Feature Friday

4 posts

Posted June 23, 2017 | Feature Friday, Software | No Comments »

Feature Friday: Insider Threat – What is it and how to Deal With it

We’re bringing you an insightful and thought-provoking article focussed around the subject of insider threat from the cybersecurity specialists at ZoneFox this week on Feature Friday. ZoneFox strives to assist businesses throughout the world to protect their business-critical data against insider threat and is a market leader in user and entity behaviour analytics. With this said, it’s time to hand over to Eilidh Curtis at ZoneFox and find out everything we need to know about the insider threat and how we can tackle this…

Zone Fox - Feature Friday: Insider Threat - What is it and


The Insider Threat: what is it and how to deal with it

As if it wasn’t enough to have to defend from industrial spies, nation states, and script kiddies residing outside your network, one of the biggest threats to our information assets resides within our own environments. The insider threat, intentional or otherwise, is now one of the major concerns in cybersecurity, and with good cause. Within many organizations these days, users have more access to data than they need, cloud storage services have created a phenomenon called Shadow IT, permitting users to save potentially confidential data to the cloud for future access, and with the (understandable) requirement of user-friendliness throughout IT assets, security controls are often disabled rather than tuned. While the insider threat can be a pain in the backside, there are ways to protect yourself and keep your users happy simultaneously.

What is the insider threat?

In order to properly defend yourself, you need to understand what you’re up against. The insider threat comes in many forms, but you can narrow them down into either malicious/intentional threats, or threats that stem from carelessness or lack of knowledge and skill within your workforce. You may have a user that thinks it’s okay to throw the classified document that they were editing up onto their favourite cloud storage platform so that they can access it later. One of your users may provide their credentials to a malicious third-party after being subject to a social engineering attack. You may have a malicious insider who is looking to steal or destroy data because they are disgruntled or under the employ of a competing organization. In the world of startups and small businesses, security controls can sometimes be sacrificed to allow for speed of delivery, lack of knowledge, or user satisfaction. Now that you better understand the threat, we can help you get a handle on the situation.

DEFENSE #1: CREATE ENFORCEABLE POLICIES

Good documentation makes a good cybersecurity practice, and policies are a staple in said documentation. Policies back up your decisions, provide guidance for your cybersecurity controls, and give you a base for user education. Acceptable use, privacy, and mobile computing are three base policies that should exist in most organizations. The policies exist to provide the following:

  • Acceptable use policy puts parameters around how your assets can be used. Are your users allowed to store company data in cloud storage? Are USB drives allowed for backup purposes? These answers and others should reside in this policy.
  • Privacy policy tells your users what they are able to do with company data. Does classified data exist on the network? If so, how will your users need to handle it to avoid disclosure? What safeguards are in place to protect your users’ data? How is employee data stored and encrypted?
  • Mobile computing policy lays out rules for mobile access to company resources. Do your employees take laptops home? How do they access company data remotely? Are there specific rules required for travel to high-risk countries? Mobile phones; are they provided by the organization or do you live in a BYOD world? All of these mobile devices access your organization’s resources, your mobile computing policy dictates how.

Once you have a base set of policies in place, your next step is to educate your users about their existence, and what it means to them.

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted June 09, 2017 | Feature Friday, Technology Industry | No Comments »

Feature Friday – On the Horizon: Quantum Computing

This week, we’ve got a really interesting article from the brilliant people over at This Is Milk; the business transformation specialists based in Glasgow. Founded in 2013, This Is Milk set out to do things better. Their expertise lies within the realms of digital strategy and delivery which they use in order to help businesses “predict, understand and implement the changes required to successfully compete online in an ever-changing digital environment.”

This fifth instalment of their excellent “On the Horizon” blog series – in which they take a look at future business and society trends -explores Quantum Computing and the impact this could have. So let’s find out what they have to say…


On the Horizon: Quantum Computing

TIM - quantumcomp

This article was written by Denis Yordanov

Throughout the ‘On the Horizon’ series so far, we have looked at various technologies and innovations that can have a profound impact on business and society. There is one thread that runs through the four topics mentioned so far (self-driving cars, blockchain, industry 4.0, and AI) that serves as the foundation for those innovation, without which they would have been impossible, and that is computing. Computers have arguably shaped and reshaped our way of life in the last 20 years more than anything else has in that period of time. They are at the core of so many aspects of our lives that listing them will be pointless. Given the direction of development it stands to reason that the role computers play in our lives will continue to grow in the future. It’s all possible because of computing.

