September 09, 2014

DNSSEC Adoption - A Status Report (Part One)
The final step in the deployment of DNSSEC is the use of validated information by services and applications to provide enhanced and innovative security services to users, with browsers obviously being first in line. Businesses need to see better online security as a market advantage — especially financial services firms. More signed domains are needed to demonstrate full viability, and that's currently a huge gap in the DNSSEC chain of trust. New TLDs will help to some degree, but more needs to be done. There are two obstacles standing in the way of more secure domains, one related to policy and one technica


Dear Apple: Thank you for not measuring up
Indeed, throughout the course of using an Android device you steadily come to realise that it's the little things that make it a superior mobile experience: the much-improved keyboard, for example, which learns from your typing and predicts your next words with uncanny accuracy, or the amazingly useful widgets that make Apple's icons-R-Us interface seem positively archaic. That Apple is now playing catchup on these and other points, confirms that even its own engineers realised they had remained too inflexible, for too long.


Closing the High-Tech Gender Gap
The Lemelson-MIT Prize is an award for invention, for making discoveries useful through commercialization, and for inspiring the next generation. ... My biggest fan and mentor has always been my dad, himself a serial entrepreneur. When I became a professor, he had mixed feelings about me climbing the ivory tower. To encourage me, he asked one simple question: “When will you start your first company?” (As it turned out, I started my first company within five years. Since then, my students and have founded 10 companies between us.)


6 Strategies for Cancelling a Major IT Project
Before ever cancelling a project, make sure it can't be saved, says William Gutches. As part of a thorough investigation into whether a project must be cancelled, review the original scope of work, the skillsets of those involved, the requirements materials, the testing process, ... "The fundamental decision is whether or not there are sufficient reasons and support and agreement of the project sponsors to allow the project to proceed knowing what the new time, cost, budget and expectations are at the point of this investigation," he says. "If that agreement can be made, then proceeding is possible."


Risk appetite and its influence over ISO 27001 implementation
ISO 27001 implementations use the risk appetite concept implicitly, through the risk assessment probability vs. impact matrix, defining risks as acceptable, manageable, and unacceptable. Even though this approach may have benefits related to ease of use, some considerations must be taken when applying the risk appetite concept: With a high risk appetite, even a risk assessed as high can seem attractive if the potential gain is high enough; and Greater risk appetite can expose you to more risks, by making you use less strict controls in pursuit of a specific opportunity


Facebook’s Open Compute Servers Still Tough Sell for Corporate IT Shops
Facebook has publicly said it saved more than $1 billion as a result of using Open Compute gear in its data centers, and companies like Rackspace and IO have built cloud infrastructure services using Open Compute server designs. Earlier this year Microsoft said it had adopted OCP specs for the infrastructure that supports its entire portfolio of online services, including Azure. While there are some individual success stories, however, there has been little public information about how OCP is doing in the traditional data center space. Are banks and corporate IT shops using Open Compute servers? The most likely answer is not really or very little.


Easy Android file encryption with Encdroid
In light of the recent debacle with the iCloud hack, it's nice to find out you can find some easy-to-use third-party tools on Android to encrypt your more sensitive files and folders. One such tool is Encdroid. This particular encryption tool creates volumes that are compatible with EncFS, so they can be read from Windows, Linux, and Mac. ... Encdroid allows you to encrypt your files/folders with Dropbox, Google Drive, or the local storage of the device. The app is free and quite simple to use. Let's walk through the process of installing and using Encdroid to encrypt files and folders within Google Drive.


How to Test if Your Strategic Goal Is Really Strategic
“The community is healthy” is the effect of the other two performance results. This cause-effect relationship helps to position the second two results as causes of the first. When you get this cause-effect relationship embedded into a single strategic goal, it suggests that the goal is actually made up of performance results that sit at different levels or tiers in the organisation. It means that we can set the strategic goal as “The community is healthy” and cascade the other two performance results as operational goals. It makes sense, because the two operational performance results would naturally be the responsibility of one or two divisions of the organisation.


Why It Makes Sense to Transition to Managed Services Model?
This model is attractive as the pricing structure is based on regular monthly billing around service levels and volumes, rather than per diem fees associated with staff augmentation. This greatly reduces volatility in costs and supports accurate and predictable budgeting. Moreover, as compared to staff augmentation, the relative increase in costs in this model as business requirements grow and the service expands are significantly lower than the costs involved in further augmenting staff numbers and skills due to economies of scale, labour cost arbitrage and flexibility with staffing.


Busting cloud myths: Four user instances where cloud computing failed
It backfired because the developers kept buying instances without any restraints. “If you give someone a red button to press every time they want a candy, they will keep pressing it,” said Barnett. The company had predicted about 30 cloud instances, but ended up paying for 750. Barnett emphasised the importance of governance, staff training and awareness, as well as having policies in place to make sure cloud strategies pay off. “It is not just AWS. The same thing would have happened if they were with any other cloud service – Microsoft Azure or HP, for example.


Quote for the day:

 “Every great leader has incredible odds to overcome.” -- Wayde Goodall
Posted by at No comments:
Labels: , , , , , , , , , , , ,

September 08, 2014

CIOs should prepare for the battle between old BI and new BI
"Where their data sits is where the analysis will sit." Cloud BI has lagged in adoption because cloud-based data hasn't yet accumulated enough mass. But it will. As more and more data sources shift to the cloud and momentum around technologies such as Salesforce.com and Workday build, so too will the ecosystems that support those technologies. That doesn't mean all -- or even most -- of BI will move to the cloud. The on-premises data warehouse is still a cornerstone for businesses. "As long as that's the case, we think most of the analysis layer will be on-premises,"


Risking ERM in the Cloud
One argument for moving ERM to the cloud -- or at least having a corresponding system that lives in the cloud -- is that for most businesses ERM comprises multiple systems, which have to communicate and synchronize with one other. Consolidating those systems and moving them to the cloud would seem to make sense, especially given government and other mandates to upgrade systems and keep them in line with current regulations.Another reason is to help enterprises as they migrate in-house applications to a SaaS model. At every step along the way, they still need to manage their risk, follow regulations, and remain in compliance with policies.


China develops facial recognition payment system with near-perfect accuracy
According to Zhou Xi, director of the CAS Chongqing Green Technology Research Institute, researchers have developed a unique data collecting technology, which could simultaneously gather facial information from 91 different angles. Researchers were also able enhance the system's learning abilities to function stably and accurately in a dynamic environment. Zhou said that the system scored the highest accuracy, 99.8 percent, according to a Carnegie Mellon international standard, exceeding its predecessors' best record of 97.6 percent. The facial recognition system has already been utilized at border controls and attendance machines.


