Tuesday, April 21, 2020

Business Intelligence


Business intelligence (BI) is essential for business growth and competitive advantage, yet reaping benefits from BI requires more than implementing the technology that enables it. In fact, deploying the technology is the easiest part of any BI initiative, according to many analysts. Getting the personnel and processes portions right are much more challenging. As such, organizations must addresses personnel and processes as key facets of their BI strategy if they want to be successful. Moreover, BI strategies should be broken down even further to address ownership and continual improvement as well.

Having access to the right management information alone isn’t enough – you also need to use the right BI tools. In the information age, soloprenuers are required to organise, capture data and information from internal and external sources. A top-level BI person will typically be responsible for setting the tone on information gathering in a corperate environment. This information will then be disseminated to parties responsible for using it to benefit the organisation. In most organizations, tasks and activities relate to individual projects. This helps provide a focused approach when working in these environments. The BI person will often work with the company’s computer system and software in order to maximize information gathered by the company. This system is a primary tool for collecting data, creating performance metrics, presenting information for short- and long-term projects and other tasks under that intelligence person.

Word of advice: Organizations that place BI in the hands of business users have greater success rates than those who confine BI within IT. In a corpaerate environment, This may mean embedding BI within lines of business or having BI operations report to the chief digital officer or chief customer officer. Although the complexities of early BI technologies put IT in charge of many BI programs, today’s tools are more intuitive, allowing solopreneurs to go straight into the hands of business users who can run the queries that matter to them. Similarly, the speed at which users need access to data and insights derived from BI has increased dramatically in recent years. Today’s business users often need actionable information in real time and cannot wait for IT to generate reports. As such, IT ownership can be an impediment, rather than enabler, of BI success.

Although the business should own BI initiatives, IT must remain an active partner in monitoring and evaluating use of BI systems. Rather than putting up roadblocks, monitor what they’re doing, what data sources they’re accessing, what tools they are using and how they are using them. Solopreneurs running smaller organisations do not often have the resources or personnel for BI management. However, these solopreneurs can hire an external management consultant who can provide these services. Even businesses who do not have personnel with a background in intelligence management can also hire an outside consultant. These consultants can also train the company’s personnel on how to gather and disseminate information. Having business intelligence and information gathering assures the organisation that little to no important facts or data go unnoticed. This can result in a significant change to the organizational structure or corporate culture.


Saturday, March 21, 2020

Change Management Process


As workers look for better work-life balance and employers need to find talent to fill vital roles, telecommuting can accomplish both goals. More people are looking for the option of remote work when looking for a new job. Companies need developers, security experts, and devops professionals to lead digital transformation work and secure the enterprise. IT Change Management is the process of requesting, analyzing, approving, developing, implementing, and reviewing a planned or unplanned change within the IT infrastructure. The Change Management Process begins with the creation of a Change Request within the company’s selected technology platform. It ends with the satisfactory implementation of the change and the communication of the result of that change to all interested parties. Several studies show that the trend toward telecommuting is not going away. Even if telework is not the norm for your company, it can be an important tool to use during a regional or national crisis. Most companies can best navigate telecommuting jobs by setting clear expectations, roles, and responsibilities and using collaborative platforms. Telecommuting is becoming more of a business strategy than a perk for small companies looking to find the right people. To achieve this, the change management process includes the following primary steps (note that all information collected in the steps below is documented in a Change Record created in the company’s selected technology platform):

• Formally Request a Change. All requests for change will be documented within the company’s selected technology platform by creating a new change record. The completion of a new request for change will be completed by the Change Coordinator with input from the Change Requester. • Categorize and Prioritize the Change. The Change Coordinator will assess the urgency and the impact of the change on the infrastructure, end user productivity, and budget.

• Analyze and Justify the Change. The Change Coordinator works with the change requester and the change initiator to develop specific justification for the change and to identify how the change may impact the infrastructure, business operations, and budget. The Change Coordinators use this information to further research and develop an extensive risk and impact analysis. When completing the analysis of the change, the Change Coordinator must ensure they consider the business as well as the technical impacts and risks.

• Approve and Schedule the Change. The Change Coordinator uses the company’s selected technology platform to record an efficient process for routing the Request for Change (RFC) to the Change Coordinator, technical approvers, business approvers and, in the event of a major or significant change, to the Change Advisory Board (CAB) for approval or rejection of the change. • Plan and Complete the Implementation of the Change. This process includes developing the technical requirements, reviewing the specific implementation steps and then completing the change in a manner that will minimize impact on the infrastructure and end users.

• Post-Implementation Review. A post-implementation review is conducted to ensure whether the change has achieved the desired goals. Post-implementation actions include deciding to accept, modify or back-out the change; contacting the end user to validate success; and finalizing the change documentation within the company’s selected technology platform.

Our observation of clients and case studies found that telecommuting two or three days a week seems to create the right balance between working at home and working at the office. These industries have the highest percentages of people who telecommute: Healthcare at 15%, Technology at 10%, and Financial Services at 9%, relative to their share of the total workforce.

