Hoe voer ik een Fit Gap analyse uit? WWW.META-AUDIT.NL
Welke maatregelen moeten nog worden uitgevoerd om aan de Baseline Informatiebeveiliging Rijksdienst te voldoen. Een korte inleiding.
This document summarizes Oracle's product release roadmap that was presented at Oracle OpenWorld 2014. It shows the timeline of releases for databases, middleware, Java, storage, and other products from 2012 through 2016. It also provides an overview of support timelines for various releases. The document concludes by saying see you next year, implying it is summarizing what was covered at OpenWorld 2014.
Fast data is big data, continuously streaming in, from which information is to be learned in (near) real time. This session demonstrates how Oracle Event Processing is used to analyze live streams of data to find patterns, deviations, and aggregates. The findings are reported in the form of business events that are pushed in live dashboards to Oracle Business Activity Monitoring, which also evaluates business rules on the business events and takes action when required. Examples to be demonstrated in this session include car sensors, website traffic, Twitter feeds, and bank run detection. Oracle SOA Suite 12c, WebSockets, Oracle Application Development Framework (Oracle ADF) active data visualization tools components, and JMS are used to process, forward, and act.
This document summarizes key points from Oracle OpenWorld 2014 about Oracle's Platform as a Service (PaaS) and middleware offerings. It discusses Oracle Cloud Application Foundation platforms like WebLogic Server and Coherence that can be deployed on engineered systems, public clouds, or private clouds. It also covers new features for WebLogic Server, SOA Suite, Java Cloud Service, and mobile services like the Oracle Mobile Cloud.
Hoe voer ik een Fit Gap analyse uit? WWW.META-AUDIT.NL
Welke maatregelen moeten nog worden uitgevoerd om aan de Baseline Informatiebeveiliging Rijksdienst te voldoen. Een korte inleiding.
This document summarizes Oracle's product release roadmap that was presented at Oracle OpenWorld 2014. It shows the timeline of releases for databases, middleware, Java, storage, and other products from 2012 through 2016. It also provides an overview of support timelines for various releases. The document concludes by saying see you next year, implying it is summarizing what was covered at OpenWorld 2014.
Fast data is big data, continuously streaming in, from which information is to be learned in (near) real time. This session demonstrates how Oracle Event Processing is used to analyze live streams of data to find patterns, deviations, and aggregates. The findings are reported in the form of business events that are pushed in live dashboards to Oracle Business Activity Monitoring, which also evaluates business rules on the business events and takes action when required. Examples to be demonstrated in this session include car sensors, website traffic, Twitter feeds, and bank run detection. Oracle SOA Suite 12c, WebSockets, Oracle Application Development Framework (Oracle ADF) active data visualization tools components, and JMS are used to process, forward, and act.
This document summarizes key points from Oracle OpenWorld 2014 about Oracle's Platform as a Service (PaaS) and middleware offerings. It discusses Oracle Cloud Application Foundation platforms like WebLogic Server and Coherence that can be deployed on engineered systems, public clouds, or private clouds. It also covers new features for WebLogic Server, SOA Suite, Java Cloud Service, and mobile services like the Oracle Mobile Cloud.
Douwe Pieter van den Bos Practical insights in the day-to-day routine of an information security officer
How to be realistic about information security and don’t stress out. Practical tips that will help any organization.
The document summarizes Oracle OpenWorld 2014, covering several topics:
- Three transitions in technology: big data, mobile, and cloud
- Citizen developer tools like MAX and StreamExplorer for self-service data analysis
- Oracle's Alta user experience theme and focus on consistent experiences across devices
- Oracle's growing portfolio of mobile enterprise applications
- Hardware and software engineered to work together with optimizations for performance and security
- Oracle's public cloud strategy including IaaS, PaaS, and SaaS offerings and roadmaps
- Discussion of emerging technologies like JSON, REST, and NoSQL and Oracle's role in supporting them.
Leveraging the full power of HTML5 and the capacity of modern browsers, rich client applications are very popular right now. In this session we will demonstrate how we can bring the world of HTML5 and AngularJS to ADF applications. We take rich reusable TagCloud component and integrate it into a standalone AngularJS application. Next we embed the AngularJS module inside an ADF TaskFlow. This taskflow is then reused in a regular ADF web application and participates in ADF skinning, internationalization and customization. The rich client component receives data from the ADF application and exchanges events with it. The flexibility, [multitude of] resources and richness in functionality offered from the HTML5/AngularJS world beyond ADF can still be integrated with and leveraged from ADF. This presentation provides a solid introduction into the question how to achieve thus.
