STORAGE DOLLARS GO FURTHER

By M.S.Welles

Storage systems are dropping in price while offering more throughput per dollar. Midrange systems are now offering the type of sophisticated features that used to be found only in very high end systems.

Typically, storage systems are composed of three parts. These parts may be in one or separate boxes. The parts are logical and consist of a chassis that holds disks, a physical controller that interfaces the disks with a storage protocol, and a software management system.

Different options are available from different manufacturers. The current leaders in the mid-range storage systems are Dell, Compellent Storage Center, HP and Promise Technology.

Since needs differ, management will need to assess the storage system that best fits the needs of the company.

SOCIAL MEDIA OVERLOAD

By K.C.Bishoppe

When Alvin Toffler wrote about "shattering stress and disorientation that we induce in individuals by subjecting them to too much change in too short a time" in Future Shock he never imagined the growth of and exposure to social media with which today's employees would be dealing.

Toffler wrote his book over 40 years ago and it dealt with information overload at the time. The Internet didn't exist so employees didn't need to deal with email overload. Telephone messages, at the time, were generally taken by a switchboard or secretary and delivered to the recipient, and they were generally fewer than voicemail archives.

The workplace today is very different from the workplace of 40 years ago. Everyone gets thousands of email messages daily, and the more accounts you have, the more mail you receive. Voicemail stacks up the unanswered phone calls and keeps them on tap in both the office, the home and on the mobile phone until the recipient listens and decides on a response.

In short, everyone seems to be on information overload without social media. Then social media became the hot new information source and now people are barely surviving.

Social media exposes people to four types of information that were previously not available. First you have profiles that summarize online identities. With profiles come connections linking the individuals with others and sometimes linking together different people in the individual's network. Everyone seems to be publishing content online and the content can be personal words, photos and/or videos that have special significance for the individual and which they want their connections to see and enjoy. Finally, profiles contain information on activities that the individual is doing and exposing those activities and sometimes other participants, for viewers to see.

The major problem appears to be that we're not filtering the information so there's just too much to review and absorb. Unfortunately, people feel overwhelmed and don't know what to respond to or what to react to, even if they have the time and most people simply don't have the time.

Without meaning to delay their work or leave things undone, people find they simply can't get all of their work done and still respond to all of the social media requests and information that comes their way.

Some developers are working on new filters that can help manage the deluge of information. But other people are focusing on the visual and auditory skills that already exist in the individual. Their idea is to use visuals to improve explanation of business concepts and then use the same techniques for better interpretation of the profiles, connections, content and activities provided by social media so that we have a better understanding of how customers and their networks interact.

For more on this topic read Dave Gray (xplane.com) and Dan Roam (thebackofthenapkin.com), just two of many who are moving business in this direction.

HP OFFERS SECURITY IN A SINGLE BLADE

By D.E.Levine

Generally, in order to provide adequate security including firewalls, IPS and VPN, network and security managers have to incorporate separate standalone security appliances.

Besides being costly, separate appliances require separate maintenance and while customers frequently purchase appliances from the same vendor, sometimes they purchase them from different vendors and face incompatibility issues.

HP is now offering an alternative. Known as the HP ProCurve Threat Management Services zl module (TMS), it's a single-slot blade that goes into the vendor's ProCurve 5400zl and 8212zl modular switches.

It's highly unusual to see all three security functions in one device and especially in a device so small. Configuration can be done through a Web-based GUI or the command-line interface. The initial virtual LAN setup must be done on the switch, not the TMS. Right now the TMS supports a maximum of 19 VLANs with HP considering increasing the number to 250.

After completion of the switch setup the TMS handles all tasks for traffic including security monitoring and IP routing. Setup is fairly simple through the clearly marked Web GUI. The TMS functions as a true application layer gateway.

More information about the current TMS and HP's plans for improvements and enhancements can be obtained by contacting HP.

MOBILE DEVICES ADD CONFUSION IN GLOBAL FIRMS

By K.C.Bishoppe

Mobile devices, now in abundance and geared towards making communications and data handling easier and more efficient for global firms, are creating a multitude of specific problems.

Firms tend to use different types of devices worldwide which makes it impossible to test all devices with all operating systems. This leaves room for incompatibility that affects the use of the devices and the outcome of the projects with which they are being used.