Monday, March 16, 2020

Information Security Management


In an age of increasing data usage and the risk of information security breaches and cyber-attacks, the benefits of an information security management system (ISMS) are clear. Not only can it help to minimize the chance of such breaches occurring, it can reduce the costs associated with keeping information safe. ISO/IEC 27001 is widely known, providing requirements for an ISMS, though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties. An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. It can help small, medium and large businesses in any sector keep information assets secure. Like other ISO management system standards, certification to ISO/IEC 27001 is possible but not obligatory. Some organizations choose to implement the standard in order to benefit from the best practice it contains while others decide they also want to get certified to reassure customers and clients that its recommendations have been followed. ISO does not perform certification.

The attraction of cybercrime to criminal hackers is obvious: tangled webs of interactions, relatively low penalties, disjointed approaches on money laundering and potentially massive payouts. The key is preparation and seeing vulnerabilities, and resilience, in terms of interactions with overall management systems, and that’s where information security management systems (ISMS) standard ISO/IEC 27001 comes in. We now know it’s true that risks that threaten information, business processes, applications and services are continually evolving. ISO/IEC 27001 is a continual improvement standard, which means the built-in risk management process allows businesses to keep up to date in their fight against cybercrime. the continual improvement aspect of ISO/IEC 27001 means that an organization can assess its risks, implement controls to mitigate these, and then monitor and review its risks and controls, improving its protection as necessary. In that way, it’s always on the ready and prepared for attacks:

Software attacks, theft of intellectual property or sabotage are just some of the many information security risks that organizations face. And the consequences can be huge. Most organizations have controls in place to protect them, but how can we ensure those controls are enough? The international reference guidelines for assessing information security controls have just been updated to help. For any organization, information is one of its most valuable assets and data breaches can cost heavily in terms of lost business and cleaning up the damage. Thus, controls in place need to be rigorous enough to protect it, and monitored regularly to keep up with changing risks. The technical specification (TS) has recently been updated to align with new editions of other complementary standards on information security management, namely ISO/IEC 27000 (overview and vocabulary), ISO/IEC 27001 (requirements) and ISO/IEC 27002 (code of practice for information security controls), all of which are referenced within. In a world where cyber-attacks are not only more frequent but increasingly harder to detect and prevent, assessing and reviewing the security controls in place needs to be undertaken on a regular basis and be an essential aspect of the organization’s business processes. ISO/IEC TS 27008 can help give organizations confidence that their controls are effective, adequate and appropriate to mitigate the information risks the organization faces.

At the business level, it remains a formidable task to model and mitigate threats from all conceivable angles. There’s a clear need to use a unified, integrated security system across the whole business and, given the complexity of interrelationships. ISMS are applicable to all types of organization and all types of business activities, including those of SMEs. Many SMEs are part of supply chains, so it’s essential that they are in control of, and manage, their information security and cyber-risks in order to protect themselves and others. A business’s obligations are typically defined in service-level agreements (SLA), contracts between partners of the supply chain that detail service obligations and requirements and establish legal liabilities, and that ISMS often form an integral part of such agreements. There are challenges attached to online business for SMEs, but they are far outweighed by the enormous potential that has been opened up by the Internet. It could be argued that it is smaller businesses that have been the most enabled by technology. Anybody – who has a design; who has a computer; who can get on the Web; has access to a platform – can become a part of international trade. The upsides for social and economic development are enormous: the Internet brings global reach to growing numbers of previously isolated individuals and communities. However, a proven and prudent approach such as ISMS is needed to mitigate the downsides.

Our private lives may be less complex than global business, but just as much is at stake. For many of us, simply following best practices for passwords and security updates (and bearing in mind that if it smells fishy, or looks too good to be true, then it almost certainly is) should help keep us safe from cybercriminals, much of the time. But people are increasingly asking questions about the way that institutions and companies store, analyse and monetize the vast amounts of data that we hand over more or less voluntarily. When privacy, finances, individual or corporate reputation are threatened, it undermines confidence and impacts our behaviour, both online and in real life. The role of the ISO/IEC 27000 family in allowing us to continue to advance is paramount. With many reasons to feel anxious as almost every aspect of our lives becomes digitized, it’s reassuring to know that there’s a family of standards to count on for information security management systems, and MEP Digital Systems is working with a global group of experts to keep clients one step ahead.

