THE
SOCIETY
ISSUE ONE 2014 The Magazine of the Singapore Computer Society
CYBER SECURITY & WELLNESS
03 True Friend of the SCS MCI (P) 108/07/2013
16 IT Leader Awards 2014
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
1
EDITOR’S MESSAGE
Cyber Wellness & Security Tan Teng Cheong
Editor Senior Member, SCS tengcheong.tan@scs.org.sg
T
ime sure flies. It wasn’t that long ago that I was writing the Editor’s message for the last issue of 2013. The next thing I know, all the festivities are behind us and soon the first quarter of 2014 will be over. The theme for this issue is “Cyber Wellness and Security”. This theme is very different to our previous ones — Cloud Computing, Data Analytics, Enterprise Mobility and Big Data — which are very much enterprise focused. We decided on it to blend our usual enterprise focus with a touch of Consumer IT. Though different, the editorial team felt it’s very appropriate, especially for those readers who are parents, given our current hyperconnected world.
Your Children’s Digital Activities”. And if the message here resonates with you, try out the free software at www.qustodio.com and remember to use the special promo code “Q25TC” if you need the Premium version to enjoy an extra 25% discount. We’ve negotiated this special offer for you because you’re a reader of The IT Society!
Last, but not least, read all about what Alphonsus Pang, our immediate past President, has done for us as well as Singapore’s IT industry in our special citation on him. We bestowed on Alphonsus the Society’s highest accolade of Honorary Fellow at our Gala Dinner held on 21 February at the Shangri-La hotel.
Our feature on “Securing Mobile Applications in the Enterprise” tells you how an organisation armed with the correct tools for Mobile Application Management (MAM) can empower employees with the use of mobile apps while ensuring the security of its corporate data and employee information.
As usual, for the lighter side of life, we update you on recent fun IT innovations, tease you with our Quiz, and fill you in on the activities and other news of our SCS members. Enjoy!
With this theme, we have put together some very interesting articles. Read about the IT Security Awareness Program the Singapore Management University is running to try and change careless cyber behaviour. In our feature on “Transforming Big Data into Big Value”, you’ll read how Intel® Distribution for Apache Hadoop* software manages demanding data requirements and enables real-time analytics. If you’re a parent anxious about the dangers your children are exposing themselves to in cyber space, learn ways to manage what they do on the Internet, mobile devices and social media from the article “Managing
Editor Tan Teng Cheong Contributing Writers Angela Huang Khoong Chan Meng Philip Kwa Tan Teng Cheong Tang Ai Chee Columnist Chandra Sekar Veerappan Editorial Support Leong Hoi Lan
Advertising Sales & Admin Leong Hoi Lan For ad sales enquiries, Tel: 6226 2567 ext 12 Email: hoilan.leong@scs.org.sg Mailing Address 53 Neil Road Singapore 088891 Email scs.secretariat@scs.org.sg Editorial & Design Oculus Design Pte Ltd
Feedback We value your feedback on this magazine. Simply email scs.secretariat@scs.org.sg with your comments to help us produce an even more interesting and relevant magazine for you in subsequent issues. You are welcome to submit articles for consideration of inclusion.
The IT Society is the official publication of the Singapore Computer Society. Any part of this publication may be reproduced as long as credit is given to the publisher, Singapore Computer Society. The views expressed herein do not necessarily reflect the views of the Society.
For advertising enquiries, please call 6226 2567 or email scs.secretariat@scs.org.sg.
Attribution-Noncommercial-Share Alike 3.0
CONTENTS REGULARS 01 Editor’s Message FEATURES 03 True Friend of the SCS 04 Play Your IT Security Awareness Programme Like A Broken Record 05 Securing Mobile Applications in the Enterprise 07 How To Keep Your Business Safe From The New Cyber Menace 08 Managing Your Children’s Digital Activities 10 Transforming Big Data into Big Value PROFESSIONAL DEVELOPMENT 13 First CITBCM BOK Launched! Double Your Enjoyment of Our IJIT
03
04
13
MEMBERS 15 Welcome Aboard HAPPENINGS 16 IT Leader Awards 2014 17 A Night to Celebrate 19 Calendar of Events THE LITE SIDE 19 Questions & Answers 20 SCS Quiz Innovative Invents
16
17
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
FEATURE
True Friend of the SCS At the recent SCS Gala Dinner & IT Leader Awards held at the Shangri-La Hotel, the Society conferred its highest award of Honorary Fellowship on immediate former SCS President, Mr Alphonsus Pang.
O
n 21 February, Alphonsus Pang joined the list of 16 other IT luminaries who have received the Society’s highest award, given only to those who have made exemplary contributions to the advancement and development of IT in Singapore. Describing the 17th Honorary Fellow as “a true friend of SCS”, Honorary Fellow and former SCS President Wilson Tan, who read Alphonsus’s citation, said Alphonsus “is a role model for members of the Society and young IT professionals”. Having risen through the ranks in SCS and served in numerous capacities in SCS as well as in the industry, Alphonsus did what was needed to be done for the SCS and more, Mr Tan added.
Distinctive initiatives He served with distinction on the Executive Council for 15 years from 1997 and helmed as SCS President from 2009 to 2011. As SCS President, he presided over a host of initiatives that resulted in a significant increase in SCS activities and membership, especially of young IT professionals. Because of these initiatives, SCS now provides a meaningful link between students and the IT community through dialogues and tea sessions and the IT Youth Council, which Alphonsus established. He also increased the number of our student Chapters from 12 to 16.
Upgrading professional standards The 17th Honorary Fellow also contributed significantly to the improvement of professional standards and helped to expand the suite of SCS professional certifications.
Vision of sustainability Alphonsus had the vision to create new projects with staying power. In 2009, he launched the Infocomm Professional Development Forum (IPDF), which has now become the anchor IT event. He also mooted the idea of the Infocomm Survey which has become a regular platform for feedback on needs and
“Alphonsus is a true leader who gets-the-job done, and yet a downto-earth people person. He is always cheerful and humble and is well liked by people who work with him,” said Mr Wilson Tan.
