Information Systems Integration – Tony Messina

Monthly Archives: October 2017


SOX (Sarbanes-Oxley) and MIS are related. When most hear of SOX we think of accounting and auditing. Risk Assurance business lines within large client service public accounting firms test controls related to SOX. There are 3 levels of controls- Entity Level, ITGC (Information Technology General Controls), and Process Level Controls.

ITGC controls are linked to MIS. These are the controls in place for all the IT services within a company. These controls are set in place to keep employees honest and to protect the company from fraud or collusion occurring. The controls assist the company with Segregation of duties.

Segregation of duties is an incremental part of ITGC controls and SOX. ITGC controls assist external auditors with reliance of support needed to test the accuracy of the financial statements. In the end, ITGC controls are an integral part of SOX testing which assist external auditors testing the financial statements for investors.

Health IT Security Market Expects Significant Growth by 2025

IT security is becoming more and more important within corporations with all of the cyber hacks and data breaches going on. An example of where this is becoming a major issue is in the healthcare industry. Health IT security is needed by organizations to combat cybercrime and ransomware that hospitals and healthcare organizations are susceptible to. The infrastructure and the range of devices used by healthcare organizations provide easy access and pivot points that cybercriminals can expose and attack. The healthcare industry is now being required to do something about this. Ransomware is easily the biggest threat to these hospitals. The technique has the potential to allow hackers to seal access to data until a sum of money is paid to them. These breaches are costing the healthcare industry large amounts of money and change is needed. The key applications of health IT security solutions are found across areas such as endpoint security, content security and network security. The healthcare IT security market is segmented into on-premise, cloud, and hybrid. Europe and North America are the leading contributors to the revenue of the global health IT security market. The digitally and technologically advanced healthcare infrastructures in these regions have been the major focus of cyber attacks. In response to this, these regions are significantly increasing spending on cybersecurity solutions. These regions are expected to remain the leading contributors to the global market in the next few years as well. While much work is still needed, it is clear that the healthcare industry is taking major steps in the war against cybercrime.


Mastercard Will Now Let You Pay With Blockchain—But Not Bitcoin

Image result for mastercard blockchain ibm

Mastercard is allowing people to send money over a blockchain instead of swiping their credit card.  They are opening this service up to certain banks and merchants as an alternative and more efficient way to pay for goods.  Mastercard now joins IBM as the first two mainstream companies to implement the use of blockchain payments.  “We are not using a cryptocurrency, and we are not introducing a new cryptocurrency, because that introduces other challenges—regulatory, legal challenges,” says Justin Pinkham, a senior vice president at Mastercard Labs, who leads the credit card company’s blockchain initiatives. “If you do a payment, then what we can do is move those funds in the way that we do today in fiat currency.”  Pinkham says, “Mastercard has one advantage that the bitcoin blockchain doesn’t have: A settlement network that includes 22,000 banks and financial institutions around the world.  IBM has announced 13 banks that it plans to include in its network.  After all, companies still predominantly rely on government-issued currency to do business, making it impractical to convert cash into cryptocurrency, or vice versa, for each blockchain payment.  Even in the bitcoin system you need a bitcoin exchange that could exchange bitcoin for euro, so it creates some complications.”

Will the fact that Mastercard has moved into this market push VISA to do the same?

Will other companies wait to see if this Blockchain is successful in this space before investing?

Will consumers embrace the use of Blockchain or will it be to difficult to get people comfortable with not having to swipe their card?



How About a Smart House/House Automation?

With the prevalence of technology in everyday life, people firstly had iPhone that could get rid of keyboard and touchscreen. Then, people could chat with personal assistant apps or systems on the phone, such as Apple’s Siri, Google’s Assistant, and Amazon’s Alexa. A smart house that people could control by voice also became a popular trend.

There are three generations of house automation. The first generation is a wireless technology with a proxy server; the Second generation is artificial intelligence controls electrical devices, such as Amazon Echo; the Third generation: robot buddy who interacts with humans, e.g. Robot Rovio, Roomba.