DevOps IT Automation Software Chef Goes Freemium
There are both business and technological reasons for merging the two versions of Chef into a single code base. Both reasons have to do with ease of transition between the two. “Rather than being free-to-premium, it was more free orpremium,” Crist said. In other words, the free version was not a gateway drug to the paid one as the company’s leadership had hoped. Chef CTO Adam Jacob said it was also hard for a customer technologically to upgrade from free to premium or to stop using the premium features once they had started. “Once you had them, it was hard to get rid of them, and if you didn’t have them it was hard to migrate to them,” he said.


Why the CIO should 'own' IT security
There's no shame in saying that you've under-anticipated the risk to critical company data, and illustrating the costs of a major breach compared to the cost of mitigating such a breach. Like many aspects of life, security is a balancing act between allowing people to productively complete their job duties and creating the ultimate, high-security infrastructure, which is likely so cumbersome as to not even be usable. The silver lining of the recent press releases about high profile security failings is that you can likely secure appropriate funding, even if you're unable to articulate the risks and mitigation strategies required.


Growing Open Data Movement Could Mean Big Bucks
More nations are embracing open data. In 2010, only a handful of countries maintained data sites. In 2014, there were at least 56. Hundreds of local and regional government websites have been started, and international organizations like the World Bank and the United Nations have followed suit. Even banks and private companies have followed along. Today, researchers estimate that more than 1 million open datasets have been published.


Don't Just Fail—Fail Better
You can fail better if you follow the example of entrepreneurs. As Father Ted mentioned, I’m a professor at Harvard’s Business School, where I teach entrepreneurship. The most important thing we teach is that three out of four startups fail. Dreams are destroyed; it’s often heartbreaking. But great entrepreneurs persevere, against the odds. For them, setbacks are valuable. Figuring out what won’t work puts an entrepreneur one step closer to a solution that will work. And when an entrepreneur finds a solution that works, magic happens.


How Big Data Will Take the Role of the CIO to the Next Level
Internal and external data sources therefore need to be combined and this requires a holistic approach. When all data is centralized, and accessible for everyone, based on different roles, the knowledge present within an organization becomes visible to everyone. This can significantly benefit your company. It is therefore important to break down the different silos and start combining different data sets in a centralized location. In such a scenario, individuals and departments cannot act alone anymore. They are required to work together, share their data and co-create to take the organisation to the next level.


Application Delivery Controllers - Bridging the Gap Between DevOps and Network Planning
Regardless of the nature or complexity of the Layer-7 functionality needed, the ADC needs to be able to operate at full performance and scale. Traditionally, ADCs use scripting to enable Layer-7 policies. While scripting allows desired functionality to be created, it is not optimal in SaaS environments for a number of reasons. Scripting is time-consuming, error-prone and requires either professional services or a resource that is highly skilled. More importantly, scripts are process-intensive. The more complex the policies are, the greater the burden on the ADC will be.


Selling software: Where have all the business models gone?
Today, with the exception of console video games, the packaged software market -- where you put software in a box and physically ship it -- is obsolete to the point of ridiculousness. But what's the best new model, especially for smaller, independent software companies? At the high end, of course, there's Oracle and Microsoft and SAP and such. But, for decades now, there has been a vibrant market of PC software vendors developing unique applications, tools, utilities, and tweaks -- and making a living off of it.


Quote for the day:

 "True leaders bring out your personal best. They ignite your human potential." -- John Paul Warren
Posted by at No comments:
Labels: , , , , , , , , , , ,

September 06, 2014

Your Database: The Threat That Lies Within
Unlike other software components and code or compiled code, a database is not a collection of files. It cannot just be copied and pasted from development to testing and to production, because it is a container of your most valued asset – your business data, which must be preserved. In most cases, database development is also performed in a very different way than application code (.Net or Java development), as developers and DBAs are accessing and changing a shared resource, a central database, rather than a local copy on their workstation.


Data Mining Reveals How Social Coding Succeeds (And Fails)
A social coding project begins when a group of developers outline a project and begin work on it. These are the “internal developers” and have the power to update the software in a process known as a “commit”. The number of commits is a measure of the activity on the project. External developers can follow the progress of the project by “starring” it, a form of bookmarking on GitHub. The number of stars is a measure of the project’s popularity. These external developers can also request changes, such as additional features and so on, in a process known as a pull request.


Data Breach and Spear Phishing
In the world of online, spear phishing is where a spammer leverages legitimate information to trick the recipient. Their bait can appear to be from a recognized person or company. Or you could get an email addressed to you asking you for additional information. If the sender can target the email to your needs, include personalization and grab your attention, they can trick you into doing a lot. Savvy spear phishers add a multi-channel twist incorporating calls, verifying your address (or where you bank, where you shop or kid’s schools), they send the promised follow-up email, incorporate letters – anything to get your attention.


The Innovation Dead End
You can certainly hire people who’ve never failed; their courage can have a buoying effect on everyone else — but they too will become risk averse over time as they encounter failure, so it’s not a lasting solution. You can (and should) make every effort to fail as fast as possible to minimize the human costs of failure. But that tactic is limited by how long it realistically takes to prove or disprove the kind of ideas you work on. Even ruthlessly optimizing project definition proof of concept, failing fast can still take months or years, especially if your innovation is technical, rather than product- or market-based.


Australian streaming services lock down content before Netflix
Speaking yesterday at the ASTRA 2014 conference in Sydney, Presto's director Shaun James said that Presto was on the offensive, rather than defensive in getting into the market now before Netflix arrives. "It's not defensive, we're playing offensive with Presto. Yes, there are some reasons for getting into that business and having first-mover advantage, and yes, we are using the benefits of being part of the Foxtel family, but it is very much an offensive. We're up and running, and we're going to be aggressive," he said.


