Daily Tech Digest by Kannan Subbiah

November 13, 2014

Are You Sweeping Big Data Privacy Under the Carpet? 5 Things to Do Instead
Admit it: When you read or hear about big data privacy, you’re ready to move onto the next topic or swipe to the next screen. Or sweep it under the carpet. You know the discussion is important, but let’s be honest: it’s not exciting, it’s sometimes creepy, and it’s not easy to navigate its complexities. ... There’s no question that we all play multiple roles—i.e., that of a consumer, citizen, private sector employee and/or government worker—and that our time is limited, so what can we do? For starters, I suggested five options during my presentation. Here’s the Cliff Notes version:

Software Defined Networking - What's New?
This presentation will give a look at the Open Data Center Alliance rev 2.0 software defined networking (SDN) usage model that incorporates network function virtualization, and five new usage scenarios. SDN is no longer considered an emerging technology; the technology is proven, although it is still at an early stage in its life cycle. In comparison, NFV is at an earlier stage of development, but because the technology effectively complements SDN and is important to service providers, NFV is likely to be widely adopted across the industry. To improve evaluations and decision making, IT departments and cloud subscribers will require standard features and defined metrics.

Expired Antivirus Software No. 1 Cause Of Unprotected Windows 8 PCs
“Running expired antivirus software can give people the impression that it is still protecting them even if it hasn't downloaded updates in a while,” says Tim Wilson, director of cybersecurity and cloud strategy at Microsoft. “However, data from our latest report indicates that running expired antivirus software is nearly as unsafe as having no protection at all,” Wilson said in comments emailed to Dark Reading. The malware infection rates on Windows 8 clients with expired antivirus tools were almost as high as the infection rate in PCs with no protection at all, the Microsoft researchers discovered.

Global Banking and Big Data: The Challenge of Anti-Money-Laundering Compliance
A series of high-profile decisions by the U.S. Department of Justice against BNP Paribas, JP Morgan Chase, Barclays, and other large, global banks resulting in multi-billion-dollar fines has brought anti-money-laundering (AML) to the top of the financial services industry’s priority list. While the first wave of investment in big data tools and technology has heretofore been targeted at the identification and prevention of nefarious activities that lead to direct costs for banks, payment processors, and their customers, spending in the near term may likely be related to compliance with three key pieces of AML regulation

Top 10 tech conspiracy theories of all time
The appeal of the conspiracy theory is rooted in its own essential slipperiness. In terms of technical definition, a conspiracy refers to multiple persons or groups working together toward some kind of shady result. But in popular culture, conspiracy theories can be plausible or impossible, true or discredited -- and everything in between. Here we take a look at the 10 most infamous conspiracies and conspiracy theories that have made the rounds in the world of high tech.

7 Trends That Can Define the Future of Cloud Computing
There are two big reasons that leaders across every industry are gung-ho about the Cloud. One reason for this huge confidence in Cloud computing is that it is one of the most disruptive technologies to have emerged on the scene in the last decade. The second and what I think is a far more critical reason is what the Cloud, its adoption and application promises for the future. It is when business owners “foresee the future” of the Cloud that they say to themselves, “Yes, this is the technology that I want to tie my business fortunes to”.

Microsoft's Answer To Death By Email: Meet Clutter
Clutter relies on Office Graph, a machine learning technology that maps the user's relationship with people, events, documents, projects, and other types of information. Office Graph allows Clutter to recognize that a user has ignored a co-worker's email about his new cat but read and responded to another colleague's message about an upcoming campaign, for example. Observations such as this help Clutter determine which messages to prioritize. From the user's perspective, Clutter operates something like Gmail's importance ranking, but in reverse; whereas Gmail partitions emails it deems "important" into a secondary folder instead of in the main feed, Clutter puts the important messages front and center, with less important content relegated to a "Clutter" folder.

Unlock Your Computer and Websites with a Glance
The Myris is a squat, palm-sized cylinder that connects to your PC with a USB cable. Its underside has a small mirror in the center with a small camera lens next to it. Any time you meet a login screen after the device has been set up, you hold up the Myris in front of your face so that both eyes are visible in its mirror. A few seconds later, a green ring lights up to signal that you’ve been recognized, and the device’s companion software will log you in without your having to touch a key. You can do that for websites, for desktop applications, or to log in to your user account on a computer.

Are Legacy Vendors Pulling OpenStack in the Wrong Direction?
Over the past couple of years, OpenStack has turned from a small skunkworks effort to build Amazon Web Services-like clouds but open source into a movement backed by some of the IT industry’s biggest legacy vendors. It’s not uncommon nowadays to hear that OpenStack has become the de facto standard for building cloud infrastructure. Such mainstream support, however, comes at a cost, threatening to detract from the project’s original goal. That’s according to Jim Morrisroe, CEO of Piston Cloud Computing, a San Francisco-based startup co-founded by Joshua McKenty (one of OpenStack’s founding fathers) that helps customers stand up OpenStack clouds of their own.

Introducing Essence#: A Smalltalk-based Language for .NET
The Essence# compiler generates DLR dynamic call site for each and every message send, regardless of the receiver. The compiler does not and cannot know the type of the object that is receiving a message, so it just emits a DLR CallSite for all message sends, and the CallSite for a message send is always an instance of the ESMessageSendBinder class. An ESMessageSendBinder figures out, at run time, how to implement the message send. That’s done one way in the case of native Essence# objects, done another way in the case of the CLR primitive types, done yet another way for any non-essence# objects that implement the IDynamicMetaObjectProvider interface

Quote for the day:

"You can, you should, and if you’re brave enough to start, you will." -- Stephen King

November 12, 2014

Open-source .NET, free Visual Studio, support for Linux, Mac, Android and iOS
As part of the change, Microsoft will give developers the ability to use the .NET runtime and framework to make server- and cloud-based applications for Linux and Mac. Microsoft is also releasing a new, full-featured version of Visual Studio 2013 that will be available at no cost to independent developers, students, small companies and others not making enterprise applications. And the company is releasing a preview of Visual Studio 2015 and .NET 2015 with new features for building applications that run on platforms including Windows, Linux, iOS and Android.

