08
Aug 17

IT Business Edge – Second Quarter Reported DDoS Attacks Lasting Days, Not Minutes

What is your DDOS strategy?

What would you do if your company was hit with a DDoS attack that lasted 11 days? Perhaps a large organization could withstand that kind of outage, but it could be devastating to the SMB, especially if it relies on web traffic for business transactions.

That 11-day – 277 hours to be more exact – attack did happen in the second quarter of 2017. Kaspersky Lab said it was longest attack of the year, and 131 percent longer than the longest attack in the first quarter. And unfortunately, the company’s latest DDoS intelligence report said we should expect to see these long attacks more frequently, as they are coming back into fashion. This is not the news businesses want to hear.

More of the IT Business Edge post from Sue Marquette Poremba


04
Aug 17

CIO Insight – A Practical Alternative to Two-Speed IT (Part 2)

In part one of this series, we explored a pair of competing requests many modern IT leaders receive from their stakeholders:

We investigated one “buzzwordy” solution—two-speed IT—and how implementing this solution often creates more problems than it solves. We proposed an alternate five-step framework for handling these requests. In steps one and two of this framework, we revealed how the above two competing requests are old problems, best solved with an old, proven solution—and not buzzwords.

E-Signatures 201: Get the Details on Integration, Customization and Advanced Workflow Register
In part two of this series, we will walk you through the remaining steps in our practical framework and lead you down a path toward implementing this proven solution: the technology lifecycle.

Step 3: Think technology lifecycle, not “innovation” vs. “operations.”

To better understand why the good-on-paper “two-speed IT” approach often produces problems when implemented in the real world, look at Gartner’s two speeds (or modes) in which they shoehorn all technology systems and services:

Mode 1: Development projects related to core system maintenance, stability or efficiency. These require highly specialized programmers and traditional, slow-moving development cycles. There is little need for business involvement.

Mode 2: Development projects that help innovate or differentiate the business. These require a high degree of business involvement, fast turnaround and frequent updates. Mode 2 requires a rapid path (or IT fast lane) to transform business ideas into applications.

More of the CIO Insight post from Lee Reese


03
Aug 17

CIO Insight – Two-Speed IT: Juggling Competing Agendas (Part 1)

How can IT leaders juggle seemingly competing agendas: to meet the business’ demands for increased innovation, while cutting costs and slashing budgets?

With the ever-increasing interest in technology solutions, IT’s stakeholders are giving them two competing demands:
1. Produce new innovative, strategic technology-based capabilities.
2. Do so with reduced resources.

How can IT leaders step up to the plate and juggle these seemingly competing agendas: to meet the business’ demands for increased innovation, including new digital systems and services, all while cutting costs and slashing budgets?

Unleash Your DevOps Strategy by Synchronizing Application and Database Changes Register
One popular solution has emerged within IT thought leadership. Often called “two-speed IT,” this idea proposes that the IT organization does not attempt to resolve the tension between these two ideas. Instead, IT lumps all of its technology into one of two broad buckets: operational technology and innovative technology. Do this, and operations won’t slow down innovation, and expensive innovation investments won’t inflate operations’ budgets.

More of the CIO Insight post from Lee Reese


28
Jul 17

The Register – Healthcare dev fined $155 MEEELLION for lying about compliance

A health records software company will have to pay $155m to the US government to settle accusations it was lying about the data protection its products offered.

The Department of Justice said that eClinicalWorks (eCW), a Massachusetts-based software company specializing in electronic health records (EHR) management, lied to government regulators when applying to be certified for use by the US Department of Health and Human Services (HHS).

According to the DoJ, eCW and its executives lied to the HHS about the data protections its products use. At one point, it is alleged that the company configured the software specially to beat testing tools and trick the HHS into believing the products were far more robust and secure than they actually were.

More of The Register article from Shaun Nichols


20
Jul 17

HBR – The Board Directors You Need for a Digital Transformation

When the term digital transformation was first bandied about by consultants and business publications, its implications were more about keeping up and catching up than true transformation. Additionally, at first it was only applied to large, traditional organizations struggling, or experimenting, in an increasingly digital economy. But true digital transformation requires so much more. As evidenced by the recent Amazon acquisition of Whole Foods, we’re living in a new world.