After passing all functional tests, many web applications fail under the regular load conditions. Just 100 active users may be sufficient to cause severe errors and a decline in performance. In this session, load testing of ADF applications with the Oracle Application Testing Suite and Apache JMeter will be discussed and demonstrated. With these tools, you have an analysis-instrument to do performance analysis and regression analysis after new patches/releases. A proper managed load test also gives insight in the effects configuration parameters. The speaker will share best test practices to perform load tests and offer typical solutions for creating an efficient, scalable ADF application.
User experience (UX) design should be incorporated into all projects, regardless of size. For small projects, UX design can be informal through visualization and user feedback. Mid-sized projects benefit from clickable wireframes, weekly workshops, and just-in-time UX design. Large projects require design authority, regular UX meetings, proximity within teams, and high-fidelity simulations. Across all projects, the key is to quickly visualize and validate ideas through iteration and user involvement. UX design is not a separate role but a shared responsibility of the entire team.
This document discusses testing ADF applications with Selenium and provides examples. It begins with an introduction and agenda. It then demonstrates Selenium basics and history. It discusses the page object pattern and provides an ADF Selenium demo with examples of acquiring page objects, interacting with ADF components, and available ADF Selenium tools. It concludes with recommendations for testing bounded taskflows.
The document describes the ADF Performance Monitor, a tool for measuring, analyzing, and improving the performance of Oracle Application Development Framework (ADF) applications. It collects metrics on response times, health, and resource usage. Issues are reported in dashboards and JDeveloper. It helps detect, analyze, and resolve common and uncommon problems. Implementation takes less than a day. The overhead is 3-4% and it can be turned on/off without overhead. It supports diagnosing specific users, errors, slow queries, and memory usage to quickly find problems.
Oracle Documents Cloud Service is a content collaboration solution built for the enterprise with robust security, application integration, and mobile enablement. The presentation discusses integrating the front-end and back-end of Oracle Documents, including embedding the web interface, synchronization with back-ends through SkySync, and using the REST API. It also provides a live demo of functionality like content uploading, versioning, sharing, and mobile access, and concludes that Oracle Documents is mature but lacks identity services, while integration and roadmap could make it successful.
Team AMIS reviewed Oracle OpenWorld 2015, noting the key themes of mobile, big data, and cloud transitions. The event featured keynote sessions on these topics and emphasized Oracle's vision of 80% of production apps in the cloud by 2025. Oracle is focused on developing agile with frequent releases and changing how it sells cloud to focus on consumption over credits. The cloud changes how Oracle and its customers operate, with a focus on multitenancy, portability between cloud and on-premises, and positioning Oracle's full software stack running in the public cloud.
OGh Oracle Fusion Middleware Experience 2016 bij FIGI Zeist
Door Maarten Smeets and Robbrecht van Amerongen, 16-02-2016
Ogh fmw experience 16 februari 2016
This document provides an overview of Weblogic Multitenancy including key concepts, components, consolidation benefits, portability for DevOps, isolation capabilities, and live migration. It discusses how multitenancy allows consolidating multiple applications and tenants within a single Weblogic domain for improved resource utilization. Components like resource groups, virtual targets, and domain partitions provide isolation. Portability is enabled via partition export/import. Live migration minimizes downtime.
Deze presentatie is gegeven tijdens de KScope conferentie 2012
Spreker: Patrick Barel
Titel: Should Invoker Rights Be Used?
Onderwerp: Developers Toolbox - Coding
Deze presentatie gaat over de vraag of het Invoker Rights model van de Oracle Database, voor verschillende gebruikers binnen dezelfde database, kan helpen bij het scheiden van de zichtbaarheid van de data. Door gebruik te maken van de techniek deze techniek kun je op een relatief eenvoudige wijze ervoor zorgen dat gebruikers alleen werken op hun eigen data en niet op die van anderen. Als het bijvoorbeeld gaat om een hosted applicatie, dan hoeft er nog maar één codebase te zijn, waardoor alle gebruikers direct profiteren van verbeteringen die aangebracht worden. Daarnaast leer je in deze sessie hoe je één set code kunt onderhouden voor verschillende gebruikers van de applicatie en hoe je je ‘gedeeltelijk’ kunt beschermen tegen SQL Injection.
