IT news Portal Site - www.newsgroupworld.com

Recession continues in IT

webmaster — Sat, 28 Jan 2012 10:42:16 -0700

Lockheed Martin Corp. expects sales in its IT division to continue downward in 2012 as it did in 2011, during which net sales decreased by 5 percent.

Sales in the companys Information Systems and Global Solutions (IS&GS) segment decreased $92 million, or 3 percent, during the forth quarter, which ended Dec. 31, compared to the last quarter of 2010. It also declined by $540 million, or 5 percent, for all of 2011, compared to the previous year, according to financial figures released Jan. 26.

Overall though, the business segment was hit by the fiscal pressures the government is under, which keep agencies from spending as much on IT products and services in 2011. Executives expect the segment's annual operating margins in 2012 to be similar to the annual 2011 figures.

Recession drags on

webmaster — Fri, 20 Jan 2012 11:06:30 -0700

IT spending by banks will grow to $173.3 billion this year, up just 2.8% over 2011 and well short of an earlier forecast that pegged growth at 4.3% in 2012, according to research firm Celent. In fact, IT spending in banking is expected to be weak over the next couple of years.

IT Job Market Employment Trends

In a new report, Celent said the tumultuous state of the banking industry since 2009 continues to affect tech spending. For instance, when Celent published its report on worldwide banking last year, it appeared that a turnaround had begun. "This is no longer the case; there is still plenty of uncertainty," Celent stated.

Security is still an issue

webmaster — Sun, 08 Jan 2012 15:36:39 -0700

Executives are getting targeted by "whale phishing" attacks - malicious e-mails and Web sites designed to coerce them into giving up valuable personal and business data. How are you going to protect your top managers? And while you are thinking scary thoughts, have you taken adequate steps to protect all your employees from the aggressive and adaptive Storm worm, which exploits e-mail and Web 2.0 vulnerabilities to propagate spam-churning malware across business networks? And do you have measures in place to prevent staff from accidentally "leaking" sensitive customer data in e-mails, a crucial element of compliance with PCI, HIPAA, and global privacy regulations? What need to know information about whale phishing, the Storm worm, and e-mail leakage, plus details on a cutting-edge solution that can protect your staff, executives and data from all three are you missing?

What Information Do You Need to Implement a Complete Security Plan?

webmaster — Sun, 08 Jan 2012 15:33:50 -0700

Execurives are getting targeted by "whale phishing" attacks - malicious e-mails and Web sites designed to coerce them into giving up valuable personal and business data. How are you going to protect your top managers? And while you are thinking scary thoughts, have you taken adequate steps to protect all your employees from the aggressive and adaptive Storm worm, which exploits e-mail and Web 2.0 vulnerabilities to propagate spam-churning malware across business networks? And do you have measures in place to prevent staff from accidentally "leaking" sensitive customer data in e-mails, a crucial element of compliance with PCI, HIPAA, and global privacy regulations? What need to know information about whale phishing, the Storm worm, and e-mail leakage, plus details on a cutting-edge solution that can protect your staff, executives and data from all three are you missing?

Downtime is a lost opportunity

webmaster — Fri, 16 Dec 2011 16:00:56 -0700

Downtime, whether planned or unplanned, often translates into lost opportunities and increased costs - and for many enterprises today, any amount of downtime is unacceptable.

Having an effective recovery strategy and a set of coherent disaster recovery plans is essential to helping avoid downtime during a crisis. The need for enhanced quality, efficiency, and predictability for disaster recovery and business continuity has increased significantly, highlighting the necessity of a well-defined set of recovery plans and regular testing. However, as the required scope of critical processes, production applications, and enterprise demands increases, sustaining the timeliness and effectiveness of a recovery plan can become increasingly difficult.

For most organizations, disaster recovery is extremely labor intensive, often requiring the manual coordination of hundreds of recovery tasks. So although the importance of having an effective disaster recovery plan is clear, organizations often find it difficult to achieve the level of protection they need.

IT Pros are reluctant to change companies

webmaster — Sat, 05 Nov 2011 16:24:16 -0700

Many IT workers are staying put at their current jobs due to a combination of lingering economic concerns and improving conditions at work.

In a survey of 500 IT pros, a staffing firm found the vast majority (89 percent) are currently happy with their jobs. Nearly two-thirds (64 percent) said they intend to stay with their current employer, and 25 percent said they'd only leave if the right opportunity came along. Just 11 percent are unhappy with their current position, which includes 4 percent of respondents who are actively searching for a new job.

Part of the reason IT pros are staying put is caution. Employees are nervous about unemployment levels, an unstable economy, and the possibility of a double-dip recession. Marketplace paranoia is keeping people where they are.

In addition, companies are working hard to keep their current IT teams intact. A lot of employers are creating environments that are hard to leave. Perks such as the opportunity to telecommute, flexible schedules, and onsite daycare are helping with retention efforts. They've made it endearing so that people think twice about moving on to something else.

