Daily Tech Digest by Kannan Subbiah

August 07, 2015

Everything you missed from the 2015 MIT Sloan CIO Symposium
CIOs are at an inflection point. Traditional methodologies and technologies that worked in the past may not work in today's high-speed, information age. CIOs need to adapt to both digital and platform business models and take the reins of their companies' digital transformation in order to succeed. But that's not all CIOs have to do to make it in today's digital business; they also must utilize new technologies like automated systems and the sensors and devices that make up the Internet of Things (IoT), they must collaborate with their C-suite colleagues and get further acquainted with the business side of operations. This CIO Essential Guide rounds up all of SearchCIO's coverage of the MIT Sloan CIO Symposium 2015.

How Microsoft Plans To Get iOS Apps Running On Windows 10
Objective-C does not necessarily understand Windows APIs. Apple is not going to go out of its way to make sure that it does either. That means that Windows APIs need to be able to understand Objective-C. Microsoft plans on performing this feat by “projecting” or binding Windows APIs into a new programming language. In previous versions of Windows, this was done for C++, JavaScript or .NET. Microsoft is taking the same approach and now tying it to Objective-C and other programming languages. The end result is that Objective-C should be able to read and execute Windows APIs.

Guardians of Governance – ICSA Roundtable
‘It’s important the company secretary is available for the non-executives to call between meetings to “take the temperature” of what’s happening in the company when they don’t want to trouble the chairman,’ observed Lawrence. ‘We have a board comprised of people from different countries and cultures, and non-UK directors can sometimes find it difficult to gauge the reactions of the board to specific issues as a result.’ Alison said that the makeup of a board with NEDs based in different countries, where the remuneration and audit committee chairman are based in the UK, require a regular communication flow to ensure all NEDs feel connected and able to fully contribute during board meetings.

FireLayers provides granular real-time mitigation for cloud- and web-based applications
FireLayers brings a full stack of security to cloud and web applications, as shown in the graphic. The baseline of security (shown in tan in the graphic) is application agnostic. FireLayers has the ability to analyze the conditions of the network, device, operating system and client to provide clarity of context of an attempt to login to and continue using any application. For example, FireLayers can analyze the IP address of the session, to see if it has a bad reputation, or if it suddenly changes during a session, which might indicate the session has been hijacked. Under the latter condition, the session could be dropped entirely, or the user could be prompted to re-enter his credentials.

10 Ways In Which Wearables Will Change Education
Angela McIntyre, research director at Gartner said: “Consumers will be able to integrate the data from most wearables into a single account where their data can be analysed using cognisant computing to provide useful insights to wearers. Funding initiatives from Qualcomm, Apple (HealthKit), Google (Google Fit), Samsung (S.A.M.I.), Microsoft, Nike and Intel, among others, will build on early innovation in wearable fitness and health monitoring and create the infrastructure for merging data relevant to health and fitness.” In addition to being able to track heart rates and count the number of steps of a user, wearables will revolutionise different aspects of everyday life, from sports to health, education to security.

Defining Your Data Quality Problems
The important thing to remember is that a Type I data validation or verification problem can be logically defined, and that means we can write software to find it and display it. Automated fixes are fast, inexpensive and can be completed with only occasional manual review. Think of Type I data quality problems as form field validation. Once valid, the problem disappears. We could estimate that Type I data presents 80 per cent of our data quality problems, yet consumes 20 per cent of our budget. Type II data needs the input of multiple parties so that it can be discovered, flagged up and eradicated. While every person in our CRM may have a date of purchase, that purchase date may be incorrect or not tally with an invoice or shipping manifest.

The Rise of Emotionally Intelligent Machines That Know How You Feel
Affective computing’s renaissance is no doubt being facilitated by the emergence of big data and its role in driving deeper machine learning, as we’ve seen in examples like Google’s Deep Dream software for artificial neural networks. Affective computing researchers are using the enormous, crowdsourced data sets of vocal, gestural, facial and physiological responses now available to them to push the technology further toward more natural interactions between humans and machines. Imagine if our computers could express empathy — it would change our relationships with machines. This push toward emotionally intelligent machines is also being helped along by improved sensors that are now becoming commonplace on handheld devices, and maturing distributed platforms

Want to Succeed With BI? Try Personal Accountability
Sometimes follow-through seems more like a quaint behavior that our parents and grandparents were concerned with rather than a basic responsibility. This behavioral shift has accelerated during the past few decades. It seems as though lack of discipline, failure to follow-through and reluctance to be held accountable for our actions now define the admired if not desired state. How did we manage to arrive at such dire straits? The American ideals of self-reliance, can-do attitude, initiative, innovation, and perseverance in the face of adversity have had their pristine images pitted and eroded over the past century. Learned helplessness is a self-fulfilling prophecy where an individual has certain expectations – positive or negative, true or false – about a person or a situation.

How to secure Windows 10: The paranoid's guide
You'll also want to look at each individual setting page to make sure that Microsoft and Windows have just as much access as you feel comfortable with. So, of course you want Windows' Calendar app to access your calendar data (obv) -- but share it with advertisers via App connector? I don't think so! Be sure to go through each setting even if you don't think they'll matter. By default, each and every privacy setting is set to give Microsoft and friends the maximum possible access. This is not a good thing. Moving on: Head to the Location settings and turn them off. While your PC probably doesn't have a GPS like your smartphone, you'd be amazed at how accurately your location can be pinned down using Wi-Fi access points and IP address.

SQL-on-Hadoop tools help users navigate enterprise Hadoop course
"Drill is not fully matured, but we think it will be," Fabacher said. The tool just became available in a 1.0.0 version in May, followed by a 1.1.0 release earlier this month that incorporated the window functions and auto partitioning sought by Cardlytics along with other new features. While the large ranks of SQL-skilled workers should give some comfort to organizations embarking on Hadoop journeys, the growing ranks of SQL-on-Hadoop options could be unsettling. Since the first days of Apache Hive, the field has become increasingly crowded. In a presentation at the 2015 Pacific Northwest BI Summit in Grants Pass, Ore., this month, Gartner analyst Merv Adrian listed 14 different tools -- and that's not a full count of what's available.

Quote for the day:

“Be a King. Dare to be Different, dare to manifest your greatness.” -- Jaachynma N.E. Agu

August 06, 2015

Teaching Machines to Understand Us

A neural network can “learn” words by spooling through text and calculating how each word it encounters could have been predicted from the words before or after it. By doing this, the software learns to represent every word as a vector that indicates its relationship to other words—a process that uncannily captures concepts in language. The difference between the vectors for “king” and “queen” is the same as for “husband” and “wife,” for example. The vectors for “paper” and “cardboard” are close together, and those for “large” and “big” are even closer. The same approach works for whole sentences (Hinton says it generates “thought vectors”), and Google is looking at using it to bolster its automatic translation service.

IBM Launches New Enterprise Open Source and IoT Dev Communities

The new developerWorks Recipes space is aimed at devs working on IoT applications for IBM's Bluemix Platform-as-a-Service (PaaS), an implementation of the company's Cloud-Foundry-based Open Cloud Architecture. The space will provide "recipes," which the company defines as "developer-focused, user-contributed, step-by-step tutorials" for linking machines to Bluemix. The community space will allow members to add their own ingredients to those recipes, to edit existing recipes, and to publish their own -- all of which are shared on the site. ... "With developerWorks Open, we are open sourcing additional IBM innovations that we feel have the potential to grow the community and ecosystem and eventually become established technologies."

