November 11, 2020

The Role of Relays In Big Data Integration

The very nature of big data integration requires an organization to become more flexible in some ways; particularly when gathering input and metrics from such varied sources as mobile apps, browser heuristics, A / V input, software logs, and more. The number of different methodologies, protocols, and formats that your organization needs to ingest while complying with both internal and government-mandated standards can be staggering. ... What if, instead of just allowing all of that data to flow in from dozens of information silos, you introduced a set of intelligent buffers? Imagine that each of these buffers was purpose-built for the kind of input that you needed to receive at any given time: Shell scripts, REST APIs, federated DB’s, hashed log files, and the like. Let’s call these intelligent buffers what they really are: Relays. They ingest SSL encrypted data, send out additional queries as needed, and provide fault-tolerant data access according to ACL’s specific to the team and server-side apps managing that dataset. If you were to set up such a distributed relay architecture to deal with your big data integration chain, it might look something like this

Malware Hidden in Encrypted Traffic Surges Amid Pandemic

Ransomware attacks delivered via SSL/TLS channels soared 500% between March and September, with a plurality of the attacks (40.5%) targeted at telecommunication and technology companies. Healthcare organizations were targeted more so than entities in other verticals and accounted for 1.6 billion, or over 25%, of all SSL-based attacks Zscaler blocked this year. Finance and insurance companies clocked in next with 1.2 billion or 18% of attacks blocked, and manufacturing organizations were the third-most targeted, with some 1.1 billion attacks directed against them. Deepen Desai, CISO and vice president of security research at Zscaler, says the trend shows why security groups need to be wary about encrypted traffic traversing their networks. While many organizations routinely encrypt traffic as part of their security best practices, fewer are inspecting it for threats, he says. "Most people assume that encrypted traffic means safe traffic, but that is unfortunately not the case," Desai says. "That false sense of security can create risk when organizations allow encrypted traffic to go uninspected."

Shadow IT: The Risks and Benefits That Come With It

Covid-19-induced acceleration of remote work has led to employees being somewhat lax about cybersecurity. Shadow IT might make business operations easier – and many companies certainly have been needing that in the last few months – but from the cybersecurity point of view, it also brings about more risks. If your IT team doesn’t know about an app or a cloud system that you’re using in your work, they can’t be responsible for any consequences of such usage. This includes those impacting the infrastructure of the entire organization. The responsibility falls on you to ensure the security of your company’s data whilst using the shadow IT app. Otherwise, your entire organization is at risk. It’s also easy to lose your data if your Shadow IT systems don’t back stuff up. If they’re your only method of storage and something goes wrong, you could potentially lose all your valuable data. If you work in government, healthcare, banking, or another heavily regulated center, chances are that you have local normative acts regulating your IT usage. It’s likely that your internal systems wouldn’t even allow you to access certain websites or apps. 

Refactoring Java, Part 2: Stabilizing your legacy code and technical debt

Technical debt is code with problems that can be improved with refactoring. The technical debt metaphor is that it’s like monetary debt. When you borrow money to purchase something, you must pay back more money than you borrowed; that is, you pay back the original sum and interest. When someone writes low-quality code or writes code without first writing automated tests, the organization incurs technical debt, and someone has to pay interest, at some point, for the debt that’s due. The organization’s interest payments aren’t necessarily in money. The biggest cost is the loss of technical agility, since you can’t update or otherwise change the behavior of the software as quickly as needed. And less technical agility means the organization has less business agility: The organization can’t meet stakeholders’ needs at the desired speed. Therefore, the goal is to refactor debt-ridden code. You’re taking the time to fix the code to improve technical and business agility. Now let’s start playing with the Gilded Rose kata’s code and see how to stabilize the code, while preparing to add functionality quickly in an agile way. One huge main problem with legacy code is that someone else wrote it. 

Interactive Imaging Technologies in the Wolfram Mathematica

A lot of mathematical problems that can be solved using computer algebra systems are constantly expanding. Considerable efforts of researchers are directed to the development of algorithms for calculating topological invariants of manifolds, knots, calculating topological invariants of manifolds of knots of algebraic curves, cohomology of various mathematical objects, arithmetic invariants of rings of integer elements in fields of algebraic numbers. Another example of modern research is quantum algorithms, which sometimes have polynomial complexity, while existing classical algorithms have exponential complexity. Computer algebra is represented by theory, technology, software. The applied results include the developed algorithms and software for solving problems using a computer, in which the initial data and results are in the form of mathematical expressions, formulas. The main product of computer algebra has become computer algebra software systems. There are a lot of systems in this category, many publications are devoted to them, systematic updates are published with the presentation of the capabilities of new versions.

EU to introduce data-sharing measures with US in weeks

Companies will be able to use the assessment to decide whether they want to use a data transfer mechanism, and whether they need to introduce additional safeguards, such as encryption, to mitigate any data protection risks, said Gencarelli. The EC is expected to offer companies “non-exhaustive” and “non-prescriptive” guidance on the factors they should take into account. This includes the security of computer systems used, whether data is encrypted and how organisations will respond to requests from the US or other government law enforcement agencies for access to personal data on EU citizens. Gencarelli said relevant questions would include: What do you do as a company when you receive an access request? How do you review it? When do you challenge it – if, of course, you have grounds to challenge it? Companies may also need to assess whether they can use data minimisation principles to ensure that any data on EU citizens they hand over in response to a legitimate request by a government is compliant with EU privacy principles. The guidelines, which will be open for public consultation, will draw on the experience of companies that have developed best practices for SCCs and of civil society organisations.

Read more here ...