Dealing With the KPI Terminology Problem
And remember, ‘KPI’ is just one of the many performance management terms that does not have a standardised, universally accepted definition. I have no idea how this problem of varying terminology is going to be resolved, and that’s not the intent of this article. The intent of this article is to give you a contextual framework to make sense of where ‘KPIs’ – or performance measures, or whatever you call those quantitative pieces of evidence of our performance results – should fit. So let me tell you my definition of these terms, and then you can map your own terms to my meanings and thus avoid distraction and confusion when you try to make sense of your own strategy.

Alcatel-Lucent pins growth on R&D, enterprise
"Our customers need a network that can scale quickly, and break down silos in between the different technologies,' Combes said. "SDN [software-defined networking] makes network resource as easily consumable as compute and storage. We strongly believe that the answer to complexity is around NFV [network functions virtualisation] and SDN combined." Although Alcatel-Lucent was reducing its size globally, investment in the company's Bell Labs research division remains at €2.2 billion year on year, Combes said, with divisions opening in Israel and the UK. "You can expect a very strong Bell Labs in the next few years because that is a key differentiator for us," he said.

IT still not ready for IoT
Despite the benefits of connected devices, more than half (51%) of respondents believe the biggest challenge regarding the Internet of Things is increased security threats, while a quarter (26%) are concerned about data privacy issues. Two-thirds (68%) admit they are very concerned about the decreasing level of personal privacy. More than a quarter of respondents say the general public’s biggest concerns about connected devices should be that they don’t know how the information collected on the devices will be used (28%) or they don’t know who has access to the information collected (26%).

Update now, Windows users: Microsoft patches critical (and old) security flaw
Microsoft has issued emergency patches for a flaw that affects all supported versions of Windows. It’s a nasty one – a vulnerability in Windows’ implementation of the protocols for encrypting internet communications. The critical flaw lies in Secure Channel (Schannel), a security package – used by Internet Explorer — that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. While there’s no evidence of its exploitation yet, it allows attackers to remotely execute code on the target’s machine and take it over, so it is imperative that all Windows users run an update immediately.

IndependenceIT: 'Switzerland' Of Virtualized Desktops
IndependenceIT is trying to make it practical to provision and sustain virtualized end-users, a goal that has tended to recede about as fast as many companies have approached it. Implementing virtual machines for end-users who have varied needs, little tolerance for slow-functioning desktops, and a likelihood of being mobile at some point has complicated the deployment of virtual desktops and, in many cases, delayed it. Individualized desktops that each need to be stored drive up storage costs. Power end-users require a delivery protocol that prevents jitter in the multimedia and video they view. When the end-user disconnects from the corporate network, what then?

SDN meets the real world, part two: SDN rewrites the WAN manual
Wide-area networking (WAN), the part of the enterprise network between applications and end-users, is traditionally slow, expensive, and inflexible — and hence, ripe for innovative new approaches. SDN is broadly applicable to other parts of the networking requirement, so offering up a pool of resources that can be programmatically controlled by software should be explored in different contexts and settings. This report lays out a conceptual approach whereby SDN can be applied to the WAN to drive cost savings, agility, and flexibility for enterprise customers.

Samsung And SAP Partner On Mobile Devices For Business
“Increasingly, our customers are away from the desk and require a fundamentally new way to interact with the enterprise applications to align with how they work today,” said Steve Lucas, president, Platform Solutions Group, SAP, in a statement. “The applications that match the current trends in mobility must work to create a seamless experience as the work modality embraces mobile devices, wearables, Internet of Things and other alternative forms of mobile computing. Through our partnership with Samsung, we are working on plans to offer a premium mobile enterprise experience for customers.”

Lack of in-house skills stymies IaaS migration, says report
Reconnix CTO Steve Nice noted a “clear desire for business to move away from traditional environments and towards IaaS providers”. “It’s natural for many businesses to err on the side of caution, but this conservative approach can mean that many are missing out on the transformative benefits of the cloud,” said Nice. “It’s clearly a confidence issue, and the challenge is for IT departments to take the necessary steps to prepare themselves for inevitable change. “By failing to take action now, they risk putting themselves at a technological disadvantage to competitors, or being caught blindsided and forced to rush through a migration that could end up costing over the odds.”

Don’t Surround Yourself With Smarter People
Freedom is therefore implicitly freedom to win in a specific sense. This is not an accident. Any time you define freedom in terms of capacity for action (intrinsic and situational), you’ve defined freedom in a finite-game (Carse) way. Increasing freedom becomes a matter of increasing your capacity for victory over increasingly capable opponents, until you’ve defeated them all. Stated another way, freedom to win is freedom to get smarter in the sense of a given finite game. Freedom in a finite-game sense is always freedom-to-win (and therefore, freedom to stop playing at some point).

Quote for the day:

"Look for people who will aim for the remarkable, who will not settle for the routine." -- David Ogilvy

November 11, 2014

Big Data Survey: Trouble Brewing For IT
Enterprises are faltering in their ability to comprehensively analyze big data, and IT has opted to walk away. Look, for years IT organizations have been told they don't own enterprise data, the business does. Lately we've heard about the rise of the CMO and how it takes that mindset to really know what data matters and how to mine it. So the message too many IT teams seem to be taking away: "This isn't an IT problem. We build the systems, keep the lights on, try to keep attackers out. We don't own big data. Our input isn't wanted."

Rackspace Launches Azure Services From Data Centers
Microsoft's partnership with Rackspace looks a lot like VMware's moves in the same hybrid cloud space. It launched its own vCloud Air data centers, offering VMware-compatible public cloud services. But it also commissioned a wide variety of regional providers to offer vCloud services, calling it the vCloud Air Network (versus Microsoft's Cloud OS Network). At the same time, Rackspace's adoption of private cloud packaging inside its cloud data centers is another step back from the brink. In May, it hired Morgan Stanley to act as an agent to explore the possibility of being acquired or taking on a tight partner relationship.

Are fingerprints PINs or physical artifacts?
“Courts are essentially wrong distinguishing between various methods of encryption and decryption,” said Rasch. “They are all, at their core, a mechanism for protecting the privacy and security of data. Indeed, a person encrypting a drive with a biometric would have cause to believe that this was more secure, and that they had a greater expectation of privacy in the biometric than they do in a simple four-digit PIN. To say that announcing the numbers ‘2580’ as a password is testimonial incrimination, but handing over a complex PGP key, or causing a complicated mathematical calculation based upon a biometric is not testimonial misses the point.

