February 28, 2014

Five Essentials for Successful Information Security Training
The hype over the latest security breach in the headlines always fades away. Business executives, network users, and even IT professionals talk the talk when the topic is hot – making promises to do better. In a very predictable fashion, people get back to their old ways of doing things. They then proceed to let their guard down. And then it happens, again. Another big security breach. If there’s anything positive that comes from this common mode of operation it’s that small, incremental changes are often put in place, both through people, business processes, and technical controls.


Security researchers urge tech companies to explain their cryptographic choices
Fourteen prominent security and cryptography experts have signed an open letter to technology companies urging them to take steps to regain users' trust following reports over the past year that vendors collaborated with government agencies to undermine consumer security and facilitate mass surveillance. ... The letter was an initiative of the advocacy group Electronic Frontier Foundation and outlines 10 principles, both technical and legal, to which signatories believe technology companies should adhere.


10 public cloud security concerns you shouldn’t ignore
It’s not news that businesses are moving more of their data to the cloud. But even as cloud storage and computing have hit the mainstream, there are a lot of questions around the public cloud – ones that not everyone is asking. For Mark Russinovich, technical fellow of Microsoft Corp.’s Windows Azure cloud platform group, the public cloud has helped businesses grow, but there are still many concerns for data security and privacy. He pulled together a list of 10 concerns that security professionals should consider when putting their organization’s data into a public cloud.


ThoughtWorks Interview: Agile Principles & Global South
Many people are extremely passionate about Agile software development. It is a model which strives to be collaborative and is based on solid democratic principles of sharing expertise. The Agile Manifesto describes how: “We are uncovering better ways of developing software by doing it and helping others do it.” In fact, at over a decade old Agile still generates a bizarre mix of either excitement or fear in a lot of organisations.


China’s President Will Lead a New Effort on Cybersecurity
“Efforts should be made to build our country into a cyberpower,” Mr. Xi said in a statement released after the first meeting of the group on Thursday, according to the official Xinhua News Agency. The announcement comes as Mr. Xi is solidifying power, mounting a bold crackdown on corruption at the top of the Communist Party and pushing through overhauls aimed at strengthening and restructuring the country’s economy.


10 tips for surviving your new leadership role
Being dropped into a role of leadership is both a compliment and burden. And it can be a bit overwhelming, too. With expectations coming at you from the top and bottom, it's difficult to know where to start. Here are 10 tips garnered from colleagues and personal experience, each one vitally important in successfully managing both campaigns and staff.


Google Android chief: Android may be open, but it is not less secure
Naturally, responding in such a self-critical fashion would have raised a few eyebrows. However, Google has provided a full transcript of the executive's commentary -- one which sheds a very different light on the issue. Instead of Android not being geared towards security, Pichai actually said that the open nature of the platform gives the OS better scope in threat protection -- as many minds, developers and security experts can pitch in and both fix problems and shore up defenses.


Cloud security concerns are overblown, experts say
Today, though, security concerns are still the major inhibitor of cloud adoption at many large companies. The concerns are most significant among those IT executives considering a cloud migration. Those who have already made the leap appear mostly satisfied with cloud security, the panel agreed. An Intermap survey of 250 decision makers at medium and large companies found that 40% of those who described themselves as "cloud-wary" cited security as their biggest impediment to adoption. In contrast only about 15% of "cloud-wise" respondents felt the same way.


Four Tips for Walking Your Innovation Talk
Employees at all levels take their cues from management, which makes it essential that senior executives practice what they preach. And that means a climate of innovation must start at the top, ideally with senior leaders who are both inspiring and dedicated. Through years of innovation training for the world’s foremost companies, my firm, futurethink, has identified an effective formula for leadership role modeling.


How to be recognized as a young leader
“What are some good ways to get recognized as an emerging young leader in your organization without sounding like you’re trying to toot your own horn?” My mother always told me if you just kept your head down and did good work, you would get ahead in your career. While there is certainly some truth to that advice, there’s a lot more to it when it comes to getting noticed for your leadership potential.


