Showing posts with label bimodal IT. Show all posts
Showing posts with label bimodal IT. Show all posts

Daily Tech Digest - March 19, 2017

In Defence of the Monolith, Part 1

Of course, any architecture is a trade-off between competing forces, and context is all important. In my own case, the two main monoliths I've been involved with are enterprise web apps, which are accessed in-house. For the last 13 years, I've worked on a large government benefits administration application running on .NET, and for the last five years I've also worked on an invoicing system running on Java. Both systems are monoliths in the sense that most of the business logic is in a single deployable webapp. I'm sure that many other visitors to the InfoQ website work on similar systems. ... In breaking up the application into modules, we should also ensure that the dependencies between modules are in one direction only: the acyclic dependencies principle. We'll talk shortly about how to enforce such constraints; whatever the tooling used to enforce these rules


Artificial creativity (A.C.): Can a computer be creative? It’s scarily close

One of the favorite stories in Science Fiction is of a future where robots are so advanced that they have taken on human characteristics and act as advanced servants. Boston Dynamics currently make the most advanced robot displaying this, able to move freely and interact in many ways with people. But even SciFi have difficulty imagining a world where robots can come up with their own ideas. This world is closer than you may think. In the not too far future machines and robots will not only become more advanced, they will also begin to exhibit aspects of Creativity, and may soon exceed people in the ability to produce simple creative outputs. However, while I believe robots will be able to imitate a human’s ability for crafting creative work, I don’t believe this is the same as true creativity.


Finding Value In IoT Data

A challenge and a huge opportunity remains for those enterprise software and services companies that have the technology and tools available to help people and businesses make sense of, analyze, and harness the tsunami of data that we are about to be engulfed by. Here’s the real business potential to add value through IoT: Companies in almost every industry will transform into digital businesses which means oversight must be powered by real-time data – fed in large part by sensors. As Herzberg, says, the beauty of sensors that they bring real-time data to applications: “Customers run applications for business critical processes, which could run better with real-time awareness.” Big Data analytics and machine learning will deliver personal and business insights and will enable us to make immediate decisions based on that data – rather than relying as we have in the past, on guesswork or out-of-date forecasts.


Metadata Management and Data Governance: The Essentials of Enterprise Architecture

Bremeau says he expects any Metadata Management software today to be able to connect to live databases, data integration servers, and BI servers as well. “My advice, in general, is always to start from the end – from the business [intention] side – and that’s what people hate to do.” He says he prefers to start with the business users because, “That’s basically going to get them excited, if you can start from their Business Intelligence reports,” he said. “If you’re buried inside your ETL, and work for weeks, you will still have nothing to show” to your business users. “At the center of this, you’re going to go to your Data Warehouse and bring everything in,” which, Bremeau said, is not as simple as it sounds. When the data comes in – no matter what products or tools are used,


Digital Transformation Impact on Enterprise Architecture

Digital Transformation is not a new idea. It has now reached mainstream acceptance with with the maturity of technologies such as Social, Mobile, Analytics & Cloud. Success stories of Digital Transformation in the enterprise have always involved people, process, and technology. In this blog, we will focus on technology and more specifically on the evolution of enterprise application and infrastructure architecture in organizations embracing Digital Transformation. ... Transforming existing custom apps into Microservices involves disaggregating the application tier into a number of Microservices and hosting them on PaaS or CaaS. Another major consequence with this architectural change is that traffic between services, which in the past was contained within the application server, now occurs between microservices connected by the data center network.