Additionally, the lackluster attitude or lack of understanding on the part of management, and the turnover in staff, including executives, creates problems in getting a comprehensive policy for all mobile devices written, agreed upon and rolled ou to all employees worldwide.

This frequently results in non-approved devices being used to communicate with company systems or with approved devices being used in a non-approved manner.

Another weakness is the failure of employees to install strong passwords on phones and PDAs in order to protect the data and intellectual property stored on the device.

An unprotected device, falling into the wrong hands, becomes a wealth of illegally obtained information for competitors and/or thieves.

The worst part of this scenario is that while a compelling argument may be made to management, security and business continuity are still areas expending funds and failing to produce revenues.

As a result, and since frequently by the time consensus is reached on the mobile device policy the top executive such as the CIO has changed, it's difficult to get management and employees to address the issue of a standardized policy for mobile device use with the care and consideration that it deserves.

Regardless of this pattern, it's important to continue to pursue the passage and adoption of an adequate policy in order to protect the company, its data and its employees.

MCAFEE'S TOTAL PROTECTION 5.0 OFFERS ENHANCED SECURITY

By D.E.Levine

Ever since acquiring Secure Computing for $465 million, McAfee has been busy integrating the TrustedSource intelligence system from Secure Computing into its own managed security service.

With the release of Total Protection Service 5.0 McAfee provides a vulnerability service that allows companies to scan Web sites for vulnerabilities and compliance with the Payment Card Industry Data Security Standard, a set of rules supported by Visa, MasterCard and other credit card companies.

The new features provided by McAfee allow companies to scan their Web sites for vulnerabilities such as malware, e-mail and Web threats, as well as compliance with the accepted financial data handling standards.

McAfee is definitely taking the aggressive approach to make certain that their managed security services address 21st century security problems.

US GOVERNMENT PRESSURED TO BUY MORE OPEN SOURCE SOFTWARE

By M.S.Welles

Even as Microsoft introduces the Windows 7 operating system, Google and 49 other companies are banding together into the Open Source for America coalition.

The purpose of the coalition is to pressure the federal government to buy more open source software. One of the methods for doing this is to target government no-bid renewals of Microsoft products.

After taking over the market from WordPerfect and Lotus 123, Microsoft products have remained dominant in the operating system and Office apps arena. As a result, then government was allowed to renew Microsoft contracts without sending them out to bid.

Although Microsoft remains a monopoly due to the market share it controls, open source vendors are challenging the company and insisting that they have a right to bid on the contracts and compete in the marketplace.

The federal government spends billions on software and by insisting on the bidding process and their inclusion in it, open source vendors stand to reap the rewards financially.

OBAMA EARMARKS HEALTHCARE IT FOR UPGRADE

By K.C.Bishoppe

President Obama is a very modern man who used the Internet and social networking sites to promote himself and get elected.

With that in mind, even as the White House and federal agencies attempt to revise and upgrade the current healthcare program, the President is emphasizing the need to control the costs of healthcare delivery by upgrading the IT infrastructure.

A month after taking office, Obama signed the American Recovery and Reinvestment Act (ARRA) of 2009 which includes $19.2 billion for HIT, healthcare information technology,.

Provisions include the establishment of the Office of the National Coordinator for Health Information Technology (ONCHIT) within the Health and Human Services Department (HHS). The purpose of ONCHIT is to promote the development of a nationwide interoperable HIT infrastructure.

Also included are financial incentives through the Medicare program that will encourage physicians and hospitals to adopt and use certified electronic health records (EHR) which will make moving and tracking patient information more efficient.

Sufficient time is being allowed for records to be transformed into their electronic form. Beginning in 22019 penalties will be imposed on those who do not use EHR.

Another stipulation is the expansion if the Health Insurance Portability and Accountability Act (HIPPA) which was passed to protect patient health data and under the extension will apply to covered entities and their business associates.

With the enormous amount of money that the government is pouring into healthcare, it's anticipated that the next decade will provide vendors with substantial opportunities to provide solutions for managing, connecting and securing the enormous amounts of data held within the national healthcare system.

For the first time in history the federal government is going to pay for the management of data. There are a multitude of areas that lend themselves to improvements in data and content management where electronic patient records are concerned.