Alphonsus’ involvement was not confined to SCS. He sat on a string of committees, national boards and task forces, such as IT Manpower Industry Panel, National Infocomm Award Steering Committee, IT Standards Committee, ITE Advisory Board (which he is still serving) and ISS Management Board
issues concerning Infocomm professionals and students in Singapore.
“Alphonsus is a true leader who gets-thejob done, and yet a down-to-earth people person. He is always cheerful and humble and is well liked by people who work with him,” said Mr Wilson Tan.
And under his stewardship, SCS developed InfoPier – Singapore’s first and only registry for Infocomm professionals, which aims to match the demand and supply of IT professionals more effectively. To strengthen the Society’s structure and governance, he placed a strong focus on building the ICT eco-system guided by the 3 Cs: Connectivity, Capability and Capacity.
Reaching out A firm believer in reaching out to the needy in the community, Alphonsus started the Volunteer Engagement Programme for members to engage better with society. “In giving, you receive,” he said. And to get members to engage more with one another, Alphonsus started Member Rapport Night and Business Networking Nights.
Now a Chief Operating Officer and Chief Information Officer at the AttorneyGeneral’s Office, Alphonsus has held very senior positions in various divisions of MINDEF (Ministry of Defence), as well as in Defence Finance Organisation (DFO) and Systems & Computer Organisation. SCS Honorary Fellows: Pearleen Chan Willie Cheng Noel Hon Robert Iau FC Kohli Lee Kwok Cheong Lim Swee Say Johnny Moo Juzar Motiwalla
Alphonsus Pang Saw Ken Wye Alex Siow Tan Chin Nam Wilson Tan Martin Tsang Wee Tew Lim Philip Yeo
3
4
THE IT SOCIETY — Issue One 2014
Facebook: www.facebook.com/SingaporeComputerSociety
FEATURE
Play Your IT Security Awareness Programme Like A Broken Record
Running an IT Security Awareness Programme is much like playing a broken record – you keep it going on and on with the goal of affecting change in careless behaviour.Tang Ai Chee, of Integrated Information Technology Services (IITS) at the Singapore Management University, shares why this arduous task is still a must! Tang Ai Chee
Senior Member, SCS Senior Associate Director (IT Governance) Integrated Information Technology Services, IITS Singapore Management University
A
few months ago, a colleague fell prey to a phishing scam. The malicious email, supposedly from a local bank, had appeared so legitimate that she did not think twice about providing her bank account details – only to discover later, and rather painfully, that it had been a phishing email. By then it was too late; her account had been compromised and monies withdrawn. Ironically, at the time, our own institution had just launched its first IT Security Awareness Programme and our security messages couldn’t have resonated better with this colleague of ours. Her only regret was that she had not paid much attention to all our security awareness guidelines until after the incident.
Don’t wait till it is too late
Phishing is one of the more popular methods hackers use. The malicious phishing emails typically contain contents that appear most legitimate to the recipient. According to a recent study1 by KnowBe4, about 16 per cent of 291,000 people tested are prone to clicking on links in bogus phishing. The company that conducted the study even suggested punishing careless employees to reduce security breaches. They claimed that by holding employees accountable for careless security breaches, the percentage of phishing attacks victims fell to just over one per cent. Today, the Singapore Management University, like all other organisations, face increasing
challenges in addressing the rising number of security threats. The volume of spam, phishing and malicious attacks the SMU’s email system encounters has increased substantially over the years. On average, the institution receives about 130,000 emails a day, of which 91,000 are blocked as spam or phishing attacks by our anti-spam systems. Despite the filtering, a large number of spam and phishing emails, manage to get past our anti-spam systems undetected and end up in our users’ mailboxes. In a targeted attack, it takes only one successful infiltration to cause extensive harm and damage. While it doesn’t advocate punishing careless employees or users, SMU attempts to change users’ behaviours through the IT Security Awareness Programme (ITSAP) that was launched on 1 Nov 2013. The aim of ITSAP is to build a securityaware culture among members of the SMU community; to educate users on recognising and escalating events; and to enhance security defence through loss prevention.
User behavioural traits needing change
Our awareness programme has now been going a good 3 months and results have proved to be encouraging although weaknesses exist and will remain. Our analyses show that users: 1. Have either little or no awareness of security, or have the mentality that “no harm will happen to me” until harm hits them (as in the case of my colleague) and they learn the hard way. 2. Do not tend to read things that are sent to them, or do not want to be bothered with these, or have other more important things on their minds. This trait is most evident in faculty and students. We will uncover more insights when we conduct our own phishing tests in the very near future.
What has been done so far?
The Cyber Security Awareness Team (CSAT) placed in charge of ITSAP implemented a series of security awareness activities such as: • Engaging students and representative groups as security ambassadors; • Creating security collaterals such as the Cybersecurity Awareness website, and posters and post cards for dissemination; • Emailing regular security messages in the form of cartoons and short clips to the community; • Holding topical security talks during lunch time, which have incidentally proved to be popular; and • Conducting “raids” on security breaches in common areas and identified offices
1
2 1. Free scanning of users’ mobile devices at an SMU event on 17 Jan 2014 2. The SMU IITS IT Security Team
Web: www.scs.org.sg
An uphill task that’s a Must
Educating users and making them more security-aware is more than an uphill task. But increasing security threats and the proliferation of the BYOD (Bring Your Own Device) policy and use of smart devices in schools and organisations make this a necessary task. It is often said that in the security implementation chain, people are the weakest link. Technology, policies and processes can only do so much to put up a defence perimeter. Security breaches will happen if human activities lead to the opening of gates in the fences.
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
institution’s security posture by cultivating open communication, disseminating information, and repeating security awareness activities until behaviours change.
5
than the norm. The losses, often reputational loss, to the organisation during a security breach, cut deep into the trust and beliefs of stakeholders and are sometimes irreparable.
