The KIT ─ Knowledge & Information Technology
No. 229 - 3 December 2018
Was this forwarded to you?
In This Issue
Device Sanitization Procedures
Secure Electronic Voting
Self-Driving Car Industry Needs
Data Breaches
Private-to-Public Cloud Migration
LASER 2019
Seen Recently
Claude Baudoin

Consulting Services
  • IT Strategy
  • Enterprise Architecture Roadmap
  • Business Process Modeling & Analysis
  • Enterprise Software Selection
  • IT Innovation Briefings
  • IT Due Diligence
  • Executive IT Seminars
  • Cloud Computing
  • Security Maturity
  • Software Process
  • Knowledge Strategy
  • Technical Communities
  • Knowledge Capture
  • Taxonomy development
  • Enterprise Social Media
Contact Us:
cébé IT and Knowledge Management
www.cebe-itkm.com
info@cebe-itkm.com
+1 415 870 ITKM
Twitter: @cbaudoin
Archive:
Previous KIT Issues
Forward this issue to colleagues and friends: use the "forward email" link below at left, rather than "Forward" in your email software, to preserve your privacy, give the recipient more options (their own unsubscribe link, etc.) and to give us better click-through data. Thanks!
Please Pardon the Dust
Due to a technical issue with a WordPress plug-in, some of the pages of the cébé website, including the archive of past issues of the KIT, were unavailable last week. It looks like we have fixed the issue. Thank you for your patience.
Device Sanitization Procedures
The US Computer Emergency Response Team (US-CERT) has published Security Tip ST18-005, entitled Proper Disposal of Electronic Devices. This short document contains instructions, well-known to security professionals, on how to properly wipe data off of a device (laptop, tablet, smartphone, etc.) before disposing of it.

Companies would be well advised to distribute this document to their employees, who often hold some work-related data on personal devices.
Baby Steps in Secure Electronic Voting
During the recent U.S. "midterm" legislative elections, 140 voters from West Virginia who reside out of the country were able to vote using a mobile application from Voatz that relies on facial recognition and blockchain to secure the voting process. This Washington Post article explains the pilot project.

Not only is it a very small-scale project (the article title wildly exaggerated it as "the biggest blockchain-based voting test ever") but whether it was really tamper-proof and could prevent vote buying or coercion is open to discussion (read the article for details).
Award for the Vague Obvious Statement of the Month
And the November award goes jointly to... the CEO of Jaguar Land Rover, Ralph Speth, and Reuters Business News for the earth-shattering statement that "the self-driving car industry needs standards and security." The success of the industry depends on "standards for key equipment, a wide-reaching 5G broadband network, [...] strong partnerships, [and] unified and clear guidelines for safeguarding driver information and privacy." Since there are few details on how to achieve this, and the article would have been too short as a result, the author or editor just repeated each point several times.
A Data Breach Can Hide Another One
The leak of records for 500 million customers of the Marriott Hotel chain just made the news, but a few weeks earlier we learned that American Express (Amex) India had exposed 700,000 cardholder records, stored in plaintext on a MongoDB server that was not password-protected. See this ZDnet article for more details.

This shows once again that failure to take very basic security precautions is a key cause of data breaches, even at large companies. No wonder regulators are moving to punitive measures, such as those in the EU's GDPR, to make companies take security measures seriously.
Private-to-Public Cloud Migration
An Information Age article from four weeks ago tells of the adoption of Amazon Web Services by the Guinness Book of World Records, which is increasingly moving to digital content delivery. A key benefit of moving to a public cloud was the ability to scale up rapidly when the announcement of a new record causes a spike in traffic.

Thanks to John McLaughlin for featuring this in his IT News and Events newsletter.
LASER 2019
The program of the LASER Foundation's 15th Summer School on Software Engineering has been published. As usual, the event will take place on Elba Island, Italy; the dates are June 1-9, 2019. This edition will be devoted to "the complementarity and confluence of Artificial Intelligence, Machine Learning and Software Engineering."
Seen Recently...
"Let's go invent tomorrow instead of worrying about what happened yesterday."
-- Steve Jobs, quoted on Twitter by Catherine Havasi, co-founder of Luminoso,
a company that uses natural language processing (NLP) for sentiment analysis

"Our reliance on automated systems needs to be balanced with a continued ability to manually execute as a fail-safe."
-- Tweeted by Thomas Fischer, after "sitting here over 5 mins on the
taxiway because the automated docking system was having a problem."