Security driven by how enterprise governs the process

webmaster — Thu, 27 Oct 2011 10:23:35 -0700

How many of the recent, high-profile data breaches at blue-chip companies could have been prevented with better governance? While corporate governance is common practice, often obligatory, in many aspects of business, governance is not always present in information security. Yet it plays a vital role in reducing risk and speeding response.

When the information security function adopts governance, it raises its game, engaging with senior management and other corporate governance functions. This not only minimises information risk and reputational damage, it also delivers continuing added value from information technology.

New technologies are constantly increasing the complexity of business information, while more sophisticated technology and processes are needed to manage it. Furthermore, that information is simultaneously more critical to the business and more susceptible to attack or abuse.

Information security governance enables the direction and oversight of information security-related activities across an enterprise, as an integrated part of corporate governance. It shows customers, business partners, shareholders and regulators that information is being protected according to industry best practice. It provides the agility to deal with incidents quickly and effectively, and enables better management of all of information security activities decreasing the chances of headline-grabbing incidents.

Remote Branch Offices are a Disaster Recovery Business Continuity Risk

webmaster — Sun, 16 Oct 2011 14:25:33 -0700

Distributed data at remote and branch offices (ROBOs) continues to grow substantially year after year. Leaving this data unprotected or inadequately protected poses, serious business risks for organizations. Protection approaches require careful consideration as factors such as technical complexity, capital and operational costs, and expertise of personnel must be taken into account.

Local disk-based data protection strategies improve backup efficiency and reliability over tape-based ones. Consolidation of edge data to the core data center may introduce further efficiencies. Data de-duplication can drive both backup-to-disk and consolidation adoption.

Security as a concept is out-dated

webmaster — Mon, 10 Oct 2011 04:20:42 -0700

The current focus on complying with the myriad of assurance frameworks is taking focus away from the obligations placed on organizations to identify and manage the risks to their information assets; which, in turn, places an inordinate and inappropriate burden on external service providers to satisfy the concerns of organizations with no common terms of reference.

While security in the cloud services environment is clearly a concern for many IT security professionals, there is still a lack of assurance within the external supply chain as whole.

The message on security is getting through to businesses, there is no consistent language to determine whether the service provider will operate the controls to a level that assures the client that their risks are managed appropriately. This proves that the current security mindset is little more than managing risks to achieving compliance rather than empowering organizations to understand the controls required to manage the risks to their information.

All organizations on both sides of the public/private sector divide, have an explicit obligation under law to ensure that personal and corporate information is managed in a safe manner.

The current compliance overload over the past four or five years has led to an inordinate focus on managing risks to compliance rather than understanding the risks to information - and this focus has meant that we look to overuse of technical controls to show due diligence to ensure that when a breach occurs, that penalties will not be levied; it is not designed to reduce the likelihood of breaches themselves.

This approach is unsustainable, as it does not look to the implementation of the controls and fails to address the business risk management issue that exists in most organizations. This is turn has no more benefit to the business than placing money in the shredder.

The current lack of corporate information governance in today's businesses will soon result in increased penalties. This proves that the current focus on compliance risk management as we know it is nearing an end, and something else is required to assist organizations to understand and manage the risks to their information going forward.

Future Evolution of Technology

webmaster — Sat, 01 Oct 2011 10:15:47 -0700

During the next two to three years there will be a continued advancement in web-based technology that will ease integration and facilitate integrated enterprise content management (ECM) and business process management (BPM) and analytics into business infrastructure software applications.

Key business dynamics could alter this progress. Include the possibility of double-dip recession in the United States and European countries, continuous credit and derivative losses that threaten business expansion. These developments would cause many business to reduce their total IT spending budgets and make lower-cost, lower-automation system improvements. Business will, however, continue strategic cost reduction initiatives that drive ITO and BPO spending.

A number of technologies are generating interest but little spending or are early in their growth cycle. For example, research and development for mobile business infrastructure applications is accelerating although spending on mobile is still very low compared with spending on other distribution channels. The continued growth of the installed base of mobile devices will eventually create "network effects" that accelerate adoption beyond mobile status information into more customer relationship management applications.

Social media and peer-to-peer (P2P) transactions and IT spending are in their infancy. The combination of social media with P2P transactions could spur P2P application development.

Necessary Steps in Developing a Disaster Recovery Business Continuity Plan That Works

webmaster — Mon, 12 Sep 2011 09:19:00 -0700

The process of developing a disater recovery & buisness conintuity plan requires that you:

Provide management with a comprehensive understanding of the total effort required to develop and maintain an effective recovery plan;
Obtain commitment from appropriate management to support and participate in the effort;
Define recovery requirements from the perspective of business functions;
Document the impact of an extended loss to operations and key business functions;
Focus appropriately on disaster prevention and impact minimization, as well as orderly recovery;
Select project teams that ensure the proper balance required for plan development;
Develope a contingency plan that is understandable, easy to use and easy to maintain; and
Define how contingency planning considerations must be integrated into ongoing business planning and system development processes in order for the plan to remain viable over time.