Virtual voice-controlled assistants like we mentioned earlier make it easy to control smart home products by speaking simple commands like “Alexa, turn off the lights.” But, do we need to worry about the security? Could people hacking my devices add to change my house setting, such as adjust the temperature?


“Hackers are welcome!” – Google

As the title suggests, Google has an interesting way of getting hackers to divert their attention from harmful hacking to “beneficial” hacking.

The “Google Play Security Reward Program” was launched to identify and fix vulnerabilities in Apps listed on Google play. Google teamed up with a vulnerability coordination and bug bounty platform called HackerOne so that they use HackerOne’s platform to locate and fix vulnerabilities. The way this program works is that Developers or Hackers,  who wish to take part in the program, will be given access to the platform and will be required to identify, respond and fix bugs in a timely manner. The idea is to find the resolution for the vulnerability as fast as possible or take a maximum of 90 days to fix the issue. In return, if the resolution meets Google’s criteria, the developer/hacker will receive $1000 for every resolved vulnerability. Google has establish a stringent policy where these developers/hackers will have follow HackerOne’s disclosure guidelines and provide detailed reports of the vulnerabilities. Currently, the Apps participating in the Program are Alibaba, Dropbox, Duolingo, Headspace, Line,, Snapchat & Tinder but Google has said that the list is only going to grow. Google’s new approach to tackling IT Security issues has definitely turned heads, but is this something that will be followed by other companies? Only time can tell.


Who owns the digital you? Can blockchain grant you sovereignty?

This article discusses our fractured digital identities: the current challenges associated with them and how blockchain technology has the potential to consolidate the pieces and dramatically improve our control over who has access. Most services we utilize today capture some part of ourselves in a digital format, so that our actions live on even after they are performed. That data is scattered across many businesses, which primarily use it for their specific revenue-generating services, and not to directly benefit us. Our control is limited and our data is ultimately owned by third-parties. Those bits of data are mapped together to create a segmented profile of us, and those maps can be mapped together to create a much broader and complete profile. Such profiles created by Google, insurance companies, and credit bureaus, are not readily shared with us, yet can greatly influence our lives. The result of connecting our actions are “formulas that established that infer relationships, record patterns and predict behavior.”

Most of the time we don’t consider this system to be an issue as doing so provides conveniences for us. But our identities are increasingly vulnerable to theft and impersonation that we need better control over our digital selves. And blockchain technology may be the best way to achieve this. Here’s why:

  • The decentralized structure of blockchain ledgers leads and the requirement of personal verification methods leads to control over our identity access points.
  • Blockchain uses “zero knowledge proofs to manage data. This allows users to disclose their ownership of certain certifications and grant access without revealing the information contained within. The dream of this type of encryption is that end-services can verify identity while the data is hashed.”
  • All your identity information would reside in one place, owned by your personal avatar. You could reveal only what you need to at that time.

Such “sovereignty,” the complete control over our digital selves, would allow each of us to “provide access to third parties to obtain benefits: to your passport to cross borders, to your medical records to get a new doctor, to your criminal history to pass background checks.”

Besides the many unknowns associated with blockchain technology itself, are there any issues with consolidating our identities as proposed? What are some unforeseen consequences? Are the tradeoffs worth having identity sovereignty? Will this be a real disruption to the services provided to us today? And can this type of system possibly work as simply and efficiently as presented?


The Ethics of Overpaying AI Talent Salaries

The lucrative field of artificial intelligence has countless applications in today’s world, from handwriting, speech, and facial recognition to huge projects such as Uber’s self-driving cars and Google’s Alpha Go, which is a program that can learn without the help of humans. However, according to a lab in Montreal, there are less than 10,000 people in the entire world who possess the knowledge and experience necessary to work on serious artificial intelligence projects– making each of these people worth enormous sums of money. Nowadays, tech giants such as Uber and Google are paying their AI specialists hundreds of thousands up to millions of dollars in stock and salary due to the gap in supply and demand, which raises the question of how smaller startups and business will compete. Even with the promise of owning a part of stock in a growing company, small startups cannot compete with the enormous salaries AI engineers and even professors (who are being taken out of the classroom to work in industry) are being offered. This effectively locks anyone else out of the industry and creates an oligopoly within the AI industry, so the question is — is this a fair situation to smaller companies? Should we make more of an effort to accelerate AI teaching throughout the world to scout talent? Or should we take the initiative to put salary caps on AI specialists like the NFL?


