CIO Resource Site

Security threats are on the rise and they are costly

Webmaster — Sun, 12 Feb 2012 14:36:18 -0700

Companies as well as individuals need well defined security policies and procedures to combat secruity threats.

In a report that was recently published it was estimated that breaches cost companies between $90 and $305 per lost record. This includes notifying customers, hiring contractors to fix computer systems, fines and lost business. In addition, over 95 percent of network attacks are entirely financially motivated. This is different than two or three years ago where it may have been a college student who wanted to crash your computer. Threats today burrow deep in computers and hide. They are a lot less visible today.

Indeed, the new threats are much more sophisticated than those security experts had foiled in the past. The easy things - viruses, Trojans and worms - are generally stoppable by most firewalls or certainly inline intrusion prevention. But now, hackers and the organizations that fund them have upped the ante for gateway and network security.

Improving eMail Security

Webmaster — Thu, 02 Feb 2012 16:16:39 -0700

Several companies, including Google, Facebook, Microsoft, Yahoo, PayPal are working jointly work on a standard for blocking phishing e-mails by verifying that they come from legitimate companies

DMARC.org - or the Domain-based Message Authentication, Reporting, and Conformance is a new white-list system will be available for use across the Internet.

The other companies in the DMARC working group are AOL, Bank of America, Fidelity Investments, American Greetings, LinkedIn, and e-mail security providers Agari, Cloudmark, eCert, Return Path, and Trusted Domain Project.

Will IT spending go up?

Webmaster — Fri, 20 Jan 2012 11:25:59 -0700

IT spending is expected to increase in 2012. After years of budgets crimped by a bum economy, there is significant pent-up demand at companies around the globe to drop some extra cash for the products and services they have been waiting for to drive business forward. But we have heard this song before.

Gartner was bullish on IT spending last year, saying that it could rise somewhat significantly in 2012, yet in its latest report the research firm acknowledges that its estimates might have been too optimistic. Global spending on IT spending will still be up, the company says, but do not expect it to rise too quickly.

CIO success is driven by relationships

Webmaster — Sun, 08 Jan 2012 15:38:46 -0700

Relationships are critical for a CIOs success. A poor relationship with superiors and staff is the number one reason for failure of CIO. Relationships are critical to communications and without them common goals cannot be achieved.

CIO and employees who understand each other have preferred styles .better understand how to communicate and work together effectively. Factors that strongly predict the compatibility between a CIO and their teams are self-assurance, self-reliance, conformity, optimism, decisiveness, objectivity, and approach to learning. Assessing a CIO relationships with team members allows the CIO to use objective information about themselves and their teams so that they can work more effectively toward a common goal.

A poor relationship with one's boss is the number one reason for failure at work. Two common flashpoints adversely affect performance:

The employee is unclear about the CIO's expectations - Goals should cascade down from the CIO to team members so that everyone understands how they contribute to the objectives of both the team and the organization. If an employee does not understand the goals given,or if they have not been given goals at all, the onus is on the employee to seek clarity. Asking a simple question such as, "What are the top three priorities in my role that you would like me to focus on?" can help everyone on the team gain clarity. Employees should also ask, "Why is this so important?" as the answer will give them a lot of good clues for developing the relationship with their CIO.
CIOs fail to adapt their styles to the employees' preferred styles - Every employee/CIO relationship is unique and requires a different management approach. For example, the approach taken by highly decisive boss working with a highly decisive employee should be significantly different from the approach taken by this same boss when working with a less-decisive employee. The decisive employee thrives on quick decisions, while the other employee will be more methodical in thier decision-making approach. The less-decisive employee will potentially enter into conflict with the faster-paced CIO.

