IT Security

Continuity Central – For disaster recovery, there are better options than secondary data centers.

Disaster recovery is a headache that every IT department has suffered and in this arena, as in so many others, the cloud offers a better choice, says Laz Vekiarides. In fact, not only is a secondary data center for DR no longer needed, it’s actually no longer a sustainable option…

The days of the secondary data center / centre are numbered, and that is a good thing for the enterprises that have struggled to build them, fund them and maintain them solely for disaster recovery purposes. When on-premises disaster recovery was the only option, IT teams had no choice but to grit their teeth and take on the cost and resource burdens of physical secondary data centers. Today, though, the growing cloud adoption rate and availability of cloud-forward co-location providers have transformed the data center world. One result: the industry has more efficient and cost-effective choices, including hybrid cloud DR.

Key questions to ask before moving DR to the cloud
Nothing is easy in IT, and no data center leader should believe promises about quick or simple transformations from on-prem secondary data centers to cloud or hybrid models.

InfoWorld – Serverless cloud computing: Don’t go overboard

The new cry from the big public cloud providers is ‘serverless computing for everything.’ Don’t be fooled

There are lots of big cloud shows coming up, and the core themes will be containers, devops integration, and more serverless computing services, such as databases, middleware, and dev tools.

Why the focus on serverless computing? It’s a helpful concept, where you don’t have to think about the number of resources you need to attach to a public cloud service, such as storage and compute. You just use the service, and the back-end server instances are managed for you: “magically” provisioned, used, and deprovisioned.

More of the InfoWorld article from David Linthicum

Business continuity / CIO Strategy / IT Governance / IT Leadership / IT Security / Risk Management — Comments Off
22
Oct 18

Information Week – Why IT Should Care About Legal Holds

When it’s time to preserve company data and communications relating to pending legal matters, the IT and legal groups have to work together.
When litigation looms, a corporation has a duty to identify and preserve relevant documents and other data that may be important to the legal matter. The goal is to avoid the intentional or inadvertent destruction of relevant evidence that might be used at trial. This process is called a “legal hold.”

While a legal hold sounds like it falls squarely into the realm of the legal department, lawyers rely heavily on IT to execute many of the activities associated with a legal hold. This puts a burden on IT and can put legal, IT or the organization at risk if legal obligations aren’t met

More of the Information Week article from John Tredennick

CIO Strategy / Cloud Computing / Cloud infrastructure / DevOps / Digital Transformation / IaaS / IT Governance / IT Leadership / IT Security / IT Staff Retention / IT Strategy — Comments Off
19
Oct 18

CloudTech – How multi-cloud business models will shape the future

Architects of the future build optimal businesses. In an automated, security conscious world, organisations must rethink their cloud strategies, embed security into application development, and embrace new work practices to stay relevant. Now is the time to plan your journey.

Shaping the future
Experts agree that, over the next five years, the multi-cloud world will be the playground for innovation, allowing organisations to launch new services and enhance advanced technologies.

A recent Foresight Factory report entitled, The Future of the Multi-Cloud (FOMC) sponsored by F5, reveals how the pace of digital transformation is already dramatically disrupting existing business models.

More of the Cloud Computing News article from Tristan Liverpool

Get Better / IT Security / Risk Management — Comments Off
18
Oct 18

Fast Company – Seriously, stop using these 25 terrible passwords

With news that hackers can now crack pacemakers and voting machines, it’s hard not to be a little concerned about internet security. The best line of defense, of course, is a strong password, and frankly, if you still use “password” as your password at this point, you kind of deserve to be hacked.

FrontNet has put together a list of the 25 worst passwords on the internet, and if you happen to recognize a few of them, it might be time to invest in a password management app to keep your online accounts secure–and make sure you never have to *shudder* think again.

More of the Fast Company article from Melissa Locker

IT Security / IT Strategy / Risk Management — Comments Off
11
Oct 18

Continuity Central – Redefining the definition of operational risk

The definition of operational risk varies but generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. However, I want to take a fresh look at this general definition and present what I believe operational risk should reflect, taking into account all the cyber security related risks that are currently plaguing organizations.

We know that operational risk exists in every organization and size does not matter. What matters however are two critical areas that need to be included in the operational risk definition:

Internal controls
User awareness.

Internal controls
We often see organizations of all sizes that have experienced intrusion or losses due to lack of (or failed oversight of) internal controls. Although various certifications exist that verify that all is in place, organizations are dynamic in nature and internal controls and processes change rapidly.

More of the Continuity Central article from Adesh Rampat

CIO Strategy / Digital Transformation / IT Governance / IT Leadership / IT Security / IT Staff Retention / IT Strategy — Comments Off
10
Oct 18

CIO.com – Making IT processes effective for the digital age

Does how IT runs itself matter to their firm’s digital transformation plan?

I have spent a lot of time in the #CIOChat discussing digital transformation. But can the IT organizational design and IT internal business processes impede digital transformation? Can IT, itself, become an obstacle to responding to the waves of digital disruption that are coming? This is the question that I recently asked CIOs.

Do IT processes get in the way?
CIOs say that poor processes and organizational misalignment can get in the way. They say both represent barriers to success when transformational work is built upon them. This, of course, is frequently the case and may explain why so many digital transformations fail.

More of the CIO.com article from Myles F Suer

Business continuity / Disaster Recovery / IT Security — Comments Off
03
Oct 18

Continuity Central – Five core questions to help boards understand their cyber risk

The UK National Cyber Security Centre (NCSC) says that Board members ‘need to get a little bit technical if they are to understand and manage the risks they face’ and has published a five-question checklist to assist.

NCSC also emphasises that boards cannot outsource their cyber security risks and need to understand what their technical staff are doing if they are to ‘prosper securely in the digital age’.

When launching the checklist, Ciaran Martin, chief executive of the NCSC, said:

“Cyber security is now a mainstream business risk. So corporate leaders need to understand what threats are out there, and what the most effective ways are of managing the risks.

“But to have the plain English, business focussed discussions at board level, board members need to get a little bit technical. They need to understand cyber risk in the same way they understand financial risk, or health and safety risk.

CIO.com – 8 CIO archetypes: What kind of IT leader are you?

From order taker to business leader, CIO responsibilities vary widely. Learn what role you currently play and how to break that mold in service of improved business value and career growth.

Global business disruption is quickening the evolutionary timeline of the CIO role. Market dynamicsare forcing IT leaders to extend beyond taking orders and delivering sustainable IT systems to massaging digital strategies and driving business outcomes.

More of the CIO.com slideshow from Clint Bouton

IT Security / IT Strategy — Comments Off
27
Sep 18

TechTarget – Too many tools hobble network management design

‘Measure twice, cut once’ doesn’t work for network management. It’s time for the industry to consider a new way to coordinate network management design tools.

Carpenters always remember one simple piece of advice when they are working on a job: Measure twice, cut once. It’s a little different in networking, though. In our industry, my advice is the following: Measure many times, but never cut.

Take your typical network. Ask five different administrators and outside consultants about the tools they use to determine how the network is performing or to troubleshoot problems, and you’ll get six different answers — maybe more — about their network management design strategies.

More of the TechTarget article from Russ White

Doug Theis Leave your comfort zone.