June 20, 2014

The Internet as we know it is dying
All is not well on the Web. While the particulars of each outburst of consternation and anger vary significantly, a common theme connects them all: The relentless corporatization and centralization of control over Internet discourse is obviously not serving the public interest. The good stuff gets co-opted, bought out, or is reduced to begging for spare change on the virtual street corner. The best minds of our generation have been destroyed by web metrics, dragging themselves across a vast wasteland in search of the next clickbait headline. At Twitch TV, the gamers are worried that Google’s “copyright monster” will tame their freewheeling Wild West and obliterate years of work.


Fast data: The next step after big data
Like Kafka, some NewSQL systems are built around shared-nothing clustering. Load is distributed among cluster nodes for performance. Data is replicated among cluster nodes for safety and availability. To handle increasing loads, nodes can be transparently added to the cluster. Nodes can be removed — or fail — and the rest of the cluster will continue to function. Both the database and the message queue are designed without single points of failure. These features are the hallmarks of systems designed for scale. In addition, Kafka and some NewSQL systems have the ability to leverage clustering and dynamic topology to scale, without eschewing strong guarantees.


Mobile security, privacy and future challenges
Modern mobile applications are distributed using centralized application stores, which is a recent trend in application distribution. While centralized application distribution is advantageous, this approach could also potentially lead to facilitating centralized distribution of Trojan horse applications, backed and given the stamp of approval of the application store vendor’s reputation. There can also be challenges with patching and updates. Keeping current with mobile platform releases by providing timely upgrades and patches on an ongoing basis is critical to reducing vulnerabilities. This is especially challenging on the Android platform due to its fragmentation. Loading mobile applications by means other than application store distribution can potentially lead to security or privacy exposures. The typical examples are USB or browser installs.


What cloud providers still get wrong, and what customers could do better
"One of the things that really gets my goat — normally enough for me to stop any relationship with a cloud provider — is when they go directly to the business with a sales pitch effectively saying, 'We can do this without involving your IT department'," Rammal said. "Sounds lovely — up until they need to integrate with some of the legacy environment. Then suddenly we're left with a badly thought out, badly [drafted] plan. So that's a definite a no-no to me. "The world of IT has changed substantially. We're not the blockers that we may once have been. Cloud companies need to understand they need to work with us on that process."


Speed in Software Development
Work experience in most cases affects speed as well. A developer with 20 years of experience will typically solve problems faster than a developer with 5 years of experience (even if they somehow have equal skills). Note, however, that skill does not equal experience. You can have a lot of experience applying quite irrelevant skills and will not be able to solve most problems that the company has. ... Most companies have a wide range of problems: some of them are simple, some of them are challenging. Inexperienced developers are passionate about everything, almost any problem will bring some new knowledge to them. Experienced developers are more picky and it is better to give them problems of adequate complexity.


American Express customers receiving new breach notifications
Customers of American Express are starting to get a new round of breach notification letters. This time, the letters (mostly identical in wording) are due to two separate incidents, but the full impact is unclear - as the exact number of customers set to receive these notices isn't known. For those keeping score: American Express has now had to issue three different notification letters this month, in order to address three different data breaches.


Do the math: your new enterprise technology may be a decade old
Lawson advises that enterprises start their cloud journey by “bridging the gap between existing on-premise resources and cloud-based solutions. Enterprises are finding that they can augment existing infrastructure and plug into cloud-based services to support their legacy hardware and to quickly innovate and extend capacity. Application Programming Interfaces, or APIs, make it easy for enterprises to access a wide range of capabilities.” All it takes is experience, he continues. “As companies gain experience with running software and cloud-based solutions, they begin moving more and more of their operations to these more agile solutions.”


Facebook has built its own switch. And it looks a lot like a server
The creation of a custom-designed switch that allows Facebook to control its networking like it currently manages its servers has been a long time coming. It began the Open Compute effort with a redesigned server in 2011 and focused on servers and a bit of storage for the next two years. In May 2013 it called for vendors to submit designs for an open source switch and at our last year’s Structure event Parikh detailed Facebook’s new networking fabric that allowed the social networking giant to move large amounts of traffic more efficiently.


Hacker puts 'full redundancy' code-hosting firm out of business
The attacker also gained access to Cloud Spaces' control panel on EC2 and deleted the company's digital assets from Amazon's infrastructure when the company tried to regain control of its account. "We finally managed to get our panel access back but not before he had removed all EBS [Amazon Elastic Block Store] snapshots, S3 [Amazon Simple Storage Service] buckets, all AMI's [Amazon Machine Images], some EBS instances and several machine instances," Cloud Spaces said in an announcement on its website. "In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted."


CIO interview: Mark Bramwell, head of IT, Wellcome Trust
“It is going to be very much about providing a support core – because if the main systems are not available, the whole credibility of IT is damaged. But it is going to be much about more business enablement, with more conversations, system exploitation and thought leadership,” Bramwell says. “We need to try to answer fairly crucial questions: how can we collaborate better without jumping into solutions before understanding them? What do we mean by collaboration – do we mean connecting communities, sharing information or video conferencing? What is the opportunity, challenge or issue we are trying to resolve?” he adds.


Quote for the day:

 "Those who do not know how to weep with their whole heart don't know how to laugh either." -- Golda Meir
Posted by at No comments:
Labels: , , , , , , , , , , ,

June 19, 2014

Indian IT Act is there to Help Enterprises
Indian companies are well equipped, because of their grounding in the outsourcing space – that have always had a very good internal securities and procedures and systems. Multinationals who have offices in India have to globally maintain a standard. So, India, I wouldn’t say, would be lower in compliance than it would be in America or the western world.  Banking is definitely pretty aware of it – because they have to, because of the criticality of data. But, what about sectors like manufacturing, automobile or e-commerce? They have so much of analytics coming in, cloud computing... Data is now residing not just on premise, it’s on cloud. So how are the vendors providing robust security?


How the Cloud Can Make IT Shops More Innovative
Jagdish Rebello, an analyst at IHS, agreed, saying he has seen a move by IT departments to free their employees to be more innovative. "IT has started to become a lot more innovative," he told Computerworld. "IT has become a cost center. Servers, the network, infrastructure -- it was all about cost. It was a necessary investment for the company. They didn't think about it as a way they could generate profit. The cloud is allowing IT to become a profit center instead of just a cost center." With cloud services managing processes like company email and data storage, enterprises IT departments have more time, for example, to help their companies be more interactive with customers and suppliers.


Agile TBD
The other interesting comparison is to look at the differences between companies doing agile versus companies selling agile. To sell something to someone else, by its nature, you have to package it up, make its value understandable to others, and teach others how to use the product. With any process, this means codifying the processes, practices and techniques so there is a consistent, repeatable methodology. There are many companies in the market doing this today with Agile. However, that's the very antithesis of agile, which is in fact not a process, practice nor methodology, but simply a way to think about problems and how to solve them. By its very nature, packaging up agile into a repeatable, static process violates agile principles.