Burnout of key employees

Webmaster — Sat, 17 Dec 2011 09:44:52 -0700

In these troubled times employee burn-out is a reality. There are a number of impacts on the employees that negatively impact the organization that they work for. They are:

Withdrawal - Employees want to avoid what discomforts them, and those organizational conditions that can cause burnout are certainly discomforting. Signs to watch for are that employees leave work early, arrive at work late, take long breaks, and stay away from the workplace as much as possible.
Interpersonal friction - Employees strike back at what they do not like. Signs are employees begin being cynical and callous toward others, small differences lead to monumental arguments, work assignments begin to seem like insurmountable challenges, and friends begin to look like foes.
Performance declines - When employees are not happy they do not perform well. The quantity of the employees may not be reduced, but the quality will. Signs are clients say that service quality is poor and interrelationships been the burned out employee, their peers, their customers is a low point. There are few smiles and jokes - it is all work and no play.
Family life and personal space negative - Just as burnout leads to behaviors that have a negative impact on the quality of one's work life, it can also lead to behaviors that cause a deterioration of the quality of home life and personal space. Burned out individuals are often described by their wives as coming home tense, anxious, upset, angry, and complaining about the problems they faced at work. These individuals are also more withdrawn at home -preferring to be left alone, instead of sharing time with their families.
Declining health and gaining weight - Burnout often leads to health-related problems. Burnout victims are more likely to suffer from insomnia, excessive drinking or smoking, and to use medications of various kinds.

Top priorities for 2012

Webmaster — Mon, 07 Nov 2011 15:01:46 -0700

Five projects to tackle in the short term will make you a hero to upper management while enabling the organization to move forward:

Streamline company data storage and access
Master mobile devices to meet
Become a efficient development organization
Implement crisis management response processess
Gain control of social media

Facebook most popular social network

Webmaster — Thu, 27 Oct 2011 12:28:08 -0700

Facebook is leading all social networks in U.S. mobile traffic. While access through the browser still trumps application access, apps are gaining.

More than 72.2 million Americans, or nearly one-third of the country, accessed Facebook, LinkedIn, Twitter, or some other social network or blog from a mobile device in August, up 37 percent from the same time last year.

Nearly 40 million of those U.S. mobile users access these sites almost every day, according to new research from comScore. Smartphone users proved to be the heaviest social media users, with 3 in 5 of those users using social media software every month.

Facebook, which claims it has over 200 million mobile users, enjoyed more than 57 million mobile users in August, up 50 percent from the previous year. Twitter and LinkedIn have far fewer mobile users. Twitter's mobile audience rose 75 percent to 13.4 million people, while LinkedIn's audience grew 69 percent to 5.5 million users.

Backup service providers an expanding DRP resource

Webmaster — Sun, 16 Oct 2011 14:30:33 -0700

Online backup and recovery service providers have emerged from different market spaces and have different product focuses and business drivers. These providers can be grouped into three categories:

Service providers leveraging existing core business resources to expand into adjacent markets to look for new revenue opportunities
Service providers concentrating on server backup in niche markets: backup and recovery only, single verticals, regional boundaries
Service providers whose backup and recovery service forms an integral part of a broader spectrum of information management and data protection services

The scope, strengths, and weaknesses of each type of online backup and recovery service provider are characterized with respect to the current and forward-looking requirements of companies looking to protect their server data. Such requirements range from full system (versus data only) backup and restore to comprehensive business continuity best practices and support. Understanding these strengths and weaknesses can help businesses clarify their server protection requirements and better align their selection criteria and focus with their business goals.

New technique offers enhanced security for sensitive data in cloud computing

Webmaster — Mon, 10 Oct 2011 04:13:00 -0700

Researchers from North Carolina State University and IBM have developed a new, experimental, technique to better protect sensitive information in cloud computing - without significantly affecting the system's overall performance.

Under the cloud-computing paradigm, hypervisors are programs that create the virtual workspace that allows different operating systems to run in isolation from one another - even though each of these systems is using computing power and storage capability on the same computer. A longstanding concern in cloud computing is that attackers could take advantage of vulnerabilities in a hypervisor to steal or corrupt confidential data from other users in the cloud.