Future of IT standards, SOA, and disruptive technologies stands strong
SOA has been established for a long time. It was declared dead at one point. In fact, the person who made that statement eventually had to recant and admit that it was not dead. From an Open Group perspective, we don't normally think that something that comes up with a bang like SOA may still be around 10 years later, but that seems to be the case. ... There is perhaps a change in emphasis on the techniques used under the heading of 'SOA,' but certainly there was a point at which it became unpopular to go to your CIO and say,


The Life and Times of TDD
A TDD approach can be used to specify the detailed design of your application code, database schema, or user interface (UI) in a JIT executable manner throughout construction. This is referred to as developer TDD or unit TDD and is typically done via xUnit tools just as jUnit for Java and PL/Unit for Oracle. Not surprisingly the survey found that TDD practitioners are commonly doing more than just TDD to explore their designs. People doing developer TDD were also working on teams who were applying other design related activities


Motivating the Negative Nancy on Your Team
A “Negative Nancy” is someone who overgeneralizes in labeling situations and people, focuses on the bad in each situation, jumps to conclusions and constantly redirects the blame. In a business setting, these behaviors can result in harmful effects, such as reduced productivity, decreased group morale, increased stress, wasted time, hindered creativity and innovation, and higher employee turnover. ... “Allowing [negativity] to fester is much more costly and damaging to an organization’s bottom line than confronting or possibly replacing a single toxic employee,” said president and CEO of Fierce Inc.


Berlin: A British Perspective on Germany’s Tech Hub
Contrary to the stereotype, Germans tend to be friendly, welcoming and warm people. A quarter of a century ago I drove around mainland Europe with two friends in a converted Bedford van. Scruffily dressed and culturally naive, we saw everyday life and prejudices in a dozen countries. The Dutch were fun, the French loathed us, the Germans went out of their way to be helpful. Statistically meaningless anecdotes, I know, but those German attitudes are certainly visible in Berlin. You don't really know what helpfulness is like until you've walked around a city at night trying to find a GP to prescribe antibiotics and painkillers for your daughter's ear infection.


Aligning People, Processes and Technology for Successful Data Governance
The legal and compliance world is continuously evolving, and every industry must understand how laws and regulations apply to them. Often regulations force companies to maintain data for a set period of time and, most importantly, search and produce this data when needed. To reduce litigation risk, legal generally reduces the amount of time that a company keeps data to the bare minimum. At the same time, there is also an increased burden for legal discovery (e-discovery). Companies are now required to be able to produce data related to a case in a reasonable amount of time.


Quote for the day:

 "Work like you don't need the money. Love like you've never been hurt. Dance like nobody's watching." -- Satchel Paige
Posted by at No comments:
Labels: , , , , , , , , , ,

September 05, 2014

Copyright infringement is terrorism, screech the revolution's losers
You might have thought that Australia's "debate" over online copyright infringement couldn't get any sillier. But this week the journalists' union came out as a fan of internet censorship, only to withdraw when they realised what they'd done. And Village Roadshow equated copyright infringement with terrorism and pedophilia, and came out in support of, oh, moonbats or something. Hard to say. Village Roadshow's submission to the government's copyright infringement discussion paperis the loopiest, with so much shouting and whining that it's hard to take their hyperbole seriously.


The New Leadership
This decoupling of commitment and loyalty, and this mixture of precariousness and personalization, are phenomena that require us to rethink not just the relationship between organizations and individuals but also the meaning of work, leadership and leadership development. What does it take to have successful and meaningful careers in this context? What does it mean to lead? What does it take to lead well? And, how do we help aspiring leaders do it? All my writing and teaching revolve around these questions.


Networked Home Gadgets Offer Hackers New Opportunities
“Dealing with the privacy and security aspects of the Internet of things is going to be one of the biggest challenges we have faced in security for a long time,” he says. “We are wearing it and installing it throughout our living spaces and other places where technology has not usually had the opportunity to go.” Rogers says that many of the features of security software standard on traditional computing devices, such as laptops and smartphones, could also defend these newer devices. However, so far those techniques aren’t being used on the new wave of networked home devices, says Jacoby. “Nobody is doing anything at all about them.”


How GE Is Using Big Data to Drive Business Performance
In essence, the idea is that all the separate machines and tools which make an industry possible will be “smart” - connected, data-enabled and constantly reporting their status to each other in ways as creative as their engineers and data scientists can devise. This will increase efficiency by allowing every aspect of an industrial operation to be monitored and tweaked for optimal performance, and reduce down-time – machinery will break down less often if we know exactly the best time to replace a worn part. Data is behind this transformation, specifically the new tools that technology is giving us to record and analyze every aspect of a machine’s operation.


Scrummaster Tales: – Stuck Waiting For Other Teams
When a Scrum team finds their groove and become more efficient, everything will move along faster. Or… not? Sometimes the faster you’re able to go, the more speed bumps and stop signs you’ll encounter. John (ScrumMaster) and the team are humming along nicely building great new features for the SmallestOnlineBookStore. With the huge success of the first big release nine months ago, venture capital money has come flowing into the company. Significant investments have been made in Operations, Security, and Networking in addition to creating several new Development Teams. Unfortunately, all these new people are making it more difficult for the team to get the software they built deployed.


Giving fraud the finger: Barclays banks on biometrics for business customers
"Typically when you upgrade security you introduce complexity to the workflow... this doesn't do any of that," he added. Barclays said that unlike fingerprints, vein patterns are extremely difficult to spoof — because they're internal structures they are harder to copy. Also, unlike fingerprints, vein patterns can't be left behind on hardware. The finger being scanned must be attached to a live human body in order for the veins in the finger to be authenticated, the bank said. The false acceptance rate for the system is one in one million, while the false reject rate is one in ten thousand, it added.


Google Glass Can Now Track Your Stress Level
BioGlass uses the Glass sensors and camera to track the wearer’s ballistocardiogram, or BCG, which is a mechanical signal measuring the tiny body movements that result from the heart pumping blood. BCG tracking has been around since the 1870s, but was hardly used for many years because it was tricky to track without special equipment (such as a frictionless table). More recently, though, research has shown that sensitive motion sensors for electronic devices can easily detect the BCG signal, and at least one company, Quanttus, is building a product that can do so at the wrist.


A Continuous Delivery Setup
In my last project, I led the team that setup the Continuous Delivery infrastructure for the product marketing and publishing platform of a major consumer electronics giant. This platform was based on Scala and the Play framework and used a non-blocking architecture to achieve scale. In this post, I want to share some of the key highlights of this project from a Devops and Continuous Delivery point of view.


Top CIOs: Start with 'Yes' When it Comes to New Technologies
IT has good reason for wanting to have some influence over the technology choices that workers make, Rebecca Jacoby, CIO of Cisco said. "In IT, today I think we have more risk management responsibility almost than finance," she said. But the CIOs said they realize that if they give employees tools that work, they'll use them. "If you give employees a good or better solution than they're using, they aren't evil. They aren't using stuff you tell them not to because they're evil. They just want to get their jobs done.


