September 15, 2014

Salesforce.com CEO Leaks Analytics Cloud Plan
"We are assuming that the analytics capabilities will feature more comprehensive reporting functionality with visual analytics and drill-down features," Maynard wrote. Salesforce certainly supports dashboards for monitoring current transactions, but reporting functionality is wanting. Visit the Saleforce.com AppExchange and you'll find more than 40 third-party add-on apps for analytics. One of those apps providers is Host Analytics, which recently introduced a sales-planning app to fill in the gaps.


How Network Theory Is Revealing Previously Unknown Patterns in Sport
Innovations are common, with teams constantly adopting or abandoning new tactics. And given the international nature of football, new ideas spread rapidly, as players and coaches move from one team and country to another. So it’s easy to imagine that it’s hard to play a truly unique brand of football, using tactics and skills that no other team copies. That’s not quite true, say Laszlo Gyarmati at the Qatar Computing Research Institute and a few pals. These guys have used a network theory approach to characterise the play of all the top teams in Spain, Germany, Italy, France and England.


An enterprise mobility strategy that starts at the executive level
Key considerations include not only the cost but also the usefulness of such an endeavor. Within an enterprise, there are multiple levels of stakeholder focus that you need to consider. As a mobility architect, I engage with business representatives who may already have a thorough understanding of enterprise mobility, but they are challenged by how effective the return on their investment is. One option is to start with a model that focuses on the top level of the stakeholder hierarchy—the executives.


Huddle for enterprise mobility and BYOD
While there are some very capable and innovative third party mobile app developers for SharePoint, everybody these days seems to have, their story of a SharePoint implementation gone wrong Mitchell sees that BYOD has crossed the chasm, and it's here. He sees BYOD across industries and government agencies, which are represented in Huddle's customer base. Huddle's technology strategy is providing a secure set of cloud services with single sign on (SSO) capability that enables organizations to secure their content for access by mobile device or platform.


How Boston Children's Hospital Hit Back at Anonymous
The hospital's incident response team quickly convened. It prepared for the worst: "Going dark" – or going completely offline for as long as the threat remained. Luckily, it never came to that. Attacks did occur, commencing in early April and culminating on Easter weekend – also the weekend of Patriot's Day, a Massachusetts holiday and the approximate one-year anniversary of the Boston Marathon bombings – but slowed to a trickle after, of all things, after a front-page story about the incident ran in The Boston Globe.


How To Manage Your Startup's Hypergrowth
The great CEO coach Jerry Colonna told me, “If you’re writing code, designing, or selling the product or service, you’re not doing your job.” It’s called being a CEO for a reason. And the secret to being a CEO is not to have a hand in every project. Being a CEO is about building a strong, dynamic team of leaders who can execute on their own. A strong team of managers doesn’t need me leaning over their shoulders, watching their every move.


Europe has a love/hate thing for U.S. tech
Publicly they may wring their hands, but in private they’re laughing all the way to the bank. Because despite what European governments and Europeans themselves say about U.S. tech companies, they can’t get enough of U.S. tech —Europeans flock to it. Why do Europeans hate U.S. tech companies? In large part it’s because of the more protected working environment in Europe than in the U.S., the stronger role of unions, Europeans' strong beliefs about the right of privacy, and a general attitude that the U.S. is guilty of cultural imperialism, running roughshod over local cultures and economies.


Research reveals the inner psychology of IT professionals
“There is scope within IT to have a lot of creative input. How to solve a problem, how to create a system that works. You are creating something, whether its an internal HR information site or a website,” said Hyde, a chartered occupational psychologist. IT professionals tend to be individualistic and may not fit as well as other professionals in corporate cultures, the research suggests. “They won’t follow rules for rules sake. If they see a better way of doing things, they are not hidebound by what has come before,” said Hyde.


Security tops CIO worries; IT budgets, turnover on the rise
The trend for CIOs to focus more on the business and less on pure tech is evident in how their success is measured. According to respondents, the top 10 performance measures for CIOs, ranked from 1-10, are: the value of IT to the business; IT’s contribution to strategy; customer satisfaction; innovative new ideas; availability; projects delivered on time; IT cost controls; productivity improvement; business cost reduction controls; and revenue growth.


Data Virtualization: The Perpetual Short-Term Solution
Data virtualization is not new. It has been a capability out there for a long time. Historically, it has underperformed expectations and was used to circumvent moving data into the data warehouse that really should have been physically cohabitating with the other data warehouse data. The resulting cross-platform queries, built into the technical architecture as a need, tended to be slow and bring into dispute the notion of a cross-platform query, which is needed much more today as organizations have a wider variety of heterogeneous platforms to choose from.




Quote for the day:

"The only real mistake is the one from which we learn nothing." -- John Powell
Posted by at No comments:
Labels: , , , , , , , , , , , ,

September 14, 2014

What’s in a Story (and a Name)?
Story telling capabilities are fast becoming table stakes in visual data discovery tools, but not all stories and storyboards are the same. Here's a look a look at four vendors' approaches. It would be nice to think that most data analyses end with a value added decision or action. But really, many BI analyses end with a Power Point, finely tuned for board room presentations. Data is explored, analyzed, filtered, transformed, and then exported into a story telling medium where it becomes static. The PowerPoint may be used to support or refute a hypothesis or to provide a status update.


A developer’s checklist for deploying the internet of things
The possibilities are staggering, but these “things” represent some significant challenges to app developers. Developers, in particular, will have to cope with an unprecedented explosion of supported devices and form factors, extensive network optimizations to make both the front end and back end more responsive, highly capable edge devices to which more processing may (and should) be pushed, and finally, a plan to capture, process, and wrangle business value and from all of the data these devices generate.


5 Technology Trends for the Financial Industry
Growing regulations and legacy systems have limited the industry to a certain extent and principals are hesitant to adopt new technologies because of the perceived unknown variables. But with the Baby Boomer generation beginning to exit the workplace, there is new pressure to cater to a tech savvy employee and customer base. In the coming years, we should begin to see some changes in the financial industry as banks and investment firms attempt to cater to a new demographic. Here are a few technology trends for the financial industry that we can expect to see become more prevalent in 2015:


Dotcom, Greenwald, Assange and Snowden target New Zealand
Edward Snowden is expected to beam in from exile in Russia, presumably on the same subject: New Zealand's role in the Five Eyes alliance. Dotcom, meanwhile, is promising to show that he was granted citizenship to trap him in New Zealand and facilitate his eventual extradition to the USA. Dotcom faces racketeering charges there related to his now forcibly shuttered file sharing website Megaupload. Now add Julian Assange to the mix. Exactly what Assange will contribute is not yet known, but he is scheduled to beam in from his sanctuary, the Ecuadorian embassy in London.