The NC State research team has developed a new approach to cloud security, which builds upon existing hardware and firmware functionality to isolate sensitive information and workload from the rest of the functions performed by a hypervisor. The new technique, called strongly isolated computing environment (SICE), demonstrates the introduction of a different layer of protection.

"We have significantly reduced the 'surface' that can be attacked by malicious software," says a professor of computer science at NC State. "For example, our approach relies on a software foundation called the Trusted Computing Base, or TCB, that has approximately 300 lines of code, meaning that only these 300 lines of code need to be trusted in order to ensure the isolation offered by our approach. Previous techniques have exposed thousands of lines of code to potential attacks. We have a smaller attack surface to protect."

SICE also lets programmers dedicate specific cores on widely-available multi-core processors to the sensitive workload - allowing the other cores to perform all other functions normally. A core is the 'brain' of a computer chip, and many computers now use chips that have between two and eight cores. By confining the sensitive workload to one or a few cores with strong isolation, and allowing other functions to operate separately, SICE is able to provide both high assurance for the sensitive workload and efficient resource sharing in a cloud.

In testing, the SICE framework generally took up approximately three percent of the system's performance overhead on multi-core processors for workloads that do not require direct network access. "That is a fairly modest price to pay for the enhanced security," the professor says. "However, more research is needed to further speed up the workloads that require interactions with the network."

Mobile devices change the way companies infrastructure

Webmaster — Sat, 01 Oct 2011 10:04:43 -0700

Mobile devices and new user interfaces change everything. Leading edge enterprise managers have been using mobile devices for phone, e-mail, and Web communications since the inception of these products. Further, laptop devices have enabled employees to travel and to manage how employees or sell to customers.

However, consumers' rapid adoption of the Apple iPhone, iPad, and Android-based personal digital assistants (PDAs) and tablet PCs is causing lending IT innovators to quickly create new capabilities that will transform most enterprises interactions with their customers. An excellent example is an iPhone application for consumer automobile lending where a customer can compare car prices, apply for a car loan, and receive onsite loan approval at a car dealer.

A tablet device is never going to fit into a jeans pocket like a smartphone, but it is still mobile and its screen size add new usability and utility of its apps over a mobile phone. For example, in many retail operations will eventually use a table PC to replace the clipboard, pencil, and paper forms for one-time electronic information capture.

Disaster Plan - Business Continuity Template Meets Sarbanes-Oxley Mandated Requirements

Webmaster — Mon, 12 Sep 2011 09:18:16 -0700

The Disaster Recovery / Business Continuity Template version 4.3 has just been released. Janco contiues to update its templates to meet the ever changing requirements of the business environment.

With this new version a fully indexed PDF copy of the template is now provided in addition to the two versions of WORD (2003 and 2007).

The updates to the template included:

1. Defined generic metrics for DR/BC success

2. Business & IT Impact Analysis Questionnaire Updated

3. Updated references to DRP card

4. Updated formatting to meet WORD 2007 requirements

The version history for updates to template can be seen at http://www.e-janco.com/drpversion.htm and the full Table of Contents with sample pages can be downloaded at http://www.e-janco.com/Register_drp.asp .

Mobile devices put confidential data at risk

Webmaster — Thu, 08 Sep 2011 05:03:13 -0700

The average cost to an organization every time a corporate secret is revealed to unauthorized parties, especially agents and their competitors, is
$1.3 million. Forty three percent of CIOs believe this occurs about once every month and 29 percent believe it happens annually. Eighty percent believe that the organization would not discover the wrongful interception of a smartphone conversation that revealed valuable corporate secrets.

Other vulnerabilities these devices face include attacks by viruses, spyware, malicious downloads, phishing and spam. It also has been found that Androids and iPhones have emerged as popular platforms for attack. There also has been a consistent degree of evolution in the sophistication and execution of these threats.

