Business Objects is connected to sensitive data and is used to publish such data. As a result, it needs to be secured. Focus will be made on the W's: Who, What, When, Why & Where/ Backup and Disaster recovery/ Data quality
Strong Authentication: Securing Identities and Enabling BusinessSafeNet
In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. Consumer demands and compliance pressures bring organizations and institutions to search for new ways to strengthen their internal controls, authentication methods, and identity management practices. The message is clear – action is needed to stay ahead in the fast changing, security-conscious market.
PCI and Remote Vendors: Eliminating the complexity - Free Guide
To meet PCI requirements, CIOs and compliance officers must ensure user accountability.
When it comes to privileged users, the requirements and complexities are all magnified, especially when these privileged users happen to be third-party remote vendors.
This whitepaper highlights the PCI issues relating to remote vendors, and provides a straightforward solution for how to achieve compliancy. Particular attention is placed on:
- Clarity of what your log contains (as per PCI 10.2)
- Securing the audit logs against admin users (as per PCI 10.5)
- Eliminating anonymity (as per PCI 8 and PCI 10.1)
- Verifying awareness of corporate policy (as per PCI 12.5)
Strong Authentication: Securing Identities and Enabling BusinessSafeNet
In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. Consumer demands and compliance pressures bring organizations and institutions to search for new ways to strengthen their internal controls, authentication methods, and identity management practices. The message is clear – action is needed to stay ahead in the fast changing, security-conscious market.
PCI and Remote Vendors: Eliminating the complexity - Free Guide
To meet PCI requirements, CIOs and compliance officers must ensure user accountability.
When it comes to privileged users, the requirements and complexities are all magnified, especially when these privileged users happen to be third-party remote vendors.
This whitepaper highlights the PCI issues relating to remote vendors, and provides a straightforward solution for how to achieve compliancy. Particular attention is placed on:
- Clarity of what your log contains (as per PCI 10.2)
- Securing the audit logs against admin users (as per PCI 10.5)
- Eliminating anonymity (as per PCI 8 and PCI 10.1)
- Verifying awareness of corporate policy (as per PCI 12.5)
Integrating user needs into ECM projects is key to success. Whether it is a initial implementation or a reboot or just expanding use, user needs and UX testing should be integrated into every project
Your firm needs to be committed to protecting information assets, including personal data and client documents. As a trusted advisor to our clients, the expectation is that we are aware of threats and are guarding their data. Data privacy and information security are fundamental components of doing business today, no matter how large your firm is.
In this paper we will look at three specific ways of protecting our clients:
1. Protection through our ability to research and improve intellectual capital
2. Protection through policies, procedures and processes
3. Protection by securing client data
AMCTO presentation on moving from records managment to information managementChristopher Wynder
This presentation was given to AMCTO zones 1 and 4/5. It presents how to use the records classification as the core for a faceted classification schema that can be used to enable workflow and processes across the organization.
Trusting External Identity Providers for Global Research Collaborationsjbasney
Presented at:
https://www.eugridpma.org/meetings/2016-09/
Abstract:
Who do we trust to provide identity and access management services for our research collaborations? When do we decide to implement it ourselves versus relying on others? How do we create incentives for establishing trust? How do we bridge the gaps in trust, functionality, and reliability? In this presentation, Jim will review lessons learned from his experiences working with IGTF certificates, eduGAIN SAML assertions, and OpenID Connect claims for access to scientific research applications. What new challenges appear when moving from 1 to 10 to 100 to 1000 identity providers? Why does identity information flow more easily in some federations and not others? How do we determine what levels of assurance we need and find providers who can meet those needs? How do we mitigate the risks? How do we effectively federate services operated by the research community, higher education institutions, NRENs, and commercial providers?
Bio:
Dr. Jim Basney is a senior research scientist in the cybersecurity group at the National Center for Supercomputing Applications at the University of Illinois at Urbana-Champaign. He is Principal Investigator of the CILogon project and co-PI of the Center for Trustworthy Scientific Cyberinfrastructure and Software Assurance Marketplace projects. Jim also contributes to LIGO, LSST, and XSEDE. He has operated IGTF-accredited certificate authorities since 2007 and was a member of the InCommon federation's technical advisory committee for 6 years. Jim received his PhD in computer sciences from the University of Wisconsin-Madison in 2001.
This is a re-boot of a presentation originally given on the potential role of cloud infrastructure in healthcare delivery from eHealth Canada 2012.
Key concepts are the drivers of change in healthcare, how hospitals can protect themselves when using of cloud, the potential use of enterprise content management as part of healthcare delivery and the current models that we are seeing in Canada and the US.
This paper discusses the adoption of cloud computing by many businesses and organizations. Cloud
adoption has many benefits such as reduced IT costs, and accelerated adoption of new services. However, this
accelerated adoption present challenges to effective Identity Management. Many existing Identity Management
problems exist in cloud computing, but are further complicated. Now IT professionals must think outside the
realm of the internal IT infrastructure to integrate cloud services into the organization. User
provisioning/deprovisioning, credential management, auditing/access monitoring, and federal regulation
compliance must be considered across the boundaries of the internal organization’s network. Traditional
Identity Management systems can be leveraged to solve these issues. Most cloud service providers have means
to integrate on-premise Identity Management systems and identity records into their services. This requires
bridiging and/or proxy systems for on-premise resources to interact with cloud services. Vendors such as
Microsoft andCelestix provide such systems that bridge between on-premise and the cloud. New solutions are
also being developed and adopted with a “cloud first” approach in the form of Identity as a Service (IDaaS).
This is an evolving new approach that has potential to also revolutionize how Identity Management is conducted
in organizations. Any solutions adopted to meet cloud Identity Management challenges must still comply with
organizational and federal regulation requirements.