Why Your 2015 Plan Needs To Include Data & Analytics Governance
An extremely important aspect of a centralized data governance group is representation from various stakeholders across the organization. Even the word “analytics” means very different things across the different groups within your organization. Finance, web, marketing, customer and business teams all generate and use data in very different ways, and often these data sets can end up living in isolated silos. And, beyond your own organization, keep in mind that there are typically many third parties and agencies you’re working with, and often organizations will choose to bring in an external specialist or consultant to provide insight into trends and new opportunities in the data & analytics space.

SaaS: The dilemma of visibility and control
The supply of SaaS solutions is increasing and will continue to do so at an ever increasing pace. According to Forrester Research (Application Adoption Trends: The Rise Of SaaS) SaaS spending accounts for the 23% of the application software budget. However, it grew a whopping 53% over the previous year (4Q 2012-4Q 2013). In addition to customer relationship management (CRM), SaaS adoption is strong in human resources management, collaboration tools, and e-procurement. Forrester is also seeing a dramatic increase in SaaS interest in business intelligence (BI) and several other application categories.

Here's what your tech budget is being spent on
Andrew Horne, managing director at CEB, said IT departments are introducing more flexible budgeting and making better use of cloud computing which allows them to reallocate budget to innovation. The CIO's attitude towards innovation is often tempered by a big dose of caution, so much so that they have started to lose responsibility for innovation projects to other managers. Meanwhile, IT chiefs are finally waking up to the threat coming from shadow IT, where other execs have been getting more interested in developing their own digital projects outside of the control of the CIO.

10 bad technology decisions that can come back to haunt you
As organizations build their tech roadmap for the years ahead, the wrong choices and strategies could have unfortunate repercussions. Here are some pitfalls to watch out for. A bad strategic or tactical move can unleash an avalanche of negative effects on your organization, some lasting for years to come. Here are some of the worst of the worst -- and a few suggestions on how to avoid them.

Cures For The Common Help Desk Headaches
With all three of the most common help desk headaches, though, you need to go beyond technology and look to training and cross-departmental collaboration to really build skills into your corporate cultures. Defining a technological skillset matrix for your team will reveal gaps in knowledge. A simple "X skills needed, Y people on the team with a 1-, 2-, or 3-rating per block" will show where you need to provide more training and where you can hold a related session in a conference room each month.

Why Hire Veterans? They Bring a Lot to the Table, Say CompTIA Members
Veterans do bring a lot to the table, agreed Aaron Woods, director of USSP relationship and partner programs for Xerox Corp.’s Global Customer Service Delivery and a six-year veteran of the U.S. Army. “All veterans have attained a number of skills while in the military that would fit the needs of any employer,” Woods said, citing teamwork, leadership, discipline and the ability to follow a chain of command. IT companies should consider the specific traits that veterans possess, like being team-focused and disciplined with a strong drive to complete a task. “The ability to work in a team environment is one of the most important attributes a veteran will bring to an IT company,” he said.

Hire Self-Motivated People — the Single Smartest Thing a Hiring Manager Can Do
A self-motivated recruiting prospect, candidate, or employee is an individual with a track record of having the internal drive and motivation to begin and continue tasks without external prodding or extra rewards. You don’t have to identify why they are so driven. Just be satisfied with the fact that it is something in their character, upbringing, training, or attitude that drives them to work without any external stimulus or threat. Once you bring this recruiting approach to any hiring manager’s attention, they almost instantly appreciate its value. But if you are cynical, I have listed below some of the many benefits that come from hiring self-motivated people.

Quote for the day:

"Everything you want is just outside your comfort zone." -- Robert Allen

November 10, 2014

Google releases tool to test apps and devices for SSL/TLS weaknesses
The tool includes a client component for Android and Linux systems that tells the MitM component what specific tests to run. The client is also important for tracking which applications that run on the tested systems opened certain SSL/TLS connections, something that can be hard to determine just from the MitM side. Nogotofail can check for weaknesses like vulnerabilities in third-party SSL/TLS libraries, susceptibility to attacks that strip the SSL/TLS or STARTTLS encryption and improper certificate validation, a widespread problem in applications.

How enterprises will use the cloud for big data analytics
Compatibility, security, and performance concerns have kept enterprise organizations from being completely comfortable with the idea of moving their complex core applications to the cloud. Without a seamless application migration blueprint, the project can seem more like a headache — and a risk — than it’s worth. This report, which is based on a survey by Gigaom Research and sponsored by Cazena in September 2014, reviews the different considerations when moving some or all big data-analytics applications to the cloud. The report is will give guidance to CxOs, IT and business leaders, and decision-makers at software as a service (SaaS) companies and cloud service providers.

Linux Foundation: Open Source is Eating the Software World
There is a wholesale shift in the enterprise software world from using a little bit of open source code here and there to an 80-20 split, where 80 is the open source portion, he said. The reason for the shift is quite simple: software has become a way for an enterprise to add value, and open source is the best way to use a lot of software. “There is too much software being written for any organization to write that software on their own,” Zemlin explained.

Become a great listener
To succeed in today’s business world, leaders must be proactive, skilled listeners. Leaders who make themselves accessible for conversation and listen regularly are well-informed of the goings on in their workplaces. They better understand others’ opinions and attitudes and are able to take this information into consideration when making decisions. There are other benefits to listening well. One is building trust. Effective listening conveys a sense that the leader cares about her people, their thoughts, opinions and concerns. A leader also builds stronger commitment within others when people feel that she cares about them personally as well as in how they fit within the organization.

The Half-Life of Data [INFOGRAPHIC]
Radioactive substances have a half life. The half life is the amount of time it takes for the substance to lose half of its radioactivity. Half life is used more generally in physics as a way to estimate the rate of decay. We can apply exactly the same principle – the rate of decay – to business information. Like natural materials, data is subject to deterioration over time. In science, the half life of a given substance could be milliseconds. It could be many thousands of years. The half life of data has been measured, and it may be shorter than you were expecting.

Security Think Tank: Guidelines for dealing with Shellshock
It is useful to know that there are many other shells that may be utilised in Unix deployments. However, bash is the default shell for both Linux and Mac OS X. The use of both of these operating systems is popular for enterprise and home applications. This vulnerability has been present in Bash for around 22 years. Chet Ramey a senior technology architect at Case Western Reserve University in Ohio, has been maintaining the Bash open source project and believes Shellshock dates back to a new feature introduced in 1992.