Building and Deploying Android Apps Using JavaFX
JavaFX is an integral part of the Java SE environment, and it is the official “Java on the client” component. It is bundled with the JDK and the JRE on the supported systems. As a consequence, Oracle provides JavaFX as part of the Java SE distributions on Windows, MacOS X, Linux and on embedded ARM systems. There is no official Oracle distribution for JavaFX on iOS or on Android. Good enough, the community is filling this gap. The RoboVM team is adding support for JavaFX on RoboVM, which makes it possible to compile JavaFX applications using the RoboVM compiler and run them on iOS devices.


Quote for the day:

 "Somewhere, something incredible is waiting to be known." -- Blaise Pascal
Posted by at No comments:
Labels: , , , , , , , , , , ,

September 04, 2014

The Rack Endgame: A New Storage Architecture For the Data Center
To many SDDC is the holy glue of datacenters, the primordial soup. I’m referring to the term introduced by Oparin, not Teenage Mutant Ninja Turtles although some datacenters do have most characteristics of a mutant. In reality many virtual infrastructures rest on a disparate set of hardware components. This equipment, typically multi-vendor, is expected to provide deterministic performance levels. Now it’s expected that SDDC will be this soup that transforms into a more mature form. And yet I don’t see this happening soon.


Connected car company Zubie signs deal with Progressive
For Progressive, which has been a pioneer in usage-based pricing, it wants to start getting out of the business of sending customers hardware in order to track their driving habits. Currently under a program called Snapshot, Progressive customers opt in to a device that plugs into their cars’ on-board diagnostics(OBD) ports and shares their driving data with the insurer. They use the device for six months and then send it back. In return, Progressive charges them based on how well they drive, presumably giving them a lower rate on their insurance. (I can’t see someone who gets a bad rate sticking with Progressive.)


Machine Learning – The Engine Behind Big Data Processing
Now we find ourselves in wave three, where the challenge is not only to analyze the data, but do it quickly and deliver as much tailored information as possible without additional personnel. Machine learning has finally hit its stride by helping to solve the challenges associated with rapidly obtaining relevant insights. Especially in the world of unstructured machine data, machine learning is making CIOs think again about what – and when – they can gather insights from their own infrastructure. Today, organizations generate more data in 10 minutes than they did during the entire year of 2003.


How to Unlock the Potential in Your Business Analytics
With its anticipatory shipping, Amazon has taken its understanding of data to the next level. The retail company could conceivably ship products before you even place an order. A forecasting model uses data from your prior Amazon activity, including time on site, duration of views, links clicked and hovered over, shopping cart activity, and wish lists. The algorithm also factors in real-world information from customer telephone inquiries and responses to marketing materials to offer Amazon an in-depth view of user needs and behavior and inform new changes.


Data shows Home Depot breach could be largest ever
"The banks I spoke with in reporting this story say the data they're looking at suggests that the breach probably started in late April or early May. To put that in perspective, the Target breach impacted just shy of 1,800 stores, lasted for approximately three weeks, and resulted in the theft of roughly 40 million debit and credit card numbers. "If a breach at Home Depot is confirmed, and if this analysis is correct, this breach could be much, much bigger than Target," Krebs wrote. Home Depot itself has so far not confirmed a data breach and has only said that it is investigating reports of "unusual activity" involving credit and debit cards used at its stores.


For CFOs, Tech Transition Is A Matter Of When, Not If
Another area that’s often overlooked is the ability to model the long-term impact of your current decisions, particularly for technology companies where there’s a maintenance element to what you’re selling. Having the right tools in place – for example, tools you use to procure products and manage long-term contracts – allows you to spend more time with analytics. The use of big data tools allow you to combine your financial or human resource data with unstructured data from other sources, including social media, compensation and economic or market data, to gain new insights for the business. This will change the way finance professionals work over the next decade.


What Kind of CIOs Will Millennials Make?
In order to understand millennial techies' future buying habits and how they view brands, just look at their approach to consumer goods. Millennials have been bombarded with brands in email advertisements, Web-based marketing, social networks and mobile apps, as well as traditional radio and television, whereas Gen Xers learned about brands mostly from a few vendors that could afford television commercials. "This may have caused millennials to be distrustful of larger brands, because they sense those companies have nothing but an ulterior motive," Thibodeaux says.


Setting up a ruby development VM with Vagrant, Chef, and rbenv
In recent years I've had more colleagues and friends write articles on my site using the toolchain. To work with them I set up a stripped down copy of my core website repo and we collaborate using git. Since my collaborators are mostly programmers this workflow is pretty effective. To run all this, it's necessary to install some software. All the software I use for the toolchain is open-source, but recently there have been some installation issues. In particular you find that many basic ruby installations are elderly, so we need to install a newer version of ruby.


Future Of Work: 5 Trends For CIOs
These trends -- which include social business, big data analytics, and the millennial workforce, among others -- have forced an "adapt or disappear" scenario for CIOs. Ray Kurzweil, director of engineering at Google, says that technology has reached the second half of the chessboard -- or that the rate of change and growth is now exponential. This analogy, though, can extend beyond technology and into new business practices and ways of working. To keep up with the changes that employees and businesses are experiencing, CIOs need to recognize five trends driving these changes, and plan accordingly to stay ahead of the curve.


Are Cloud Services Safe? iCloud Breach Revives Debate
"The cloud is a mistake. No one's data is safe," banking attorney Timothy Naegele wrote in an online comment posted to American Banker's Tuesday story about the breach. "It is vulnerable to hackers, terrorists and others. Anyone who tells you differently is mistaken." In addition to financially motivated cybercriminals, Naegele, a former counsel to the Senate Banking Committee, points to the threat of hackers from other countries. "China has hacked us and a lot of phishing comes straight out of Russia," he said in a later interview. Russian hacking attempts are believed to be retaliation for U.S. economic sanctions against the country over its military presence in Ukraine.


Quote for the day:

 "Patience, persistence and perspiration make an unbeatable combination for success." -- Napoleon Hill
Posted by at No comments:
Labels: , , , , , , , , , , ,

September 03, 2014

Privacy laws create obstacles for e-discovery in the cloud
In many countries outside the United States -- and increasingly inside the [U.S.] within specific industries such as healthcare and financial services -- national laws are protecting how personally identifiable information such as our name, our address, our health condition or our banking history is collected and used. Generally, those laws have a restriction that personally identifiable information cannot cross national borders unless the receiving location or entity can provide assurances that the interests for persons for whom the data is relevant are being protected.