Testing Enterprise Architecture at the Tactical Level

To test a service is to ascertain that the service meets its requirements. You may be tempted to apply a uniform testing approach to all the services. This is a bad idea. It is better to decide on the approach by service category or even case by case. For application services, testing is an integral part of the best practices of software engineering. The software requirements are most likely defined with Use Cases, which is a concept very closely aligned with application services. ... For technology services, the requirements are often just a technical specification of required resources such as the operating system, storage space and network connectivity. Building and maintaining such services are very different from application services. Infrastructure specialists often react negatively if you


A Security Approach for a Cloudy World: An Interview with Pete Cheslock

Providers such as Heroku, Google Cloud Functions and AWS Lambda really make the concept of securing your systems more interesting when you don’t have any servers to run your code on. These are often referred to as "serverless" - your code executes inside a provider on systems that you likely don’t have any control over. In many ways, this can help make you more secure as you are reducing the number of endpoints you need to secure. But in the end this pushes your security challenges over to the provider themselves. AWS uses their Identity and Access Management (IAM), meaning you are now in full control of providing access to your functions. You need to ensure the security is as least-privilege as possible. Additionally, your code needs to get to the provider somehow, which means you'll be running systems that do the continuous integration and deployment


Enterprise Architecture for the Internet of Things: Containerization and Microservices

Organizations are increasingly attempting to remedy these complexities with virtualization technologies, in which data is made available as an abstraction layer accessible to various parties from distinct locations. Containerization represents the next level of virtualization technologies and may be the most viable means of effecting the flexible agility required to provision, analyze, and reap the benefits of real-time application data in a post-IoT world. Meanwhile, running those applications as microservices could very well be the best means of creating and deploying them in time to account for the IoT’s extreme volumes and velocities of data, especially when they are leveraged within containers. “I think there’s a natural progression there and maybe some of the more forward thinking companies will say hey, this all fits together; I can do this right away,” MapR Senior Director of Industry Solutions Dale Kim said.


What if data privacy wasn’t an issue?

Where personal data is left identifiable, it’s remarkable what can be achieved, with China being the poster child for this sort of application. In some cities in Xinjiang Province, for example, drivers have been ordered to install satellite navigation equipment in their vehicles. And more everyday applications are starting to emerge. “With Transport for London, for example, you have an Oyster card, but when you go to China now they’re using facial recognition,” says Mr McGloin. “They can accept that over there.” Last year, the main railway station in Beijing started trialling facial recognition technology to verify the identity of travellers and check their tickets are valid for travel. In the city of Yinchuan, meanwhile, a passenger’s face is linked to their bank account, enabling bus passengers to pay automatically simply by having their faces scanned.


Bimodal IT: Business-IT alignment in the age of digital transformation

On the architectural level, bimodal IT takes advantage of emerging tools and platforms for agile customer-facing frontend systems while also running the traditional stable, mission-critical backend systems. This results in a duopoly of business-critical scale-up applications running on one stronger computer and scale-out applications distributed on several regular computers for reacting to changed or new business or technological conditions in the short term (Pfützner 2015). The required flexibility is enabled by virtualizing data and resources in a composable modular infrastructure for traditional IT and digital IT (Greiner 2015), partially with the aid of infrastructure respectively platform as a service cloud-based solutions. Companies often use private clouds for traditional IT


Quote for the day:



“The last 10% it takes to launch something takes as much energy as the first 90%.” -- Rob Kalin

Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

Daily Tech Digest - December 22, 2016

Magisto: The machine-generated creativity you're looking for?

There is an attitude in the technology space that startups should look to automate every time-consuming or mundane process. Sick of doing laundry? A web service will do it for you. Not keen on vacuuming? The Roomba solves your issues. These examples, while telling a sad tale of humanity's laziness, at least remove an arguably low-level and mundane task. But what of automating creativity -- can you, and should you? That is exactly what Magisto is setting out to do. The company has what it calls a "smart video storytelling application." What that means in English is that using Magisto, customers can upload video and imagery, choose a theme and a soundtrack and, only a few minutes later, have a complete video to use.


Big Banks Are Stocking Up on Blockchain Patents

Until now, many blockchain startups have downplayed the importance of patents and pinned their hopes on wider adoption through open source. Hyperledger, a venture led by companies including IBM, Accenture and Intel, makes its code free for others to use and enhance. Chain, which lets companies use the blockchain to issue and transfer assets, released its code in late October. Even R3 -- a consortium of some of the largest banks -- made its Corda blockchain available last month. As such projects have multiplied, some blockchain supporters have suggested open-source makes patents irrelevant. It doesn’t, according to Vitalik Buterin, co-creator of the popular Ethereum blockchain. Companies could find themselves being sued by one-time collaborators. Large firms could wield patents to muscle into promising businesses developed by today’s startups.