When Machines Do Your Job
Advances in hardware and software mean it’s possible to automate more white-collar jobs, and to do so more quickly than in the past. Think of the airline staffers whose job checking in passengers has been taken by self-service kiosks. While more productivity is a positive, wealth is becoming more concentrated, and more middle-class workers are getting left behind. What does it mean to have “technological unemployment” even amidst apparent digital plenty?Technology Review spoke to McAfee at the Center for Digital Business, part of the MIT Sloan School of Management, where as principal research scientist he studies new employment trends and definitions of the workplace.


Dark IT
The role of the IT department is still what it has always been: the custodians of the massive investment / asset which is the corporate information, and the corporate technology to derive value from it. IT has a responsibility (and accountability) to protect the Confidentiality, Integrity, and Availability of that asset. We also have a responsibility to the organisation to ensure that use of that information does not present risk to the organisation e.g. compliance, reputation, survival ... Only partly true. Trying to reach out to business on its own will not solve anything.


Cloud Analytics: Selecting Patterns of Integration
Many large-scale solution providers such as Microsoft, Oracle, and SAP are under pressure to add more data and workflow integration capabilities and APIs. Dell Boomi, IBM® WebSphere® Cast Iron® cloud integration, Informatica Cloud Integration, MuleSoft Anypoint Platform for SaaS Integration, and Pentaho business data and big data analytics integration represent next-generation integration that can be much easier to use than traditional integration offerings. These and other cloud-based integration software providers are enabling many patterns of integration, including device-to-cloud, cloud-to-enterprise, and enterprise-to-enterprise patterns among many other variations.


IT Visionaries: The New Role of the Enterprise Architect
Decisions are always going on. It’s the people making those decisions, your developers and team leads, that are your control points. And often they aren’t working directly for you. The EA function is one of influence, which makes credibility all the more important. The only way I’ve worked out to offer direction to this group is to respond to what they are trying to do all the time, which is build systems as cheaply and quickly as possible. What I did as an EA was try to produce tooling, frameworks, and services that were simply faster and cheaper to use than them going out and buying their own or leveraging open source.


Making change work with Enterprise Architecture
When you renovate a house, just as when you begin to analyse any large organisation, there’s an existing house in place which provides guidelines that we need to work within. In EA we refer to this as ‘current state’ plans and these are the ones that provide a baseline of where we are today. Having the existing or current state plans enables any changes to be carried out in a methodical and controlled way; it helps us manage the transition to the future state and provides a solid platform for making informed decisions.


Frugal Innovation in Australian Healthcare
Frugal Innovation is something very familiar to those doing work in Healthcare in the Global South. For example OpenMRS, an openly available medical records system, being developed iteratively, with user-centric design at Mirebalais University Hospital in Haiti. We did end up finding a place for technology and just started building it while using it at the clinic. We collaborated daily with clinicians and users, making changes as we went until we developed an application to help them measure the right things. In this case, a timeline with treatment value measures from the patient’s perspective.


Quote for the day:

 "A healthy attitude is contagious but don't wait to catch it from others. Be a carrier." -- Tom Stoppard
Posted by at No comments:
Labels: , , , , , , , , , , ,

September 13, 2014

Beyond Governance in Finance: Why BCBS 239 Matters to You
The regulators have become very serious about data management since. The Dodd-Frank Act in the U.S. had some rather vague language about data governance. However, it did specify the need to unambiguously recognize counterparties in trades. This led to the effort to have global Legal Entity Identifiers. In July 2012 the Bank for International Settlements sponsored a global meeting at the New York Federal Reserve which kicked this effort into high gear and began to involve the private sector in a very meaningful way. But the BIS had plans to go far beyond LEIs.


Industry Vulnerability Disclosures Trending Up
The CVSS base metric assigns a numeric value between 0 and 10 to vulnerabilities according to severity, with higher scores representing greater severity. Vulnerabilities that scored 9.9 or greater represented 6.2 percent of all vulnerabilities disclosed in the second half of 2013. This percentage represents a significant decrease from the first half of the year, when vulnerabilities that scored 9.9 or greater accounted for 12.4 percent of all vulnerabilities. Medium severity vulnerability disclosures increased 19.1 percent between the first half and second half of 2013, and accounted for 59.3 percent of total disclosures in the second half of the year.


Is cloud usurping IT outsourcing?
Is IT outsourcing -- handing over functions and operations to service firms -- on the wane because of cloud? Are cloud, SaaS and APIs enabling access to more granular services? Both business and IT managers seeking to plug in ready-made processes or services will find what they need out in the cloud, ready to roll within hours or minutes. The study for one, classified use of SaaS as a form of application hosting outsourcing, which is on a steep upward trajectory.


Data MIning in Excel Part 19: More Clustering
In Statistics, there's a concept called "Robustness". Basically, a robust model doesn't change very much if you try to tweak it. Robutness is a very good thing that every model should have. Imagine that you're a baseball coach. Would you rather have a pitcher that can play well in all conditions, or a pitcher that can only play well when the sun's out, the temperature is 75 degrees and he's facing West? It's pretty obvious; you want consistency, in your pitchers and your statistical models. So, how do we make sure that our model is robust? Let's check out the parameters.


Continuous Delivery For Databases Not As Much Trusted As For Applications
While a staggering 81% believe it is possible to practice continuous delivery on databases only just over 25% practicing application CI practice database CI in the real time. When asked what was the biggest barrier to adopting continuous delivery for the Database, 36% said mistrust in automation for the database, 17% said it was a lack of awareness, another 17% said it was an inability to change organizational culture and another 22% blamed it on either budget constraints or opposition from management or the development team.