Bescherming van privacygevoelige gegevens is een actueel onderwerp. Incidenten zijn aan de orde van de dag. De politiek roept steeds harder om maatregelen bij ieder nieuw gevonden lek dat boven water komt. Europese wet- en regelgeving wordt voortdurend aangescherpt.
Hoe kunnen technologische maatregelen ons helpen om de zaken op orde te brengen? Kan Identity & Access Management werkelijk de oplossingen bieden waardoor burgers en politiek weer rustig kunnen slapen?
Kernel Recipes 2013 - Kernel for your deviceAnne Nicolas
Any industrial project based on Linux involves Longterm management of a Linux kernel and therefore a number of questions to ask about the choices to be made. BSP, Linux distribution, kernel.org? Which version?
These questions will be reviewed and best practices to facilitate this maintenance.
Kernel Recipes 2013 - Automating source code evolutions using CoccinelleAnne Nicolas
Coccinelle is a tool for automatically transforming source code using semantic patches. It was used to change code in the Linux kernel to standardize the use of booleans and devm functions. For booleans, it replaced integer assignments with true/false and 0/1 with false/true. For devm functions, it removed error checks after platform_get_resource by combining it with devm_ioremap_resource. Coccinelle can perform complex multi-line searches and transformations accounting for code structure and renamings. Over 1000 Linux patches have been generated with Coccinelle.
Distro Recipes 2013 : Debian and quality assuranceAnne Nicolas
The document discusses Debian's quality assurance processes. It describes how Debian is known for its long release cycles and high quality. It then outlines several factors that contribute to Debian's quality, including its release-when-ready culture, package ownership model, and focus on fixing release-critical bugs. The remainder of the document details Debian's quality assurance team and their tasks, such as performing archive-wide checks, rebuilds, and static analysis to find bugs. It also discusses the infrastructure developed to support these quality assurance activities.
Distro Recipes 2013 : My ${favorite_linux_distro} is slow!Anne Nicolas
The document discusses various potential causes of slow performance on Linux distributions and provides examples of debugging sessions. It examines CPU load, storage load issues from devices like HDDs and SSDs that can cause slowdowns, memory issues, and IRQ storms. Tracking down the root cause requires tools like top, vmstat, smartctl, and memory timing tools to analyze CPU, storage, interrupt, and memory behavior.
Douwe Pieter van den Bos Practical insights in the day-to-day routine of an information security officer
How to be realistic about information security and don’t stress out. Practical tips that will help any organization.
The document summarizes Oracle OpenWorld 2014, covering several topics:
- Three transitions in technology: big data, mobile, and cloud
- Citizen developer tools like MAX and StreamExplorer for self-service data analysis
- Oracle's Alta user experience theme and focus on consistent experiences across devices
- Oracle's growing portfolio of mobile enterprise applications
- Hardware and software engineered to work together with optimizations for performance and security
- Oracle's public cloud strategy including IaaS, PaaS, and SaaS offerings and roadmaps
- Discussion of emerging technologies like JSON, REST, and NoSQL and Oracle's role in supporting them.
Leveraging the full power of HTML5 and the capacity of modern browsers, rich client applications are very popular right now. In this session we will demonstrate how we can bring the world of HTML5 and AngularJS to ADF applications. We take rich reusable TagCloud component and integrate it into a standalone AngularJS application. Next we embed the AngularJS module inside an ADF TaskFlow. This taskflow is then reused in a regular ADF web application and participates in ADF skinning, internationalization and customization. The rich client component receives data from the ADF application and exchanges events with it. The flexibility, [multitude of] resources and richness in functionality offered from the HTML5/AngularJS world beyond ADF can still be integrated with and leveraged from ADF. This presentation provides a solid introduction into the question how to achieve thus.
After passing all functional tests, many web applications fail under the regular load conditions. Just 100 active users may be sufficient to cause severe errors and a decline in performance. In this session, load testing of ADF applications with the Oracle Application Testing Suite and Apache JMeter will be discussed and demonstrated. With these tools, you have an analysis-instrument to do performance analysis and regression analysis after new patches/releases. A proper managed load test also gives insight in the effects configuration parameters. The speaker will share best test practices to perform load tests and offer typical solutions for creating an efficient, scalable ADF application.