Building Lambda Architecture with Spark Streaming
Spark is well known as a framework for machine learning, but it is also quite capable for ETL tasks, as well. Spark has clean and easy-to-use APIs (far more readable and with less boilerplate code than MapReduce), and its REPL interface allows for fast prototyping of logic with business users. Obviously, no one complains when the aggregates execute significantly faster than they would with MapReduce. But the biggest advantage Spark gave us in this case was Spark Streaming, which allowed us to re-use the same aggregates we wrote for our batch application on a real-time data stream.


Top 10 Ways In-Memory Computing Can Revitalize Tech at Federal Agencies
With IT experts agreeing that RAM is the new disk, in-memory computing is being seen as the secret to cost-effective modernization. As a result, more and more organizations are moving data into machine memory and out of disk-based stores and remote relational databases. While still more prevalent in the commercial sector, the public sector is rapidly learning that if data resides right where it’s used – in the core processing unit where the application runs – several benefits arise. Below are the top 10 reasons why federal agencies are embracing in-memory computing:


When It Comes to Innovation, Small Ideas Can Mean Big Wins
A common criticism of big companies, regulated companies, and companies with “traditional” cultures is that they move slower than a snail crawling through peanut butter. Government compliance and accounting for the widespread impacts of an idea are necessary steps in the innovation process. Necessary or not, these steps are time-consuming and frustrating for employees and partners trying to push fresh ideas forward. Employees interpret the meetings and approvals as a fear of innovation among executives. When things don’t move fast enough, team members give up and stop suggesting ideas all together.


Insurers will now be able to track driver behavior via smartphones
A new usage-based insurance (UBI) software platform will allow companies to track drivers' behavior through smartphone sensors and geolocation services. Agero, one of the nation's largest suppliers of roadside safety software and services to automakers and insurance companies, said its new UBI telematics suite will transmit to insurers the information needed to offer discounts to good drivers, penalize others, and send alerts to emergency assistance service providers.


IT jobs' big threat: Robots, automation; The solution: More humanity
A survey that went along with ZDNet's special report on IT jobs found that 59 percent of technology workers worried that their skills would become obsolete. Mainframe programmers, systems admins, help desk technicians and small business IT managers are becoming obsolete. Systems admins are likely to be automated in the future. Data scientists, IT architects, mobile software developers and security analysts are in demand. It's unclear how many workers that are out of demand can be morphed into ones that are coveted.


Google says Android Wear about to get even smarter
One of the things we're going to be able to do is add the ability for these devices to start working with some of the other devices you might wear on your body. So we'll have an update coming that allows you to pair a Bluetooth headset with your watch. And that means you can play music stored on your watch directly on your Bluetooth headset. Alongside that, we're introducing GPS support for the platform. So that's obviously only for devices that have the GPS hardware. But we're excited about those two features together because it unlocks a whole set of new use cases.


Cloud economics subject to business drivers, customer perception
"It's always perception that we're battling, right?" Nustad said. "If a client perceives for any reason that there's less security, it's not worth the hassle to try to dissuade them, because it's always going to be a 'gotcha' if something does go bump in the night, God forbid." Cloud-based business applications, however, are another story. "It's pretty easy to get a Salesforce, Silkroad, a Red Carpet … that are tuned to what the business team needs," she said. Indeed, HMS' use of SaaS predates her tenure, Nustad said, noting that these apps are now mature enough to either meet or beat any on-premises solutions she could come up with -- and they save her maintenance costs.


Agile Business Intelligence: Leaving the Comfort Zone
Agile methods, whether adhered to strictly or more in spirit, can provide a framework and road map for business and IT to improve collaboration. "Managing Agile BI for the Enterprise" is the theme of the TDWI World Conference coming up in San Diego (September 21-26, 2014). Many organizations today are seeking to replace waterfall development with iterative approaches that involve closer, ongoing partnerships between business and IT professionals. Agile approaches have enabled organizations to accelerate the pace of projects, apply shared best practices, consolidate siloed efforts, and continuously improve quality.


Hackers make drive-by attacks stealthier with fileless infections
Fileless malware threats are not new, but their use is rare, especially in large scale attacks, because they don't persist across system reboots when random access memory (RAM) is cleared. In a typical drive-by download attack the victims visit a compromised website that redirects their browsers to an attack page -- usually an exploit kit's landing page. The exploit kit scans browsers for outdated versions of Flash Player, Adobe Reader, Java or Microsoft Silverlight and tries to exploit known vulnerabilities in those plug-ins to install malware.


Quote for the day:

 "A great man is one who can have power and not abuse it." -- Henry L. Doherty
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

September 02, 2014

11 Steps Attackers Took to Crack Target
Leveraging all the publicly available reports on the breach, Aorato Lead Researcher Tal Be'ery and his team catalogued all the tools the attackers used to compromise Target in an effort to create a step-by-step breakdown of how the attackers infiltrated the retailer, propagated within its network and ultimately seized credit card data from a Point of Sale (PoS) system not directly connected to the Internet. Many of the details of how the breach occurred remain obscured, but Be'ery says it is essential to understand how the attack happened because the perpetrators are still active.


The state of IT jobs in Australia
"Certainly, all of our operations engineers are DevOps engineers; they're all very proficient now with scripting and coding, with automation — whether it's for integration deployment or monitoring — so, certainly I think that skill-set is vital," Kennedy told ZDNet. "Around the world, of the people who had those traditional infrastructure skills, it's the ones that have adapted, that have gone and learned some new tools, that are doing well," he said. The company initially shifted to a VMware environment to deliver on its DevOps approach, but has since settled into the Amazon Web Services (AWS) cloud infrastructure. That move to the cloud required further integration of a multi-skilled toolkit for Kennedy's team.


Bugs Are Bad, But So Are Flaws: IEEE Sponsors Center for Secure Design
There's a difference between a bug and a flaw, and an impressive group of software security mavens thinks it's time to pay more attention to the latter. To shift some of the industry's focus away from finding implementation bugs and toward identifying common design flaws -- "the Achilles' heel" of security engineering -- the IEEE Computer Society has formed the Center for Secure Design (CSD). The CSD grew out of a foundational workshop, held in April, which brought together software security experts from industry, academia and government to talk about the problem of secure software design.