Mobility Risks

webmaster — Thu, 08 Sep 2011 05:11:40 -0700

Indirect costs associated with security breaches are often far greater than the direct costs of mitigating damages. Beyond costs of data remediation and possible fines for compliance rule violations, security breaches can cost companies their competitive advantage. They can embarrass companies or key people in those companies, creating bad publicity and legal problems.

They can cause a loss of customer and partner confidence. Ultimately security breaches can damage a companys brand and its ability to do business. As mobility becomes a more important part of routine operations, companies who are developing a mobility strategy must address the issue of mobile security. To do that, its important to understand the vulnerabilities.

There are four areas of vulnerability in mobile business operations:

Lost or stolen devices
Unauthorized data access
Risks arising from combining personal and work use in one device
Gaps in device management and policy enforcement

CIOs role in controlling cost over runs

webmaster — Mon, 05 Sep 2011 08:42:26 -0700

CIOs need to take more notice of low-probability, but high-impact risks, and to consider whether they have the expertise for the project. Managers also need to consider software compatibility and other existing or predicted economic factors that might affect their company's ability to handle delays in the project and increased costs.

IT projects on average are 27 percent over budget and take 55 percent longer to complete than originally planned, researchers from the University of Oxford's Said Business School. Researchers analyzed 1,471 global projects where the organization had revamped its information technology systems within the last 10 years. The projects were worth a total of $245 billion, and on average cost $170 million.

After comparing their budgets and estimated performance benefits with actual costs and results, researchers found that project managers were not taking into account unpredictable events when planning IT projects. Instead, they focused on the average performance of previous projects. When the projects spiraled out of control, both the careers of the managers and the future of the organization were at risk, the researchers found.

Email and electronic communication best practices

webmaster — Sun, 14 Aug 2011 15:22:07 -0700

Rules that you should follow if you want to be respected as a professional email user include:

Re-read you email before you send it. You need to remember that when a person other than your self reads the email they will always put it in their context
Do not use email to say no, argue, criticize or deliver bad news. Pick up the phone to deliver the information face to face.
Be frugal and send only email that is necessary. If you do that it will be more likely your messages will be read. Dont copy others unless they really need to read it.
Don't expect others to decipher what you mean by reviewing an entire email thread. Just because you are on the go doesnt mean you should expect others to piece together whats being requested.
Keep work-related email coming and going from your work account only. Having a single address makes it easy for people to find your messages. And it will prevent business messages from getting tangled with your personal email and perhaps neglected as a result.
Don't use your current work email to send resumes to prospective employers. Also, avoid using overly personal email handles when job hunting, such as wildman@------.com. Not everyone will appreciate your sense of humor and your email address will stay with you a long time. What do you think your next employer will think about you when they see it?
Try to respond to all messages within 24 hours, but don't say you'll reply with a more detailed response at a later date unless you really intend to follow through. If youre in consecutive meetings or away from the office, put an out-of-office message on so people arent left wondering when youll get back to them.
In your subject line explain what you want - never leave it blank: Do you need someone to review or approve something, or is the message simply an FYI? In the message itself, get to the point and use bullets, which are easier to scan than large blocks of text.
Avoid bright colors, odd fonts or extra-long signature lines. Some people find these distracting or just plain annoying. Include your personal or business links to social and professional networking sites when appropriate.
Do not send out email with a mega-attachment. They might never reach its recipient, and if it does, it could overload the inbox. Consider zipping the file or utilizing a service that allows you to transmit large files over the Internet. (Be sure to check your companys IT policy first.)
Do not tag email as important unless absolutely necessary. Is it really urgent or are you simply feeling impatient? Resist the temptation to flag your messages with a big red exclamation point when theyre really not that time sensitive. The result of doing so constantly? People simply will stop paying attention.
Do not automaticaly reply to all, and double-check your response before doing so. Bad "Reply to All" threads run rampant throughout organizations.
Always review the distribution list when sending a sensitive message. Many a message has erroneously been sent to the wrong person with disastrous consequences.

CIOs are challenged with educating corporate executives

webmaster — Fri, 05 Aug 2011 14:03:39 -0700

In typical organization, CIOs deal with top-level executives who want to get the most out of the technology in their workplace. The only trouble is, in many cases, those executives do not know the limitations that govern your position nor how the CIO and IT department have to put together all the many working parts to get your company ready to go with its IT.

A survey conducted by a vendor of identity management and security management solutions, found that senior business executives dont fully understand the true nature of IT's role in the workplace. They also appear to have no clue about how much power IT professionals have when it comes to data access.

Disaster Plan is key to business survival

webmaster — Wed, 20 Jul 2011 04:56:51 -0700

The risks of poor disaster recovery (DR) planning can be catastrophic. It has been estimated that between 60-90 percent of small and medium-sized companies (less than 1000 employees) without proactive DR plans find themselves out of business within 24 months of experiencing a major disaster.