Split into the two categories of EHRs which are used by healthcare providers to document and manage patient care, and PHRs or personal health records which put healthcare consumers in control of their personal medical data, the electronic records are credited with helping prevent dangerous drug interactions, identify critical lab values and do a variety of other tasks in an efficient and cost effective manner.

As the revamping of the healthcare program goes on slowly and seemingly endlessly, practitioners and consumers alike wait to see what will be done to the healthcare IT infrastructure and how rapidly changes will take place.

STUDY SHOWS SMALL AND MEDIUM BUSINESSES UNPREPARED

By D.E.Levine

Symantec, a leader in security software recently conducted a survey among small and medium businesses (SMB) regarding their preparation for disasters.

While SMB respondents were confident in their disaster-recovery capabilities, actual results for performances preventing outages showed the same companies to be remarkably unprepared.

According to the Symantec survey the average SMB backs up only 60% of its company and customer data. Additionally, instead of scheduling these backups for regular intervals, they are haphazard and done irregularly.

Symantec claims that "only one in five (23%) back up on a daily basis and 40% back up monthly or less. Despite these facts, according to the SMBs, more than half (55%) feel they would lose at least 40% of their company data in the event of a disaster, such as a fire, that wiped out their computing systems.

IS INTERNET TV IN YOUR FUTURE?

By M.S.Welles

Ernst & Young recently released a study showing that Internet TV is poised to take off and go through tremendous growth as viewers become more comfortable with running widgets on TV screens.

Light applications are already successfully run on mobile phones and computers through the use of widgets.

When widgets are used on TV they are specifically designed to pull selective content from the Internet to complement TV watching.

I've used a widget to get local weather through Verizon and my family uses a widget to get sports updates on the various games taking place throughout the country. Other widgets allow viewers to purchase advertised products from online stores.

The Ernst & Young study found that many viewers found it an appealing idea to integrate TV with information from the Internet.

Although it's anticipated that Web-connected TV shipments will total less than 500,000 for 2009, according to the Ernst & Young study by 2013 the sale of Web-connected TVs could top 6 million.

ICANN AND U.S. REACH AGREEMENT

By M.S.Welles

The Internet Corporation for Assigned Names and Numbers (ICANN) reached an Affirmation of Commitments with the U.S. Department of Commerce that recognizes ICANN as a private-sector led organization.

The agreement calls for reviews of ICANN's performance every three years with members of ICANN advisory committees, independent experts, the Department of Commerce and other individuals serving on the review teams.

The real change according to an ICANN spokesman is that ICANN is going global and all reporting will be to the world with no separate reporting to the United States government.

IBM LAUNCHES NEW E-MAIL

By K.C.Bishoppe

IBM recently launched LotusLive iNotes to compete with Microsoft Exchange and Google Gmail. An on-demand e-mail, calendaring and contact management system with pricing starting at $3 per user per month, IBM is aiming at large enterprises wanting to migrate on-premise e-mail system to a hosted service.

The service is also attracting smaller companies that are interested in on-demand software that have concerns about security and service outages similar to those suffered by Gmail.

IBM purchased the technology for LotusLive iNotes from Outblaze, a Hong Kong company.

TWITTER BEING USED FOR SECURITY

By D.E.Levine

Twitter, a free social networking and micro-blogging service that is enables users to send and receive tweets (messages) has become increasingly popular for advertising businesses and providing customer service assistance.

Now, numerous law enforcement agencies across the nation are using Twitter to convey crime alerts, Amber alerts and emergencies. Some also receive messages from the public as replies.

Tweets are up to 140 characters displayed on the author's profile page and delivered to followers or subscribers of the author. Access can be open or can be restricted to a specific list of followers. Law enforcement agencies use both, using a restricted circle of followers for confidential information and a broad circle of followers for the public.

WHAT'S ENERGY STAR?

By K.C. Bishoppe

Energy Star certification went into effect in May. It promotes energy efficiency and is offered by the Environmental Protection Agency (EPA).

Specifications for Energy Star vary depending on numerous factors including configuration and server size. Certification also requires that idle servers cannot exceed specific energy consumption standards for its classification.

Clean comparisons don't exist at this point and users who want specific information on their server's energy consumption will have to do their own measuring.

Users know now that Energy Star servers are more efficient both active an idle than non-Energy Star servers. Currently, the requirement focuses on making sure the power supply is efficient but doesn't tell you what type of workload you can do for each unit of energy consumed. Instead, the specifications for Energy Star measure whether a server's power supply has good efficiency across a range of workloads.