Derailing Your Supply Chain BI Project
Indeed, the foundation of every Supply Chain information system is the desire to let objective, relevant information drive action — in other words, to empower and enlighten workers about data and to make decisions after they’ve looked carefully at “just the facts.” Unfortunately, all of this happy talk about focusing on facts presumes that we’re dealing with Homo Economicus (aka “Rational Man”) as if Rational Man were plentiful and in charge. Today I’m going to grapple with a far more common being — Irrational Man — we’ll call him Homo Irrationalis. Where Homo Economicus seeks out facts and is willing to be persuaded by them, Homo Irrationalis pays lip service to facts, but in reality the facts don’t matter, his mind is already made up.


Making Analytics a Corporate Strategic Role
"There absolutely are disconnects between CXOs and big data, because CXOs are daily getting hit with all of the market buzz about big data and analytics, without really gaining a crisp understanding of what big data is about and what it can mean to their organizations," John Lucker, principal and global advanced analytics and modeling leader for Deloitte, told me in a recent interview. There's a risk that organizations never get to the "crunchy questions" that can be asked of big data because of persisting habits of looking at hindsight, "rearview mirror" data.


How Big Data Can Transform Consumer Finance
Some of the inferences Merrill makes from Big Data sound as though they violate the “correlation is not causation” maxim. For example, Big Data tells ZestFinance that creditors are more likely to collect on delinquent student loans if the borrower has comparatively more addresses after graduation – unless they move super-frequently. Similarly, borrowers who move far away from college are somewhat less likely to repay delinquent loans. Merrill says this additional data helps collections outfits decide which loans are most likely to be repaid. The belief is that with a population chosen using these techniques, it’s more likely that lender and borrower can work out repayment plans.


CEOs on point – Securing the Internet of Things on your watch’
The Internet of Things will lead to hundreds, thousands, maybe even hundreds of thousands of physical devices in your enterprise being connected to the Internet. And every single one of those devices will be a potential point of vulnerability. It doesn’t take much imagination to see the compromising impact of powering down or interfering with millions of devices through a single Internet of Things vulnerability, potentially resulting in physical damage to environments, injuries or death. But securing the Internet of Things represents new challenges in terms of the type, scale and complexity of the technologies and services that are required.


Hillary Clinton talks NSA and privacy, data security, tech jobs in San Francisco
"I think it's fair to say the Government, the NSA, didn't so far as we know cross legal lines, but they came right up and sat on them," said Clinton. "It could perhaps mean their data was being collected in metadata configurations, and that was somehow threatening. We have to be constantly asking ourselves what legal authorities we gave to the NSA and others and make sure people know what the tradeoffs are." Clinton lamented that "probably the most frustrating part of this whole debate" is trying to convey that the United States is not the only country trying to manage and balance these conflicts.


India ranks fourth among most malware-affected nations: F-Secure
Commenting on the India findings, F-Secure security advisor (ASIA) Goh Su Gim said, "India is seeing a rise in premium content SMS type malware." Besides, mobile ransomeware is going to be the next wave of attack for handsets and it is being increasingly seen that these ransomeware is also targeting enterprises. Earlier they were confined to individual users, he added. Ramsomware, a kind of malicious software, is designed to block access to a computer until a certain sum of money is paid. Generally, it targets individuals. F-Secure India country head Amit Nath said there is a rise in botnet cases in India.


The Fall of Intuition-Based Decisions and Rise of Little Data
While most managers agree on the importance of using data, many believe that the big data hype often associated with companies like Google and Amazon doesn’t apply to them. Or perhaps they are intimidated with the internal resources and hefty investment required to tap into that data. Others may be skeptical that the use of predictive models can actually lead to better business performance. As a result, managers too often fall back on subjective, intuition-based methods to make business decisions, missing the benefits reaped by those who have tapped into the data available to them.


Quote for the day:

 "The contest for ages has been to rescue liberty from the grasp of executive power." -- Daniel Webster
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

September 01, 2014

CryptoWall ransomware held over 600,000 computers hostage, encrypted 5B files
The CryptoWall command-and-control servers assign a unique identifier to every infection and generate RSA public-private key pairs for each one. The public keys are sent to infected computers and are used by the malware to encrypt files with popular extensions -- movies, images, documents, etc. -- that are stored on local hard drives, as well as on mapped network shares, including those from cloud storage services like Dropbox and Google Drive. Files encrypted with an RSA public key can only be decrypted with its corresponding private key, which remains in the possession of the attackers and is only released after the ransom has been paid.


Business Services: What are they, really?
As a starting point, we can focus on the business processes from the process landscape comprised of core and noncore functionality. These processes can usually be represented at various abstraction levels referred to as process levels in a process model (e.g. descriptive, analytical/operational, and executable). Business services can then be identified and extracted from these levels with a top-down approach. Higher abstraction levels provide inputs for composite Business services, while lower levels provide inputs for fine grained candidates. Such a focus on processes and Business service candidates would also help identify functional redundancy across the enterprise. Still the results from such approach may differ from one organization to another.


Q&A with Marshall Van Alstyne, Research Scientist MIT Center for Digital Business
I think of “platform” as a combination of two things. One, a set of standards or components that folks can take up and use for production of goods and services. The second thing is the rules of play, or the governance model – who has the ability to participate, how do you resolve conflict, and how do you divide up the royalty streams, or who gets what? You can think of it as the two components of the platform—the open standard together with the governance model. The technologists usually get the technology portion of it, and the economists usually get the governance and legal portions of it, but you really need both of them to understand what a ‘platform’ is.


Big Data’s Two-Way Customer Conundrum
Yes, big data can address all of those things as well, though you won’t hear this side of the industry touted as its biggest benefit. And yet, it certainly should be. By approaching big data as a customer-centric imperative, not merely a money-making strategy (though that is important as well), companies can use it to a customer’s benefit. The end game: better customer service, increased convenience, greater brand loyalty and, ultimately, higher customer lifetime value from every single customer that engages with a brand.


Nigeria launches new biometric ID card - brought to you by Mastercard
"There are many use cases for the card, including the potential to use it as an international travel document," Onyemenam said. "NIMC is focused on inclusive citizenship, more effective governance, and the creation of a cashless economy, all of which will stimulate economic growth, investment and trade." The new cards carry two photographs of the holder, and a chip storing an individual's biometric information including 10 fingerprints and an iris scan using a system developed by Cryptovision. Nigeria first attempted to introduce identity cards 10 years ago and, as well as modernising the service delivery and improving bureaucracy ...


UK lags France and Gemany in big data analytics, but sees itself ahead
British IT executives seem to be more drawn to the view that doing big data means employing MapReduce and NoSQL specialists rather than taking a “holistic view of how new data types can be joined to relational data”, said Duncan Ross, director, data science at Teradata. MapReduce is a programming model for large-scale data processing, and the Hadoop framework is an example of it. Ross added: “It is possible that this is a side-effect of the UK being slightly ahead of Europe on the big data bandwagon, and seeing it more as a technology-focused activity than a business one.