Compliance Management

Webmaster — Mon, 05 Sep 2011 12:35:10 -0700

Regulatory requirements have made log management & analysis one of the two fastest growing areas of security. In fact, nearly every major regulation affecting cyber security now demands or implies the need for continuous logging and effective log management HIPAA, SOX, ISO 27001, COBIT. Even the Payment Card Industry (PCI) standard appears to demand it. And regulations governing information security technology are evolving as fast as the technology itself.

Internet may be a source of future tax revenue

Webmaster — Tue, 30 Aug 2011 15:50:59 -0700

As local municipalities and states seek to find additional revenue in this down economy, they now have their sights on the emerging market of cloud computing. As more companies use cloud services, the traditional rules of taxation based on physical presence no longer fit.

For example, a New York-based company may purchase server space and cloud-based software from a Texas-based company. That's relatively straightforward, except that the Texas company may have servers in North Carolina and California, while the New York company may have satellite offices in Illinois, Florida, and Kentucky that use the server space. Who gets the tax bill, and who gets the revenue? Good luck with that one.

States recognize the shift in buying patterns from boxed software and hardware to computing services delivered over the Internet. Thus, they want to position or reposition tax laws to make sure they get their traditional share as purchases shift venues.

Amazon and others are supporting a bill that would impose a streamlined national sales tax for e-commerce, avoiding the complexity of figuring out hodgepodge of state and local tax rates. As online sales have grown dramatically, states have challenged the catalog sales-based exemption, some imposing sales taxes.

Many established interests want to shape this movement. Accountants, lawyers, state tax officials, and companies such as Google, Apple, and NetSuite are looking to develop new guidelines for taxing the use of cloud computing. Amazon.com has exited more than a dozen states that changed their laws to consider such affiliates as equivalent to taxable physical presence for distributors. Instead, Amazon is pulling affiliate arrangements to avoid collecting taxes and trying to get a ballot initiative in front of voters to exempt it from a recent decision to tax online retailers' in-state sales.

Now the federal government is chiming in with federal legislation that would limit the states' ability to tax "digital goods and services." As you may recall, this was the same type of law that limited the taxation of the then-emerging Internet-based e-commerce industry in the 1990s, and it's based on an old Supreme Court decision that exempts catalog sales from having to collect sales taxes when the customers are in a different state than the retailer.

Backup and Retention a DRP issue

Webmaster — Sun, 14 Aug 2011 15:21:19 -0700

Traditional storage environments have many of the same problems as distributed server farms: applications are tied to physical devices, making any response to changing needs both disruptive and time-consuming; capacity utilization is low; and many maintenance activities require application downtime. The simple and straightforward solution is storage virtualization, which decouples applications and data from the underlying physical devices. Storage virtualization simplifies storage management, as only a single set of tools are required for a given virtualized set of similar devices, such as managing a set of disk systems.

For IT departments charged with delivering greater business value in the face of unprecedented data growth, storage virtualization is a very attractive way to control costs, improve performance and maximize resource utilization.

Advanced Persistent Threats (APT) change security landscape

Webmaster — Mon, 08 Aug 2011 08:05:11 -0700

The Security for Business Innovation Council, a group of 16 security leaders from companies that include eBay, Coca-Cola Company, SAP, FedEx Corp., Johnson & Johnson, and Northrop Grumman, summed up their thoughts on "advanced persistent threats" (APT) in a report, saying this type of attack is forcing IT to rethink network security. "Tackling advanced persistent threats means giving up the idea it's possible to protect everything. This is no longer realistic."

Focusing on fortifying the perimeter is a losing battle. Today's organizations are inherently porous. Change the perspective to protecting data throughout the lifecycle across the enterprise and the entire supply chain. Now CSOs and CIOs have to be on working with business managers to identify the crown jewels of the organization and protect these core assets, while also moving away from a perimeter-centric view.

The definition of a successful defense has to change from 'keeping attacks out' to 'sometimes attackers are going to get in; detect them as early as possible and minimize the damage.' Assume your organization might already be compromised and go from there.