Computing can essentially be broken down into mathematical problems. Every action that a person executes at a computer is interpreted and resolved as maths problems by the computer. Traditional computers understand and store information through transistors, which can be either on or off. In programs this is represented by ‘bits’, which can be either 1 or 0. Simply put, ‘the language’ of our current computers is comprised of series of bits that are either 1s and 0s.  However, if those transistors are reduced to extremely small sizes they begin to exhibit quantum physics effects, such as ‘superposition’. ‘Superposition’ means that those bits can be both 1 and 0 at the same time, and in such state are called qubits. How is it possible for a qubit to be a 1 and a 0 at the same time? No one really knows definitively. But the implications of this ‘superposition’ state for computational power are astounding. If one qubit can store both 1 and 0 at the same time, then two qubits can store four values, three qubits can have six values, and so on, resulting in computing power ramping up exponentially.

The idea of quantum computing and the value that it holds have been around for a while. But more recently some organisations have been successful in reaching the elusive quantum computing state and have begun to harness its power. For example, IBM announced that it now offers free public access to its cloud-based 5 qubit quantum computer IBM Q, and also has plans to offer ~50 qubits systems commercially. Another example is D-Wave’s quantum computer that Google and NASA have been testing since 2013.

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted May 26, 2017 | Feature Friday | No Comments »

Feature Friday – Website Migrations: Finding & Fixing SEO Issues Post-Launch

This week on Feature Friday, we’ve got a brilliant article to share with you – written by Emily McLaren, SEO Team Leader at Equator. A big numbers digital agency that’s been growing and developing since 1999, Equator are all about genuine insights and a deep understanding of consumers – that’s what makes them great at what they do! With this said, we’re excited to bring you Website Migrations: Finding & Fixing SEO Issues Post Launch. Emily takes us through the critical post-launch SEO work which can make or break your visibility in organic search. So, let’s find out what she has to say…


Website Migrations: Finding & Fixing SEO Issues Post-Launch

 

Around 90% of the search engine optimisation (SEO) work during a site migration takes place prior to launch. But the remaining 10% – post-launch – is critical. After all, it could take just one or two small missteps to potentially obliterate your digital footprint in organic search.

Thoroughly auditing a website post-launch allows you to catch and fix any of the SEO issues that may have slipped through the net – and ultimately protect your SERP real-estate.

Below are step-by-step instructions on how to:

For a full checklist of all the pre-migration, during-migration and post-migration SEO tasks as well as a list of some of the useful tools referenced within this guide, please download our site migration SEO checklist.

Auditing redirects

Immediately following the launch of a website, it’s essential to audit all website redirects to identify any instances of rogue 404s as well as redirect chains that may have occurred due to the migration.

Redirect chains can significantly affect page load speed and a high volume of 404s can impact search engine visibility. Addressing issues with redirects will not only give visitors a more consistent and high quality user experience – it can also have the potential to improve rankings.

Below are two of the most useful tools to use when auditing redirect chains – Screaming Frog and IIS SEO Toolkit. Screaming Frog is an SEO spider tool which can crawl websites and fetch key website data in real-time. And IIS SEO Toolkit is a free optimisation tool which performs a detailed analysis of your website and will provide suggested fixes for the specific migration issues we’ve identified.

Screaming Frog

To find redirect chains using Screaming Frog, follow the below steps:

1. Navigate to ‘configuration’ in the top navigation > select ‘spider’ > select ‘advanced’ tab > tick ‘always follow redirects’

2. Navigate to ‘mode’ > ‘list’ > select ‘upload’ and then either upload all legacy URLs from a file, enter them manually or paste all URLs > hit ‘start’ and run the crawl

3. Once it reaches 100%, navigate to ‘reports’ within the top navigation and select ‘redirect chains’ from the dropdown menu

Site Migration Blog 1

IIS SEO Toolkit

Redirect chains can be found in the following view within SEO Toolkit:

1. Select ‘create a new analysis’ > name the crawl & input the domain into the ‘start URL’

2. Within the ‘advanced settings’, customise the settings to suit your needs

3. Navigate to ‘violations’ > ‘violations summary’ and look out for “the redirection response results in another redirection” (as shown below) > double click to open the violation and find full details of the issue and recommended action

4. Alternatively, navigate to ‘report’ > ‘export all violations’ > open Excel spreadsheet > apply filter > filter column ‘violation code’ > filter to ‘RedirectToRedirect’ > find the full details of the issue and recommended action within the column ‘violation description’ and ‘violation recommendation’

Site Migration Blog 2

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted May 12, 2017 | Digital Media, Feature Friday, Software, Technology Industry | No Comments »

Feature Friday: Utterances, Slots and Skills – The New Vocab of Voice

This week, we’re introducing an exciting new item to our blog; give a big warm welcome to Feature Friday! From today onwards, we’ll be featuring awesome articles on a range of different topics and from a whole host of brilliant companies within the industry, every second Friday.