BYOD vs CYOD: Which is right for your organisation?
Most organisations with a BYOD policy retain the right to wipe all data from a user's device if it is lost, as they do with CYOD policies. However, this can be upsetting for employees when it happens to a personal device. With CYOD, different employees could also be eligible for different devices and levels of corporate network access, depending on the type of work they do. Equally, some employees may not even qualify for CYOD devices, but instead be offered limited network access via their own equipment. Sophisticated mobile device management can make CYOD more flexible and BYOD more secure.


A third of boards remain in the dark on cyber defence status
“The lack of boardroom insight into cyber threats revealed by our survey may partly explain the reluctance of some companies to give up outdated security goals,” said Alan Calder, founder and executive chairman of IT Governance. “This situation is underlined by the fact that 38% of respondents still say their objective is to prevent all cyber-attacks, an aspiration which will strike many information security professionals as unrealistic or even naive.” Highlighting this sea change, the report revealed that 51% of respondents now accept that cyber security is no longer appropriate to ensure business sustainability, and the inevitability that some attacks will be successful.


Intel to Offer More Custom-Tailored Server Chips
Why all the effort? After all, Intel commands roughly 97% of industry shipments of server chips. For one thing, big Web companies including Google and Facebook have made noises about experimenting with new chip technologies, including the Power line that originated at IBM and the ARM Holdings designs that many companies sell for mobile devices. For another, Bryant is pushing to get standard processors from Intel into networking, data storage and other applications that now typically use chips based on Power or MIPS designs. Backers of ARM are racing to grab those same applications.


US banks are all set for an epic fail
From the perspective of the "unbanked" and those incorrectly assigned negative or no credit ratings--which number in the millions--the motivation is strong to embrace disruptors in an immediate and very big way. ...  Note also the website on the movement behind this film: it contains information meant to aid and empower regular citizens to change the financial industry as a whole and their own circumstances in particular. The copy there indicates American Express is wisely driving innovation to ensure its own financial security: "In an effort to drive innovation in financial services, American Express is supporting startups working on financial solutions and research focused on financial inclusion."


Kicking application latency off your network
Workload balancing, another option, migrates virtual machines between servers to optimize each host's application workload and bandwidth demands. Data centers can also replace a NIC port with one that is 10 GigE or greater, or add a separate NIC adapter and assign a troubled workload to the high-bandwidth NIC port. However, faster NICs are extremely expensive, require physical installation that can take a server offline, and usually impose collateral expenses in LAN switching infrastructure. For example, if you install a 10 GigE NIC on a server, you'll also need a switch with 10 GigE ports.


Can software solve our healthcare crisis?
Solving our current healthcare crisis requires something that other industries have done successfully for decades: efficiently managing complex relationships. But diagnostic healthcare entities require more than what is offered by traditional CRM. The easiest way to illustrate this point is by thinking of your own experiences in a healthcare setting. What is the first thing your primary care physician typically does when you pay them a visit? They almost always take a blood draw. This draw initiates the process of laboratory testing, which often occurs within a lab business that is external to your physician's office.


Rich Reimer on SQL-on-Hadoop Databases and Splice Machine
There are multiple reasons not to use MapReduce. First and foremost, HBase does not use MapReduce to access HDFS; instead, HBase accesses HDFS directly, while maintaining its own metadata to quickly find single records in HDFS files. MapReduce is designed for batch data access and therefore would not be appropriate for the real-time data access required by Splice Machine. MapReduce must start JVMs (Java Virtual Machines) for each query, which can take up to 30 seconds, even to retrieve a single record.


Quote for the day:

 "For an organization to be exceptional, all teams within the organization must be moving toward a shared vision." -- Rich McCourt
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

June 18, 2014

Network Functions Virtualization demands new network management models
An alternate approach preserves these past practices by creating a new operations model that sits above the ETSI NFV processes. This model would define services as a collection of virtual elements some of which might be implemented through NFV processes and some through normal legacy-network provisioning and management. Efficiencies in service agility and operations efficiency would be created by this new operations model and could be applied even to services with no NFV components at all.


U.K. allows British spies to intercept Google and Facebook traffic
Farr, one of the U.K.'s most senior security officials, said British spies have the right to intercept Internet communications even if they are from British citizens because the services often use Web servers located outside the U.K. Many messages "such as a Google search, a search of YouTube for a video, a 'tweet' on Twitter, or the posting of a message on Facebook," could be qualified as external by the intelligence services, he said. Under British laws, the country's intelligence services require a special warrant to monitor communications of British residents located within the U.K., which can only be granted if there is reason to suspect the person is involved in unlawful activity.


NAS device botnet mined $600,000 in Dogecoin over two months
It's not the first time that nefarious mining operations have been set up: scammers behind Android malware thatGoogle yanked from the Play store earlier this year used hijacked smartphones to mine "thousands" of Dogecoin. But the Android effort was nothing compared to NAS mining network, according to a security researcher at Dell's SecureWorks, who said this illegitimately acquired mining operation is the "single most profitable" to date, earning its operator an estimated $600,000 over two months earlier this year. The key to the entire operation were four security vulnerabilities in the Linux-based OS running on a NAS box by Taiwanese manufacturer Synology.


How to start a human capital initiative
No matter how well you manage human capital or how you choose to incorporate the process into your business, human capital strategy is doomed to be just one more plan – indeed, just one more empty ritual — unless it plays out in a vibrant cultural dialogue that motivates, inspires and magnifies greatness in all your people. As you devise a human capital strategy, you are aiming for the multipliers. You want to plan for the ineffable quality that gets you to a sum of five when you start with two and two.


How to Write a Job Description That Attracts Top IT Talent
It's also crucial to be specific when outlining the necessary skills and knowledge, Borre says. Make sure you understand what is a necessity and what isn't, and be forthright about communicating that in the description. "You have to outline the 'must-haves' first; the skills and knowledge that candidates should possess or they shouldn't even bother applying," she says. "Make sure you separate these in the description from what's 'nice to have,' and be very granular and specific when explaining the skills and knowledge," Borre says.


Shortage of cybersecurity professionals poses risk to national security
Some of the recommendations from the RAND study include waiving civil service rules that impede the hiring of talented cybersecurity professionals, maintaining government hiring of these professionals through sequestrations, funding software licenses and related equipment for educational programs, refining tests to identify candidates likely to succeed in these careers, and developing methods to attract women into the field. A longer-term approach entails reducing the demand for cybersecurity professionals in the first place by limiting the use of problematic computer applications or encouraging the development of harder-to-hack operating systems.


Cloud Innovations in Higher Education [INFOGRAPHIC]
With the advancement of technology, Cloud computing has become a huge driving force for the enterprise and public sector in recent years. Inevitably, colleges and higher education institutions have also started to make use of the technology. So much in fact, that 55% of higher education IT administrators and professionals have said that the cloud is the #1 technology improving their efficiency. Furthermore, 80% of students are expected to take some sort of cloud-based online class by the end of 2014. Institutions have been able to make use of the cloud by improving productivity suites, messaging/social networking, conferencing, storage and computational power – with well-known universities like MIT and Berkeley using the technology.


