Daily Tech Digest - June 24, 2018

Walking With AI: How to Spot, Store and Clean the Data You Need

Walking With AI: How to Spot, Store and Clean the Data You Need
Machine learning initiatives are as diverse as companies themselves. Think critically about what sort of examples you need to train your algorithm on in order for it to make predictions or recommendations. For example, an online baby registry we partnered with wanted to project the lifetime value of customers within days of signup. Fortunately for us, it had proactively logged transaction data, including items customers added to their registries, where they were added and when they purchased. Furthermore, the client had logged the entire event stream, rather than just the current state of each registry, to maintain a database record. The client also brought us web and mobile event stream data. Through Heap Analytics, it had logged the type of device and browser used by each registrant into its transactional database. Using UTM codes, the registry company had even gathered attribution data, something collected for all or most marketing activities by just 51 percent of North American respondents to a 2017 AdRoll survey.



The SOA Journey: From Understanding Business to Agile Architecture


If the monolith ceased to implement its responsibilities in such a way that it satisfies business, if the development pace slows down, then something definitely needs to be done to fix this. But before that, apparently, you need to find a reason why is that so. In my experience, the reason is always the same: tight coupling and low cohesion. If your system belongs to a single bounded context, if it’s not big enough (yeah, sounds ambiguous, I’ll elaborate on this later) then all you have to do to fix things up is to decompose your system into modules the right way. Otherwise, you need to introduce way more autonomous and isolated concept that I can call a service. This term is probably one of the most overloaded one in the whole software industry, so let me clarify what I mean. I’ll give more strict definition further, but for now, I want to point out that, first of all, service has logical boundaries, not physical. It can contain any number of physical servers which can contain both the backend code and UI data. There can be any number of databases inside those services, and they all can have different schemas.


The Convergence of Digitalization and Sustainability

The promise of digitalization — big data, artificial intelligence, the internet of things, cybersecurity, and more — is often described with hyperbole. Pundits and academics alike have described “big data” as the “new oil,” “the new soil,” and the primary driver of a “management revolution,” the “Fourth Industrial Revolution,” and a “second machine age.” Artificial intelligence is receiving similar hype, with AI being compared to the rise of electricity during the Industrial Revolution. Russian President Vladimir Putin says whatever country controls AI will become the “ruler of the world.” What’s more, renowned scientist Stephen Hawking warns that development of full AI could spell the end of the human race.” There is similar hype around sustainability, albeit of a different flavor. “Sustainability is the primary moral and economic imperative of the 21st century,” says Mervyn King, former governor of the Bank of England. “It is one of the most important sources of both opportunities and risks for businesses. Nature, society, and business are interconnected in complex ways that should be understood by decision-makers.”


Differentiation through innovation: Banks pick fintech firms over bigtech

fintech
Big tech companies are seeing greater competition from fintech companies when it comes to providing banking solutions, say experts. "Businesses have started using Fintechs to solve many of the pain points in the banking value chain by doing smaller outcome based projects, instead of signing up large long term deals with Bigtechs, said Sachin Seth, Partner and Fintech Leader, Advisory Services, EY India. ... “Large IT companies still manage the core engines for the bank, they understand the bank’s security and regulatory requirements and have tailored their systems to suit these needs over the years. Fintech companies too, as the business case, grows need to invest in these areas. The successful ones will eventually become mid- to large-sized companies, while hopefully retaining their innovation DNA, said Axis’ Anand. While the competition large IT companies are seeing from fintech start-ups will only get fiercer, banking industry experts said that there is a strong need for collaboration. “Fintechs are nimble companies that think innovation first. However, they are not as well equipped to deploy the products. Fintech companies can drive innovation, but the comercialisation is better managed by bigtech companies,” said BoB’s Handa.


The 4 phases of digital transformation: a roadmap to Intelligent Automation

You’ve reached the end the road in outsourcing. You’ve been dinged by potholes of legacy systems and your smartest people are too busy struggling under the load of paperwork. You suspect that there’s only one way to get past these roadblocks, and that’s to start a whole new journey. Next stop: Intelligent Automation. The only thing is that you have no idea of what you’ll encounter along the way… The good news is, there are people who do. WorkFusion’s Client Strategy and Transformation team, which focuses on strategic advice and programmatic enablement for enterprises who are embarking on robotic process automation initiatives, has been down this road and around the block a few times already. They have seen patterns emerge and learned from their experiences. Which is why they wrote The 4 Phases of Digital Transformation: The Intelligent Automation Maturity Model. This complimentary 10-page eBook by WorkFusion will help you determine the best strategy for your operation by mapping each of the four stages of maturity that are relevant for most organizations.


The Brilliant Ways UPS Uses Artificial Intelligence, Machine Learning And Big Data


UPS developed its chatbot, UPS Bot, in house and released it for use just three months after the idea was born. This AI-enabled tool mimics human conversation and can respond to customer queries such as “Where is the nearest UPS location?” and can track packages and give out shipping rates. Customers can ask the bot questions either through text or voice commands through mobile devices, social media channels and virtual assistants such as Alexa and Google Assistant. The UPS Bot is able to recognize these requests and then takes the appropriate steps to complete them. The more “conversations” the bot has, the more learning it experiences to take the appropriate action in the future. During its peak period, UPS provided more than 137 million UPS My Choice alerts—the free system that lets residential customers decide “how, where and when home deliveries occur.” The chatbot is integrated with the UPS My Choice system, so customers are able to obtain information about their incoming packages and deliveries without providing a tracking number.


