Decentralized identity using blockchain
Let’s assume an online shopping scenario where the required data will transit
from the wallet associated with the decentralized identity. The wallet in this
scenario contains the verified identity, address, and financial data. The users
share identity data to log in with the website by submitting the required
information from the identity wallet. They are authenticated with the website
without sharing the actual data. The same scenario applies to the checkout
process; a user can place an order with the address and payment source already
verified in his identity wallet. Consequently, a user can go through a smooth
and secure online shopping experience without sharing an address or financial
data with an ecommerce website owner. ... Blockchain technology uses a consensus
approach to prove the data authenticity through various nodes and acts as the
source of trust to verify user identity. Along with the data, each block also
contains a hash that changes if someone tempers the data. These blocks are a
highly-encrypted list of transactions or entries shared across all the nodes
distributed throughout the network.
Breach Notification: Poor Transparency Complicates Response
Unfortunately, data breach experts continue to see increasing transparency
shortfalls, both from organizations that fall victim and from regulators. In
2020, for example, 209 consumer breach notifications lacked important details,
while in 2021, 607 breaches lacked such details. So says the Identity Theft
Resource Center, a nonprofit organization based in San Diego, California, that
provides no-cost assistance to U.S. identity theft victims to help resolve their
cases (see: Data Breach Trends: Global Count of Known Victims Increases). "The
lack of actionable information in breach notices prevents consumers from
effectively judging the risks they face of identity misuse and taking the
appropriate actions to protect themselves," ITRC says in its latest Annual Data
Breach Report, looking at 2021 trends. "A decrease in timely notices posted by
states, including one state that updated breach notices in December 2021 for the
first time since the fall of 2020, also prevents consumers from taking action to
protect themselves and organizations that assist identity crime victims from
offering timely, effective advice."
Entrepreneurship for Engineers: How to Build a Community
You probably already know that understanding and being able to articulate your
product’s value proposition is critical to successful sales and marketing — but
your community needs to add value, too, above and beyond the value that the
product/project provides. “No one wakes up in the morning and thinks ‘I’m going
to go and answer questions on the internet,” Bacon said. People need to get
something out of participating in the community that they can’t get anywhere
else. “People love the community aspects,” said Ketan Umare, co-founder and CEO
of Union.ai, the company behind Flyte, an open source workflow automation
platform for data and machine learning processes, and his experience building a
community with a value proposition above and beyond the project’s value. “We
guarantee you that in the community, there is somebody to listen to your
problems,” Umare said. “It creates this feeling that you are not alone.”
What SREs Can Learn From Capt. Sully: When To Follow Playbooks
What’s interesting about Sully’s story is that he didn’t do exactly what pilots
(or engineers) are trained to do. He didn’t stick completely to the playbook
that a pilot is supposed to follow during engine failure, which stipulates that
the plane should land at the nearest airport. Instead, he made a decision to
crash-land in the Hudson River. The fact that Sully did this without any loss of
human life turned him into a hero. In fact, Sully the movie almost villainizes
the National Transportation Safety Board (NTSB) for what the film presents as an
unfair investigation of Sully for not sticking to the playbook. Yet, as the
podcasters noted, the difference between heroism and villanism for Sully may
just have boiled down to luck. They pointed out that in similar incidents – like
the Costa Concordia sinking in 2012 – in which staff deviated from playbooks,
they ended up facing stiff penalties. In the Costa Concordia case, the captain
of the boat was placed in jail – despite the fact that his decision not to stick
rigidly to the playbook most likely reduced the total loss of human life.
The truth about VDI and cloud computing
Performance is the core problem. Not all home-based Internet connections
support high speeds and low latency. Indeed, even if you pay for the faster
stuff, a few days of detailed monitoring will show that latency and speed are
pretty bursty overall. VDI, depending on what you’re leveraging, indeed keeps
data and applications centrally located and thus hopefully secure. But both
application images and data must be constantly transmitted to the employees’
devices and interactions transmitted back to the virtual servers. They are
very chatty. This is unlike applications that run locally and have data stored
locally, where the response is nearly instantaneous. Most of us are used to
this kind of performance. Latency, even if it’s not noticeable by most remote
workers, can add up to productivity losses that run into many millions of
dollars a year. Many of the savvier remote workers have worked around the
performance issues by moving some of the data to local storage on their
devices (such as with email), thus causing a potential security problem if the
device is hacked or stolen.