Postscript
Fortunately for my colleague, all ended well for her as the bank made good her losses. However, happy endings are a rarity rather
If education fails, what’s next? In an educational institution, where our users are also our customers, there is no “next”. Hence the imagery of playing a broken record. We make our users part of the
1
“Punish careless employees to reduce security breaches, vendor says”, blog by Antone Gonsalves on CSO Online. Accessed on 5 Feb 2014 at http://www.csoonline.com/ article/746986/punish-careless-employees-to-reduce-security-breaches-vendor-says
Securing Mobile Applications in the Enterprise An enterprise with the right Mobile Application Management (MAM) tools can empower staff with mobile apps while ensuring the security of corporate data and employee information. Philip Kwa, Senior Member, SCS, and sales executive, AirWatch, explains. Philip Kwa
Senior Member, SCS Sales Executive AirWatch
D
emand for mobile applications is growing rapidly as an increasing number of mobile devices infiltrate organisations. Employees request applications that connect them to enterprise resources, increase their productivity, and promote collaboration with colleagues. Smart organisations provide them with companyapproved public applications and custombuilt internal ones. Enterprises without the right resources may find it intimidating not only to allow but encourage employees to use apps at work. To streamline the challenge of acquiring, distributing, securing, and tracking mobile
applications, they use a mobile application management (MAM) solution to manage internal, public and purchased apps easily across employee-owned, corporate-owned
and shared devices from one central console. Options include app scanning, app wrapping, application software development kits and app catalogs.
6
THE IT SOCIETY — Issue One 2014
Facebook: www.facebook.com/SingaporeComputerSociety
FEATURE Once an organisation has the right tools for MAM, it can empower employees to use mobile apps while ensuring the security of corporate data and employee information.
App Scanning While applications present many benefits in the enterprise, they also introduce risks if they are not properly secured. IT administrators must implement a plan to block malicious applications and ensure that internal and third-party apps meet their organisations’ security standards. In addition to protecting their companies from publicly available malicious applications, administrators should address concerns about apps accessing personal data on employee-owned devices. App scanning allows administrators to identify common app risks, such as access to privacy settings, exposing user contacts or geolocation information, insecure network connections, malicious code, and more. IT administrators can run app scans, view app analyses and use that information to decide if an application is safe for business use, and, if not, blacklist the application. Organisations must know what information an application is accessing to determine if the application is safe for employee use. Every company has different security needs and must evaluate applications based on its needs. For instance, while some companies may be able to utilise locationbased apps, other enterprises may restrict them, depending on the sensitivity of the data involved and the mobile device policy agreements with employees.
App Wrapping
In addition to third-party applications, many enterprises are building internal applications for specific business and employee roles. IT administrators must ensure these applications are secure and that corporate data won’t be compromised, whether the applications are installed on corporate-owned or Bring Your Own Device (BYOD) devices. App wrapping gives existing internal applications an extra level of security and management capabilities without further development or code change. With an injected code, developers benefit by not spending time coding for additional features. Possible app wrapping capabilities include restricting application access and securing data at-rest and in-transit with data encryption. Data loss prevention (DLP)
restrictions can prevent copy/ paste, printing, screen capture, Bluetooth and opening files in other applications. Administrators can restrict access to an app based on network connectivity, such as cellular connection or roaming status. They can wipe local app data and block app access completely if a device is compromised. Additionally, a simplified user experience can be enabled with single signon user authentication.
Application Software Development Kits
Software development kits can provide developers with access to security, configuration and reporting features for developing internal applications. Sample features and functionalities offered by software developments kits include user authentication, compromised device detection, data loss prevention, certificates, branding, over-the-air app configurations, and app tunnelling. Organisations can provide convenience and flexibility to employees by building internal mobile applications that are secure. For example, aviation companies are building unique apps to allow collaboration among cabin crew members on routes and schedules, and retailers are developing apps to allow employees to indicate preferred work shifts.
App Catalogues
MAM solutions can often be integrated with public app stores such as the Apple App Store, Microsoft Store and Google Play store to allow access to public apps through an app catalogue. Enterprises can select which applications to include in their
app catalogue and indicate whether apps are reimbursable or non-reimbursable. Administrators can use the app catalogue to push specific applications automatically when users enrol in mobile device management (MDM) or MAM, and make applications available for on-demand installation. Users can typically view, browse, search and install public, internal, recommended and web applications within an app catalogue. Organisations can integrate the Apple Volume Purchase Program (VPP) with the company’s MAM solution to purchase apps, iBooks and custom B2B apps in bulk and manage licences easily. For example, education applications can be purchased by a school and pushed automatically to enrolled student, teacher or administrator devices to enhance the learning experience. Additionally, companies are able to use the program to purchase public applications and customer business-to-business apps to give to specific users, departments or enterprise. As an added benefit, administrators can revoke an app licence from a user or device and make the licence available for another user or device. The licence is always owned and managed by the organisation, which contributes to the app cost and distribution management. When it comes to adopting mobile applications in the enterprise, the less time organisations spend worrying about security, the more they can focus on driving core business strategies. Therefore, understanding how to manage mobile applications is critical to any organisation’s mobile strategy.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
7
FEATURE
HowTo KeepYour Business Safe From The New Cyber Menace The cyber threat landscape is changing. And with it, businesses of all industries and sizes need to be prepared. Angela Huang and Khoong Chan Meng of NUS-ISS highlight significant security trends, and ways you can transform passive defence into intelligent safeguards. Khoong Chan Meng
Chief, Strategic IT Management NUS-ISS
Angela Huang
Member, SCS Teaching Staff, IT Governance and Risk Management Practice NUS-ISS
I
n December 2013, US retailer Target suffered an astonishing data breach. In its busiest holiday season, 40 million credit and debit card details were stolen via malicious software embedded in point-ofsale devices at stores across the nation. As a costly investigation ensued, Target was left with lawsuits, sagging sales, and greatly diminished customer confidence. The Target saga reflects the evolving landscape of IT threat and its widening impact on businesses. As long as your business is connected and digitally reliant, your organisation could be a target. You may also find your IT security architecture challenged by a combination of forces: as workforces become increasingly mobile and endpoints proliferate, cyber-threats are growing to be more sophisticated and capable in swiftly infiltrating defences. Some significant security trends that are expected to affect businesses include:
• Social Engineering
In 2012, the head of information security at a US government agency fell prey to a birthday email sent by a penetration testing team. The email was spoofed to look like it
came from an attractive, but non-existent employee. With one click, a malicious link compromised his computer, gaining access to key assets and data1. It is but one example of social engineering, a non-technical attack that manipulates people into divulging company data. Attackers often build false relationships over social networks to gain information about a company. Chris Betz, a senior director at the Microsoft Security Response Centre, notes that as enterprises move off legacy systems, cybercriminals will increase the use of social engineering and leverage weak passwords by businesses to access their data.