How to manage the top 4 tech culture challenges

Leading a tech team in the current culture of competition and globalization comes with a unique set of challenges, and requires a distinct set of leaderships skills to mitigate them. A recent report from corporate training and leadership development firm VitalSmarts lays out the particular competencies tech leaders need to build successful organizations and products. "Everybody who's ever worked in tech feels like there's something quite different and unique about that culture and the whole industry," said VitalSmarts vice president of research David Maxfield. "The questions we were asking were: 'Are these differences real, do they matter, and if so, how?'" The researchers first interviewed more than a dozen leaders from tech firms asking about the unique challenges of the field.


VMs prove most popular Docker infrastructure -- for now

"Capacity wasn't important. Stability was the primary driver," said Stephen Eaton, infrastructure technical lead at Dealertrack Technologies, a holding of Atlanta-based Cox Enterprises. Encapsulating applications in containers that float over infrastructure made the workflow easier for the entire IT group. However, as he ramps up containerization -- the goal is 80% of the group's apps on Docker containers within a year -- Eaton will be closely watching network-attached storage performance. With five times as many apps using the storage resources, will there be latency with logs or scaling that necessitates changes to the underlying Docker infrastructure? ... Containers also change the equations for dynamic and static load balancing. While container-monitoring capabilities are not yet close to those available for virtualization, log-monitoring tools such as Sysdig and Splunk are working on the visibility issue with admin-friendly dashboards.


Digital Transformation and Bimodal IT

As we all know, the Traditional IT team in each enterprise is entrusted with the responsibilities of maintaining functionality, safety, and predictability. Generally speaking, these are the teams that ensure that the show is running without any interruptions. The Exploratory IT team, however, are the specialists, specifically employed to implement the latest, futuristic version of IT. They work on systems and processes that will increase the ability of the company today and optimize its capabilities for the future. They are the guys who, for example, are implementing the new move to the cloud, creating the proof of concepts for the latest IoT offering, demonstrating to the world your connected car expertise, or training the new team created to work on the latest systems. They train the “would-be” employees and make all the necessary plans and strategies for the future migrations.


Alice: A Lightweight, Compact, No-Nonsense ATM Malware

Trend Micro first discovered the Alice ATM malware family in November 2016 as result of our joint research project on ATM malware with Europol EC3. We collected a list of hashes and the files corresponding to those hashes were then retrieved from VirusTotal for further analysis. One of those binaries was initially thought to be a new variant of the Padpin ATM malware family. However, after reverse analysis, we found that it to be part of a brand new family, which we called Alice. ATM malware has been around since 2007, but over the past nine years we have only learned of eight unique ATM malware families, including Alice. This new discovery is remarkable because it shows a clear tendency for malware writers to attack an ever-increasing variety of platforms. This is especially acute against ATMs, due to the high monetary value they represent.


Multi Modal Delivery with SAFe 4.0

To create an integrated system that actually creates value for customer and business takes capabilities that take trips piercing multiple layers, touching multiple systems, each with their own ingest and delivery model for new functionalities. In the example above, generated from a real customer situation, the process layer comprises a team of teams that in itself operates as an Agile Release Train. However, this needs to be timing orchestrated and technically integrated with deliveries from other groups. The customer facing front ends are delivered by an external supplier who is running traditional Scrum on a 2 week iteration cadence, while the back end Mainframe Services delivery has not yet transformed, and is operating on a traditionally planned project basis.


Here are the biggest IoT security threats facing the enterprise in 2017

In 2017, the IoT device security debate will escalate, putting pressure on manufacturers to architect fundamental security principles into the designs of internet-connected products. We may even see governments around the world take an active role in IoT safety legislation. Everyday appliances (e.g., the iron, washing machine and dryer) are subjected to rigorous testing, both by the manufacturer as well as independent testing labs, but a similar approach is not being taken with respect to cybersecurity for IoT devices. As a result, most are unsecure by design, and many vendors choose convenience (e.g., using default credentials in their appliances) over implementing proper security measures—a flagrant violation of best practices in product development.