Business Continuity Planning: Remote Work


The coronavirus (or Covid-19) is taking a more serious turn in the South Africa with warnings that it could very well impact how, when, and where we work: That's a lot of disruption for the technology industry and for most industries, especially since the virus has not spread very far in the country yet. The global spread of the virus may be a moment that reveals whether employers are ready to respond rapidly to unexpected workplace changes. Business travel will decrease or come to a full stop. More employees may need to work outside of local “business hours” and use video conferencing to operate across time zones. And, if it gets bad enough, many could indeed be asked, or request, to work remotely. Thanks to digital transformation and cloud computing, you probably already have migrated a lot of work to the cloud. You may also have collaboration tools in place such as chat software and video conferencing. If you haven't prepared at all for such an event, it's a good idea to start with a team of maybe eight employees and tell them all to work from home. That team works from home for one day with each person doing their normal work. They should be able to interact with co-workers, clients, and partners as weel as use all the systems the company has set up. Perform regular assessments. How did it go? Were there any hiccups? That's where you need to direct your attention. Troubleshoot the problems and then roll out the solutions to the team. It's only through practice that you will turn this new way of working into muscle memory, making it as natural as working at your desk at the office. You need to plan as if the only way to remain operational will be for as many employees as possible to work remotely. Gather a cross-functional team together that includes business-line leaders, IT, HR, communications, and facilities to start to plan for different scenarios and optimize execution, should circumstances require a rapid response. Note which roles and duties: 1) Can be done, even partially, without a physical presence in the workplace, 2) Cannot be done, even somewhat, outside of the physical office, and 3) Not sure.

You will need to challenge any potentially inaccurate default assumptions about specific jobs you may have thought couldn’t be done remotely. And for those in the “not sure” column, be willing to experiment. For example, for years, We’ve been told, “Helpdesk analysts can’t work flexibly.” And, for years, We have worked with teams of systems administrators to prove that is not true. Yes, certain tasks they complete require physical presence, but those can be planned for. The majority of their tasks can happen effectively outside of the traditional model of work and benefit the business. If you'll be using your mobile phone and video conferencing, you will also want to make sure you have a headset and maybe an external webcam, We also recommend that you test your vitual private network (VPN) before you leave the office. To do that, first disconnect from that office network, then turn on your mobile phone's WiFi hotspot, and connect to the corporate network that way. Make sure you can connect via VPN or gain entrance through whatever security measures your enterprise has in place. You also need to assess the comfort level with specific applications, such as video conferencing and other collaboration/communication platforms. Where you find gaps, provide training and opportunities for practice before people need to use them. Real-time mastery is not optimal and is inefficient. Identify devices owned by the organization that people could use and clarify acceptable “bring your own device” (BYOD), be it phone and laptop options. Determine if there are any data-security issues to consider and how best to address them beforehand. Your communications plan needs to outline: how to reach everybody (e.g., all contact information in one place, primary communication channels clarified — email, IM, Slack, etc.); how employees are expected to respond to customers; and how and when teams will coordinate and meet.

For management, pull out those rules and procedures you wrote up to deal with emergencies and crises, Figure out the way that you will communicate directives with employees. Determine what systems, communications, and processes you need to implement to continue on as an existing business entity serving customers and employees. After the flexible response period is over, this data will allow you to reflect on what worked, what didn’t, and why. The data will also prepare you in advance to answer the inevitable question once the crisis has passed, “Why don’t we do this all the time?” Depending upon the outcomes, you may decide to continue certain aspects of the flexible response permanently. For example, perhaps you cut business travel by 25% and substitute video conferencing. You determine afterward that about 80% of those meetings were equally as effective virtually. Therefore, a 20% decrease in business travel will continue, but this time as part of the organization’s sustainability strategy to cut carbon emissions. Global health emergencies, like Covid-19, are scary, disruptive, and confusing for everyone. And if you plan and nothing happens? Then, at minimum, you have an organized, flexible work disaster response ready the next time there’s a challenge to operational continuity, which chances are, there will be.

Saturday, March 14, 2020

Statement of Requirements


The team at MEP Digital Systems is experienced in technical support, project management, technical sales and consultancy. In addition to excellent product and technical knowledge, we build effective relationships with customers and analyze business and technical requirements including developing solutions that meet those needs. We work with product development teams to customize products for individual customers, demonstrate products to customers and explain how the proposed product or solution meets customers’ needs. When customers have agreed to purchase a solution, we identify the services and support customers will need to make effective as well as productive use of products. We manage projects and put together installation programs that minimize disruption for customers including arranging training for IT users. We monitor the progress of product installations to ensure that they are successful, identify any recurring issues and recommend changes to products. We hold regular review meetings with customers to discuss any issues or problems and provide reports.

Technical account managers analyze customers’ support requirements and identify areas where the company can offer improved service or reduce support costs. By monitoring product performance and associated support needs, we identify opportunities to upgrade or modify products so that they meet customers’ needs more effectively. We provide reports on product performance and advise customers on new products or upgrades that may be suitable for their business. Once written, signed and accepted by all parties, the statement of requirements (SOR) delineates all of the milestones between beginning the project and delivering all of the modules of each stage of the endeavor, the SOR prevents a situation known as "scope creep," or constant changes in the components and deadlines of a completed contract. When creating SOR, we consider everything that all of the interested parties would expect to receive, including how to comply with applicable laws, regulations and customs. We spend time meeting with clients in order to have a full assurance that neither party has misunderstood anything.

