Today's Tech Digest - Mar 15, 2019

Your digital ecosystem is under performing but no one can figure out why

Senior IT professionals have to focus on the human experience to fully understand the intricacies of a sophisticated digital ecosystem and how it affects user experience both inside and outside the enterprise. Otherwise it’s just guesswork and looking for a needle in a haystack. But guesswork is time consuming and resource intensive and can significantly jeopardise business success or even a company’s survival. As a result IT departments are under huge pressure to understand, find and solve the issues in the shortest time possible. To do this IT professionals need to take a different approach and use an analytics solution that doesn’t focus on engineering parameters but on how real users interact with the digital services. CIOs can now use smart analytics tools that cut through the complexity of the digital ecosystem and are able to analyse the system through the human experience lens. Only in this way can they uncover why the company’s digital infrastructure is under performing and correlate it with the effect on user experience.

How to implement a winning interoperability testing strategy

Interoperability testing verifies that components within the application, server and database work together and deliver the expected results. It's not sufficient to only test components or applications; you must test all the components with which they interact. A development team could create mock systems that simulate interoperability testing for a solid first step. But simulations don't replace interoperability tests, which cover as many possible connection points and functions as possible for all partners. Interoperability testing is challenging, which is why software development teams attempt to get around it. For example, in a partnership, one development team from Company A won't have its code ready until right before the expected release date, while Company B wants to thoroughly test their interoperable code before release. So, Company B's developers create mock code that simulates the existence of Company A's expected code. That simulation, while imperfect, helps both teams avoid logistical challenges.

Securing the mobile enterprise means thinking outside the VPN box

Not long ago it was sufficient to meet corporate security and external audit requirements by implementing a VPN constructed with firewalls and network access control (NAC) protocols, which secured access to network nodes when devices attempted to access them. But in today's world, users increasingly sign in to applications and off-premise clouds and cloud-based systems directly. They don't necessarily go through a VPN tied to an internal network-resident IT to gain access. This creates many more points of access to enterprise IT resources that might be in-house or off premises. ... The message is clear for IT network managers: New ways of creating secure perimeters around corporate IT resources must be found and establishing perimeters must go beyond what was historically defined as a physical network. "Business leaders face a digital imperative to boost user productivity, while also mitigating the risk of data breaches that are growing in size and frequency," said Sudhakar Ramakrishna, CEO of Pulse Secure, which provides software-defined secure access.

Two-thirds of all Android antivirus apps are frauds

The AV-Comparatives team said that out of the 250 apps they've tested, only 80 detected more than 30 percent of the malware they threw at each app during individual tests. The tests weren't even that complicated. Researchers installed each antivirus app on a separate device (no emulator involved) and automated the device to open a browser, download a malicious app, and then install it. They did this 2,000 times for each app, having the test device download 2,000 of the most common Android malware strains found in the wild last year --meaning that all antivirus apps should have already indexed these strains a long time ago. ... However, results didn't reflect this basic assumption. AV-Comparatives staffers said that many antivirus apps didn't actually scan the apps the user was downloading or installing, but merely used a whitelist/blacklist approach, and merely looked at the package names Essentially, some antivirus apps would mark any app installed on a user's phone as malicious, by default, if the app's package name wasn't included in its whitelist.

How did Facebook go down despite multiple data centers?

Facebook said it wasn’t an attack, like a Denial of Service attack, and has since issued a statement attributing it to a configuration error. “Yesterday, we made a server configuration change that triggered a cascading series of issues. As a result, many people had difficulty accessing our apps and services," said Travis Reed, a Facebook spokesman. "We have resolved the issues, and our systems have been recovering over the last few hours. We are very sorry for the inconvenience and we appreciate everyone’s patience,” The question for me is how could a company with redundant data centers around the U.S., not to mention internationally, be taken down like this? All told it has seven data centers in the U.S. Redundancy is supposed to help prevent this kind of problem. Well, not exactly. In the case of a bug or operating problem, redundancy doesn’t help. In fact, it can spread the problem quickly, notes analyst Rob Enderle. “Redundancy can help with certain things like a complete system failure, but it doesn’t help with a virus or software bug because it can replicate it, so redundancy can’t help here,” he said.

Read more here ...