04
Oct 17

TechTarget – More users flub evals of colocation data center providers

Colocation data center buyers are needlessly captivated by impressive features at data centers that distract them from important decision-making information.

If enterprises want to make the right colocation decisions, they’ve got to ask better questions.

IT pros in search of a colocation data center for their IT gear today know what’s most important to them: price, physical security and uptime. But increasingly, enterprises ask vague, open-ended questions instead of pointed relevant questions to evaluate and choose a colocation data center provider.

Comparison of colocation data center capabilities is a boring problem solved with a simple recipe: Take the time to research and ask the most appropriate questions, said Peter Kraatz, the national portfolio director of consulting services at Datalink Corp., a data center services provider in Eden Prairie, Minn.

More of the TechTarget article from Robert Gates


29
Sep 17

Continuity Central – DNS attacks an increasing problem for public and education sector around the world

Councils, schools and government offices were among global public sector and education organizations hit badly by DNS attacks last year – with nearly half reporting dealing with the issue cost them hundreds of thousands of pounds.

One in five (19 percent) of public sector sites and 11 percent of education bodies affected by DNS attacks say sensitive information was stolen. A fifth (20 percent) of public sector and 12 percent of educational victims also think intellectual property data was lost, while 10 percent of schools and colleges affected say they needed to take more than one day to recover.

This is in the context of yearly average costs of DNS security breaches to be now running at £1.7m ($2.2m) for organizations globally, with malware (35 percent), DDoS (32 percent), Cache Poisoning (23 percent), DNS Tunnelling (22 percent) and Zero-Day Exploits (19 percent) as the main threats.

More of the Continuity Central post


28
Sep 17

Harvard Business Review – How Does Blockchain Work?

Blockchain is an emerging technology that gets lots of press in the technology journals. Harvard Business Review put together this whiteboard session on the technology called “How Does Blockchain Work?”

Harvard Business Review video


14
Sep 17

Data Center Knowledge – Multi-Cloud Is a Reality, Not a Strategy – Part 1

James Kelly is the Lead Cloud and SDN Expert at Juniper Networks.

So you’re doing cloud, and there is no sign of slowing down. Maybe your IT strategies are measured, maybe you’re following the wisdom of the crowd, maybe you’re under the gun, you’re impetuous or you’re oblivious. Maybe all of the above apply. In any case, like all businesses, you’ve realized that cloud is the vehicle for your newly dubbed software-defined enterprise: a definition carrying onerous, what I call, ‘daft pressures’ for harder, better, faster, stronger IT.

You may as well be solving the climate-change crisis because to have a fighting chance today, it feels like you have to do everything all at once.

More of the Data Center Knowledge post from James Kelly


14
Sep 17

ZDNet – Security Features Built into Cloud Services

Public cloud providers go to great lengths to secure their infrastructure, but organizations are still responsible to protect their apps and data. We look at Amazon Web Services and Microsoft Azure.

As we discussed in an earlier post [link to cloud fears entry], it’s a little late in the game to be wholly suspicious of cloud computing. However, there’s still a lot to talk about in terms of securing the cloud.

The security features offered by public cloud providers represent only a part of the shared responsibility model; the other part falls within your organization’s responsibility. For example, your public cloud provider may offer security groups for identity and access management (IAM) and firewalls that scan traffic on specific ports and to and from specific IP addresses.

More of the ZDNet article from Larry Seltzer


11
Sep 17

Continuity Central – Gartner publishes ‘Hype Cycle for Cloud Security in 2017’

The Gartner Hype Cycle for Cloud Security aims to help security professionals understand which emerging technologies are ready for mainstream use, and which are still years away from productive deployments for most organizations. The 2017 edition of the Hype Cycle for Cloud Security is now available and a summary is below.

“Security continues to be the most commonly cited reason for avoiding the use of public cloud,” said Jay Heiser, research vice president at Gartner. “Yet paradoxically, the organizations already using the public cloud consider security to be one of the primary benefits.”

The attack resistance of the majority of cloud service providers has not proven to be a major weakness so far, but customers of these services may not know how to use them securely.