Nokia and Apple trade accusations in patent lawsuits

The eight patents covered in one of Nokia's Texas lawsuits, filed Wednesday, are related to the H.264 Advanced Video Coding standard approved by the International Telecommunication Union, according to Nokia's complaint. A second Texas lawsuit covers 10 patents for a range of other technologies. Apple products using the H.264 video codec include the iPhone, iPad, iPod, Apple Watch, Macs, and Apple TV, Nokia said in its complaint. "Despite all the advantages that have been enjoyed by Apple, Apple has steadfastly refused to agree to license Nokia's H.264 patents on reasonable terms," Nokia's lawyers wrote. "Dozens of companies have licensed Nokia’s patents for use in their products ... Apple, however, refuses to pay Nokia's established royalty rates."


Cybersecurity Confidence Report Card

For the second year, practitioners cited the “overwhelming cyber threat environment” as the single biggest challenge facing IT security professionals today, followed closely by “low security awareness among employees” and “lack of network visibility” due to BYOD and shadow IT. No doubt, the dangers are real. Just last week Yahoo disclosed that over a billion user accounts had been stolen – back in 2013. Quest Diagnostics says that the hack of an internet application on its network exposed the personal health information of about 34,000 people. Venafi CISO Tammy Moskites doesn’t like assigning scores, but she does acknowledge that she’s constantly challenged with “making sure that we’re doing the right things right.” “We’re going to be more challenged with making sure that we’re able to be quick and agile when and if an attacks occurs,” Moskites says.


Quote for the day:


"Be sure you put your feet in the right place, then stand firm." -- Abraham Lincoln

Posted by at No comments:
Labels: , , , , , , , , , , , ,

August 12, 2016

How smart offices of the future can make companies more intelligent

A smart office will change everything. Think of how, just 10 years ago, a desktop computer was everything. Now, most employees use multiple devices daily, said Jeremy Ashley, group vice president for Oracle Applications User Experience. "The office has just become one part of the entire story. We're looking to see what types of trends are emerging here. One example is a trend that has emerged only because we have these devices. Everywhere I've been around the world, I ask, 'what's the very first thing you do in the morning?' Doesn't matter where it is, they say, 'I pick up my phone and I read my email, my Facebook, and a selection of other things.' This is a brand new behavior. It's never happened before," Ashley said.


New DBMS products open the door for a once dormant market

As new requirements, such as the need to support more unstructured data, emerged from advances like social networking, start-up vendors approached DBMS concepts differently. "The DBMS market had become quite boring, but market changes recently have made it much more interesting," said Donald Feinberg, vice president, analyst at Gartner. Traditional system revenue has flattened out, but sales of new tools -- although small in relation to the total market -- are increasing by double digits. So, buying a DBMS is no longer a simple choice among Oracle, Microsoft and IBM. One reason for the recent attention is the market's size and growth. The database market is expected to increase from $40 billion in 2015 to $50 billion by 2017, according to IDC. A number of factors are fueling the growth and market shake-up.


Busting Bimodal Myths

Bimodal is the practice of managing two separate but coherent styles of work: one focused on situations of greater predictability, the other where exploration is required. Mode 1 is optimized for areas that are more well-understood. It focuses on exploiting what is known. This includes renovating the legacy environment, so it is fit for a digital world. Mode 2 is exploratory, potentially experimenting to solve new problems. Mode 2 is optimized for areas of uncertainty. Mode 2 often works on initiatives that begin with a hypothesis that is tested and adapted during a process involving short iterations. ... “Bimodal capability that marries the renovation of the IT core with the exploratory approach to developing new digital products and services is essential for an enterprise to survive and flourish in the digital era,” said Mr. Mingay.


Want The Government To Do Something About Cybersecurity?