It has been found that only 6 percent of mid-sized companies that suffer catastrophic data loss survive 43 percent never reopen, and 51 percent close within two years of the disaster. Implementation of a reliable DR strategy has traditionally been expensive and overly complex, largely because of equipment and networking requirements along with costly replication csoftware licenses As a result, many small and medium businesses (SMBs) were required to make difficult compromises, such as limiting disaster coverage only to critical applications, employing manual recovery processes on dissimilar equipment, or simply backing up to tape and hoping they will have access to working backups when needed.

Many companies are therefore forced into operating their businesses with insufficient protection in terms of application coverage, acceptable downtime and reliability of recovery.

Disaster Plan - Yes or No

webmaster — Tue, 12 Jul 2011 16:22:02 -0700

In many businesses, disaster recovery plans (DRPs) are often inadequate or outdated and in small to mid-sized businesses the situation is even worse: only a relatively small percentage have any form of plan. Why do so many businesses have such a lackadaisical approach to disaster recovery planning? Probably because it is a long and complicated process that ties up key personnel, can be costly to produce, and will change over time so it has a limited shelf life. And why spend time producing a document that may well never be needed? But any business that does not create a DRP is gambling that disasters will not strike and gambling with the livelihood of its employees and with the investments of shareholders and stakeholders.

Gartner, a leading research and advisory company, 40% of businesses that encounter a disaster close their doors within the following five years. For the 60% that do survive, the expenses that result from a loss of continuity can be significant.

According to Janco Associates, an International Disaster Recovery - Business Continuity consultancy the most common form of enterprise wide disaster is related to power outages. Janco has found that in disaster recovery and business continuity cases it has reviewed the following is true:

Over one third companies take more than a day to recover from a major power outage caused by events like hurricanes and extensive disasters.
Over eleven percent of companies take more than a week to recover from these events.
The typical time to reconfigure a network that has not been planned for can take up to 72 hours - if the resources are available.
Data that is lost (not backup up electronically) can take weeks to re-enter if there is paper trail and if there is none the data can be lost forever.
Over 85 percent of companies that experience a computer disaster and do not have a Disaster Recovery - Business Continuity Plan go out of business within 18 months.

Service management is more complex in today WiFi environment

webmaster — Wed, 06 Jul 2011 08:02:41 -0700

Service Management is no longer a one-to-one proposition. The multiple channels through which we interact with users, both internal and external, has grown not only in number, but also in complexity. At the same time, economic pressure has created an atmosphere of "do more with less."

This tension places unexpected demands on a IT organization. Besides the simple volume, there's the need to normalize the information that supports the various departments - marketing, customer service, sales, operations and design. There has to be a single version of the truth. And, sometimes, some variations of the truth. And that's hard to achieve.

Post Disaster Assessment - Questions to Ask

webmaster — Sat, 18 Jun 2011 07:15:05 -0700

After the disaster occurs what are the questions that need to be asked to assess the impact of a disaster on a business from both a financial and physical (infrastructure) perspective:

How many/much of the organization's resources could be lost?
What are the total costs?
What efforts are required to rebuild?
How long will it take to recover?
What is the impact on the overall organization?
How are customers affected, what is the impact on them?
How much will it affect the share price and market confidence?

Energy security is next risk to focus on

webmaster — Sun, 05 Jun 2011 10:06:39 -0700

Disaster recovery is dependant on energy security

Research that evaluates worldwide energy security, has identified the G7 economies of France, Germany, Italy, Japan, UK and USA as being at high risk in the short-term, while China and countries from the oil producing MENA region are highlighted as facing increasing challenges in the future.

Risk analysis and mapping firm Maplecroft has undertaken the study of short-term and long-term energy security to highlight the risks to countries as they strive to secure stable energy supplies in a time of geopolitical upheaval, dwindling traditional resources and a transition to a low carbon world.

The Energy Security (short-term) Index has been developed to identify the countries most vulnerable to shocks in energy supplies and price fluctuations in the international market on timescale of days to months. It assesses immediate risks to the availability, affordability and continuity of energy supplies in 196 countries by evaluating energy imports, diversity of supplies, import security and energy costs.

Only three countries, Sierra Leone (1), Gambia (2) and Guinea Bissau (3), are categorised as extreme risk in the short-term index. However, a further 122 nations are rated high risk, including the G7 economies of Italy (13), Japan (73), UK (90), Germany (104), France (107) and the USA (112).

New Business Continiuity Findngs from AT&T

webmaster — Thu, 02 Jun 2011 09:50:13 -0700

Evolutions in technology and recovering IT budgets have enabled businesses to investigate new means for maintaining critical operations in the face of natural or manmade disasters.

Eight out of ten (80 percent) executives indicate that their companies will be investing in new technologies in 2011, up from 72 percent in 2010.
A majority (54 percent) of organizations surveyed currently use or are considering using cloud services to augment their business continuity and disaster recovery strategies.
Use of mobile devices plays a role in 78 percent of business continuity plans.
Most companies (80 percent) have systems in place that enable employees to work from home or remote locations, representing an increase of 14 percentage points in the past four years.