“The Hype Cycle can help cybersecurity professionals identify the most important new mechanisms to help their organizations make controlled, compliant and economical use of the public cloud,” said Mr. Heiser.

More of the Continuity Central post


08
Aug 17

IT Business Edge – Second Quarter Reported DDoS Attacks Lasting Days, Not Minutes

What is your DDOS strategy?

What would you do if your company was hit with a DDoS attack that lasted 11 days? Perhaps a large organization could withstand that kind of outage, but it could be devastating to the SMB, especially if it relies on web traffic for business transactions.

That 11-day – 277 hours to be more exact – attack did happen in the second quarter of 2017. Kaspersky Lab said it was longest attack of the year, and 131 percent longer than the longest attack in the first quarter. And unfortunately, the company’s latest DDoS intelligence report said we should expect to see these long attacks more frequently, as they are coming back into fashion. This is not the news businesses want to hear.

More of the IT Business Edge post from Sue Marquette Poremba


04
Aug 17

CIO Insight – A Practical Alternative to Two-Speed IT (Part 2)

In part one of this series, we explored a pair of competing requests many modern IT leaders receive from their stakeholders:

We investigated one “buzzwordy” solution—two-speed IT—and how implementing this solution often creates more problems than it solves. We proposed an alternate five-step framework for handling these requests. In steps one and two of this framework, we revealed how the above two competing requests are old problems, best solved with an old, proven solution—and not buzzwords.

E-Signatures 201: Get the Details on Integration, Customization and Advanced Workflow Register
In part two of this series, we will walk you through the remaining steps in our practical framework and lead you down a path toward implementing this proven solution: the technology lifecycle.

Step 3: Think technology lifecycle, not “innovation” vs. “operations.”

To better understand why the good-on-paper “two-speed IT” approach often produces problems when implemented in the real world, look at Gartner’s two speeds (or modes) in which they shoehorn all technology systems and services:

Mode 1: Development projects related to core system maintenance, stability or efficiency. These require highly specialized programmers and traditional, slow-moving development cycles. There is little need for business involvement.

Mode 2: Development projects that help innovate or differentiate the business. These require a high degree of business involvement, fast turnaround and frequent updates. Mode 2 requires a rapid path (or IT fast lane) to transform business ideas into applications.

More of the CIO Insight post from Lee Reese


03
Aug 17

CIO Insight – Two-Speed IT: Juggling Competing Agendas (Part 1)

How can IT leaders juggle seemingly competing agendas: to meet the business’ demands for increased innovation, while cutting costs and slashing budgets?

With the ever-increasing interest in technology solutions, IT’s stakeholders are giving them two competing demands:
1. Produce new innovative, strategic technology-based capabilities.
2. Do so with reduced resources.

How can IT leaders step up to the plate and juggle these seemingly competing agendas: to meet the business’ demands for increased innovation, including new digital systems and services, all while cutting costs and slashing budgets?

Unleash Your DevOps Strategy by Synchronizing Application and Database Changes Register
One popular solution has emerged within IT thought leadership. Often called “two-speed IT,” this idea proposes that the IT organization does not attempt to resolve the tension between these two ideas. Instead, IT lumps all of its technology into one of two broad buckets: operational technology and innovative technology. Do this, and operations won’t slow down innovation, and expensive innovation investments won’t inflate operations’ budgets.

More of the CIO Insight post from Lee Reese


28
Jul 17

The Register – Healthcare dev fined $155 MEEELLION for lying about compliance

A health records software company will have to pay $155m to the US government to settle accusations it was lying about the data protection its products offered.

The Department of Justice said that eClinicalWorks (eCW), a Massachusetts-based software company specializing in electronic health records (EHR) management, lied to government regulators when applying to be certified for use by the US Department of Health and Human Services (HHS).

According to the DoJ, eCW and its executives lied to the HHS about the data protections its products use. At one point, it is alleged that the company configured the software specially to beat testing tools and trick the HHS into believing the products were far more robust and secure than they actually were.

More of The Register article from Shaun Nichols