Presentation on using workflow to implement a highly used ECM system.
Provides a step-by-step outline how to understand user needs through marketing techniques such as user journeys and persona building.
Introduces the concept that ECM is an organically growing system rather than an architected software solution.
The deliverable from a consulting engagement for a hospital. The hospital needed to define the requirements for a single EIM platform. This two-day clinic allowed them to identify key issues and requirements to reduce the time to move from idea to RFP. While ensuring the that process stayed focused on hospital goals rather than just technical ease and fastest implementation.
Your Data Center Boundaries Don’t Exist Anymore! EMC
In the pre-cloud era, data centers were simpler to define and restrict. As organizations move to public, private, and hybrid clouds, they have to account for internal, industrial, and government compliance initiatives and oversight that impacts data center architecture and information flow. This session describes data center challenges in the Cloud Era and articulates real-life best practices to address those challenges.
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
Enterprises increasingly require higher level of assurance credentials for authentication. How do enterprises inspire trust for users? How do they impart that identity management solutions value and uphold privacy best-practices and regulations? Jenn will highlight how the application of a user-experience discipline intersects both legal and trust issues surrounding cloud-based applications. Discussion will underscore legal advantages of user-centric identity management as an authentication compliance strategy. The industry goal of improving trust of a solution by focusing on user control will also be linked to consumer and relying party adoption as a market-differentiating privacy risk mitigation strategy.
BBA 3551, Information Systems Management 1 Course Lea.docxaryan532920
BBA 3551, Information Systems Management 1
Course Learning Outcomes for Unit VIII
Upon completion of this unit, students should be able to:
3. Examine the importance of mobile systems and securing information and knowledge.
Reading Assignment
Chapter 12:
Information Security Management
Unit Lesson
In the last unit, we discussed outsourcing, the functions and organization of the IS department, and user
rights and responsibilities. In this final unit, we will focus on security threats to information systems.
PRIDE and System Security
PRIDE processes privacy settings on the server and returns a code that indicates which of the four privacy
levels defined for PRIDE govern a particular individual with a particular report/data requestor. By processing
settings on the server, those settings are not exposed to the Internet. The return code is, however, and the
operational system should probably use https for both the code and to return the report. This was not done in
the prototype, though.
The relationship between patients and PRIDE participants is N:M. One patient has potentially many
organizations, and an organization has potentially many patients. What this means is that a patient has a
relationship, potentially, to many participants of a given type: many doctors, many health clubs, many
insurance companies, and even many employers. In addition, a patient has a relationship to, potentially, many
types of participants.
Given the N:M relationships, a natural place to put privacy settings is in the intersection table. That table
serves, intuitively, as an opacity filter between a given patient and a given doctor (or other
person/organization).
The tension in the dialog between Maggie and Ajit at the beginning of Chapter 12 regarding what terminology
to use with Dr. Flores is intended to set up a discussion from both perspectives. It is a common problem for
techies when talking with business professionals: How much technical language should I use? It is important
to use enough to demonstrate competency, but not so much as to drown the businessperson in terminology.
Using the Ethics Guide: Securing Privacy
In this chapter, we discuss three categories of criteria for evaluating business actions and employee
behaviors:
legal
ethical (categorical imperative or utilitarianism)
good business practice
UNIT VIII STUDY GUIDE
Information Security Management
BBA 3551, Information Systems Management 2
We can clearly see the differences in these criteria with regard to data security. A doctor’s office that does not
create systems to comply with HIPAA is violating the law. An e-commerce business that collects customer
data and sells it to spammers is behaving unethically (by either ethical perspective). An e-commerce business
that is lackadaisical about securing its customers data is engaging in poor business practices.
Even still, business professionals today need t ...
Identity & Access Governance versus Process AgilityHorst Walther
How Governance tasks can be safely performed in a highly volatile business environment too.
Presented on the „IT-Security for Social, Mobile & Cloud, 2015 “, 2015-09-24, 09:30
Integrating user needs into ECM projects is key to success. Whether it is a initial implementation or a reboot or just expanding use, user needs and UX testing should be integrated into every project
Your firm needs to be committed to protecting information assets, including personal data and client documents. As a trusted advisor to our clients, the expectation is that we are aware of threats and are guarding their data. Data privacy and information security are fundamental components of doing business today, no matter how large your firm is.
In this paper we will look at three specific ways of protecting our clients:
1. Protection through our ability to research and improve intellectual capital
2. Protection through policies, procedures and processes
3. Protection by securing client data
AMCTO presentation on moving from records managment to information managementChristopher Wynder
This presentation was given to AMCTO zones 1 and 4/5. It presents how to use the records classification as the core for a faceted classification schema that can be used to enable workflow and processes across the organization.
Trusting External Identity Providers for Global Research Collaborationsjbasney
Presented at:
https://www.eugridpma.org/meetings/2016-09/
Abstract:
Who do we trust to provide identity and access management services for our research collaborations? When do we decide to implement it ourselves versus relying on others? How do we create incentives for establishing trust? How do we bridge the gaps in trust, functionality, and reliability? In this presentation, Jim will review lessons learned from his experiences working with IGTF certificates, eduGAIN SAML assertions, and OpenID Connect claims for access to scientific research applications. What new challenges appear when moving from 1 to 10 to 100 to 1000 identity providers? Why does identity information flow more easily in some federations and not others? How do we determine what levels of assurance we need and find providers who can meet those needs? How do we mitigate the risks? How do we effectively federate services operated by the research community, higher education institutions, NRENs, and commercial providers?
