Tanzu Talk: Secure DevSecOps for US Federal agencies (FIPs, STIGs, auditors, AOs, and all that)

When Federal people ask to secure a DevOps app creation and delivery process, what do they mean? Chris Willis joins me in this episode to answer that question with a #vmwaretanzu customer example that does all the DevSecOps stuff: the Tanzu Build Service, buildpacks, Tanzu Application Service (Pivotal Cloud Foundry), and other components. He covers FIPS encryption requirements, STIGs, working with the authorizing official, and the overall practices and culture-think for securing build pipelines.

Get a free consultation on DevSecOps with Tanzu Labs.

Free Forrester paper on container security.

Explainer of VMware Tanzu’s DevSecOps Tools.

[Link] Viscerally and deliberately unsettling product design (Interconnected)

It’s necessary and timely to explore naturalness and physicality, and to map the boundary with creepiness, because we’ll clearly have more and more robots in coming years – and the approach right now is either self-driving plastic boxes, or biomimicry, whether that’s robot arms or dancing dogs and humans with backpacks.

Original source: Viscerally and deliberately unsettling product design (Interconnected)

[Link] Regular news vs. newsletter news – Slow Boring

Hey folks. I think if I were in a normal columnist job, I’d be expected to do impeachment takes this week where the goal would be not so much to persuade anyone of anything as simply to restate the views the audience already has, in a better-crafted way one hopes, so as to induce them to share the column on Facebook.

Original source: Regular news vs. newsletter news – Slow Boring

[Link] Content Tagging Best Practices Require Teamwork And Organization

Making subject matter experts (SMEs) responsible for tagging their own content with metadata is short-sighted because their focus is usually domain-specific rather than system-wide.

Also, the people who struggled to find the thing are likely people who could add useful tags and findablity doo-dads.

Original source: Content Tagging Best Practices Require Teamwork And Organization

[Link] The Myth of Self-Reliance

The contemplative tradition has often been supported from the outside, a hallmark of the affordances of leisure—the way that philosophy in ancient Greece was dependent on a servant class. The concept of self-reliance has always relied on something else.

Modern day hermits require a lot of other people to support their solitary life-style.

And by placing the will so high above circumstance, it projects an untruthful image of equal opportunity in which the unfortunate should have just tried harder.

Original source: The Myth of Self-Reliance

[Link] The Capitol mob desecrated a historical workplace — and left behind some disturbing artifacts

Many members of the Capitol’s janitorial staff are people of color, and it did not go unnoticed by people scrolling through photos of the destruction online that Black and Latino custodians — plus one first-generation Korean American congressman — were the ones picking up a mess left behind by a mostly White group that included, among others, a man carrying a gigantic Confederate flag.

Original source: The Capitol mob desecrated a historical workplace — and left behind some disturbing artifacts

Changing your IT organization to focus on business innovation – project to product

According to a recent Forrester Research recontact survey of global CIOs and SVPs, 58 percent of respondents now rank “changing our business model” as a top priority. How does IT need to change to help? When it comes to custom written software, there are three ways: (1) move from a project to a product mindset, (2) give developers a standardized platform, (3) manage for innovation, not delivery. Coté discusses each of these, with real world examples.

Book those office hours to start: https://tanzu.vmware.com/office-hours?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=covidsurvey

More about a culture of innovation: https://www.youtube.com/watch?v=kqKJ2NweR_o&feature=youtu.be&utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=covidsurvey

More about platform as a product: https://www.youtube.com/watch?v=5ROovjWTcng&list=PLAdzTan_eSPRNuA52_34wh5VTBC-0Rz7U&index=22&utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=covidsurvey

——

Get a copy of the Forrester survey: https://tanzu.vmware.com/content/analyst-reports/to-recover-from-the-pandemic-automate-operations-to-free-budget-for-innovation?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=covidsurvey

Derrick’s write-up: https://tanzu.vmware.com/content/blog/digital-transformation-covid-19-orgs-uncertain-future?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=covidsurvey

Read about Dick’s Sporting Goods: https://customers.microsoft.com/en-us/story/857270-dickssportinggoods-vmware-azure?utm_source=cote&utm_medium=video&utm_campaign=TanzuTalk&utm_content=covidsurvey

Dorman’s podcast: https://soundcloud.com/pivotalconversations/a-tale-of-two-digital-transformations

[Link] Law and disorder: Republicans react to Donald Trump

Mr Trump’s media cheerleaders, all law-and-order obsessives, may find it hard to dismiss Wednesday’s images from the Capitol. Middle America dislikes mob violence and cherishes the symbols of its democracy. The Republicans lost support after Timothy McVeigh blew up a federal building in Oklahoma City, killing 168 people, in 1995. The parallel is inexact, but indicates how far Mr Trump and his MAGA shocktroops appear to have overstepped.

Original source: Law and disorder: Republicans react to Donald Trump

[Link] Maximizing Developer Effectiveness

Centralizing and standardizing tools and processes can result in more developer productivity. Our challenge is too avoid going all RUP/ITIL again where documenting that process was followed becomes the bottleneck and the primary, hidden work product.

Plus: YASCS. Yet Another Spotify Case Study.

Original source: Maximizing Developer Effectiveness

[Link] 2020 was a year of reckoning for the IoT

A lack of standards and a centralized platform is slowing down IoT growth:

It’s not that IoT has hit a wall; rather, tech companies responsible for developing and selling the technology have been tapping the brakes as they find ways to create closed tracks where their products can run in isolation, ensuring vendor control and profits.

Original source: 2020 was a year of reckoning for the IoT

[Link] Solving the Rubik’s Cube and other hard-to-recognise problems

I wonder how many problems are hidden from us because we unconsciously dismiss them as 35 year problems…. And I wonder how many of those 35 year problems are actually “a few weeks” problems, if you have enough compute.

So what I’m saying is that maybe there is a class of problems which lack the solvability affordance. Because we don’t see them as solvable, we don’t even recognise them as problems.

As new tools are available, revisit your assumptions that problems are too hard to solve, that desires are unachievable.

Original source: [http://interconnected.org/home/2021/01/04/rubiks_cube](Solving the Rubik’s Cube and other hard-to-recognise problems)