Daily Tech Digest - December 28, 2016

Simplify your platform with IT systems management tools

What an IT manager should be looking for is a statistically valid prediction of what workloads will be like at a point in time rather than a simple straight-line analysis of what has happened in the past. One example is FreeStor from FalconStor; it applies advanced statistical methods to gauge how storage workloads are trending and enables managers to pre-empt problems. Again, don't forget the software. Workloads need to be packaged, provisioned and managed. That management needs to include workload portability across different areas of your IT platform. ... Then there are the IT systems management tools that try to do as much as possible. For people stung by the vast framework systems of yesteryear, you may be glad to know that today's big systems tend to be more granular and open, enabling quality systems to be plugged in wherever necessary.


Maintaining Data Security with Cloud Computing Options

Data encryption was also a key aspect of the cloud computing guidance. CSPs should know that it is still considered a HIPAA business associate if it only stores encrypted ePHI and does not have a decryption key. An organization is still a BA under HIPAA regulations even if it cannot actually view the ePHI it is maintaining for a covered entity or fellow BA. Data encryption can help reduce the risk of unauthorized access, but it is not enough by itself to maintain ePHI security, according to HHS. “Encryption does not maintain the integrity and availability of the ePHI, such as ensuring that the information is not corrupted by malware, or ensuring through contingency planning that the data remains available to authorized persons even during emergency or disaster situations.”


Ensuring Bitcoin Fungibility in 2017 (And Beyond)

The only way to know that your bitcoins are clean is to go to a centralized service and ask for a background check. Suddenly the value of your coins is being decided by a centralized party. Every platform accepting bitcoin could implement different policies for deciding which coins are clean or dirty. And exchanges in different legal jurisdictions (US, China, India, etc) are likely to have different policies. The bitcoins worth the most money would then be the bitcoins accepted everywhere. This means it's not enough to just ask one exchange for a background check, you have to ask every major platform whether or not they think you have clean coins. And a platform doesn't think that you have clean coins, their decision reduces the value of your holdings regardless of whether you actually use that platform – your coins cannot be traded with any of the platform's users.


Moving to the cloud? Three things to think about before you make the jump

Matt Peers, CIO at Linklaters, says the bringing together of systems and services is still a concern for IT leaders considering a move to the cloud. "I think there's a temptation to draw on the services of many different providers but that can create a huge integration challenge," he says. Peers says effective CIOs will create a balance, drawing on enough cloud providers to take advantage of the competitive tension, while at the same time avoiding the risk of having too many partners to manage. "You don't want to be forever chopping and changing between services," he says. This need for cloud control could lead to a new trend, where expert providers help mop-up the management concerns associated to on-demand provision. Moves in this direction are being made.


More people expected to adopt EMV technology in 2017, but how secure is it?

One big problem remains: While the majority of merchants have implemented EMV technology, the report found, most cards do not offer the more secure PIN card option. Chip technology is also called EMV, which stands for Europay, MasterCard and Visa, the companies that developed it in the 1990s. It has been the standard across much of the rest of the developed world for a decade, particularly in Europe and Asia. Storing data on a chip in theory makes the credit card more secure because it isn’t easy to produce counterfeits — a key problem with cards that store data on a magnetic stripe. This reduces point-of-sale fraud, which involves buying something with a fake credit card at a physical retail counter, but it doesn’t reduce fraud when purchases are made online.


Enabling Strategic HR

These are disruptive times for the Human Resources (HR) organization. HR finds itself at an inflection point due to various external factors, one of them being the current gap that usually exists between the digital experience outside of the workplace and how the HR customer (the employee, manager, contractor, retiree, etc.) interacts with their HR organization. Driven by their usually positive digital experience outside of the office, the HR customer is beginning to ask the question: “Why can’t my interactions with HR be at least as good?” We see an opportunity in the marketplace to explore how an experience-focused, information-driven approach to delivering HR services can achieve a great digital consumer experience, what we call the “digital workplace”. There are five key attributes of what could be considered a “great” digital consumer experience


Cybersecurity: Threat Intelligence and an integrated approach to security

The Chinese mentality has been that, “I need to manage everything as a whole”. It turns out we have over 700 managed service customers, managing over 1200 networks. So we have to pull the stuff together for our customers. And because of this, the assisting methodology we’re bringing forward to our devices is we have to have these things start playing together, either through communication for better dynamic security response, or in terms of better central alerting and management. The problem with most other companies is they’re fixing on their products but very few pure cybersecurity companies actually have their products speak to each other, that siloed mode, I can’t get this device to talk to that device, even though they’re from the same company.


What CIOs Want CEOs to Know About Data Security

The most important step toward data security begins at a fundamental level. One that ensures health data is transmitted to and from vendors, providers, health systems and patients in a safe and secure manner. Consider a hospital sending a patient’s lab results to a physician, or a vendor communicating with a patient or provider about information from a personal fitness device or app. These platforms are ripe for data breaches and, therefore, penalties, lawsuits and even high profile media exposure. Another major question that CEOs and CIOs must address is which data transmission solution is best for their specific organization. Currently a number of vendors, consultants, software programs, etc. are available that promise to help organizations address their data security issues. The best option for each organization will be based on a number of factors, including size, budget, IT staff, expertise and overall goals.


CIOs will thwart cybersecurity threats with behavioral analytics in 2017

It’s no secret that boards are loosening the purse strings for cybersecurity but CIOs will continue to struggle to balance their cyber investments against managing risks to their businesses. Put another way: The choice between what to buy, implement and tune first -- the shiny new behavioral analytics platform or the latest and greatest business email compromise stopper -- poses prioritization challenges many CIOs aren't accustomed to in this age of cyber warfare. Worrall says that even if their boards allocate more funds for cybersecurity, CIOs need to beware of budget abuse. Those who take the “sky is falling” approach become chicken little, he says. One advantage Worrall has working for a networking technology company is that his tech savvy board grasps the intricacies of cyber defense.


Why Cybersecurity Leapt From the Basement to the Board Room

Notably, under the proposed regulations, board or senior compliance officers would need to certify that their organization’s security controls are meeting requirements. This could potentially expose such individuals up to criminal liability if the claim is found fraudulent. ... While overall cybersecurity spending is on the rise, certain organizations aren’t putting a cap on how far. This year, Bank of America has implemented a “whatever it takes” approach to thwarting attacks, giving unlimited budget to its cybersecurity business unit. While there will surely be scrutiny to the effectiveness and ROI of how such (non) budgets are spent, it’s obvious that the C-suite has gotten the message. Lax security practices don’t just mean embarrassing headlines and lost customer confidence.



Quote for the day:


"All progress is precarious, and the solution of one problem brings us face to face with another problem." -- MLK