Intel Says Laptops and Tablets with 3-D Vision Are Coming Soon
Intel first announced its 3-D sensing technology at the Consumer Electronics Show in January (see “Intel’s 3-D Camera Heads to Laptops and Tablets”). It has developed two different types of depth sensor. One is designed for use in place of a front-facing webcam, to sense human movement such as gestures. The other is designed for use on the back of a device, to scan objects as far as four meters away. Both sensors allow a device to capture the color and 3-D shape of a scene, making it possible for a computer to recognize gestures or find objects in a room.


Successful security awareness programs hold employees' hands to the fire
There are the ABCs of behavioral science; specifically antecedents, behaviors, and consequences. Antecedents are precursors to behaviors. In Security Awareness, antecedents are typically information. It can take the form of briefings, posters, newsletters, activities, or whatever else is in a traditional awareness program. Behaviors are the actual behavior a person displays. They are what they are. For the purposes of this article, it does not matter whether the behavior is the desired behavior. The behaviors are the actions that the person takes given all the motivators.


CIOs today in period of historic and profound change
"Business is changing, IT is changing and technology is changing," Kappelman was quoted as saying at the roundtable. That includes a growing focus by IT on how to create business value, and a reduction in cost-cutting practices. Citing survey results, Kappelman said that for many organizations today, the goal of IT is to drive the business and contribute to business strategy. This is a far cry from merely understanding the business, as CIOs were told to do in the past few years.


How Much Do Data Breaches Cost? Two Studies Attempt a Tally
In a survey of more than 3,900 financial and other companies worldwide, Kaspersky Lab found that the cost of lost financial data ranged from $66,000 to $938,000 per organization, depending on the size of the company. This included the costs of engaging service providers such as consultants and lawyers to help manage the problem, as well as the cost of lost business opportunities and investment in services and solutions to prevent additional incidents, such as extra security training. The first and most obvious metric banks measure around security breaches is actual fraud losses.


Boost Potential with Shared Authority and Lean Management
In today’s global market, conditions are becoming more competitive. Business goals and tasks are so complex and massive that formal leaders find themselves overloaded and overwhelmed. Formal leaders become at many times bottlenecks and this reduces performance and flexibility. Sharing authority is in my view an unavoidable management practice. Knowledge workers are the informal leaders who implement strategy. Shared leadership allows them to systematically take over some of the formal leaders’ responsibilities.


Quote for the day:

 "Character is like a tree and reputation like a shadow. The shadow is what we think of it; the tree is the real thing." -- Abraham Lincoln
Posted by at No comments:
Labels: , , , , , , , , , , ,

September 12, 2014

Jenkins and continuous delivery: Handing developers more power
Continuous delivery not only involves high-frequency iterations to improve the way software works, but also allows real-time checks to measure whether code changes are achieving specific business objectives. "Developers will have a way to provide feedback themselves to the business. A lot of developers sometimes feel that they are not impacting their company as much as they'd like. They're being asked to do things they might or might not like but they don't necessarily think they can impact the direction and success of the company," Labourey said.


CIOs ill equipped to manage the growing security threats
Security, or Information Security (InfoSec) as the more formal term, is going through a period of massive change. In recent months, the public has become keenly aware of the risks from Information Security. Public security issues at Target, UPS, Apple’s iCloud, Home Depot and the government’s Healthcare.gov website moved the security awareness front and center for the general public. When considering the reach of these companies, statistically speaking, it is highly probable that one or more of these issues has affected most in the US.


Interview with Grady Booch
So, we need to separate methodology from process, for the two are not the same. On the one hand, there was a general recognition that we needed better ways to reason about our systems and that led to this era of visual modeling languages. On the other hand, it was clear that traditional waterfall methods of the 60s and 70s were simply not right for contemporary software development, which led us to the predecessors of agile methods. Waterfall (from Wyn Royce, although even Wyn recognized the need for incrementality) begat the spiral model (from Boehm) which begat incremental and iterative approaches, which were always a part of the OOAD processes we at Rational developed.


Become a Value Creator
One way to be a good value creator: give coworkers credit where credit is due. The need to appear smart can lead managers to cast blame on others for missteps or to claim an employee's idea as their own when speaking before their bosses or boards—the kind of thing that can be terribly demotivating to the person who had the idea. "It's a tragedy when that happens," Hall said. "Somebody is trying to claim value, but in doing so, the person has destroyed value for the company by demotivating an employee. Everybody loses."


Don’t Let Internal Obstructionists Derail Your S&OP Initiative
Software industry professionals will tell you that when S&OP initiatives, Business Intelligence or Supplier Analysis or other types of technology-driven projects fail, software is very rarely the culprit. That may sound self-serving, but it’s true. People determine success. Passive Internal Obstructionists are difficult enough, but the more aggressive and outspoken type present special problems. Specifically, their positive contributions may be very visible and easily measured while the extent of the silent damage they inflict is difficult to gauge. Here are two examples:


Software testers petition to stop ISO 29119
ISO 29119-4 is proposed to codify a set of software test design techniques. According to SoftwareTestingStandard.org, "The test design techniques that are presented in this standard can be used to derive test cases that can be used to collect evidence that the requirements of each system under test have been met and/or that defects are present." The standard comprises about 25 techniques which are split into three branches, "Specification-based techniques," "Structure-based techniques" and "Experience-based techniques."


Future of the enterprise: Heavy investment in Internet of Things security
Chief information security officers (CISOs) are already seeing a change in the business environment due to IoT, as devices, networks and systems are becoming more interconnected on a daily basis -- and security must evolve as a response. The problem many CISOs will face is the need to blend approaches and solutions to cater for IoT security, and this may include securing mobile and cloud architecture, industrial control, automatons and physical security, according to Gartner.


Update your application security policy after Heartbleed
The dilemma CISOs face is ensuring code used within software projects is secure without incurring the wrath of business owners and development teams who are under pressure to deliver applications and updates on time and within tight budgets. As the threats increasingly outweigh the benefits of insecure software, security officers need to reevaluate the risks involved in using open source software and third-party components and how best to manage them. The security and quality of open source software -- two reasons enterprises choose to use these libraries and components -- is dependent on each project's developer base being large enough that any bug and fix is eventually obvious to someone.