Emerging tech under standards scrutiny
We want the standard to support that sort of rapid development. In the public cloud, you can spend small amounts of money to get a prototype working, and then think about rollout and production – that's the point at which you should be thinking about long-term interoperability and questions like ownership and data recovery." In every aspect of the Open Platform 3.0, security is a concern, along with related topics of identity and privacy. Says Harding: "Security is a key concern, and so is identity. You need a framework to identify who owns the data, who is trying to access it.

Raids cast doubt on integrity of TOR
This makes it unclear whether these authorities have broken Tor to the point that it can no longer mask the location of its infrastructure or whether they found them using other intelligence. Tor relies on volunteers who host nodes of the network. Traffic bounces around within Tor in order to disguise where it comes from, but exit nodes and entrance nodes would yield the most useful information about actual IP addresses connecting to Tor. “Law enforcement could try to get in that first layer and see the sources and therefore try to reduce the anonymity as much as possible,” says Ben Johnson, chief evangelist at Bit9+Carbon Black.

Look out OpenDaylight, there's a new open source SDN controller
"It's a distributed core that runs on multiple servers," Appalaraju said. "Each instance is identical and they cooperate together to form a single system. If you need more control plane capacity, you add more servers. It also has high availability. If an instance fails, the workload is seamlessly distributed to other systems." ONOS also has carrier-grade persistence. The state of the entire control plane is stored on every instance at once, which enables hitless updates. Like OpenDaylight, the southbound abstraction layer of ONOS uses multiple protocols, including OpenFlow, to interact with network infrastructure.

Leveraging Three Tiers of Health Data
With Meaningful Use, you have to be able to email patients and share data among and between other physicians, et cetera. People are getting certified for MU, but if you actually look at the rules they don't say you have to do it 100 percent of the time. They say you have to have an electronic medical record with a problem list on x number of patients, and that keeps escalating over the years. The same is true with with email. I think we're about halfway there. In my experience it's not there, but I know what MU is about and that people are getting certified.

Quote for the day:

"The best strategy for building a competitive organization is to help individuals become more of who they are." -- Marcus Buckingham

November 09, 2014

How Your Clients Can Use COBIT and BiSL to Manage Their Information
Most of BiSL’s guidance addresses the first point, whereas COBIT is stronger in the second area. Many COBIT practices apply to business information management and contribute to providing assurance that business information management processes are executed effectively. Business information managers who want to use COBIT key practices, to assure themselves and stakeholders that the information systems (in the broadest sense of the word) are under control, can use BiSL to help them decide how to implement the key practices. BiSL does not provide specific guidance as to how to comply with the key practices, but gives an extensive description of the content of the processes.

Agile and SaaS – Lessons for Value Realization
SaaS and Agile combine to enable more nimble project governance. Business leaders are able to steer the project in two-week increments to gain maximum benefit by focusing resources on features that yield immediate value, while deferring “nice-to-have” features for future deployments. As well, business leaders gain the confidence to manage the project in this way, knowing that the Agile approach means that Release 1 will indeed be the first of many value-adding deployments in a multi-release program.

TGF: Impact of the Internet of Things Version 1.0
The latest wave of developments takes interworking still further by incorporating objects of all sorts into the network of IT services, information, organizations and people. This is the Internet of Things (IoT) that provides the potential for e-devices to be commonly built into infrastructure such as roads, vehicles, localities (e.g. smart cities), homes, livestock and even people (e.g. for measuring bodily functions). Many organizations, including governments, are realizing that there are financial, social and other benefits that are emerging though the use of networks of e-devices for the collection of data (e.g. the monitoring of people and their environment for health purposes) or raising alerts (e.g. when river levels rise).

5 Steps to Actionable Key Performance Indicators
A KPI (Key Performance Indicator) should immediately inform the reader how the business is performing which in turn should suggest what actions need to be taken. And if we are measuring the effectiveness of a website, the KPIs need to inform us how the site is doing in driving our business objectives. But most don’t. Too many organizations create Top-10 lists: Top-10 pages, downloads, videos, keywords, referrers, etc. Is it important to know which documents were downloaded the most, or what keywords drove the most traffic to your site?

List of sample KPIs in 5 perspectives of BSC
Here is a general list of key performance indicators which are divided into categories. This list should not be viewed as a must have set of indicators, but it is based on the experiences of many companies and researches related to scorecards. ... t is often reasonable to evaluate not only the efficiency of some production processes and operations at a given moment, but also assess the potential of these indicators, and the opportunities to improve them in order to increase production output and broaden production line.

Agile Enterprise Architecture Increases IT Relevance
Five years ago, Cisco started on an enterprise architecture journey to unify business strategy with IT investments. Today, all of our planning and decision-making is based on an agile, well-defined architecture-based framework.We make it real by ensuring that everything we do in IT is based on business architecture. We understand what our clients are doing and what they need, and then translate that into technology architecture and roadmaps that deliver capabilities to meet their needs. ... Enterprise architecture is a springboard for cultivating consistent communication and transparency between IT and the business. It’s a mechanism for helping our users across Cisco derive strong business value from IT.

Architecturally Significant Requirements
As you progress in your career you will learn that architectural requirements are hard to determine, primarily because they need to be gathered so early in the lifecycle before anything is really known. We know that architects should start early in project lifecycles based on when an architect engages in a project, with the end goal being integration into the innovation and project funding lifecycle itself. Hopefully, your organization has learned that getting an architect engaged before the project kickoff will not only save you money but is at the root of incremental innovation. Either way at some point the solution architect will be faced with a business case and business architecture

KeyStone Security and Architecture Review
This presentation will cover architectural and procedural security concepts within KeyStone, specifically Trusts or Delgations, AMQP Security with KeyStone and integration with a Corporate LDAP for single source of truth. Given the distributed nature of OpenStack KeyStone plays a major role in binding all of the Projects together but not much is mentioned about how to do this with KeyStone or what the pitfalls and dangers of hooking up a centralized Security System to the rest of the cloud will be. Not only do you have to be wary of the services that connect to KeyStone but you also have to be cautious of the kinds of input and data you give to KeyStone from external sources.