Ukraine: How to protect yourself against cyberattacks
Experts say they are currently more concerned with institutional rather than
personal cyber hacks. But attacks on individual accounts owned by private
citizens, who work for institutions that handle sensitive information, are
still a risk. "People who are not wary are often the weakest link and the foot
in the door for cybercriminals looking to stage a larger attack on critical
infrastructure," Rachel Schutte, an IT and cybersecurity manager based in
Germany, told DW. This was the case for European government personnel involved
in assisting refugees fleeing Ukraine. They received phishing emails — or
messages aimed at collecting sensitive information — from a Ukrainian armed
service member’s compromised account, she said. In response to increased
instances of cyberattacks aimed at employees of high-profile organizations,
Deutsche Welle has also asked employees to ramp up security on personal social
media accounts. ... Cloud-based services distribute distinct functions
across data centers in multiple locations, fueling a race towards
interconnected networks.
Finance firms scrape alternative data from unexpected sources
In light of the "Great Resignation" and unprecedented job mobility in part
sparked by the pandemic, such data about job happiness is "top of mind for
investors today," Lopata said. Another timely use for alternative data is
tracking how inflation in the U.S. is disrupting markets. Thinknum is
following used car sales on CarMax and Carvana, two of the big auto sales
apps. "We're tracking all that data in real time down to a VIN number, so that
allows you to understand whether prices are peaking," Lopata said. "Beyond
just tracking the peaks … we're tracking when the peak ends." "We're able to
identify that in January '22, we finally started to see some decrease in
pricing," she added. Other current market trends for which Thinknum is digging
up alternative data include changes in the food delivery services business and
cryptocurrency price fluctuations, where the vendor has discovered that
GitHub, the provider of internet hosting for software development, is a prime
source of data.
US Officials Push Collaboration, AML Controls for Crypto
According to Conklin, the Treasury Department has for a decade targeted the
assets of Russian elites - dating back to the country's first invasion of
Crimea in 2014. "So we do know a little bit about how this regime likes to
evade sanctions and move money, and we have a significant toolkit at our
disposal now to tackle that," he said. "The regime does like to layer its
assets and move money. They have a long and extensive playbook to launder
money, and at the center of their playbook is their web of international
corporate registration and the use of foreign companies and foreign persons.
They're also really adept at conversion to other assets, including gold and
foreign currencies." And so, asked whether crypto will be a part of its
workaround, Conklin said: "Certainly, there's going to be an element. That's
part of the playbook, but it frankly isn't at the top of their list." He also
referenced Treasury's sanctioning of the Russian crypto exchange Suex in
September 2021 as an example of "how sanctions can work in the crypto
ecosystem"
Gartner: Public sector must target disjointed IT strategy
Mickoleit recommended that public sector IT chiefs “zoom out” to enable them
to look at how technology investments can be aligned with policy objectives.
As an example of joining up IT with policy, he said it is impossible to
provide high-quality public sector services without the concept of digital
identity, which needs to link across different tech infrastructure and public
sector bodies. Another aspect of the pandemic was that having “good enough”
processes is not sufficient, said Mickoleit. “Just working isn’t enough. There
were huge scaling issues, families and businesses in need.” He warned that
such a situation is not sustainable when there is a disruption. “There is a
need for efficiencies in government,” he added. This means IT leaders need to
focus on reducing the number of process steps to support case work and deliver
a service to a citizen, said Mickoleit. “There is an ideal opportunity to
combine AI and automation for better support,” he pointed out.
How to Become a Data Governance Lead
A significant problem facing businesses implementing a Data Governance program
is the realization that raw data is often not analysis-ready. The data may be
badly organized, unstructured, or has been stored in separate databases. The
data has to be cleaned and standardized before the Data Governance program can
move forward. Developing a Data Governance program might require a fair amount
of manual labor, but after the data has been standardized, incoming data would
be sent automatically to the appropriate location, and in the correct format.
Data silos are a slightly different problem for Data Governance programs. Data
can be stored in silos and treated as though certain teams or individuals own
it — and they sometimes don’t like to share. Additionally, different
departments may use entirely different systems, making standardization
especially difficult. These same departments may have no real understanding of
their data’s value. Data Governance will support a framework allowing access
to their data, breaking down the silos.
Quote for the day:
"A leader's dynamic does not come from
special powers. It comes from a strong belief in a purpose and a willingness
to express that conviction." -- Kouzes & Posner
No comments:
Post a Comment