Bio:
Dr. Jim Basney is a senior research scientist in the cybersecurity group at the National Center for Supercomputing Applications at the University of Illinois at Urbana-Champaign. He is Principal Investigator of the CILogon project and co-PI of the Center for Trustworthy Scientific Cyberinfrastructure and Software Assurance Marketplace projects. Jim also contributes to LIGO, LSST, and XSEDE. He has operated IGTF-accredited certificate authorities since 2007 and was a member of the InCommon federation's technical advisory committee for 6 years. Jim received his PhD in computer sciences from the University of Wisconsin-Madison in 2001.
This is a re-boot of a presentation originally given on the potential role of cloud infrastructure in healthcare delivery from eHealth Canada 2012.
Key concepts are the drivers of change in healthcare, how hospitals can protect themselves when using of cloud, the potential use of enterprise content management as part of healthcare delivery and the current models that we are seeing in Canada and the US.
This paper discusses the adoption of cloud computing by many businesses and organizations. Cloud
adoption has many benefits such as reduced IT costs, and accelerated adoption of new services. However, this
accelerated adoption present challenges to effective Identity Management. Many existing Identity Management
problems exist in cloud computing, but are further complicated. Now IT professionals must think outside the
realm of the internal IT infrastructure to integrate cloud services into the organization. User
provisioning/deprovisioning, credential management, auditing/access monitoring, and federal regulation
compliance must be considered across the boundaries of the internal organization’s network. Traditional
Identity Management systems can be leveraged to solve these issues. Most cloud service providers have means
to integrate on-premise Identity Management systems and identity records into their services. This requires
bridiging and/or proxy systems for on-premise resources to interact with cloud services. Vendors such as
Microsoft andCelestix provide such systems that bridge between on-premise and the cloud. New solutions are
also being developed and adopted with a “cloud first” approach in the form of Identity as a Service (IDaaS).
This is an evolving new approach that has potential to also revolutionize how Identity Management is conducted
in organizations. Any solutions adopted to meet cloud Identity Management challenges must still comply with
organizational and federal regulation requirements.
Presentation on using workflow to implement a highly used ECM system.
Provides a step-by-step outline how to understand user needs through marketing techniques such as user journeys and persona building.
Introduces the concept that ECM is an organically growing system rather than an architected software solution.
The deliverable from a consulting engagement for a hospital. The hospital needed to define the requirements for a single EIM platform. This two-day clinic allowed them to identify key issues and requirements to reduce the time to move from idea to RFP. While ensuring the that process stayed focused on hospital goals rather than just technical ease and fastest implementation.
Your Data Center Boundaries Don’t Exist Anymore! EMC
In the pre-cloud era, data centers were simpler to define and restrict. As organizations move to public, private, and hybrid clouds, they have to account for internal, industrial, and government compliance initiatives and oversight that impacts data center architecture and information flow. This session describes data center challenges in the Cloud Era and articulates real-life best practices to address those challenges.
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
Enterprises increasingly require higher level of assurance credentials for authentication. How do enterprises inspire trust for users? How do they impart that identity management solutions value and uphold privacy best-practices and regulations? Jenn will highlight how the application of a user-experience discipline intersects both legal and trust issues surrounding cloud-based applications. Discussion will underscore legal advantages of user-centric identity management as an authentication compliance strategy. The industry goal of improving trust of a solution by focusing on user control will also be linked to consumer and relying party adoption as a market-differentiating privacy risk mitigation strategy.
BBA 3551, Information Systems Management 1 Course Lea.docxaryan532920
BBA 3551, Information Systems Management 1
Course Learning Outcomes for Unit VIII
Upon completion of this unit, students should be able to:
3. Examine the importance of mobile systems and securing information and knowledge.
Reading Assignment
Chapter 12:
Information Security Management
Unit Lesson
In the last unit, we discussed outsourcing, the functions and organization of the IS department, and user
rights and responsibilities. In this final unit, we will focus on security threats to information systems.
PRIDE and System Security
PRIDE processes privacy settings on the server and returns a code that indicates which of the four privacy
levels defined for PRIDE govern a particular individual with a particular report/data requestor. By processing
settings on the server, those settings are not exposed to the Internet. The return code is, however, and the
operational system should probably use https for both the code and to return the report. This was not done in
the prototype, though.
The relationship between patients and PRIDE participants is N:M. One patient has potentially many
organizations, and an organization has potentially many patients. What this means is that a patient has a
relationship, potentially, to many participants of a given type: many doctors, many health clubs, many
insurance companies, and even many employers. In addition, a patient has a relationship to, potentially, many
types of participants.
Given the N:M relationships, a natural place to put privacy settings is in the intersection table. That table
serves, intuitively, as an opacity filter between a given patient and a given doctor (or other
person/organization).
The tension in the dialog between Maggie and Ajit at the beginning of Chapter 12 regarding what terminology
to use with Dr. Flores is intended to set up a discussion from both perspectives. It is a common problem for
techies when talking with business professionals: How much technical language should I use? It is important
to use enough to demonstrate competency, but not so much as to drown the businessperson in terminology.
Using the Ethics Guide: Securing Privacy
In this chapter, we discuss three categories of criteria for evaluating business actions and employee
behaviors:
legal
ethical (categorical imperative or utilitarianism)
good business practice
UNIT VIII STUDY GUIDE
Information Security Management
BBA 3551, Information Systems Management 2
We can clearly see the differences in these criteria with regard to data security. A doctor’s office that does not
create systems to comply with HIPAA is violating the law. An e-commerce business that collects customer
data and sells it to spammers is behaving unethically (by either ethical perspective). An e-commerce business
that is lackadaisical about securing its customers data is engaging in poor business practices.
Even still, business professionals today need t ...
Identity & Access Governance versus Process AgilityHorst Walther
How Governance tasks can be safely performed in a highly volatile business environment too.