Developing leaders: Turning life into learning
For the average leader, life is filled with an kaleidoscope of challenges that offer tremendous opportunity for learning and growth. Ordinary occurrences during a normal day at work can be as instructive as the most carefully crafted training exercise — for a leader who recognizes this — for a leader who knows how to turn life into learning. Organizations can redeploy billions of training dollars each year by focusing on helping leaders mine their regularly scheduled lives for deep insights, feedback, strategies and solutions.


Salesforce Issues Malware Warning
"This is not a vulnerability within Salesforce," the company was quick to point out. "It is malware that resides on infected computer systems and is designed to steal user log-in credentials and resides on infected customer systems." As a precaution, Salesforce customers should work with their IT security teams to ensure that their anti-malware solution is capable of detecting Dyre. If you believe your company has already been infected, you can request assistance from Salesforce by opening a security support case here, and selecting security as the product topic.


Quote for the day:

 "Leadership is a dynamic process that expresses our skill, our aspirations, and our essence as human beings." -- Catherine Robinson Walker.
Posted by at No comments:
Labels: , , , , , , , , , ,

September 11, 2014

Apple's Next Chapter: 10 Key Issues
There's still a lot to appreciate in Apple Watch, iPhone 6, iPhone 6 Plus, and Apple Pay. The new iPhones address gaps in Apple's lineup and should be particularly compelling with iOS 8, which includes a number of sharing features that will make life easier for households with a lot of different Apple devices. Here's a glimpse of what to expect as Apple turns to fashion to dress up its technology.


Future Data Center Trends
“No business on its own has the economies of scale,” he said. “When you do the economic analysis, the return on the investment is not there. Operating at a small size you don’t get the economies of scale that the colocation provider or a large enterprise with 250,000 square feet or more of data center space can get. “Server huggers are usually in the IT camp. But they don’t have access to the data of what it is costing the company to run the data center, including all the costs.” He pointed out that a comprehensive look at cost must include not only hardware, utilities, personnel, but also the depreciation cost of the data center asset.


IBM's 'Ninja Particles' could stop the rise of superbugs
IBM Research's Jim Hedrick has a great job. His work on polymers -- those repeating chains of macromolecules that make up most things in our world, like the computer or phone you're reading this on -- has led to the creation of substances with Marvel Comics-worthy descriptors. There's the self-healing, Wolverine-like substance that arose from a recycled water bottle and something called "ninja particles" that'll advance the reality of nanomedicine. Both discoveries will inevitably make their way into consumer products in the near future, but it's his team's progress on nanomedicine that Hedrick discussed during my visit to IBM Research's sprawling Almaden lab in San Jose, California.


Mozilla moves to cross-browser testing to ease developers' workloads
The experimental add-on, developed from the same tools that Firefox natively uses to debug Firefox for Android and Firefox OS, will allow tools in Firefox to work on Android's Chrome and iOS's Safari when the developer connects one of those devices to his or her desktop. ... "Debugging across devices can be a real pain," Christian Heilmann, Mozilla's principal developer evangelist, said to CNET. "People have been dreaming of this kind of functionality for a long time." ... "The add-on depends on some very bleeding edge stuff, so you must use the Nightly," said Camp, who noted that the add-on has rough edges. Developers shouldn't expect it to work perfectly just yet.


Seriously, churnalists? No, your Gmail login was not cracked
"Our automated anti-hijacking systems would have blocked many of those login attempts. We’ve protected the affected accounts. ... The leaked usernames and passwords were not the result of a breach of Google systems. ... Make sure you’re using a strong password unique to Google. Update your recovery options so we can reach you...if you get locked out of your account. And consider 2-step verification. "


Can a Robot Be Your Boss?
According to Hill, although the technological ability to make automated decisions has grown, consideration of the implications of such practices is not keeping pace. “The Starbucks example is a perfect one,” says Hill. “I imagine the objective was the optimal scheduling system, but they didn’t pay attention to constraints important for their employees, and it became newsworthy. What’s critical is that there is still a human in the loop to make sure proper constraints are being considered that do not discriminate in ways that are not in line with the law or do not make employees miserable.”


PowerShell Web Access eliminates location restrictions
Windows PowerShell Web Access (PWA) is a secure, lightweight website running on a Web server located in your network. It acts as a Windows PowerShell gateway connected to a remote computer in your environment, providing a PowerShell console-like screen in your browser so you can run cmdlets or scripts to manage your virtualization environment. No additional management software or browser plug-ins are needed on the client, giving you the flexibility to use everything from a laptop to your phone to perform management tasks.


Armed With 10TB Drives and 3.2TB Flash, HGST Aims to Own Data Center Storage
Going on the attack after those still using tapes in the category of active archives, HGST says it will offer hard drive solutions to provide a 10x increase in storage density and power efficiency compared to traditional enterprise data center solutions and a 5x increase in storage density and power efficiency compared to commonly used scale out cloud data center solutions. Although the archive platforms can be configured for a complete range of storage architectures the company says the greatest cost and efficiency gains are made in extremely large capacity environments.


The changing markets for software: the freemium cloud model may be your best choice
The benefits of this model compared to the packaged model are obvious: there's no packaging cost. There is a piracy problem, but that's common to almost all software product business models. Additionally, one serious problem that developers have with app stores is that it's very difficult to reach out to customers for additional sales, cross-selling, or upgrade sales. The app store owns the customer contact information, not necessarily the developer. This limitation, while not universal across all app stores, makes it difficult to build ongoing relationships with happy customers, nurture them, and sell them new offerings.


On the Death of Big Data
Microsoft's strategy is to instill a "data culture" within an organization where everybody has access to vast new stores of analytical information of varying types and can use it to improve business processes and products. For what-used-to-be-called-Big-Data, Microsoft is providing several products and services for leveraging the traditional Apache Hadoop ecosystem while also taking advantage of the democratization of the data and increased access to it from technologies such as SQL. The company is actually baking a lot of the "BD-word" functionality into the company's flagship RDBMS, SQL Server 2014.


Quote for the day:

 "Keep focused on the substantive issues. To make a decision means having to go through one door and closing all others." -- Abraham.
Posted by at No comments:
Labels: , , , , , , , , ,

September 10, 2014

‘Can everyone hear me now?’
With so much potential for corporate data loss via the voice channel, it is critical that organizations find a way to protect this data. It is also incumbent on device manufacturers and/or third parties to offer methods of creating a secure channel, much as they have done for digital data communications. This need for voice channel protection is what led BlackBerry to acquire Secusmart. BlackBerry is establishing a beachhead in a new battleground for secure enterprise communications.