Quote for the day:

 "I don't think you can ever do your best. Doing your best is a process of trying to do your best." -- Townes Van Zandt
Posted by at No comments:
Labels: , , , , , , , ,

February 27, 2014

An introduction to SDN can help server admins reach across silo lines
Network-specific challenges include tracking the location of production workloads within the physical infrastructure. Orchestration and automation enable horizontal scaling and can request both network and compute services based on the needs of the application. This isn't an approach for just virtual servers; it also allows for big data applications that scale their physical footprints based on the size of the data. The ability to have what are called northbound and southbound application programming interfaces (APIs) from the virtual network to the physical network is what enables these new capabilities.


Q&A: Gunjan Sinha of MetricStream on Evolution of GRC
Now there is real weight behind this stuff, and putting weight behind it is how to change culture, and to link compensation to this. The whole business of governance, risk and compliance has to become pervasive and go down to each and every employee, supplier, vendor, stakeholder, and can’t be limited to the select few trying to make this happen. A five-year headline–what I’m seeing in the next five years–is a pervasive cultural transformation of compensation linked to these cultural changes. It is becoming a proactive science rather than the reactive process and the way people were dealing with it before.


Partners with R
There's a lot of excitement from everyone at OpenBI surrounding the soon-to-be-released RScript transformation plugin for Pentaho Data Integration. With its rich, open source functionality, PDI's long been OpenBI's platform of choice for ETL, data integration and wrangling. Now its considerable capabilities can be combined in transformation flows that promote the building of R data structures from complicated inputs, as well as facilitate computations in R that broadcast to, for example, model-scoring and report-writing steps. We believe PDI-RScript can be a productivity boon for data science professionals.


A Telepresence Machine to Watch the Kids or Visit Grandma
The Beam+ is designed so that once installed in a home, anyone with the login credentials can bring it to life and start moving around. The operator’s interface shows the view from a camera over the screen, as well as a smaller view looking down toward the unit’s base to aid maneuvering. A user drives it by moving a mouse over their view and clicking where they want to go. The first 1,000 units of the Beam+ can be preordered for $995, with later units expected to costs $1,995. Both prices include the charging dock to which the device must return every two hours.


RSA's Coviello breaks keynote script, takes on NSA controversy
He used company history to set RSA up as an agent for change. He outlined RSA's early work with the government, on open source toolkits and the evolution of algorithms before he took mentioned the NSA controversy. "Unlike nearly 20 years ago when we were seen as leading the charge against the government to secure the privacy of digital infrastructure, we've been accused of being on the other side of that battle," Coviello said. He went on to say the situation called for context on the state of the industry and the state and evolution of RSA's business.


Has Hybrid Cloud Arrived ? Part 1
Hybrid cloud enables organisations to innovate faster by enabling rapid, self-service provisioning of resources, with the choice to deploy workloads in an enterprise’s own data centre or in the public cloud in a pay-as-you-go and scaled out manner. Hybrid clouds enable multiple use cases such as dev/test, capacity augmentation and disaster recovery besides control of Shadow IT. There is an increased trend towards hybrid cloud as it offers flexibility to respond quickly to business needs and allows reduction in cost.


eBook | Network Security Now
The IT Security threat landscape has changed quickly - and now businesses themselves are changing quickly as well. As mobile and cloud computing continue to remake enterprise IT, how can security keep up? In this FierceITSecurity eBook, IT and networking professionals will find practical, real-world advice on how to handle network security now. Download this free eBook today to find out: Tips for dealing with budget limitations; Keys to setting smart policies; How to educate employees; and Benefits of prioritizing risks


Flash technology infiltrates the data center with SSD systems
A growing number of companies are deploying flash technology with SSD systems. Though far from perfect, SSDs provide compelling benefits. Enterprises need to balance high costs vs. dramatic performance improvements as SSD storage encroaches on HDD storage in the data center. Solid state drives (SSDs) came into high-performance enterprise, military and industrial data centers nearly 25 years ago, for niche applications that needed real-time cache and where the environment was too harsh for standard magnetic hard disk drives (HDDs).