Next-generation security for a mobile culture: 10 risks, seven pointers

Trends like consumerization and BYOD have "encouraged" our corporate establishment (in most cases) to embrace mobility and take steps to ensure continued security. Today's enterprise are challenged by creating and maintaining mobile strategies that are aligned to business objectives and processes and are integrated within overall infrastructure and cybersecurity architectures that support mobile workers within the "workplace," which can be during work hours within physical places; behind enterprise firewalls; or, more simply described, anytime, anywhere using any device and/or network that is available. EMM helps to bring order to this seemingly unmanageable chaos.

Obama pushes tech startup community for more diversity

Obama noted that startups and young companies collectively account for nearly 40 percent of new hires, but cited studies finding that less than 3 percent of venture-backed firms employ a woman as a CEO, and not even 1 percent were founded by an African American. "Yet we've seen again and again that companies with diverse leadership often outperform those that don't," Obama said. ... Top venture-capital firms are getting in on the act, as well. More than 40 VC firms, including the likes of Kleiner Perkins and Andreesen Horowitz, are committing to promote diversity in the startups they invest in, and have agreed to participate in an industry survey evaluating diversity both at the VC shops and their portfolio companies, with the results to be made public.

Capitalizing on Digital Disruptions

First, organizations need to provide employees with the right tools. Often, employees have to deal with using slower and older devices at work or not having access to the applications and tools that they want. Instead of employers prohibiting social tools in the workplace, organizations should provide employees with the tools they want to use to collaborate with colleagues. An organization that has done a good job with this is IBM. They have implemented a number of technology-based platforms like a “social dashboard” that tracks employee participation in a variety of work-related social interaction activities. This platform tracks an employee’s collaboration with others, reaction to other people’s posts, sharing of thought leadership or ideas, and the strength of their internal network.

Artificial intelligence fears overblown, says AI expert Sir Nigel Shadbolt

Shadbolt disagrees. “I don't think we will see large-scale mass destruction of jobs in the way people imagine.” Although it will cause a lot of upheaval, Shadbolt believes AI will help to create as well as remove jobs. It has already led to new, previously unimagined job titles like 'database custodian', he said. “There are a whole bunch of knowledge-intensive jobs nowadays that exist that wouldn’t have existed, editing online books or online content, for example. “Look at the overall balance. Some professions where relatively routine knowledge is involved will come under more automation. But as soon as it gets complex, as soon as you need to know the limits of your understanding, that's what people are able to do that machines can't,” he said.

Man-In-The-Cloud Owns Your DropBox, Google Drive -- Sans Malware

The deed is done via a tool Imperva has developed called Switcher. The attacker social-engineers the victim into running this simple code that will install a new synchronization token -- one for a cloud account owned by the attacker. The victim's machine will instead sync with the attacker's account, so that a copy of the synchronization token for the victim's legitimate account will be stored in the attacker's account. From then on, the two are synched. The process takes only seconds. Then all the attacker needs to do to hide their tracks is switch it all back. They delete their own synchronization token from the registry, put the user's token back where it belongs, and only a careful look at log files would show any anomalies.

5 decisions a CTO needs to make on day one

In our ever-connected world, the role of chief technology officer (CTO) continues to rise in prominence as one of the key decision makers within a company. From traditional IT to web development and everything in between — the CTO's role is expanding by the day. As new technologies and innovations begin to disrupt the workflow of more and more industries and departments, the CTO must stay ahead of the curve in understanding these changes. Successful leaders always have a plan, and the CTO is no different. Whether you've recently changed companies, or been promoted to the role, it's important to self-reflect early and determine how you'll help move the company forward.

Take Control of Hadoop with a Data-Centric Approach to Security

With data-centric security, sensitive field-level data elements are replaced with usable, but de-identified, equivalents that retain their format, behavior and meaning. This means you modify only the sensitive data elements so they are no longer real values, and thus are no longer sensitive, but they still look like legitimate data. The format-preserving approach can be used with both structured and semi-structured data. This is also called “end-to-end data protection” and provides an enterprise-wide solution for data protection that extends into Hadoop and beyond that environment. This protected form of the data can then be used in subsequent applications, analytic engines, data transfers and data stores.

Absolutely Fabulous Big Data Roles

I know that many people will question the need to create new roles in statistical analysis, qualitative analysis, and data architecture and management. Therefore, I must admit that I also shy away from the invention of new terms, especially when they may seem to be superfluous and misleading. However, I feel that the spirit of the times is calling out for a revolution in how we view and appreciate the world of data professionals and the place of Big Data in the rich tapestry of life. Some of the new roles detailed here may not be immediately familiar or intuitive, and some of the responsibilities may seem to be somewhat onerous or even trivial. Nevertheless, this is not accidental. As what has lead me here is the desire to formulate a coherent and cohesive response to the IT industries sea change with respect to disruptive and game-changing innovations such as Cloud data centres, the Internet of Things and Big Data.

Quote for the day:

“Keep your eyes on the stars and your feet on the ground.” -- Franklin D. Roosevelt

August 04, 2015

Windows 10 violates your privacy by default, here's how you can protect yourself

One of the biggest worries, though, is Microsoft's policy on disclosing or sharing your personal information. The following is an excerpt from the privacy policy: "We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services." The problem is that many users want personalized services, but it's difficult to draw the line at what data should be collected.

Preparing for the IoT: Creating a Foundation for Utilities

Innovators and strategists - the Directors of Transformation, the Future Networks teams and the like should be creating visions and making plans around new interactions; new data; new business models; new kinds of people they might need in their 21st century business. Studies like McKinsey’s new Internet of Things (IoT) report should be required reading for them. But it can’t all be about visions. At the same time, utilities need to keep the lights on today. They can’t ignore the pressing needs of the business-as-usual. Customer expectations are increasing everywhere. Assets are ageing everywhere. Generation and load profiles have become far less predictable. Clever engineers are retiring. These issues (and others) can’t wait for the magic wand of the IoT to make them all go away.

Is Password Sync better than AD FS for Office 365 identity management?

With AD FS, you can granularly control who's allowed to authenticate using Client Access Policies; this isn't possible with Password Sync. The Password Sync feature can also lead to confusing situations in which the password stored in Windows Azure is different from the on-premises password, despite its synchronization, such as when an administrator resets an end user's password in Office 365. At that point, the user's password in Windows Azure will change and DirSync won't trigger a new password synchronization until the end user changes his on-premises password.

New Dashboard Makes It Safer to Let Your Car Do the Driving

A new interface for cars, developed by the French automotive hardware supplier called Valeo, tries to answer this question with a new dashboard interface that spans a vehicle’s steering wheel and its instrument display and shows information from a user’s smartphone. The company says that recent user testing showed it could be a safer way of transitioning from automated driving back to human control. Driver distraction is already a huge problem on the road, and smartphone use is implicated in more than 25 percent of all traffic accidents. This is why many carmakers are already allowing smartphone makers access to the entertainment consoles in cars (see “Rebooting the Automobile”).

Post Microsoft, Nokia’s Transformation Looks Very Smart

For Nokia as a company, selling off its biggest, most prestigious and historical division that garnered most of its employees and revenues was the best decision it ever made. Today, Nokia took again took out its scalpel and sold the HERE maps division to an a German automotive consortium ... The final step in Nokia’s transformation from bloated, struggling phone manufacturer to nimble and trusted innovation and networking company is almost complete. ... But here is Nokia, the company that many had written off for dead after it sold its devices division to Microsoft in mid-2014, reemerging to position itself as a growth engine in the next era of computing. So, what is Nokia now? It is an infrastructure, services and device company aimed at building the technology that the world will need to enter the next wave of computing.