How Machine Learning Is Changing the World -- and Your Everyday Life

How Machine Learning Is Changing the World -- and Your Everyday Life
Computers can be programmed to determine individual study plans, specific to each student's needs. Algorithms can analyze test results, drastically reducing the time teachers spend in their leisure time on grading. A student's attendance and academic history can help determine gaps in knowledge and learning disabilities. These applications won't necessarily translate to a teacher-less classroom, but will facilitate the teaching and learning environments to enhance the outcomes and ease the burden on both teacher and student. Legal firms are increasingly turning to machine learning to process massive amounts of data related to legal precedents. J.P. Morgan, for example, uses a software program dubbed COIN to review documents and previous cases in seconds that would otherwise take 360,000 hours. As with our teachers above, it's unlikely machine learning or AI will replace lawyers any time soon, given the necessity of rebuttal and human logic / appeal, but the incorporation of machine learning will surely reduce the time taken to put together a case, and it could expedite trials, speeding up the processes of the court.


How BuzzFeed Migrated from a Perl Monolith to Go and Python Microservices


The new microservices are developed using Python as the main language with Go for the more performance sensitive components. BuzzFeed’s engineering team have found that the two languages are very complementary and it is relatively straightforward for individual developers to switch from one to the other as appropriate. At the time of writing they have around 500 microservices in stage and production environments on AWS. They break-down their services using something that sounds somewhat similar to SCS; the home page on buzzfeed.com is one service, news pages are a separate service, as are author pages and so on. One challenge the team faced was with routing requests to the correct backend applications. Fastly, their CDN provider, has the ability to programmatically define behavioural logic at the edge using a C based programming language called VCL, and initially the engineering team were writing all their routing logic in VCL directly. However, they found that as the configuration became more and more complex so making changes became more difficult, and being able to adequately test their configuration much more important. Mark McDonnell, a Staff Software Engineer at BuzzFeed, told InfoQ that


Serverless development with Node.js, AWS Lambda and MongoDB Atlas

The developer landscape has dramatically changed in recent years. It used to be fairly common for us developers to run all of our tools (databases, web servers, development IDEs…) on our own machines, but cloud services such as GitHub, MongoDB Atlas and AWS Lambda are drastically changing the game. They make it increasingly easier for developers to write and run code anywhere and on any device with no (or very few) dependencies. A few years ago, if you crashed your machine, lost it or simply ran out of power, it would have probably taken you a few days before you got a new machine back up and running with everything you need properly set up and configured the way it previously was. With developer tools in the cloud, you can now switch from one laptop to another with minimal disruption. However, it doesn’t mean everything is rosy. Writing and debugging code in the cloud is still challenging; as developers, we know that having a local development environment, although more lightweight, is still very valuable.


Focus More On Conceptual Knowledge To Be A Successful Data Scientist

The trend is obviously increasing with many recruiting senior management positions in analytics. Having said that, it is still behind western countries. For example, In 2016 MIT Sloan management review reported that 54 percent of Fortune 1000 companies had Chief Data Office, but the corresponding number in India is much lower. This may be due to the fact that the number of analytics projects in India is still lower compared to western markets. However, with the government policies to use AI in many government initiatives, this could change. At a lower level, it is business intelligence skills such as reporting, dashboard creation. This skill still forms the majority of recruiting by the Indian companies. At the higher level of AI, it is natural language processing (NLP) and other forms of unstructured data analysis such as image processing using deep learning algorithms lead the hiring trend. Data Strategy Officers becoming common among many companies.


Quote for the day:


"The art of communication is the language of leadership." -- James Humes

Posted by at No comments:
Labels: , , , , , , , , , , , , ,

Daily Tech Digest - June 23, 2018

$4.3 Million HIPAA Penalty for 3 Breaches

$4.3 Million HIPAA Penalty for 3 Breaches
"Despite the encryption policies and high risk findings, MD Anderson did not begin to adopt an enterprisewide solution to implement encryption of ePHI until 2011, and even then, it failed to encrypt its inventory of electronic devices containing ePHI between March 24, 2011, and January 25, 2013," the statement adds. The administrative law judge agreed with OCR's arguments and findings and upheld OCR's penalties for each day of MD Anderson's noncompliance with HIPAA and for each record of individuals breached, OCR notes. "OCR is serious about protecting health information privacy and will pursue litigation, if necessary, to hold entities responsible for HIPAA violations," says OCR Director Roger Severino. "We are pleased that the judge upheld our imposition of penalties because it underscores the risks entities take if they fail to implement effective safeguards, such as data encryption, when required to protect sensitive patient information." OCR alleges that MD Anderson claimed that it was not obligated to encrypt its devices and asserted that the ePHI at issue was for "research," and thus was not subject to HIPAA's nondisclosure requirements.



Cultural, leadership issues plague many digital transformation efforts

Digital transformation is a complex effort from the internal perspective, and to make it even more challenging, it shouldn’t appear to be that way from the customer perspective, explains James Campbell, practice lead with experience design at Shalom. “Some of the biggest challenges with internal forces – like buy-in and commitment from all functional areas, sponsorship from executives, board and other governing bodies, and willingness to redefine KPI’s – actually pale in comparison to the effort required to prevent your digital transformation from becoming your customer’s problem, too,” Campbell says. When organizations fail to realize that, poorly implemented digital transformation can cause lost sales, loyalty and public reputation, “and it can make or break the type of effort that will differentiate the companies of today from the companies of tomorrow,” Campbell says. “While many industries are considering digital transformation, CEOs in asset-intensive industries are less likely to consider IT a priority, and low levels of historic investment may have created an environment with poor digital readiness,” explains Allen E. Look


How The TOGAF® Standard Enables Agility


Top-down, The Enterprise Strategic Architecture provides a high-level view of the area of the enterprise impacted by change; the Capability Architectures are detailed descriptions of (increments of) capability to be delivered. These are Sprints in the agile world. They are sufficiently detailed to be handed to developers for action. As the diagram shows, sprints can occur in parallel. A key consideration is achieving is that the sprints are time-boxed and aimed at addressing a set of bounded objectives. The Capability architectures should be tightly scoped to address those objectives. The higher levels show the relationships and dependencies between capability increments and provide the framework for the management of risk of unanticipated consequences. They provide the information needed to assess the overall impact of a proposed change. Bottom-up, there is feedback from the implementation of capability increments which influences the higher levels. The enterprise strategic architecture may evolve as a result of experience gained from the deployment of each and every capability increment.