How regulations affect blockchain technology adoption?

Different industries are trying to adopt blockchain technology into their current system and these applications cause the needs of standard blockchain technology regulations.  There are four key areas that drive attention from governments around the world, including virtual currencies (tax issues), data encryption, privacy, and identity management. Currently, regulations are highly depending on each government rather than a standardized one. In the United States, the federal government has not exercised any power to regulate blockchain technology but intend to let state government introduce their own regulations, which can cause varies differences. Meanwhile, due to the EU system, Europe has more welcome and positive attitude and standardized regulations toward blockchain technology. China, on the other hand, although China government like to see the thriving in blockchain technology, it will not allow the technology over the regulations. Thus, Bitcoin transaction is currently prohibited in China.

Based on governments’ attitudes, we can tell how risk appetite and government controls various in different countries. My question is in your opinion, which one is more important, technology development or government control? Is it ok to sacrifice either one in order to achieve any potential future goal?


Modern Day Robin Hood

Arcade City has self-identified as an Uber killer. They got their start when Uber was banned from Portsmouth, New Hampshire, leaving tons of drivers without jobs and even more riders stranded. As a community of peer-to-peer ride sharing consumers and providers with technology powered by Blockchain, they feed off of the traditional ride sharing incumbents’ weaknesses.

Arcade City has conducted testing since 2016 and recently released their long-anticipated mobile app. Their next step (which has already begun in full force) is to create their own native currency to expand and scale their network. This currency, known as ARC, is based on Ethereum, and will facilitate transactions within the network. In addition, Arcade City will begin to pay its network members (drivers and riders) with ARC tokens for anything the members do that measurably helps grow the network.

In order to fund this, Arcade City did not/will not accept traditional venture capital. Instead, they are having an initial token sale. The sale is happening now, and will culminate in 2018. The first round earned nearly 62,000 ether, which equates to about $620,000. People can make purchases by sending funds to an Ethereum smart contract.

All the value from the sale stays in the hands of the network members, not in corporate wallets. Because of this, Arcade City is calling itself a modern day Robin Hood.  Do you agree? Will you get in on this sale?


Will 5G be the next disruption in media and entertainment?

According to Forbes, the fifth generation of technology for wireless communication (5G) will be coming soon, and when it comes it will disrupt the media and entertainment industry, because of its fast speed which allows mobile devices to be more capable on streaming. In fact, when 4G was introduced, streaming became more popular and less expensive than downloading content from internet, and it was only after that we have faster speed internet, examples like Netflix, the video streaming service, and Pandora or Spotify, the music streaming service clearly start to grow. I believe that 5G fits into the category of sustaining innovation in Christensen Disruptive Innovation model. Digital content platforms have already been disrupting the traditional media like news paper and television for years, and faster transmission speed can no doubt speed up the disruption process. Furthermore, 5G will also speed up the evolution of user-generated media because of its high uploading speed. Netflix grew so quickly that now it’s producing its own contents “Netflix Originals” to compete with the television broadcasters. I believe that user-generated media like video blogging (or vlogging) can grow just as fast as that, and may be dominating what we watch for entertainment in the future.

What do you think is the next industry that may possibly be disrupted by 5G?


Granados, Nelson. “5G: The Next Tech Disruption In Media And Entertainment Is Coming.” Forbes, Forbes Magazine, 23 Aug. 2017,

By. “Could 5G Be the Next Big Tech Disruption?” Switchfast Tech Digest, Switchfast Technologies, 10 Aug. 2017,