Saturday, January 21, 2017

Today we continue to read up on how Google protects data.Google has incredible expertise in this area. Security is an integral part of their operations. They scan for security threats using tools, they use penetration testing, quality assurance processes, security reviews and external audit. They have a rigorous incident management process for security events that affect the confidentiality, integrity or availability of systems of data. They apply defense-in-depth perspective to securing their custom-designed servers, proprietary operating systems and geographically distributed data centers. Data is encrypted in transit, at rest and on backup media, moving over the internet or traveling between the data centers. They build redundancy into their server design, data storage, network and internet connectivity and even the software services.Their audits cover compliance standards and we reviewed some of them. We also reviewed some of the tools used to empower users and administrators to improve security and compliance.
Specifically, the user authentication/authorization features  involved a 2-step verification that adds an extra layer of security to Google Apps accounts by requiring users to enter a verification code which was also enhanced with a physical security key SAML single sign on allowed customers access to multiple services using the same sign in page. Oauth and OpenID extended the single sign on to multiple cloud solutions. In addition to these user access management enhancements, the data is also managed with features such as information rights management that can disable sharing of information meant for one or select people. The driver audit log lists every access that involves a data manipulation. Specific actions taken by user can also trigger alerts using the drive content compliance or alerting. There are trusted domains for drive sharing. There are trusted domains for drive sharing where whitelists are maintained. Sharing of data such as by emails are done over encrypted channels Even the from address in emails, if forged in a common compromise attack called phishing is detected and the threat mitigated. All emails have data loss prevention. Objectionable content is removed. Thus emails conform with content compliance. Administrators can even restrict the email address users can exchange mail with. Google vault provides an eDiscovery feature that lets customers retain, archive, search and export their business gmail This is very helpful to stay prepared in case of lawsuits and other legal matters.
#codingexercise
Find four elements a,b, c and d in an array such that a+b = c + d 
We discussed several solutions to this exercise. Another way to do this would be as follows
1) generate combinations of four element subarrays from the overall array
2) find if the four elements satisfy the given condition.
For distinct integers this can be like:
Void Combine (List<int> a, List<int> b,int start, int level, int val)
{
For (int I = start ; I < a.Length; i++)
{
if (b.contains(a[i])== false){
b[level] = a[i];
if (b.length == 4 && isValid(b, val)){Console.Write(b.ToString()) };
If (I < a.Length)
    Combine(a,b,start+1,level+1), val)
b[level] = 0;
}
}
}
bool isValid(List<int> nums, int val)
{
assert(nums.Count == 4);
nums.sort();
if (nums[0] + nums[3] == nums[1] + nums[2] && nums[0] + nums[3] == val)
   return true;
return false;
}

No comments:

Post a Comment