Early transformation efforts were focused on initiatives: e-commerce, sensors/internet of things, applications, client and customer experience, and so on. Increasingly, our clients are coming to us as they realize that in order for these disparate initiatives to thrive, they need to undergo an end-to-end transformation, the success of which demands dramatic operational, structural, and cultural shifts.

More of the HBR post from Tuck Rickards and Rhys Grossman


12
Jul 17

Arthur Cole – When the Cloud Becomes Just Normal Infrastructure

Strange as it may seem, the cloud only holds about a fifth of the total enterprise workload, which means there is still time for the enterprise to suddenly decide that the risks are not worth the rewards and start pulling data and applications back to legacy infrastructure.

Unlikely as this is, it nonetheless points out the fact that there are still many unknowns when it comes to the cloud, particularly its ability to provide the lion’s share of data infrastructure in ways that are both cheaper and more amenable to enterprise objectives.

According to Morgan Stanley’s Brian Nowak, the cloud is nearing an inflection point at which it should start to show accelerated growth into the next decade.

More of the IT Business Edge post from Arthur Cole


11
Jul 17

Data Center Knowledge – How to End On-Call IT Burnout and Post-Traumatic Alert Fatigue

In so many ways IT operations has developed a military-style culture. If IT ops teams are not fighting fires they’re triaging application casualties. Tech engineers are the troubleshooters and problems solvers who hunker down in command centers and war rooms.

For the battle weary on-call staff who are regularly dragged out of bed in the middle of the night, having to constantly deal with flaky infrastructure and poorly designed applications carries a heavy personal toll. So, what are the signs an IT organization is engaged in bad on-call practices? Three obvious ones to consider include:

Support teams are overloaded – Any talk of continuous delivery counts for squat if systems are badly designed, hurriedly released and poorly tested.

More of the Data Center Knowledge post from Peter Waterhouse


07
Jul 17

Continuity Central – Organizational risks that you should definitely be acting on

It is easy for organizations to feel overwhelmed by the number and scale of the risks that are faced; but often the perception of the potential harm engendered by various risks is exaggerated. In this article Chris Butler lists the real risks that every organization needs to consider.

Did you know the world’s most dangerous animal is not a shark, or a bear, but is in fact a mosquito? What’s certain is that human perception of risk is notoriously flawed; often, the events that concern and outrage us the most are the least likely to happen.

From political and economic tremors to cyber threats, 2017 represents another minefield of risks for businesses. For organizations, forging a deepened understanding of both threats and risk factors is crucial for remaining robust, resilient, and most of all, ahead of the competition. Part of this involves separating the myths from reality. So, what then are the real risks to business today?

More of the Continuity Central article


06
Jul 17

TechTarget – Avoid steep network integration costs in multicloud

While a VPN is useful for multicloud networks, IT teams still need to be careful to avoid high traffic charges, as applications move from one provider to another.

One of the most important — and most complex — concepts in multicloud is network integration between public cloud providers. This model facilitates cross-cloud load balancing and failover but, without careful planning, can also lead to hefty network integration costs.

Nearly all enterprises have a virtual private network (VPN) that connects their sites, users, applications and data center resources. When they adopt cloud computing, they often expect to use that VPN to connect their public cloud resources as well. Many cloud providers have features to facilitate this, and even when they don’t, it’s usually possible to build VPN support into application images hosted in the cloud.

More of the TechTarget article from Tom Nolle


15
Jun 17

Continuity Central – Why business continuity managers need to trust ‘gut feel’

Agree or disagree?

Sometimes as a business continuity manager you have a feeling that a certain decision is the wrong one, despite qualitative and quantitative evidence pointing to the contrary. Dominic Irvine explains how research is starting to support the reliability of trusting your gut feeling…

Qualitative and quantitative evidence is sometimes used as a weapon to force decisions through when not everyone involved is convinced; in the face of charts, spreadsheets and PowerPoint decks, gut feel seems like a poor response, and yet what we are learning from research into exertion and fatigue, is that it is one of the most useful tools in our armoury of tests.

After the First World War, much work was done to find a way to measure fatigue but it was deemed such a subjective concept as to be impossible to develop any meaningful way of objectively measuring it. It was not possible to fathom out the complex interaction between emotional, physical and mental aspects of fatigue in a way that could be reliably and accurately counted. And yet, we all know the feeling of being fatigued and how tired we are.

More of the Continuity Central post