We include SOR in project queries which consist of two main types: solicited and unsolicited. Solicited project queries include answers to calls for bids and requests for information. The statement of requirements for a solicited project query answers all of the points raised by the prospect client. Our unsolicited queries, on the other hand, include potential returns on any investments and what probable solutions we deliver quicker and more effective solutions. We create compelling offers with a clear call to action using unsolicited queries. Despite the fact that the client may have already provided their own needs assessment, the possibility exists that something vital to the project's success might not have occurred to the person who performed it. We therefore review every line of the assessment provided by the client, asking probing questions to ensure that we both have the same understanding of every term and condition. We identify all the deliverables and the responsibilities of the client and the contractor. We state how and when to expect invoices, purchase equipment and release funds at each stage of the operation. Each requirement should contain a single thought. The statement of work must also include the timeline for completion and who will verify that the work adhered to applicable laws and regulations. The goal is that everything left out on purpose cannot creep back into the project later and wreck the schedule of payments and deliverables.

Wednesday, September 11, 2019

Optimizing Digital Transformation


Digital transformation is a catchall term that includes a wide variety of goals. For some companies, digital transformation means leveraging cloud capabilities. For others, artificial intelligence and machine learning are more important. Increased analytics capabilities and Internet of Things implementations play roles as well. The point of digital transformation is not to take companies from paper processes to hyper-advanced and complex digitized alternatives. On the contrary, many components of digital transformation are subtle. Even the most technologically challenged business owners, given a bit of time, can lead an effective digital transformation with the right mindset. Company goals and challenges dictate the type of digital transformation to pursue. A company that seeks more customers, for instance, might consider how to implement new tech to improve the customer experience. An online chatbot or a user-friendly app might do the trick, or perhaps a business’s first step is to create store listings on Google and Apple Maps.

A company struggling to optimize its partner network, on the other hand, might invest in more analytics tools to make better choices about shipping and vendors. It doesn’t matter whether the company sells software or gravel: Digital transformation is for everyone. Businesses considering digital transformation should ask themselves where their threats and opportunities lie. Have comparable industry players already made moves toward digital transformation? Have customers begun to demand options that the company cannot provide today? Rather than wait for market influences to force their hands, though, businesses should proactively pursue digital transformation to stay ahead of the game. Most employees are set in their ways: In order to make the change go as smoothly as possible, business owners need to talk to employees about why the company is moving in a digital direction. Some employees worry that digital transformation will eventually cost them their jobs. Cents saved are cents earned, even for companies with growth goals. Before taking on new debt to tackle grand opportunities, consider how digital transformation could make existing processes cheaper and easier. Mosy small companies can’t afford to sink money into suboptimal campaigns the way big ones can. With a predictive analytics tool that integrates with existing tech, small businesses can stretch their advertising budget much further.

Most Bigger companies can afford to staff robust IT departments, but smaller companies don’t have that kind of cash. By outsourcing, small companies can maximize their resource pools and only pay for the aspects of digital transformation with the greatest impact. A good technology partner will recommend in-budget solutions that are compatible with a business’s infrastructure. Ask potential partners whether they have experience with small businesses, who at the vendor will be responsible for communications and what kind of preparations the business should make ahead of time. Digital transformation isn’t some vague buzzword. For small businesses, digital transformation includes all the little steps forward that add up to massive cost savings, happier customers and improved prospects. Look for areas with easy opportunities for big improvements, and then use these tips to turn those potential gains into reality. Fortunately, digital transformation doesn’t require businesses to move every process to the cloud, nor does it require them to invest millions of Rands in brand-new tech -- a critical note, The most effective digital transformations leverage existing infrastructure and find maximum value in the most sensible improvements.

c. 2018, MEP Digital Systems (Pty) Ltd.

Wednesday, August 28, 2019

Service Subscription Business Model


Subscription business models are taking hold in many different industries, supported by advances in cloud computing, data analytics, and the Internet of Things (IoT). Suppliers benefit from longer and wider revenue streams for their products, while customers avoid big upfront payouts and are able to standardize and spread out their expenses. Subscription-based services certainly aren’t new. But the model that’s evolved in the last several years is more robust and widely applicable than any previous one. It has radically overhauled at least one major industry. Subscription cloud computing services, with their flexibility, cost savings, and performance advantages, are increasingly replacing on-premises software as the technology platform of choice for enterprise IT. The as-a-service model is catching on quickly in other industries, including construction, where new, sophisticated machinery is extremely expensive and aging equipment is a competitive disadvantage. One major manufacturer of construction equipment is expanding its digital services for high-end products to include real-time monitoring of parts and performance to identify weaknesses and wear.