User experience (UX) design should be incorporated into all projects, regardless of size. For small projects, UX design can be informal through visualization and user feedback. Mid-sized projects benefit from clickable wireframes, weekly workshops, and just-in-time UX design. Large projects require design authority, regular UX meetings, proximity within teams, and high-fidelity simulations. Across all projects, the key is to quickly visualize and validate ideas through iteration and user involvement. UX design is not a separate role but a shared responsibility of the entire team.
This document discusses testing ADF applications with Selenium and provides examples. It begins with an introduction and agenda. It then demonstrates Selenium basics and history. It discusses the page object pattern and provides an ADF Selenium demo with examples of acquiring page objects, interacting with ADF components, and available ADF Selenium tools. It concludes with recommendations for testing bounded taskflows.
The document describes the ADF Performance Monitor, a tool for measuring, analyzing, and improving the performance of Oracle Application Development Framework (ADF) applications. It collects metrics on response times, health, and resource usage. Issues are reported in dashboards and JDeveloper. It helps detect, analyze, and resolve common and uncommon problems. Implementation takes less than a day. The overhead is 3-4% and it can be turned on/off without overhead. It supports diagnosing specific users, errors, slow queries, and memory usage to quickly find problems.
Oracle Documents Cloud Service is a content collaboration solution built for the enterprise with robust security, application integration, and mobile enablement. The presentation discusses integrating the front-end and back-end of Oracle Documents, including embedding the web interface, synchronization with back-ends through SkySync, and using the REST API. It also provides a live demo of functionality like content uploading, versioning, sharing, and mobile access, and concludes that Oracle Documents is mature but lacks identity services, while integration and roadmap could make it successful.
Team AMIS reviewed Oracle OpenWorld 2015, noting the key themes of mobile, big data, and cloud transitions. The event featured keynote sessions on these topics and emphasized Oracle's vision of 80% of production apps in the cloud by 2025. Oracle is focused on developing agile with frequent releases and changing how it sells cloud to focus on consumption over credits. The cloud changes how Oracle and its customers operate, with a focus on multitenancy, portability between cloud and on-premises, and positioning Oracle's full software stack running in the public cloud.
OGh Oracle Fusion Middleware Experience 2016 bij FIGI Zeist
Door Maarten Smeets and Robbrecht van Amerongen, 16-02-2016
Ogh fmw experience 16 februari 2016
This document provides an overview of Weblogic Multitenancy including key concepts, components, consolidation benefits, portability for DevOps, isolation capabilities, and live migration. It discusses how multitenancy allows consolidating multiple applications and tenants within a single Weblogic domain for improved resource utilization. Components like resource groups, virtual targets, and domain partitions provide isolation. Portability is enabled via partition export/import. Live migration minimizes downtime.
Deze presentatie is gegeven tijdens de KScope conferentie 2012
Spreker: Patrick Barel
Titel: Should Invoker Rights Be Used?
Onderwerp: Developers Toolbox - Coding
Deze presentatie gaat over de vraag of het Invoker Rights model van de Oracle Database, voor verschillende gebruikers binnen dezelfde database, kan helpen bij het scheiden van de zichtbaarheid van de data. Door gebruik te maken van de techniek deze techniek kun je op een relatief eenvoudige wijze ervoor zorgen dat gebruikers alleen werken op hun eigen data en niet op die van anderen. Als het bijvoorbeeld gaat om een hosted applicatie, dan hoeft er nog maar één codebase te zijn, waardoor alle gebruikers direct profiteren van verbeteringen die aangebracht worden. Daarnaast leer je in deze sessie hoe je één set code kunt onderhouden voor verschillende gebruikers van de applicatie en hoe je je ‘gedeeltelijk’ kunt beschermen tegen SQL Injection.
Bescherming van privacygevoelige gegevens is een actueel onderwerp. Incidenten zijn aan de orde van de dag. De politiek roept steeds harder om maatregelen bij ieder nieuw gevonden lek dat boven water komt. Europese wet- en regelgeving wordt voortdurend aangescherpt.
Hoe kunnen technologische maatregelen ons helpen om de zaken op orde te brengen? Kan Identity & Access Management werkelijk de oplossingen bieden waardoor burgers en politiek weer rustig kunnen slapen?
Kernel Recipes 2013 - Kernel for your deviceAnne Nicolas
Any industrial project based on Linux involves Longterm management of a Linux kernel and therefore a number of questions to ask about the choices to be made. BSP, Linux distribution, kernel.org? Which version?