Testing the Internet of Things: The Human Experience
“Human Experience” testing has the following components of human interaction with the device. We should test all things physical, including sizes, shapes and genders of the users. We should also include sensory reactions including sight, sound, and touch. Orientation or the interaction with human movement is an incredible crucial part of the test. We must plan for testing in various geographical locations, different weather conditions and contexts. Finally we must consider value and most thoroughly test in terms of the users’ perceptions, mindsets, biases and emotions when interacting with the device.

Stewardship Models of IT Governance: Beyond

Agency TheoryAgency theory assumes that the interests of owners and managers are inherently in conflict and that defensive activities are necessary by owners to protect these interests. Stewardship theory points out that these assumptions aren't always true. A series of theoretical propositions concerning the stewardship model were made by Davis, Schoorman and Donaldson. Their ideas, in conjunction with ideas on best practices in IT governance from Weill and Ross provide an explanation for variance in the effectiveness of a varietv of governance models. Application of the stewardship model results in several novel approaches to IT governance and technology management, especially with regard to post implementation value delivery

Quote for the day:

"If the rate of change on the outside exceeds the rate of change on the inside, the end is near." -- Jack Welch

November 08, 2014

Does Watson Know the Answer to IBM’s Woes?
The hope is that the technology will be able to answer more complicated questions in all sorts of industries, including health care, financial investment, and oil discovery; and that it will help IBM build a lucrative new computer-driven consulting business. At the M.D. Anderson Cancer Center in Houston, a version of Watson is helping doctors develop treatment regimens from a patient’s symptoms based on an analysis of thousands of pages of medical papers and doctors’ notes. There is good reason for IBM’s management to hope that the technology might provide the spark for its reinvention.

Why Amazon Echo is the future of every home
As artificial intelligence, voice recognition, speech recognition and other technologies related to virtual assistants improve, these interfaces will do amazing things for us. They'll understand, interpret and make decisions based on past behavior. We'll blurt out "Alexa" or "Hey Siri" or "OK, Google Now" or "Yo, Cortana" followed by something cryptic and colloquial: "We need paper towels!" The assistant will know your preferences and will have access to your credit card, so it will go ahead and order the paper towels and have them shipped. It's not hard to see why this is important to Amazon.

Windows 10 Enterprise Features Revealed
Microsoft also announced Friday that Windows 10's device management options will be more expansive than Windows 8.1's. In the latter OS, Microsoft introduced mobile device management (MDM) capabilities that allowed enterprises to manage PCs, tablets, and smartphones with one technique. This addition was designed primarily for BYOD scenarios, but in Windows 10, Microsoft will add MDM options for corporate-owned devices. The additions will include support for managing multiple users who share a single device, full control over the Windows Store, VPN and device-wipe capabilities, and the configuration of Enterprise Data Protection policies.

How to Master Google Analytics
Google analytics is a free platform which integrates seamlessly with any website and has a tremendous amount of data that can easily be extracted once users are familiar with the interface. In addition, Google analytics is a platform that will grow with the company without any additional investment. There are other analytic platforms out there such as Clicky, which are low-cost and have a few different bells and whistles than Google analytics does, but in my opinion this analytics platform has all the things you’ll need to get started and grow your online business.

Mark Zuckerberg's Great Vision for the Next 10 Years of Facebook
Facebook will be investing in ways to better target and measure campaigns through data. It wants to help brands measure online to offline sales conversions. Currently advertisers only spend about 11 percent of their budgets on mobile, according to Facebook COO Sheryl Sandberg, because the right tools aren't yet in place. Finally, Facebook wants to build the next major computing platform, which Zuckerberg believes could be augmented reality and Oculus. He also wants to bring the internet to more people through Internet.org. "We're going to prepare for the future by investing aggressively," Zuckerberg said.

Using Open Source Solutions for Cloud-Ready Big Data Management
This growth and reliance around data will be offloaded to the only platform that can handle these types of demands: the data center. Any growing organization must look at data center hosting options as a viable solution to an ever-evolving business and IT environment. Whether this is a cloud solution or a manage services option, the modern data center is the spot that can support changed business needs and evolving IT solutions. Database administrators have been forced to find new and creative ways to manage and control this vast amount of information.

“Dark Web” Version of Facebook Shows a New Way to Secure the Web
The Tor software works by connecting to a network of computers around the world known as “nodes.” When you access a website via Tor, your data hops between three of those nodes in encrypted form before traveling to the operator’s server. Data sent back to you by that server gets the same treatment. Tor software for website operators allows them to create a .onion address – known as a “hidden service” – and obscure the true identity and location of their servers. By using that, Facebook is the only major Web company to join what is dubbed the “dark Web.”

Monetizing Big Data: A Q&A with Wells Fargo's Data Chief
The incentive piece is tough. It's my job to show how there's a mutual benefit. Take online bill pay: it tells you a lot about customer relationships. Customers use online bill pay to pay other banks for products they don't have with us. If a customer has a deposit account in online bill pay with us but not a mortgage, and they own a home, they're paying a mortgage with a different bank, so that's why you should care about online bill pay if you have the deposit account. If someone's paying a different credit card with their online bill pay, that's why you should care about their data.

Data-Driven Intuition
The definition of intuition is “a direct perception of truth or fact independent of any reasoning process,” i.e., what is often referred to as “going with your gut.” In his quest to find a successful individual who truly used their gut and nothing else to make decisions, Ma discovered he needed to redefine intuition as “a direct perception of truth or fact independent of any documentedreasoning process” because “no one successful truly makes decisions without some reasoning process. ... or they may not have the sufficient information to document that reasoning process, but it’s clear in all cases I explored that there was a method behind the madness.”

Getting the most out of impact mapping
Impact mapping is a strategic planning and visualisation technique with roots in user experience strategy and design. An impact map visually connects solution ideas (deliverables, such as user stories) to business goals through impacts on stakeholders and customer segments. By putting deliverables into perspective of user needs and behaviour changes, and putting user needs into the perspective of overall organisational objectives, an impact map visualises assumptions. This helps to create a big picture for software delivery and facilitates many good product management techniques, such as customer research and iterative planning, as well as helping stakeholders align and prioritise iterative delivery.

Quote for the day:

"Keep true, never be ashamed of doing right, decide on what you think is right and stick to it." -- George Eliot

November 07, 2014

IT Talent Shortage: Ugly Truths
"As one of the 'unemployable' IT workers with 3 decades of experience, I think you are missing something," one reader emailed me. "The one thing that was not discussed is how we are treating the people as disposable commodities in an industry where it can take decades to develop the knowledge, wisdom, and experience that is required." Disposable commodities. Take that in for a minute. For many people, I bet it hit home instantly. He's not the only person to voice that sentiment to me in the past few weeks as I researched this article, but he crystallized it.