4 Signs of Big Data Information Overload
Big data involves mining and analyzing enormous sets of often unstructured information. That information may come from social media, sensors, and countless other sources. It’s a different game from BI, which creates analyses from structured data stores. Big data doesn’t mean BI is going away, but that analytics now has an exciting new branch of data discovery opening up. In the new age of big data analytics, discovery is part of the process, and this will naturally cause goals to shift as discoveries emerge.


The Wolf of VMware
IT organizations are increasingly getting pressured to significantly improve agility. In most environments, storage, networking and security remain the primary provisioning bottlenecks. Virtualization and software-defined infrastructure can shorten infrastructure provisioning from weeks to minutes or even seconds. You can also drastically reduce complexity... why are we still basing security decisions on an IP address, which is an arbitrary number that can change? That degree of complexity is unnecessary and illogical with today's technology.


10 Tips for Managing Open Source Vulnerabilities
"A structured OSS adoption process can create a competitive advantage for technology companies by allowing them to leverage off-the-shelf quality software, accelerate development and reduce costs," says Mahshad Koohgoli, CEO of code attributes management company Protecode. OSS is peer-reviewed, which usually results in good quality, but like proprietary code, it is susceptible to security vulnerabilities. Licensing compliance and export controls must also be taken into account, depending on company location and where it sells products. These concerns can be managed, however, as outlined in Protecode's tips below.


Apple Pay: Really a PayPal killer?
Apple Pay includes several features that were already widely expected and/or leaked including NFC integration (iPhone 6 and Watch), Touch ID authentication at POS, and partnerships with major card networks and banks. Importantly, PayPal was not included in the list of participating payments networks, while it is too early to tell about potential “exclusivity rules”. Given that Apple Pay uses a dynamic security code at checkout and not a consumer’s actual credit card number, we believe this creates a potential technological barrier for PayPal ever being included in Apple Pay, making the wallet potentially exclusive to only credit and debit card transactions.


Cyber Hygiene
The security controls and mitigation strategies are all targeted at organizations. Government departments or private sector enterprises can and should implement them and yes, that does have a cumulative beneficial effect on the ecosystem, but it doesn’t really provide actionable guidance for individual users. Would similar cyber hygiene steps help with home users? Everyone loves to talk about the threat from zero-days, but when my colleagues and I analyzed real world exploits in our 2011 Security Intelligence Report, we found that less than 1 percent of exploits in the first half of 2011 were against zero-day vulnerabilities


Technically an Expert but You Can't Run Your Own Business!
While their skill at ‘doing the doing’ is not in dispute, many are not so great at running a business. Just because you are great at putting together a digital strategy for your client doesn’t mean you know how to actually run a business yourself. Just because you are great at creating an effective social media campaign for your clients doesn’t mean you know how to market and promote your own business. The saying goes, “cobblers’ children go unshod”: the cobbler spends so much time looking after customers' needs that he has no time for his children's.


Poorly maintained Linux servers turned into bots
"We have traced one of the most significant DDoS attack campaigns of 2014 to infection by IptabLes and IptabLex malware on Linux systems," said Akamai senior vice president and general manager, Security Business, Stuart Scholly. "This is a significant cybersecurity development because the Linux operating system has not typically been used in DDoS botnets. Linux admins need to know about this threat to take action to protect their servers." In Akamai-Prolexic's view, the gang behind this malware was likely to expand their targeting of vulnerable Linux servers, as well as broadening the list of targets.


Heartbleed patch efforts ignored on thousands of websites
In its newly released August 2014 threats report, Santa Clara-based McAfee Inc.'s McAfee Labs research team also cited an estimate that more than 300,000 websites remain unpatched and vulnerable to Heartbleed as cybercriminals successfully transformed a roster of vulnerable sites into a "hit list" to identify new attack targets. Defining Heartbleed as "the most significant security event" since last holiday season's Target Corp. data breach, McAfee warned that many applications, websites and devices that remain unpatched are almost certain to be attacked


Real-Time Stream Processing as Game Changer in a Big Data World
In contrast to the traditional database model where data is first stored and indexed and then subsequently processed by queries, stream processing takes the inbound data while it is in flight, as it streams through the server. Stream processing also connects to external data sources, enabling applications to incorporate selected data into the application flow, or to update an external database with processed information. A recent development in the stream processing industry is the invention of the “live data mart” which provides end-user, ad-hoc continuous query access to this streaming data that’s aggregated in memory.


Quote for the day:

 "What used to fit in a building now fits in a pocket, what fits in a pocket now will fit inside a blood cell in 25 yrs" -- Ray Kurzweil
Posted by at No comments:
Labels: , , , , , , , , , ,

September 09, 2014

DNSSEC Adoption - A Status Report (Part One)
The final step in the deployment of DNSSEC is the use of validated information by services and applications to provide enhanced and innovative security services to users, with browsers obviously being first in line. Businesses need to see better online security as a market advantage — especially financial services firms. More signed domains are needed to demonstrate full viability, and that's currently a huge gap in the DNSSEC chain of trust. New TLDs will help to some degree, but more needs to be done. There are two obstacles standing in the way of more secure domains, one related to policy and one technica


Dear Apple: Thank you for not measuring up
Indeed, throughout the course of using an Android device you steadily come to realise that it's the little things that make it a superior mobile experience: the much-improved keyboard, for example, which learns from your typing and predicts your next words with uncanny accuracy, or the amazingly useful widgets that make Apple's icons-R-Us interface seem positively archaic. That Apple is now playing catchup on these and other points, confirms that even its own engineers realised they had remained too inflexible, for too long.


Closing the High-Tech Gender Gap
The Lemelson-MIT Prize is an award for invention, for making discoveries useful through commercialization, and for inspiring the next generation. ... My biggest fan and mentor has always been my dad, himself a serial entrepreneur. When I became a professor, he had mixed feelings about me climbing the ivory tower. To encourage me, he asked one simple question: “When will you start your first company?” (As it turned out, I started my first company within five years. Since then, my students and have founded 10 companies between us.)