Silver Peak SD-WAN adds service chaining, partners for cloud security


These partnership additions build on Silver Peak's recent update to incorporate a drag-and-drop interface for service chaining and enhanced segmentation capabilities. For example, Silver Peak said a typical process starts with customers defining templates for security policies that specify segments for users and applications. This segmentation can be created based on users, applications or WAN services -- all within Silver Peak SD-WAN's Unity Orchestrator. Once the template is complete, Silver Peak SD-WAN launches and applies the security policies for those segments. These policies can include configurations for traffic steering, so specific traffic automatically travels through certain security VNFs, for example. Additionally, Silver Peak said customers can create failover procedures and policies for user access. Enterprises are increasingly moving their workloads to public cloud and SaaS environments, such as Salesforce or Microsoft Office 365. Securing that traffic -- especially traffic that travels directly over broadband internet connections -- remains top of mind for IT teams, however.


Musk says Tesla data leaked by disgruntled employee

“Could just be a random event, but as Andy Grove said, ‘Only the paranoid survive,’” Musk wrote Monday, referring to the late chairman and CEO of Intel Corp. “Please be on the alert for anything that’s not in the best interests of our company.” Tesla can ill afford manufacturing setbacks now. It’s racing to meet a target to build 5,000 Model 3s a week by the end of this month, a goal Musk told shareholders on June 5 that the company was “quite likely” to achieve. The company’s forecasts for generating profit and cash in the third and fourth quarters of this year are based on this objective, and falling short would reignite concerns about whether the company may need to raise more capital. A Tesla spokeswoman confirmed the authenticity of the Monday email, which CNBC reported first. Smoldering in an air filter in the welding area of Tesla’s body line was extinguished in a matter of seconds, she said. Production has resumed and there were no injuries or significant equipment damage, she added.


Three-month-old Drupal vulnerability is being used to deploy cryptojacking malware

The researchers note that this particular attack uses interesting techniques, including hiding behind the Tor network to evade detection. The malware also checks to see whether a previous miner is running on the system before installing the payload via a series of shell scripts and executables. As well as hiding behind the Tor network, the attacker or attackers are also using a Virtual Private Network (VPN) in an effort to hide their tracks, but there is a linked IP address. Researchers say there have been hundreds of attempts to conduct attacks via this IP over the last month, although not all involve the Drupal vulnerability: some are related to the Heartbleed vulnerability. There's no indication as to the exact number of cryptojacking attacks that have been conducted using the Drupal vulnerability, but it serves to remind organisations that they should be patching vulnerabilities -- especially those deemed critical -- in order to protect against attacks. "Patching and updating the Drupal core fixes the vulnerability that this threat exploits. 


FBI warns of increasing ransomware, firmware attacks


Along with those newer types of attacks, the tried-and-true insider threat also isn’t going away soon, said Morrison, speaking at the Hewlett Packard Enterprise Discover conference in Las Vegas on Wednesday. The organizations taking advantage of those attacks are increasingly sophisticated and well-funded criminal groups. “We need to get off the mindset that criminals are living in their basement, that a cybercriminal is some kid that’s living in the basement of their mom’s house,” Morrison said. “These are fully functional, 24/7 data center operations, operating in countries where they have some kind of asylum, in many cases.” About 75 percent of the cyberattacks against companies in the United States come from organized crime groups, Morrison added. “Understand that’s the magnitude of what you’re facing,” he told the audience. In some cases, these criminal organizations also have ties to nation states. “We’re seeing this blending of nation state and criminal organizations,” Morrison said. After all, “why would a nation state take a chance of being exposed when they can just hire a criminal group?”


Early detection of compromised credentials can greatly reduce impact of attacks


There is a growing industry in the cybercrime ecosystem focused on obtaining valid login credentials using multiple mechanisms and tools. These tools nowadays can be cheaply acquired in the underground, darknet markets and forums. And you don’t have to be a highly seasoned cybercriminal to launch an attack. According to our credential detection data, since the start of 2018 up until the end of May, there has been a 39 percent increase in the number of compromised credentials that we have detected from Europe and Russia, compared to the same period in 2017. In fact, Blueliv’s observations conclude that Europe and Russia make up half of the world’s credential theft victims. We also found that when we remove Russia from the dataset, the growth figure for European theft victims jumps to 62 percent. These European growth figures tracked by us are surprisingly higher than North America’s, which recorded a decline by almost half in this period. We think that these cybercriminal success rates mean that the credential theft industry is growing in the European region, both in innovation and scope. We believe there are several reasons for this.


Blockchains on mobile, IoT devices: Can fog computing make it happen?

Blockchains on mobile, IoT devices: Can fog computing make it happen?
Edge computing is a way to bring the processing center closer to the source of data, or the “edge,” significantly cutting down costs and processing time by tapping on a network of computers who are offering their storage and processing power to the network’s clients in exchange for pay. Edge computing doesn’t necessarily need to be blockchain-based, but in several ways, the two technologies overlap. In essence, they’re like blockchain miners, except anyone can use their processing power for any process at any given time—it could be mining, scientific calculations, video streaming, or anything else. Unlike blockchains, edge computing services are not limited to a specific use case. The quickest differentiator I’ve seen between edge and fog is from Cisco: “Fog computing is a standard that defines how edge computing should work, and it facilitates the operation of compute, storage and networking services between end devices and cloud computing data centers. Additionally, many use fog as a jumping-off point for edge computing.” Fog computing is another emerging technology that can make blockchains even more powerful than they already are.