Software Designs Products by Simulating Evolution
Dreamcatcher shows how even creative industries could be changed by automation. “Designers worry it will take their job away, and [they] doubt that it can create beauty,” acknowledges Autodesk’s senior director of design research, Mark Davis. Dreamcatcher’s simulated evolution process begins with the software offering a set of potential solutions to a problem posed by the user. The software then “breeds” a new generation of solutions by recombining the best of those designs, as chosen by the user, and adding some random variation. The software can repeat this process to produce thousands of designs

Five things we learned from robotics expert Mark Setrakian
While Setrakian may have started off with low, slightly lumpy robots on wheels, hacking and pummeling each other, Robot Combat League took the fight to humanoid form, scaling the difficulty of pretty much everything. Compared to the two or three motors found in the wheeled variety of drones, humanoid bots would take around 28 motors, with multiple degrees of freedom for movement -- he adds there was now a nuance of puppetry to how the humanoid bots moved and were controlled. These robots also had engineering ties to a project that followed after: the Female Figure.

The problem of managing schemas
But the worst problem by far is the fact that with CSV and JSON data, the data has a schema, but the schema isn’t stored with the data. For example, CSV files have columns, and those columns have meaning. They represent IDs, names, phone numbers, etc. Each of these columns also has a data type: they can represent integers, strings, or dates. There are also some constraints involved — you can dictate that some of those columns contain unique values or that others will never contain nulls. All this information exists in the head of the people managing the data, but it doesn’t exist in the data itself.

The Future of Enterprise IT: An interview with Geoffrey Moore
Systems of record are a must-have. They’re foundational, they’re critical, and they have to be protected. Systems of engagement are a nice-to-have in many industries, moving to must-have, where there’s opportunity to create a competitive advantage. You want to have an agile system of engagement that can interface to a stable system of record. The IT function has to bifurcate itself into two camps: A conservative camp that maintains and protects the systems of record; and A progressive camp that takes risks with systems of engagement. There will have to be some interface between the two, which is a new architectural interface that we haven't had to build in the past.

Home Depot attackers broke in using a vendor's stolen credentials
The stolen login credentials didn't provide direct access to its point-of-sale terminals, Home Depot said. But once inside, the hackers gained "elevated rights" that allowed them to navigate to other parts of its network and install their malware on self-checkout systems in the U.S. and Canada. The retailer didn't identify the third-party vendor that was compromised. A Home Depot spokesman said the attack is still under investigation and the company could not comment further.

InfoShot: EU Tech Lobbying Spend
According to the data, Microsoft is the biggest tech lobbying spender in Europe, splashing out €4.75million trying to influence lawmakers. That’s half the company’s US figure for roughly the same time period. China’s Huawei is also one of the biggest spenders in the tech industry, coughing up €3million, but its US spend last year barely scraped €500,000. Google, the biggest spender on US tech lobbying, only spent €1.25-1.5million in Europe, well short of the €11million the search giant spent in the US last year. This trend of spending less in Europe wasn’t just limited to Google and Microsoft.

The complexity of the IoT requires experience design solutions
What we’ll accept in the digital world isn’t the same as what we’ll accept in the physical world. “We have these expectations about things — like Skype calls can fail and web pages can be slow to load and sometimes emails go on a long route round to get to you and take a while,” Rowland says. “It is not great, but we’re used to that. However, we are used to physical things in the world around us responding immediately and reliably. That might not happen [with the IoT]. It is obviously not acceptable if you’re to turn a light on from your smartphone and have that take 30 seconds to respond. You are just going to think it’s not working. ”

Dogs In The Data Center: Flexibility Gone Wild
Reader "Technorati" wrote in to ask what I think about dogs coming to work at the IT department. I like dogs. Dogs are great. But this trend where your fellow IT workers feel like it's OK to bring them into work? Suuuuuure... Bring your dog to work. Outfit him with matching Birkenstocks and a hoodie. As long as he has expertise with Javascript, Python, help desk, or general sys admin. Or maybe some other things. I understand that your dog cannot write code, but maybe your dog can inspire you to write more or better code. But when is enough enough?

Collaboration: It’s not what you think it is
A continuum of interaction that I learned many years ago helped me to understand what collaboration is. It can help you to understand what you really want to do in the situations you deal with and therefore direct your attention, intention and behavior when you choose to collaborate. Three words that begin with “C” broadly describe the types of interactions and relationships you may have with others. On a continuum, they look like this:

Quote for the day:

"Playing it safe is the most popular way to fail" -- Elliott Smith

November 06, 2014

Nationwide launches smartwatch banking capabilities
Nationwide customers are now able to check their bank balance on smartwatches if they have already downloaded the building society’s mobile banking app. The firm partnered with IBM to develop a system to allow Android Wear users to perform banking tasks on their wearables. The smartwatch will connect to the mobile banking app to provide users with real-time updates of their balance. The new features were developed in the Front Office Innovation Centre, which was set up by IBM and Nationwide to find new ways to provide customers with the building society's services.

Apple unveils new enterprise support plan
As outlined on the site, AppleCare for Enterprise generally fits what industry analysts were told during summer briefings. Apple and IBM unveiled their alliance on July 15. Apple will assign a liaison -- an AppleCare account manager -- to companies that purchase support, and replace damaged or lost iPhones and iPads. Apple said it would exchange devices within one business day in most cases, and capped that part of AppleCare at 10% of a company's devices registered under the plan. IBM Global Technology Services, an arm of the Armonk, N.Y. company, will provide next-day onsite service, which is available for either two-year or three-year stretches.

Business transformation considered essential, but the enterprise struggles
Business transformation is about more than efficiency -- innovation is also a key theme. In order to stay ahead, executives said changes in client expectations, technological advances and rising competition must be considered. In order to do so, new business models must be developed, portfolios improved, and processes have to be streamlined. In total, 82 percent of executives cited the need for innovation as an important driver of the need for business transformation.