Five SDN protocols other than OpenFlow
While the Open Networking Foundation defines OpenFlow as the first standard communications interface between the control and forwarding layers of an SDN architecture, it may not remain the predominating protocol. With all of its promise, OpenFlow also poses a slew of challenges from scalability to security. Most troubling, network vendors must create supporting switching in order for OpenFlow to take hold industry wide. While most network vendors have already developed OpenFlow-based equipment, they're also designing SDN architectures that use alternate communication methods -- including existing networking protocols, such as MPLS and NETCONF.


The future of mobile commerce is commerce
“Mobile commerce” is a bit of a rabbit hole. As a concept it makes sense to look at all the ways in which users will transact on their mobile devices. But mobile commerce encompasses a number of entirely different spaces. A Square-enabled mobile POS, a video game offering in-app purchases, FeLiCa’s tap-to-pay system at train stations, and a retailer’s mobile-enabled website all fit the criteria, but there’s very little overlap. The spectrum of mobile commerce into can be divided into six distinct areas:


Will the meteoric rise of Android popularity result in an insecure platform?
This particular topic is very hard to nail down. First of all, you have to know what mobile malware is. Google is constantly on the lookout for malware-infected apps. What constitutes a malware-infested app? Let's take a look at one of the most recent notorious pieces of mobile malware to hit Android -- BadNews. This malicious code looked like a framework for serving up ads in ad-based software. What the code did was send your private data (including phone number and IEMI) to a server (not surprisingly, a Russian server). It can't be debated that this is malware. Google recently removed 32 applications (mostly Russian language) from the Play Store that contained the BadNews code.


Stories of Collaboration in Remote Teams
Lisette Sutherland and Elinor Slomba have been collecting and sharing stories from people whose business models depend upon getting remote teams right. These stories showing how remote TEAMS COLLABORATE, bridge distance, build trust and get things done together will be described in the upcoming book Collaboration Superpowers: The Field Guide. InfoQ interviewed Lisette and Elinor about how people work in remote teams, which tools they use to collaborate and communicate, and what it takes to work remotely as a team.


Quote for the day:

 "A life spent making mistakes is not only more honourable, but more useful than a life spent doing nothing" -- GB Shaw
Posted by at No comments:
Labels: , , , , , , , , , , ,

August 31, 2014

Defining Web 3.0 and Developing the Fastest Enterprise Mobility Apps
There is also a definite demand for skills in the market in next generational frameworks and I call out Angular and Backbone as leading the way commercially, with Ember and Meteor also highly respected frameworks. This is created by a demand to build a higher quality of Web Applications and the learnings of the last projects of what went wrong when anyone tried to maintain the last attempt. The job specification is no longer “Web Developer” but instead it is “JavaScript Architect”. I interview a lot of people and the majority of web developers with 5 – 10 years of experience still do not know the following seven vital things:


How an Enterprise Architect Used Change Management Tools to Diagnose Business Problems
Desire is a difficult stage of change to get through. How do you create desire in the face of resistance to change? Keeping people informed helps overcome initial reactions against change. More desire is gained by clearly showing solutions that people will find useful. But in most engagements, we should be building buy-in with ongoing participation of stakeholders and those who will be affected by the changes. Influencing desire begins early in the planning process. Invest in stakeholder engagement early. During this phase, it can be very useful to make a vocal champion out of someone who was antagonistic at the beginning, but who has since become a supporter of the changes.


Perspectives of Business Reference Model
We are all witnessing the steady progress of the Enterprise Architecture(EA) discipline and it is now well understood that the EA is not just about IT infrastructure and the Business Architecture(BA) forms an integral part of EA. Unlike in the past, when Business Architecture was used for the purpose of eliciting the requirements for the IT systems, BA is used to develop and describe the targe business model and work on a road map that will get the business towards the target. The Open Group, as part of its "World Class EA" series, has published a White Paper on the Buiness Reference with an objective of providing the need help to organizations in developing BA assets and plan for the future.


eBook. The practice of Enterprise Architecture
This book does not propose a new framework, theory, or approach to Enterprise Architecture. Instead, we share the experience and lessons learned of many projects that we have conducted around the world over the last few years. There are three parts (1) a high-level introduction to Enterprise Architecture using TOGAF and ArchiMate, (2) an overview of good practices to get started with EA and (3) an overview of advanced topics and techniques.  When you are interested after reading the first two chapters, we recommend you to contact our salesdepartment at: insidesales@bizzdesign.com. They can help you to purchase this book.


Visualizing and Measuring Enterprise Architecture: An Exploratory BioPharma Case
The focus of this paper is to test if it can also uncover new facts about the components and their relationships in an enterprise architecture, i.e., if the method can reveal the hidden external structure between architectural components. Our test uses data from a biopharmaceutical company. In total, we analyzed 407 components and 1,157 dependencies. Results show that the enterprise structure can be classified as a core-periphery architecture with a propagation cost of 23%, core size of 32%, and architecture flow through of 67%.


How Can Enterprise Architects Drive Business Value the Agile Way?
As an Enterprise Architect, chances are you are responsible for achieving business outcomes. You do this by driving business transformation. The way you achieve business transformation is through driving capability change including business, people, and technical capabilities. That’s a tall order. And you need a way to chunk this up and make it meaningful to all the parties involved. ... An Enterprise scenario is simply a chunk of organizational change, typically about 3-5 business capabilities, 3-5 people capabilities, and 3-5 technical capabilities.


Guide to OpenIG
This guide is written for access management designers and administrators who develop, build, deploy, and maintain OpenIG deployments for their organizations. This guide covers the tasks you might perform once or repeat throughout the life cycle of an OpenIG release. You do not need to be an expert to learn something from this guide, though a background in HTTP, access management web applications can help. You do need some background in managing services on your operating systems and in your application servers. You can nevertheless get started with this guide, and then learn more as you go along.


Service Bus Authentication and Authorization with the Access Control Service
Service Bus and ACS have a special relationship in that each Service Bus service namespace can be paired with a matching ACS service namespace of the same name, suffixed with “–sb”. The reason for this special relationship is in the way that Service Bus and ACS manage their mutual trust relationship and the associated cryptographic secrets. Inside the “-sb” ACS service namespace, which you can explore from the Azure Portal by selecting the Service Bus service namespace and then clicking the ACS icon on the ribbon, is a “ServiceBus” relying party definition following the ‘Relying Party Applications’ navigation.