Presented on the „IT-Security for Social, Mobile & Cloud, 2015 “, 2015-09-24, 09:30
Changes can introduce untested conditions, or produce unpredictable errors and problems. Change auditing is a means whereby both IT administrators and management can readily distribute, secure and manage resources to ensure accountability and operational stability. This white paper explains why change auditing is important and covers features required for Active Directory change auditing.
As requested by folks these are the presentation notes for Securing Citizen Facing Applications. Hope these help with your IDM planning and implementation
Data-Centric Security for the Extended EnterpriseNextLabs, Inc.
Yesterday’s security is no match for the challenge of protecting data across the extended enterprise, with sensitive data increasingly shared across organizations, over external systems, and with unknown users and devices.
A basic shift towards data-centric thinking must replace conventional device- and container-based models. But where do organizations start? What assumptions must change?
This white paper outlines FOUR changes organizations must make to achieve data-centric security, and explains why IT Leaders, Security Professionals, and Compliance Officers should care. This paper then provides a brief overview of the NextLabs approach to Information Risk Management.
Vendors, and Risk, and Tigers, and Bears, Oh My: How to Create a Vendor Revie...Wendy Knox Everette
ShmooCon 2020
You’ve just been tasked with creating a vendor review management process at your company, but what does that even mean, and how are you going to do this? Do you need to buy a lot of expensive GRC software and hire an army of compliance staffers? This talk will explain what a vendor review process is and walk through setting one up at your company, using nothing more complicated than email, text files, and maybe some Slack and Google Forms.
Healthcare IT Security Who's Responsible, Really?Redspin, Inc.
An information security program is one such complex and multifarious business necessity. At its heart, information security is a method of managing risk to information and...
This article will look at common mistakes that organizations make on the path to achieving vulnerability management perfection, both in process and technology areas.
Running head KUDLER FINE FOODS APPLICATION OF ROLES 1KUDL.docxcharisellington63520
Running head: KUDLER FINE FOODS APPLICATION OF ROLES
1
KUDLER FINE FOODS APPLICATION OF ROLES
2
Kudler Fine Foods Application of Roles
CMGT 430
Kudler Fine Foods Application of Roles
Kudler Fine Foods is based in San Diego with three locations. The stores specialized in specialty Foods brought in from diverse parts of the world. Kudler Fine Food's mission is to provide the customers with the finest delicacies. The locations offer their customers outstanding customer services as well as wide variety of specially selected Foods and wines. Kudler Fine Foods must utilize their information systems to accomplish key business goals, such as operational proficiency, customer supplier intimacy, better decision making, and new products and services. Information systems are an fundamental part of organizations.
In reviewing the organizations structure, it is imperative to help the owner of Kudler Fine Foods value the importance of securing the organizations structure, organizational units, and big business functions. The organization accomplishes and manages employment by means of a structured chain of command and through its business processes, which are reasonably interrelatedtasks and behaviors for completing work. "Every business, regardless of its size, must perform four functions to succeed. It must produce the product or service; market and sell the product; keep track of accounting and financial transactions; and perform basic human resources tasks, such as hiring and retaining employees" (Loudon & Loudon, 2009, p. 13).
Kudler Fine Foods has six operational departments that span across the enterprise. To address the security needs of each of the organizations departments separating the duties will place limitations on employee’s potentials to damage or compromise the confidentiality,
Integrity and ease of use of Kudler Fine Foods. Separating duties within a business or organization helps limit any individual’s aptitude to cause mischief or commit theft. Meaning if someone is attempting to manipulate a system without management noticing, it would take multiple persons to work against it before it is successful. Therefore, as an example, if an employee is trying to give a vendor an extra money off on a shipment becausesomeone else oversees the course of action and must also approves the invoice and the inconsistency is recognizedbefore the transaction is finalized. sorting out the duties is a type of access control that is set upwhere an individual is not allowed to complete a duty concerning sensitive, imperative, or crucial information from start to finish. Therefore, management has control to put off risk. For an example,Kudler Fine Foods will be in the position to separate duties in Human Recourses department by separating the functions of accounts payable, accounts receivable processing and personnel. In each department security, procedures allow managing task and processing of information in a controlled method. It .
Enterprise Architecture in the Boardroom with Dragon1Dragon1 Inc.
How do we get a good overview and insight of the organization? What information do you need as decision-maker, and what are the costs that have to be made to solve the business issues to continue the business operations?
To tell that - IT environment has shifted, and this would be a huge understatement. We just see this happening around us. Yet to say, the transition is not necessarily a bad thing. Like in other technology organizations, Identity governance is in the process of change. We can see that this can be a positive transformation; as the way it allows us to be more flexible and stronger.
Visit : https://techdemocracy.com
Securing the Office of Finance in the Cloud -- Separating Fact from FictionWorkday
According to Forrester Research, the global cloud computing market is valued at an estimated $40.7 billion. In the future, this market is expected to grow exponentially, as companies accelerate their adoption of cloud computing.
It's clear that cloud computing is being widely adopted as a cost-effective strategy for deploying mission-critical applications within the enterprise. Yet, myths regarding privacy and security often cloud the decision-making process.
Join us for a Webcast that will explore the facts and fictions of cloud computing for the Office of Finance. In an effort to set the record straight, our distinguished panel of experts will dive into topics that include cloud security, risk management, and finance.
The panelists for this Webcast are:
Moderator: Russ Banham, Contributing Editor, CFO magazine
Dr. Lothar Determann, Partner, Baker & McKenzie LLP
John Hugo, Vice President and Corporate Controller, Life Time Fitness
Stan Swete, Chief Technology Officer, Workday
To implement data-centric security, while simultaneously empowering your business to compete and win in today’s nano-second world, you need to understand your data flows and your business needs from your data. Begin by answering some important questions:
•
What does your organization need from your data in order to extract the maximum business value and gain a competitive advantage?
