With Christmas trees getting wrapped up for the chippers and the feelings of celebration, togetherness, and giving diminishing to their normal levels— comes that familiar feeling of buyer fatigue. Whether we’re questioning the impact or necessity of the gifts we gave, wondering if we’ve gone overboard or are simply just happy that all the running around is over. A lot of us are just feeling tired at this point in the season. Tired of just buying… stuff.
As you may have heard in the news, computer researchers have recently discovered a design flaw that results in a security vulnerability in the CPU chip that powers nearly all the world’s computers, including PCs, smartphones, and data center computers. This hardware bug allows malicious programs to steal data that is being processed in the computer memory. The name given to these vulnerabilities is ‘Meltdown’ for Intel chips or ‘Spectre’ for AMD and ARM chips. The first reports were published on January 2, 2018, prior to a coordinated disclosure scheduled for the week of January 8. There is no evidence of exploitation at this time, but the publicly disclosed proof-of-concept (PoC) exploit code could result in the vulnerabilities being weaponized for malware delivery.
As 2017 comes to an end, the latest PCI DSS 3.2 requirements (coming into effect on Feb. 1, 2018) are on the minds of many Service Providers and Merchants. A natural question stemming from these changes is "What do I do if I fail my PCI assessment?" Let's take a look back to a blog written earlier this year that answers just that.
Remember when PCI DSS version 3.2 was released way back in April 2016? We counted our blessings that the new requirements truly raised the bar - especially for Service Providers - and gave us a considerable grace period to implement them. And as it goes, 2018 seemed so far away and implementing these changes didn’t seem so urgent. Well fast forward to today and all of a sudden January 31, 2018 doesn’t seem too distant in the future anymore.
More and more, it is becoming critical for organizations to ensure that project investments deliver on their expected outcomes. Projects exist primarily is to provide some element of business improvement or new capability, resulting in benefits to the organization. This prompts an important question – do your projects deliver their proposed business change and expected benefits?
I was recently asked the following question: “Can Health Centers adopt the less stringent password measures recently updated in [NIST Special Publication (SP) 800-63-B] and still be compliant under the HIPAA Security Rule?” This is a great question that isn’t quite as simple as it may seem. It requires an understanding of what the NIST Digital Identity Guidelines are, their place in enforcement, and how to interpret HIPAA requirements as they relate to authentication.
In today’s world, information is available to anyone with a simple swipe on a smartphone. With this ease of interaction, customers are increasingly rejecting traditional brand touchpoints, such as print media, and focusing their time on personalized interactions that are designed with the customer in mind. A future filled with digital experiences is closer than we think and we need to adapt, or be lost, to this new reality.
What does it mean to have a hit product? Think about the last time you downloaded an app that you felt excited about using. Then actually used it, regularly. An app that you found useful, yes, but also pleasurable. You’re probably going to be hard-pressed to come up with an example outside of Angry Birds, right? Well that’s the goal that we set for ourselves here at Online. We don’t just want to make apps that are useful, we want to build apps for our clients’ that are a hit with their users.
Does your organization find it challenging to develop strong business cases that will get the support of key stakeholders and necessary project funding? Is there a proven methodology in your organization to prioritize proposed projects to select the highest value initiatives? No? Well you wouldn’t be alone. To some degree, many organizations struggle to develop robust and believable business cases and subsequently struggle to prioritize the proposed projects.
If you read my previous blog on Agile Project Management and Scope Creep, you’ll note that I touched upon another project management technique known as Minimum Viable Product (MVP). Although there are many definitions of the term MVP, for the purposes of this discussion I’m referring to a product that has been built with enough features to solve the absolute basics of the problem it is trying to solve. It can be seen as an unmatured solution that will solve the problem, but will still need to be built upon. This type of ‘concept’ MVP is commonly used by start-ups to prove or refine an idea more rapidly and at a lower cost compared to building a releasable product.