January 22, 2013

Incentive-based pricing models for your next IT outsourcing contract
Traditional IT outsourcing contracts are typically based on a fixed price for a set scope of work, or a set price per number of units: Vendors are paid to provide a utility function (for example, managing servers, monitoring network devices, ensuring email is available). Incentive-based pricing, on the other hand, rewards vendors for adding benefit to the service: cutting costs, boosting revenue, improving efficiency, for example. But getting there isn't easy.


Software-Defined Storage: A Buzzword Worth Examining
The adoption and propagation of new market terminology is not some conspiracy by the vendor community to confuse everyone. There is absolute value in the various types and components of SDS. But we need some context and specificity to uncover that value, and even more of that context and specificity to enjoy and benefit from that value in any given user environment.


Experience
It unfolds over the intervals necessary for assimilation and integration; however, the passage of time alone is no guarantee of learning and we shouldn’t confuse grey hairs with experience. ... Experience can’t derive from being a bystander in the classroom or on the assembly line: You have to be in the game. It means diving in, doing work, building stuff, and taking risks.


Businesses finally see ROI for IT security
Almost two-thirds of organisations regard IT security as the responsibility of everyone within the enterprise, not just the IT department, the survey found. Some 38% of respondents said their organisations see investment in IT and systems security as an "insurance policy" to protect company assets.


Who’s on deck? 3 questions for succession planning
The moment after you land the corner office, you need to be thinking about who will replace you. Your legacy lies in the hands of your successor. How you are perceived by others when you are gone relies greatly on the person you select to replace you.


New bill asks companies to notify EU of security breaches
Proposed legislation in the European Union would force tech companies that have access to user data -- such as Facebook, Google, and Microsoft -- to report any security breaches to local cybersecurity agencies, the Financial Times reported today. This is the European Commission's effort to make private companies accountable for privacy and security problems, European Commission Vice President Neelie Kroes told the Financial Times.


The Best and Worst Methods for Enterprise Architecture
From a strategy basis, Burton recommended the following three-tier approach for enterprise architecture project leaders: Change the way you think: Frame every comment in terms of business outcomes, value and business performance; Show value for money, meaning the right services at the right level of quality and the right price; and Position EA in investment terms, including near- and long-term business performance.


Sitting Is the Smoking of Our Generation
As we work, we sit more than we do anything else. We're averaging 9.3 hours a day, compared to 7.7 hours of sleeping. Sitting is so prevalent and so pervasive that we don't even question how much we're doing it. And, everyone else is doing it also, so it doesn't even occur to us that it's not okay.


Asia needs regional cybercrime center
Myla Pilao, director of core technology at Trend Micro's TrendLabs, said since most of today's online crimes are becoming borderless, Asia-Pacific will need a centralized agency to help examine the crimes that have taken place and supply necessary threat information across member states. Such a cross-region agency will also provide the impetus for Asian governments to adopt stronger legislations encompassing various crimes committed online so as to deter cybercriminals, Pilao added.


Confused by the glut of new databases? Here’s a map for you
The flurry of database action over the past year rendered the usual discussion around structured or unstructured, SQL, NoSQL, and NewSQL databases even more, um, nuanced than before. Matthew Aslett, research manager at 451 Research took the bull by the horns and updated his previous (one-month-old) database road map to include all sorts of new entries.


Doubt cast on the security of Kim Dotcom's Mega service
The problem is that SSL has long been recognized as a weak point on the web. In 2009, security researcher Moxie Marlinspike created a tool called SSLstrip, which allows an attacker to intercept and stop an SSL connection. The attacker can then spy on whatever data the user sends to the fake website.



Quote for the day:

"We must view young people not as empty bottles to be filled but as candles to be lit." -- Robert Shaffer