•
What opportunities might be leveraged by improving the security posture of the data?
•
What risks exist based upon your current security posture? What would the impact of a data breach be on the organization? Be specific!
•
Have you clearly defined which data (both structured and unstructured) residing across your extended enterprise is most important to your business? Where is it?
•
What people, processes and technology are currently employed to protect your business sensitive information?
•
Who in your organization requires access to data and for what specific purposes?
•
What time constraints exist upon the organization that might affect the technical infrastructure?
•
What must you do to comply with the myriad government and industry regulations relevant to your business?
Finally, ask yourself what a successful data-centric protection program should look like in your organization. What’s most appropriate for your organization?
The answers to these and other related questions would provide you with a clearer picture of your enterprise’s “data attack surface,” which in turn will provide you with a well-documented risk profile. By answering these questions and thinking holistically about where your data is, how it’s being used and by whom, you’ll be well positioned to design and implement a robust, business-enabling data-centric protection plan that is tailored to the unique requirements of your organization.
How to successfully implement Business Intelligence into your organisation.
A completely agnostic and independent view from a market leader in delivering technology transformation.
Details on how to build a strategy to successfully execute on and more importantly how to get the business to adopt Business Intelligence into their day to day role.
Essential tool kit for any organisation looking to invest in Business Intelligence.
SailPoint is a centralized identity management solution that allows organizations to manage employee authorizations, digital identities, data security, network management, compliance, and more. CyberArk is used to access local admin accounts, domain admin accounts, service accounts, and other privileged accounts simply and safely.
Data Centers - Striving Within A Narrow Range - Research Report - MCG - May 2...pchutichetpong
M Capital Group (“MCG”) expects to see demand and the changing evolution of supply, facilitated through institutional investment rotation out of offices and into work from home (“WFH”), while the ever-expanding need for data storage as global internet usage expands, with experts predicting 5.3 billion users by 2023. These market factors will be underpinned by technological changes, such as progressing cloud services and edge sites, allowing the industry to see strong expected annual growth of 13% over the next 4 years.
Whilst competitive headwinds remain, represented through the recent second bankruptcy filing of Sungard, which blames “COVID-19 and other macroeconomic trends including delayed customer spending decisions, insourcing and reductions in IT spending, energy inflation and reduction in demand for certain services”, the industry has seen key adjustments, where MCG believes that engineering cost management and technological innovation will be paramount to success.
MCG reports that the more favorable market conditions expected over the next few years, helped by the winding down of pandemic restrictions and a hybrid working environment will be driving market momentum forward. The continuous injection of capital by alternative investment firms, as well as the growing infrastructural investment from cloud service providers and social media companies, whose revenues are expected to grow over 3.6x larger by value in 2026, will likely help propel center provision and innovation. These factors paint a promising picture for the industry players that offset rising input costs and adapt to new technologies.
According to M Capital Group: “Specifically, the long-term cost-saving opportunities available from the rise of remote managing will likely aid value growth for the industry. Through margin optimization and further availability of capital for reinvestment, strong players will maintain their competitive foothold, while weaker players exit the market to balance supply and demand.”
Adjusting primitives for graph : SHORT REPORT / NOTESSubhajit Sahu
Graph algorithms, like PageRank Compressed Sparse Row (CSR) is an adjacency-list based graph representation that is
Multiply with different modes (map)
1. Performance of sequential execution based vs OpenMP based vector multiply.
2. Comparing various launch configs for CUDA based vector multiply.
Sum with different storage types (reduce)
1. Performance of vector element sum using float vs bfloat16 as the storage type.
Sum with different modes (reduce)
1. Performance of sequential execution based vs OpenMP based vector element sum.
2. Performance of memcpy vs in-place based CUDA based vector element sum.
3. Comparing various launch configs for CUDA based vector element sum (memcpy).
4. Comparing various launch configs for CUDA based vector element sum (in-place).
Sum with in-place strategies of CUDA mode (reduce)
1. Comparing various launch configs for CUDA based vector element sum (in-place).
Explore our comprehensive data analysis project presentation on predicting product ad campaign performance. Learn how data-driven insights can optimize your marketing strategies and enhance campaign effectiveness. Perfect for professionals and students looking to understand the power of data analysis in advertising. for more details visit: https://bostoninstituteofanalytics.org/data-science-and-artificial-intelligence/
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...John Andrews
SlideShare Description for "Chatty Kathy - UNC Bootcamp Final Project Presentation"
Title: Chatty Kathy: Enhancing Physical Activity Among Older Adults
Description:
Discover how Chatty Kathy, an innovative project developed at the UNC Bootcamp, aims to tackle the challenge of low physical activity among older adults. Our AI-driven solution uses peer interaction to boost and sustain exercise levels, significantly improving health outcomes. This presentation covers our problem statement, the rationale behind Chatty Kathy, synthetic data and persona creation, model performance metrics, a visual demonstration of the project, and potential future developments. Join us for an insightful Q&A session to explore the potential of this groundbreaking project.
Project Team: Jay Requarth, Jana Avery, John Andrews, Dr. Dick Davis II, Nee Buntoum, Nam Yeongjin & Mat Nicholas
Opendatabay - Open Data Marketplace.pptxOpendatabay
Opendatabay.com unlocks the power of data for everyone. Open Data Marketplace fosters a collaborative hub for data enthusiasts to explore, share, and contribute to a vast collection of datasets.