IDC To CIOs: 60 Percent Of You Will Be Supplanted By Chief Digital Officers By 2020
“By 2020, 60% of CIOs in global organizations will be supplanted by the Chief Digital Officer (CDO) for the delivery of IT-enabled products and digital services.” In its presentation, IDC added that “some CIOS will find an opportunity to expand their role leveraging their experience in setting strategy, innovation, and relationships.” But why only 40% will be able to expand their role and the others “will be challenged to fill the growing gap for the CDO role”?

Enterprise Architecture Practice - Capabilities
Though Enterprise Architecture is not a very new practice, the maturity level is still not the optimal in most enterprises. Seeing the benefits that the EA function can bring to the table, many enterprises are attempting to setup the EA practice within, but are in fact struggling to get it right. EA not just science and not just art as well. It is a combination of art and science. Successful EA practice has been found to being able to demonstrate certain key capabilities. In the EA world, there is no such thing as 'one size fits all', as it is highly dependent on the enterprises' business, its objectives, goals, strategies and priorities, which is never the same across enterprises.

2014's Hottest IT Certification
With more than half of 2014 behind us, it's that time of the year where we look at IT certifications standings in real world IT. The right certifications can help earn tech workers premium pay or land the job they've been aspiring to. That's why knowing what is "hot" with employers is important when considering your professional development. Every quarter Foote Partners compiles their data in the IT Skills Demand and Pay Trends Report, and they speak with over 2600 employers to bridge the disconnect between job titles, job content and compensation. Read on to find out where the heat is in regards to IT certifications, salaries and employer needs.

Predicting the Role of Healthcare CIOs in 2020
Steele describes that as a feat of "clinical reengineering," one that required baking best practices into Geisinger's EHR system so they could be accessed at the point of care. The program, known as ProvenCare, is served to up in a variety of high-frequency care episodes, including perinatal care, COPD, hysterectomies, and hip and knee replacements. Add to that Geisinger's ProvenHealth Navigator, an advanced version of the patient centered medical home, and its participation in OpenNotes, which opens clinical progress notes to patients,

CIO interview: Glenn Murphy, London & Capital
CIO Glenn Murphy says that, as the global economy picks up, London & Capital’s IT department has had to shift focus. “We are moving away from the national economic uncertainty of the last five years, where cost-appropriate solutions were foremost on everyone’s mind,” he says. “There is more confidence in moving towards systems that add business value and deliver real-time value to our clients and front-office staff.” He says the IT department is underpinning the growth in business, creating systems to improve client reporting and management.

Facebook releases C++ libraries to ease Internet communications
The library, called Proxygen, could also help Internet-facing organizations prepare for the next-generation Internet data communications protocol, HTTP/2. "Even if they are not using C++, anybody who is following modern protocol development like HTTP/2, we are hoping they could look at Proxygen as a reference design," Matheny said. C++ programs most often use external Web server modules, such as CGI (Common Gateway Interface), to supply a connection to the network, which can be cumbersome and slow to set up and run.

Java 8 for Financial Services
Streams are a new way to work with data, as the name would suggest, as streams. Again like lambdas there is nothing you can do with Streams that you can’t do without them. It does however make your code a lot simpler and, as long as you understand it, easer to read and maintain. Lastly using these new constructs gives a lot more information to the compiler and JVM so further improvements can be made at runtime giving you better performance. There are a few gotchas like exception handling, debugging and infinite streams but we’ll cover those as we go along.

Quote for the day:

"The secret of managing is to keep the five guys who hate you away from the four guys who haven't made up their minds." -- Casey Stengel

November 05, 2014

Remote working puts business data at risk, study shows
Banks said that – even though eight in ten of the employees interviewed read or write work emails on the move, and around seven in ten work on electronic documents outside their office – businesses fail to provide tools for secure remote working, or put the right security policies in place. Fewer than six in ten respondents said their organisation had a remote working policy. Of those that did have a policy, over a quarter admitted they had broken the policy to work remotely, either knowingly or unwittingly.

Using PouchDB for Offline/Data Sync
PouchDB offers not only client data replication to remote servers, but also provides a robust key/value data store for the browser as well. And not only the browser, but any JavaScript environment with disk access, including Node.js. The PouchDB web site has an introductory tutorial that steps you through the process of building a simple single page app (SPA). The app is modeled after the vanilla JavaScript implementation of the excellent TodoMVC benchmark for JavaScript frameworks. If you’re looking for a great comparison of SPA frameworks by the way, I’d highly recommend checking out TodoMVC.

Driving Innovation with IaaS
New technologies and service models can change how businesses operate, and become key drivers in innovation and cutting back operational expenditure. Infrastructure-as-a-Service (IaaS) is one such model where servers and other resources are provisioned as required over the cloud. This model provides self-service, on-demand access to IT resources, which means users can create and access tools they need within minutes, instead of days, weeks or months.

BlackEnergy cyberespionage group targets Linux and Cisco
Variants of the BlackEnergy plug-ins developed by the cyberespionage group were discovered for both Windows and Linux systems. They enhance the malware program with capabilities like port scanning, password stealing, system information gathering, digital certificate theft, remote desktop connectivity and even hard disk wiping. Different selections of plug-ins are deployed from command-and-control servers for every victim, depending on the group's goals and the victim's systems, the Kaspersky researchers said.

A CIO fights to keep his tech options open
"The impact on customer choice and negotiating positions" is very strong, he added. The concern about a narrowing of choices isn't limited to platforms. The industry consolidations resulting from mergers and acquisitions could lead to the discontinuation of development work on certain systems. "That may force us to switch tools and vendors," Spears said. The impact of consolidation can be particularly acute in certain markets. The banking sector, in particular, may be the canary in the coal mine that offers an early sign of the risks of IT consolidation.

AT&T, Others Launch OpenDaylight SDN Alternative
OpenDaylight has seen some recent momentum with two code releases, and heightened support from its own member companies. Brocade will ship this month an OpenDaylight-based SDN controller. And initial skeptics HP and Dell have raised their investment and participation in the effort. Like OpenDaylight, ONOS delivers an SDN control plane featuring northbound and southbound APIs, and a range of management, control, and service applications. Initially targeted to service providers, the community’s goal is to extend the platform for cloud service providers, enterprises and mainstream deployments.