Outsourcing is becoming a commodity service

Webmaster — Fri, 29 Jul 2011 09:14:12 -0700

Outsourcing is becoming a commodity as more enterprises adapt to standardized infrasructure policies and procedures. This in turn will accelerate the move towards outsourcing for the following reasons:

Large backlog of IT projects and IT organizations may not have enough human resources to effectively deploy cloud-driven systems. IT managers, analysts, and architects will need to become business analysts, and spend a good deal of their time working with business units. They will either turn to third party firms either for assistance with cloud providers, or to take on IT-centric tasks to free up IT to better pursue cloud service provisioning.
Infrastructures based on cloud principles will lower the barrier of entry for outsourcing providers, which will in turn multiply their numbers, heightening competition and lowering prices. This will energize the outsourcing market.
Growing standardization and "hot-swappability" of cloud services such as business continuity management and components makes it easier to outsource pieces of the IT infrastructure. This may make outsourcing less of the onerous either/or business decision it has been, as chunks of applications or services can be outsourced or brought in house as the situation fits, with minimal disruption to IT operations and priorities. As a result, well see more "micro-outsourcing" and less big-ticket-turn-the-whole-operation-over types of deals.

Job market improves for some IT Pro

Webmaster — Tue, 19 Jul 2011 07:30:38 -0700

The market for IT audit and governance risk-management and compliance professionals continues to show strong signs of recovery. We have finally crossed back over into at least the low end of a normal market. Accordingly, we see several very encouraging trends. Overall, the number of open positions for IT audit and GRC professionals continues to increase. Hiring freezes are virtually nonexistent, the number of open positions has increased substantially, and we see more positions being put out to search, which is a signal of shifting supply and demand.

Public accounting and consulting firms are in a hiring mode -- some aggressively so. I have also spoken with many chief audit executives who are anticipating openings in their departments caused by auditors moving out into the business. This is a trend that abated the past several years as there was a dearth of open positions to move into.

It has become common again for high-caliber senior IT auditors or consultants to receive multiple offers. Similarly, we are seeing more openings for manager-, director- and vice-president-level positions.

In other IT career areas, according to the Bureau of Labor Statistics, employment of computer network, systems and database administrators is expected to increase by 30 percent from 2008 to 2018, much faster than the average for all occupations.

Business Continuity and Disaster Recovery Defined

Webmaster — Tue, 12 Jul 2011 16:02:08 -0700

Business Continuity and Disaster Recovery Planning are the way an organization can prepare for and aid in disaster recovery. It is an arrangement agreed upon in advance by management and key personnel of the steps that will be taken to help the organization recover should any type of disaster occur. These programs prepare for multiple problems. Detailed plans are created that clearly outline the actions that an organization or particular members of an organization will take to help recover/restore any of its critical operations that may have been either completely or partially interrupted during or after (occurring within a specified period of time) a disaster or other extended disruption in accessibility to operational functions. In order to be fully effective at disaster recovery, these plans are fully defined and are tested regularly.

A Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) are how an organization guards against future disasters that could endanger its long-term health or the accomplishment of its primary mission. BCPs and DRPs take into account disasters that can occur on multiple geographic levels-local, regional, and national-disasters like fires, earthquakes, or pandemic illness. BCPs and BCPs should be live and evolving strategies that are adjusted for any potential disasters that would require recovery; it should include everything from technological viruses to terrorist attacks. The ultimate goal is to help expedite the recovery of an organization's critical functions and man-power following these types of disasters. This sort of advanced planning can help an organization minimize the amount of loss and downtime it will sustain while simultaneously creating its best and fastest chance to recover after a disaster.

Patriot Act allows feds access to data stored overseas

Webmaster — Thu, 30 Jun 2011 08:46:40 -0700

The U.S. is home to the world's largest technology companies, offering cloud services from simple storage to complex web applications to users across the world. But data held even in European datacenters, protected by strict European data laws, may still be vulnerable to inspection by U.S. authorities.