Get Ready for Big Data to Take the Wheel: Rosabeth Moss Kanter
Vehicles are beginning to dynamically interact with roads and each other. An estimated 900,000 front-to-rear vehicle crashes per year in the U.S. cause injuries and deaths and cost about $2 billion, according to the National Highway Traffic Safety Administration. Equipping cars, trucks and buses with sensors and network connections can ensure that vehicles avoid danger, saving lives and money. Technology is also changing where and when we drive.


The Technical and Social History of Software Engineering
Capers Jones wrote the book The Technical and Social History of Software Engineering in which he provides an overview of the evolution of information technology and software development. The book starts by describing the human drive towards faster computation, followed by 9 chapters that cover developments in software engineering from 1930 until 2010. Major software failures that have happened in these years are explored in a separate chapter. The final chapter of the book describes ongoing developments and provides a projection of the future until 2019.


Quote for the day:

 "Obstacles are those frightful things you see when you take your eyes off your goal" -- Henry Ford
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

February 26, 2014

Amazon's WorkSpaces: Why is it needed?
While WorkSpaces are based on Windows Server and include traditional office applications, they can be linked to a wide variety of devices through custom WorkSpaces clients. These devices harmonize the applications' GUI (essentially, Windows 7) with the specifics of the client devices. Amazon uses the Teradici PCoIP protocol to create a secure link between the WorkSpaces instances in the cloud and the clients, and because the protocol carries only the GUI and not the underlying application data, there's inherently less exposure of secure information as well as encryption and authentication (via Active Directory) protection for applications.


RSA 2014: Principles key to digital world, says Microsoft
Adherence to the principles of security, transparency and privacy means that Microsoft does defence and not offence, said Charney. It also means Microsoft does not put back doors in its products and services, which in any case would be economic suicide, he said. “People have asked if our Defender anti-virus product will raise alerts if it finds government surveillance software, but the answer is simple. We don’t care what the source or the motive of malware is.


Coca-Cola’s New Marketing Map: Is It Better?
This blog entry focuses on two issues: What went wrong with Coke’s social media marketing? and How can Coke get more bang for fewer bucks? The nadir of Coca-Cola’s disconnect with fans and readers is its millions of Likes, which often result in fewer than 100 comments. Its largest market is the US; this is where its weakness is most evident. Meanwhile, Diet Coke faces rising concerns over artificial sweeteners. Coca-Cola has announced that profits fell by 8.4 percent in the last quarter of 2013, and it is now eyeing US$1 billion in cuts.


eBook: Fundamentals of SQL Server 2012 Replication
Fundamentals of SQL Server 2012 Replication provides a hands-on introduction to SQL Server replication. The book begins with a short overview that introduces you to the technologies that make up replication. In the following chapters, the book will walk you through setting up different replication scenarios. All hands-on exercises are designed with security best practices in mind. When you're finished working through the exercises, you will be able to implement your own multi-server replication setup while following the principle of least privilege.


DataStax adds in-memory option to Cassandra database
Besides being fast, the in-memory option introduced with DataStax Enterprise 4.0 is also easy to use, and allows developers to treat in-memory objects the same way they would regular Cassandra tables. The platform is based on the 2.0 release of the open-source database, which adds support for lightweight transactions and includes improvements to the native query language that make it a bit easier to import data from relational systems. That helps clear a migration path for slow-moving enterprises with large-scale Oracle investments to sustain—a task that consumes a lot of time and resources but doesn’t generate any quantifiable value.


Five Things Developers Need to Know About PaaS
As with any new technology or approach to doing business, PaaS will appeal to different groups for different reasons. The clear business value is that PaaS is added at the application layer. For ISVs, PaaS can help extend the availability of a traditional software product or enable organizations to add new capabilities to their existing IT spectrum. It's also helpful to anyone wishing to achieve productivity gains, speed time to results, or reduce their costs. But like any technological shift, PaaS adoption requires changes in how people work and demands collaboration if it is to be as successful as possible.