The security implications of social networking remain a concern for IT executives, even as their companies begin to integrate these tools into their business strategies.

Three out of four (79 percent) of executives expressed concerns about the increased usage of social networking capabilities.
More than half (56 percent) of companies allow employees to access social networking tools such as Facebook, LinkedIn, Twitter, and YouTube from the corporate network.
Two-thirds (67 percent) of businesses use social media to communicate with customers and stakeholders or to monitor for relevant news and chatter.

Mobility and wireless capabilities carry weight in business continuity planning as well as day-to-day operations for many companies.

Six out of ten (64 percent) organizations include wireless network capabilities as part of their business continuity plan.
More than a third (38 percent) of companies plan to invest in mobile applications during 2011.
Most companies (81 percent) allow employees to access work emails on their personal smartphones.
Eight out of ten (82 percent) of executives are concerned about the potential impact of mobile device usage on security threats.

Five percent of Windows PCs are infected with malware

webmaster — Sun, 29 May 2011 15:39:41 -0700

One in every 20 Windows PCs whose users turned to Microsoft for cleanup help were infected with malware, Microsoft said.

Microsoft cited that statistic and others from data generated by its new Safety Scanner, a free malware scanning and scrubbing tool that it re-launched.

The 420,000 copies of the tool that were downloaded in the first week of its availability cleaned malware or signs of exploitation from more than 20,000 Windows PCs, Microsoft's Malware Protection Center (MMPC) reported. That represented an infection rate of 4.8%.

On average, each of the infected PCs hosted 3.5 threats, which Microsoft defined as either actual malware or clues that a successful attack had been launched against the machine.

That finding backs up a recent Microsoft security intelligence report that noted a huge spike in Java-based exploits in the second half of 2010, when the number tracked by Microsoft jumped to nearly 13 million from around 1 million in the first six months of that year.

Microsoft blamed exploits of just two vulnerabilities in Oracle's Java for generating 85% of all Java attacks in the second half of 2010. Not surprising, those same two vulnerabilities ranked No. 1 and No. 6 in the Safety Scanner top 10.

Disposing of old computer often is not green and is high risk

webmaster — Thu, 19 May 2011 16:30:25 -0700

Disposing of old PCs is a high risk proposition, and too often the executives responsible for protecting data and risk management - CIOs and CFOs - are left out of the disposition process. Mid-level managers, some of whom arent involved with IT, may simply be shopping for the lowest-cost provider. This approach could present environmental dangers, shoddy documentation and government fines or court judgments. Additionally, there is the risk that important data might fall into the wrong hands.

With increasing corporate interest in green computing, more companies today are conscious of the need to recycle computer components and to ensure that hazardous materials are kept out of the water and soil.

Best practices state that organizations demand recyclers document their disposal procedures in detail. While there is greater awareness of green computing, companies also face the challenge of complying with government and industry regulations for data protection and destruction.

No business wants to be the next to see headlines shouting their name in connection with pollution, loss of customer data to thieves or unaudited destruction of internal communications. In addition to potential fines, such companies face the threat of public embarrassment and damage to their reputation. Proper asset recovery not only protects the company from losses, it shows partners and regulators that the organization uses due diligence in its recovery efforts.

Scope of Disaster Planning is expanding as world events escalate

webmaster — Sat, 14 May 2011 06:35:47 -0700

Disaster Planning scope continues to expand. The volcanic ash air travel crisis caught many by surprise but in hindsight it was a predictable outcome of an event which was almost inevitable. What other such outliers are there? Continuity Central believes that using the huge experience of our global readership of business continuity managers many of these can be identified in advance.

If you add terroist attacks at infrastructure that can cause widespread environmental damage like the oil rig explosion in the gulf, the events to be considered are almost infinate.

A Yellowstone eruption, which would be a super volcand, would make the ash problems from the Icelandic volcano look like a minor event. It would impact the entire US except Calfinoria. According to the Yellowstone Volcano Observatory the last supervolcanic eruption occurred 74,000 years ago at the Toba Caldera in Sumatra, Indonesia. Other known supervolcanoes around the world, include Long Valley in eastern California, Toba in Indonesia, and Taupo in New Zealand. In addition other potential supervolcanoes include large caldera volcanoes of Japan, Indonesia, and South America.

Buillies in the workplace

webmaster — Wed, 04 May 2011 10:09:49 -0700

Many workers say bullying is a part of office culture, according to a survey from CareerBuilder. We are not talking about wedgies in the breakroom, but non-physical behavior. Think of the quick-tempered boss who screams at staffers in front of colleagues, or the credit-swiping co-worker, or the nasty looks and dismissive remarks intended to make one feel uncomfortable.