These questions will be reviewed and best practices to facilitate this maintenance.
Kernel Recipes 2013 - Automating source code evolutions using CoccinelleAnne Nicolas
Coccinelle is a tool for automatically transforming source code using semantic patches. It was used to change code in the Linux kernel to standardize the use of booleans and devm functions. For booleans, it replaced integer assignments with true/false and 0/1 with false/true. For devm functions, it removed error checks after platform_get_resource by combining it with devm_ioremap_resource. Coccinelle can perform complex multi-line searches and transformations accounting for code structure and renamings. Over 1000 Linux patches have been generated with Coccinelle.
Distro Recipes 2013 : Debian and quality assuranceAnne Nicolas
The document discusses Debian's quality assurance processes. It describes how Debian is known for its long release cycles and high quality. It then outlines several factors that contribute to Debian's quality, including its release-when-ready culture, package ownership model, and focus on fixing release-critical bugs. The remainder of the document details Debian's quality assurance team and their tasks, such as performing archive-wide checks, rebuilds, and static analysis to find bugs. It also discusses the infrastructure developed to support these quality assurance activities.
Distro Recipes 2013 : My ${favorite_linux_distro} is slow!Anne Nicolas
The document discusses various potential causes of slow performance on Linux distributions and provides examples of debugging sessions. It examines CPU load, storage load issues from devices like HDDs and SSDs that can cause slowdowns, memory issues, and IRQ storms. Tracking down the root cause requires tools like top, vmstat, smartctl, and memory timing tools to analyze CPU, storage, interrupt, and memory behavior.
Nieuwe architectuurconcepten op gebied van beveiliging kunnen als aanjager werken voor het versneld realiseren van nieuwe producten en diensten, zonder daarbij tegengehouden te worden door verstikkende beveiligingsprincipes uit het verleden.
En wat is de werkelijke impact?
- Introductie
- Verandering ISO 27001:2013
- ISMS certificeringsproces
- ISMS opzetten
- Risicomanagement
- Contracten leveranciers / marktstandaarden
Sprekers:
Naam: Reinier van Es
Functie: Business Development & Project Manager
Naam: ir. Marco Bom, CISSP
Functie: Lead assessor ISMS/ QMS
Meer informatie zie: http://www.lrqa.nl/normen/86850-iso27001.aspx
Training over ISO 27001 zie: http://www.lrqa.nl/Onze-diensten/training/lrqa-all-training-courses/Informatiebeveiliging.aspx
Martin Pol, Jeroen Mengerink en Kees Blokland lanceren in 2012 een boek over het testen van Cloud Services. Met deze presentatie wordt het boek geïntroduceerd.
Flexibele Organisatie | Masterclass Cloud ICT Flexibiliseer uw ICT en innoveer uw business
Sprekers: Marianne Korpershoek, Ernst-Jan Louwers, Hub Martinussen
Cloud ICT is een van de belangrijkste ICT trends. Cloud ICT biedt mooie kansen om uw organisatie meer flexibiliteit te bieden en innovatie te stimuleren. Cloud ICT is ook een containerbegrip waarover op vele manieren wordt gesproken en geschreven. In de Masterclass bieden wij u op een heldere wijze inzicht in deze ontwikkeling, maken we de vertaling naar toegevoegde waarde voor uw bedrijfsvoering en besteden we aandacht aan de juridische aspecten van Cloud ICT.
De masterclass is niet direct bedoeld voor ICT’ers maar voor beslissers die hun ICT organisatie graag willen challengen op deze trend. Vragen die aan de orde komen zijn:
Cloud ICT:
Wat is het?
Wat heb ik er aan?
Welke kans biedt Cloud ICT voor het flexibiliseren van mijn organisatie?
Cloud ICT in juridisch perspectief:
Waar zijn mijn data?
Wie is aansprakelijk voor datalekken?
What about privacy?
Hoe waarborg ik continuïteit?
Webinar - EAM /Reliability & Integrity Software selectie - 15 juli 2020Stork
Er is een groot aantal Enterprise Asset Management IT-systemen op de markt. Over welke software systemen hebben we het eigenlijk en hoe bepaalt u welke software tool het beste bij uw organisatie past?