• Advanced Persistent Threats (APTs)
This term is commonly used when uninvited guests break into a company’s systems – often via social engineering – to deliver targeted malware that infects systems and retrieves data under the radar. The penetrator may be part of a highly skilled and well-equipped organisation looking to harm a business. The Sophos Security Threat Report 2014 notes that APT attacks in 2013 were well planned, well funded, and highly professional. Thus, defending against technologically advanced
adversaries is a complex undertaking that requires a coordinated approach in both systems and network, along with a workforce-wide commitment to security.
• Mobile Security
According to Flurry Analytics, mobile-app use increased 115% in 2013. And, along with the rising adoption of Bring Your Own Device practices in Asia Pacific workplaces, the attack surface via mobile devices will only widen. A user who unknowingly downloads a malicious mobile app, for example, can quickly and easily expose company servers to threats. McAfee Labs researchers predict mobile device attacks will dominate security threats in 2014, noting that new mobile malware is popping up at a faster rate than malware targeting PCs.
• Hacktivism
Hacktivism is the act of hacking to fulfil politically motivated purposes. In 2014, hacktivism will be expected to gain even more traction. In fact, the Sochi Winter Olympics will begin under the dark cloud of “cyber war”, with sponsors of the Games facing heightened risk from hackers.
8
THE IT SOCIETY — Issue One 2014
Facebook: www.facebook.com/SingaporeComputerSociety
FEATURE What You Should Do
The takeaway from this list is that businesses of all industries and sizes need to invest in IT security. Building defences is no longer a passive exercise in installing traditional cyber security products such as firewalls and software; companies will need to actively develop an intelligent action plan, deploy advanced security technologies, and support its execution with a well-trained IT team. The basic framework of a pre-emptive plan of action should include:
• A Security Policy That Identifies The “Crown Jewels” Identify critical assets and threats to key assets, evaluate risks, and implement appropriate controls to protect them.
• An Incident Response And Recovery PlanThat Ensures Continuity And Minimises Loss InThe Event Of An Attack Assemble a core Computer Security Incident Response Team (CSIRT)
and define an incident response plan to contain the damage. Adopt a Business Continuity Plan by conducting a Business Impact Analysis (BIA) that helps you select an appropriate recovery strategy.
• Frequent Assessment
Test your cyber defences and recovery plan on a regular basis to draw out weaknesses and strengthen response confidence.
• Employees’ Awareness About The Importance Of Cyber Security
Invest in training all levels of employees to increase awareness, diligence, and shared responsibility. Just as human behaviour can be the weakest link in cyber defence, fostering an organisational culture of cyber safety and security is the best insurance against all threats. Security breaches have the potential to disrupt operations, cause damage to the bottom line, and harm stakeholder confidence. The ability
to implement appropriate security controls while aligning them with business objectives is more critical than ever. To this end, NUS Institute of Systems Science (NUS-ISS2) assists businesses with courses that provide Infocomm professionals with a rigorous understanding of security needs. Courses range from information security governance to business continuity management and systems security, and others, and are accredited under the National Infocomm Competency Framework (NICF3) – a joint development by the Infocomm Development Authority (IDA), Singapore Workforce Development Agency (WDA), and industry experts. To find out more about NUS-ISS and relevant courses on IT security, visit www.iss.nus.edu.sg.
http://nakedsecurity.sophos.com/2013/11/03/fake-femme-fatale-dupes-it-guys-at-us-government-agency/ NUS-ISS is a National Continuing Education & Training Institute (NCI) appointed by WDA to deliver impactful NICF programmes for the ICT Industry. The NICF is part of the Singapore Workforce Skills Qualifications (WSQ) system, and was developed as a joint effort by the IDA, WDA, and strategic stakeholders in the ICT industry. To date, 587 competency standards have been identified for 314 job roles. For more information on NICF, please refer to www.nicf.sg
1 2 3
Managing Your Children’s Digital Activities Editor Tan Teng Cheong, a Senior Member of SCS, gives pointers on how to work with your children to help them lead a safe and productive digital life Tan Teng Cheong Editor Senior Member, SCS
T
he Irish man, George Moore (responsible for Moore’s Law), got it right: computer capacity has been doubling every two years. As computers become more powerful, they also get smaller and cheaper — that iPhone in your pocket has more capacity than the iMac you had on your desk ten years ago. It also costs a fraction of the price. This relentless progress comes with obvious benefits, but has also created new problems
— problems that in many cases we are ill prepared to solve by ourselves. Telenor, a Norwegian telco, pointed out in a 2013 study that most kids worldwide were going online with no preparation, supervision or guidance. Let’s repeat that: most kids are going online with no preparation, supervision or guidance. It sounds shocking, but unfortunately, it’s what’s happening: parents who were not taught safe Internet use can’t teach their kids safe Internet use. In the study, Telenor also said that kids who have a healthy dialogue with their parents about the Internet are more resilient. When something goes wrong, they can discuss it with their parents.
Dialogue is very important, but not always easy. Some kids don’t want their parents interfering and many parents worry needlessly. It shouldn’t be complicated. In the same way you manage your child with questions such as – Have you done your homework? What did you learn in school? etc. – you should manage their use of apps, the Internet and mobile. The Internet is no different to anything else and you need to teach your child how to use it in a safe and productive manner. There are two considerations here: one, safety – sexual predators, cyber bullying etc.; the other, being productive and not wasting 16 hours a day on Facebook.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
Predators and cyberbullies
Let’s take safety first. You need to discuss the Internet with your children and to monitor what they are doing online, on mobile and on social networks. Some people think this is spying, but this is nonsense: do you let your children go away with strangers or play unattended near a busy street? Of course you don’t and the Internet is no different. You cannot be there physically by their side all the time, so you need something that can monitor and summarise intelligently their activities. The right product should help you discuss their habits and use of the Internet and help you teach them better and safer internet use.