Nearly half of those targeted say fighting back (with words, that is) proves more effective than going to HR. Either way, its a topic that needs to be taken seriously. "Bullying is a serious offense that can disrupt the work environment, impact morale and lower productivity," said a CareerBuilder's VP of HR. "If you are feeling bullied, keep track of what was said or done and who was present. The more specifics you can provide, the stronger the case you can make for yourself when confronting the bully head-on or reporting the bully to a company authority."

IT Pros begin to look for new jobs

webmaster — Fri, 29 Apr 2011 09:10:06 -0700

Employers beware - your workers are confident that they can find jobs elsewhere, and turnover rates may be about to increase. A survey shows growing confidence about the job market, even as companies continue to squeeze their people on compensation. This should put employers on alert.

We're seeing early warning signs that employment churn will rise, which will be another disruptive and costly outcome of the recession for those who don't prepare. Now is the time for employers to reassess their perspective on the pay and development needs of their employees. The numbers show differing levels of confidence among various gender, age and even marital-status categories.

Branch office security issues

webmaster — Mon, 25 Apr 2011 09:23:28 -0700

Typically branch offices are small anddo not have on-site IT staff available to support users if something goes wrong. The emphasis has to be on how the central IT department can provide this support and security. However, the amount of time that can be spent on this activity could start to have a serious impact on productivity and costs if not carefully planned. For the central IT team, committing human resources to a new office installation or upgrade can be very expensive, especially when dealing with multiple offices at separate locations.

When dealing with branch offices, being able to configure and manage security systems centrally, without having to put an engineer on site for several days, provides a far better return on investment and much lower costs. Pre-configuring each system at the head office is one approach, but in most cases adjustments must be made on-site. This leads to a different configuration in each location, which makes it hard to keep track. Dedicated solutions for central management exist, but are expensive and often very complex.

AT&T takeover of T-Mobile will cost US Jobs

webmaster — Wed, 06 Apr 2011 08:39:16 -0700

AT&T's proposed acquisition of competitor T-Mobile would leave the U.S. wireless market with only two major playersVerizon, which would be bumped from top dog to second fiddle, being the otherand would have serious effects on American consumers, American jobs and the dispersal of American dollars, according to a member of the Federal Communications Commission.

The AT&T deal would also give a lot of power, a lot of influence, to one company in a market where two companies would control nearly 80 percent of the nation's wireless spectrum. Before approving such a deal it will be important to understand what impact it would have on American jobs. Additionally, were AT&T to pay T-Mobile parent company Deutsche Telekom $39 billion, there is a question of how much money would be sent overseas to support telecommunications abroad, instead of in the United States.

Smaller firms impacted by market conditions

webmaster — Wed, 23 Mar 2011 14:11:05 -0700

Another sign of the difficulty small firms are having is the number of publicly traded companies in the United States continues to fall, according to new data supplied by Grant Thornton. At the end of February there were 5,091 companies listed on major U.S. exchanges, a 2% drop from 5,179 companies at the end of 2009 and a 42% decline from the peak of 8,823 in 1997. (The numbers include foreign firms listing in the United States.) "U.S. listings have decreased every single year since 1997 with no rebound at all," says a senior adviser to Grant Thornton.

The key elements of business continuity management defined

webmaster — Wed, 09 Mar 2011 04:02:20 -0700

Writing and testing a disaster recovery plan is one of the key elements of business continuity management. Traditionally business continuity and disaster recovery (DR) planning have always been separated between the business and the information technology department. It has long been recognised that this divide creates more problems than it solves, after all most businesses could not continue to operate successfully if their IT services were unavailable for a period of time, depending on the nature of your business this may well range from a few hours to several days. The recent launch of BS25999 has established a business continuity management (BCM) standard which intrinsically links BCM, incident management, and IT DR. Essentially the key message is to have true business continuity you must also have strong IT DR capability.

A disaster recovery plan should interface with the overall business continuity management plan, be clear and concise, focus on the key activities required to recover the critical IT services, be tested reviewed and updated on a regular basis, have an owner, and enable the recovery objectives to be met.

China is Building a Super Cloud City

webmaster — Sat, 12 Feb 2011 23:17:21 -0700

China is building a super-sized data complex with that will rival entire cities.

Government officials have allotted 6.2 million square feet in the countrys Hebei Province to the project, which includes 646,000 square feet for a data center that will be Asias largest. IBM has signed on to partner with China-based Range Technologies to build the data center to be completed in 2016. The complex will also feature office buildings and perhaps some residential homes.

The move is a sign that the far east nation is stepping up efforts to grow its IT infrastructure to meet a surging demand for cloud computing and other data services. Chinese investment in data centers have tripled from four years ago and the country has already surpassed Japan as our number-two data center building customer.