6 Strategies for Cancelling a Major IT Project
Before ever cancelling a project, make sure it can't be saved, says William Gutches. As part of a thorough investigation into whether a project must be cancelled, review the original scope of work, the skillsets of those involved, the requirements materials, the testing process, ... "The fundamental decision is whether or not there are sufficient reasons and support and agreement of the project sponsors to allow the project to proceed knowing what the new time, cost, budget and expectations are at the point of this investigation," he says. "If that agreement can be made, then proceeding is possible."


Risk appetite and its influence over ISO 27001 implementation
ISO 27001 implementations use the risk appetite concept implicitly, through the risk assessment probability vs. impact matrix, defining risks as acceptable, manageable, and unacceptable. Even though this approach may have benefits related to ease of use, some considerations must be taken when applying the risk appetite concept: With a high risk appetite, even a risk assessed as high can seem attractive if the potential gain is high enough; and Greater risk appetite can expose you to more risks, by making you use less strict controls in pursuit of a specific opportunity


Facebook’s Open Compute Servers Still Tough Sell for Corporate IT Shops
Facebook has publicly said it saved more than $1 billion as a result of using Open Compute gear in its data centers, and companies like Rackspace and IO have built cloud infrastructure services using Open Compute server designs. Earlier this year Microsoft said it had adopted OCP specs for the infrastructure that supports its entire portfolio of online services, including Azure. While there are some individual success stories, however, there has been little public information about how OCP is doing in the traditional data center space. Are banks and corporate IT shops using Open Compute servers? The most likely answer is not really or very little.


Easy Android file encryption with Encdroid
In light of the recent debacle with the iCloud hack, it's nice to find out you can find some easy-to-use third-party tools on Android to encrypt your more sensitive files and folders. One such tool is Encdroid. This particular encryption tool creates volumes that are compatible with EncFS, so they can be read from Windows, Linux, and Mac. ... Encdroid allows you to encrypt your files/folders with Dropbox, Google Drive, or the local storage of the device. The app is free and quite simple to use. Let's walk through the process of installing and using Encdroid to encrypt files and folders within Google Drive.


How to Test if Your Strategic Goal Is Really Strategic
“The community is healthy” is the effect of the other two performance results. This cause-effect relationship helps to position the second two results as causes of the first. When you get this cause-effect relationship embedded into a single strategic goal, it suggests that the goal is actually made up of performance results that sit at different levels or tiers in the organisation. It means that we can set the strategic goal as “The community is healthy” and cascade the other two performance results as operational goals. It makes sense, because the two operational performance results would naturally be the responsibility of one or two divisions of the organisation.


Why It Makes Sense to Transition to Managed Services Model?
This model is attractive as the pricing structure is based on regular monthly billing around service levels and volumes, rather than per diem fees associated with staff augmentation. This greatly reduces volatility in costs and supports accurate and predictable budgeting. Moreover, as compared to staff augmentation, the relative increase in costs in this model as business requirements grow and the service expands are significantly lower than the costs involved in further augmenting staff numbers and skills due to economies of scale, labour cost arbitrage and flexibility with staffing.


Busting cloud myths: Four user instances where cloud computing failed
It backfired because the developers kept buying instances without any restraints. “If you give someone a red button to press every time they want a candy, they will keep pressing it,” said Barnett. The company had predicted about 30 cloud instances, but ended up paying for 750. Barnett emphasised the importance of governance, staff training and awareness, as well as having policies in place to make sure cloud strategies pay off. “It is not just AWS. The same thing would have happened if they were with any other cloud service – Microsoft Azure or HP, for example.


Quote for the day:

 “Every great leader has incredible odds to overcome.” -- Wayde Goodall
Posted by at No comments:
Labels: , , , , , , , , , , , ,

September 08, 2014

CIOs should prepare for the battle between old BI and new BI
"Where their data sits is where the analysis will sit." Cloud BI has lagged in adoption because cloud-based data hasn't yet accumulated enough mass. But it will. As more and more data sources shift to the cloud and momentum around technologies such as Salesforce.com and Workday build, so too will the ecosystems that support those technologies. That doesn't mean all -- or even most -- of BI will move to the cloud. The on-premises data warehouse is still a cornerstone for businesses. "As long as that's the case, we think most of the analysis layer will be on-premises,"


Risking ERM in the Cloud
One argument for moving ERM to the cloud -- or at least having a corresponding system that lives in the cloud -- is that for most businesses ERM comprises multiple systems, which have to communicate and synchronize with one other. Consolidating those systems and moving them to the cloud would seem to make sense, especially given government and other mandates to upgrade systems and keep them in line with current regulations.Another reason is to help enterprises as they migrate in-house applications to a SaaS model. At every step along the way, they still need to manage their risk, follow regulations, and remain in compliance with policies.


China develops facial recognition payment system with near-perfect accuracy
According to Zhou Xi, director of the CAS Chongqing Green Technology Research Institute, researchers have developed a unique data collecting technology, which could simultaneously gather facial information from 91 different angles. Researchers were also able enhance the system's learning abilities to function stably and accurately in a dynamic environment. Zhou said that the system scored the highest accuracy, 99.8 percent, according to a Carnegie Mellon international standard, exceeding its predecessors' best record of 97.6 percent. The facial recognition system has already been utilized at border controls and attendance machines.


DevOps IT Automation Software Chef Goes Freemium
There are both business and technological reasons for merging the two versions of Chef into a single code base. Both reasons have to do with ease of transition between the two. “Rather than being free-to-premium, it was more free orpremium,” Crist said. In other words, the free version was not a gateway drug to the paid one as the company’s leadership had hoped. Chef CTO Adam Jacob said it was also hard for a customer technologically to upgrade from free to premium or to stop using the premium features once they had started. “Once you had them, it was hard to get rid of them, and if you didn’t have them it was hard to migrate to them,” he said.


Why the CIO should 'own' IT security
There's no shame in saying that you've under-anticipated the risk to critical company data, and illustrating the costs of a major breach compared to the cost of mitigating such a breach. Like many aspects of life, security is a balancing act between allowing people to productively complete their job duties and creating the ultimate, high-security infrastructure, which is likely so cumbersome as to not even be usable. The silver lining of the recent press releases about high profile security failings is that you can likely secure appropriate funding, even if you're unable to articulate the risks and mitigation strategies required.