You cannot be there physically by their side all the time, so you need something that can monitor and summarise intelligently their activities. The right product should help you discuss their habits and use of the Internet and help you teach them better and safer internet use. Cyberbullying and sexual predators exist, but studies show that sexual predators usually take advantage of isolated children. The predator can “groom” them to isolate them from you. It’s important to understand what your children are doing and be suspicious of any changes in their behaviour. As a parent, you can keep your children safer by just talking to them about the Internet and by keeping involved. Knowing what they are doing is important: where you have doubts, always ask and, where possible, protect them with monitoring software. Make sure you tell your kids that you’re doing it to keep them safe and remind them how important it is to be safe and productive online.
Reduced productivity
Productivity is, of course, the gorilla in the room and a problem that neither parents nor kids want to admit. US studies by the Pew Foundation show kids spend twice the time online than their parents think. The bottom line here is that the Internet can consume a lot of time and there are many exciting and compelling things such as apps, social networks, online games etc. to keep them online. The more time your children spend playing World of Warcraft, the less time they share with you, their friends or their families. And obviously, if they’re
9
playing World of Warcraft, they can’t be studying or doing their chores. Again, software that can monitor and report what your children are doing in an intelligent way can help you define better and more productive use of the Internet with them. It’s key to discuss, talk and agree on what constitutes safe and productive use.
Solutions
A point worth bearing in mind is the importance of setting a good example. If you’re not looking at them, but into your phone when talking to your kids, that’s not behaviour you want them to emulate. You could have other bad habits you might want to change. Some families insist that all phones, tablets and connected devices are put away during a meal and family time, and after 10pm. Each family is different, but rules are universal and parents should set rules and enforce them in the home. There are various software to help you monitor your children’s online activities in an intelligent way. Qustodio, recommended by Singapore’s Ministry of Education, is one of them and it resolves most of the issues just discussed by helping parents understand what their children are doing online so they can discuss this with them and set rules for appropriate behaviour. Where they see an issue, they could try to resolve it before it becomes a problem. Qustodio is free for up to two devices. Readers and SCS members get to enjoy a 25% discount for purchasing the premium plans. Enter the promotion code, Q25TC, when you make your purchase at www.qustodio.com.
10
THE IT SOCIETY — Issue One 2014
Facebook: www.facebook.com/SingaporeComputerSociety
FEATURE
Transforming Big Data into BigValue
How Intel® Distribution for Apache Hadoop* software manages demanding data requirements and enables real-time analytics.
F
or more than 20 years, the traditional Relational Database Management System (RDBMS) structured data as values in rows and columns and stored these in tables. As data grew from megabyte to gigabyte and then to terabyte, more Data Warehouse (DW) appliances that use Massively Parallel Processing (MPP) to distribute processing across a bank of compute nodes emerged. Over time, these traditional systems were then optimised to work at terascale with structured data. Then, the big-data-computing era arrived, and the world went petascale with vast amounts of complex, semi-structured, and unstructured data. Primarily generated by business and social sources, big data is hitting enterprises with unprecedented volume, velocity, variety, and complexity. According to an Information Week survey in 2012, the top five big data contributors are financial transactions, e-mail, imaging data, weblogs, and Internet text and documents. Intel’s research agrees with these findings, and adds sensor and device data into the top five. However, traditional database systems like the RDBMSs and MPP systems do not scale well and were not built to handle this volume of structured, semi-structured, and unstructured data, as well as a distributed processing framework. Yet 87 per cent of businesses still continue to use conventional databases as their primary method to handle data. Plus, the cost to add proprietary appliances to their current database systems is often prohibitive. These limitations created a need for a new type of solution—a scalable, fault-tolerant grid system for storage and processing. This solution came to be known as the Apache Hadoop framework.
About Hadoop
Hadoop is an open-source framework that uses a simple programming model to enable distributed processing of large data sets on clusters of computers. Designed to solve the challenges of varied, complex, and large amounts of data, this complete technology stack includes common utilities, a distributed file system, analytics and data storage platforms, and an application layer that manages distributed processing, parallel computation, workflow, and configuration management. In addition to offering high availability, the Hadoop framework is more cost-effective than conventional approaches while offering massive scalability and speed.
Intel Distribution Software: Your Complete Big Data Analytics Solution
While the open-source Hadoop framework has a number of strengths, it also lacks critical features and functionality needed for enterprise applications. The Intel Distribution for Apache Hadoop (Intel Distribution) software, however, is an enterpriseready storage and analysis framework that delivers real-time big data processing and analytics.
The Hadoop framework supports massive horizontal scalability.
It provides: • A solution proven in the most dataintensive environments • Streamlined deployment in the enterprise • Simplified management and complete system visibility • Tuning for near-time analytics • Secure access control and compliance enforcement • World-class support and training
Storage
Big Data: A Game Changer
In a nutshell, the Hadoop platform provides organisations with the following benefits:
Scalability
Storage within the Hadoop framework is cheap because organisations will be using commodity hardware.
Performance
The Hadoop framework is optimised for performance. When running analytics on big data, the job will finish faster compared with running it on RDBMS or MPP systems.
Semi-Structured and Unstructured Data
RDBMS or MPP systems Extract, Transform, and Load (ETL) data from operational databases to other operational data stores and DW.
All these benefits help you get the most from your Hadoop implementations with platforms that deliver the exceptional performance, low latency, and high throughput needed to handle large data sets and transform them into deep insights. Furthermore this software provides practical guidance to help you deploy big data environments more quickly and with lower risk. Building on the works of the open-source community, the software delivers an enterprisegrade solution that is optimised to run on Intel processor-based architecture with the security, high availability, and interoperability demanded by data-intensive organisations. With this software, your business can fully utilise underlying hardware, storage, and networking technology to drive value from your big data.
