Archives for Uncategorized

California Consumer Privacy Act (CCPA) Mitigation Services

An ounce of prevention can meaningfully reduce risk for companies under CCPA. The cost of non-compliance of CCPA can be very large. CCPA introduces significant legal and technical challenges; it requires new policies, procedures, disclosures, 3rd party agreements, data mapping, security, new operational capabilities to satisfy customers requests based on their new rights and other preparation for compliance. In California Consumer Privacy Act (CCPA), Why You Need To Start Now! We described the new rights, fines, statutory damages, other requirements. We mentioned that CCPA authorizes a limited private right of action (and class action through proxies) for consumers whose personal information Read More

Categories: Uncategorized.
Languages: English.

Already the Next Big Thing?

Until we started a collaboration with Mike Vaughan to develop one for an eco-tourism operator just north of the SF Bay Area, I was not familiar with the term “Progressive Web Application”. It turns out that it describes mobile applications that are delivered via Web browsers and that are built using common web technologies including HTML, CSS and JavaScript. While not distributed from one of the popular App Stores, PWAs can do much of what native mobile applications can do, and perform almost as well as native mobile applications, due to the ongoing evolution in the architecture of the web. Read More

Categories: Uncategorized.
Languages: English.

Privilege Escalation and Data Protection

A cyberattack is actually like a disease. The infection starts with an attacker taking advantage of some weakness in the system to penetrate and gain a foothold in an organ; in the case of an attack, the organ is often some computer that’s not being diligently managed. The infection takes control of the machinery of the organ, using it to build up its strength and using it as a base to launch incursions into other parts of the network. The incursions probe for valuable information and other weaknesses they can leverage. One of the main things they look for is Read More

Categories: Uncategorized.
Languages: English.

References for Data Security talk

This is a list of references I have assembled for the talks on Data Security that I am presenting at XPlor17, Enterprise Data World, and Data Summit this spring: Intel Security – Grand Theft Data CyberCriminals and their APT and AVT Techniques InfoSec Institute: Anatomy of an APT Attack: Step by Step Approach Forrester: Transform Your Security Architecture And Operations For The Zero Trust Ecosystem Forrester: The Future Of Data Security And Privacy: Growth And Competitive Differentiation Forrester Wave: Data Loss Prevention Suites Q4, 2016 Data Guardian’s Definitive Guide to Data Loss Prevention Guide to Cyber Threat Hunting (Digital Guardian) Read More

Categories: Databases, Security, and Uncategorized.
Languages: English.

Why Linux is so freaking difficult!

I’ve installed three different linux variants in virtual machines in the past week. One, LinuxMint based on Ubuntu, crashed repeatedly, so I deleted it. Another, CentOS with a command line UI, does not seem to be connecting to the network. So I went to Zorin, which I have used for years with relative success. It installed, connected to the network and seemed to be stable. There is a new version, version 12. It has a new software management application. I decided to use it to install a new software on the OS, a database that I work with (MongoDB). I Read More

Categories: Uncategorized.
Languages: English.

Oracle Gets Containers

At this year’s Oracle OpenWorld people from Larry Ellison on down were talking about Docker containers. I do not remember the subject coming up in the Oracle community in previous years. Before I start to get into why Oracle talking about Docker containers is important I should probably talk about what Docker containers are and what they are good for (and bad for). You probably have some experience with the concept of virtual machines, which are simulated computers running inside your physical computer. You can get Virtual Machine management software (like VMWare or Virtual Box from Oracle) and use it Read More

Categories: Uncategorized.
Languages: English.

MySQL Team Announces Version 8

The MySQL team has announced “version 8“, you can see highlights of the planned release at the link. You can find internal documentation on MySQL 8 here. This will be useful to developers and DBAs trying to understand what’s going on inside MySQL. The MySQL Team blog will be a good source of ongoing information. Another member of the MySQL team with a blog is Morgan Tocker. He calls it Master MySQL. You know, MySQL is a very popular database for “Web applications”. That is more due to the fact that it was easy for application developers to use without help from DBAs that Read More

Categories: Uncategorized.
Languages: English.