First ever open hub for data enthusiasts to collaborate and innovate. A platform to explore, share, and contribute to a vast collection of datasets. Through robust quality control and innovative technologies like blockchain verification, opendatabay ensures the authenticity and reliability of datasets, empowering users to make data-driven decisions with confidence. Leverage cutting-edge AI technologies to enhance the data exploration, analysis, and discovery experience.
From intelligent search and recommendations to automated data productisation and quotation, Opendatabay AI-driven features streamline the data workflow. Finding the data you need shouldn't be a complex. Opendatabay simplifies the data acquisition process with an intuitive interface and robust search tools. Effortlessly explore, discover, and access the data you need, allowing you to focus on extracting valuable insights. Opendatabay breaks new ground with a dedicated, AI-generated, synthetic datasets.
Leverage these privacy-preserving datasets for training and testing AI models without compromising sensitive information. Opendatabay prioritizes transparency by providing detailed metadata, provenance information, and usage guidelines for each dataset, ensuring users have a comprehensive understanding of the data they're working with. By leveraging a powerful combination of distributed ledger technology and rigorous third-party audits Opendatabay ensures the authenticity and reliability of every dataset. Security is at the core of Opendatabay. Marketplace implements stringent security measures, including encryption, access controls, and regular vulnerability assessments, to safeguard your data and protect your privacy.
1.
Business Objects Security
In the past few years as VP of GB&Smith 360Suite, I have been working with hundreds of
customers using 360Suite tools for Business Objects. A common issue with most deployments is
how Business Objects Security, with a capital “S”, is perceived whether it is by IT, QA, CISO or
any person in an organization. Typically models are extremely complex, they lack common
sense and implementers have a poor understanding of regulations. Security needs to have
answers to the “W” questions: Who, When, What, Why & Where.
Security in an organization is more than ‘Who has access to what’. Security in SAP Business
Objects can be related to:
Who has access to What
Who had access to What
….
Who has access to what? Or account certification
Who has access to What? Easy to ask, tough to answer!
I had the chance to work with banks, federal entities and fortune 500 companies. An honest
answer to this simple question is, “I do not know”.
Security models need to be as simple as possible working from a Role or Group and avoid
individual user security. Most of the time, security rights are poorly implemented without
understanding the needs or of the security’s life cycle management. Over time, organizations
forget what was exactly granted to specific users and the impacts on the environments.
The best way to secure a deployment is at the database level, using row-level security.
Additional security can be applied at the reporting level.
For legacy environments, where it is difficult to accurately map out security, 360Suite can export
security via excel and import it back with modifications.
Current State in Business Objects: It is only easy to find explicit rights. The issue is, when you assign
security, it impacts the entire environment like a domino effect. Each time you make a change,
it can have downstream effects. At the end of it all, it has turned into a maze.
The most common way to keep track of such changes for the best deployments is to make
changes on an excel file, with the X axis being resources to be secured and the Y axis being
1
2.
users and groups to be secured. This is pretty easy to do in a company of 10 users but when you
start to reach deployments of 100 or more users it is very tricky to keep track of since there are
so many changes, people who change security come and go throughout the life of any
organization.
Ask an admin What User Bob has access to in detail, the honest answer is “I don’t know”.
Ask the CIO who has access to “Finance folders” with all detailed security, the honest answer is
“I don’t know” or “let me refer to an old Excel file”.
360Suite Solutions: 360Suite provides a real-time view of security, and offers the possibility to
document it via an Excel export. Not possible in Business Objects. You also have the possibility to
make changes to security and see all the impacted rights (inheritance and double
inheritance).
Our tools offer the possibility to use a user centric and resource centric view to audit security.
Use case: Edward Snowden Case. Gaining a clear view of security with 360View. It would have
been very simple to recognize that Snowden had admin rights on most resources, such as
viewing inheritance and rights to modify security.
Account Recertification
Are accounts still needed and accurate? Large organizations and federal organizations need
to perform such recertification on a regular basis depending on their regulatory requirements.
Some organizations do an annual account recertification and then perform quarterly
recertification based on a predefined % of accounts.
2
3.
Current State in Business Objects: At present, this not something that is being handled.
360Suite Solutions: This is a multiple step process involving Users/Resources/Security.
First, you need to determine whether user access is still needed, this is based on an
organization’s policy. Next, you need to have access and document security at the deepest
level. Then compare it to the policy in place. 360 allows to modify directly in XLS and push back
security. In certain cases, you might want to use a work flow with comments associated to each
change.
Other steps based on activity or non-activity level, 360Suite is able to capture, report and fine
tune recertification and trigger whether a specific user needs to be recertified or not.
Unlinked users and unlinked groups. 360 is able to find and cleanup such unlinked actors.
Use case: I had the chance to work with multiple organizations including federal ones. I can say
that in 90% of the cases their account recertification was either false or inaccurate. Typically,
the main reasons are a mix of a poor understanding of account recertification rules, poor
training of people implementing recertification, poor understanding of IT architecture from
policy makers and an overall inability to have access to detailed information.
Who had access to what?
Who had access to What? A common answer to that is “I don’t know” and “do not know what
the security changes were”.
Last year while working with a large East Coast Hospital, they had an urgent need to show who
had access to a specific folder six months earlier regulated by HIPAA. The answer is they could
only guess and furthermore had no idea of any security changes.
Current State in Business Objects: Currently, the only answer to this question is to rollback to a
previous backup. Once this is done, determine the explicit rights. No information is available re
the life cycle management of the security changes for that specific resource.
https://360suite.io/2017/03/10/rollback-security-business-objects/
360Suite Solutions: 360Suite is able to take daily snapshots of security and compare changes
over time like a time machine. Workflows to cover the security life cycle management can be
handled, auditing any changes in the security.
