimated to grow by 20%, hitting the $324 billion mark in value, meaning that the gender gap will soon widen even further. But how can Fintech continue to progress and thrive if it isn’t a desirable industry for all? Clearly, the industry needs to do more. The question is, how?

The IT Talent Crisis: 2 Ways to Hire and Retain

While CompTIA’s research notes that money is the top reason for workers to leave, another factor is the lack of opportunity. “Our research indicates that a top reason tech workers consider leaving is a lack of career growth opportunities, a telling message to employers not to underestimate the value of investing in staff training and professional development,” said Tim Herbert, executive VP for research and market intelligence at CompTIA, in a press release. Investing in employee training during a labor crunch can also have downsides if employees take advantage of training and then use those added skills to parlay their way into a new opportunity elsewhere. But if employees are leaving, they are also going somewhere, too. Pyle recommends that organizations not only look carefully at their compensation package offers but also consider casting a wider net for candidates by looking outside of your usual geography. “The hybrid work environment works,” he says. “People can work from anywhere. If we are bringing in the right talent we can bring them in from anywhere, as long as they can do the job.”

CIO role: How to move from gatekeeper to advisor

Historically, the role of the CIO focused on identifying, implementing, and maintaining business IT systems, with budget set aside to explore and drive innovation within the organization. Moving into the 2000s and 2010s, CIOs were tasked with spearheading digital transformation and the journey to the cloud. Today’s CIO must work as an advisor and partner to departments across the organization, seeking to understand the needs of the wider business and ensuring that those needs are met in a way that works both for the individual and the wider business aims. However, this distributed approach brings challenges: How, for example, does IT respond to a vulnerability in a piece of software that IT did not know was running? Many IT leaders tell us that the barrier between shadow IT and business-led IT is becoming more and more blurred and is forcing tradeoffs around risk vs. flexibility. It is IT’s role to not only facilitate business needs but also ensure compliance and security. This creates tension between offering advice vs. imposing governance.

Hackers Disrupt Canadian Healthcare and Steal Medical Data

The attack has resulted in ongoing disruptions to care in addition to exposed data. The province is comprised of four regional health authorities, although data was not stolen from all of them: Western Health - no data believed to have been stolen, Central Health - data exposure unclear, Eastern Health - 14 years of data exposed, and Labrador-Grenfell - 9 years of data exposed. Officials say they're attempting to restore systems from backups, and that the process remains underway and is not yet complete. On Thursday, for example, public broadcaster CBC reported that while the Health Sciences Center hospital in the city of St. John's had restored its Meditech system, which handles patient health information and financial details, it only included information from before the attack. Each health authority has been publishing its own updates on the ongoing disruptions it continues to face. Through at least Wednesday, for example, Western Health noted that only some appointments would be proceeding, including chemotherapy appointments "at a reduced capacity."

The Renaissance of Code Documentation: Introducing Code Walkthrough

As inline comments describe the specific code area they are attached to without a broader scope, they are always limited. As for high-level documentation, they can indeed provide the big picture, but they lack the details that developers need for their work. For example, in the documentation about extending git’s source code, you can definitely describe something like the general process of creating a new git command in a high-level document. However, you won’t be able to do so effectively without getting into specific details and giving examples from the code itself. ... Code-Walkthrough Documentation takes the reader on a “walk” made up of at least two stations within the code. They describe flows and interactions and they may rely on incorporating code snippets or tokens to do so. In other words, they are code-coupled, in accordance with the principles of Continuous Documentation. This kind of document provides an experience similar to getting familiarized with a codebase with the help of an experienced contributor to the codebase - when the latter walks you through the code.

Quote for the day:

"You can't be a leader if you can't influence others to act." -- Dale E. Zand

No comments:

Post a Comment