August 26, 2014

Data Erasure Technology: Ensuring Security, Savings and Compliance
Erasing data from failed drives is critical, as up to 80 percent of them are still operational and vulnerable to data breach. Many industry standards and regulations like healthcare (HIPAA, HITECH), finance (GLBA, SOX, FACTA) and retail (PCI DSS) require data sanitization and proof of erasure for each drive in the form of auditable reports. Non-compliance may result in large fines, civil liability and costly damage to brand image. Hardware appliances that sanitize drives in-house using advanced data erasure ensure data integrity and regulatory compliance with audit-ready reports, and enable data centers to safely return failed disks to OEMs within RMA timeframes.


When transaction management becomes a business (technical) issue
Benefits of Crittercism’s mobile optimized transaction management solution include proactive visibility into the business and revenue impact of key mobile transaction performance; an ability to define and monitor true mobile transactions that span across multiple views, user interactions and service calls; and an ability to automatically track all mobile-specific dynamic states such as network connectivity changes, application backgrounding/foregrounding and user view transitions that provide complete user flow visibility.


Seven Things the CIO should consider when adopting a holistic cloud strategy
In order to successfully leverage a cloud-based solution, several things need to change that may contradict current norms. Today, cloud is leveraged in many ways from Software as a Service (SaaS) to Infrastructure as a Service (IaaS). However, it is most often a very fractured and disjointed approach to leveraging cloud. Yet, the very applications and services in play require that organizations consider a holistic approach in order to work most effectively. When considering a holistic cloud strategy, there are a number of things the CIO needs to consider including these six:


5 Ways Federal CIOs Plan to Improve Security Monitoring
"Though the CIO and [CISO] have sort a perch seat to look at the security happening in the department, the actual circumstances are that security is often performed by decentralized teams," Streufert says. "Our first recommendation on people and processes is to identify and establish your agency's continuous diagnostics and mitigation team." Streufert, speaking at a government IT forum on Wednesday, also offered several additional tips for agencies to consider when implementing their own CDM programs to secure the buy-in of both security and business workers and to evaluate the success of the initiative.


Building Information Technology Liquidity
IT organizations desperately need to embrace the concept of “liquidity”—not by having extra cash lying around, but creating agile and flexible infrastructures that can take advantage of unplanned demand. This is especially hard when an estimated 75% of the IT budget is already spent on maintaining legacy infrastructure. Even worse, IT capacity planning efforts are often based on simple linear regression models or other quick and dirty heuristics that don’t account for huge spikes in demand such as a major corporate merger or “one-hit wonder” product.


Nginx and Android: A great on-the-go web dev tool
There are times when you just need to develop on the go. When this happens, you might not want to carry around that bulky laptop -- or maybe your only option is a tablet or smartphone. If that's the case, and you have an Android device handy, you're in luck! The Nginx (pronounced engine-x) web server is great way to have a portable web server for testing, developing, and even serving up web pages. NAMP (nginx android web server) is a 10-day trial app (after the trial, the cost of a license is $0.99 until Sept 1st, 2014, after which the price will raise to $4.99). Here are some of the app features:


GCHQ produces BYOD guidelines for organisations
“With the rapid increase in the use of mobile devices - and the growth of remote and flexible working - staff now expect to use their own laptops, phones and tablets to conduct business,” said the document. The guidance has been produced for both public and private organisations. Due to the involvement of the CPNI, the guidelines will be also aimed at companies involved in the UK’s critical national infrastructure, such as energy, transport and banking firms. But the document also encourages public sector organisations working at the lowest security standard (official) to seek further guidance from CESG before implementing BYOD.


Shadow cloud services pose a growing risk to enterprises
"There is a new form of shadow IT and it is likely more pervasive across the company" than many might imagine, given the easy access to cloud services, Beston said. "It is harder to find, because it is being procured at small cost and is no longer operating within the bounds of the company." ... "Shadow cloud is happening under the radar" at many organizations, Beston said. Without governance, such cloud services present significant data security risks and the potential for technology and service redundancies. Risks include inadvertent exposure of regulated data, improper access and control over protected and confidential data and intellectual property and breaching of rules pertaining to how some data should be handled.


5 Ways to Steal Your Innovations
It is the dream of most small manufacturers to invent a new product and sell it to a larger company to handle all of the manufacturing and marketing. The dream includes getting a big upfront payment and then relaxing as the royalty or other payments come in. Very seldom will the inventor company get all of his money up front, which means they have to negotiate some kind of agreement. These agreements are very problematic, so it is a good idea to understand the various strategies used to steal your invention, or not pay you in full. Here are five of the most common strategies used:


Analysts Say Mobile App Development Requires New Strategy, Techniques
If enterprises don't change their tune on mobile development and instead stick with traditional desktop app development techniques, their efforts will fail, said Gartner analyst Van Baker last week. "Enterprise application development teams use traditional practices to define and develop desktop applications; however, most don't work with mobile app development, due to device diversity, network connectivity and other mobile-specific considerations," said Baker during a presentation to IT leaders in China. "Instead, [application development] managers should use functional, performance, load and UX testing, as well as agile development practices."



Quote for the day:

"How things look on the outside of us depends on how things are on the inside of us." -- Parks Cousins