Growing Open Data Movement Could Mean Big Bucks
More nations are embracing open data. In 2010, only a handful of countries maintained data sites. In 2014, there were at least 56. Hundreds of local and regional government websites have been started, and international organizations like the World Bank and the United Nations have followed suit. Even banks and private companies have followed along. Today, researchers estimate that more than 1 million open datasets have been published.


Don't Just Fail—Fail Better
You can fail better if you follow the example of entrepreneurs. As Father Ted mentioned, I’m a professor at Harvard’s Business School, where I teach entrepreneurship. The most important thing we teach is that three out of four startups fail. Dreams are destroyed; it’s often heartbreaking. But great entrepreneurs persevere, against the odds. For them, setbacks are valuable. Figuring out what won’t work puts an entrepreneur one step closer to a solution that will work. And when an entrepreneur finds a solution that works, magic happens.


How Big Data Will Take the Role of the CIO to the Next Level
Internal and external data sources therefore need to be combined and this requires a holistic approach. When all data is centralized, and accessible for everyone, based on different roles, the knowledge present within an organization becomes visible to everyone. This can significantly benefit your company. It is therefore important to break down the different silos and start combining different data sets in a centralized location. In such a scenario, individuals and departments cannot act alone anymore. They are required to work together, share their data and co-create to take the organisation to the next level.


Application Delivery Controllers - Bridging the Gap Between DevOps and Network Planning
Regardless of the nature or complexity of the Layer-7 functionality needed, the ADC needs to be able to operate at full performance and scale. Traditionally, ADCs use scripting to enable Layer-7 policies. While scripting allows desired functionality to be created, it is not optimal in SaaS environments for a number of reasons. Scripting is time-consuming, error-prone and requires either professional services or a resource that is highly skilled. More importantly, scripts are process-intensive. The more complex the policies are, the greater the burden on the ADC will be.


Selling software: Where have all the business models gone?
Today, with the exception of console video games, the packaged software market -- where you put software in a box and physically ship it -- is obsolete to the point of ridiculousness. But what's the best new model, especially for smaller, independent software companies? At the high end, of course, there's Oracle and Microsoft and SAP and such. But, for decades now, there has been a vibrant market of PC software vendors developing unique applications, tools, utilities, and tweaks -- and making a living off of it.


Quote for the day:

 "True leaders bring out your personal best. They ignite your human potential." -- John Paul Warren
Posted by at No comments:
Labels: , , , , , , , , , , ,

September 06, 2014

Your Database: The Threat That Lies Within
Unlike other software components and code or compiled code, a database is not a collection of files. It cannot just be copied and pasted from development to testing and to production, because it is a container of your most valued asset – your business data, which must be preserved. In most cases, database development is also performed in a very different way than application code (.Net or Java development), as developers and DBAs are accessing and changing a shared resource, a central database, rather than a local copy on their workstation.


Data Mining Reveals How Social Coding Succeeds (And Fails)
A social coding project begins when a group of developers outline a project and begin work on it. These are the “internal developers” and have the power to update the software in a process known as a “commit”. The number of commits is a measure of the activity on the project. External developers can follow the progress of the project by “starring” it, a form of bookmarking on GitHub. The number of stars is a measure of the project’s popularity. These external developers can also request changes, such as additional features and so on, in a process known as a pull request.


Data Breach and Spear Phishing
In the world of online, spear phishing is where a spammer leverages legitimate information to trick the recipient. Their bait can appear to be from a recognized person or company. Or you could get an email addressed to you asking you for additional information. If the sender can target the email to your needs, include personalization and grab your attention, they can trick you into doing a lot. Savvy spear phishers add a multi-channel twist incorporating calls, verifying your address (or where you bank, where you shop or kid’s schools), they send the promised follow-up email, incorporate letters – anything to get your attention.


The Innovation Dead End
You can certainly hire people who’ve never failed; their courage can have a buoying effect on everyone else — but they too will become risk averse over time as they encounter failure, so it’s not a lasting solution. You can (and should) make every effort to fail as fast as possible to minimize the human costs of failure. But that tactic is limited by how long it realistically takes to prove or disprove the kind of ideas you work on. Even ruthlessly optimizing project definition proof of concept, failing fast can still take months or years, especially if your innovation is technical, rather than product- or market-based.


Australian streaming services lock down content before Netflix
Speaking yesterday at the ASTRA 2014 conference in Sydney, Presto's director Shaun James said that Presto was on the offensive, rather than defensive in getting into the market now before Netflix arrives. "It's not defensive, we're playing offensive with Presto. Yes, there are some reasons for getting into that business and having first-mover advantage, and yes, we are using the benefits of being part of the Foxtel family, but it is very much an offensive. We're up and running, and we're going to be aggressive," he said.


Future of IT standards, SOA, and disruptive technologies stands strong
SOA has been established for a long time. It was declared dead at one point. In fact, the person who made that statement eventually had to recant and admit that it was not dead. From an Open Group perspective, we don't normally think that something that comes up with a bang like SOA may still be around 10 years later, but that seems to be the case. ... There is perhaps a change in emphasis on the techniques used under the heading of 'SOA,' but certainly there was a point at which it became unpopular to go to your CIO and say,


The Life and Times of TDD
A TDD approach can be used to specify the detailed design of your application code, database schema, or user interface (UI) in a JIT executable manner throughout construction. This is referred to as developer TDD or unit TDD and is typically done via xUnit tools just as jUnit for Java and PL/Unit for Oracle. Not surprisingly the survey found that TDD practitioners are commonly doing more than just TDD to explore their designs. People doing developer TDD were also working on teams who were applying other design related activities


Motivating the Negative Nancy on Your Team
A “Negative Nancy” is someone who overgeneralizes in labeling situations and people, focuses on the bad in each situation, jumps to conclusions and constantly redirects the blame. In a business setting, these behaviors can result in harmful effects, such as reduced productivity, decreased group morale, increased stress, wasted time, hindered creativity and innovation, and higher employee turnover. ... “Allowing [negativity] to fester is much more costly and damaging to an organization’s bottom line than confronting or possibly replacing a single toxic employee,” said president and CEO of Fierce Inc.