Copyright © 2013 Intel Corporation. All rights reserved. Intel and the Intel logo, are trademarks of Intel Corporation in the U.S. and other countries. Other names and brands may be claimed as the property of others.
Master Certificate Programme on CIO Practices
IT Leadership Programme (ILP)
Facebook: www.facebook.com/SingaporeComputerSociety
Web: www.scs.org.sg
13
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
PROFESSIONAL DEVELOPMENT
First CITBCM BOK Launched!
Our first edition of Body of Knowledge on Certification in IT Business Continuity Management (BOK CITBCM) is out and here’s how it will serve you… The BOK specifies the scope of our CITBCM and is a valuable repository on managing ITBCM (IT Business Continuity Management) projects that integrates 3 domains: - IT Systems Recovery - Data Centres - Business Continuity Management. Besides equipping IT professionals with critical knowledge in these 3 areas of expertise, the CITBCM Bok allows practitioners to gain an in-depth and holistic view of business, IT and data centre risks. It covers approach and methodology to ensure comprehensive resiliency of critical business functions from a business continuity perspective.
Fees for Online Access BODY OF KNOWLEDGE
Modules
Lifetime Subscription Fee Price (S$)
GST (S$)
Total (S$)
CITPM BOK, COMIT BOK & CITBCM BOK
Free
-
-
SCS Members
CITPM BOK, COMIT BOK & CITBCM BOK
28.04
1.96
30.00
Non-Members
CITPM BOK, COMIT BOK & CITBCM BOK
56.07
3.93
60.00
Certified CITPM Professionals Certified COMIT Professionals Certified CITBCM Professionals
A preferential subscription rate of $30.00 (inclusive of 7% GST) for all 3 BOKs – CITPM/COMIT/CITBCM is available to SCS members. To register for access, visit www.scs.org.sg or contact Ms Seah Mee Ling at meeling.seah@scs.org.sg for further assistance.
Double Your Enjoyment of Our IJIT Learn more about Human Factors in Information Technology and Emerging Healthcare IT in our twin issues of the International Journal of IT (IJIT)! The first Issue,Volume 19 No.1, on Human Factors in Information Technology, features innovations in IT systems that make efficient decisions, based not only on rational understanding of the situation, but also on empathising with the users’ affective or psychological states. In the second issue of IJIT,Volume 19 No.2 on Emerging Healthcare IT, researchers explore how emerging ideas in IT infrastructure design, research in interactive digital media, and IT security can come together to provide what is primarily a home-based, independent living model for future good lifers.
Take a break from your everyday work and immerse yourself in our newly launched twin issues of IJIT. Keep abreast of the latest developments in current research topics of high interest in the industry and stay connected.
The SCS team would like to say a big ‘Thank you’ to Prof Miao Chunyan and her editorial team for keeping the IJIT online journal relevant and engaging to readers. Get your TWIN Issues of IJIT at http://www.intjit.org/journal/index.html
Copyright Š 2014 VMware, Inc.
EXPANDING THE POWER OF VIRTUALIZATION From the data center to the cloud to mobile devices. VMware, the industry-leading virtualization software company, empowers you to innovate by virtualizing infrastructure and streamlining IT operations. With VMware technology, you can efficiently and reliably deliver services that are accessible on demand from any device, anytime, anywhere—making your organization more agile, more responsive, and more profitable.
Visit www.vmware.com/ap to learn more.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
15
MEMBERS
Welcome
ABOARD SCS Membership hits 28,000! Our membership strength has been increasing steadily over the past decade and the Society is proud to be 28,000 strong today! A big Thank You to all our members for your continued support of SCS.With our professional membership base and Student Chapter, SCS has now reached the significant milestone of having more than 28,000 members! Let’s hear why some of our new members are attracted to us…
Kevin Lim
Chief Commercial Officer StarHub Technology has been my livelihood for the past 20 years and I’ve been in the areas of hardware, software, and now, telecom services. IT has not failed to amaze me in terms of its possibilities and my fascination with technology has not stopped. Sometimes, we hear people saying things like leaving your computer behind or locking up your Smartphone.To me, it’s a part of the life I live and technology is a tool to assist us in getting things done. Can I live without IT for a day? My answer is the same as what I would give should I be asked if I could do without coffee for a day: why would I want to?
Prem Chandiramani Executive Consultant IDA International
I got my first computer in the early 80s when I was 9 and used it primarily for basic and logo programming. Since then, technology has evolved at an unprecedented pace and given rise to new trends and modi operandi, dramatically altering the way we live, work and play. I can’t imagine going back to a time where you weren’t able to transact online, connect with people digitally, or stream multimedia content on the go. Joining SCS gives me the opportunity to interact and network with like-minded infocomm professionals, exchange ideas, and stay abreast of ICT developments.At the same time, I hope to be able to give back and contribute actively to society.
Gaurav Patwari
Senior SAP Consultant MSG Global Solutions Asia, Singapore
Top 6 Reasons to Join SCS
• Professional Development Keep abreast of the latest developments and industry standards through certifications and insightful talks. • Engage with Professionals Get involved in events organised by our various Chapters and interest groups. • Our InfoPier Online Network Singapore’s first and only registry for local ICT professionals offers you myriad networking and collaboration opportunities. • Social and Fun Events Have fun while moving towards a common purpose with fellow professionals from all walks of life. • EngagingYouths Grooming young talents to whom we can pass the torch comes high on our agenda.We aim to nurture youths into capable leaders. • Resources Through the dissemination of various publications, we keep our valued members informed of the exciting happenings in the SCS milieu.
Be Our Member Today!
The first computer I used was my brother’s. He had hidden all his software and documents and I was only allowed to use MS Paint. With that, I started playing around with the computer and was fascinated by the things it allowed me to do. Since then, I knew that this is the profession I want to be in. IT is everywhere now, from smart devices to online newspapers to e-stores. I always believe that the IT industry is all about sharing the knowledge one has.The more knowledge you share, the more you get from the whole community.