CISO careers: Several factors propel high turnover


A CISO's role today is primarily risk management, where they are more of an advisor and strategist, while being technologist behind the scenes. Establishing a security risk steering committee with other C-suite members is one of several effective ways to engage with business leaders. The old ways of instilling fear, uncertainty and doubt to drive support for additional budget and large projects are long gone. The CISO should be perceived as a business partner, adaptable to the business changes and threats, a team player, and have a continuous improvement mindset across people, process and sometimes technology needs. Additionally, the CISO should be focused on self-improvement -- a coach and/or mentor are essential to becoming a very effective senior leader. Athletes at the highest levels always have a coach, often many coaches, from experts in their sport to nutritionists that keep them as healthy as possible. Why shouldn't CISOs? The CISO has one of the most challenging roles and should have both a senior business leader and an industry peer as mentors and, if the organization supports it, an executive coach to improve their leadership and organizational influence skill set.


Quote for the day:


"It is easier to act yourself into a new way of thinking, than it is to think yourself into a new way of acting." -- A.J. Jacobs

Posted by at No comments:
Labels: , , , , , , , , , , , , , , , ,

Daily Tech Digest - June 22, 2018

Oracle now requires a subscription to use Java SE
Oracle has revamped its commercial support program for Java SE (Standard Edition), opting for a subscription model instead of one that has had businesses paying for a one-time perpetual license plus an annual support fee. The subscriptions will be available in July 2018. (Personal, noncommercial usage continues to be free and not require a subsctiptoion.) Called Java SE Subscription, the new program for mission-critical Java deployments provides commercial licensing, with features offered such as the Advanced Java Management Console. Also, Oracle Premier Support is included for current and previous Java SE releases. It is required for Java SE 8, and includes support for Java SE 7.  ... The price is $25 per month per processor for servers and cloud instances, with volume discounts available. For PCs, the price starts at $2.50 per month per user, again with volume discounts. One-, two-, and three-year subscriptions are available. Oracle has published the terms of its new Java SE Subscription plans. The previous pricing for the Java SE Advanced program cost $5,000 for a license for each server processor plus a $1,100 annual support fee per server processor, as well as $110 one-time license fee per named user and a $22 annual support fee per named user


Making intelligence intelligible with Dr. Rich Caruana

Sometimes, it’s just a black box because it’s protected by IP. So, many people will have heard of this model that is used for recidivism predictions. So, this model was created by a company, and the model is a pay-for-use model. And the model is just not something that’s known to us, because we’re not allowed to know. By law, it’s something the company owns, and the courts have, several times, upheld the right of the company to keep this model private. So maybe you’re a person who this model has just predicted you’re a high-risk of committing another crime and because of that, maybe you’re not going to get parole. And you might say, “Hey, I think I have a right to know why this model predicts that I’m high-risk.” And so far, the courts have upheld the right of the company that created the model to keep the model private and not to tell you in detail why you’re being predicted as high or low risk. Now, there are good reasons for this. You don’t necessarily want people to be able to game the model. And in other cases, you really want to protect the company who went to the expense and risk of generating this model. But that’s a very complex question.


A QA team finds continuous testing benefits worth the effort


Continuous integration was born around the idea that the earlier you find a bug, the cheaper it is to fix. But this priority could become problematic if there is not an easy, fast and reliable way to assess whether changes are ready to be integrated and then ready to go to production. When you adopt continuous testing as a key practice, your code must always be ready for integration, according to Isabel Vilacides, quality engineering manager at CloudBees. "Tests are run during development and on a pull request basis," she explained. "Once it's integrated, it's ready to be delivered to customers." Continuous testing doesn't stop at functional testing; it involves considering nonfunctional aspects, such as performance or security. The process aims to prevent bugs through code analysis, before risks become apparent in production. Continuous testing requires cohesive teams, where quality is everyone's responsibility, instead of separate teams for development, testing and release. The approach also makes automation a priority and shifts quality to the left, making it an earlier step in the pipeline. 


CISO soft skills in demand as position evolves into leadership role

In the old days, the CISO, I was told, was just an advisory position. Now, my roles, the roles I've held in the last seven years or so, are much more than advisory. Advisory is part of it for sure, but there's a lot more leadership involved. I see it becoming more and more a position reporting directly to the CEO, a truly C-level position. I see CISOs have vice presidents reporting to them going forward. And I think my job as being increasingly described as chief ethicist, asking: What's the right thing to do, and not just what's the most secure thing to do? What's the proper behavior? What do customers expect from us? If a compromise has to be made, what's the most ethical compromise to make? ... It's important for at least two different reasons. One, from a practical perspective, I've talked a lot about the skills gap. If we're blocking 50% of the planet from joining this career path, we're really contributing to our biggest challenge. Then the other part: Women across the globe are economically oppressed, and information security is a lucrative field. I want to get women into the information security field so they can be financially independent and make a good living.


It’s not easy to move from a private cloud to a hybrid cloud

It's not easy to move from a private cloud to a hybrid cloud
Sadly, the move from a private cloud to a public cloud is not easy, whether you go hybrid or all-public. The main reason is that there is no direct mapping from private cloud services, which are the basics (storage, compute, identity access management, and database) to public cloud services which have those basic services plus thousands of other higher-end services. Private clouds today are where public clouds were in 2010. Public clouds today are in 2018. You’re in essence migrating over a ten-year technology advance as you move your applications between private and public. Complexity also comes in when you’ve already coupled your applications to the services in the private cloud, which is typically going to be OpenStack. There are very few OpenStack deployments on public clouds, none of which are the Big Three providers (Amazon Web Services, Google Cloud Platform, and Microsoft Azure). That means you can’t do an A-to-A mapping of the cloud services from your private cloud to the public clouds. And that in turn means you need to remap these services to similar services on the public cloud.