Organizations should focus data sharing post-incident, not attribution

When it comes to the information that should be collected and given to law enforcement, McAndrew noted that priority assets will vary per investigation, but in general law enforcement is interested in data that can be used to identify perpetrators, as well as data that relates to the timing and manner of breach, data exfiltration, and any disruptive or destructive activity. "Any existing system logs, SIEM data, IDS, DLP, endpoint data, network and data flow maps might provide insights into these issues and be most helpful to investigations," he said. But some organizations will be hesitant to share complete details. Even so, data related to internal investigative reports or forensic examinations conducted by non-law enforcement personnel should be shared anyway, even partial information.

Apple and Google Know What You Want Before You Do

At its developers’ conference in May, Google demonstrated how Google Now can alert a traveler to airport gas stations when the traveler is returning a vehicle and may need to fill the tank. Google can deduce the return time from emails showing the traveler’s itinerary and real-time departure data provided by airlines. For other uses, Google Now, introduced in 2012, taps Web search and browsing history, Google services such as Gmail, calendar and YouTube, and data from the phone such as location, time and app use. The company says it wants as much information as possible to produce the most useful recommendations. “Imagine an assistant who works for you for [only] one hour a day,” says Aparna Chennapragada, director of product and engineering for Google Now.

Who and what to ask before hatching your plan to lead

You can find a plethora of people who are knowledgeable about an organization and its issues, problems, opportunities, and more. You’ll find them at the higher echelons as well as from the board of directors to the CEO, executive staff, and senior management. Some are in the middle of the hierarchy, responsible to the higher echelons. Others are first-line supervisors or individual contributors in operational or support rolls. Those close to developing or delivering the value proposition to key constituents have a closer operational view than those at the higher ranks. These insiders all have a point of view. Just ask them—from the receptionist to the board chairman, from the team captain to the water boy, from the janitor to the mayor.

Project Jigsaw is Really Coming in Java 9

Since modularization is the goal, Project Jigsaw will introduce the concept of modules, which are: named, self-describing program components consisting of code and data. A module must be able to contain Java classes and interfaces, as organized into packages, and also native code, in the form of dynamically-loadable libraries. A module’s data must be able to contain static resource files and user-editable configuration files. To give modules some context, think of well-known libraries such as Google Guava or the ones in Apache Commons as modules. Depending on how granular their authors want to split them, each of those might themselves be divided into several modules.

Newest RIG exploit kit driven by malicious ads

"Criminals will seek out the cheapest ad providers where they can place their malicious ads and turn that cheap traffic into infections using exploit kits. For the criminal- these infections are their profit so it makes sense, financially, to go to the lowest ad providers down the chain," he said. One of the victimized ad networks is buy-targeted-traffic.com, which enables customers to selectively target who their ads will be shown to, including browser type, geography, operating system type, and more. Since RIG only targets Internet Explorer users, this feature was perfect for the malvertising run, since it enabled victim screening. For as little as 0.20 cents, a RIG customer can purchase 1,000 ad impressions on low-end websites, delivering steady traffic that runs under the radar.

Quote for the day:

“Hardships often prepare ordinary people for an extraordinary destiny.” -- C.S. Lewis

August 03, 2015

Data Story Telling with Words: A Novel Concept

The challenges of interpreting visualizations coming out of business intelligence platforms pale in comparison to the challenges of creating the visualizations themselves. Embedding data into the wrong visualization format or cramming unnecessary data into a dashboard can lead to misleading interpretations of the information and, subsequently, poor decisions. Due to the complexities involved in creating these dynamic displays of data, a significant investment is required to hire experts to construct and explain these graphs to business users. Not only are business users frustrated that they can’t easily access understandable information, IT is frustrated that they’ve spent a substantial amount of time building something that isn’t quite fitting the bill.

Keeping Development ‘On Track’ with Use-Case Slices at Dutch Railways

Use-cases slices help us bridging the gap between the NS business and development teams by providing scenarios that the development team can use to develop iteratively and the business can still understand. As our NS Product Owner stated: “Now that we use Use Case 2.0, I can actually choose which stories to implement within a sprint to give the business what they need at that moment”. We now use this method as the standard way of working for requirements engineering on all new projects within NS when working with agile development of custom software. At NS, before the introduction of Use-Case 2.0, our analysts and development teams worked with user stories that had no direct relationship with the use case.

Load Shedding: Five Reasons it Matters for Your Applications

A traffic management platform that supports load shedding can take in data from your systems, like system load metrics or connection counts from your load balancers, and ensure none of your systems are pushed beyond their limits. With load shedding, when a load balancer in one of your data centers fails, the bulk of its traffic can be shifted over to the next closest data center, up to a load watermark or threshold for that secondary facility. After that, the rest of the traffic can be shifted to a tertiary data center to avoid overloading the secondary one. Load shedding can cascade your traffic across a number of facilities and avoid overloading any of them.

Data messes

Inconsistency can take multiple forms, including: Variant names; Variant spellings; and Variant data structures (not to mention datatypes, formats, etc.). Addressing the first two is the province of master data management (MDM), and also of the same data cleaning technologies that might help with outright errors. Addressing the third is the province of other data integration technology, which also may be what’s needed to break down the barriers between data silos. So far I’ve been assuming that data is neatly arranged in fields in some kind of database. But suppose it’s in documents or videos or something? Well, then there’s a needed step of data enhancement; even when that’s done, further data integration issues are likely to be present.

How the hybrid cloud has already doomed your data center

Here's the thing. At the end of the day, all their customers want is for the IT burden to be removed, or for specific technology problems to be solved or solutions provided. Where that infrastructure has to live, for the most part, doesn't matter to them. If you're buying managed services, whether it is in the form of SaaS or managed IT, or some mixture thereof, all you want is your bills to come down. And who else can make data center resources cheaper or more reliable from a SLA perspective than a hyperscale-class cloud provider? Can an enterprise build and manage their infrastructure cheaper than a public cloud provider? As a CxO, that's a question you need to continue to ask yourself. For the partner, moving these resources from on-prem to the cloud makes a lot of sense.

EIP Designer: Bridging the Gap Between EA and Development

Technically speaking, EIP Designer is just a bunch of Eclipse plugins that let you bring some of these features into your favourite workbench(s). The core designer module is done with Sirius and the use of underlying Eclipse EMF technology made it simple to write customizations using proven tools like Plugin Development Tools or Acceleo. ... Another use case is porting a set of integration and mediation routes to another solution. Or, perhaps the complete documentation or models for each implemented route is missing. A solution could be to solve the problem with the EIP Designer and its toolchain. It provides model comparison from sources, and it also has parsers to transform source assets into an EIP model and from that model it is easy to generate bootstrap skeletons according to a migration plan.

Why the time is ripe for security behaviour analytics

New behaviour analytics tools such as Balabit’s Blindspotter are able to perform analysis in real time or near real time, enabling organisations to respond quickly, but also apply analytics retrospectively. Detecting the threat posed by the increased abuse of legitmate credentials as well as insiders collaborating willingly or unwillingly with attackers is the most obvious application of behaviour analytics, which enables organisations to look at activities across multiple business silos, but this is only the beginning, according to Maier. Through its acquisition of Capida, Splunk aims to integrate machine learning into its products to enable organisations to tap into non-security data to help build ever more accurate user profiles to reduce false positives to an absolute minimum.