Jit Nagpal
Founder & Chief Executive Officer Sciente Group of Companies I joined SCS to explore areas in which my company will be able to add meaningful value to the local IT community. I learnt programming in BASIC language during my school days and it was thrilling to learn to make simple programs work. After graduation, I got the opportunity to work as a system developer in an artificial intelligence project and, since then, I’ve never felt like doing anything else outside of IT. For more than two decades, my life and IT have been inseparable, both at work and at home. It will be fun and relaxing to live without IT for a day or a week, but beyond that, life will be unimaginable.
Win Htut Aung
Team Lead Xchanging Solutions (Singapore) My passion is to become an IT professional. I started using computers that ran on Windows 3.1 when I was at university. It was such an exciting experience that I fell in love with the computer.A few years later, I created my own application and it advanced from there. I started getting my hands dirty in new technologies. I’m so glad that I grew up in the IT world. It has given me the chance to be a part of something that can make a difference in the world. I believe that SCS will give me the opportunity to meet with other IT professionals, take part in events, share my knowledge with other members, and enhance my skills.
16
THE IT SOCIETY — Issue One 2014
Facebook: www.facebook.com/SingaporeComputerSociety
HAPPENINGS
IT Leader Awards 2014
Meet the Winners! Four outstanding IT professionals were honoured with the prestigious IT Leader Awards at the SCS Gala Dinner 2014.What makes them stand out from the rest? Read on to find out more! From left: Chak Kong Soon (SCS President), Tay Wei Kiat, Rosina Howe, Nicholas Chan, Yong Ying-I and Dr Yaacob Ibrahim (Guest of Honour)
Ms Rosina Howe IT Leader of the Year Rosina is the Group Director for Innovation and InfoComm Technology, Chief Innovation Officer, Chief Digital Strategist, and Chief Data Officer of the Land Transport Authority of Singapore (LTA). Over the past 14 years in LTA, Rosina has helped Singapore and LTA to develop strategies to improve our land transport services. She has also helped the country and organisation to win numerous international awards and accolades. Rosina is a Fellow of the Singapore Computer Society, former President of IT Management Association (2004, 2005) and sits on the Boards of ISS of NUS (2004 – Present), EzLink Pte Ltd (2011 – Present) and National Library Board (2007 – 2013). She is also the ViceChairperson of the Government CIO Forum (2013 – 2015). In 2013, Rosina was conferred the inaugural Woman Leadership Award by Chief Marketing Office (CMO) Asia. She was the sole winner from the public sector and the only recipient with a background in IT.
Ms Yong Ying-I Hall of Fame Ying-I’s contributions to the development of Singapore’s Infocomm industry go back to the 1990s when she spearheaded the formation of the Infocomm Development Authority of Singapore (IDA). Under her leadership, IDA has achieved milestones
such as the full liberalisation of Singapore’s telecommunications market. The founding CEO of IDA is also responsible for Intelligent Nation (iN2015), a plan to transform Singapore into an intelligent nation powered by Infocomm. In the 2000s, Ying-I began growing IDA’s external wing by expanding into key markets such as the US, India, China, and the Middle East. By 2009, Ying-I was leading IDA International to export eGovernment expertise overseas. Ying-I also initiated the first phase of the National Electronic Health Records (NEHR) System in 2011, during her term as Permanent Secretary of the Ministry of Health.
Mr Nicholas Chan Young Professional of the Year Nicholas co-founded his first company, S.C.N. Technologies, an IT trading and system integration company, in 1996 when he was a first-year student at the Singapore Polytechnic. Bitten by the entrepreneurial bug, he went on to co-found nine other companies, seven of which were technology companies. Today, Nicholas plays leading roles in several companies; he is the founder and Director of Azione Capital, Managing Director of Fredrik Marine IT Services, as well as co-founder and Chief Technology Officer of OpenRecruiters. To bring budding entrepreneurs and successful entrepreneurmentors together, Nicholas co-founded the non-profit organisation Project:Senso in 2003. He has also been hosting the monthly
Singapore Entrepreneurs Network, the largest entrepreneur/technopreneur group in Singapore on MeetUp.com since 2005. Nicholas is regularly invited to be a panel judge for various international business competitions in Singapore, Malaysia, Thailand, Hong Kong, Chile and the US.
Mr Tay Wei Kiat IT Youth Wei Kiat recently graduated with Summa Cum Laude (Highest Distinction) in Bachelor of Science (Information Systems Management) from the Singapore Management University (SMU). At the young age of 13, Wei Kiat was already coding programs for use among his peers. In 2007, Wei Kiat created The Wicked, a collaborative online puzzle that was hailed by The Straits Times as having commanded a “cult-like” following. Wei Kiat was also the brains behind the used textbook marketplace, BookINBookOUT. Drawing on the lessons from BookINBookOUT, Wei Kiat co-founded yet another social marketplace in 2012, called Oompr! At school, Wei Kiat was the Director of Business Solutions for both the School of Information Systems Society (SISS) and Special Interests Community Services Sodality. He was also Teaching Assistant to more than a hundred undergraduates. Wei Kiat believes in information technology as an instrument of change, and continues to leverage his skills and expertise to be “always creating”.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
HAPPENINGS
A Night to Celebrate Milestone and achievements.The SCS Gala Dinner & IT Leader Awards 2014 on 21 February celebrated these and was a night to remember for SCS members and the industry.
M
ore than 900 Infocomm professionals gathered at the Shangri-La Hotel on 21 February to celebrate the annual SCS Gala Dinner & IT Leader Awards 2014. Dr Yaacob Ibrahim, Minister for Communications and Information, was the Guest of Honour for the evening.
The event is one that members look forward to every year to catch up with old friends and make new ones. The night also paid tribute to four distinguished individuals for their outstanding achievements in and contributions to the IT industry.
