IT news Portal Site - www.newsgroupworld.com

Recession continues in IT

webmaster — Sat, 28 Jan 2012 10:42:16 -0700

Lockheed Martin Corp. expects sales in its IT division to continue downward in 2012 as it did in 2011, during which net sales decreased by 5 percent.

Sales in the companys Information Systems and Global Solutions (IS&GS) segment decreased $92 million, or 3 percent, during the forth quarter, which ended Dec. 31, compared to the last quarter of 2010. It also declined by $540 million, or 5 percent, for all of 2011, compared to the previous year, according to financial figures released Jan. 26.

Overall though, the business segment was hit by the fiscal pressures the government is under, which keep agencies from spending as much on IT products and services in 2011. Executives expect the segment's annual operating margins in 2012 to be similar to the annual 2011 figures.

Recession drags on

webmaster — Fri, 20 Jan 2012 11:06:30 -0700

IT spending by banks will grow to $173.3 billion this year, up just 2.8% over 2011 and well short of an earlier forecast that pegged growth at 4.3% in 2012, according to research firm Celent. In fact, IT spending in banking is expected to be weak over the next couple of years.

IT Job Market Employment Trends

In a new report, Celent said the tumultuous state of the banking industry since 2009 continues to affect tech spending. For instance, when Celent published its report on worldwide banking last year, it appeared that a turnaround had begun. "This is no longer the case; there is still plenty of uncertainty," Celent stated.

Security is still an issue

webmaster — Sun, 08 Jan 2012 15:36:39 -0700

Executives are getting targeted by "whale phishing" attacks - malicious e-mails and Web sites designed to coerce them into giving up valuable personal and business data. How are you going to protect your top managers? And while you are thinking scary thoughts, have you taken adequate steps to protect all your employees from the aggressive and adaptive Storm worm, which exploits e-mail and Web 2.0 vulnerabilities to propagate spam-churning malware across business networks? And do you have measures in place to prevent staff from accidentally "leaking" sensitive customer data in e-mails, a crucial element of compliance with PCI, HIPAA, and global privacy regulations? What need to know information about whale phishing, the Storm worm, and e-mail leakage, plus details on a cutting-edge solution that can protect your staff, executives and data from all three are you missing?

What Information Do You Need to Implement a Complete Security Plan?

webmaster — Sun, 08 Jan 2012 15:33:50 -0700

Execurives are getting targeted by "whale phishing" attacks - malicious e-mails and Web sites designed to coerce them into giving up valuable personal and business data. How are you going to protect your top managers? And while you are thinking scary thoughts, have you taken adequate steps to protect all your employees from the aggressive and adaptive Storm worm, which exploits e-mail and Web 2.0 vulnerabilities to propagate spam-churning malware across business networks? And do you have measures in place to prevent staff from accidentally "leaking" sensitive customer data in e-mails, a crucial element of compliance with PCI, HIPAA, and global privacy regulations? What need to know information about whale phishing, the Storm worm, and e-mail leakage, plus details on a cutting-edge solution that can protect your staff, executives and data from all three are you missing?

Downtime is a lost opportunity

webmaster — Fri, 16 Dec 2011 16:00:56 -0700

Downtime, whether planned or unplanned, often translates into lost opportunities and increased costs - and for many enterprises today, any amount of downtime is unacceptable.

Having an effective recovery strategy and a set of coherent disaster recovery plans is essential to helping avoid downtime during a crisis. The need for enhanced quality, efficiency, and predictability for disaster recovery and business continuity has increased significantly, highlighting the necessity of a well-defined set of recovery plans and regular testing. However, as the required scope of critical processes, production applications, and enterprise demands increases, sustaining the timeliness and effectiveness of a recovery plan can become increasingly difficult.

For most organizations, disaster recovery is extremely labor intensive, often requiring the manual coordination of hundreds of recovery tasks. So although the importance of having an effective disaster recovery plan is clear, organizations often find it difficult to achieve the level of protection they need.

IT Pros are reluctant to change companies

webmaster — Sat, 05 Nov 2011 16:24:16 -0700

Many IT workers are staying put at their current jobs due to a combination of lingering economic concerns and improving conditions at work.