What's the best way to protect my network from APT attacks?

Clearly DNS is an ideal target for APT attacks, and unsecured DNS poses a huge liability for organizations. However, this problem is remediable. If you can secure your DNS servers, you can detect and prevent APT attacks. Securing DNS involves a few key practices including staying up to date with the current threat landscape; using Dynamic Host Configuration Protocolfingerprinting to gather intelligence on infected endpoints, so you can easily clean them up; and employing actionable reporting and logging that help you to prioritize security and remediation efforts.

IT is best from the outside in

What’s not as productive is to love technology for technology’s sake. You have to find a way technology can enable the business to be more efficient, effective and able to access new markets. The value of IT is its ability to streamline the processes of how work gets done, and how people and departments work together. Being in IT, we’re in a unique position to say to a peer, “I think I can help you look at things in a new way, or bring a new process or approach to make you and the company more successful.” I advocate genuine involvement with other facets of the business. I encourage my people to do tours of duty outside of IT as well as moving them around to different IT functions, to find the places where they catch fire and grow best.

Next BYOD disruption will be printing and document management: IDC study

The mobile opportunity for document solutions continues to grow as organisations adopt devices at a fevered pace, IDC said in a statement, citing its study of six countries across three major regions. Large and medium companies are leading the charge, accounting for 54% of smartphone and/ or tablet users. Additionally, six vertical markets stand out as having a statistically higher percentage of smartphone and tablet users: Information technology, wholesale trade, banking, life sciences, resource industries, and securities. “The business value for smartphone/ tablet printing is enormously clear, and yet support for this is shockingly lacking in 2015,” said Angèle Boyd, group vice president and general manager of IDC Document Solutions.

Quote for the day:

“If we will be quiet and ready enough, we shall find compensation in every disappointment.” -- Henry David Thoreau

August 02, 2015

New Guide From ISACA Helps Organizations Improve SAP Security Controls

“ERP systems automate and integrate much of a company’s business processes to create consistency. ISACA released this important update to bring together information related to SAP ERP-specific risks, controls and testing procedures,” said Ben Fitts of Deloitte Advisory, who worked with ISACA on the fourth edition of the book. “This will be a go-to reference for auditors, not just as a one-time read, but as a book they can dog-ear with sticky notes and return to year after year.” ERP software integrates all facets of an operation, including product planning, development, manufacturing, sales and marketing.

Facebook's Aquila Aircraft, Which Can Beam Data At 10Gb/s Is Complete

Facebook undertook this project as part of its Internet.org efforts. If you’re unfamiliar with Internet.org, it is an initiative led by Facebook, with the goal of bringing together leaders in technology, nonprofits, and local communities to help connect the two thirds of the world that doesn’t have internet access. Zuckerberg explains in his post announcing the completion of Aquila, “This effort is important because 10% of the world’s population lives in areas without existing internet infrastructure. To affordably connect everyone, we need to build completely new technologies.”

Big Data Makes a Better Blockbuster

This is also the moment where Big Data entrepreneurs will be able to turn a vision into reality and change the world, by bringing the benefits of Big Data to the masses. Big Data, analytics, and tools are changing the world, but just because they can read scripts and correlate data sets doesn't mean that human intelligence no longer has a role. In fact, I would argue that these algorithms will free human data scientists from the activities they (objectively) aren't so good at, giving them better information with which to make the creative decisions the computers can't. The examples above show that Big Data isn't only becoming available to smaller businesses, but that it's affecting industries that were considered very difficult to disrupt.

Financial Institutions need to jump on the big data bandwagon

With cashless transactions becoming the norm, fraud is another big issue. Banks needs to continuously monitor client behaviour for anything anomalous. This is done by monitoring the time, geolocation, transaction amount, transaction frequency, items purchased and then mapping the behaviour against a template of what ‘normal’ looks like for that customer. Bear in mind that ‘normal’ for December may be very different from ‘normal’ in July. Spatiotemporal problems like this are non-trivial, and solving them requires highly efficient processing at scale. With data streaming in thick and fast and potentially large financial transactions at stake we ideally want to detect anomalies accurately and within a small time window. Accuracy here means not stopping valid transactions

Machine learning, IoT and big data: Retailers need to embrace latest tech or fall behind

It is here that retailers need to consider technologies that can harness and analyse data automatically and carry out actions without needing much or any human intervention. Luca Bonacina, a retail research analyst at IDC, explained that the retail world has the opportunity to adopt machine learning to improve big data use. "The retail industry is well positioned to take advantage of machine learning developments as very large volumes of data (structured or unstructured) are being created every second. There is a need to understand the hidden patterns in that data to make the most use of it," he said. Machine learning systems can analyse data automatically and in real time to present recommendations to retail workers, or take action based on the results of such analysis.

Black Vine: Anthem hackers share zero-days with rival cyberattackers

It is believed a group dubbed Black Vine is to blame for the data breach, and Anthem is only one of multiple campaigns this resourceful group has shouldered the blame for. On Tuesday, cybersecurity firm Symantec released a whitepaper (.PDF) documenting the evolution of Black Vine over the last three years. According to the company, Black Vine has been in operation since 2012, and the group has compromised companies within the aerospace industry, healthcare, energy, military and defense, finance, agriculture and technology realms. The group not only has access to a variety of zero-day exploits but also uses customized malware. Symantec explains:

How to read a digital footprint

Measuring psychological traits has long been difficult for researchers and boring for participants, usually involving laborious questionnaires. This will sound familiar to anyone who has used an employment agency or job centre. The team are now building on their previous work with algorithms to take psychometric testing even further into uncharted territory – video games. Job centres might be the first to benefit. “A job centre gets about seven minutes with each job seeker every two weeks, so providing personalised support in that time is challenging,” explains Stillwell. “We are working with a company to build a game that measures a person’s strengths in a ‘gamified’ way that’s engaging but still accurate.”

Being Quantitative in Spite of Ambiguity

First, even the simplest of problem statements like “quantify our market growth” has several different ways that this problem could be solved. You could use internal data assets like sales figures, you could use third party data assets like social media activity, and you could even use publicly available data assets like census data to start to quantify these things. You could analyze the data with a litany of techniques with tools like time series analysis, supervised learning, unsupervised learning, regression or network analysis at your disposal. ... There are thousands and thousands of permutations, each of which might be appropriate for solving the problem at hand, making it difficult to navigate the landscape of approaches at your disposal.

Researchers improve de-anonymization attacks for websites hiding on Tor

The Tor anonymity network was built to hide from network snoopers which websites or other Internet resources that user is accessing. It does this by wrapping the user’s requests in several layers of encryption and routing them through multiple computers that run the Tor software. Each of those computers, known as nodes or relays, peel off one layer of encryption, before passing on the request to the next node. In this way the final node, called the exit relay, knows the request’s destination, but not its original source, while the first node, known as the entry guard, knows the original source, but not the final destination. It has long been known that if an attacker controls both the entry guard and the exit relay used for a Tor connection, or circuit, he could use traffic correlation techniques to deanonymize the user.

The best Wi-Fi extender (for most people)

We spent a total of 110 hours researching 25 different Wi-Fi extenders (and testing 10 of them), and the $100 Netgear EX6200 is the one we recommend for most people right now. It costs as much as a great router—but it has the best combination of range, speed, flexibility, and physical connections of any extender we tested. In our tests, the EX6200 could stream 1080p YouTube videos to three laptops at the same time (one up to 63 feet away), and it was the only extender we tested that could stream a 4K YouTube video to a single laptop at the same distance. The Netgear EX6200 also had the best long-range performance, even through exterior walls. It was the easiest to configure and it can give your devices the fastest connection they're likely to support.

