April 02, 2022

PaaS is back: Why enterprises keep trying to resurrect self-service developer platforms

As ever in enterprise IT, it’s a question of control. Or, really, it’s an attempt by organizations to find the right balance between development and operations, between autonomy and governance. No two enterprises will land exactly the same on this freedom continuum, which is arguably why we see every enterprise determined to build its own PaaS/cloud. Hearkening back to Coté’s comment, however, the costs associated with being a snowflake can be high. One solution is simply to enable developer freedom … up to a point. As Leong stressed: “I talk to far too many IT leaders who say, ‘We can’t give developers cloud self-service because we’re not ready for You build it, you run it!’ whereupon I need to gently but firmly remind them that it’s perfectly okay to allow your developers full self-service access to development and testing environments, and the ability to build infrastructure as code (IaC) templates for production, without making them fully responsible for production.” In other words, maybe enterprises needn’t give their developers the keys to the kingdom; the garage will do.

Why EA As A Subject Is A "Must Have" Now Than Ever Before?

Enterprise architecture as a subject and knowledge of reference architecture like IT4ITTM would help EA aspirants appreciate tools for managing a digital enterprise. As students, we know that various organizations are undergoing digital transformation. But hardly do we understand where to start the journey or how to go about the digital transformation if we are left on our own. Knowledge of the TOGAF? Architecture Development Method (ADM) would be a fantastic starting point to answer the abovementioned question. The as-is assessment followed by to-be assessment (or vice versa depending on context) across business, data, application and technology could be a practical starting point. The phase “Opportunities and Solutions” would help get a roadmap of several initiatives an enterprise can choose for its digital transformation. Enterprise Architecture as a subject in b-school would cut across various subjects and help students with a holistic view.

5 steps to minimum viable enterprise architecture

At Carrier Global Corp., CIO Joe Schulz measures EA success by business metrics such as how employee productivity is affected by application quality or service outages. “We don’t look at enterprise architecture as a single group of people who are the gatekeepers, who are more theoretical in nature about how something should work,” says Schulz. He uses reports and insights generated by EA tool LeanIX to describe the interconnectivity of the ecosystem as well the systems capabilities across the portfolio to identify redundancies or gaps. This allows the global provider of intelligent building and cold chain solutions to “democratize a lot of the decision-making…(to) bring all the best thinking and investment capacity across our organization to bear.” George Tsounis, chief technology officer at bankruptcy technology and services firm Stretto, recommends using EA to “establish trust and transparency” by informing business leaders about current IT spending and areas where platforms are not aligned to the business strategy. That makes future EA-related conversations “much easier than if the enterprise architect is working in a silo and hasn’t got that relationship,” he says.

3 strategies to launch an effective data governance plan

Develop a detailed lifecycle for access that covers employees, guests, and vendors. Don’t delegate permission setting to an onboarding manager as they may over-permission or under-permission the role. Another risk with handling identity governance only at onboarding is that this doesn’t address changes in access necessary as employees change roles or leave the company. Instead, leaders of every part of the organization should determine in advance what access each position needs to do their jobs—no more, no less. Then, your IT and security partner can create role-based access controls for each of these positions. Finally, the compliance team owns the monitoring and reporting to ensure these controls are implemented and followed. When deciding what data people need to access, consider both what they’ll need to do with the data and what level of access they need to do their jobs. For example, a salesperson will need full access to the customer database, but may need only read access to the sales forecast, and may not need any access to the accounts payable app.

The Profound Impact of Productivity on Your Soul

Finishing what you set out to do feels great. Have you ever had a rush of satisfaction after checking off that last item on your to-do list? Feeling satisfied and fulfilled about what you are doing is the essence of great productivity. Of course, it means you are getting stuff done, but you are also getting stuff that is actually important and meaningful. ... When we “do,” we share a piece of ourselves with the world. Our work can speak volumes about ourselves. Every time we decide to be productive and take action to complete something, we are embracing our identity and who we are. Being able to choose our efforts and be who we want to be is a rewarding feeling. However, it is also essential to ensure you are doing it for yourself and are not trying to meet someone else’s expectations of you. For example, some younger kids will play sports that they hate to ensure the happiness of their parents. The kids are doing it for their parents, rather than themselves. What happens when you don’t do it for yourself is twofold; First, you become dependent on someone else’s validation.?

Apple and Meta shared data with hackers pretending to be law enforcement officials

Apple and Meta handed over user data to hackers who faked emergency data request orders typically sent by law enforcement, according to a report by Bloomberg. The slip-up happened in mid-2021, with both companies falling for the phony requests and providing information about users’ IP addresses, phone numbers, and home addresses. Law enforcement officials often request data from social platforms in connection with criminal investigations, allowing them to obtain information about the owner of a specific online account. While these requests require a subpoena or search warrant signed by a judge, emergency data requests don’t — and are intended for cases that involve life-threatening situations. Fake emergency data requests are becoming increasingly common, as explained in a recent report from Krebs on Security. During an attack, hackers must first gain access to a police department’s email systems. The hackers can then forge an emergency data request that describes the potential danger of not having the requested data sent over right away, all while assuming the identity of a law enforcement official.?

Read more here ...