In a survey of 500 IT pros, a staffing firm found the vast majority (89 percent) are currently happy with their jobs. Nearly two-thirds (64 percent) said they intend to stay with their current employer, and 25 percent said they'd only leave if the right opportunity came along. Just 11 percent are unhappy with their current position, which includes 4 percent of respondents who are actively searching for a new job.

Part of the reason IT pros are staying put is caution. Employees are nervous about unemployment levels, an unstable economy, and the possibility of a double-dip recession. Marketplace paranoia is keeping people where they are.

In addition, companies are working hard to keep their current IT teams intact. A lot of employers are creating environments that are hard to leave. Perks such as the opportunity to telecommute, flexible schedules, and onsite daycare are helping with retention efforts. They've made it endearing so that people think twice about moving on to something else.

Security driven by how enterprise governs the process

webmaster — Thu, 27 Oct 2011 10:23:35 -0700

How many of the recent, high-profile data breaches at blue-chip companies could have been prevented with better governance? While corporate governance is common practice, often obligatory, in many aspects of business, governance is not always present in information security. Yet it plays a vital role in reducing risk and speeding response.

When the information security function adopts governance, it raises its game, engaging with senior management and other corporate governance functions. This not only minimises information risk and reputational damage, it also delivers continuing added value from information technology.

New technologies are constantly increasing the complexity of business information, while more sophisticated technology and processes are needed to manage it. Furthermore, that information is simultaneously more critical to the business and more susceptible to attack or abuse.

Information security governance enables the direction and oversight of information security-related activities across an enterprise, as an integrated part of corporate governance. It shows customers, business partners, shareholders and regulators that information is being protected according to industry best practice. It provides the agility to deal with incidents quickly and effectively, and enables better management of all of information security activities decreasing the chances of headline-grabbing incidents.

Remote Branch Offices are a Disaster Recovery Business Continuity Risk

webmaster — Sun, 16 Oct 2011 14:25:33 -0700

Distributed data at remote and branch offices (ROBOs) continues to grow substantially year after year. Leaving this data unprotected or inadequately protected poses, serious business risks for organizations. Protection approaches require careful consideration as factors such as technical complexity, capital and operational costs, and expertise of personnel must be taken into account.

Local disk-based data protection strategies improve backup efficiency and reliability over tape-based ones. Consolidation of edge data to the core data center may introduce further efficiencies. Data de-duplication can drive both backup-to-disk and consolidation adoption.

Security as a concept is out-dated

webmaster — Mon, 10 Oct 2011 04:20:42 -0700

The current focus on complying with the myriad of assurance frameworks is taking focus away from the obligations placed on organizations to identify and manage the risks to their information assets; which, in turn, places an inordinate and inappropriate burden on external service providers to satisfy the concerns of organizations with no common terms of reference.

While security in the cloud services environment is clearly a concern for many IT security professionals, there is still a lack of assurance within the external supply chain as whole.

The message on security is getting through to businesses, there is no consistent language to determine whether the service provider will operate the controls to a level that assures the client that their risks are managed appropriately. This proves that the current security mindset is little more than managing risks to achieving compliance rather than empowering organizations to understand the controls required to manage the risks to their information.

All organizations on both sides of the public/private sector divide, have an explicit obligation under law to ensure that personal and corporate information is managed in a safe manner.

The current compliance overload over the past four or five years has led to an inordinate focus on managing risks to compliance rather than understanding the risks to information - and this focus has meant that we look to overuse of technical controls to show due diligence to ensure that when a breach occurs, that penalties will not be levied; it is not designed to reduce the likelihood of breaches themselves.

This approach is unsustainable, as it does not look to the implementation of the controls and fails to address the business risk management issue that exists in most organizations. This is turn has no more benefit to the business than placing money in the shredder.

The current lack of corporate information governance in today's businesses will soon result in increased penalties. This proves that the current focus on compliance risk management as we know it is nearing an end, and something else is required to assist organizations to understand and manage the risks to their information going forward.

Future Evolution of Technology

webmaster — Sat, 01 Oct 2011 10:15:47 -0700

During the next two to three years there will be a continued advancement in web-based technology that will ease integration and facilitate integrated enterprise content management (ECM) and business process management (BPM) and analytics into business infrastructure software applications.