Paxata: Adaptive Data Preparation

Paxata developed the first Adaptive Data Preparation™ platform built for the business analyst. The company’s technology dramatically reduces the most painful and manual steps of any analytic exercise, turning raw data into ready data for analytics, and empowering analysts to drive greater value for the business. With seamless connections to BI tools like Tableau, QlikView, and Excel, users can combine data on their own or work with peers in a shared, transparent environment as they shape data for analytics. Data prep has needed re-invention for 30+ years. Paxata leads the convo on self-service data integration, quality, enrichment, collaboration and governance.

Quote for the day:

"The simple act of paying positive attention to people has a great deal to do with productivity" -- Tom Peters

August 01, 2015

The future of data science looks spectacular

Data science is bringing together fields such as statistics, machine learning, analytics and visualisation to provide a rigorous foundation for this field. ... In the past, we have successfully developed complex mathematical models to explain and predict physical phenomena. For example, we can accurately predict the strength of a bridge, or the interaction of chemical molecules. Then there’s the weather, which is notoriously difficult to forecast. Yet, based on numerical weather prediction models and large volumes of observational data along with powerful computers, we have improved forecast accuracy to the point where a five-day forecast today is as reliable as a two-day forecast was 20 years ago.

Chinese Carmaker Is Testing Car-to-Car Communications

Following a successful trial of the technology involving several thousand cars around Ann Arbor, Michigan, the U.S. Department of Transportation is widely expected to issue specifications for the technology later this year. The technology will debut in a high-end Cadillac in 2017, and it may eventually be mandated for new cars in the U.S. (see “The Internet of Cars is Approaching a Crossroads”). The picture is less clear in China, where the government is researching vehicle-to-vehicle technology but has not yet given any indication of when it might be implemented.

Microsoft to make enterprise security tools generally available

Extending Azure Rights Management support to Office for iPad and iPhone means that administrators will be able to lock down individual files and apply policies about how they can be used. With the update announced Wednesday, iPhone and iPad users will be able to view documents that have been protected to prevent unauthorized access and limit what users can do with them. Right now, it only works with Word, Excel and PowerPoint, and the apps only support viewing files. Future updates will bring the rights management capabilities to the Outlook app, and allow users to create and edit managed content.

Top 10 Most Innovative Companies Of 2015 In The Internet of Things

Kickstarter has brought millions of dollars of funding and countless consumer eyeballs to Internet-enabled household devices—including toothbrushes, cooking pots, lightbulbs, and even lawn sprinklers. “Kickstarter is where people come to see where the future is going,” says John Dimatos, the company’s lead for design and tech partnerships. ... IFTTT initially won the hearts of the geek community by letting users write simple “recipes” to connect purely digital Internet services. For example: “If I’m tagged in a photo on Facebook then save it to Dropbox.” Or “If my company’s mentioned in The New York Times then send me an email.”

How Does Data De-Identification Affect Clinical Research?

There are different ways to anonymize the data, but the true protection comes from mechanisms that are used in addition to that, he said. For example, a data sharing agreement signed by the researchers accessing the data that says that they are not going to try and identify the patients in any way is beneficial. Moreover, having a controlled access system is helpful so the data is not lost by a researcher and no one tries to re-identify the information. It is necessary to have controls in place from an original data holder perspective, Rotz said."The other thing that I see as a misconception is that anybody can go access the data and find something," he explained.

Microsoft Edge - Deployment Guide for IT Pros

Microsoft Edge is the new, default web browser for Windows 10, helping you to experience modern web standards, better performance, improved security, and increased reliability. Microsoft Edge also introduces new features like Web Note, Reading View, and Cortana that you can use along with your normal web browsing abilities. Microsoft Edge lets you stay up-to-date through the Windows Store and to manage your enterprise through Group Policy or your mobile device management (MDM) tools.

Can Algorithms And Big Data Appraise Character?

Upstart, Hardy explains, uses factors such as SAT scores and what college you attended as part of its algorithm, and the Upstart website indicates that it also asks for information such as employment and salary. ZestFinance looks for signals such as dropping a prepaid cell phone number or inconsistencies in information provided by different data sources. It all seems quite mathematical and consistent. The question is: can algorithms like these eliminate bias? Hardy’s piece discussed more than just lending, with examples in criminal justice and human resources as well. In all these realms, it would be great to objectively evaluate individuals as individuals.

Google reveals how it crams a neural network in your pocket with Translate

Doing the type of live visual translation found in Translate would be easy in a datacenter but to bring the same capability to a low-end smartphone with a poor network connection required some engineering smarts from Google. What it came up with was a mini version of the neural net that it uses to do translation at its datacenters, but one that could also handle real-world smartphone conditions, such as a shaky hand and no connection to the cloud. According to Good, the live translation has a few steps, starting with distinguishing words from background objects. To pick out text, it looks at "blobs of pixels" with a similar color to other similar blobs nearby. The next step is to translate each letter, which Good notes, is where the deep learning comes in.

How to Help Self-Driving Cars Make Ethical Decisions

Gerdes pointed out that it might even be ethically preferable to put the passengers of the self-driving car at risk. “If that would avoid the child, if it would save the child’s life, could we injure the occupant of the vehicle? These are very tough decisions that those that design control algorithms for automated vehicles face every day,” he said. Gerdes called on researchers, automotive engineers, and automotive executives at the event to prepare to consider the ethical implications of the technology they are developing. “You’re not going to just go and get the ethics module, and plug it into your self-driving car,” he said. Other experts agree that there will be an important ethical dimension to the development of automated driving technology.

The Rise of Managed Third Party Cloud

Shih sees it as a positive trend for managed services providers. “Service providers can get out of trying to compete with massive-scale clouds head-on and start pivoting into areas that play to their strengths: managed services is one of those areas,” he said. “There is also a capital efficiency component. Managing a third party cloud allows hosters to spend less on infrastructure and re-deploy capital into strategic initiatives.” Media Temple said it did extensive market and customer research before adding managed AWS services. “Companies of all sizes often lack the technical expertise to fully unleash the power of AWS,” said Brendan Fortune, product director, Cloud Solutions at Media Temple.

Quote for the day:

"There is no 'one' way to be a perfect leader, but there are a million ways to be a good one." -- Mark W. Boyer

July 31, 2015

Why Data-Driven Cultures Outperform Rivals

Proactive organizations take steps to address unstructured data growth before it escalates. The sheer volume of unmanaged unstructured data can become extremely costly in terms of storage. Additionally, data that is not properly managed quickly turns into a liability if information cannot be located in the event of an e-Discovery request for legal matter. To add to the complexity, customer expectations have changed as a byproduct of new technology advancements and the emergence of mobile, BYOD and the commercialization of IT resulting in additional data security and privacy concerns. These changing customer expectations around data and how organizations use it also lead to a further secondary use for large repositories of unstructured data;

The Ultimate Beginner’s Guide to Data Quality and Business Intelligence

Business processes should also be established to ensure data manually entered into systems is of the highest quality possible. As we learned previously in our example of the pregnant men, many organizations experience data errors when information is manually entered, at a rate of 2% and 8%. Even one wrong number entered incorrectly can cause a payment to fail, a wrong part number to be shipped, or apparently a man to become pregnant. Data validation controls can be integrated into on-line forms, using rules to check the validity of data sets. For example, an on-line website form may require a visitor to enter data in specified formats. Or an IRS form may utilize controls to check that positive numbers are being entered into fields.

