Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
As part of this article let's have deep dive on Continuous Integration and Continuous Delivery with AnyPoint Platform — CloudHub.
Before we begin to understand CI/CD in CloudHub let's first touch base on a few jargons being used in the article.
During my last assignment with a client for migrating some on-premise applications and data to Microsoft Azure, I was asked by the customer that they would only be allowed to store the data in a particular geo location. That is to say, they wanted to know how cloud will help them to follow data residency and sovereignty requirements.
Data residency is a compliance requirement where a business focuses on storing their data in a specific geo-location. There may be many reasons for this requirement, but it is generally governed by government compliance, such as GDPR in Europe.
When development teams using waterfall approaches couldn’t keep up with customer requirements, they adopted DevOps and Agile SDLCs. While these flexible approaches attempt to meet customer demands, security processes get left behind. You either skip security, or you aren’t really Agile. Either way, you’re losing the benefits of adapting rapidly to customer needs.
Now that new regulations and consumer awareness have made privacy and security a priority, the industry’s recognized that they need to be built into the SDLC. “Shift left” means integrating processes and testing that have traditionally happened at the end into the development process itself, and you often hear that term used to describe a transition from DevOps to DevSecOps.
Whether you’re a software development team lead at a prestigious financial institution assigned to redact personally identifiable information (PII) before releasing the next bankruptcy report, or you're part of a development shop that has just been contracted by a large healthcare organization to help update their systems to meet HIPAA requirements, chances are you’ve been asked to obfuscate sensitive data.
Protecting sensitive data is not an uncommon requirement when building applications. In a recent survey, 71% of companies indicated they utilized encryption for some of their data in transit; 53% utilized encryption for some of their data in storage.
Last week, a member of the WooCommerce Help and Share Facebook group who sells Cannabidiol or CBD products submitted a post that included an email exchange with WooCommerce support.
In the exchange, the support rep explained to the store owner that when their WooCommerce.com account was connected to a WordPress.com login, it then fell under the WordPress.com store guidelines.
According to the guidelines, controlled substances (including marijuana, cannabidiol or CBD, and other cannabis-derived products) are not allowed to be sold.
The support rep goes on to say that this included but was not limited to sites using WordPress.com, the Jetpack plugin, and any extensions from WooCommerce.com.”
The store owner is then informed that their store will be disconnected from Automattic hosted services if they continue to sell CBD products.
The support rep provided the store owner with a link to the most frequently asked questions on selling CBD products using WooCommerce.
The wording of the document made it seem as though there was a difference between downloading the plugin from the WordPress plugin directory or WooCommerce.com. It also appeared to apply limits on how the GPL licensed software could be used. Here is a cached version of the original document.
Can WooCommerce be used to sell cannabis-derived products such as CBD oil?
Yes, if you download the WooCommerce plugin directly from WordPress.org or install the WooCommerce plugin via the Plugins page of your site from WordPress.org.
No, if you download and install the WooCommerce plugin directly from WooCommerce.com.
It is the same WooCommerce plugin, but the location of download makes a difference?
What’s the difference?
The difference is ownership.WooCommerce from WordPress.org is open-source software and is hosted through a third-party company.
WooCommerce from WooCommerce.com and WordPress.com is hosted through Automattic. Sites cannot sell cannabis-derived products if they are connected to Automattic servers, which includes and is not limited to WordPress.com, the Jetpack plugin, and any plugin or extension downloaded directly from WooCommerce.com.
Can I use WooCommerce software from (x company) to sell cannabis-derived products?
If you use open-source WooCommerce software from a third-party company, note that there may be additional limitations and regulations imposed by shipping and payment companies.Can I get support for a WooCommerce store selling CBD products?
No, not from us at WooCommerce.com or WordPress.com.Many of our store owners and customers reside in countries where CBD products and other cannabis-derived products are fully legalized, but the production and sale of cannabis-derived products in the US – where our company is registered – is highly regulated.
As a result, we are currently unable to offer support for any WooCommerce site that sells CBD oil or other cannabis-derived products, whether the CBD oil is over or under 0.3% THC and whether it is derived from hemp or cannabis.
Original WooCommerce and CBD Products FAQ
Taking note of the confusion, Paul Maiorana, Acting General Manager of WooCommerce, responded to the discussion and admitted in the Facebook thread that the policy was not as clear as it could be.
Earlier this week, the WooCommerce team revised the policy and made it much clearer on what is and is not allowed.
Can WooCommerce be used to sell cannabis-derived products such as CBD oil?
Yes, you can use WooCommerce for your site. As our software is open source, we do not limit its use.
However, while you can use the code of our WooCommerce plugin to sell products derived from cannabis and hemp, you cannot use services offered directly by Automattic to support those stores. This is the case whether the products are over or under 0.3% THC, and whether they are derived from hemp or cannabis. Automattic’s direct services include, but are not limited to, WordPress.com, WooCommerce.com, and the Jetpack plugin.
This means that you can use the open source WooCommerce plugin to sell cannabis-derived products, but you cannot:
Connect your site to Automattic’s servers in WooCommerce > Extensions > WooCommerce.com Subscriptions for automatic extension updates or at WordPress.com.
Use WooCommerce services that depend on a Jetpack connection, such as WooCommerce Shipping or WooCommerce Tax.
Host your site on WordPress.com.
Can I get help for my WooCommerce store?
Revised WooCommerce and CBD Products FAQ
Yes. Our WooCommerce.com help desk can assist you with your site if you would normally qualify to receive support. You might also receive help from others in the WordPress.org forums or the WooCommerce community.
In the last two years, WooCommerce has increasingly relied on Jetpack and its connection to WordPress.com’s infrastructure to provide services. These include WooCommerce Shipping, the WooCommerce app, and Automated Tax Calculations. In 2017, Todd Wilkens made it clear that WooCommerce would continue to make extensive use of Jetpack to provide cloud services.
While the policy makes things clearer, CBD store owners will need to determine if they can live without the conveniences provided by Jetpack, WooCommerce.com, and WordPress.com. This situation is also a reminder to all store owners to double check a service’s policies before connecting any sites.
Cybersecurity research has, it seems, two main thrusts. Both of them seem similar at first glance, but one is more lucrative (though not as impactful) while the other has much more impact (but doesn't seem to pull in the cash). Let's give an overview of various cybersecurity careers first, and then segue into what cyber R&D is today.
From a career perspective, you can first split jobs into either offensive or defensive specialties. Now, granted, this is a somewhat artificial delineation. After all, if you work in any corporate cybersecurity department, you've got someone either on staff or on call that can analyze suspected malware or do some post-incident forensics. But generally, offensive folks do things like pen testing and vulnerability analysis while defensive folks implement and monitor cybersecurity controls and policies in organizations. We can include forensics work and malware analysis as defensive fields. They're not a perfect fit, but as they're not focused specifically on attacking systems, let's lump them in with defensive fields.