Multi-cloud, multi-headaches?
Achieving true cloud portability requires adhering to open standards, avoiding proprietary services, and abstracting away cloud-specific dependencies. This often involves refactoring or re-architecting existing applications, which can be a daunting task for banks with extensive legacy systems and monolithic architectures. Failure to properly plan for portability can lead to vendor lock-in, negating one of the key benefits of a multi-cloud strategy. Another challenge lies in managing and optimising costs across multiple cloud providers. Each provider has its own pricing models, billing mechanisms, and cost optimisation strategies, making it difficult to maintain a consistent and efficient cost management approach. Banks must invest in specialised tools and expertise to monitor and optimise cloud spending across their multi-cloud environment, ensuring they are not overpaying for resources or services. As I mentioned last week, this is a burgeoning area called FinOps. Security and compliance are also critical concerns in a multi-cloud world. Banks must ensure that their data and applications are protected according to industry standards and regulations, regardless of the cloud provider they are using.
How to Streamline Your M&A Process with Active Directory Migration
In an enterprise setting, AD is a core component of managing user authentication and authorization—a dual function critical to maintaining secure and systematic access to company resources. Take, for example, a platform like SharePoint, which is deeply integrated with AD. SharePoint uses AD to authenticate user credentials and authorize different access levels to documents and collaborative spaces. The strategic realignment of AD during a merger ensures that SharePoint and similar applications continue to function seamlessly, following the established user permissions and security measures while maintaining the system’s integrity. AD consolidation is a strategic move toward streamlining company operations during a merger or acquisition. When you merge different AD environments, you reduce the complexity and the need for multiple teams to manage each system. It's like having a single remote control linked to all your devices instead of a different one for each. With this approach, there's less chance for disruptions and data, and companies can minimize downtime, preserve data integrity, and maintain compliance with regulatory requirements.
Dealing With Chaos: A Guide for Leaders Feeling Overwhelmed at Work
Being able to handle these scenarios requires the ability to take this blurry
problem and turn it into one that can be solved. This can be rewarding, but
often also involves very long-running, complex work that requires wrangling
multiple stakeholders with differing motivations, long-running negotiations,
and, somehow, getting a tangible deliverable out at the end — which can be
months or even years out. As a result, leaders also lack the positive experience
and dopamine hits that come with getting things done. Many leaders are in the
middle of not just hierarchies, but also communication and context levels,
translating higher-level messages from senior leaders for lower-level team
members who require more clarity and want to understand what those messages mean
for them. It’s taxing to constantly be in the middle, translating between higher
and lower levels of the organization, making your boss care about issues they’re
not super interested in, and helping teammates understand decisions from
higher-up leaders. The tech industry, while fast-paced and innovative, often
pressures leaders to adopt the mantras of, “Move fast, break stuff, do more with
less and better to ask for forgiveness than for permission.”
Now Is the Time for Executives to Deploy Ethical Rules Around AI
The evolution of technology is a runaway train. In many respects, the field
of AI is in its adolescence, but in the past year alone advances in AI and
other nascent technologies have continued at a breakneck pace. Globally, the
public and private sector and academia are engaging in ongoing debates over
the promise, peril, and appropriate uses of AI. As a result, we can expect
2024 to be a year of enhanced government regulation of the technology. I
believe it will ultimately fall to governments to set standards and laws
around what those parameters will be. But while governments will undoubtedly
play a critical regulatory role, the speed of AI adoption will require that
company executives create ethical guidelines of their own around AI. ...
Making sure all AI tools are being formed using unbiased and balanced data
will be of particular importance. Consider facial recognition technology
powered by generative AI. If an AI dataset is trained to favor a certain
type of ethnicity, unfair biases and outcomes will almost certainly be baked
into the tool. Working to create AI tools that avoid these types of
dangerous and inequitable outcomes will be critical to the technology’s
continued development.
Superconducting "Islands" Could Lead to Magnetic Memory
The superconductor in question is yttrium barium copper oxide (YBCO), which
acts as a superconductor below -181 °C—far from room temperature but
positively balmy by the standards of most superconductors. When YBCO is
chilled below that critical temperature, any magnetic field lines that pass
through its interiorgets expelled to its exterior. However, researchers can
still cast magnetic field lines throughthe YBCO’s interior byblasting it
with a new external magnetic field, then quickly turning off that magnetic
field. Researchers have found that if they layer a non-superconducting
ferromagnetic material atop the YBCO, they can imprint those temporary
magnetic patterns through the superconductor and “write” them into the
ferromagnet. Then, the ferromagnet will hold this pattern even after the
external magnetic field is switched off. This is an ability of great
interest for spintronics, the discipline already investigating how to use
these kinds of magnetic structures as computer memory instead of the CMOS
transistors that underpin most of today’s electronics.
