Showing posts from June, 2015

Trust No One Architectures

A Trust No One   Architecture is one where each organizational unit minimizes accidental risk by owning as much of their processes as possible.  Companies end up with a  Trust No One  architecture where each sub-organization is most likely to meet its' goals if it controls as much of its development, technical and operational processes as possible. Each division / operational unit acts as an independent entity with loose coupling at the edges and just enough cooperation to meet the company goals.  I recently attended a talk of a Departmental Information Officer for a large bank who said their software process accelerated and their business deliverables came in earlier when they pulled architecture, operations and infrastructure back from the corporate level to the department level. The bank traded costs, standards and duplicate work for time to market  and agility. This was in strong opposition to the previous attempt at minimizing risk by centralizing functions. Trust No

Protect RabbitMQ data by encrypting the Mnesia database on Windows Server

RabbitMQ is one of the many caching and messaging tools that uses local disk persistent storage or as a backing store for in memory data.  These systems normally put data to disk in some format that is optimized for speed and not for security. Ex: RabbitMQ, ActiveMQ, Coherence, Gemfire, MongoDB. This can cause issues when trying to comply with policies around protecting Personally Identifiable Information  , making systems Payment Card Industry Data Security Standard (PCI DSS) compliant or when implementing S/Ox controls. RabbitMQ Installation We assume that you are running RabbitMQ under the local system account.  Users who run RabbitMQ under different accounts or in different locations must change certain commands or settings.  The RabbitMQ team has a good set of documentation on their web site. Windows installation instructions: Windows quirks: Database and configuration fil