1
2
3
4
5
6
1. 900 guests at the Gala Dinner! 2. Posing for a shot before the dinner commences 3. SCS President, Chak Kong Soon, giving his welcome speech 4. A night to catch up with fellow friends in the industry 5. A toast for the winners! 6. Guests having a great time at the dinner
The Singapore Computer Society would like to thank the following sponsors and supporters: IT Leader Awards 2014 Sponsors:
Supported by:
Official Media:
Video Production By:
SCS Gala Dinner 2014 Sponsors: Platinum Sponsors: Gold Sponsors:
Silver Sponsors:
17
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
HAPPENINGS
Calendar of Events March 2014
March 2014
3 - 4 Mar
QA Chapter: 2-Day Workshop on Secure Software Development Model (SSDM)
21 MAR
CITPM Chapter 15th AGM
3 - 6 Mar
QA Chapter: Enhance your career with Certified Software Testing Professional (CSTP)
24 MAR
BCG 18th AGM cum Networking Session
27 MAR
SCS 47th AGM
6 MAR
CITPM Preview Session
7 MAR
APRIL 2013
Wine appreciation cum CITPM Chapter Networking Session
12 APR
Business Leadership Seminar
11 MAR
QA Chapter 21st AGM cum Seminar
23-25 APR
QA Chapter: CSQA Preparatory Workshop & Certification
12 MAR
CITBCM Preview Session
28 APR
ECCV SIG: Workshop on Microsoft Azure
13 MAR
IDM Chapter 6th AGM cum Seminar
13-14 MAR
SCS IT Law Seminar: Fundamental Elements of IT Contracts
MAY 2014
17 MAR
17 MAY
SCS Bowling Tournament 2014
COMIT Preview Session
17 MAY
18 MAR
BA Chapter 1st AGM cum Seminar on Big Data: From Buzzword to Bridging the Gaps
IT Youth Council:YES! Youth Engagement Series cum Career Fair
19-21 MAR
QA Chapter: CSQA Preparatory Workshop & Certification
JULY 2014
19 MAR
Mobile & Wireless Chapter 9th AGM cum Seminar
18 JULY
SCS Golf Day 2014
24 JULY
InfoPier: Infocomm Professional Development Forum (IPDF) 2014
THE LITE SIDE
Questions & Answers
Submit your responses to the questions below at https://www.infopier.sg/poll. Members recounting the 3 funniest incidents will each earn a complimentary Starbucks card from SCS!
Would you advise your children/younger-siblings to join the IT industry in Singapore? a. I would strongly encourage b. I would encourage c. No, I would not d. I would leave it to my children/siblings
Tell us something really funny that happened in the course of your work
Please tell us (in fewer than 100 words) what your typical working day is like. Please include your job title/function.
19
20
THE IT SOCIETY — Issue One 2014
Facebook: www.facebook.com/SingaporeComputerSociety
THE LITE SIDE
2. NSA leaker Edward Snowden used which of the following secure e-mail provider? A) Secure Seck B) Silent circle C) MyKoLab D) None of the above 3. The Singapore Standard, SS 584: 2013, is for A) Virtualisation security for servers B) Cyberspace security C) Cloud computing security D) Light weight cryptography
INNOVATIVE INVENTS
5. Cyberheist is a type of A) Stuxnet virus B) Computer crime C) Anti-spam software D) None of the above 6. The SyNAPSE project is all about A) Preventing Cyber espionage B) Cognitive computing to stimulate the human brain C) Grid computing on cloud D) None of the above 7. According to a survey, which of the following Asian country has the least cyber bullying? A) Japan B) South Korea C) Singapore D) None of the above
9. HailO is a popular mobile App for A) Taxi booking B) E-book creation C) Story book creation D) Daily expense calculator
As the friends say in their Fly6 promotion, they want motorists everywhere to behave properly when interacting with cyclists.
Edible after 3 years!
Online approval, on-site!
If you think you’d love a pizza in the midst of a one-week hike in the wilderness, take heart. The U.S. Army’s Natick Soldier Research, Development and Engineering Center in Massachusetts has come up with a long-life pizza that’s still edible three years after being left on the counter!
Retailers around the world have been synchronising their marketing tactics to the online world in increasingly creative ways to give real-world clients a hip way to shop. C&A, an international Dutch chain of fashion retail stores with head offices in Vilvoorde, Belgium, and Düsseldorf, Germany, is a case in point.
Safer cycling with “hind” sight Whether you’re commuting to work or just riding leisurely with friends, you’ll feel a lot safer if you know that motorists behind you will respect your space. Chances are, they will if they know they’re being recorded! With Fly6, a combination tail-light and HD camera, you can record what happens behind you as you cycle. The patent-pending technological gadget, invented by two friends, Andrew Hagen and Kingsley Fiegert from Perth, Australia, is to be attached to your bicycle’s seat post. Since the inventors will receive funding for their project this month (March), this prototype will be available commercially.
10.Where is the “Silicon Fern” region located? A) London B) Cambridge C) Oxford D) Tel Aviv 7 A 8 D 9 A 10 B
1. Who is the creator of the most widely used email encryption software, Pretty Good Privacy (PGP)? A) Ron Rivest B) Adi Shamir C) Leonard Adleman D) Phil Zimmermann
8. Wikipedia is available in 287 languages; how many of them have more than 1 million articles? A) 23 B) 21 C) 15 D) 9
3 C 4 A 5 B 6 B
uiz
4. Which of the following institution offers electronic student transcripts with digital signatures? A) University of Chicago B) National University of Singapore C) University of Tokyo D) Zhejiang University
Answers 1 D 2 D Correct answer: Lavabit
SCS
Meant to be put into US soldiers’ “meals ready to eat” packages or MREs to boost their morale, the pizza doesn’t require any refrigeration or freezing, says the Associated Press. It seems that pizzas turn soggy because moisture in tomato sauce, cheese and toppings migrate to the dough over time, providing the perfect conditions for mould and disease-causing bacteria to grow. By adding humectants, such as sugar, salt and syrups, which bind to water and keep it from getting to the dough, and doing a few other tweaks, they’ve solved this problem. And the taste? Apparently a tad moist and not very crispy. Perhaps good enough in the wilderness?
In Brazil, the retailer has come up with a cool way to converge our online and on-site worlds by displaying Facebook ‘likes’ on small screens embedded in the hangers of clothes. The idea, of course, is that the approval of the online community, reflected through increasing tallies of ‘likes’, will encourage on-site shoppers to make a purchase. Talk about keeping up with trends!