Ludolf Pijpker geeft u inzicht in de groepen Asset Management software systemen, in de verschillen ertussen en in een stappenplan om tot de perfecte match te komen. Dit voorkomt onnodig hoge kosten, bevordert de integratiemogelijkheden met andere systemen en zorgt voor soepel lopende werkprocessen.
Smals Research infosession on Predictive Analytics. Strategies for Big Data analysis, assuring process driven Data Quality, best practices for ETL (Extract-Transform-Load), sources for anomalies, OLAP (Online Analytical Processing), roadblocks for Predictive Analysis projects, Hardware appliances for Analytics, Massively Parallel Processing (MPP), In-database analytics, hands-on tests of IBM Netezza - Pure Data, MapReduce, EMC Greenplum, R, Revolution Analytics, SQL, Data Quality Tools, Data Profiling, Methodologies, KDD, CRISP-DM, SEMMA (Sample-Explore-Modify-Model-Assess), more info: @SmalsResearch, @Smals_ICT, http://blogresearch.smalsrech.be
De wereld van cybersecurity & ethisch hackenSijmen Ruwhof
Security awareness presentatie om medewerkers in een bedrijf meer bewust te maken over de gevaren van hacking, en wat zij zelf kunnen doen om het bedrijf hiertegen te beschermen.
Experience Story: Implementing Test automation in your organizationDerk-Jan de Grood
Test automation is omnipresent these days. Still, many organisations struggle with implementation. What tools do you select, do you allow teams to pick their own effectieve solution, or do you strive for a more cetralized approach. The answer lies in a carefull balance, where you allow new fit for purpose solutions to emerge, but reduce wildgrowth in the tool landschape.
This presentation explains how we deal with testautomation at DeltaLloyd. In our different departments created working solutions, that are bundled in a Delta Lloyd broad vision on test automation.
In our development we have , ie the test manager of Delta Lloyd with the external consultant , looked at how we could align supply and demand. We used the analogy of the fruit basket. Fruit represents the various types of test automation solutions. With business drivers as a starting point, we did prioritze de development of test automation solutions, use piloting to test the solutions in practize. When a pilot is finished susessfully it was made availble for the the other departments. The fruit is ripe and IT managers can pick it from the fruit basket, knowing that implementation will be easy and swift. The central organization provides solution, knowledge and support.
The presentation will eloborate on the model. How does it help to define the fruit, and the support towards other departments. The presentation covers a wide range from tools, via required skills, resources & processes, upto the aligment with the business. For this we define 4 groups of people, the wholesale, gardener, auctioneer and Consumer, each with its own goals and skill set.
In our presentation we want to share our approach. It benefits Delta Lloyds test automation and surely can help other companies as well.
Endpoint Security- Dwars doormidden - Thijs van Tilborg- NWD23SURFevents
Endpoint security is meer dan alleen een virusscanner. Thijs van Tilborg, IT Architect bij Hogeschool Utrecht, onthult zijn ervaring over de overstap naar een moderne holistische aanpak. Hij legt uit hoe de Hogeschool verschillende endpoints onderkent en hoe deze aanpak de beveiliging aanzienlijk heeft verbeterd. Maar pas op, deze nieuwe benadering brengt ook uitdagingen met zich mee!
Thijs van Tilborg, IT Architect bij Hogeschool Utrecht
171031 fex - op tijd compliant met gdpr - presentatie validFlevum
Innovatie | Op tijd compliant met GDPR (AVG)? Ja het kan!
De tijd dringt, er is veel werk aan de winkel om op 25 mei 2018 compliant te zijn met deze nieuwe privacy wetgeving! Vele bedrijven bieden hun hulp aan, en dat is hard nodig. Om risico’s op boetes te vermijden dient u veel te regelen. Nieuwe processen moeten ingericht worden en uw medewerkers zullen hiermee om kunnen gaan. IT kunt u als bottleneck beschouwen… Of u kunt IT zien als een kans om uw organisatie werk uit handen te nemen!
Volgens de EU zelf is de Algemene Verordening Gegevensbescherming (AVG) – in het Engels General Data Protection Regulation (GDPR) – ”the most important change in data privacy regulation in 20 years”. De Nederlandse Autoriteitspersoonsgegevens heeft niet minder dan 10 stappen (!) geïdentificeerd om voorbereid te zijn. Gelukkig hebben de specialisten van Valid dit weten te reduceren tot 4 stappen. Hoe dan ook: u kunt hulp gebruiken, en snel een beetje. Wist u dat bijvoorbeeld een paspoort foto privacygevoelig is? Een cookie trouwens ook!