Key business dynamics could alter this progress. Include the possibility of double-dip recession in the United States and European countries, continuous credit and derivative losses that threaten business expansion. These developments would cause many business to reduce their total IT spending budgets and make lower-cost, lower-automation system improvements. Business will, however, continue strategic cost reduction initiatives that drive ITO and BPO spending.

A number of technologies are generating interest but little spending or are early in their growth cycle. For example, research and development for mobile business infrastructure applications is accelerating although spending on mobile is still very low compared with spending on other distribution channels. The continued growth of the installed base of mobile devices will eventually create "network effects" that accelerate adoption beyond mobile status information into more customer relationship management applications.

Social media and peer-to-peer (P2P) transactions and IT spending are in their infancy. The combination of social media with P2P transactions could spur P2P application development.

Necessary Steps in Developing a Disaster Recovery Business Continuity Plan That Works

webmaster — Mon, 12 Sep 2011 09:19:00 -0700

The process of developing a disater recovery & buisness conintuity plan requires that you:

Provide management with a comprehensive understanding of the total effort required to develop and maintain an effective recovery plan;
Obtain commitment from appropriate management to support and participate in the effort;
Define recovery requirements from the perspective of business functions;
Document the impact of an extended loss to operations and key business functions;
Focus appropriately on disaster prevention and impact minimization, as well as orderly recovery;
Select project teams that ensure the proper balance required for plan development;
Develope a contingency plan that is understandable, easy to use and easy to maintain; and
Define how contingency planning considerations must be integrated into ongoing business planning and system development processes in order for the plan to remain viable over time.

Mobility Risks

webmaster — Thu, 08 Sep 2011 05:11:40 -0700

Indirect costs associated with security breaches are often far greater than the direct costs of mitigating damages. Beyond costs of data remediation and possible fines for compliance rule violations, security breaches can cost companies their competitive advantage. They can embarrass companies or key people in those companies, creating bad publicity and legal problems.

They can cause a loss of customer and partner confidence. Ultimately security breaches can damage a companys brand and its ability to do business. As mobility becomes a more important part of routine operations, companies who are developing a mobility strategy must address the issue of mobile security. To do that, its important to understand the vulnerabilities.

There are four areas of vulnerability in mobile business operations:

Lost or stolen devices
Unauthorized data access
Risks arising from combining personal and work use in one device
Gaps in device management and policy enforcement

CIOs role in controlling cost over runs

webmaster — Mon, 05 Sep 2011 08:42:26 -0700

CIOs need to take more notice of low-probability, but high-impact risks, and to consider whether they have the expertise for the project. Managers also need to consider software compatibility and other existing or predicted economic factors that might affect their company's ability to handle delays in the project and increased costs.

IT projects on average are 27 percent over budget and take 55 percent longer to complete than originally planned, researchers from the University of Oxford's Said Business School. Researchers analyzed 1,471 global projects where the organization had revamped its information technology systems within the last 10 years. The projects were worth a total of $245 billion, and on average cost $170 million.

After comparing their budgets and estimated performance benefits with actual costs and results, researchers found that project managers were not taking into account unpredictable events when planning IT projects. Instead, they focused on the average performance of previous projects. When the projects spiraled out of control, both the careers of the managers and the future of the organization were at risk, the researchers found.

Email and electronic communication best practices

webmaster — Sun, 14 Aug 2011 15:22:07 -0700

Rules that you should follow if you want to be respected as a professional email user include:

Re-read you email before you send it. You need to remember that when a person other than your self reads the email they will always put it in their context
Do not use email to say no, argue, criticize or deliver bad news. Pick up the phone to deliver the information face to face.
Be frugal and send only email that is necessary. If you do that it will be more likely your messages will be read. Dont copy others unless they really need to read it.
Don't expect others to decipher what you mean by reviewing an entire email thread. Just because you are on the go doesnt mean you should expect others to piece together whats being requested.
Keep work-related email coming and going from your work account only. Having a single address makes it easy for people to find your messages. And it will prevent business messages from getting tangled with your personal email and perhaps neglected as a result.
Don't use your current work email to send resumes to prospective employers. Also, avoid using overly personal email handles when job hunting, such as wildman@------.com. Not everyone will appreciate your sense of humor and your email address will stay with you a long time. What do you think your next employer will think about you when they see it?
Try to respond to all messages within 24 hours, but don't say you'll reply with a more detailed response at a later date unless you really intend to follow through. If youre in consecutive meetings or away from the office, put an out-of-office message on so people arent left wondering when youll get back to them.
In your subject line explain what you want - never leave it blank: Do you need someone to review or approve something, or is the message simply an FYI? In the message itself, get to the point and use bullets, which are easier to scan than large blocks of text.
Avoid bright colors, odd fonts or extra-long signature lines. Some people find these distracting or just plain annoying. Include your personal or business links to social and professional networking sites when appropriate.
Do not send out email with a mega-attachment. They might never reach its recipient, and if it does, it could overload the inbox. Consider zipping the file or utilizing a service that allows you to transmit large files over the Internet. (Be sure to check your companys IT policy first.)
Do not tag email as important unless absolutely necessary. Is it really urgent or are you simply feeling impatient? Resist the temptation to flag your messages with a big red exclamation point when theyre really not that time sensitive. The result of doing so constantly? People simply will stop paying attention.
Do not automaticaly reply to all, and double-check your response before doing so. Bad "Reply to All" threads run rampant throughout organizations.
Always review the distribution list when sending a sensitive message. Many a message has erroneously been sent to the wrong person with disastrous consequences.

CIOs are challenged with educating corporate executives

webmaster — Fri, 05 Aug 2011 14:03:39 -0700

In typical organization, CIOs deal with top-level executives who want to get the most out of the technology in their workplace. The only trouble is, in many cases, those executives do not know the limitations that govern your position nor how the CIO and IT department have to put together all the many working parts to get your company ready to go with its IT.

A survey conducted by a vendor of identity management and security management solutions, found that senior business executives dont fully understand the true nature of IT's role in the workplace. They also appear to have no clue about how much power IT professionals have when it comes to data access.

Disaster Plan is key to business survival

webmaster — Wed, 20 Jul 2011 04:56:51 -0700

The risks of poor disaster recovery (DR) planning can be catastrophic. It has been estimated that between 60-90 percent of small and medium-sized companies (less than 1000 employees) without proactive DR plans find themselves out of business within 24 months of experiencing a major disaster.

It has been found that only 6 percent of mid-sized companies that suffer catastrophic data loss survive 43 percent never reopen, and 51 percent close within two years of the disaster. Implementation of a reliable DR strategy has traditionally been expensive and overly complex, largely because of equipment and networking requirements along with costly replication csoftware licenses As a result, many small and medium businesses (SMBs) were required to make difficult compromises, such as limiting disaster coverage only to critical applications, employing manual recovery processes on dissimilar equipment, or simply backing up to tape and hoping they will have access to working backups when needed.

Many companies are therefore forced into operating their businesses with insufficient protection in terms of application coverage, acceptable downtime and reliability of recovery.

Disaster Plan - Yes or No

webmaster — Tue, 12 Jul 2011 16:22:02 -0700

In many businesses, disaster recovery plans (DRPs) are often inadequate or outdated and in small to mid-sized businesses the situation is even worse: only a relatively small percentage have any form of plan. Why do so many businesses have such a lackadaisical approach to disaster recovery planning? Probably because it is a long and complicated process that ties up key personnel, can be costly to produce, and will change over time so it has a limited shelf life. And why spend time producing a document that may well never be needed? But any business that does not create a DRP is gambling that disasters will not strike and gambling with the livelihood of its employees and with the investments of shareholders and stakeholders.

Gartner, a leading research and advisory company, 40% of businesses that encounter a disaster close their doors within the following five years. For the 60% that do survive, the expenses that result from a loss of continuity can be significant.

According to Janco Associates, an International Disaster Recovery - Business Continuity consultancy the most common form of enterprise wide disaster is related to power outages. Janco has found that in disaster recovery and business continuity cases it has reviewed the following is true:

Over one third companies take more than a day to recover from a major power outage caused by events like hurricanes and extensive disasters.
Over eleven percent of companies take more than a week to recover from these events.
The typical time to reconfigure a network that has not been planned for can take up to 72 hours - if the resources are available.
Data that is lost (not backup up electronically) can take weeks to re-enter if there is paper trail and if there is none the data can be lost forever.
Over 85 percent of companies that experience a computer disaster and do not have a Disaster Recovery - Business Continuity Plan go out of business within 18 months.