API gateways emerge to address growing security demands
Morrison said API gateways bear some resemblance to Web application firewalls in the sense that they serve to apply security measures that were previously missed in the development process. He emphasized though that a Web application firewall's value is limited only to security, while API gateways provide extensive management and other capabilities that are enticing to enterprises. The technology can help protect against various attacks that would bypass a traditional enterprise firewall, according to Morrison, including the aforementioned SQL injection attacks.


Better messaging means security can grow with IoT
As IoT grows, it'll become a wider and a more attractive target for hackers who want to disrupt industrial systems, said VDC Research analyst Chris Rommel. Some systems, such as aircraft, are better equipped to contain hacking attempts than are others. "Messaging security is becoming more and more important," Rommel said. Maybe the best thing about DDS Security is that it scales better, Barnett said. With SSL, each time a device communicates with another device or application, it has to set up one secure channel with one private encryption key. That can become a problem when there are many different apps and machines to talk to.


SaltStack for Flexible and Scalable Configuration Management
Configuration management is the foundation that makes modern infrastructure possible. Tools that enable configuration management are required in the toolbox of any operations team, and many development teams as well. Although all the tools aim to solve the same basic set of problems, they adhere to different visions and exhibit different characteristics. The issue is how to choose the tool that best fits each organization's scenarios. This InfoQ article is part of a series that aims to introduce some of the configuration tools on the market, the principles behind each one and what makes them stand out from each other.


Quote for the day:

 "Our thoughts and imaginations are the only real limits to our possibilities. " -- Ralph Waldo Trine
Posted by at No comments:
Labels: , , , , , , , , , , ,

June 17, 2014

Is business transformation a dirty word(s)?
Every IT management guru worth his or her salt is keen to talk about “business transformation” almost as if it is some de facto standard around which all firms should now structure their central commercial strategies. But then, perhaps they should. Perhaps business transformation is that important. Strange then that business transformation has never been capitalised to Business Transformation and afforded the (BT) acronym… but this is mere folly in the wider world of business transformation, so what is it? As of 2014 we can state generally that business transformation is the process by which firms of all shapes and sizes can go about making fundamental deep-rooted architectural-level changes in terms of how they conduct their business processes and the multiplicity of channels upon which they carry them out.


Like Water, Digitalization Fills the Data Lake
Digitalization in an organization or a market is like water: It flows everywhere, bypassing obstructions. Have you tried to stop a flood by placing an obstacle in its path? Water just takes a circuitous route or dislodges the obstacle altogether. And like water, the disruption of digitalization goes on, flowing downhill, defying barriers. Consider for example digital currency such as Bitcoin: It bypasses financial and political controls simply because nobody can get a grasp on it, and when major retailers finally accept this digital currency there won’t be any going back. Or consider file sharing (Dropbox), over which IT is now struggling to regain control because it simply got bypassed.


Big data wake-up call: Increased online privacy concerns require risk management
The TRUSTe survey was followed by a UK-based survey conducted by the Global Research Business Network (GRBN) that reported that 40% of respondents in the UK and 45% of respondents in the US were highly concerned about the safety of their personal data. ... This is a wake-up call that should be considered as part of every company's big data strategy under the category of risk management. In other words, how do you use big data about people and things productively and profitably without risking a loss of trust and business patronage from consumers who are beginning to question it? Here are four points to think about.


Check out what SDN can do! Google lets you load balance across regions
Google is adding two new storage and networking features to its Google Cloud Platform ahead of its user conference next week, both designed to make its cloud offerings faster and easier when compared to competing products from Amazon Web Services or Microsoft. Google is adding persistent flash storage, which my colleague Barb Darrow has already covered, and HTTP load balancing across regions. The load balancing is a fulfillment of the hope for automatic shifting of compute resources from data center to data center without disrupting the workload.


Target top security officer reporting to CIO seen as a mistake
Experts commended Target Friday for hiring a CISO, but questioned its decision to have the executive report to Chief Information Officer Bob DeRodes, hired in April, and not directly to interim CEO and President John Mulligan. They worried that security might not get a high enough priority, if the CISO is not equal to the CIO. "There is always a trade-off when it comes to implementing security, but as we have come to learn, security should no longer play second fiddle to other considerations," Al Pascual, analyst at Javelin Strategy & Research, said. "The CIO and CISO are really complimentary roles, and to be truly effective they need to act as partners within an organization."


Security training is lacking: Here are tips on how to do it better
Heimerl said the problem is that, too frequently, companies don’t strive to make the training relevant. “True security awareness is not just an introduction to some security concepts,” he said. “You have to teach employees new habits, then encourage them to support those habits, and reinforce the good habits. “And the security training has to work for that employee in that organization. What works for Pete at Big Blue Bank will probably not work for Mary at ACME Healthcare.” Another problem is the fatalistic view that training is not worth the time and expense, since all it takes is one person to click on a malicious link and the enterprise is compromised.


Intel's vision of our wearable future: From onesies to wetsuits
If an Intel video is to be believed, wearable tech is far more than pedometers and fancy wristware. In the video, T-shirts change their design to reflect a song playing on a personal music system; a jacket changes its design pattern to attract a butterfly, and when it lands on the jacket a dialog box pops up with information about the creature; a surfer gets updates on water temperature and conditions, with the information displaying on his wetsuit and beamed back to the meteorological service; and a connected smart patch displays biometric data like blood pressure and calories burned off in exercise, and lets users scan menus to get information about nutritional content of food on a restaurant menu.


Powerful Dyreza banking malware emerges
Dyreza uses a technique called "browser hooking" to view unencrypted web traffic, which involves compromising a computer, capturing unencrypted traffic and then stepping in when a user tries to make a secure SSL (Secure Sockets Layer) connection with a website. During an attack by Dyreza, a user thinks their authentication credentials are going to a legitimate bank, but the malware actually redirects the traffic to their own servers, wrote Ronnie Tokazowski, a senior researcher at PhishMe, another security company that has studied the attack. Users mistakenly think they have connected over SSL to their bank's server.


Pro tip: Two Excel conditional formats that simulate graphs
Thanks to conditional formats, graphs can be embedded at the cell level. Well, they're not true graphs, but the visual impact is the same. You're simply sharing visual clues that make it easier to interpret your raw data. In this article, we'll use Excel's conditional formats, data bars, and color scale to simulate graphs that you can display along with your raw data. You can work with a simple data range or download the .xlsx file. These formats are supported by the .xlsx format only.


