Premium expertise for AI tech
A “capable enterprise” is one that achieves consistently superior performance; one that consistently delivers superior value to its customers, innovates more rapidly, is difficult to imitate, and is more profitable. A capable enterprise is one that has developed and sustained a few vital capabilities. Such enterprise capabilities represent repeatable patterns of action in pursuit of …
The dreaded "login button" has been put on websites since the advent of bulletin boards as a means to moderate forums. Later the login button served e-commerce and also publisher's websites as a way to get to know the consumer a bit more for personalised advertising. The login button became an integral part of a …
Continue reading "How to implement policy-based authorisation?"
This is a story of a backdoor planted in the IT supply chain. On December 17, 2020, the US Cybersecurity and Infrastructure Security Agency (CISA) released a sobering alert on the SolarWinds attack, noting that CISA had evidence of additional access vectors other than the SolarWinds Orion platform. CISA’s advisory specifically noted that one of …
The OAuth 2.0 (and the updated OAuth 2.1) specification defines a delegation protocol that is useful for conveying authorisation decisions across a network of web-enabled applications and APIs. Since OAuth 2.0 is used in a wide variety of applications that include user authentication, many people incorrectly conclude that OAuth itself would be an authentication protocol. …
An API (Application Programming Interface) is the visible part of a microservice. A microservice architecture is a modern variant of the service-oriented architecture to facilitate both the development and the operations of complex IT systems. In a microservices architecture, an application is arranged as a collection of loosely coupled micro-level services that are built around …
The term Digital Transformation, “DX” in short, has become overloaden and has become confusing, if not, meaningless. How did it come to this? And what does it actually mean originally? Are there risks of misinterpreting it? Let’s first discuss what it is not, notwithstanding what vendors and consultants say about DX. DX is not the …
In 2018, Netflix earned $853 million through the App Store, of which $127 million went to Apple. So the 15% in-app purchase commission gave Apple a significant amount of Netflix’s profits. In an attempt to retain the likes of Netflix and Spotify, Apple decreases the percentage for (a subset of) subscription apps in 2016 from …
Continue reading "Should publishers pay the App Store fee for subscriptions?"
In 2011, Gartner predicted that within 10 years, the majority of global enterprises would support enterprise architecture as a distinct discipline that is integral to business planning. Now, in 2021, it is in many companies growing from a support function into a highly strategic one, responsible for designing an intelligent information architecture that supports digitalisation …
As the name suggests, access control is the function that checks whether somebody should be able to access something. With "somebody", I mean the actor that is requesting access. This actor can be a person, but also a mobile app or an API and even a person working on behalf of a company. With "something" …
Continue reading "How do access control and authorisation differ?"
HR service providers, be it payroll, employee insurance or leasing companies, often see their digital transformation as: offering integration of their mainframe applications with the accounting package of employers. If they happen to offer an app for employees, they often see it as a ‘digital window’ onto pdf documents generated for legal or tax purposes. …
Continue reading "Becoming employee-centric with HR services"
Controlled AI services 