Cloud computing is an easy way to go greeen

webmaster — Sat, 29 Jan 2011 16:52:09 -0700

There is more to going green than just social incentive: making your IT infrastructure more environmentally friendly can reduce your enterprise's cost, by:

Replacing hardware components with a cloud system reduces energy costs of running hardware and maintaining climate control and also reduces carbon dioxide emissions.
There are tax and power company incentives to going green.
Consolidating data in the cloud means more efficient management of data centers, which means cost-savings.
Green IT is composed of several technologies that all have the goal of reducing power consumption and overall datacenter footprint, consolidating locations and resources, and improving efficiency of operations.
Site consolidation to the cloud provides a flexible and efficient platform that reduces power consumption. Consolidation usually means migrating physical servers to virtual machines, which need not be a complicated or expensive undertaking. Real-time and live migration products take the pain out of migrating to a new infrastructure. When consolidating infrastructures, consider your disaster recovery plan and your ability to protect your architecture from failure.
Consolidated environments optimize power and cooling requirements. They require less energy than would be necessary to power and cool an entire room of physical servers. They use a high-density power and cooling solution designed specifically for a smaller, more efficient virtualized environment. These solutions keep the dense architecture at an optimal temperature without cooling the entire data center.
Cloud computing can reduce the number of servers in your data center, which may reduce your costs. If you would typically host your transactional Web server farms or commerce applications, you can use the cloud to provide those services instead. The cloud frees smaller SMB companies from the burden of a data center, while larger corporations are using the cloud to host less-critical or lower-tiered applications to further reduce their datacenter footprint. Using the cloud can enhance backup and recovery capabilities and reduce the costs typically associated with tape.

What Does Disaster Recovery and Business Continuity Mean

webmaster — Wed, 19 Jan 2011 05:36:17 -0700

The IT industry continues to add emphasis and focus to Disaster Recovery and Business Continuity Planning. While the concept has been around for many years, Disaster Recovery has a different connotation today. As business technology and software applications have advanced, Disaster Recovery has come to mean more than simply the ability to get your systems back online after a power outage. Companies are now expected to recover from unforeseen disasters, and retrieve contracts, memos, invoices, signatures and all other critical documents with minimal interruption.

There is little doubt of the importance of an effective backup plan if a natural or man-made disaster destroys your business records. Many companies, however, still have yet to implement a Disaster Recovery plan, believing that the chance of it happening to them is too slim.

The reality is that an organization may declare a disaster for a number of reasons, including:

Extreme weather conditions
Prolonged power or communications failure
Robbery or other criminal activity
Civil unrest
Terrorist acts

Disaster Plan In China

webmaster — Wed, 22 Dec 2010 17:37:46 -0700

Natural disasters occur frequently in China, affecting more than 200 million people every year. In 1998, the direct economic loss exceeded 300 billion RMB. Natural disasters have become an important restricting factor for economic and social development. The Chinese government devotes great attention to disaster reduction and has achieved significant results through efforts over 40 years. In China, the study of disasters has entered a phase of rapid development since the mid to late 1980s and has resulted in some important achievements.

The theoretical study and practice of reaction to natural disasters has many problems, and there is a large gap in comparison with the level of disaster emergency management of developed countries. For example:

Work on government emergency management is primitive, and inconsistent with theoretical studies and technology. The management level of different governmental organizations is not balanced.
Propaganda and education on disaster emergencies are insufficient.
The level of theory and practice for various classes of disaster is different.
The management of natural disaster emergencies is different in various regions. The level of study and management in regions with relative developed economies or frequent occurrence of disasters is higher than that in regions with relatively undeveloped economies.
There is no comprehensive law for manage disaster reduction across the whole country.

Email archiving is a critical business requirement mandated by law

webmaster — Tue, 07 Dec 2010 14:43:29 -0700

Email is the lifeblood of virtually any organization that uses it: users spend an average of 152 minutes on a typical workday using email (more than attending in-person meetings and talking on the phone combined). They send and receive more than 120 emails each day, and the majority of the content they need is tied up in email1.

In addition to the quite serious impositions on storage and bandwidth imposed by everincreasing volumes of spam, there are the much more serious threats that can expose corporate data to unauthorized parties, resulting in substantial financial losses, violations of the law, loss of reputation, and other increasingly serious consequences. Further, because email contains a growing proportion of corporate business records and other important content, organizations of all sizes must preserve this content through the deployment of appropriate archiving technologies.

While security and archiving are absolutely necessary, they are also quite expensive to deploy and maintain. On-premise security and archiving systems themselves can be expensive to deploy, but they are generally much more expensive to maintain using in-house IT staff. Further, IT staff that are responsible for maintaining these systems are not available to manage other systems that can enable a strategic advantage over their competitors - particularly important during periods of economic downturn.

Records Management is hard work

webmaster — Tue, 26 Oct 2010 14:09:00 -0700

Records Management - The ever growing amount of business records and the increasing regulatory requirements require sound strategies for policy enforcement. There is often a disconnect in many companies within the organizational structure and the infrastructure used to manage all that content.

Different parts of the organization use one set of disposition policies while others use their own set of retention rules. This disconnect can lead to content being deleted too soon, resulting in fines and sanctions when key business records cannot be produced for litigation or regulatory review. Or sometimes worse, damaging records are found under discovery that might have been destroyed if a sound records management process had been used to enforce organization-wide retention policies and "hold" orders. The cost can be enormous, not just from a legal standpoint, but from a loss of reputation, stockholder confidence, and even lost revenue standpoint if, for example, a proof of delivery cannot be found to support an invoice.