In healthcare, IoT-enabled devices already relay patients’ health data immediately and consistently to hospitals and medical practices, implemented as part of a remote monitoring service. In the auto industry, Volvo’s recent advertising campaign, extols the manufacturer’s new subscription program, under which its monthly vehicle charges include taxes, insurance, and both roadside and at-home services. This program eliminates the down payment and end-of-service fees typical of auto leases. Other auto manufacturers and dealers offer similar programs. Subscription services are popping up in unexpected places. In anticipation of the impending shift to 5G wireless networks, a major network device manufacturer is offering consumers 5G router hardware, software, and support bundled as a “premium service.” A European utility is offering consumers a service that, for a monthly fee, monitors temperature and functioning of a customer’s hot water tank through an attached IoT device. Temperature loss results in a text message and/or phone call to the customer, expediting a visit from a technician already armed with relevant data.

The as-a-service model appeals to millennials, according to recent reports, many of whom value convenience over ownership. Those strapped by college debt also appreciate the ability to spread out their costs—for everything from clothes to furniture. Still, the consumer-oriented subscription market isn’t without its challenges. For example, recent efforts to offer IoT-enabled, app-connected electric scooters as “shared services” have no doubt created a ready-made market of urban commuters looking for mobility alternatives, but issues related to traffic rules, safety regulations, and liability are holding back the services, while a glut of competitors is complicating the economics. All of this adds up to a typical day in e-commerce land. Which of these new online as-a-service businesses will succeed over the long haul, and in what form, isn’t exactly clear. What is clear is that the current “let’s see what sticks” business environment requires savvy companies to overcome any lingering trepidation about the model cannibalizing their current revenue streams and explore where “as-a-service” might fit into their product plans. In addressing such an open-ended imperative, cloud computing can help. MEP Digital Systems, for instance, offers field service management for subscription tailored specifically to the as-a-service model.

Cybersecurity Awareness Campaign!





Dear Future Victim,

PLEASE PANIC!

Cower in the corner under a toilet paper fort with a pile of ammo for a pillow. Meanwhile, I’m hacking your corporate network. Work from home, they said. Self-isolate, they said. Avoid contagion, they said. They forgot about me, for I am a DORMANT CYBER PATHOGEN. Dormant no longer While you’re avoiding biological infection, I am quietly spreading my digital contagion throughout your organization, ready to flip the switch at just the right moment: RANSOM TIME!

God, I love the smell of ransomware in the morning. Nothing like the sweet, sweet aroma of bitcoin in the aftermath of a little bit of racketeering. A racketeering cyber pathogen–that’s me! Mixing metaphors like bleach and sulfuric acid, but it don’t matter cause at the end of the day it’s BLING BLING, CHING CHING TIME, when I count up my illicit Bitcoin gains and then fill a vast silo with the same number of gold coins so I can swim in my loot like Scrooge McDuck. (Don’t tell me you never wondered what that would be like.)

How did I rise to my current eminence, sitting Smaug-like on a load of loot? Simple. I waited for you to make mistakes. Errors because the boss said, “Just make it work!” You had 24 hours to set up work-from-home for an army of cubicle natives, unaccustomed to sweat shops hours of pajama productivity. Some of my fave mistakes you make are also the easiest for you to fix. No wonder I’M KING OF THE WORLD!

DON’T DEPLOY A VPN. 

Force your employees to directly connect to the tons of new internet-facing services you just put online cuz your boss said productivity is the number one priority. We’ll see how much he likes productivity when I take his entire network for ransom. Go ahead. Punch a hole through the corporate firewall and give RDP access to a bunch of employees–and to the entire internet!

Just to make sure I was doing this crime thing correctly, I caught up with Johnny Xmas, obviously not his real name (duh!), a senior researcher for the cybersecurity R&D firm GRIMM. He told me I was totally on the right track. The number of remote desktop servers (RDP) appearing on the internet as a whole is increasing substantially on the whole day by day. Do they all have MFA on them? Probably not. Why are we directly exposing them to the internet? Employees should VPN into the corporate network and then RDP into the machine. Trust me, I’m gonna love that unpatched Windows XP box covered in dust the IT department just gave the whole world access to. In fact, my only real problem will be keeping other attackers from partying with me–that’s my box! Bad APT! Bad APT! Take your advanced persistency and go threaten someone else!

I get very territorial when doing crimes. It’s a question of ethics. Only one racketeering play at a time. This Windows box ain’t big enough for the both of us. DRAW, STRANGER! But I digress. Ever since escaping WestWorld things have been a bit strange. (Oops, now you know my secret, you won’t dob me in, will you? Please, guvnuh, can I have some more?) Oh look, an employee working from a personal device!

USE PERSONAL DEVICES.

I loves it when you do this. Access confidential business information from the unsecured personal laptop full of third-party softwaremalware! So easy to pop. SNAP CRACKLE POP, I’M RANSOMWARE! TAA-DAHHH! So when I send you my handcrafted, artisanal phishing emails linking to websites such as my freshly registered Covid19MedicalAdvice.com with an urgent subject line “Employee Health & Safety” from a spoofed email pretending to be the CEO, my RAT will out-CAT your consumer-grade anti-virus.