The rise of active defense in cybersecurity strategies

As in any game against an adversary, you need both defensive and offensive strategies. An active defense adds the offense-driven actions so that organizations can proactively detect and derail would-be attackers before they have time to get comfortable within the network, stopping attacks early and gathering the threat intelligence required to understand the attack and prevent a similar recurrence. Sometimes active defense includes striking back at an attacker, but this is reserved for military and law enforcement that have the resources and authority to confirm attribution and take appropriate action. An active defense strategy changes the playbook for cybersecurity professionals by combining early detection, substantiated alerts and information sharing to improve incident response and fortify defenses. It is no longer “a nice to have,” but instead is becoming more widely accepted as a “must have” as prevention-only tactics are no longer enough. With well-orchestrated breaches continuously making headlines, an active defense strategy is becoming a priority. 


This new Windows malware wants to add your PC to a botnet - or worse

The malware comes equipped with three different layers of evasion techniques which have been described by the researchers at Deep Instinct who uncovered the malware as complex, rare and "never seen in the wild before". Dubbed Mylobot after a researcher's pet dog, the origins of the malware and its delivery method are currently unknown, but it appears to have a connection to Locky ransomware -- one of the most prolific forms of malware during last year. The sophisticated nature of the botnet suggests that those behind it aren't amateurs, with Mylobot incorporating various techniques to avoid detection. They include anti-sandboxing, anti-debugging, encrypted files and reflective EXE, which is the ability to execute EXE files directly from memory without having them on the disk. The technique is not common and was only uncovered in 2016, and makes the malware ever harder to detect and trace. On top of this, Mylobot incorporates a delaying mechanism which waits for two weeks before making contact with the attacker's command and control servers -- another means of avoiding detection.


Plan Now For Your Migration To Windoes Server 2019

Plan now for your migration to Windows Server 2019
Web applications running on IIS are easy to test because most code is just HTML, .Net or other Web app that runs on top of the IIS/Web platform. Setting up a Windows Server 2019 server with IIS and then uploading Web code to the server is a quick-and-easy way to confirm that the Web app works and can easily be the first 2019 server added to an environment. Fileservers are also good early targets for migrating old to new. Many times, fileservers have gigabytes or even terabytes of data to copy across, and fileservers are also the things that may not have been upgraded recently.  In early-adopter environments, many times the old fileservers are still running Windows Server 2008 (which goes end-of-life in the summer of 2019) and could use an upgrade. File migration tools like Robocopy or a drag-and-drop between Windows Explorer windows can retain tree and file structures as well as retain access permissions as content is copied between servers. Tip: After content is copied across, new servers can be renamed with the old server name, thus minimizing interruption of user access.


Strategies for Decomposing a System into Microservices

Sometimes you will find that they have different mental models for the same business concepts or use the same terms to describe different concepts and if so, it’s an indication that these concepts belong to different bounded contexts. From the beginning Khononov and his team used these discovered boundaries to define services, with each boundary becoming a service. He notes though that these services represent quite wide business areas, sometimes resulting in a bounded context covering multiple business subdomains. As their next step, they instead used these subdomains as boundaries and created one service for each business subdomain. In Khononov’s experience, having a one-to-one relationship between a subdomain and a service is a quite common approach in the DDD community, but they didn’t settle for this, instead they continued and strived for even smaller services. Looking deeper into the subdomains, they found business entities and processes and extracted these into their own services. From the beginning this final approach failed miserably, but Khononov points out that in later projects it has been more successful.


Why you should train your staff to think securely

Far too often, information security teams have only the broadest overview of the wider workings of their organisations. Other staff, meanwhile, tend to have little knowledge of or interest in information security practices, which they often believe have been designed to hinder their day-to-day work. However, when any employee with Internet access can jeopardise the entire organisation with a single mouse-click, it should be clear that the responsibility for information security lies with every member of staff and that security practices need to be embedded in the working practices of the whole business. Insider attacks are not limited to the malicious actions of rogue staff. The term also refers to the unwitting behaviour of improperly trained employees, or to the exploitation of inappropriately applied privileges and poor password practices by malicious outsiders. Staff need regular training on information security practices to ensure they’re aware of the risks they face on a daily basis. The vast majority of malware is spread by drive-by downloads and phishing campaigns, both of which exploit human error.


Quote for the day:


"Trust is one of the greatest gifts that can be given and we should take creat care not to abuse it." --Gordon Tredgold

Posted by at No comments:
Labels: , , , , , , , , , , , ,

Daily Tech Digest - June 21, 2018

AI is Powering the Growing Emotional Intelligence Business


Understanding emotions from text requires a lot of processing power. EMRAYS turned to GPUs from NVIDIA to power deep learning in order to rank, list and search web pages according to their emotional content. “We need that acceleration to keep up with the complexities of human emotion,” Tero stated. Mojeek users can now search the web and select results for emotions including love, laughter, surprise, anger or sadness. In order to focus on the reader’s emotional reaction, the EMRAYS’ search tool does not just count the number of positive or negative words in a text, or parse the tone of the writer. Instead, they listen to millions of reactions on social media each day. They use this data to train artificial neural networks. The networks learn to predict what kind of emotional reaction a piece of written content might prompt in a human reader. EMRAYS says it has analyzed over one billion emotional data points. In this way, social media platforms Facebook and Twitter produce a volume of information each day that provides EMRAYS with training data, to help improve the accuracy of its neural network.


jun18_13_950362488
RPA involves the codification of business rules, but in many cases, business rules haven’t been examined for many years and don’t make sense in the current environment. In addition, existing business rules are sometimes described as requiring judgment, but in actuality they can be turned into more-accurate and more-consistent algorithms for better, more-consistent decision making. At a leading global logistics company, for example, the business rules in a claims process suggested that decisions on tolerances for refunds required the judgment of a manager. But when interviewed, the manager was able to clearly articulate rules of thumb he followed, which could be defined as rules for the RPA process to follow. In many companies, the level of process knowledge and understanding is quite low. The company may have collections of standard operating procedures, but they are often poorly documented and out of date. Each employee typically follows their understanding of best practices. By working with high-performing employees to challenge and improve the process and embed this into RPA, we have seen not only significant improvements in the processes being automated but also reduced process problems across other parts of the business.