Hacker steals Bitdefender customer log-in credentials, attempts blackmail

The hacker, who uses the online alias DetoxRansome, first bragged about the breach on Twitter Saturday and later messaged Bitdefender threatening to release the company’s “customer base” unless he was paid US$15,000. To prove his point, the next day he published the email addresses and passwords for two Bitdefender customer accounts and one for an account operated by the company itself. Travis Doering and Dan McPeake claimed in a blog post that they contacted the hacker, who offered to sell the data to them. The hacker provided a list of user names and matching passwords for over 250 Bitdefender accounts, some of which were confirmed to be active, the two wrote Wednesday.

Disrupting beliefs: A new approach to business-model innovation

Executives can begin by systematically examining each core element of their business model, which typically comprises customer relationships, key activities, strategic resources, and the economic model’s cost structures and revenue streams. Within each of these elements, various business-model innovations are possible. Having analyzed hundreds of core elements across a wide range of industries and geographies, we have found that a reframe seems to emerge for each one, regardless of industry or location. Moreover, these themes have one common denominator: the digitization of business, which upends customer interactions, business activities, the deployment of resources, and economic models.

Critical BIND denial-of-service flaw could disrupt large portions of the Internet

There is no configuration workaround to protect against the BIND vulnerability or a way to prevent its exploitation through access control lists. Patching is the only option, the ISC said in an advisory. “Screening the offending packets with firewalls is likely to be difficult or impossible unless those devices understand DNS at a protocol level and may be problematic even then,” said Michael McNally, an ISC engineer and the incident manager for this vulnerability, in a blog post. The bug is difficult to defend against without installing the patch and it’s likely that attack code will appear soon because it’s not hard to reverse-engineer the patch and figure out how to exploit the flaw, according to McNally.

Open Container Initiative Nears Container-Spec Goal

For a Docker container to be able to do the things that its user wishes it to do (that is, intersect with a given host and connect the application that it contains to the host server) it needs to be able to rely on a sandboxing environment that allows some of the details of how the application runs to match up with the way the host runs. The main requirement to getting the two together is relatively simple: The host server needs to run the same Linux kernel as required by the application code in the container. Since the Linux kernel is a highly defined and labeled set of code, matching up the two is usually a given. With the initiative's specified runC runtime, a Docker container and a CoreOS Rocket container will be able to run in the same environment in the same way, without glitches, if both continue to adhere to the OCI runtime standard.

What Can The United Airlines Hack Tell Us About IT Security?

“Perhaps United Airlines should reconsider its choice of technologies and vendors that provide controls for privileged access to their systems and databases. The US Government could also serve a useful purpose in providing appropriate consequences to the attackers and their assets. There seems to be little incentive for this attacker to stop these attacks.” “As investigators identify fragments of evidence from these intrusions, they are not only finding needles in the haystack, but also the threads connecting these needles across some of the biggest breaches we have seen. Through this discovery they see these threads weave together to form a rather disturbing tapestry revealing patterns of a much more strategic and sophisticated attack than we could have imagined.

WebSocket: Bringing Desktop Agility to Web Application

The first reason for lack of WebSocket adoption has been a limited support in application servers and browsers. However with new generation of application servers and browsers, this issue is significantly addressed. The second, and the more important reason, is that opening the full potential of WebSocket requires significant web application redesign. The redesign involves going from a basic primitive of request – response to a more sophisticated primitive of bi-directional messaging. Application redesign is typically a costly process and vendors do not see clear benefits of going that route.

Why Google’s enterprise pitch is a confusing mess

Let’s try to follow Google’s logic here, but be patient because first you need to get through a series of familiar Google product names with “for Work” simply added to them. Confusion sets in almost immediately on the Google for Work homepage where solutions such as Google Apps for Work, Google Cloud Platform, Chrome for Work, Google Maps for Work and Google Search for Work are all listed prominently. Each of those services is sold and marketed to business customers separately, and Google Apps for Work is the only one with public-facing pricing. Regardless of what Google calls it, Google for Work appears to be a basic platform the company uses to upsell a host of services to prospective clients.

Cisco Mid-Year Security Report: Bad Guys Getting Badder

The main problem with enterprise and personal data security now is that users have a plethora of security products that don't interact well and that leave holes open for hackers to walk through. "The users are left with what we call this 'sprawl of security,' meaning devices that don't communicate well and don't share intelligence," Williams said. "These allow the bad guys blind spots to hide in. Does anybody have an IPS (intrusion prevention system) or anti-malware solution that can talk to their firewall? Until we have an integrated threat defense, those problems are going to allow adversaries easier access to networks."

Quote for the day:

“Leaders always choose the harder right rather than the easier wrong.” -- Orrin Woodward

July 30, 2015

Risk Management and the Board of Directors

The board should formally undertake an annual review of the company’s risk management system, including a review of board and committee-level risk oversight policies and procedures, a presentation of “best practices” to the extent relevant, tailored to focus on the industry or regulatory arena in which the company operates, and a review of other relevant issues such as those listed above. ... But because risk, by its very nature, is subject to constant and unexpected change, boards should keep in mind that annual reviews do not replace the need to regularly assess and reassess their own operations and processes, learn from past mistakes, and seek to ensure that current practices enable the board to address specific major issues whenever they may arise.

Best Practices for YARN Resource Management

In a MapR Hadoop cluster, warden sets the default resource allocation for the operating system, MapR-FS, MapR Hadoop services, and MapReduce v1 and YARN applications. Details are described in MapR documentation: Resource Allocation for Jobs and Applications. YARN can manage 3 system resources— memory, CPU and disks. Once warden finishes calculations, it will set environment variable YARN_NODEMANAGER_OPTS for starting NM. ... NodeManager can monitor the memory usage(virtual and physical) of the container. If its virtual memory exceeds “yarn.nodemanager.vmem-pmem-ratio” times the "mapreduce.reduce.memory.mb" or "mapreduce.map.memory.mb", then the container will be killed if “yarn.nodemanager.vmem-check-enabled” is true;

Five Tips for Eliminating Migration Migraines

Solutions that offer the most flexibility and currency of data possible while minimizing impact to users during testing and migration typically require a software-based solution that replicates any activity taking place between the production server to the target server in real-time. This allows IT to keep the production server up and running rather than freezing it or periodically pausing it for snapshots. The production server remains fully functional, data is as current as the last transaction and users continue working. IT can test applications on the new server, and prove the migration methodology and plan, without impacting the production environment. Ultimately, this makes IT more productive – all while migration is taking place.

Open Source Usage in Large Enterprises

Regarding the perceived impact of open source software on their respective industries, 55% consider that OSS is critical to future competitive advantage but only 11% consider OSS as having a positive impact for their industry at this time. But the numbers change dramatically when evaluating the role of OSS three years from now: 61% think OSS will provide a competitive advantage and 62% consider OSS will have a positive impact on their industry ... When it comes to the challenges faced developing OSS, the respondents considered that OSS requires rethinking the entire process (63%), employees need to take on new roles (61%), they need to hire new people (47%), new skills need to be acquired (44%), and there has to be a change in the development culture (44%):

How predictive analytics will revolutionize healthcare

"Coming to the hospital is not enjoyable for people," Dr. Weinstein says. "If we can keep them out of it, that would be great. We need to create a sustainable health system. I think what's happened with the [Affordable Care Act] is that all the policy work has been to get people insured and covered. Having insurance doesn't mean good healthcare. What about all the people who are healthy that we don't want to be sick. If I was really effective, no one would come to my hospital." Dr. Weinstein believes that ImagineCare will help Dartmouth-Hitchcock build a health system that focuses on health, not healthcare. Such a health system is based on value, not volume, he says.