Service management is more complex in today WiFi environment

webmaster — Wed, 06 Jul 2011 08:02:41 -0700

Service Management is no longer a one-to-one proposition. The multiple channels through which we interact with users, both internal and external, has grown not only in number, but also in complexity. At the same time, economic pressure has created an atmosphere of "do more with less."

This tension places unexpected demands on a IT organization. Besides the simple volume, there's the need to normalize the information that supports the various departments - marketing, customer service, sales, operations and design. There has to be a single version of the truth. And, sometimes, some variations of the truth. And that's hard to achieve.

Post Disaster Assessment - Questions to Ask

webmaster — Sat, 18 Jun 2011 07:15:05 -0700

After the disaster occurs what are the questions that need to be asked to assess the impact of a disaster on a business from both a financial and physical (infrastructure) perspective:

How many/much of the organization's resources could be lost?
What are the total costs?
What efforts are required to rebuild?
How long will it take to recover?
What is the impact on the overall organization?
How are customers affected, what is the impact on them?
How much will it affect the share price and market confidence?

Energy security is next risk to focus on

webmaster — Sun, 05 Jun 2011 10:06:39 -0700

Disaster recovery is dependant on energy security

Research that evaluates worldwide energy security, has identified the G7 economies of France, Germany, Italy, Japan, UK and USA as being at high risk in the short-term, while China and countries from the oil producing MENA region are highlighted as facing increasing challenges in the future.

Risk analysis and mapping firm Maplecroft has undertaken the study of short-term and long-term energy security to highlight the risks to countries as they strive to secure stable energy supplies in a time of geopolitical upheaval, dwindling traditional resources and a transition to a low carbon world.

The Energy Security (short-term) Index has been developed to identify the countries most vulnerable to shocks in energy supplies and price fluctuations in the international market on timescale of days to months. It assesses immediate risks to the availability, affordability and continuity of energy supplies in 196 countries by evaluating energy imports, diversity of supplies, import security and energy costs.

Only three countries, Sierra Leone (1), Gambia (2) and Guinea Bissau (3), are categorised as extreme risk in the short-term index. However, a further 122 nations are rated high risk, including the G7 economies of Italy (13), Japan (73), UK (90), Germany (104), France (107) and the USA (112).

New Business Continiuity Findngs from AT&T

webmaster — Thu, 02 Jun 2011 09:50:13 -0700

Evolutions in technology and recovering IT budgets have enabled businesses to investigate new means for maintaining critical operations in the face of natural or manmade disasters.

Eight out of ten (80 percent) executives indicate that their companies will be investing in new technologies in 2011, up from 72 percent in 2010.
A majority (54 percent) of organizations surveyed currently use or are considering using cloud services to augment their business continuity and disaster recovery strategies.
Use of mobile devices plays a role in 78 percent of business continuity plans.
Most companies (80 percent) have systems in place that enable employees to work from home or remote locations, representing an increase of 14 percentage points in the past four years.

The security implications of social networking remain a concern for IT executives, even as their companies begin to integrate these tools into their business strategies.

Three out of four (79 percent) of executives expressed concerns about the increased usage of social networking capabilities.
More than half (56 percent) of companies allow employees to access social networking tools such as Facebook, LinkedIn, Twitter, and YouTube from the corporate network.
Two-thirds (67 percent) of businesses use social media to communicate with customers and stakeholders or to monitor for relevant news and chatter.

Mobility and wireless capabilities carry weight in business continuity planning as well as day-to-day operations for many companies.

Six out of ten (64 percent) organizations include wireless network capabilities as part of their business continuity plan.
More than a third (38 percent) of companies plan to invest in mobile applications during 2011.
Most companies (81 percent) allow employees to access work emails on their personal smartphones.
Eight out of ten (82 percent) of executives are concerned about the potential impact of mobile device usage on security threats.