Who better to kick this off with than Screenmedia and their interesting insight into the new world of voice application development vocabulary! The innovative digital practice is at the forefront of voice application development and in 2017, Screenmedia was the first UK company to launch a smart home action for the Google Home. Their industry leading voice development team also works with a range of voice platforms including Amazon Alexa, Google Assistant, and Siri. So, let’s find out what Screenmedia have to say about The New Vocab of Voice


Utterances, Slots and Skills 

The New Vocab of VoiceScreenmedia's image - The New Vocab of Voice

Since Amazon opened up its voice platform Alexa to developers in 2015, the platform has seen several thousand new ‘skills’ launched. Those trying to get their head around designing and developing for voice will quickly come across some unfamiliar terms which require decoding before the work of skill-building can begin. Having recently undertaken flagship UX work building skills on the platform for our clients, here is a quick guide to getting your head around the key terms Amazon uses when developing for Alexa.

Note: the following is applicable to Amazon’s Alexa. Other companies have their own glossary of terms, some use the same terms, others use their own terms, but Alexa is currently the most widely used platform.

Alexa vs Echo

In discussions and in the media, the terms ‘Alexa’ and ‘Echo’ are often conflated when in reality they refer to specifically separate things. Echo refers to the Amazon Echo, a physical product, with a speaker and ring of microphones. Echo can also refer to the Echo Dot, the main Echo’s smaller cousin.

Alexa is the cloud-based ‘intelligent personal assistant’ which processes your requests and supplies answers back to you. If it’s easier, think of Alexa as the ‘mind’ of the ecosystem, while Echo is the ‘body’. When you speak your conversation is with Alexa — Echo is just the mouth and ears. Alexa isn’t constrained to just the Echo though, you can also speak to Alexa through Amazon’s Fire-branded products, as well as a growing number of third-party consumer devices.

Wakeword

The Echo devices have a ring of always-on microphones, meaning the device is always listening to what is around it but in a dormant state. It will only ‘wake up’ and actively pay attention to you when it hears a specific word or phrase, called a wakeword. Amazon offers a choice of ‘Alexa’, ‘Amazon’, ‘Echo’, or ‘Computer’ for these wakewords, with the default being ‘Alexa’. This wakeword cannot be changed beyond these four options by users or by developers. The only time the wakeword options have changed is when Amazon added ‘Computer’ in late 2016.

Note; a ‘wakeword’ wakes the assistant, but does not trigger your specific skill, that would be an invocation (we’ll get to this later).

Skills

The simplest way to describe a skill is ‘an app for Alexa’. But try to avoid this, as it can cause confusion with the Alexa App, (which we’ll come to later on). Amazon maintains a list of available Alexa skills on its site.

Skills aren’t downloaded in the same way that a phone app is and are instead ‘enabled’. This is because the code and content for a skill are not stored on the Echo device, but in Amazon’s cloud servers along with Alexa itself. If a user wants to use your skill, they ‘enable’ it, either within the Alexa App or by asking Alexa to enable it. This then gives the user the ability to invoke and use your specific skill.

There are three types of skill:

Custom Skills

This is the most common type of skill, and gives you the most control over the user experience. This type of skill lets you develop just about anything you can imagine.

Smart Home Skills

This is a type of skill specifically for controlling smart home appliances. It gives you less control over the user experience, but is simpler to develop.

Flash Briefing Skills

This type of skill is specifically for compatibility with Alexa’s native ‘Flash Briefing ability. This type of skill also gives you reduced experience control, but again is simpler to develop.

Enjoying the article so far? Click here to continue reading.

 


Want to work with Screenmedia? We’re currently recruiting for a Voice Application Developer and Senior Front End Developer. You can take a look at the roles here or contact dmains@enigmapeople.com directly for more information.

You can also find all of our latest vacancies here and for general inquiries, contact hello@enigmapeople.com

Follow us on Twitter for all the latest tech, business and recruitment news @enigmapeople  twitter or LinkedIn  LinkedIn

Continue Reading

Subscribe or follow for the latest job vacancies