NoSQL databases are gaining quite a chunk of attention in technology circles today. From Google to Amazon, Facebook to Twitter,  there has been a lot of talk about the major shift in the way we traditionally perceive and understand databases. More important is an understanding of the architecture of these databases.

NoSQL databases basically stores data in key-value stores. The equivalent of this in traditional RDBMS being tables. For instance, in RDBMS a table may contain a primary key column alongside other columns of important information. Relating information in such a table from another table may require that you include that primary key as a foreign key in the second table. The scenario is not so different with a NoSQL database. Data in a NoSQL database is in key-value stores where a key file is created and a value file relational to the key file is also created. This value file contains all information relating to the key. To the traditional RDBMS pro, it is like creating a text file to hold only primary keys and then creating another file to hold all other information(values) relating to the primary keys stored in the first table. A field in the key file will definately point to the location of the its values.

I have read a lot about the portrayal of NoSQL as a database that is non-Relational and I believe this statement needs a revisit. I have worked with relational databases for more than half the time that I have been alive and it seems to me quite unimaginable, that a database architecture exists, that does not relate in the true sense, NoSQL databases inclusive.

Many big businesses started small and have grown big over time. This growth is normally measured in terms of sales, profitability, expanding operations, turnover and the like. In today’s world, a growing business is expected to have adopted technology as a major force driving its growth. Desktop Computers, Servers, Laptops, Data Centers, Smart phones, Storage Area Networks (SANs), Virtualization, Routers, Cloud Computing, Switches, Internet and many others have become necessary technology tools and techniques to drive traditional selling and buying and accessing the factors that affect the forces of demand and supply.

Administration of these technology tools in the Enterprise have also become a big task. Apart from ensuring that these infrastructures are available and at optimum performance, employees also have to be guided on the acceptable usage of business infrastructure. This is very necessary in order to prevent abuse of infrastructure usage which may in turn have negative effects on the smooth running of the enterprise. This is where an Acceptable Use Policy comes in.

An Acceptable Use Policy (AUP) is a document containing the set of rules guiding the use of the technology devices and infrastructure made available for the purpose of the business. The AUP is also an integral part of the IT Security Policy of the organization and new employees may be required to sign this document before they can have access to the information systems in the enterprise. The AUP also makes life easy for the IT support team in the enterprise as the document clearly states the limits in simple terms, penalties for breaches are also clearly stated.  Many businesses today run their operations with no Acceptable Use Policy in place and by so doing expose the enterprise to avoidable risks that may have a permanent dent on the image of the business.

So which path should the enterprise toe? Whatever the decision arrived at, it should be noted that where there is no law, there is no transgression.

The year 2012 at its very early stage has witnessed a dramatic legislative war in the Information Technology sphere. The war against two bills namely Stop Online Piracy Act (SOPA) of the United States introduced by U. S. representative Lamar. S. Smith (R-TX) and Protect Intellectual Property Act (PIPA) introduced by Senator Patrick Leahy (D-VT) gained momentum in the early days of 2012 for inadequate wording and an attempt at overkill.

SOPA aims to add muscle to the long arm of the U.S. law enforcement agencies to fight the trafficking of intellectual property and counterfeited goods on the internet while PIPA aims to enable copyright holders and the U.S. government to restrict access to websites indulging in counterfeited goods and the like, mostly outside the U.S.

While the intentions of these bills appear quite noble, the provisions in the bills for enforcement appear to be quite far reaching. For example, SOPA will authorize law enforcement agents to block an entire domain if a blog or website is found to be in violation. This action seems to contradict the provisions of the Digital Millennium Copyright Act (DMCA) which limits the liability of online services providers for copyright infringement by their users. Search engines are also required by SOPA to delete the violating domain name, a provision which will encourage censorship of the web, limit innovation, and impede freedom of speech thus violating the First Amendment. Imagine what the burden and cost of maintaining online presence by the enterprise will be. Enterprises whose business is conducted 99% online may become adversely affected should a site on their domain not related to their business be found wanting. This may also give undue advantage to competitors.

The protests of January 18, 2012 against these bills by major online corporations like Reddit, English Wikipedia’s community of editors, Google, Mozilla and Flickr and a letter signed by 130 technology entrepreneurs and executives and sent to congress stated that PIPA in its present form will “hurt economic growth, and chill innovations in legitimate services that help people create, communicate and make money online” tells on the negative effect these bills are likely to have on the Internet.

Google’s petition against these bills recorded over 4 million signatures. Politicians also publicly withdrew support for these bills culminating in the bills being removed from further voting by January 20, 2012. Going by the fact that PIPA is a rewording of the Combating Online Infringement and Counterfeits Acts (COICA) which failed to pass in 2010, it seems more likely that SOPA 7 and PIPA 7 will soon be released and  they may be as potent in their wordings as their earlier versions for online enterprise data.

A lot of antivirus software vendors are flooding the market with packages whose titles include “Total Security.” Antivirus software packages like BitDefender Total Security 2012, G Data Total Security 2012, Kapersky Pure Total Security and many others are promising the buyers the type of security that can only be made in information security heaven.

I remember a few years back when we had a virus security breach at the office, just a few months after purchasing and deploying one of these made-in-heaven packages from a renowned antivirus software company, we got in touch with the vendor with the thinking that they would restore us to status quo within a few hours at most but to our dismay, we were still getting worse 2 days later with these antivirus security geeks moving round in circles. It was not until we decided to take our destiny into our own hands by getting technical materials and designing a viable action plan were we able to contain the attack and clean the system.

The scenario above is very direct in exposing the fact that the way antiviruses work is peculiar to its type. Signature based antivirus is the most popular.  This antivirus makes use of a database to study signature or behavior of a potential virus in a system. If it finds that it is a virus, the recommended remedy is applied from the same database. Now the question is what if the computer is stolen? Or it falls off from a moving train?

The myth called “Total Security” is just for marketing purposes. I am sure that these antivirus vendors know that no antivirus software is capable of providing a service at the level of “Total Security.” The truth is there is a lot more to the utopia called “Total Security” than meets the eye through the perspective of antivirus software.