8 Open Source Web Application Security Testing Tools
Web application security testing might seems intimidating and esoteric to many web administrator, especially to the new ones. Have you ever asked yourself why so many IT professionals ignore the security aspects of the applications? We seem to have a tendency to ignore things that is unperceivable. ... Good news for those who are new to web security is that once you have the basic understanding of the most common web app vulnerabilities, you will find it much easier to protect your application from various types of well-known web attacks.


Nigel Dalton at Agile Australia on System Thinking, Social Experiments and 20 by 2020
Probably one of the biggest breakthroughs for us last year was getting a really crisp statement of purpose for the company and it is “empowering people by making the property process, simple, efficient and stress free”. Everyone who has worked for us has had a complex, inefficient and stressful property experience - whether it was renting an apartment, a share flat, or whether it was buying, or going to an auction, or otherwise. It is thus pretty easy to get a few hundred people aligned around that as a purpose.


Quote for the day:

 "Products are made in the factory, but brands are created in the mind." -- Walter Landor
Posted by at No comments:
Labels: , , , , , , , , , , , , , , , ,

August 30, 2014

The long game: How hackers spent months pulling bank data from JPMorgan
Because of the multiple layers of the attack and the use of custom “zero-day” code in each of them, Bloomberg’s sources said that JPMorgan’s security team believed it was the target of “something more than ordinary cybercrime.” But such sophisticated attacks have already become the hallmark of Eastern European electronic crime rings, which frequently use custom code developed specifically to stay under the radar of target companies for long periods. The recent attacks on Neiman-Marcus,Target, and other retailers are examples of such long-game hacks that infiltrated corporate networks with malware designed specifically for their systems


CFOs’ Quest for the Golden Source of Data
“CFOs are frustrated with the situation right now,” says BearingPoint’s director Ingmar Röhrig, who led the survey of 65 finance officers at companies ranging from multinationals to midsize businesses. More often than not, it takes manual work to calculate how profitable a product is. Data is stored in multiple systems, so finding the answers you need at the press of a button is virtually impossible. Mergers and acquisitions add to the complexity. - See more at: http://www.news-sap.com/cfos-quest-golden-source-data/#sthash.IjWI8ina.dpuf


Tesla recruits hackers to boost vehicle security
Tesla's cars are among the most digitally connected vehicles in the industry with the battery, transmission, engine systems, climate control, door locks and entertainment systems remotely accessible via the Internet. So the company has a lot at stake in ensuring that the connectivity that allows its vehicles to be remotely managed doesn't also provide a gateway for malicious hackers. Security researchers have already shown how malicious attackers can break into a car's electronic control unit and take control of vital functions including navigation, braking and acceleration.


Management vs Leadership: the Divide
A sense of leadership is a quality that all managers strive for – an ability to effectively motivate and guide their employees to success. But where many employers fail to hit the mark is in understanding exactly what separates a manager from a leader. Admittedly, leadership is a somewhat abstract concept, and as much a state of mind as a skill or talent – but for employers to flourish within their roles, it’s essential to know how they can transition from management to leadership. So we know that managers aren’t, by nature, leaders – but how can they be?


Vulnerabilities on the decline, but risk assessment is often flawed, study says says
“It is difficult to point to any one factor that has contributed to the decline in the number of vulnerability disclosures in 2014,” the X-Force researchers said. “However, it is interesting to note that the total number of vendors disclosing vulnerabilities has decreased year over year (1,602 vendors in 2013, compared to 926 vendors in 2014).” Security experts have argued in the past that overall number of vulnerabilities is not as relevant for as their impact. However, despite attempts to standardize methods of assessing the severity of vulnerabilities, like the Common Vulnerability Scoring System (CVSS), there are many cases where the true risk posed by certain flaws is not represented accurately.


Understanding and Analyzing the Hidden Structures of a Unstructured Data Set
To do this you need to fetch out information from the free transactions text available on Barcllays transaction data. For instance, a transaction with free text “Payment made to Messy” should be tagged as transaction made to the retail store “Messy”. Once we have the tags of retail store and the frequency of transactions at these stores for Metrro high value customers, you can analyze the reason of this customer outflow by comparing services between Metrro and the other retail store.


Developers, Academia Team Up on Manual for Secure Software Design
Thirteen software companies and universities have banded together to create a group focused on educating developers about how to design secure software, releasing a report offering the 10 best practices to avoid common software flaws. Called the IEEE Computer Society Center for Secure Design, the group includes participants from Google, Twitter, RSA, McAfee, Harvard University and the University of Washington. The group, which has formed under the auspices of the Institute of Electrical and Electronics Engineers (IEEE), met in April at a workshop to compare examples of the design problems encountered by their development teams.


Why in-air gestures failed, and why they'll soon win
Leap Motion also released a demo video that I think you should see. It shows what's displayed in Oculus Rift, with two screens that (when you're wearing the Oculus Rift goggles) provide the illusion of 3D. It shows how Leap Motion's extreme accuracy in the real-time location of arms, hands and fingers translates into the ability to have total control in augmented reality and virtual reality programs. ... Extremely accurate motion control like what Leap Motion offers is not only a winning application for in-the-air-gestures, it's a perfectly necessary and inevitable one.


The Good, The Bad and The Ugly Of Enterprise BI
Our research often uncovers that — here's where the bad part comes in — enterprise BI environments are complex, inflexible, and slow to react and, therefore, are largely ineffective in the age of the customer. More specifically, our clients cite that the their enterprise BI applications do not have all of the data they need, do not have the right data models to support all of the latest use cases, take too long, and are too complex to use. These are just some of the reasons Forrester's latest survey indicated that approximately 63% of business decision-makers are using an equal amount or more of homegrown versus enterprise BI applications.


What We Do and Don't Know about Software Development Effort Estimation
An apparent lack of improvement in estimation accuracy doesn’t mean that we don’t know more about effort estimation than before. In this article, I try to summarize some of the knowledge I believe we’ve gained. Some of this knowledge has the potential of improving estimation accuracy, some is about what most likely will not lead to improvements, and some is about what we know we don’t know about effort estimation. The full set of empirical evidence I use to document the claims I make in this summary appear elsewhere


Quote for the day:

 "I don't understand why people are frightened of new ideas. I'm frightened of the old ones." -- John Cage
Posted by at No comments:
Labels: , , , , , , , , , , , ,
Subscribe to: Posts (Atom)