Is Blockchain a Universal Platform?


It would be completely ridiculous to suggest that the insurance industry is an emerging market – in fact, it is the largest market in the world with staggering 1.2 trillion dollars in revenue. Despite this position the market it is in, insurance is caught in a slog deeply rooted in traditional practices. Blockchain can be used to create sub-markets within the industry: Peer-to-peer insurance, which cuts out the middlemen and provides greater portions of premiums to the policy holder; Parametric insurance, which uses a smart contract to automatically pay twenty percent of any type of claim; and Microinsurance, which can be used for international donations which need to be monitored every step of the way from payment to reception. These minor markets provide competition within the industry that will boost consumer empowerment and overall growth. ... Blockchain improves HIPAA drastically by the exact same system that empowers the real estate market. Middlemen can gain access to the information through a blockchain ledger but cannot access the information in any way in order to alter it. That privilege is reserved only for the prescriber, the pharmacist, and you.


NHS trust dumps creaking EMC SAN for Nutanix hyper-converged


“We got to the point where we had to ask, ‘Do we throw loads of money into this and keep expanding it, buying shelves and drives?’ In the end we decided to see what was out there,” said Sawyer. His team considered a setup from NetApp in the traditional three-tier architecture. “They wanted to come along with a pre-configured cabinet, but we simply didn’t have space.” The trust eventually plumped for Nutanix hyper-converged infrastructure and now has 400 virtual machines running on 24 nodes. Did Sawyer have any worries about opting for what was a new alternative to traditional IT architectures? “Yes, we had concerns. It was something completely new but with some research we felt we knew where we were going,” he said. “The attraction was that we could easily add to it and not create bottlenecks. We had been able to add to the SAN but that created a bottleneck between servers and storage. We decided to take the risk and go down the hyper-converged route.” Key benefits of the Nutanix deployment for Sawyer have been space saved in the trust’s server rooms and lack of disruption during patching and upgrades.


Linux and open-source jobs are in more demand than ever

"Open source technology talent is in high demand, as Linux and other open source software dominates software development," said Linux Foundation's executive director, Jim Zemlin, in a statement. "I am encouraged that that companies are recognizing more and more each day that open-source technology is the way to advance their businesses. The Linux Foundation, our members, and the open source ecosystem are focused on ensuring training and certification opportunities are highly accessible to everyone who wants to seek them out." I see this myself. I go to almost a dozen technology trade shows a year. And, whether they're open-source based, Open Source Summit or not, or CES, one thing is always true in the past few years: Companies aren't just hungry, they're starving for open-source and Linux-savvy workers. At some shows, especially ones about cloud technologies, such as OpenStack Summit, where literally every company was looking for employees with open-source skills. This latest survey found that Linux skills are back on top as the most sought after skill, with 80 percent of hiring managers looking for tech professionals with Linux expertise.


AI in The Contact Centre: 5 Ways Bots Can Boost Business Performance

AI Bots Contact Centre
It’s hard to ignore the impact that artificial intelligence and other disruptive technologies are having on the contact centre. In the quest to support an ever-more-demanding customer base, today’s contact centres are being forced to embrace newer, more complex solutions for end-to-end client support. Already, AI has helped us to develop chatbots to supplement the omnichannelcontact centre experience and speech analytics that assist agents in understanding the sentiment behind conversations. While some brands remain concerned about the rise of artificial intelligence – fearing that bots will eventually mean the end of service agent jobs, most experts agree that the robot revolution might not be a bad thing. In fact, artificial intelligence could be just the thing that today’s contact centre needs to serve their unpredictable audience. ... Big data and AI go together perfectly. In a world where contact centres are gathering more useful customer information than ever before, AI tools give businesses a way to collect and transform that data into actionable insights for the call centre.


Can you teach an old app new tricks?

null
Refactoring and rewriting are the two main strategies used to migrate traditional applications to the cloud but there are other ways to modernise your apps without taking such a taxing route. Application modernisation must be approached holistically, beginning with the infrastructure, progressing to development processes, and then addressing application architecture. The fastest, most cost-effective path to application modernisation is an incremental approach that empowers teams to tackle seemingly insurmountable challenges one step at a time. Skytap Cloud is the only public cloud specifically designed to migrate and modernise traditional enterprise applications. Our Infrastructure, Process, Architecture (IPA) approach offers an incremental route to modernisation that is both realistic and achievable. By using the IPA approach to modernisation, teams are able to evolve at the pace and stage that’s right for their business.  Skytap Cloud provides the platform to support traditional applications at each stage of modernisation, from the adoption of cloud infrastructure, to the acceleration of application development and delivery, to incorporation of cloud-native and next-gen technologies.


How CDOs can manage algorithmic risks


The immediate fallout from algorithmic risks can include inappropriate or even illegal decisions. And due to the speed at which algorithms operate, the consequences can quickly get out of hand. The potential long-term implications for government agencies include reputational, operational, technological, policy, and legal risks. To effectively manage algorithmic risks, traditional risk management frameworks should be modernized. Government CDOs should develop and adopt new approaches that are built on strong foundations of enterprise risk management and aligned with leading practices and regulatory requirements. Figure 1 depicts such an approach and its specific elements. ... Create an algorithmic risk management strategy and governance structure to manage technical and cultural risks. This should include principles, ethics, policies, and standards; roles and responsibilities; control processes and procedures; and appropriate personnel selection and training. Providing transparency and processes to handle inquiries can also help organizations use algorithms responsibly. From a policy perspective, the idea that automated decisions should be “explainable” to those affected has recently gained prominence, although this is still a technically challenging proposition.