Segregation Of Duties
SOD rules are typically easy to determine, a little tougher to implement and tough to control.
Current State in Business Objects: It is possible to implement SOD rules in Business Objects but
virtually impossible to track and check them.
360Suite Solutions: SOD is managed very easily due to a 360Suite Patent allowing admins to
display and manage security. For a specific segregation, a Matrix appears with users selected
on X axis and resources on Y axis. As a result, you can check all the security for the zone and if
there are any issues, you can modify it and see all the impacted rights.
3
4.
Use case: 2 years ago we were doing a POC for a prospect specializing in manufacturing. The
Customer initially was interested in our BI on BI solutions. While exchanging conversations with
the customer he mentioned the complexity of his security model and was curious to check his
SOD in the Accounting Dept. Funny enough, he found out that the person handling payments
could also handle PO’s, never a good idea and a typical SOD breach. The customer
investigated and discovered the reason for the breach, it was because the person changed
roles within the organization and was removed from the previous role at an explicit level but not
the inheritance level. As a result, the POC lasted 10 days and we received a PO shortly after.
Life Cycle Management of users leaving and changing roles
How do you know if a user who left the organization still has rights? Or a user who moved to a
new department does not have access to his old resources?
Current State in Business Objects: Explicit permissions can be found and administrators need to
go fishing (and be lucky enough) to determine what the inherited and double inherited
permissions are. By default, if a user is deleted and they own documents or instances, they are
reassigned to the Administrator.
360Suite solutions: When a user leaves an organization, or changes roles, 360Suite offers the
“Swap” feature. You enter the name of the old user and the new user and the object
ownership is transferred from one to the other within 3 clicks!
When a user leaves an organization, he/she is typically disconnected from the organization
directory and the link between the organization directory and Business Objects is lost. However,
the user (if an Enterprise alias has been created which is a best practice) is still in Business
Objects, typically without access granted. 360Suite finds all these unlinked users and provides
the ability to remove them.
4
5.
360Suite also offers the opportunity to provide a report verifying that the user who left the
company no longer has access to anything and is not unlinked. For users who moved in the
organization, a security report can be issued comparing old and new security.
Use case: The most famous and expensive banking scandal was caused by a trader who
changed roles within the financial organization. Since the user changed roles within the
organization, he kept access to a few older resources. Moral of the story, the user used old
credentials and caused the bank to lose billions.
Backup Disaster and Recovery
In the past few years, when asking clients if they have fully stressed their Business Objects
Backup / Disaster / Recovery… answer is > 80% of cases “we have not”. By experience, I know
this is true in > 95% of cases.
Current state in Business Objects: It is possible to do full backup, prepare for disaster and
recovery with BOBJ out of the box. This task is very challenging and most people fail while
tackling it and take laborious hours and days to finish the job. Reason is you need to have a full
backup of the filestore (FRSinput/FRSoutput) and backup of repository database schema. All of
these need to be in sync. Once you have that, you need to have a server ready with BOE
installed, and a proper DB Schema. For more details read:
https://360suite.io/2017/07/11/business-objects-disaster-recovery-strategy/
VMs are the most common way to prepare for DR, the issue you have is if you have a corrupted
object, universe, version, etc. it is of no help. Last year I had an aerospace organization who
learned that the hard way.
360Suite Solution: In Business Objects when you generate a backup, it takes a very large
amount of objects and treats it as 1 mega BIAR, making it hard to promote and impossible to
disassociate. 360Plus is able to manage 1 backup per object, universe, report, user, etc., as a
result it is very flexible to promote and each individual object can be selectively restored.
If you have a corrupted VM you just roll back to the uncorrupted object(s) and restore. In case
of a DR, you just ask the tool to restore Full content or content from date X to date Y and you
are up and running. This is as simple to use as the time machine I use with my MacBook Pro.
Use Case: Recently, over a weekend, a hospital did an upgrade to the latest version of SAP
BusinessObjects. On the following Monday morning, I received a phone call from the
customer… “Bruno we upgraded to latest BOBJ version but have serious issues. We need to
rollback ASAP.” Within 1-2 hours, the customer was running on the previous version.
I have witnessed a more challenging cases with federal customers who upgraded to the latest
BOBJ version after 2 months of preparation (at the time of this issue they were considering
buying our tools but had not yet, still a POC). In the process of this migration, the customer
installed the new version of Business Objects, on top of the previous version (I never recommend
that). After a few days, the customer realized that certain applications, despite initial
preparations and testing, had major issues. The problem in this scenario, they could not rollback
to the previous version.
I have seen so many stories like the ones above; a fire in a server room, person physically
removing and damaging a SAN, administrator doing false manipulation, etc.
5
6.
Version management
In most organizations, you have multiple report developers working on the same report. Cases
like when you work on a Microsoft Word document, exchange it with co-workers who does the
modifications, and at the end you have so many versions you have no idea what the proper
version is, the visibility of who changed what, and what was changed.
Current state in Business Objects: Limited version management is possible out of the box but
does not comply with most regulations such as FISMA, SOX, HIPAA, etc. Read the article on
version control https://360suite.io/2017/06/15/360suite-business-objects-version-control/
360Suite Solution: 360Suite offers the possibility to Check in & Check out. While a report is
checked out, only developer who checked it out. (The Administrator can unlock if necessary).
When reports are checked in, version # is assigned and comments can be added. As a result,
you have full report traceability of changes and the ability to compare, promote and restore
versions as well.
Use case: All regulated industries for GRC need to be able to answer: Who changed What?
When? In which report? With the ability to see changes. Certain organizations can be more
demanding than others. Last year, the US Treasury asked us to deliver a feature in version
control that includes workflows. Before reports or universes are promoted between
environments, they need to be approved by specific users. The Use Case for Version
management is complete report traceability.