Our IT infrastructures and capabilities are known to produce benefits for our economy, but clearly we are sub optimized in our current approach. Our schools still teach the old way with almost no benefits from new technology. Most students have no more than a working knowledge of computers. And we turn out too few who can master IT. Economically, we have great unrealized potential in using IT to enable job growth and economic benefits while reducing cost of healthcare, cost of living and cost of education. Smart IT can also reduce cost of business and reduce the cost of goods to consumers. In the federal government, IT helps serve citizens but CIOs and CTOs struggle agency by agency to deliver value.


Information security ignorance is not a defense

Government entities, regulators, and the courts are increasingly applying the "reasonableness" test to determine if an organization was responsible for a breach, or other security lapse. First, courts in California applied this standard, followed closely by the FTC. Unfortunately, "reasonableness," as it relates to information security practice, is nowhere defined specifically. Even so, this standard will likely be applied by many courts in the growing number of security-related lawsuits.  It is clear that businesses of all sizes must ensure that they have done everything practical to protect their customer assets, and to prevent any harm to those customers due to their neglence. Given the rise in litigation, however, they must also be able to demonstrate in court that their precautions were "reasonable."


Why Outsourced Call Center Roles Are Coming Back Onshore

So-called “enabler technologies” accounted for about half of the reported investments by contact center providers from 2014 to 1015 — with analytics, automation and multichannel tools the biggest areas of spending, according to the Everest Group report. “CRM and communication technologies have become table stakes with most, if not all, providers including them within their portfolio,” Bhargava says. “In order to differentiate themselves in the hyper-competitive call center outsourcing landscape as well as cater to enterprise needs, service providers have invested in enabler technologies.” HGS, for example, launched its DigiCx platform, which incorporates automation and analytics to deliver chat-as-a-service and other self-service capabilities.


Business Intelligence Analytics is the Future of SaaS

Data preparation is quickly becoming a critical capability of experts, who traditionally relied on others to get the data sorted out and ready from them. In order to transform unsorted data into information on demand, people doing customer targeting, risk analysis and marketing operations will need the necessary tools and skills to handle self-service data preparation at scale. As the gap widens between all of the data and the people who know how to analyze it and use it, companies that do not adapt to modern standards will experience big data blunders, such as embarrassing data quality errors and miscalculation of data.


How developers define 'open' and 'closed' technology

"Open" is one of the most nebulous terms in technology, yet it's also a label that oddly carries huge emotional baggage. To be open is to be on the side of truth and righteousness. To be closed or proprietary is, well, on par with drinking unicorn blood. (Hint: only Voldemort does that.) The problem, however, is that there are no hard and fast rules for "open" or "closed," yet we act as if there were. Perhaps the best way to sniff out true "openness" is to look to developers to see what they feel comfortable building upon. With developers as our guide, the stark differences between open and closed become much more subtle and interesting.


Asymmetric Information Is Economists' Little Secret

Why is asymmetric information so crucial to an understanding of financial markets? It’s probably related to the reason people want financial assets in the first place. People want cars and bananas and microwave ovens because those things are immediately useful. But most people who buy and sell financial assets have no intrinsic desire for the asset itself -- they only care about how its value to other people will change in the future. That means that while information is important for many products, when it comes to financial markets, information is the product. Many major economics papers have explored this fact. One example is the famous 1980 paper “On the Impossibility of Informationally Efficient Markets,” by Sanford Grossman and Joseph Stiglitz.


Inside Look at SWIFT-Related Bank Attacks

"We came across a very interesting piece of malware and one of our researchers, during their analysis, recognized that this malware is likely to have been used in the attack against the Bangladesh Bank," McKinty says. "That's where we got engaged with SWIFT. We were able to provide them some insight, with regard to what had happened at the Bangladesh Bank." And from there, the tale of the malware got more interesting, he adds. While attributing any of these attacks to a single entity or group is challenging, McKinty says the code used in the Bangladesh attack is not widely available in the underground. As a result, BAE believes that the code used in the SWIFT-related attacks is a variant of the same code used in the attacks against Sony Pictures and the bank in Vietnam, he says.


Quote for the day:


"No amount of source-level verification or scrutiny will protect you from using untrusted code." -- Ken Thompson

Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Comments (Atom)