How smartphone and tablet management is changing
One approach IT shops have taken around mobile app development is mobile backend as a service, where IT uses application programming interfaces and software developer's kits to tie mobile applications with cloud computing services. Mobile content management (MCM) is an active market in which IT buyers have many options. Organizations can use more consumer-based products such as Dropbox and Google Drive, and there are also more enterprise-grade platforms like those from Box, Acronis, Accelion, Soonr and WatchDox. In addition, vendors are offering MCM and secure file transfer through EMM systems such as Citrix's ShareFile and AirWatch's Secure Content Locker.


Quote for the day:

"Our self image, strongly held, essentially determines what we become." -- Maxwell Maltz
Posted by at No comments:
Labels: , , , , , , , , , , , , , ,

June 16, 2014

The era of the entitled customer: A recipe for creating amazing customer experiences
A single bad experience might lose you a customer — or a handful of customers — through word of mouth, but companies didn’t really care because they could drown out negative experiences with marketing spend. Clever marketing trumped user experience. ... But the advent of social media has changed all that: Customer's voices, amplified by social media, now trump even the cleverest of marketing. Combine that with a massive surge towards subscription and freemium models, increasing saturation of digital marketing channels, increased competition and decreasing customer loyalty, and you have the recipe for an era where users, not brands, wield unprecedented power.


The Data-Driven Workforce: 5 Critical Roles
Data is the lifeblood of digital organizations. I've seen a European retail bank generate an average 500% sales increase from its marketing campaigns, for example, by segmenting the customer base and using advanced analytics to determine which products to offer to each segment. To find and unlock this kind of data-driven competitive advantage, however, business leaders need to develop a more data-savvy workforce. We're starting to see a transition to a more data-oriented workforce, in which existing roles take on a revived importance and new roles have arisen from the need to manage and fully exploit data. Here are five key roles to develop as you strive to build a data-driven organization:


The App-Driven Future of TV
The Rising Star app will direct users to the appropriate music store for their advice in order to download music from performing contestants. It will also serve ads, which, like Twitter’s promoted tweets, can be coordinated with on-air commercials. First, it needs to get them to tune in. Viewers have their choice of singing competitions already with American Idol and NBC's The Voice(where Yaron previously worked as an executive producer). The Rising Star app risks coming off as a gimmick slapped on an old concept. Or, says Yaron, it "could revolutionize live television ... not to oversell it."


Operators warned to push security up the agenda and respond quicker
Chris Stock, Director of Security Management Programmes at TM Forum, believes all this indicates one thing – a change in culture is still required at operators. “Chief Security Officers need to be talking on an equal level with the rest of the C-suite. How you sell security to the board is a key challenge that needs to be addressed,” he tells European Communications. “Security needs to be included as you design new processes… and the first step is education.” Paul Nguyen, President of Global Security Solutions at CSG Invotas, is in full agreement. “Security is moving up the agenda as the C-suite is being held more accountable and concern around the protection of consumer data grows,” he explains.


Internet of Things: What Does it Mean for Data Centers?
In 2014, data centers are only at the beginning of the change phase to the IoT. Whereas today, monitoring power and backup power still calls for someone physically walking up to that monitoring equipment, once everything becomes digital, the monitoring of the information as well as the control of the power will be achieved through digital technology over the Internet. There are elements of that futuristic concept being used today in data centers but they are not integrated, rather, they are used independently. Down the line, when collected data at data centers are connected to the Internet, analyzed and used intelligently, all that data will be used to predict the future and facilitate better business decisions.


The Ad Industry Reinvents the Hyperlink for the Mobile Era
Technology companies large and small are now driving wider adoption of deep linking by offering technology that makes it easy to deploy, manage, and use deep links. Twitter and Facebook are perhaps the most influential companies pushing for deep links to be used more widely. Last April, Twitter added support for deep links in the “cards” that companies can use to display rich media alongside Twitter messages sent from their website or app. The support was also added to “promoted,” or paid for, tweets. Facebook had already, in 2012, allowed deep links to appear in posts to its News Feed, but last October the company began selling a new kind of mobile ad based on deep linking.


Where does troubled Mozilla go from here?
There is no question, however, that the firestorm about Eich's political stance, which led to three Mozilla board members resigning and web sites banning the use of Firefox, hastened his departure. Eich himself simply stated that, "I resigned because I could not be an effective leader under the circumstances." ...  Mozilla Foundation Executive Director Mark Surman gave perhaps the most nuanced explanation of why Eich left when he blogged that while Eich had "led a band of brilliant engineers and activists who freed the Internet from the grip of Microsoft," at the same time he wasn't able to "connect and empathize with people." In short, he was a fine CTO, but not CEO material.


Cloud security: Are firms still fretting about the wrong issues?
Companies are still hung up on questions such as the physical location of their data in the cloud, as much for emotional reasons as for regulatory compliance, a recent Dell round-table event in London heard. "The irony is that most of these organisations will be using outsourced development teams in India, who probably have access to live production instances and have access to all the data anyway," technical lead for Dell's EMEA information security practice Don Smith said. He saidd that one of Dell's largest European customers is in Finland, which shares a robust approach to data protection with Germany.


MPLS networks not obsolete, but Internet as WAN catches up
"There is a trend toward using the Internet, but it's nowhere near as dramatic as: ‘The private WAN is dead. Long live the Internet!'" says Johna Till Johnson, president and founder of Nemertes. "[The growth] is interesting and provocative, but doesn't necessarily mean people are using the Internet as a WAN." For all its headaches, MPLS will continue to play a major role in WAN architectures. Enterprises will likely favor a "hybrid WAN" model that uses both MPLS and high-speed Internet or carrier Ethernet in a single location or alternates between them throughout the WAN, according to Andrew Lerner, a research director at Gartner.


Security: The Fault Lies not in Our Clouds, But in Ourselves
What continues to fail is the management of security. The known security problems related to Cloud, to date, have been engendered and enabled by management failure. Some of this comes from continuing inadequate, perimeter-focused, technology-first IT security practices – in itself a large and prolonged management failure. The fact that even some Cloud providers, typically thought to be leading-edge in technology and business, continue to apply these same types of security practices amazes me. But some management failure also comes from Cloud providers’ customers, the companies that outsource storage, processing, apps and more to Cloud. It’s not blaming the victim to suggest that too many businesses don’t look far enough into, or demand enough from, Cloud providers’ security management.


Quote for the day:

 "Close scrutiny will show that most "crisis situations" are opportunities to either advance, or stay where you are." -- Maxwell Maltz
Posted by at No comments:
Labels: , , , , , , , , , ,

June 15, 2014

What is an Architecture Context Diagram?
A key point in this diagram is that every component was shown in its context. IT only existed because it was useful in a business or management context. The business architectures existed in the context of a legal organization. Processes existed in a business process context that included triggering events, products, business rules, applications and outcomes. I could go on, but the point to remember is that every architectural component exists in one or more contexts; and each context exists in an even bigger context. So the IT context supports one or more Business contexts, within an Organization context, which exists within an Environmental or Social context.