SQL Server Indexed Views: The Basics
Indexed views can be a powerful tool, but they are not a 'free lunch' and we need to use them with care. Once we create an indexed view, every time we modify data in the underlying tables then not only must SQL Server maintain the index entries on those tables, but also the index entries on the view. This can affect write performance. In addition, they also have the potential to cause other issues. For example, if one or more of the base tables is subject to frequent updates, then, depending on the aggregations we perform in the indexed view, it is possible that we will increase lock contention on the view's index.


How to dispose of unwanted backup media
Whether you write your backups to removable media, spinning disks, or some combination of the two, your backup media will eventually wear out and need to be replaced. Of course, this raises the question of how best to dispose of unwanted backup media. The problem with backup media disposal is that your backup media contains sensitive data. Even if the data really doesn't seem all that important, there is no shortage of surprisingly creative uses for various forms of stolen data. As such, it is clearly in your best interest to make sure that the contents of old backup media do not fall into the wrong hands.


Microsoft launches technical preview of Emet 5.0
Version 5.0 adds two new protections for enterprises on top of the 12 built-in security mitigations included in version 4.1. First, an attack surface reduction mitigation helps enterprises protect third-party and custom-built applications by selectively enabling Java, Adobe Flash Player and Microsoft or third-party plugins. “Enterprises can configure Java to load on the intranet for line-of-business applications but not on the internet,” Ness told Computer Weekly. “Most businesses need Java only internally, but this opens them up to vulnerabilities on the internet. Emet 5.0 enables enterprises to block Java where they do not need it,” he said.


Samsung beefs up Knox mobile management software
With the update, however, Samsung will allow some third-party MDM and enterprise mobility management (EMM) vendors to run in an untrusted state on the personal side of a device. Software from MDM vendors Good, Mobile Iron and Fixmo will be allowed to run on the personal side. Good's software will work better on a Samsung device than any other device, Samsung asserted. The cost of Knox 2.0 service will be $3.60 per user per month with pricing discounts for larger volumes. IT shops will be able to sign up for Knox software online. Injong Rhee, Samsung's senior vice president of research for business-to-business mobile communication, led the Knox briefing for Computerworld.


Quote for the day:

 "The secret of joy in work is contained in one word: excellence. To know how to do something well is to enjoy it" -- Pearl Buck
Posted by at No comments:
Labels: , , , , , , , , , , , ,

February 25, 2014

Cloud security tools only half the battle against shadow IT
To get at the root of shadow IT, corporate IT must make itself more appealing to business units and beat cloud service providers at their own game. "It's really about communication and training," said Softchoice's Kane. "In many cases, that's not really in the wheelhouse of an IT person's skill set. But that can certainly change." Softchoice learned through its experience that it had to do a much better job of offering training on applications, and more importantly, communicating the reasons for security and compliance policies that it had put in place, Kane said.


7 hidden dangers of wearable computers
As with most Internet-connected devices, the growing proliferation of wearables has spawned both privacy and security concerns. Wearable technologies enable capture and collection of amazingly detailed information about an individual’s life, including their lifestyle choices, personal health, location, movement and daily routines. Without the right privacy controls, such data could end up being used in ways never imagined or intended. And without the right security controls, data gathered by such devices could enable identity theft, stalking, fraud and other crimes.


6 Skills CEOs Prize In CIOs
The better question to ask is: Which skills do most CEOs want their CIOs to have? So let's discuss what your boss will expect of you. Here's where it gets complicated. Regardless of whether the CIO reports to the CEO, has a dotted line to the CEO, or is married to and has children with the CEO, the CEO is your ultimate boss. And the CEO very much cares about the folks who run other mission-focused business units: your peers. To make matters more complex, those peers are also your customers.