How to Strike a Balance Between Technology and Human Connection in the Workplace
Personal talk frequently goes by the wayside among remote teams. Rather than
chalking this up to inevitability, create space at the beginning of Teams or
Zoom meetings to discuss what's going on in everyone's lives. Setting aside
five minutes of "family talk" to make way for 55 minutes of "business talk"
is a decent trade-off. Or take a page from GitLab. They actively encourage
new hires to schedule virtual coffee chats with colleagues during their
onboarding to promote informal communication. During one-on-ones, the talk
can be just as personalized. Leaders should remember that each one-on-one is
about the employee rather than them. Therefore, the dedicated agenda should
concentrate on the employee, not the supervisor. Concentrating on the
employee's needs fosters a two-way dialogue. It also puts some of the
responsibility on the employee to guide the talking points. Remember:
Informal interactions can play critical roles in team and employee-leader
bonding. These "water cooler conversations" don't always feel intuitive in a
digital workspace, so they need to be intentionally allowed.
Traditional corporate leadership structures are failing women in the C-suite
Perhaps the best solution to the decline in the C-suite, is women declining
the C-suite. Women are rejecting patriarchal norms of rigidity, burnout,
harassment, limited opportunity and unfair pay in what has been termed the
“Great Breakup.” Women are more likely than men to leave their corporate
jobs when their needs are not being met at work. In rejecting the C-suite
model, women are calling for more power-balanced, equitable models of
leadership that involve collaboration rather than domination — a model in
which, as Gloria Steinem famously states, “we are linked, not ranked.”
Likewise, in co-author Jennifer Walinga’s research on women entrepreneurs,
women shared how leaving their corporate jobs to be an entrepreneur
fulfilled their desires for a new universe where post-heroic,
non-hierarchical leadership models can be enacted. RBC may have
unveiled another possible solution to failed leadership parity that they
call the “great wealth transfer” — a “seismic change” that is seeing wealth
ownership transfer from men to women. In fact, it is estimated that, by
2028, women in Canada will control $4 trillion in assets — almost double the
$2.2 trillion they control today.
SCCM Exploitation: Compromising Network Access Accounts
SCCM, or System Center Configuration Manager, is an administrative tool from
Microsoft that helps with automating tasks such as deploying software,
applying patches, and ensuring devices comply with organizational security
policies—all from a central location. In a typical enterprise, SCCM is
deployed with a primary site server at the core, coordinating with secondary
servers and management points to manage client devices effectively. This
setup allows for efficient control over an organization’s devices by
defining network boundaries, grouping devices into collections, and
assigning specific roles for tasks like software distribution. ... Perhaps
an even more interesting avenue of attack is relaying the NTLM credentials
of a machine account to the HTTP endpoint, registering a fake computer
certificate with SCCM, and, in turn, using this fake registration to
retrieve policy documents. ... This technique, or rather chain of techniques
developed by Matt Creel, begins with low-privilege sock sessions. Many
penetration testers can attest that sometimes after spoofing answers to
LLMNR, NetBios Name Service, or mDNS requests, the only authenticated
sessions that come in are low-privileged, non-admin sessions.
Finserv State of Play: Perks of Open Source Collaboration
Indeed, even when banks and financial services providers do use open-source
software, for Chris Howard, Head of the Open Source Program Office at EPAM,
they do not necessarily leverage it transparently. He says: “Many
traditional financial institutions are either still afraid to use
open-source because they are still close-guarding their secrets, or –if they
are using open-source – they are doing so in a very introverted way,
consuming the technology but not contributing to the open source,
blockchain-powered network. “As such, the main topic of consideration today
is collaboration, and the need to come together to build data transparently
and then for the industry to standardise these practices,” Howard adds. As
not every financial institution leverages open-source software, and perhaps
those that do are not open about their use of it, the first step to truly
leverage the power of open-source technology is understanding the need to
collaborate, with banks coming together to build data. There are some
examples already of open-source collaboration across banking organisations,
but it arguably does not happen enough, and, where it does, it is the
neobanks and digital players that lead the charge.
World Password Day 2024: Are passwords here to stay?
A full-scale, password-based security strategy can be deployed across an
enterprise of any size with zero additional hardware. Enterprise-grade
hardware for fingerprint or facial recognition is expensive, and thus proves
way tougher to scale without sapping the IT budget. Apart from that,
adopting new forms of authentication involves a complete shift from the
status quo, requiring employees to internalize such a drastic change through
training, which a lack thereof would lead to difficulties in its
implementation. Large-scale enterprises still use mainframe applications to
store decades worth of data simply because it would cost more to transfer
them to a different domain than it would to maintain the applications.
Similarly, a full-scale enterprise-wide migration from passwords to other
forms of authentication poses the risk of a complete financial misfire, even
in a best case scenario. Besides, password-based authentication mechanisms,
due to their long-standing presence, have the best tech support available,
and almost all the problems that could arise when enterprise IT teams deal
with passwords already have.
Quote for the day:
"Develop success from failures.
Discouragement and failure are two of the surest stepping stones to
success." -- Dale Carnegie
No comments:
Post a Comment