Ramblings of a Disturbed Consultant – Part 2
The vendor did not set these expectations, nor did the solution set these expectations, yet we are left with a towering skyscraper of expectations for the software solution to fulfill. Now, all it takes is for one influencer to feel that their expectations were not been met, and the perception becomes that the solution did not meet the needs of the business. Not only does this take focus away from the objectives that have been met by the solution, but it also means that all the pressure created by the perceived failure falls back on the individual influencers. The question asked of the influencers by their managers, “What product will best meet our needs” now becomes an accusation, “This was your idea.”


Understanding DNS Zones
A DNS zone is the contiguous portion of the DNS domain name space over which a DNS server has authority. A zone is a portion of a namespace. It is not a domain. A domain is a branch of the DNS namespace. A DNS zonecan contain one or more contiguous domains. A DNS server can be authoritative for multiple DNS zones. A non-contiguous namespace cannot be a DNS zone. A zone contains the resource records for all of the names within the particular zone. Zone files are used if DNS data is not integrated with Active Directory. The zone files contain the DNS database resource records that define the zone. If DNS and Active Directory are integrated, then DNS data is stored in Active Directory.


Sustainable Enterprise Architecture
ICT Enterprise architecture is the backbone of corporate IT systems, the question is are they or can they be sustainable? Join the MD of Carbon 3IT and Vice chair of the BCS Green IT SG John Booth and his guests Alex Bardell of Deloitte, Richard Lanyon Hogg of IBM, Bob Crookes from DEFRA and Chair of the BCS Green IT SG and IT4s Consultant Gary Thornton as they answer the core questions for sustainable enterprise architecture: - What is sustainable enterprise architecture?; Will it require additional skills or money to achieve?; and Will enterprise architecture be superseded by cloud technologies?


Autonomous System (AS) Migration Features and Their Effects on the BGP AS_PATH Attribute
This draft discusses common methods of managing an ASN migration using some BGP feaures that while commonly-used are not formally part of the BGP4 protocol specification and may be vendor-specific in exact implementation. It is necessary to document these de facto standards to ensure that they are properly supported in future BGP protocol work such as BGPSec.


eBook: API Patterns for Cloud & Mobile
Dan Woods, Chief Analyst CITO Research, outlines enterprise architecture requirements for designing, managing, and protecting APIs and how the emerging API Gateway "proxy" deployment model is speeding deployment across industries. In this model, authentication using OAuth and other lightweight protocols such as REST and JSON are all the rage but Enterprise-class security is still lacking. To present actionable solutions, Dan presents 5 core API patterns for mobile, partner, data control, and PaaS infrastructure with actionable diagrams and a monetization model for APIs.


The Cardinal Sin of Data Mining and Data Science: Overfitting
The researchers test too many hypotheses without proper statistical control, until they happen to find something interesting and report it. Not surprisingly, next time the effect, which was (at least partly) due to chance, will be much smaller or absent. We note that Overfitting is not the same as another major data science mistake - "confusing correlation and causation". The difference is that overfitting finds something where there is nothing. In case of "correlation and causation", researchers can find a genuine novel correlation and only discover a cause much later.


Modern API Architectural Styles Offer Developers Choices
Not all API architecture styles are created equal, and there may not be one style that fits your needs perfectly. Organizations will need to carefully evaluate the API styles described here and others (including those coming down the pike) to determine which best fits business needs. The choice may not be easy, but when it comes to the future of your business, one thing is for sure: Using what you’ve always used, (whether it’s an API style, a scripting language, a software program, or other technology) just because you’ve always used it, is a pretty sure path to stagnancy and perhaps even eventual failure.


Roads in the Future Will Need Data Standards as Well as Signs, Says DOT's CIO
"I see that the marriage of information technology with transportation is going to be as transformative as anything," said McKinney. "I'm beginning to see things that I couldn't have imagined as a young man."  The overarching goal is to make driving as safe as air travel, and reduce the 30,000-plus traffic fatalities annually. Among the technologies that could play a major role, is DSRC, which is being used in a pilot test in Southfield, Mich. DSCR systems enable vehicles to communicate with one another, but it also requires the devices to be deployed along highways as well as in cars. It takes the auto industry five to seven years to add new technologies to vehicles, do DSCR is clearly years away.


New, More Cost-Effective High-Speed Encryption Solutions from SafeNet
"There is a perception that high-speed encryption can be expensive, as small and large businesses look to protect not just data center traffic but other aspects of their network traffic," said Prakash Panjwani, senior vice president and general manager, Data Protection Solutions, SafeNet. "Our new high-speed encryption offerings erase that misconception by giving customers a single platform to ‘encrypt everywhere’— from traffic between data centers and the headquarters to backup and disaster recovery sites, whether on premises or in the cloud. With our comprehensive network traffic encryption solutions, customers can better protect their data from eavesdropping, surveillance, and overt and covert interception at an affordable cost, without compromising security or performance."


Quote for the day:

 "Excellence is not an accomplishment. It is a spirit, a never-ending process." -- Lawrence M. Miller
Posted by at No comments:
Labels: , , , , , , , , , , , ,

June 14, 2014

Sugata Mitra: What the Slumdog Guru Did Next
Sugata Mitra is the Indian academic and polymath who became known for his Hole in the Wall computer-based education scheme where he left internet-connected PCs in rural Indian villages and observed the amazing ways in which children with no English skills or previous exposure to computers teamed up to find information and solve puzzles. ... The banks put ATMs everywhere so I built myself a DIY [kiosk] in the wall of the slum with a glass pane and a touchpad running Microsoft Windows and it had a broadband internet connection and I left it there. It was three feet off the ground and the first people who came there were children and they said ‘What is this?’


The five minute CIO: Mick Callan
IT architecture should cross over between IT and certainly enterprise architecture is more about the business than it is about IT, being able to communicate and articulate what the business needs. Sometimes IT is working well if it's innocuous. It's about meeting the business needs and streamlining IT to fit around those in as unconvoluted a way as possible. The five pillars of IT architecture are business technology strategy, human dynamics, quality attributes, the IT environment, and design. People sometimes put it all in IT environment or design, but human dynamics is a huge part that's often missed. If you talk to people in the IVI around capability models, they are all tuned around the business needs.


My Digital Banking Nirvana
One potential solution is to integrate Capital One’s new SureSwipe login feature into a new mobile banking relationship. With SureSwipe, all a customer needs to do is remember a pattern as opposed to passwords, making login easier.Digital consumers also do not want to go through a series of authentication steps just to see the balance in their account. In the U.S., GoBank provides the opportunity to see balances with a simple swipe of the finger. GoBank is still one of the few banks in the U.S. to provide this instant balance feature, even though Mapa Research found close to 20% of major banks worldwide offing this functionality.


Aruba Networks: the network-aware application & the (mobile) application-aware network
Jon Green says that facilitating the new #GenMobile network will demand open interfaces. This is open interfaces as opposed to a proprietary protocol for networked routers. Mobility-Defined Networks operate such that the networks should be “defined and shaped” by the needs and demands of mobile users. The technology here should be capable of constantly capturing and correlating real-time state information – it will then be able to automate network security actions based upon that data. Aruba says that the focus for us here is on the middle control layer of software that can automate  manual tasks and processes.