The commercial case for open source software
With a rich pedigree of success in the server room, open platforms eventually moved upwards through the commercial sector and across to government in many developed nations. What open source in these (and other mission-critical implementations) demands is not only the strong active developer community that typifies any open code base — it also very often needs a level of expert support and maintenance that works at a more formalised level than that which is available for free through the community.


Are the best CIOs from non-tech background?
There are two school of thoughts that exist, one that thinks a CIO can be truly successful if he has got a technical background. But off late we are witnessing CIOs becoming successful even without a technical background and the key to their success is their business acumen. There is no doubt that knowing technology is a per-requisite to become a CIO, but with enterprises outsourcing their technology infrastructure, a CIOs prime job now is to make IT department as a profit centre. We at CIO&Leader went and spoke to some of the top management of different organisations to find out what do they think about this topic.


Interview: The Power of Collective Insight
People are really amazed with the level of collaboration they can do – in part because it’s not limited only to BI. Jam is much more advanced in overall collaboration, so you can use it as a portal for lots of activities. You can collaborate directly from the BusinessObjects Infoview to see follow reports and see people’s comments and questions. But you can also see BI content through the Jam portal, where you have it as one of the facets of everything else you’re doing. For example, a sales person can see some BI content in a sales analytics forum, post a comment, and that comment can be viewed from the BI system.


Quality Code - Book Review and Interview
... quality code is code that, in order of importance, does what it is supposed to do, is bug free, and is well-crafted. Think of it as code that is ready for today, tomorrow, and next year. Code that does what it is supposed to satisfies the business and the user. Code that is bug free tries to stand apart from the imperfect world and handles things gracefully when it inevitably interacts with an imperfect world. Code that is well-crafted can be fixed, modified, and enhanced far into the future, hopefully breaking the cycle of the value-sucking rewrite that traditionally happens every few years.


Wi-Fi roaming starts to take flight with Hotspot 2.0
While making consumers' lives easier, Hotspot 2.0 could also help mobile operators offload more data demand from their expensive licensed frequencies. But to make it real, service providers have to both upgrade their network infrastructure and forge business deals with partners, both of which can be time-consuming, said analyst Peter Jarich of Current Analysis. On Monday, Boingo Wireless announced that its subscribers with Apple iOS 7 devices will be able to join 21 airport Wi-Fi networks automatically and free of charge.


Public, private and hybrid clouds: Beware of cloud washing
Where does cloud washing come into play? Private clouds are viewed as a combination of cloud's hyperefficiency and ease of provisioning with the control that enterprise IT wants. This permits participation in the cloud while lowering the perceived risk. However, the potential return on investment is low, as it offers only a slight improvement over current methods like virtualization.


Consumers Lead Rise Of Connected Storage
The file system, once seen as a staid and boring technology, has been completely transformed by the advent of computing mobility. Laptops made it possible for people to take their work on the road… and lose it. The first attempt to protect data on-the-go was a modification of backup, a tried and true IT function. Online backup services offered consumers the benefits of a professionally run datacenter. Data had begun a journey from local, hardware-bound file systems to the cloud.


Quote for the day:

 “Do not judge me by my successes, judge me by how many times I fell down and got back up again.” -- Nelson Mandela
Posted by at No comments:
Labels: , , , , , , , , , ,

February 24, 2014

Lync and Skype together - here's how it will work
One of the main news stories from last week's Lync Conference in Las Vegas was that the next release of Lync would support not just Skype audio and IM, but also video. The intention is to provide tools that will allow the millions of Skype users to interconnect with Lync, providing new channels for businesses to connect with customers, users and partners. The big question, then, is how will it work? In the original Skype/Lync federation architecture, both signalling and media followed the same paths through the cloud federation service.


An IT auditor among us
Utter the word auditor, and many CIOs cringe. After all, IT auditors are professional nitpickers who identify problems and get CIOs to fix them. No matter that an auditor doesn't always understand how critical a given technology is to the business. No matter that a CIO is supposed to keep his company's enterprise resource planning system up and running, not take the system offline during business hours to review it for compliance with a lengthy checklist of controls.