How to Generate Big Data Revenue Without the Big Investment in a Team of Data Scientists

DaaS unlocks a vast new world of opportunities. Imagine getting streams of highly qualified prospects and even your own customers who are ready to purchase now based on their online searches or information they are sharing on social platforms. What if you could market to consumers who are searching at the moment for your competition? Or imagine the power of being able to enhance your internal marketing database with highly specialized and unique data sources for real-time multi-channel marketing campaigns. ... DaaS can be implemented across a range of industries, for both B2B and B2C. The point is truly that DaaS provides an alternative.

How to get the most out of Windows 10 enterprise security features

Microsoft’s new Edge browser improves security in a variety of ways, from running in the app container sandbox to removing ActiveX controls, VBScript, toolbars and Browser Helper Objects. That makes general browsing safer, but may require you to tweak some line of business apps (or more likely, configure employee PCs to use Internet Explorer to access those sites). And while it’s fast and implements many modern Web standards, Edge is also clearly a work in progress and will be getting a major feature update later this year. There are also security features carried over from Windows 8 that will be new to you if you’re upgrading from Windows 7 or earlier.

CIOs under pressure to generate revenue through data monetization

The goal of generating value through data might be the same regardless of whether it's for internal or external customers, but data monetization "is not the same type of animal as value generation in internal ways," Wixom said at the recent MIT Sloan CIO Symposium. Simply put, CIOs getting into the data monetization game aren't solving business problems; they're going after market share, and that can introduce new challenges. ... Feeding customer demand is something CIOs should expect and plan for when standing up a data monetization business, said Stoller, who is now the executive vice president of operations and sales support at Healthcare IQ Inc., a spend analytics firm in Palmetto, Fla.

7 Smart Ways To Leverage Social Data

While social data offers insight, it often provides more value when combined with other data sources. On an operational level, social data can be used across departments to improve operations and outcomes, whether by understanding an issue at a more granular level or embracing an alternative business model. ... Slowly but surely, social data is spreading out through companies and being operationalized in different ways, yielding different results. Some of the challenges include the relative reliability of the data, the degree to which companies have envisioned using it, and how easy or hard it is to integrate into current workflows. It's still early days, in other words.

Cybersecurity job market to suffer severe workforce shortage

Don't feel bad for the CSOs who might have engineers underneath them earning more than they do. IDC predicts that “by 2018, fully 75% of chief security officers (CSO) and chief information security officers (CISOs) will report directly to the CEO, not the CIO”. This will arguably push those positions higher up in to the salary stratosphere. Checking in with an experienced executive recruiter in the cybersecurity field aligns the market analysis and forecasts with what search firms, employers, and candidates are seeing. “The cybersecurity job market is on fire” says Veronica Mollica, founder and executive information security recruiter at Indigo Partners. “Our candidates are facing competing offers from multiple companies with salary increases averaging over 30%.

Quote for the day:

"Charisma is the result of effective leadership, not the other way around." -- Warren Bennis

July 29, 2015

What you can learn from Nordstrom’s use of the cloud

“We’re trying to be a supportive team,” Homewood says. “We could give everyone in the company access to Amazon, but that would be like leaving a pile of car keys in a parking garage, but not knowing if anyone knows how to drive. Instead, we ask people to come to our team, explain what they’re trying to do, and then we work with them to define a path for using the cloud and start them down that journey.” Homewood calls the cloud team a “center of excellence” focused on cloud use within the company. This approach has a number of advantages. It allows the mobile team, the database team, and any other team that wants to use the cloud to focus on what they know best. Meanwhile, members of the cloud team are experts at using the cloud.

10 Real Techniques That will Help You Tackle Enterprise Mobility Security

A truly mobile enterprise is better designed to handle modern day opportunities as an organization. That’s why, any CIO you meet today is working on making productivity-on-the-go a reality by having everything business including email, documents, CRM and BI apps run on mobile. Yet, according to nearly every analyst study, security is the primary inhibitor to both enterprise mobility and bring-your-own-device (BYOD) programs. For example, according to the MobileIron’s user conference held earlier this year, 73 percent of CIOs say that while mobility is forging forward in all aspects of business, security loopholes, if ignored, will derail mobility within the enterprise.

IoT continuous deployment keeps software current

An agile approach often comes with the practice of continuous integration. Sometimes it involves so-called “squad teams,” these are small engineering teams that take full responsibility for a specific task from design, to implementation and test, final integration, test automation and a nightly test-and-build system. This results in new feature development, fully production tested and integrated, built into the final system on a regular period, which should be every 1 – 3 weeks. Perhaps some teams might already be using a continuous delivery approach, so for them the step to continuous deployment is to remove the manual step from production to deployment.

B-Schools Aren’t Bothering to Produce HR Experts

Understanding HR innovations and figuring out which ones are effective is, sadly, a low priority in the world of scholarship. That would never fly in marketing, operations research, or even accounting, where academics are all over new developments. In most companies, the HR staff is many times larger than the marketing department—yet while all leading B-schools have a marketing department, almost none have any HR-dedicated faculty at all. The lack of research interest in HR stems partly from carving up the topic into so many subfields. There are separate associations for labor economists, sociologists, and psychologists that look at the same problems, but these specialists don’t seem to be aware of one another’s efforts, let alone work together on solutions to our talent problems.

The PaaS Game Just Changed — HP Has Acquired Stackato from ActiveState

“Expanding our presence in the Cloud Foundry community is critical to our strategy of helping enterprises transition from traditional IT systems to a hybrid infrastructure,” reads a blog post from HP Senior Vice President for Helion Bill Hilf, published by HP Tuesday. “In 2014 alone, the Cloud Foundry community has seen a 36 percent increase in community contributions and more than 1,700 requests to improve functionality or implement bug fixes, and it is well-positioned to gain more influence. We’re at the forefront of open source innovation driven by a broad community. It’s where cloud is headed and what our customers want.”

Actian DataFlow, the Little Hadoop Engine That Could, But Probably Won’t

DataFlow was invented originally back in the early 2000’s for the multi-core revolution. As Moore’s Law started to slow down, a lot of hardware folks adapted to computer chips no longer getting faster at the same rate by putting in more and more chips. DataFlow was designed to automatically scale up at runtime to make best use of all those cores, without knowing ahead of time how many cores it was going to be running on. It’s power lay in a philosophy of “Create once, run many.” and leaving no hardware power behind. It squeezed power levels out of standard hardware that no one previously believed possible.

Lessons from the Digital Classroom

While most schools don’t have the type of technology AltSchool is developing, classrooms are increasingly filled with laptops and other digital teaching aids. This year U.S. elementary, middle, and high schools are expected to spend $4.7 billion on information technology. What is new is that many of the technologies are capturing expansive amounts of data, enough of it to search for meaningful patterns and insight into how students learn. The potential for that to be turned into profit is a big reason investors have increased funding of educational technology startups worldwide, from $1.6 billion in 2013 to $2.4 billion in 2014; they invested over $1 billion more in the first quarter of 2015, much of that in China.