Need for Proactive Enterprise IT Innovation
While the robot and high-powered computer disruption outlined by Brynjolfsson is not quite upon us yet, disruption was the common topic among the CIOs and other C-level execs at the conference. Digital business transformation means "using technology to radically improve performance or the reach of your business," said MIT research scientist George Westerman during a panel on digital transformation. Those transformations can include putting the customer first in every process as advocated by Dell CIO Adriana Karaboutis or having a goal where 80 percent of all business transactions are digital by 2020 as outlined by AT&T CIO Thaddeus Arroyo.


Tech worker groups boycott IBM, Infosys, Manpower
The main goals of the boycott are "attention getting" and putting pressure on the IT staffing firms to change their practices, Conroy said. With IT staffing agencies competing to fill U.S. positions, the companies contracting for their services may want to consider if the staffing firm "has a good reputation," she said. The boycott should also raise concerns about staffing firms violating equal employment laws, said Les French, president of WashTech. "In addition to calling attention to an illegal practice, we want to show there are valid challenges to the 'labor shortage' of STEM workers," French said in an email.


Hong Kong: Silicon Harbour or Silicon Failure?\
The government has issued no fewer than five Digital 21 Strategy documents since the handover, detailing its blueprint for ICT in the SAR. It has tried to encourage the local startup scene to flourish by building facilities including Cyberport, the Hong Kong Science and Technology Park, and more recently hot-desk spaces like The Hive and Cocoon. It’s also been trying to get foreign businesses to move in by offering up disused factories as datacentres and waiving the fees usually levied on firms wanting to convert such buildings to tier-one and -two bit barns.


The depressing truth about e-waste: 10 things to know
In 2012, the United Nations reported that in five years, the world's electronic waste would grow by 33% from 49.7 million tons to 65.4 million tons. That's the weight of 200 Empire State Buildings or 11 Great Pyramids of Giza. Considering the lifespan of a cell phone is now only 18 months and a laptop's life span is only around two years, that rapid growth rate isn't surprising. What is surprising, however, is how little the public knows about e-waste and how to properly dispose of electronics. Here are 10 things to know about the e-waste life cycle.


Troubleshoot and Resolve Routing Issues—BGP
We can use BGP in the following conditions: Customer connected to multiple Internet service providers (ISPs); Service provider networks (transit autonomous system) and In very large enterprise networks, where we can use BGP at core layer as a redundant routing protocol. Common Neighbor Stability Problems of BGP: Misconfigured neighbor’s IP address and AS number; Reachability issues when interfaces other than directly connected interfaces are used while peering (update-source issue); Authentication must be properly implemented (if configured) and Router ID must be unique. BGP often stuck in idle or active state


The Agile Organisation: Are You Ready for Revolution?
Anyone who has been in an Agile team can tell you stories about people who follow the letter but not the spirit of Agile. While it’s true that positive behaviours can lead to a virtuous circle that eventually changes mindset, it’s equally true that a team can normally carry only one or two such people, before the effort breaks down. If this is the case with a small team, imagine how much harder it is for a whole company, where the existing structure actively discourages transparency, inspection and adaptation.


Quote for the day:

 “No man will make a great leader who wants to do it all himself, or to get all the credit for doing it.” -- Andrew Carnegie
Posted by at No comments:
Labels: , , , , , , , , , , ,

June 13, 2014

Why Open Source Software Isn't as Secure as You Think
One problem facing many open source projects - and the reason it's hard to blame Seggelemann or the rest of the OpenSSL team - is that carrying out a rigorous code security review is immensely time consuming and requires a high level of skill. That means it's very expensive. This is illustrated by another open source project: The TrueCrypt encryption program. The code has been open to anyone who cares to look at it since the project started 10 years ago - but it's only very recently, following fundraising campaigns on Indiegogo and Fundfill that yielded $60,000, that the code has undergone a proper security audit.


Three best practices for reducing the risk of SQL injection attacks
Structured Query Language is flawed because of the way it was architected. It can be fooled into trying to interpret data as an instruction. On the other hand, there’s a lot of capability in SQL that makes it attractive to developers, especially for web applications. Since the consequences of SQL injection attacks can be so damaging, I asked Michael Sabo of DB Networks about best practices that companies can follow in order to reduce their risk of this threat. Sabo says there’s no silver bullet, but he does have some advice. “Often you will hear, ‘if you just do this, or just do that, the problem will go away’,” says Sabo.


9 Mobile Apps To Get You Fit
"Mobile technology is truly revolutionizing the future of healthcare, and mobile apps in particular have played an important role in improving communication between physicians and patients, increasing adherence to medical prescriptions, helping patients locate good doctors and pharmacies, and encouraging preventative measures," says Jeff Holleran, senior director of Enterprise Product Strategy at BlackBerry. "Both doctors and patients are finding that mobile apps can provide a fast and efficient way to stay in touch and exchange information. Providers are leveraging apps so that they can respond quicker and share data faster. On the consumer side, mobile apps are growing in popularity as people become increasingly more conscious about their health and well-being."


How M2M Network Connectivity Is Driving the Growth of Industries
The advantages of the Internet of Things are obvious of course; smart connected devices that share data and make information always available to make informed decisions. M2M connectivity can best be described as devices that are capable of communicating with each other, without the need for human interaction. Global M2M applications include smart CCTV cameras, vehicle tracking, self-driving cars, secure ATM’s, smart energy metering, patient monitoring and many more possible applications. This infographic shows a few of these applications from telematics to utilities monitoring thanks to sensors.


Quality Is Not An Accident!
As quality continues to evolve, the question becomes, “how do we shift the ‘definition’ of quality to reflect quality leadership?” If we refer to Deming’s quality methods, there are some clear indicators as to how we can connect quality principles to leadership principles. ... Just as TQM is timeless and applicable to all organizations, so is quality in leadership. Bear in mind, true quality of any sort takes time, commitment, focus and work - Quality Is Not An Accident! Despite the commitment, if you do the hard work, the results are huge, and multiply exponentially over time. Quality (as a whole) works – like a secret weapon – increasing your odds of achieving sustainable success.


Google Wants To Collect Your Health Data With 'Google Fit'
Google Fit will aggregate data through open APIs, instruction sets that allow apps to share information, and will also announce partnerships with wearable device makers at its I/O conference,Forbes understands. One source with knowledge of Google’s plans said Google Fit would allow a wearable device that measures data like steps or heart rate to interface with Google’s cloud-based services, and become part of the Google Fit ecosystem. Google could not be reached for comment at the time of writing. It’s unclear if Google Fit will be a service build into the next version of Android, or a standalone app that Android users will be able to download independently.