User and corporate data can be accessed without the need of a warrant, the implications of user privacy and businesses, and how to ensure a secure European cloud.

IT Policy Templates - 2011 Version

Webmaster — Tue, 07 Jun 2011 08:34:36 -0700

Documenting a clear set of IT policies is a resource-intensive process for IT managers due to the research and writing time involved. And once policies are created, the next step is to communicate and gain acceptance for those policies throughout the organization. Wouldn't it be nice to start with boiler plate templates that require only minor customization?

Policies and Procedure Bundle -- JUST UPDATED

CIO IT Infrastructure Policy PDF (All of the policies below which come as individual MS Word files)
Backup and Backup Retention Policy
Blog and Personal Web Site Policy
Incident Communication Plan Policy (Updated to include social networks as a communication path)
Internet, e-Mail, Social Networking, Mobile Device, Electronic Communications, and Record Retention Policy
Mobile Device Access and Use Policy
Outsourcing Policy
Record Management, Retention, and Destruction Policy
Sensitive Information Policy (HIPAA Compliant)
Service Level Agreement (SLA) Policy Template with Metrics
Social Networking Policy
Telecommuting Policy
Travel and Off-Site Meeting Policy

Tape backup for disaster plans is very costly

Webmaster — Thu, 02 Jun 2011 10:13:12 -0700

Enterprises around the globe have made significant investments in their tape-based backup and recovery infrastructure with tape drives, removable media, automation, software licenses, and support. In addition, they have invested in people and processes. These investments have made it difficult for firms to change their approach to backup and recovery. However, unabated data growth and the inability to cost effectively manage backup and recovery functions now are forcing many firms to reevaluate or abandon their tape investments altogether.

According to a study by a major research firm, large enterprises saved on average nearly $230,000 annually by eliminating upgrades to tape libraries and drives. Organizations that abandoned tape also realized annual savings of more than $71,000 in transportation costs and more than $77,000 in costs associated with a decreased reliance on contractors.

Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events - whether those event might include a hurricane or simply a power outage caused by a backhoe in the parking lot. The CIO's involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency.

Protect IT Act put on hold

Webmaster — Sun, 29 May 2011 15:45:42 -0700

A U.S. senator has blocked a controversial bill that would enlist ISPs, search engines and other businesses in blocking access to alleged Websites infringing copyright.

Critics of the bill have said it would lead to hundreds of court cases brought by copyright owners against online businesses. The legislation would lead to a blacklist of Internet sites and compromise the Internet's Domain Name System, critics have said.

But backers of the bill have said new methods are needed to combat copyright infringement by foreign websites. The bill would target the worst foreign websites trafficking in digital piracy and counterfeit goods and would dry up their business by focusing on user traffic, advertising and payments, proponents said.

On Thursday, just two weeks after the bill was introduced, the Senate Judiciary Committee unanimously voted to move the PROTECT IP Act to the Senate floor. Under Senate rules, a single senator can place a hold on a bill, although the block can be overridden by a 60-vote majority.

The PROTECT IP Act would allow the U.S. Department of Justice to seek court orders requiring search engines and ISPs to stop sending traffic to websites accused of infringing copyright. The bill would also allow copyright holders to seek court orders requiring payment processors and online ad networks to stop doing business with allegedly infringing websites.

Android - a force in the SmartPhone arena

Webmaster — Thu, 19 May 2011 16:17:57 -0700

Google's Android was the top smartphone operating system in the United States in the first quarter of 2011, overtaking the market share of Research in Motion's BlackBerry and keeping Apple's iPhone in the third position.

Android runs 34.7 percent of the 72.5 million smartphones in the United States in the first quarter, a market research company said. Android-based smartphones accounted for 28.7 percent of the market at the end of the fourth quarter in 2010, when fewer smartphones -- 63.2 million -- were in use.