Valid heeft een methode ontwikkeld met redelijke gangbare tooling om privacy-gevoelige gegevens – gestructureerde of niet! – te identificeren tussen al de systemen die uw organisatie gebruikt. Tevens creëren we virtuele verbindingen tussen de gegevens verspreid tussen systemen die bij één persoon horen. Vrij handig om uw register bij te houden! Via een dashboard wordt vervolgens de locatie, de kwaliteit en gevoeligheid van deze gegevens getoond zodat u gericht actie kunt ondernemen.
Deze sessie is uiteraard interactief van aard, en niet erg technisch. Hoewel IT- en privacy-specialisten wat op kunnen steken is de sessie meer bedoeld voor algemeen management zodat met de dialoog aan kan gaan met de interne organisatie.
Cyber Security - Wordt het veiliger of onveiliger? Sijmen Ruwhof
Hoorden we vroeger de term cyber security alleen als hackers een groot netwerk plat legden, tegenwoordig is het regelmatig in het nieuws. Cyber security is belangrijk en gaat ons in de ICT-branche en daarbuiten allemaal aan.
Maar wat is het nou eigenlijk? Waar staan we met cyber security? Wat gebeurt er allemaal? En: wat gaat er mis? Wat kunnen hackers?
Ethical hacker en security specialist Sijmen neemt ons mee in de wereld achter de krantenkoppen. Hij laat ons zien welke trends er in cyber security zijn en geeft een antwoord op de vraag of het veiliger of onveiliger wordt.
Meer over Sijmen Ruwhof: https://sijmen.ruwhof.net/weblog/
The annual review session by the AMIS team on their findings, interpretations and opinions regarding news, trends, announcements and roadmaps around Oracle's product portfolio.
The annual review session by the AMIS team on their findings, interpretations and opinions regarding news, trends, announcements and roadmaps around Oracle's product portfolio.
The annual review session by the AMIS team on their findings, interpretations and opinions regarding news, trends, announcements and roadmaps around Oracle's product portfolio.
The annual review session by the AMIS team on their findings, interpretations and opinions regarding news, trends, announcements and roadmaps around Oracle's product portfolio.
The annual review session by the AMIS team on their findings, interpretations and opinions regarding news, trends, announcements and roadmaps around Oracle's product portfolio.
Ron Hendriks is an IoT consultant and enthusiast who provides his contact information. The document discusses industrial automation and IoT, including typical hardware architectures, automation levels, protocols, and processes. It also discusses standards like ISA 88 and ISA 95. Challenges for implementing IoT in industrial automation are listed, as well as recent developments and opportunities like introducing more IT and open communication protocols. The near future and potential applications of machine learning are also mentioned.
This document provides an introduction to machine learning, including: what machine learning is; why it is relevant; common algorithms and tools used; examples of use cases; and how to get started with machine learning. It discusses topics such as supervised vs. unsupervised learning, popular machine learning libraries and frameworks, deploying models, and resources for learning machine learning.
The document discusses Internet of Things (IoT) technology and its applications for asset monitoring. It provides an overview of an IoT solution for asset monitoring using devices such as beacons and LoRa sensors that communicate with an IoT cloud platform. The solution involves registering devices and publishing their real-time sensor data to the cloud, which can then be used for applications such as asset tracking dashboards, automated monitoring, and predictive maintenance. Contact information is provided for discussing customized IoT solutions.
The annual review session by the AMIS team on their findings, interpretations and opinions regarding news, trends, announcements and roadmaps around Oracle's product portfolio. This presentation discusses architecture trends, container technology, disruptive movements such as IoT, Blockchain, Intelligent Bots and Machine Learning, Modern User Experience, Enterprise Integration, Autonomous Systems in general and Autonomous Database in particular, Security, Cloud, Networking, Java, High PaaS & Low PaaS, DevOps, Microservices, Hybrid Cloud. This Oracle OpenWorld - more than any in recent history - rocked the foundations of the Oracle platform and opened up some real new roads ahead. This presentation leads you through the most relevant announcements and new directions.