How to Test the Security Savvy of Your Staff
User training is an essential part of any security program. Most employees aren't IT or security experts. Nor should you expect them to be. The purpose of security training and awareness is to provide all employees with basic security knowledge, as well as appropriate actions to take when presented with a possible security situation. Technology must be accompanied by awareness training to protect against social engineering and phishing, two common causes of data leakage and breaches. However, once you've spent time and budget delivering a terrific training program, how do you know your employees have retained the information they learned and are putting it to good use?


Free tools for Windows Server admins
There are endless software tools and utilities out there to help you in managing your network. Here are some of the best free ones. They can help you with deploying, maintaining, troubleshooting, and upgrading Window Servers, your domain, and aid with other miscellaneous network tasks.


Wanted: A Flipboard approach for the enterprise
I was recently talking analytics, data and enterprise software with a chief information officer at a massive company and the topic of user interface came up repeatedly. The problem: It's one thing to break down corporate silos, aggregate and define data and then distill it into knowledge. It's quite another to put that data and insight into a format that is actionable for the masses. In other words, we need a Flipboard for the enterprise. What's the corporate story for the day/month/quarter/year in data---revenue, churn, supply chain, day sales outstanding etc.---at a glance?


The 2014 Premier 100 IT Leaders: Reinventing themselves many times over
"Sometimes, it's about trusting other people," Marcante says. "I went and immersed myself in infrastructure and networks, and we doubled our production infrastructure and lowered operating costs in three years." After that, he went on to lead Vanguard's Six Sigma program, then moved again to manage Vanguard's high-net-worth business before moving back to IT. "Never say no to an opportunity because you feel scared or under-ready or not ready. Take the leap, because you're going to learn a tremendous amount," says Marcante. "It's a personal philosophy that I try to pass on to other people."


How OpenStack Storage fits in the larger open source OpenStack picture
In this interview, Ashish Nadkarni, a research director in the storage systems practice at Framingham, Mass.-based International Data Corp., explains how Swift, Cinder and an upcoming file-based OpenStack storage service fit into the overall OpenStack plan. Nadkarni also discussed the potential benefits and disadvantages of the OpenStack approach and how third-party storage vendors are working to integrate their products with theOpenStack platform. He cautioned that commercial vendors could put the open source project at risk with their attempts to promote their own hardware and concentrate on their own agendas.


Eight Politically Incorrect Statements About Innovation
I asked myself a different question today: What do I believe about innovation but simply avoid saying to be politically incorrect? What am I not saying? At the risk of being labeled a curmudgeon I’ve decided to state some things I believe to be true about innovation which may offend. Innovation is difficult and it doesn’t happen enough because of these eight impediments, so, this needs said.


Why Your Change Needs a Word of Mouth Strategy
According to a study by Ernst & Young, “People trust their friends and family much more than they trust corporate marketing media. Peer recommendations—not paid-for advertising, whether on social media platforms or in print—are what count.” The report emphasizes that, while personal recommendations have always mattered, their value is increasing. The study stated that the “social consumer” no longer shares their viewpoints with just a close circle. They share good or bad retail experiences online, where they are seen—and passed on—by countless friends of friends.


Weapons of mass data destruction
There's more to IT security than protecting the valuable data an enterprise obtains, uses and stores. How you dispose of it when the hardware it’s sitting on reaches end-of-life should be a major concern too. These days, only a fool thinks clicking 'delete' is enough to wipe data from a hard drive or that a quick disk reformat will do the trick. Smashing the drives with a hammer isn’t a smart move either. So how should the enterprise tackle this problem, and what are the best weapons of data destruction? IT Pro has been investigating.


Quote for the day:

 "In matters of style, swim with the current; In matters of principle, stand like a rock" -- Thomas Jefferson
Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)