Partnerka

webmaster — Wed, 06 Oct 2010 14:54:27 -0700

"Partnerka" is a Russian term referring to complex networks of affiliates, all linked by a common desire to make money from the internet. These groups are well organized, dominated by individuals from Russia and the former Russian states, and responsible for a very high proportion of spam campaigns and malware attacks.

The biggest area of partnerka activity is in online pharmacies promoted through spam and search engine optimization (SEO), selling illegal, off-prescription and often unsafe pharmaceuticals. The Canadian Pharmacy group is one of the best known partnerka.
Partnerka affiliate networks operate businesses focused on all the main underworld money-makers. However, many scareware fake anti-virus scams are run by partnerka organizations, as are many counterfeit goods sites selling fake Rolexes and other high-end merchandise, online casinos (a favorite method for laundering money), adult sites and even dating sites.
Cash is made directly from sales of fake or illegal goods, and from complex affiliations with pay-per-click or pay-per-install marketing firms, which in turn get paid by often legitimate companies hoping to drive traffic from their own sites.
Cash also moves around inside the partnerka network, as spammers hire botnets, phishers sell data to carders who process and leverage stolen credit card details, and malware creators sell Trojans and tools, such as automated systems for spamming forums or building websites for SEO manipulation.
SophosLabs presented groundbreaking research on the scale and breadth of Partnerka activity at the 2009 Virus Bulletin conference. Data revealed that a single Canadian Pharmacy spam campaign can net 200 purchases, or $16,000 in revenues, per day, while a successful affiliate webmaster redirecting 10,000 hits per day to a single scareware site can earn up to $180,000 in a year.

Secrutiy Risks Continue to Increase

webmaster — Fri, 01 Oct 2010 14:07:50 -0700

Every employee or contactor that uses e-mail and the Internet is a security risk. They may become a leak, either purposely or more commonly - inadvertently. A worker who was passed up for a raise or laid off may, share some embarrassing information with the press or forward sensitive plans to a competitor.

Many employees do not take safe data handling practices to heart. They copy work files onto USB drives or portable hard drives, or even e-mail them to their personal accounts for retrieval from home. This sort of routine activity can place sensitive data at risk, especially considering how easy it is for a small USB key, a smart phone, or a laptop to be misplaced or stolen.

Even instant messaging exchanges can be used to sneak files or secrets to outsiders. Employees often retain their 'buddy lists' as they move from one department to another or from one employer to the next. Colleagues who IM one another every day could be working for competing firms and a careless response to "what are you working on lately?" can be disastrous.

Many hack attempts use social engineering to infiltrate corporate networks. An e-mail that seems to be from your IT admin and requests your login info seems harmless enough, until the hacker at the other end gains entry. The issue is one of education and awareness, and unsuspecting employees become, in essence, potential threats.

DRP - Business Continuity Template Update Service Is A Must

webmaster — Thu, 23 Sep 2010 10:01:08 -0700

The Disaster Recovery / Business Continuity Template version 5.4 has just been released. Janco contiues to update its templates to meet the ever changing requirements of the business environment.

Janco provides and update service for all of its templates which guarantees its clients have the all of the information they need to meet mandated requirements.

With this new version a fully indexed PDF copy of the template is now provided in addition to the two versions of WORD (2003 and 2007).

The updates to the template included:

Added Pandemic Coordinator job description
Added Business Pandemic Planning Checklist
Updated organization chart to include Pandemic Coordinator
Updated backup and backup retention section
Updated style sheet to be CSS Style sheet format
Added Disaster Recovery Business Continuity General Distribution Information
- What to do after an explosion / terrorist attack
- How to clean up after a disaster
Defined generic metrics for DR/BC success
Business & IT Impact Analysis Questionnaire Updated
Updated references to DRP card
Updated formatting to meet WORD 2007 requirements

The version history for updates to template can be seen at http://www.e-janco.com/drpversion.htm and the full Table of Contents with sample pages can be downloaded at http://www.e-janco.com/Register_drp.asp .

Touch screens are a security risk according to U of Penn

webmaster — Fri, 13 Aug 2010 10:50:39 -0700

A University of Pennsylvania researcher presented a paper at the Usenix conference analyzing "Smudge Attacks on Smartphone Touch Screens."

Based on his results, "the practice of entering sensitive information via touchscreens needs careful analysis," said the researchers. "The Android password pattern, in particular, should be strengthened." But they cautioned that any touchscreen device, including ATMs, voting machines, and PIN entry devices in retail stores, could be susceptible to smudge attacks.

Touchscreens, of course, are an increasingly common feature of mobile computing devices. According to one market research firm, 363 million touchscreen mobile devices will be sold in 2010, an increase of 97% over last year's sales. But are passwords entered via touchscreens secure?