There’s never been a better time to go phishing. “When people get scared, they may not be as focused as they need to be, looking at these links and email addresses,” I once heard NetScout CSO Debby Briggs say. “If I’m the person trying to break in, I’m going after email, and I’m going to create fake websites.” When your panic-addled brain sends an electrical impulse to your mouse-clicking fingers, then my malware will be coming down your fiber optic like a giant uncovered digital sneeze. Here’s hoping COVID-19 doesn’t jump the meatspace-digital barrier and start infecting computers, I may be a dormant cyber pathogen awakening from my slumber, but compared to COVID-19, I’m an infectious amateur.

You’re l33t, bro. Yeah. I’m talking to you. You with the classy hacker handle: “COVID-19.” You may still be a teenager but mad respect for your skillz. Let’s get a little bro-mance going on here, between two infectious geeks. I know they say we can never be together, you a biological agent of doom, me a digital agent of doom, but look at how much we have in common: WE ARE BOTH AGENTS OF DOOM! Think about it, bro boo. You call me. Yeah, I’m making that thumb and little finger gesture that looks nothing like a phone. I never thought I could fall for a virus I didn’t create myself, but that’s love for you, I guess.

NO 2FA? NO PROBLEM!

For the love of my ill-gotten plunder, do not, I repeat, DO NOT enroll your employees in any kind of two-factor authentication program. Nothing bursts my bubble as a digital agent of doom than having to end-run around properly configured 2FA, especially you awful, horrible people who use U2F tokens like Yubikeys. See that cartoon steam pouring horizontally from both of my ears? That’s how I feel about 2FA, YOU WASCALLY WABBIT, YOU! What? I’M the wascally wabbit? Wow. Looking in a mirror hurts.

FORGET EMPLOYEE TRAINING

Embrace your cynicism and repeat after me: “If education is the solution to your security problem, you’ve already lost.” Everything is lost! Give in to panic! Give in to hopelessness! What’s the point of living? Just accept my malware into your life, like the Gospel of badness it is! Because in a pinch training can be quite effective, and we do NOT want any of that happening, now do we, my dears? “It’s not possible in a two-week period, much less 24 hours, to roll out a full MDM [Mobile Device Management] solution to enforce and monitor policies,” Xmas says. “So, it’s important to get the verbal policy out there, to train work staff on secure practices.” 

“People won’t listen all the time when dealing with this emergency,” he adds, “but security is never all or nothing. We do what we can when we can and work towards building up to a perfect solution in the end.” Remember, folks: The good is the enemy of the perfect. Strive for the impossible! Strive for true innovation! Meanwhile, I’ll be holding your network for ransom. Now you’ll excuse me, I have a silo of gold coins to go swim in.

Sunday, August 25, 2019

Information Logistics


All organisations and companies are dependent on information. It can be found within IT systems, in binders and computer files on individual computers or in the management information systems which is sophisticated and powerful science in existence. Information logistics is the branch of computer science and logistics which is concerned with implementing systems that can perform many complex tasks using advanced mathematics and highly sophisticated algorithms. The discipline can be viewed as the bedrock of route planning software in the global distribution business. In this sphere, the industry is concerned with optimising the flow of goods and services and all relevant information between an origin and destination point.

An Information Element (IE) is an information component that is located in the organizational value chain. The combination of certain IEs leads to an information product (IP), which is any final product in the form of information that a person needs to have. When a higher number of different IEs are required, it often results in more planning problems in capacity and inherently leads to a non-delivery of the IP. Data Logistics is a concept that developed independently of Information Logistics in the 1990s, in response to the explosion of Internet content and traffic due to the invention of the World Wide Web (WWW). The growth in the volume of Web hits, combined with the steady increase in the size of Web-delivered objects such as images, audio and video clips resulted in the localized overloading of the bandwidth and processing resources of the local and/or wide area network and/or the Web server infrastructure. The resulting Internet bottleneck can cause Web clients to experience poor performance or complete denial of access to servers that host high volume sites (the so-called Slashdot effect).

The goal of Information Logistics is to deliver the right product, consisting of the right information element, in the right format, at the right place at the right time for the right people at the right price and all of this is customer demand driven. If this goal is to be achieved, knowledge workers are best equipped with information for the task at hand for improved interaction with its customers and machines are enabled to respond automatically to meaningful information. Methods for achieving the goal are:
- the analysis of information demand
- intelligent information storage
- the optimization of the flow of information
- securing technical and organizational flexibility
- integrated information and billing solutions

The supply of a product is part of the discipline Logistics. The purpose of this discipline is described as follows:

Logistics is the teachings of the plans and the effective and efficient run of supply. The contemporary logistics focuses on the organization, planning, control and implementation of the flow of goods, money, information and flow of people. Information Logistics focusses on information. Information (from Latin informare: "shape, shapes, instruct") means in a general sense everything that adds knowledge and thus reduce ignorance or lack of precision. In stricter sense information becomes information only to those who can interpret it. Interpreting information will provide knowledge.