Five percent of Windows PCs are infected with malware

webmaster — Sun, 29 May 2011 15:39:41 -0700

One in every 20 Windows PCs whose users turned to Microsoft for cleanup help were infected with malware, Microsoft said.

Microsoft cited that statistic and others from data generated by its new Safety Scanner, a free malware scanning and scrubbing tool that it re-launched.

The 420,000 copies of the tool that were downloaded in the first week of its availability cleaned malware or signs of exploitation from more than 20,000 Windows PCs, Microsoft's Malware Protection Center (MMPC) reported. That represented an infection rate of 4.8%.

On average, each of the infected PCs hosted 3.5 threats, which Microsoft defined as either actual malware or clues that a successful attack had been launched against the machine.

That finding backs up a recent Microsoft security intelligence report that noted a huge spike in Java-based exploits in the second half of 2010, when the number tracked by Microsoft jumped to nearly 13 million from around 1 million in the first six months of that year.

Microsoft blamed exploits of just two vulnerabilities in Oracle's Java for generating 85% of all Java attacks in the second half of 2010. Not surprising, those same two vulnerabilities ranked No. 1 and No. 6 in the Safety Scanner top 10.

Disposing of old computer often is not green and is high risk

webmaster — Thu, 19 May 2011 16:30:25 -0700

Disposing of old PCs is a high risk proposition, and too often the executives responsible for protecting data and risk management - CIOs and CFOs - are left out of the disposition process. Mid-level managers, some of whom arent involved with IT, may simply be shopping for the lowest-cost provider. This approach could present environmental dangers, shoddy documentation and government fines or court judgments. Additionally, there is the risk that important data might fall into the wrong hands.

With increasing corporate interest in green computing, more companies today are conscious of the need to recycle computer components and to ensure that hazardous materials are kept out of the water and soil.

Best practices state that organizations demand recyclers document their disposal procedures in detail. While there is greater awareness of green computing, companies also face the challenge of complying with government and industry regulations for data protection and destruction.

No business wants to be the next to see headlines shouting their name in connection with pollution, loss of customer data to thieves or unaudited destruction of internal communications. In addition to potential fines, such companies face the threat of public embarrassment and damage to their reputation. Proper asset recovery not only protects the company from losses, it shows partners and regulators that the organization uses due diligence in its recovery efforts.

Scope of Disaster Planning is expanding as world events escalate

webmaster — Sat, 14 May 2011 06:35:47 -0700

Disaster Planning scope continues to expand. The volcanic ash air travel crisis caught many by surprise but in hindsight it was a predictable outcome of an event which was almost inevitable. What other such outliers are there? Continuity Central believes that using the huge experience of our global readership of business continuity managers many of these can be identified in advance.

If you add terroist attacks at infrastructure that can cause widespread environmental damage like the oil rig explosion in the gulf, the events to be considered are almost infinate.

A Yellowstone eruption, which would be a super volcand, would make the ash problems from the Icelandic volcano look like a minor event. It would impact the entire US except Calfinoria. According to the Yellowstone Volcano Observatory the last supervolcanic eruption occurred 74,000 years ago at the Toba Caldera in Sumatra, Indonesia. Other known supervolcanoes around the world, include Long Valley in eastern California, Toba in Indonesia, and Taupo in New Zealand. In addition other potential supervolcanoes include large caldera volcanoes of Japan, Indonesia, and South America.

Buillies in the workplace

webmaster — Wed, 04 May 2011 10:09:49 -0700

Many workers say bullying is a part of office culture, according to a survey from CareerBuilder. We are not talking about wedgies in the breakroom, but non-physical behavior. Think of the quick-tempered boss who screams at staffers in front of colleagues, or the credit-swiping co-worker, or the nasty looks and dismissive remarks intended to make one feel uncomfortable.

Nearly half of those targeted say fighting back (with words, that is) proves more effective than going to HR. Either way, its a topic that needs to be taken seriously. "Bullying is a serious offense that can disrupt the work environment, impact morale and lower productivity," said a CareerBuilder's VP of HR. "If you are feeling bullied, keep track of what was said or done and who was present. The more specifics you can provide, the stronger the case you can make for yourself when confronting the bully head-on or reporting the bully to a company authority."