Bridging the gap between Administrative and Operational IT
Vision, Architecure and Project experience. This slide deck shows our vision on this market for industrial enterprise IOT. Conclusion
The document discusses Oracle Management Cloud (OMC), a new management platform from Oracle designed to provide smarter insight and swifter action for IT organizations. It summarizes key challenges currently facing IT, such as being overwhelmed by operational data and lacking actionable insights. OMC aims to provide a complete, integrated suite of management solutions powered by machine learning to help customers manage heterogeneous applications and infrastructure across any cloud with greater agility and efficiency.
Oracle OpenWorld 2016 focused on several key themes:
1. A shift away from a single, central Oracle database and toward distributed architectures like PDBs, sharding, Hadoop, and machine learning.
2. Adopting open source technologies and industry trends like Node.js, Docker, microservices, and Python.
3. Advancing Oracle's cloud strategy through migration tools, cloud@customer, and subscription models while improving the user experience of SaaS applications.
More from Getting value from IoT, Integration and Data Analytics (20)
8. 8
Is onder de motorkap complex, maar….
leg dit niet neer bij de eindgebruiker, want…
dan wordt techniek misbruikt
Management van Security / Identity / Acces
14. 14
Klaar voor EU Data Protectie
Verordering?
Bron: Nationale IT Security Monitor
15. 15Hoe krijg ik
de eisen
helder?
Uitstellen kan
eigenlijk niet
meer!
Hoe bepaal ik
de
prioriteiten?
Welke wetten
zijn van
toepassing?
Hoe hou ik de
kosten in de
hand?
Waar haal ik
de kennis
vandaan?
Welke
technology?
Hoe haak ik
de business
aan?Welke best
practices zijn
er?
Wat is de beste
aanpak?
16. 16
Welke security aanpak?
NIST ISO/IEC OCTAVECOBIT
• Complex
• Intensief en langdurig traject
• Kostbaar
• Resultaten laten lang op zich wachten
• Technology mapping ontbreekt
18. 18
Waarom deze aanpak?
• Methode is technologie onafhankelijk
• Overzichtelijke aanpak
• Korte doorlooptijd
• Geeft snel inzicht in huidige Security Maturity en de te nemen stappen
• Prioritering / Roadmaps
• Laagdrempelige manier presentatie van resultaten
• Goede basis voor Security Architectuur en Implementatie
• Goede voorbereiding op NIST/ISO/enz.
24. 24
Business Context
Vragen:
• Gebruikers van de diensten
• Type implementatie
• Kritieke processen
• Kritieke data
• Bestaande gebreken
• Beschikbaarheid
• Vertrouwelijkheid
• Integriteit
• Sabotage
• Operationele risico's
• Reputatieschade
• Compliance
25. 25
Technical Context
Vragen:
• Data Centers
• Data Center Organisatie
• Data Center AS IS and TO BE Technology
• Evolution plans and priorities
• High Availability, Business Continuity, Disaster recovery
• CMDB Configuratie Item’s
• Technology architectuur
30. 30
van Analyse naar
Business Resultaten
Opportunities Enablers
Recurring
Benefits
Analyse
CIA
Business Technical
31. 31
Opportunities
Op basis van de Analyse worden Opportunities gevonden.
Voorbeeld van Analyse resultaten:
• There is no process for approval process delegation
• The user provision is performed manually for all applications
• There is no central department with responsibility to “enroll” and “un-enroll”
• Very few cases are notified for accounts de-provisioning (leave and move)
• Privileges are accumulated when users change division / job
Voorbeeld van Opportunities:
• Define and adopt a policy about the user creation management, role and
responsibilities including de-provisioning
• Start a regular process to check rogue accounts in applications and databases
• Make provisioning and deprovisioning automatic
32. 32
Enablers
Voorbeelden:
• Policy and organization
• Extractors and reconciliation tools and/or Identity Analytics capabilities
• Identity Management technology
• Single Sign On tools
33. 33
Recurring Benefits
Voorbeelden:
• Risk of data leakage and frauds reduced
• Better compliance through full accountability
• Better user experience and improved productivity
• Reduced number of call to help desk to reset passwords
• Reduced costs for Identity and Access Management
34. 34
Van Enablers naar Capabilities
Enablers Capabilities
Voorbeelden van Capabilities:
• Data Encryption
• RBAC
• Automate Provisioning en De-provisioning
• Data Masking
• Auditing
• Single Sign On
46. 46
Dank voor uw aanwezigheid!
Gertjan van het Hof
Security Architect
AMIS
M +31 6 29 54 06 19
E gertjan.van.het.hof@amis.nl
I amis.nl
B technology.amis.nl