Scaling the data mountain
Faced with ever increasing volumes of data and demand for storage, it’s simple for an organisation to spin up yet another virtual machine, and add or expand a disk to store even more data. Ultimately, however with data growth outstripping IT budget growth, a reactive approach isn’t sustainable and at some point financial considerations will force a more sophisticated response. It’s therefore essential that IT teams take a holistic view, considering solutions that will enable them to gain greater value from their information, and in parallel, avoid risks arising from regulatory compliance and legal claims


FCC to push network providers on cybersecurity
"The FCC cannot abdicate its responsibilities simply because the threats to national security and life and safety have begun to arrive via new technologies," he said. "If a call for help doesn't go through, if an emergency alert is hijacked, if our core network infrastructure goes down, are we really going to say, 'Well, that threat came through packet-switched IP-based networks, not circuit-switched telephony, so it's not our job?'" The FCC will push operators of U.S. communications networks to adopt cybersecurity best practices developed by the FCC's advisory committee, the Communications, Security, Reliability and Interoperability Council [CSRIC], Wheeler said.


Threat intelligence versus risk: How much cybersecurity is enough?
While threat intelligence is the foundational piece of risk assessment at Equinix, the use of intelligence data in the security industry is often ad hoc. "It has either plateaued or actually decreased," said Do. "There are always two sides of the spectrum," he continued. "The companies that are very good at doing SIEM [security information and event management] and all of these intelligence pieces so that the more intelligence or data points that they've added to their infrastructure, the smarter they become." But the majority of the security teams don't do that. "They are either mired in compliance checkboxes or chasing down shadow IT services.


The Risks and Responsibilities of Tech Innovation
Companies cannot proudly take ownership for the positive impacts of their products while distancing themselves from harms. Companies should acknowledge that there may be risks to using their products in plain English (and Spanish, French, German, Arabic, Mandarin, and any other language necessary) — while making it clear that they will be proactive in assessing and mitigating those risks. ... Companies should allow for the ability to push out software updates to make their products safer once the risks become clearer. There are plenty of safe driving apps for cell phones, which might offer a precedent for Google to follow.


Quote for the day:

 "Making the simple complicated is commonplace; making the complicated simple, awesomely simple, that's creative." -- Charles Mingus
Posted by at No comments:
Labels: , , , , , , , , , , , ,

June 12, 2014

Russian mobile banking Trojan gets ransomware features, starts targeting US users
That ransomware function was further improved and at the beginning of June a new variant of Svpeng was identified on mobile phones outside of Russia. Ninety-one percent of users affected by the new version were based in the U.S., but the malware also infected devices in the U.K., Switzerland, Germany, India and Russia, Unuchek said. Upon installation, the new Svpeng modification claims to perform a device scan and displays a fake notification from the FBI warning the user that the device was used to visit porn websites and has downloaded "prohibited content."


Purely Functional Configuration Management with Nix and NixOS
Many of Nix’s advantages flow from the use of these hashes. For instance, let’s look at what happens if we upgrade a package. Nix installs packages from sets of package descriptions calledNix expressions. One such set is the Nix Packages collection (Nixpkgs), which provides thousands of packages. You can get it by cloning its Git repository, but most users get it through a so-called Nix channel. ... In Nix, whenever you install, upgrade or uninstall a package via nix-env, Nix builds a tree of symbolic links (called a user environment) pointing to the installed packages. The current user environment is reachable from the user’s PATH environment variable, through some indirections.


CEOs of Microsoft, HP, Intel talk future of computing
HP's Whitman said the "explosion of data" is going to happen in two or three years -- not 10. "Because of the explosion of data, the existing way we do compute is not going to scale," she said. "Maybe even two years from now or three years from now. People think, well, we don't have to worry about this too much because it will be 10 years from now. But this is happening much faster." The Machine, a brand-new computing architecture HP described earlier in the day, is designed to deal with this data explosion, Whitman explained. It will move and process massive amounts of data much faster than today's computer architectures, she promised.


Google engineer: We need more Web programming languages
"The Web is always available, except when it is not," Bracha said. "It isn't always available in a way that you can always rely on it. You may have a network that is slow or flaky or someone may want to charge you." Therefore any Web programming language, and its associated ecosystem, must have some way of storing a program for offline use, Bracha said. The Web programming language in the future must also make it easier for the programmer to build and test applications. The chief language used today for the Web is JavaScript, which is deficient in a number of ways, such as support for offline usage of apps. And this may remain the case for a while: JavaScript is based on the ECMAScript standard, which can take years to be updated. "It should be easier to do these things," Bracha said.


New OpenSSL vulnerability puts encrypted communications at risk of spying
The man-in-the-middle attack is possible because OpenSSL accepts ChangeCipherSpec (CCS) messages inappropriately during a TLS handshake, Kikuchi said in a blog post. These messages, which mark the change from unencrypted to encrypted traffic, must be sent at specific times during the TLS handshake, but OpenSSL accepts CCS messages at other times as well, Kikuchi said. The problematic code has existed since at least OpenSSL 0.9.1c, which was released in December 1998, so the bug is over 15 years old, Adam Langley, a senior software engineer at Google, said in an analysis of the issue posted on his personal blog.


SQL-on-Hadoop brings open source framework into mainstream
Williams said a lot of the time required to develop SQL software goes to "pure SQL wizardry." What he describes as SQL overhead includes studying data, conceiving a schema, normalization, index creation and query creation. The time required to rework established programs may be the bigger issue, he insisted. "If anything in the application changes, you have to redo all that work," he said, suggesting that development techniques centered more on Java or Python languages be used where possible for unstructured data. Still, TrueCar is working with Hive, Tez and other SQL-on-Hadoop technologies as well, he admitted.


MasterCard expects big growth from 'big data' insights
While MasterCard expands in "big data", Cairns sees no slowdown in its traditional business of processing payments, with plenty of potential for growth as 85 percent of consumer transactions are still made by cash or cheque. "Moving money and doing it safely and securely is so deeply cared about by so many people around the world that it will be a business that has fantastic value now and for years to come," said Cairns, who previously worked at Citigroup and ABN Amro. London-based Cairns, whose division accounts for 60 percent of MasterCard's business, said the expansion of e-commerce and emerging markets is driving growth, noting that 2.5 billion people are still without access to financial services.


Transactional NoSQL Database
NoSQL databases have come along, in many cases providing a more natural fit from a modeling perspective. In particular, document-oriented databases, with their rich JSON and/or XML persistence models have effectively eliminated this impedance mismatch. And while this has been a boon to developers and productivity, in some cases developers have come to believe that they’d need to sacrifice other features to which they have become accustomed, such as ACID transaction support. The reason is that many NoSQL databases do not provide such capabilities, citing a trade-off to allow for greater agility and scalability not available in traditional relational databases. For many, the rationale for such a tradeoff is rooted in what is known as the CAP theorem.