Energy Star officials are currently working the server community to find the best way to make more direct comparisons between servers. Their hopes are to be able to integrate that into the second version of the program.

UDRP SETTLES DOMAIN DISPUTES

By D.E.Levine

Ten years ago the Internet Corporation for Assigned Names created the Uniform Domain Name, Dispute Resolution Policy (UDRP).

The purpose of the UDRP is to save businesses time and money by interceding and getting offending Web sites shut down quickly without lengthy lawsuits.

Unfortunately, while the main goal of URDP has been achieved, it hasn't deterred cybersquatters. These cybersquatters lay claim to domain names that play on versions of well-known brand names to drive traffic to their own sites.

Legitimate users attempting to visit a brand's Web site may end up on a cybersquatter's site, then be directed to a phishing site, a Web site containing objectionable content, or advertising that links to competing products and services.

It's possible for the most popular brand names to be the target of thousands of cybersquatting sites. Frequently the criminals copy the brands entire site so they can collect user names and passwords from unwitting visitors.

The reason that challenging cybersquatting is so important is because it can damage a brand reputation and cause substantial monetary losses. But, challenging cybersquatting is time consuming and can be very costly. Companies that do pursue the challenge aggressively often take over the cybersquatters domains and relaunch them with information to redirect users back to its own Web site.

However, ignoring cybersquatting is becoming more difficult as the amount of brand abuse continues to rise. Cybersquatting incidents were up 18% in 2008. And that rise has caused ICANN to increase its action because of the use of domain parking used by cybersquatters to achieve their goals.

ICANN intends to open a potentially unlimited number of new top-level domains in 2010. By using advertising-supported domain parking sites that exploit trademarked names, domainers divert traffic away from the brand owners site or link prospective customers to sites offering competitor's products.

Even without those actions, domainers who register and hold valuable brands cause legitimate trademark holders inestimable damage by tying up names and sites that the trademark holder can use for themselves. Domainers spend very little money for start-up costs and maintenance, and stand to make great financial gain.

There is a difference betweeen legitimate domain parking and cybersquatting. In fact, domain parking has become the core legitimate business model for some registrars. Some trademark holders are trying to defend themselves by buying up defensive domain names so that cybersquatters can't use them. They also hire monitoring services, pursue cybersquatters through UDRP and even take cybersquatters to court.

All of these defensive actions cost money. But the registration and maintenance fees for defensive sites names are cheaper than the $1,500 fee to file a UDRP case with the World Intellectual Property Organization (WIPO), especially when the business has hundreds or thousands of complaints with which to deal.

Even after registering and maintaining defensive sites companies still have to be diligent since cybersquatters continue to register new variations. Monitoring services which can alert businesses to cybersquatters cost thousands of dollars annually and it falls upon the business to review and pursue each case. Then the company must decide what action it wishes to take. This can be very costly.

An UDRP complaint filing with a dispute-resolution provider is the least expensive route. Other actions like suing for intellectual property violations under the Anticybersquatting Consumer Protection Act (damages limited to $100,000), attempting to shut down sites under the Digital Millennium Copyright Act, or pursuing trademark abuse under the Lanham (Trademark) Act are far more expensive.

Large businesses are frequently overwhelmed by the magnitude of the problem, the scope of actions necessary to combat it and the costs involved. Small to medium businesses can't afford to take these actions and therefore can't compete with the cybersquatters. Basically, they have no redress because they cannot afford the actions necessary to combat the cybersquatters.

TRANSIT SYSTEMS ARE STILL VULNERABLE

By D.E.Levine

Following an article in September where we announced monies being distributed to 15 transit systems across the nation, we looked at a GAO report that states that mass transit (rail, subway and bus) systems are harder to protect than airports.

The GAO report found that TSA can do more to share security technology information with others since coordination challenges persist.

Although TSA reported that selected 9/11 Act provisions were satisfied it missed critical deadlines and still lacks a plan with benchmarks necessary to fulfill the requirements.

Mass transit security is unique because it traverses a diversity of government and law enforcement agencies. These agencies range from city and state transit operations to interstate systems like Amtrak.

Most mass transit systems do not lend themselves to access controls similar to those used at airports.