3 Ways IT Leaders Can Deliver Business Transformation

IT leaders must proactively reach out to each department to identify and support their technology needs to enable a better way to do their jobs—and improve the result for customers. There are next-gen options to improve efficiency such as internal collaboration and contact center tools like Spark and SMS text or online chat and WebEx to bridge the gap among global employees. ... Security touches every transaction of business operations, making it paramount that businesses — and IT — operate with a security-first mindset. IoT, mobile devices, and the proliferation of threats (ransomware, phishing, and bots) can be a perfect storm for a security disaster. IT leaders and designated security teams must build with privacy, defense of networks and operations, as well as with information governance in mind and consistently revisit operational policies and security technologies. ... Storing information and applications on the right type of cloud solution delivers improved user experiences, more secure information management practices and more agile backup/recovery capabilities. 


Can People Trust the Automated Decisions Made by Algorithms?


In technology design, there has been a big trend towards making systems “seamless”. In short, this means that people can focus on what they want to do, not how they want to do it, which is usually really great for individuals to help them achieve what they want. Smart homes are an example of this, although many are a bit too clunky to have totally earned that title. Yet with a range of algorithmic systems today, too much seamlessness means that individuals don’t get a chance to question whether this system works the way they want it to. Your smart home might be personalised, but you can’t see where, and to whom, it is sending the data. Your Facebook news feed might seem compelling, but you can’t see who is being excluded, and why. We could run courses about algorithms in society, but that’s unlikely to solve deeper problems. Technologies move fast. My young cousin told me the other day that at school, they’d been learning about cybersecurity. “They told us not to click on pop-ups” she said. “But how will I know what a pop-up looks like?”. ... So consequently, we need to imbue education into the products and services we use everyday.


Quote for the day:


“We are what we repeatedly do. Excellence, therefore, is not an act but a habit.” -- Aristotle

Posted by at No comments:
Labels: , , , , , , , , , , ,

Daily Tech Digest - June 20, 2018

Artificial Intelligence Has Companies’ Interest, But Not Their Cash


But while companies are interested in what A.I. can potentially do for them, many aren’t willing to invest massive amounts of money in the endeavor. Some 92 percent of respondents reported overall A.I. budgets of less than $5 million, with 52 percent paying less than $1 million. However, most plan to increase their A.I.-related spending over the next year. For companies pursuing an artificial intelligence strategy, Constellation recommends starting as early as possible, as building out platforms and training algorithms takes time. A company’s data scientists and executives must also start thinking about how to structure their existing databases for interaction with the eventual A.I. platform. ... If businesses are willing to spend more on A.I. initiatives in the short term, that means more jobs and projects to work on. Earlier this year, analyst firm McKinsey & Company published a report suggesting that fewer than 10,000 professionals actually have the necessary skills to tackle the biggest A.I. problems, which is a key reason why A.I.-related salaries have climbed into the stratosphere. That report also suggested that A.I.-enhanced industries constitute a multi-trillion-dollar market, placing a high ceiling on the demand for talent.



Istio and the Future of Service Meshes


A service mesh provides a transparent and language-independent way to flexibly and easily automate networking, security, and telemetry functions. In essence, it decouples development and operations for services. So if you are a developer, you can deploy new services as well as make changes to existing ones without worrying about how that will impact the operational properties of your distributed systems. Similarly, an operator can seamlessly modify operational controls across services without redeploying them or modifying their source code. This layer of infrastructure between services and their underlying network is what is usually referred to as a service mesh. Within Google, we use a distributed platform for building services, powered by proxies that can handle various internal and external protocols. These proxies are supported by a control plane that provides a layer of abstraction between developers and operators and lets us manage services across multiple languages and platforms. This architecture has been battle-tested to handle high scalability, low latency and provide rich features to every service running at Google.


No, Culture Does Not Eat Strategy for Breakfast

That much is true: Culture can definitely derail your success. But to imply that culture can eat strategy -- that culture is fundamentally a stronger driver of your success -- is where the metaphor starts to fail us. ... A cohesive culture cannot fix a bad strategy. The deeper truth here is that culture and strategy are really two sides of the same coin. A good friend of mine once said that culture does not eat strategy for breakfast but that strategy and culture need to go out to lunch. They both influence each other, so it is the extent of their alignment that is most important -- not the power one has over the other. Your culture should be intentionally shaped to make your chosen strategy more effective. That means, by the way, that if you make a major change to your strategy, you’ll also have to work to change your culture to match. It’s only when you see strategy and culture as separate that they start to eat each other. Consider the legendary focus on customer service within the culture at Zappos. They have every employee (regardless of the job function) go through customer service training and spend time answering customer calls on the phone. It’s that important to their culture. But what most people don’t mention is that this focus on customer service was a strategic choice.


When it Comes to Digital Transformation, Complacency Is Not an Option

light show
Digital transformation encompasses numerous business considerations, including cost, learning curve, migration strategy and a host of technical concerns. And while it brings with it the possibility of an incredibly positive change for the business, there’s the human element to consider as well. The reality is that people don’t like change. They have a comfort zone, and being forced to leave that zone can lead to a great deal of resistance. Having senior management stand firmly behind the introduction of new systems and new technologies from the outset can go a long way towards alleviating those fears. Buy-in from the senior team sends a message that the new technology is a strategic move wanted by and desired by the business. It also helps to have management articulate the many advantages of embracing new technology … rather than facing the risk of the business being overtaken by competitors. ... Regardless of how smoothly your digital systems are operating today, keep your eye on the horizon. Stay informed. Chat regularly with your customers and vendors. Read what both analysts and editors have to say. Have a discussion with a solution partner that’s closer to the technology than you are.