Berlin: A British Perspective on Germany’s Tech Hub
Contrary to the stereotype, Germans tend to be friendly, welcoming and warm people. A quarter of a century ago I drove around mainland Europe with two friends in a converted Bedford van. Scruffily dressed and culturally naive, we saw everyday life and prejudices in a dozen countries. The Dutch were fun, the French loathed us, the Germans went out of their way to be helpful. Statistically meaningless anecdotes, I know, but those German attitudes are certainly visible in Berlin. You don't really know what helpfulness is like until you've walked around a city at night trying to find a GP to prescribe antibiotics and painkillers for your daughter's ear infection.


Aligning People, Processes and Technology for Successful Data Governance
The legal and compliance world is continuously evolving, and every industry must understand how laws and regulations apply to them. Often regulations force companies to maintain data for a set period of time and, most importantly, search and produce this data when needed. To reduce litigation risk, legal generally reduces the amount of time that a company keeps data to the bare minimum. At the same time, there is also an increased burden for legal discovery (e-discovery). Companies are now required to be able to produce data related to a case in a reasonable amount of time.


Quote for the day:

 "Work like you don't need the money. Love like you've never been hurt. Dance like nobody's watching." -- Satchel Paige
Posted by at No comments:
Labels: , , , , , , , , , ,

September 05, 2014

Copyright infringement is terrorism, screech the revolution's losers
You might have thought that Australia's "debate" over online copyright infringement couldn't get any sillier. But this week the journalists' union came out as a fan of internet censorship, only to withdraw when they realised what they'd done. And Village Roadshow equated copyright infringement with terrorism and pedophilia, and came out in support of, oh, moonbats or something. Hard to say. Village Roadshow's submission to the government's copyright infringement discussion paperis the loopiest, with so much shouting and whining that it's hard to take their hyperbole seriously.


The New Leadership
This decoupling of commitment and loyalty, and this mixture of precariousness and personalization, are phenomena that require us to rethink not just the relationship between organizations and individuals but also the meaning of work, leadership and leadership development. What does it take to have successful and meaningful careers in this context? What does it mean to lead? What does it take to lead well? And, how do we help aspiring leaders do it? All my writing and teaching revolve around these questions.


Networked Home Gadgets Offer Hackers New Opportunities
“Dealing with the privacy and security aspects of the Internet of things is going to be one of the biggest challenges we have faced in security for a long time,” he says. “We are wearing it and installing it throughout our living spaces and other places where technology has not usually had the opportunity to go.” Rogers says that many of the features of security software standard on traditional computing devices, such as laptops and smartphones, could also defend these newer devices. However, so far those techniques aren’t being used on the new wave of networked home devices, says Jacoby. “Nobody is doing anything at all about them.”


How GE Is Using Big Data to Drive Business Performance
In essence, the idea is that all the separate machines and tools which make an industry possible will be “smart” - connected, data-enabled and constantly reporting their status to each other in ways as creative as their engineers and data scientists can devise. This will increase efficiency by allowing every aspect of an industrial operation to be monitored and tweaked for optimal performance, and reduce down-time – machinery will break down less often if we know exactly the best time to replace a worn part. Data is behind this transformation, specifically the new tools that technology is giving us to record and analyze every aspect of a machine’s operation.


Scrummaster Tales: – Stuck Waiting For Other Teams
When a Scrum team finds their groove and become more efficient, everything will move along faster. Or… not? Sometimes the faster you’re able to go, the more speed bumps and stop signs you’ll encounter. John (ScrumMaster) and the team are humming along nicely building great new features for the SmallestOnlineBookStore. With the huge success of the first big release nine months ago, venture capital money has come flowing into the company. Significant investments have been made in Operations, Security, and Networking in addition to creating several new Development Teams. Unfortunately, all these new people are making it more difficult for the team to get the software they built deployed.


Giving fraud the finger: Barclays banks on biometrics for business customers
"Typically when you upgrade security you introduce complexity to the workflow... this doesn't do any of that," he added. Barclays said that unlike fingerprints, vein patterns are extremely difficult to spoof — because they're internal structures they are harder to copy. Also, unlike fingerprints, vein patterns can't be left behind on hardware. The finger being scanned must be attached to a live human body in order for the veins in the finger to be authenticated, the bank said. The false acceptance rate for the system is one in one million, while the false reject rate is one in ten thousand, it added.


Google Glass Can Now Track Your Stress Level
BioGlass uses the Glass sensors and camera to track the wearer’s ballistocardiogram, or BCG, which is a mechanical signal measuring the tiny body movements that result from the heart pumping blood. BCG tracking has been around since the 1870s, but was hardly used for many years because it was tricky to track without special equipment (such as a frictionless table). More recently, though, research has shown that sensitive motion sensors for electronic devices can easily detect the BCG signal, and at least one company, Quanttus, is building a product that can do so at the wrist.


A Continuous Delivery Setup
In my last project, I led the team that setup the Continuous Delivery infrastructure for the product marketing and publishing platform of a major consumer electronics giant. This platform was based on Scala and the Play framework and used a non-blocking architecture to achieve scale. In this post, I want to share some of the key highlights of this project from a Devops and Continuous Delivery point of view.


Top CIOs: Start with 'Yes' When it Comes to New Technologies
IT has good reason for wanting to have some influence over the technology choices that workers make, Rebecca Jacoby, CIO of Cisco said. "In IT, today I think we have more risk management responsibility almost than finance," she said. But the CIOs said they realize that if they give employees tools that work, they'll use them. "If you give employees a good or better solution than they're using, they aren't evil. They aren't using stuff you tell them not to because they're evil. They just want to get their jobs done.


Building and Deploying Android Apps Using JavaFX
JavaFX is an integral part of the Java SE environment, and it is the official “Java on the client” component. It is bundled with the JDK and the JRE on the supported systems. As a consequence, Oracle provides JavaFX as part of the Java SE distributions on Windows, MacOS X, Linux and on embedded ARM systems. There is no official Oracle distribution for JavaFX on iOS or on Android. Good enough, the community is filling this gap. The RoboVM team is adding support for JavaFX on RoboVM, which makes it possible to compile JavaFX applications using the RoboVM compiler and run them on iOS devices.


Quote for the day:

 "Somewhere, something incredible is waiting to be known." -- Blaise Pascal
Posted by at No comments:
Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)