It entails the organisation and prioritisation of tasks by using applications such as resource planning software and associated algorithms within the overall supply and distribution infrastructure. In such contexts, route optimisation is a keyword as there is almost certainly never going to a perfect set of delivery circumstances. These constraints to perfection in the real world are exemplified by such things as diversions or adverse operational conditions and are often updated in real time. Information logistics system such as a multi-use resource planner, the constraints are expressed as a series of mathematical equations and functions which take the form of an inequality. In advanced mathematics, an inequality occurs when two values in a relationship are not equal. This may sound obvious, but it must be made clear that the term inequality does not mean that one value is greater or that they can be compared, it merely means that value X does not equal value Y. In the most simplistic terms when an inequality occurs a further constraint is placed on route optimisation, and that means the delivery schedule may be affected, at the very least the schedule must be flexible enough to accommodate the change. The presence of an inequality means that new information must be input to the computer network and a new set of options displayed.

The Digital Evolution in Technology


JAMstack is revolutionising the way we think about workflow by providing a simpler developer experience, better performance, lower cost and greater scalability. JAM stands for JavaScript, API & Markup. A modern web development architecture based on client-side JavaScript, reusable APIs, and prebuilt Markup. Dynamic functionalities are handled by JavaScript. There is no restriction on which framework or library you must use. Server side operations are abstracted into reusable APIs and accessed over HTTPS with JavaScript. These can be third party services or your custom function. Websites are served as static HTML files. These can be generated from source files, such as Markdown, using a Static Site Generator. JAMstack websites don't have to be static. There are great services available to help bring some dynamic data to your product. You can also abstract your own functions into reusable APIs. For this you can use AWS lambda functions or Netlify Functions. Many JAMstack products have dynamic comment sections. These are typically used on blogs and a great way to interact with your audience. Setting up an online store on the JAMstack has never been easier.....

Lets also look at single-page application (SPA) which is a web application or web site that interacts with the user by dynamically rewriting the current page rather than loading entire new pages from a server. This approach avoids interruption of the user experience between successive pages, making the application behave more like a desktop application. In a SPA, either all necessary code – HTML, JavaScript, and CSS – is retrieved with a single page load, or the appropriate resources are dynamically loaded and added to the page as necessary, usually in response to user actions. The page does not reload at any point in the process, nor does control transfer to another page, although the location hash or the HTML5 History API can be used to provide the perception and navigability of separate logical pages in the application. Interaction with the single page application often involves dynamic communication with the web server behind the scenes.

Let’s say your next project is going to be a simple HTML website for a resumé, marketing a product or service, documenting your software, or something along those lines. A great option for you is to build your website using static site generators (SSG). There are tons of static site generators in a range of programming languages, such as JavaScript, Ruby, Go — the list goes on. A common CMS (Content Management System), like WordPress for instance, builds the web page dynamically as it is being requested by the client: it assembles all the data from the database, and processes the content through a template engine. With all the options available, it’s easy to feel paralyzed when it comes to choosing a static site generator that fits the bill. There are some considerations that could help you sieve through what’s on offer. Your project’s requirements should throw some light on the features you should be looking for in your SSG. If your project needs lots of dynamic capabilities out of the box, then Hugo and Gatsby could be a good choice. As for build and deploy time, all of the SSGs listed above perform very well, although Hugo seems to be the favorite, especially if your website has a lot of content. Is your project a blog or a personal website? In this case, Hugo and Gatsby could be excellent choices, while for a simple documentation website VuePress would be a great fit. If you’re planning an e-commerce website, then you might want to consider which SSG fits in well with a headless CMS for store management. In this case, Gatsby and Nuxt could work pretty well. One more thing you might want to consider is your familiarity with each of the SSG languages. If you program in Go, then Hugo is most likely your preferred choice. As for the remaining options, they’re either built on top of React (Next and Gatsby) or Vue (Nuxt and VuePress).


Now, headless content management system, or headless CMS, is a back-end only content management system (CMS) built from the ground up as a content repository that makes content accessible via a RESTfulAPI for display on any device. The term “headless” comes from the concept of chopping the “head” (the front end, i.e. the website) off the “body” (the back end, i.e. the content repository). Next is serverless architecture (also known as serverless computing or function as a service, FaaS) is a software design pattern where applications are hosted by a third-party service, eliminating the need for server software and hardware management by the developer. Applications are broken up into individual functions that can be invoked and scaled individually. Next is serverless architecture (also known as serverless computing or function as a service, FaaS) which is a software design pattern where applications are hosted by a third-party service, eliminating the need for server software and hardware management by the developer. Applications are broken up into individual functions that can be invoked and scaled individually. Hosting a software application on the internet usually involves managing some kind of server infrastructure. Typically this means a virtual or physical server that needs to be managed, as well as the operating system and other web server hosting processes required for your application to run. Using a virtual server from a cloud provider such as Amazon or Microsoft does mean the elimination of the physical hardware concerns, but still requires some level of management of the operating system and the web server software processes.