State of IT Skills Quick Take

We’ve witnessed how important technology is for the success of businesses and its growing role in strategic priorities—nearly 9 in 10 U.S. IT and business executives echo that technology is important or very important to the success of their organization. As such, we expect continued demand for foundational IT skills (e.g. support, networking and security) in addition to the more emerging ones (e.g. cloud, mobility and big data), particularly as companies themselves span the tech adoption curve from the “innovators” to “late adopters". There are many influences to tech adoption to keep in mind, including industry, company size, business type and organizational support for professional development.

The Senate's Cybersecurity Bill Is in Trouble

There are currently two bills in the House that complement the Senate's cybersecurity legislation, but reconciling the House bills—and then squaring the result with the Senate version—may prove to be very difficult. The two House bills originated from different committees: One came from the House Homeland Security Committee, and the other from the House Intelligence Committee. Although they are similar in many ways, they differ on some key points, including on liability protection and privacy provisions. What's more, neither currently lines up with the legislation under consideration in the Senate, which trades fewer privacy protections for more security provisions.

Android Stagefright Vulnerability Puts 950M Devices at Risk

The Stagefright flaw opens vulnerabilities for devices running Android version 2.2 and up, according to Drake's findings. Most at risk are devices using Android Jelly Bean (versions 4.1 through 4.3.1), which covers about 11 percent of all Android devices, due to "inadequate exploit mitigations." "If 'Heartbleed' from the PC era sends chill down your spine, this is much worse," the Zimperium blog post noted. The targets for this attack can be anyone from prime ministers, ministers, executives of companies, security officers to IT managers and more, with the potential to spread like a virus."

Quote for the day:

"I've always tried to go a step past wherever people expected me to end up." -- Beverly Sills,

July 28, 2015

Data Science and Big Data: Two very Different Beasts

In the world of data this expertise in converting is called Data Science. The reason it takes a science to convert a raw resource into something of value is because what is extracted from the ‘ground’ is never in a useful form. ‘Data in the raw’ is littered with useless noise, irrelevant information, and misleading patterns. To convert this into that precious thing we are after requires a study of its properties and the discovery of a working model that captures the behavior we are interested in. Being in possession of a model despite the noise means an organization now owns the beginnings of further discovery and innovation.

Personal Data Protection In Cloud Computing - EU And Turkish Legislation

When reviewed from a cloud service perspective, it is seen that the data protection liability is shared between the customer who is deemed as data controller and the cloud company who is deemed as data processor. In contradiction to a standard service relation, it is not the data controller but the data processor who decides where the personal data will be stored, which subcontractors will process the data and which security measures will be taken. Most of the time data passes through and is stored in different servers across the world. This means in terms of data subjects and controllers that they may not be able to exercise their rights to the extent possible under EU law.

The Power of Mindful Leadership

Becoming a mindful leader isn't easy. There are no five easy steps to do so. A few years ago when I asked the Dalai Lama how we can develop a new generation of compassionate, mindful leaders, he replied simply, "Develop a daily habit of introspection." Today many more companies are promoting mindful practices to improve the health and decision-making of their leaders. Google, under the tutelage of Chade-Meng Tan, trains 2,000 engineers in meditation each year. When I visited Google this spring, it was evident that mindfulness is one of the key reasons behind Google's innovative and harmonious culture. Leading financial services firms like Blackrock and Goldman Sachs offer mindfulness courses for their employees.

Invalidating Identity Interdiction

Data is a tantalizing thing. Collecting it makes life easier for customers and providers as well. Having your ordering history allows Amazon to suggest products you might like to buy. Having your address on file allows the pizza place to pull it up without you needing to read your address again. Creating a user account on a site lets you set preferences. All of this leads to a custom experience and lets us feel special and unique. But, data is just like that slice of cheesecake you think you want for dessert. It looks so delicious and tempting. But you know it’s bad for you. It has calories and sugar and very little nutritional value. In the same manner, all that data you collect is a time bomb waiting to be exposed. The more data you collect, the larger the blowback for your eventual exposure.

3 Reasons Why Virtual Reality will Kill the Office

Imagine a scenario where your head office is based in New York and your team is spread across the world in Europe, South America and Asia. The limit today is that even if you do video conference or screen sharing, you never actually experience working with the rest of your team. If the rest of your team is in an office you will not feel like you are part of their team throughout the day. With Virtual Reality, you can actually experience and feel like you are sitting down next to them in the office environment. You can virtually walk into the office, talk to each other, attend meetings, share data and maybe, even share a drink after work through a virtual reality interface.

Data Center Trends – 5 Reasons Why Server Cabinet Power Density is Going UP!

Ready or not (and most aren’t), power density in the rack is going up, and not incrementally over ten years, but dramatically over three to five years. Can your internal data center(s) support that? Can your partners support it? My rough estimate tells me that if an average of 10kW per rack was required, fewer than 10% of data centers in operation today could handle it. There are a confluence of events occurring that are driving infrastructure design towards more density, and I don’t see anything reversing that trend anytime soon.

Build High Performance JVM Microservices with Ratpack & Spring Boot

Ratpack and Spring Boot are a match made in microservice heaven. Each is a developer-centric web framework for the JVM, focused on productivity, efficiency, and lightweight deployments. They have their respective benefits in the area of microservice development, in that they bring different offerings to the table. Ratpack brings a reactive programming model with a high throughput, non-blocking web layer, and a convenient handler chain for defining application structure and HTTP request processing; Spring Boot brings an integration to the entire Spring ecosystem, and simplistic way to configure and autowire components into an application. For building cloud-native and data-driven microservices, they are a compliment that is unparalleled.

Privacy and the data toothpaste problem

The court, for example, pointed to a suppression motion as offering a complete fix to this issue. “The motion to suppress is vital because it can lead to the suppression of unconstitutionally seized evidence. Once evidence is suppressed, the government’s case could become impossible or significantly more difficult to prove.” That’s fine, but the absence of a court conviction doesn’t even come close to righting this wrong. Ask anyone whose name was dragged through the media for years before being acquitted. Is that person’s life returned to its original state? The Facebook case involved a probe into retired police officers and firefighters “suspected of having feigned mental illnesses caused by the events of September 11, 2001.”

End User Experience Management: Fulfilling the Promise of Mobile Healthcare

Mobile technology is arguably the greatest accelerator in transforming medical practices and the engagement between providers and patients. Mobile health is particularly important in developing countries, where mobile penetration is high and populations are not well served by traditional healthcare structures. But it is also a priority for physicians in developed countries who want to use their own devices in clinical settings. Much like other industries, healthcare IT teams must address issues around Bring Your Own Device (BYOD) policies as well as the management and security of devices, apps and data.

India Loves MOOCs

Throughout India, online education is gaining favor as a career accelerator, particularly in technical fields. Indian enrollments account for about 8 percent of worldwide activity in Coursera and 12 percent in edX, the two leading providers of massive open online courses, or MOOCs. Only the United States’ share is clearly higher; China’s is roughly comparable. India’s own top-tier technical universities have created free videotaped lectures of more than 700 courses, with the goal of putting students at regional colleges in digital contact with the country’s most renowned professors. In the United States and Europe, MOOCs have proved less revolutionary than their champions predicted when they launched on a wide scale in 2012.

Quote for the day:

"The more you say, the less people remember. The fewer words, the greater profit. - Fenelon - Be bold, be brief, and be gone!" -- @Orrin_Woodward