Microsoft to tighten screws on traditional Office, Gartner predicts

Gartner's prediction, if accurate, would expand a policy that Microsoft put in place more than a year ago. Under rules announced in April 2017, owners of perpetual-license versions of Office - those that, once purchased, let customers run the software as long as they want - can connect to Microsoft's cloud-based services only during the first half of their 10-year support lifecycle. Those services include Microsoft-hosted Exchange email, the OneDrive for Business storage service and Skype for Business. The new policy will be enforced starting Oct. 13, 2020, Microsoft said. By that date, Office 2010, Office 2013 and the current suite, Office 2016, will have dropped out of mainstream support, the label for Office's first five years. (Office 2016's mainstream support will expire on that date.) Office 2019, which is slated for release this fall, will reach the end of mainstream support sometime in late 2023. But Gartner believes that Microsoft will change the rules before then for that edition, telling customers that they must subscribe to Office 365 - and thus have Office 365 ProPlus - to use any cloud services.


Why blockchain won't transform IoT security

istock-904483728.jpg
When determining whether or not to work with blockchain, IoT developers must ask themselves one of the most basic computer science questions, Corman said: "Can I already do this with a distributed database?" Often, the answer is yes, he added. "It's not new technology," Lord said. "Most of what we talk about with blockchain is a better set of patterns for dealing with decentralized or distributed problems. It's not going to change how we deal with things in IoT." One way that blockchain could be useful is in distributing a policy change across different devices. However, anyone advertising blockchain as a security feature in an IoT device should at this point be met with skepticism, Lord said. IoT manufacturers also want to bring scale to their devices, said Rob Black, founder and managing principal of Fractional CISO. "When you think about blockchain, it's anything but scale—you're bringing along a huge ledger of transactions," Black said. "Compatibility with blockchain and IoT in today's environment is almost nonexistent."


Why digital transformation spending will reach $1.1 trillion – and what happens from here


Driven in part by investments from the manufacturing industries, smart manufacturing ($161 billion) and digital supply chain optimization ($101 billion) are the DX strategic priorities that will see the most spending in 2018. Other strategic priorities that will receive significant funding this year include digital grid, omni-experience engagement, omnichannel commerce, and innovation acceleration. The strategic priorities that are forecast to see the fastest spending growth over the 2016-2021 forecast period are omni-experience engagement (38.1 percent compound annual growth rate (CAGR)), financial and clinical risk management (31.8 percent CAGR), and smart construction (25.4 percent CAGR). "Some of the strategic priority areas with lower levels of spending this year include building cognitive capabilities, data-driven services and benefits, operationalizing data and information, and digital trust and stewardship," said Craig Simpson, research manager at IDC. To achieve its DX strategic priorities, every business will develop programs that represent a long-term plan of action toward these goals.


Chief data officers go to summer school


Carruthers said she considers herself “extremely fortunate to be part of a first generation of chief data officers – a role that requires a passion for creative thinking and a love of technology to develop pragmatic solutions for interesting challenges”. “Our CDO summer school combines these key elements, bringing together a community of like-minded CDOs for the first time to create an engaging learning environment for an exciting new generation of data leaders,” she said. Speaking to Computer Weekly, Southern Water’s Jackson stressed the importance of the community-building element of the course among a group of C-level leaders of recent vintage. “At present, there are [only] a few hundred data leaders, at that level, in UK organisations. And there is no well-trodden career path,” he said. The topic of data, and how trusted it can be, is an increasingly common one at boardroom level, and so someone needs to “own” that element of business decision-making, said Jackson. “And there is a real shortage of people, at that senior level, who combine business acumen with technical expertise. There is no university pumping out CDOs,” he added.


What is NVMe, and how is it changing enterprise storage

ssd
There are extremely latency-sensitive workloads that will benefit immediately from NVMe’s performance boost, such as real-time big-data analytics or high-performance database environments. Real-time analysis and response are becoming a necessity for businesses, and IDC predicts that between 60% and 70% of Fortune 2000 companies will have at least one mission-critical workload that leverages real-time big data analytics by 2020. “When an enterprise has a workload that, if it runs faster, drives a bottom-line business benefit such as more commissions, higher revenues, better customer service – those are the workloads that might drive a customer to say, ‘I’ve got to have NVMe today,’” Bergener says. The first storage platforms that leveraged NVMe instead of SCSI technology began to ship in 2016 and 2017 from startups including Apeiron Data Systems, E8 Storage, Excelero, Micron and Pavilion Data Systems. These systems are mainly targeted for specialized workloads with extremely latency-sensitive workloads, such as trading analysis.


Ransomware is taking a toll on banks. Here’s how they’re fighting back

Phishing campaigns still work best for delivering malware, Verizon report finds
To shore up its data protection, Glazebrook said the 101-year-old Adams Bank invested in technology and partnered with the IT resiliency firm Zerto. It recently installed a platform that immediately alerts the bank’s IT team if ransomware infects the system and can rewind to the minute it hit to fully recover the data in about an hour. (Glazebrook describes it as TiVo for ransomware.) The new system also allows for near-instant replication of data files, and IT staff can also remotely perform checks on system status. Of course, no matter what technology a bank implements, none can ever be truly safe from cyberattacks like ransomware, as security professionals and cybercriminals continually engage in a cat-and-mouse game, said Michael Hathaway, co-founder of Windmill Enterprise, which operates a blockchain security network called Cognida. “Unfortunately, there are no easy answers,” he said. One the one hand, many banks prefer to “keep all their data secure physically and in a single place, and then that can become point of attack,” he said. Having everything in one place “gives a sense of security but provides a place where hackers can try and continually get access to.”


Quote for the day:


"A leader does not deserve the name unless he is willing occasionally to stand alone." -- Henry A. Kissinger

Posted by at No comments:
Labels: , , , , , , , , , , , , , ,
Subscribe to: Posts (Atom)