Yonas Tibebu

VAL IT (value from IT investments) is a framework that outlines governance best practices for information technology-enabled business investments. VAL IT was developed by ISACA, an independent, nonprofit, global association that engages in the development, adoption and use of globally accepted information system (IS) knowledge and practices. The goals of the Val IT framework are to help organizations define the relationship between IT and business, guide IT investments and manage investment portfolios for IT-enabled business. Val IT is based on seven principles: IT-enabled investments will be managed as a portfolio of investments. IT-enabled investments will include the full scope of activities that are required to achieve business value. IT-enabled investments will be managed through their full economic life cycle. Value delivery practices will recognize that there are different categories of investments that will be evaluated and managed differently. Value delive...

Leaf-spine is a two-layer network topology composed of leaf switches and spine switches. Leaf-spine is a two-layer data center network topology that's useful for data centers that experience more east-west network traffic than north-south traffic. The topology is composed of leaf switches (to which servers and storage connect) and spine switches (to which leaf switches connect). Leaf switches mesh into the spine, forming the access layer that delivers network connection points for servers. Every leaf switch in a leaf-spine architecture connects to every switch in the network fabric. No matter which leaf switch a server is connected to, it has to cross the same number of devices every time it connects to another server. (The only exception is when the other server is on the same leaf.) This minimizes latency and bottlenecks because each payload only has to travel to a spine switch and another leaf switch to reach its endpoint. Spine switches have high port density and form t...

Cloud integration is the act of combining different cloud-based systems into an integral whole. The term may also refer to joining cloud-based systems with on-premises systems. The ultimate goal of cloud integration is to connect the disparate elements of various cloud and local resources into a single, ubiquitous environment that allows administrators to seamlessly access and manage applications, data, services and systems. The rise of public cloud computing has enabled enterprises to use a wide assortment of highly scalable resources and services on demand rather than constructing and maintaining them in-house. However, in some organizations, the arrival of these diverse resources and services has created IT silos as administrators struggle to manage and maintain each different cloud resource or data set. Without cloud integration, IT administrators need to perform each integration task separately and manually -- a process that is time-consuming and increases the opportuni...

Client-server is a relationship in which one program (the client) requests a service or resource from another program (the server). At the turn of the last century, the label client-server was used to distinguish distributed computing by personal computers (PCs) from the monolithic, centralized computing model used by mainframes. Today, computer transactions in which the server fulfills a request made by a client are very common and the client-server model has become one of the central ideas of network computing. The client establishes a connection to the server over a local area network (LAN) or wide-area network (WAN), and once the server has fulfilled the client's request, the connection is terminated. Because multiple client programs share the services of the same server program, a special server called a daemon may be activated just to await client requests. Until recently, the majority of network traffic was between clients and servers, a traffic pattern known as nort...

A side-channel attack (SCA) is a security exploit that involves collecting information about what a computing device does when it is performing cryptographic operations and using that information to reverse engineer the device's cryptography system. In computing, a side channel is any communication channel that is incidental to another communication channel. Security researcher Paul Kocher is credited with coining the term side-channel attack in the 1990s when he discovered it was possible to reverse engineer security tokens by monitoring a computer's power consumption and electromagnetic emissions. Unlike many other types of security exploits, side-channel attacks are hardware and software agnostic. Instead of targeting a software vulnerability caused by a coding error or configuration drift, the attacker exploits the way the device's operating system (OS) accesses the hardware upon which the OS runs. Side-channel attacks can be launched against any operating system, ...

Paid time off (PTO) is a human resource management (HRM) policy that provides employees with a pool of bankable hours that can be used for any purpose. Also known as personal time off, the acronym PTO is generally used to describe any period of time that an employee is paid while taking leave from work. In a large corporation, a PTO policy typically bundles employees' personal days off, sick days and vacation time in a single block of hours rather than specifying separate numbers of days allowable for each reason. PTO plans are used primarily in the United States, where there are no laws for minimum vacation time. In addition to documenting the number of paid hours for an individual employee, a PTO policy might include what yearly rollover (if any) is allowed and whether or not time can be taken off in lieu of overtime. The policy should also specify whether or not an employee can cash out unused PTO when leaving the company. In the U.S....