Wrong report bursted into inboxes!
This is a common problem despite internal procedures, what can you do when the wrong
report has been bursted into BOBJ inboxes. Send a message to the recipients “do not open!” (I
have seen that) you can bet recipients will open! Or you can wish you could delete that action,
what if I told you…Yes you can!
Current state in Business Objects: There is nothing you can do about this issue without manually
going into each users’ BOBJ inbox.
360Suite Solution: 360Suite offers the ability to selectively choose to burst a specific report, on a
specific date. For Bursting, 360Suite offers the ability to manage bursting dynamically or
semi-dynamically. As a result, you get all your bursting via excel and you can simply modify the
destination, filter values, prompt values, format, etc., with the possibility to manage password for
recipients.
Use case: One of the customers who requested that feature, blasted sensitive HR information to
wrong recipients. This created a huge problem. With the bursting feature, the problem could
have been solved or limited depending on how fast actions could have been taken.
Secure your bursted reports
6
7.
It is always better to follow bursted reports with passwords! (If you remember your password)
Current state in Business Objects: You cannot secure your scheduled/bursted report with a
password.
360Suite Solutions: Don’t fret, 360Suite offers the ability to secure your bursted reports with
passwords!
Use case: We specifically developed that feature for a customer who bursted sales information
to the wrong customers (incidentally, it was the customer’s competitor).
Regression testing
Showing inaccurate data can be a serious security and compliance problem. Whether you do
an upgrade, a migration, implement a service pack or make a change on DB side regressions…
it does happen. The only question is where it is?
Current state in Business Objects: Regression testing is not available out of the box.
360Suite Solutions: 360suite offers the ability to automate all your regression testing with the
possibility to check data and pixels inside the reports. Processes can be automated and results
can be e-mailed to reports’ recipients. 360Suite also manages security so that only the recipient
can see the data, and regression testing results are not shared to inappropriate people.
Once regressions are found, 360Suite can perform impact analysis across the entire
environment and check if such regression is affecting other reports. If the issue is with report
variable, 360Suite is then able to update all affected reports in bulk.
Use case: We have seen so many cases dealing with regressions, typically not good stories for
customers. We have stories about customers publishing false financial data, central banks
freezing service packs, utility organization sending false bills, etc.
Let’s take a pure ROI use case. One of our customers is a Motorcycle Manufacturer, and in the
past they had 14 consultants searching for their regressions due to their regulatory needs, now
with 360 they only need 2 consultants.
7
8.
360Suite application security
By default, 360Suite has the same security as Business Objects by default, it is also possible to
apply more restrictive security.
Use case: A healthcare organization needed to provide admin access to multiple users in order
to kill sessions (very bad practice) as their security model was not allowing them to do granular
rights. With 360Suite, they were able to limit access rights of non IT Admins so that they could use
admin credentials only to kill sessions.
Improper Universe Object Description
Over time, deployments grow and grow and go through different developers, eventually
organizations perform acquisitions and object descriptions become less and less streamlined.
How does that affect security? Without proper nomenclature of Universe content, it is very
difficult to keep track of why such Objects exists and what sensitive information it relates to.
Current state in Business Objects: You can manually update 1 by 1 and it is extremely
time-consuming and error prone.
360Suite Solutions: You have the possibility to export and document all Universe content Classes,
objects names, objects descriptions, field types, object select, etc. Make any necessary
updates, deletes, inserts in excel, and import the excel file to update in bulk.
8
9.
Use case: I remember back in 1999, there was the concern of the Y2K bug (for the most part it
was a big scam, and a good way for consulting companies to sell services). For certain
organizations it was a big security issue. Problem was people who coded software rarely left
notes around fields relating to dates. Back in those days, I use to go to Japan frequently and I
saw it was not a serious problem. One of the reasons (outside of low employee turnover) was
that they kept excellent Object descriptions. More recently I have seen organizations with a
need to have unified nomenclatures around objects relating to SSN or country of residence.
Regulatory needs
Most regulations have similar needs whether it is HIPAA, SOX, FISMA, GDPR
(https://360suite.io/2017/09/06/gdpr-360suite-tools-sap-businessobjects/ and
https://360suite.io/2017/10/19/business-objects-regulations/)
All these regulations need to answer the W questions: Who, What, When, Where & Why.
You may think it is pretty common sense… Well it is! However, I worked with 5 big consulting firms
and most of the time they could not simply explain the W’s and how to retrieve that info.
A great example is organizations that need to be SOX compliant often have their data SOX but
never think that Business Objects publishes such info. Mind you, Business Objects needs to be
SOX compliant as well.
Current state in Business Objects: There are inherent limitations, therefore answering all W’s as all
sourced can’t be queried out of the box.
Answering all the W’s in Business Objects is impossible due to the lack of access of all metadata,
capture of all historical changes/updates, etc.
360Suite Solutions: 360Suite allows to capture all the Metadata, historical changes, updates,
etc.
Use Case: With our customers, the organizations that are the most careful about Regulatory
needs are Banks. Well yes, like all banks in the US and Europe, but I am speaking of banks
particularly in Switzerland!
Security is very complex in Business Objects as typically, BOBJ is used as a reporting tool
capturing data from multiple sources and users within organizations. With common sense, basic
knowledge and proper tools, it is very easy to a have secured deployment and answer to the
W’s: Who, When, What, Where & Why. As a last note, I have seen many organizations going
from OBIEE, Cognos to SAP Business Objects. The reason being is, it is far safer to use and less
flexible which is a good thing for security.
Request a Trial today from https://360suite.io/
How our customers used and conquered with 360Suite
https://360suite.io/sap-business-objects/use-cases/
9