High Performance search using MongoDB and ASP.NET MVC
MongoDB is an implementation of an object-oriented document database which is a flavor of NoSQL databases. NoSQL is an alternative to the traditional relational DMBS that solves several limitations of relational databases although usually at the cost of normalization or referential integrity at the DBMS level. Document databases are a type of NoSQL databases that pair a key with a complex data structure known as a document. A document can contain one or more key-value pairs. Because NoSQL database have simpler structures and do not have the overhead of enforcing referential integrity, they are more scalable than relational databases and provide superior performance, particularly for searching.


How to pitch enterprise architecture in one long breath
EA is the integrated, consistent and navigable description of the enterprise as well as the governance principles that guide the coherent enterprise change and strategic transformation. Your credibility has risen here. The Director should smile meekly now. But there is still work to do, you utter before long. Because you have to come up with the why and with an one page next steps that show how the planned deliverables concur to shape your EA and deliver benefits to your Director, specifically, beside those to the entrprise as a whole.


Quote for the day:

 "Coolly observe,calmly deal with things,hold your position,hide your capacities,bide your time,accomplish things where possible." -- Deng
Posted by at No comments:
Labels: , , , , , , , , , , , ,

June 11, 2014

Traits of a DBA - Part One – The Technical Side
In this article I will discuss the technical traits a DBA should have, and in my next article I will discuss the valuable personal traits that make a person an excellent DBA. Technical traits are those skills a person uses to perform a particular task that is technical in nature. These technical tasks fall into a wide range of categories related to managing and maintaining a SQL Server environment. Below is a list of those technical traits or skills that would be beneficial for a SQL Server DBA to understand. This list is in no particular order.


Hybrid IT: The Best of All Worlds
“In this fiercely competitive landscape, many companies don’t even have time to put together detailed business cases before they respond to competitive changes. If you don’t take advantage of the right technologies to move quickly, you will get left behind,” says Elizabeth Shumacker, Vice President, Global Products & Solutions Marketing at CenturyLink Technology Solutions, a global provider of managed services on virtual, dedicated and colocation platforms. In this white paper from CenturyLink, we learn how the drive to maximize IT agility in support of new business needs (e.g., digital customer experience; big data analysis) while holding down cost is leading many CIOs to re-imagine their core IT infrastructure.


Snapchat Must Either Grow Up or Risk Disappearing
"If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises," FTC Chairwoman Edith Ramirez writes in the agency's announcement. "Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action." Before the ink even dried on its settlement with the FTC, Snapchat was in hot water again, this time with the Electronic Frontier Foundation (EFF). The non-profit committed to defending civil liberties in the digital age scored Snapchat at the bottom of the pack in its annual review of technology and communications firms titled "Who Has Your Back?


Google Open Sources Its Secret Weapon in Cloud Computing
Google is now sharing this technology with the rest of the world because its business has evolved. In addition to creating its own web applications, it now offers cloud computing services–services that let outside companies build and run software without setting up their own machines. Releasing Kubernetes as a way of encouraging people to use these cloud computing services, known as Google Compute Engine and Google App Engine. But the new tool isn’t limited to the Google universe. It also lets you oversee machines running on competing cloud services–from Amazon, say, or Rackspace–as well as inside private data centers. Yes, today’s cloud services already give you quick access to large numbers of virtual machines,


Threats in the Cloud – Part 1: DNS Attacks
Attackers use malicious IFrames (the size of a pixel) or malicious Jscript to expose the unsuspecting user’s system to a variety of exploits. If all the software on the user’s system has not been kept up-to-date with security updates, one or more of these exploits could allow attackers to successfully compromise the system and allow attackers to download malware onto the system. Attackers will then have remote access to the system and potentially control it remotely. The user’s system can then be used for a wide range of illicit activities without the user’s knowledge or consent, such as DDoS attacks, spam projects, hosting stolen and pirated content and software, stealing data and software keys from the compromised system, potentially stealing the compromised computer’s users’ identities, etc.


HP Cloud Chief: OpenStack and Cloud Foundry a Match Made in Heaven
Open platforms are popular with these people because they enable development of applications. “Applications are great because that’s where the touch-point with the broader organization happens,” Mishra said. When applications are easy to build and deploy, IT shops can deliver the innovation that is expected from them. There are many parallels that can be drawn between OpenStack and Cloud Foundry, but the main one is in the way both open source technologies have given big IT vendors, such as HP and IBM, an on-ramp into the cloud services business.


Stretchable electronics could lead to robotic skin, computerized clothes
Researchers at Purdue University have made an advance in stretchable electronics that could lead to computerized clothing and robots with humanlike skin that can "feel." The issue has been how to create stretchable electronics, but the Purdue scientists have found a simple answer -- a sewing machine. The same sewing machine that you use to make your child's Halloween costume or to stitch together a pair of curtains is the same machine that can make what scientists call ultra-stretchable interconnects out of conventional wire.


Model-Driven Architectures + BI: The Perfect Pairing
One byproduct of MDA is a dashboard that is conceptualized by business-users from various disciplines rather than one that exclusively reflects IT capability. This is because MDA, at its very essence, is a development approach that starts by asking the question "Why?" What is the purpose of the application we're building? What business problem are we trying to solve? Once the answers to these questions become apparent, MDA developers work backwards in collaboration with the end users they are assisting. This requires visualization and cross-functional consensus about what data is relevant and what insights are desired.


Managers: Beware Becoming Part of the Drama
Let’s face it, some people thrive on bringing their personal challenges into the workplace and baring them all for the world to see. These drama kings and queens seem to revel in sharing their own misery with us in a seemingly never-ending series of scenes from the worst tragic Broadway or faux-Shakesperian play ever. As distracting and annoying as these people and their gray clouds of doom and dust become, it’s all too easy for the manager to get caught up in these serial soap operas, excusing poor performance or spotty attendance due to the nightmarish circumstances of the latest tragedy, illness, divorce, break-up, melt-down or (insert one you’ve heard before).


Most valuable storage metrics describe performance, capacity
Storage metrics cover a lot of ground. Administrators can get information on everything ranging from storage performance to bandwidth and cost. Whether you're working with object, block or file storage, StorageIO founder Greg Schulz said the metrics that matter most depend on how your storage is being used. In this video, Greg helps users nail down which storage metrics are most valuable by grouping them into one of four categories using an easy-to-remember acronym: PACE.


Understanding SQL Server Concurrency
When you can't get to your data because another application has it locked, a thorough knowledge of SQL Server concurrency will give you the confidence to decide what to do. Download your free copy of SQL Server Concurrency: Locking, Blocking and Row Versioning, the new eBook by world-renowned SQL Server trainer Kalen Delaney, dive into SQL Server's models for concurrent access, and learn how to troubleshoot blocking, deadlocking, and update conflicts. The simplest way to catch these problems on your servers is with SQL Monitor, so grab a free trial and see how quickly you can put Kalen's tips into practice.


Quote for the day:

 “You can change only what people know, not what they do.” -- Scott Adams, God's Debris
Posted by at No comments:
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)