A maturity grid, also called a maturity model, is an assessment tool for evaluating an organization's level of progress towards a goal. The grid, which is a matrix laid out in rows and columns, typically lists the criteria that will be evaluated in the left-hand column. Each column's corresponding row has cells that describe, in a few words, the typical behavior exhibited by an organization at each level of development. Typically a maturity model has ten rows or less, with the first row defining entry level and the last row defining fully-developed best practice. Maturity grids can be used to provide an organization with an initial benchmark for how close to 'fully developed' an organization is in regards to the criteria being assessed. They are also useful tools for leading discussions and providing management with road-map for next steps. Here is an example of a maturity grid for disaster recovery. Level 0 Naught No disaster recovery st...

A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems. DDoS attacks have been carried out by diverse threat actors, ranging from individual criminal hackers to organized crime rings and government agencies. In certain situations, often ones related to poor coding, missing patches or generally unstable systems, even legitimate requests to target systems can result in DDoS-like results. How DDoS attacks work In a typical DDoS attack, the assailant begins by exploiting a vulnerability in one computer system and making it the DDoS maste...

Customer experience management (CEM or CXM) is the collection of processes a company uses to optimize interactions from the customer's perspective and foster customer loyalty. CXM requires a company to create a customer-centric strategy that aggregates data from every possible customer touch-point and moment of truth (MOT). There are four critical steps to creating a successful customer experience strategy: Understand your customer The first step in building a customer strategy is understanding customers' needs and behaviors and creating customer segmentation based on these factors. Create a customer vision Once the target audience is identified, the next step is to create a customer journey map. This helps identify customer touch-points and anticipate how customers will interact with the product or service and could help customer retention down the road. Develop an emotional connection This involves creating a brand personality that evokes emotions and co...

Customer churn, also called customer attrition, is the number of paying customers who fail to become repeat customers. In this context, churn is a quantifiable rate of change that occurs over a specified amount of time.  Organizations strive to measure, understand and minimize customer churn because the cost of acquiring new customers is significantly higher than the cost of customer retention. Churn can be voluntary or involuntary. When customer churn is voluntary, it is the purchaser who makes the decision to stop buying the product or service. This may be because the customer no longer has a need for it or has decided to purchase the product or service from another vendor. Voluntarily churn is often caused by the customer's perception that the vendor's products to do not align with the customer's needs and/or values. Customer churn can also be involuntary. In this case, it is the seller who decides not to continue a business relationship with the customer....

Gamification is the application of game theory concepts and techniques to non-game activities. Game theory is a branch of mathematics that seeks to understand why an individual makes a particular decision and how the decisions made by one individual affect others. Although the word "game" is used in everyday speech, it can be difficult to formally define. According to the Merriam-Webster dictionary, a game is "an activity engaged in for diversion or amusement." In other words, a game is fun. A second entry for the word, however, explains that a game can also be "a procedure or strategy for gaining an end." Generally speaking, the overreaching goal of gamification is to engage the participant with an activity he finds fun in order to influence his behavior. In marketing, a gamification initiative might address the cognitive and emotional aspects of game theory as well as the social ones by including a system of rules for participants to explore thr...

Growth hacking  is an approach to driving product adoption, usage and sales by experimental, innovative and low-cost means. The term was coined in a 2010 blog post by Sean Ellis entitled "Find a Growth Hacker for Your Startup." Ellis' idea was that a startup needs to hire someone whose sole job focus is to find scalable, repeatable and sustainable ways to increase revenue and grow the organization. Growth hacking is outcome-oriented and there is no proven or prescriptive methodology to achieve growth. Instead, growth hackers are free to seek whatever means are necessary to achieve repeatable, desired business outcomes. Some practitioners hold the job title of "growth hacker," while others implement the methodologies under a different, but related title such as Chief Development Officer. Growth hackers have the potential to grow companies from zero to millions of users in a very short period of time. Companies known to have capitalized on growth hacking met...

A moment of truth (MOT) is marketing lingo for any opportunity a customer (or potential customer) has to form an impression about a company, brand, product or service. Marketers strive to use moments of truth to create positive, customer-centric outcomes. The concept itself is very simple -- if every customer interaction has a positive outcome, the business will be successful. Although moments of truth can include mass communication, a MOT's power comes from those interactions in which the communication is personalized. The value of a moment of truth was first conceptualized in the 1980s by Jan Carlzon, the CEO of Scandinavian Airlines Systems and expanded upon by A.G. Lafley when he was the CEO of Proctor & Gamble. Customers have an expectation that each moment of truth will provide accurate information and an effortless interaction with an organization. There is significant downside risk if moments of truth do not achieve a basel...