With a serverless architecture, you focus purely on the individual functions in your application code. Services such as Twilio Functions, AWS Lambda and Microsoft Azure Functions take care of all the physical hardware, virtual machine operating system, and web server software management. You only need to worry about your code. PaaS, or Platform as a Service, products such as Heroku, Azure Web Apps and AWS Elastic Beanstalk offer many of the same benefits as Serverless (sometimes called Function as a Service or FaaS). They do eliminate the need for management of server hardware and software. The primary difference is in the way you compose and deploy your application, and therefore the scalability of your application. With PaaS, your application is deployed as a single unit and is developed in the traditional way using some kind of web framework like ASP.NET, Flask, Ruby on Rails, Java Servlets, etc. Scaling is only done at the entire application level. You can decide to run multiple instances of your application to handle additional load. With FaaS, you compose your application into individual, autonomous functions. Each function is hosted by the FaaS provider and can be scaled automatically as function call frequency increases or decreases. This turns out to be a very cost effective way of paying for compute resources. You only pay for the times that your functions get called, rather than paying to have your application always on and waiting for requests on so many different instances.

You should especially consider using a serverless provider if you have a small number of functions that you need hosted. If your application is more complex, a serverless architecture can still be beneficial, but you will need to architect your application very differently. This may not be feasible if you have an existing application. It may make more sense to migrate small pieces of the application into serverless functions over time.

c. 2019, MEP Digital Systems (Pty) Ltd.

Saturday, August 24, 2019

Document Management


An electronic document management system (EDMS) is a software system for organizing and storing different kinds of documents. This type of system is a more particular kind of document management system, a more general type of storage system that helps users to organize and store paper or digital documents. EDMS refers more specifically to a software system that handles digital documents, rather than paper documents, although in some instances, these systems may also handle digital scanned versions of original paper documents. An electronic document management provides a way to centrally store a large volume of digital documents. Many of these systems also include features for efficient document retrieval.

Some experts point out that the electronic document management system has a lot in common with a content management system (CMS). One major difference, though, is that most CMS systems involve handling a variety of Web content from a central site, while a document management system is often primarily used for archiving.

In order to provide good classification for digital documents, many electronic document management systems rely on a detailed process for document storage, including certain elements called metadata. The metadata around a document will provide easy access to key details that will help those who are searching archives to find what they need, whether by chronology, topic, keywords or other associative strategies. In many cases, the specific documentation for original storage protocols is a major part of what makes an electronic document management system so valuable to a business or organization.

Typically, document management refers to a centralized software system that captures and manages both digital files and images of scanned paper documents. Electronic document management systems share many similar features with enterprise content management (ECM) systems; however, document management software systems focus on the use and optimization of active documents and structured data, such as Word documents, PDF files, Excel spreadsheets, PowerPoint, emails and other defined formats, whereas ECM systems also manage unstructured content and rich media formats.

However, electronic document management is much more than simply scanning and saving: it is a comprehensive system that enables knowledge workers to efficiently organize and distribute documents across the organization for better, integrated use within daily operations. Electronic document management systems contain tools for:
- Creating digital files and converting paper documents into digital assets.
- Easily sharing digital documents with the right knowledge workers.
- Centrally organizing documents in standardized file structures and formats.
- Storing and accessing information for more efficient use.
- Securing documents according to standardized compliance rules.

By centralizing information use and access, document management is the hub on which broader information management strategies like ECM, records management and business process automation can be connected and deployed. Organizations typically start using electronic document management systems to transform paper-based operations after reaching an internal tipping point in which customer response times become too slow, departments don’t have enough bandwidth to solve recurring process bottlenecks, paper archiving becomes too costly or large-scale regulatory risks are exposed during a data breach or compliance fines.

For organizations that have defined but resource-intensive business processes, EDMS is an ideal fit. Document management helps organizations across industries side step this busy work entirely by eliminating manual document maintenance, reclaiming valuable staff time and boosting the bottom-line. Document management projects are often initiated by IT departments as means to standardize information access when data practices vary greatly between departments. If one department is using its own imaging system and another team keeps files in uncontrolled shared drives, personal file folders or cloud storage solutions, IT leaders will look for a comprehensive EDMS system to provide one corporate standard for modernizing and managing document use while digitizing existing business rules for each department.

Specifically, department managers that oversee back-office processes like HR management, accounting and contract management (or other repetitive processes with defined steps) also frequently catalyze the move towards an EDMS system. Starting a small-scale document management project for a specific process pain point helps demonstrate initial gains that can be applied across other areas of the business. Modern EDMS systems can offer a hybrid of on-premise and cloud-based solutions in order to cover all the bases of data extraction and use in core business processes. Process automation not only saves time but positions EDMS as a necessary tool for improving customer and client satisfaction.

Content Analytic Platforms

One of the huge upsides in the digital distribution economy is access to data. Content creators have more tools for tracking their content...