The Only Way to Save Your CRM from Failure
Data also decays naturally, compounding the effect of human error. Estimates put the rate of data decay at around 2 percent per month. It is a completely natural process, and it is unavoidable. As your contacts change jobs, get married, change email addresses or get promoted, your CRM will start to lose track. Looking closely at CRM failure rates, we have a range of statistics to work from. C5 Insight estimates that the failure rate of CRM software is around 16 percent. It says that this figure is “optimistic”, and puts its own estimates at 38 percent.

Despite skeptics, security awareness training for employees is booming
"Effective education is a non-trivial thing, and it takes a very solid understanding of the audience and how you're going to measure the effectiveness of that education," said Walls. "Within the industry, the history of security education has ignored all that. It doesn't worry about impact; it doesn't worry about [asking] 'Is this effective?' "As a result, the word on the street is that security training isn't worth the time and money," Walls continued. "It's the classic syndrome of blaming the tools … the fault lies with you, not the audience."

Why coding's cool for school
There are some initiatives leading the way here. Google's Made with Code, for example, provides great inspiration for young women by showcasing the diverse career routes taken by those with an interest in tech. And Capability Jane is another notable organisation, aiming to improve diversity across sectors by encouraging businesses to hire working mothers on a more flexible basis. Such initiatives are crucial in encouraging the next generation of young women to study STEM subjects with a view to a career in tech.

A Look at ETW – Part 3
Although a strength of ETW is its strongly-typed events, after seeing several examples which use more “generic” events yet still benefit from ETW and its tooling, I’m going to try that and go with a few general-purpose events. Several of the logging frameworks use the concept of “category” (or a dictionary of categories), so I’ve decided that might be useful here too. Since I want to trace both methods and code blocks I use “Action” and “actionName” to designate either. I also want to make timing optional: ETW events have a high-resolution timestamp and some tools will pair up start/stop events, so doing my own timing isn’t always necessary.

Quote for the day:

"Doing the same thing over and over, yet expecting different results, is the definition of crazy." -- Unknown

November 04, 2014

How Smart, Connected Products Are Transforming Competition
Some have suggested that the internet of things “changes everything,” but that is a dangerous oversimplification. The rules of competition and competitive advantage still apply. ... The increasing capabilities of smart, connected products not only reshape competition within industries but expand industry boundaries. This occurs as the basis of competition shifts from discrete products, to product systems consisting of closely related products, to systems of systems that link an array of product systems together. A tractor company, for example, may find itself competing in a broader farm automation industry.

Gartner Hype Cycle: Exploring the leading-edge technologies for a digital business
"Skinput provides a new input technique based on bioacoustic sensing technology that allows the skin to be used as a finger input surface." Tapping your skin in various places creates distinct acoustic signals, which sensing devices can pick up. The software can process differences based on bone density, size, and effects produced by soft tissues and joints. "Interactive capabilities can be linked to different locations on the body." Skinput is a 21st century approach to the classic computing notion of input.

An open source ERP system built to self-implement
Another key aspect of the industry is that users would need an IT consulting company to implement and customize an ERP. We want to change that. ERPs should be simple enough to be self-implemented. This is why users are selecting ERPNext over other alternatives, because we are completely focused on the do-it-yourself user. There are a couple of good open source ERPs out there, but they are still hard to configure and need a partner to help you get started.

Information Security - Cost Analysis
In the best interests of the investors, any spending or investment should be backed up with an appropriate cost-benefit analysis. Applying this cost-benefit-justifications to Information Security function is gaining focus but remains a challenge. Quantification forms the basis for being able to perform the cost-benefit analysis. The advantages of quanti fication are its accuracy, objectivity, and comparability. In addition, quanti cation is the basis for calculations and statistical analyses. While costing is a comparatively easier aspect, quantifying the benefits is still a challenge as it depends on the occurrence of uncertain events.

Collection Pipeline
Collection pipelines are a programming pattern where you organize some computation as a sequence of operations which compose by taking a collection as output of one operation and feeding it into the next. (Common operations are filter, map, and reduce.) This pattern is common in functional programming, and also in object-oriented languages which have lambdas. This article describes the pattern with several examples of how to form pipelines, both to introduce the pattern to those unfamiliar with it, and to help people understand the core concepts so they can more easily take ideas from one language to another.

A Brain-Inspired Chip Takes to the Sky
The first time the drone was flown into each room, the unique pattern of incoming sensor data from the walls, furniture, and other objects caused a pattern of electrical activity in the neurons that the chip had never experienced before. That triggered it to report that it was in a new space, and also caused the ways its neurons connected to one another to change, in a crude mimic of learning in a real brain. Those changes meant that next time the craft entered the same room, it recognized it and signaled as such.

The next wave of IT fadeouts
IT and its hosting enterprises have passed through monumental changes over the past decade. Through it all, CIOs have maintained a strategic eye on 'next thing' technologies. However, with relatively flat IT budgets, they have also looked for IT investments that are on the decline. Some of these technology 'fadeouts' are internal approaches to IT and general business operations and management that just don't seem to work well any more. Others involve a particular technology solution that has seen its day. ... What are the likely technology fadeouts?

Why LinkedIn’s data science reorg actually makes a lot of sense
And no, the shakeup hasn’t brought product innovation to a halt. Employees still get one “InDay” per month to do things they don’t ordinarily do. Look, for instance, at a project Lutz did a few months ago, right after the reorg happened. Finger, who generally does work for internal consumption, used LinkedIn’s vast supply of information on users to predict the career trajectory of a reporter at Mashable. “It was just an idea,” Finger said. His colleagues thought it was awesome, he said, and supported it.

Forecast 2015: IT spending on an upswing
When it comes to new technology, business leaders don’t know what they don’t know, he says. Therefore, it’s part of his innovation strategy to make all parts of the organization aware of new technologies that can improve business processes and bring in new customers. And why not? With the economy slowly improving, IT leaders are more optimistic that corporate purse strings will loosen up in 2015, and they’re eager to bring new technologies into the fold in addition to just keeping the lights on.

Updated Principles of Service Orientation
A SO ecosystem is “a space in which people, processes and machines act together to deliver those capabilities as services”. In a SO ecosystem, “there may not be any single person or organization that is really ‘in control’ or ‘in charge’ of the whole” ecosystem. Services in the SO ecosystem are the means by which “the needs of a consumer are brought together with the capabilities of a provider”. Services are the realization of business functionality accessible through defined service interfaces.

Quote for the day:

"Our expectation in ourselves must be higher than our expectation in others." -- Victor Manuel Rivera