BlackBerry's share of the smartphone market dropped from a 31.6 percent share at the end of 2010 to 27.1 percent at the end of March.

Apple's iPhone share increased slightly from 25 percent to 25.5 percent over the first three months of 2011.

Meanwhile, the market share for Microsoft's new Windows Phone 7 and older Windows Mobile products dropped 0.9 percentage points, from 8.4 percent in December to 7.5 percent in March. Palm and the WebOS under Hewlett Packard dropped from 3.7 percent to 2.8 percent over the period.

Data security missing with many SMBs

Webmaster — Thu, 19 May 2011 15:59:59 -0700

Data security can be somewhat of a "blind item" for SMBs, meaning it's out of their area of expertise. But most won't be hiring consultants to guide them through the process of assessing security issues and finding answers. That will be up to their vendors, their VARs and themselves. In many situations, file-level encryption is the right solution for these companies.

In an article on SearchSMBStorage.com, "Secure data storage strategies and budget-friendly security tools for SMBs," Kevin Beaver lays out the security issues facing SMBs. He says that storage security for most SMBs can be a challenge for a number of reasons. There are typically too few people in IT to begin with, but often there are too many parties getting involved with the security decision, leading to an accountability problem. And, mobile devices are exacerbating the situation, enabling users to carry company data around in an easily lost and easily stolen package called a smartphone, PDA or tablet.

Web Security Threats

Apple rules the SmartPhone market

Webmaster — Wed, 04 May 2011 09:37:11 -0700

Apple is poised to own three-quarters of the major $3.8 billion mobile application market this year, according to the research company IHS Screen Digest, and will continue to own as much as 60 percent of that sumptuous pie through 2014.

Google, meanwhile, has gained ground on Apple and is poised to knock beleaguered RIM into the third-place slot. Bringing up the rear in the ranking of the top four purveyors of mobile apps is Nokia. Perhaps Microsoft will place next year, now that it has a handle on cut and paste in Windows Phone Mobile.

Steve Ballmer is likely kicking himself for Microsoft fall so far behind in the extraordinarily lucrative mobile space. Revenue from mobile app sales have skyrocketed since 2008, according to IHS. Back then, the Apple Application Store was the only game in town, and the market was worth a mere $206 million and change. That figure leaped to $830.6 million in 2009, then to $2.1 billion in 2010, as more competitors entered the fray. Looking ahead, we see the market continuing to rise in billion-dollar increments up to $8.3 billion come 2014.

Social networking policy needs to be implemented

Webmaster — Thu, 28 Apr 2011 14:12:17 -0700

Twitter, Facebook, YouTube and LinkedIn are all very popular social networking platforms. Most companies today have discovered many business advantages to using social networks as a critical tool for communicating and interacting with their customers, suppliers and employees. But with this convenience comes the difficult task of regulating usage and keeping employees productive with all the recreational temptation these platforms represent.

The Social Networking Policy Template is an ideal resource for any company that wants to establish or revise its policies pertaining to the use of most social networking platforms. It helps you define clear rules for contributing to company social networking initiatives and provides guidelines on usage of personal accounts while at work.

Amazon cloud outage shakes confidenceof CIOs

Webmaster — Tue, 26 Apr 2011 06:17:03 -0700

Cloud services overall have been remarkably reliable, which may be fostering a dangerous complacency among customers who are putting too must trust in them.

The uptime reliability of 40 of the largest providers of cloud-based services shows cloud providers are delivering excellent uninterrupted services.

The overall industry yearly average of uptime for all the cloud services providers is 99.9948%, which equal to 273 minutes or 4.6 hours of unavailability per year.
The worst providers clock in at 99.992% or 420 minutes or 7 hours of unavailability a year.
The best providers are at 99.9994% or 3 minutes or .05 hours of unavailability a year.

However, despite the redundancies and backups built into the cloud, the recent Amazon outage shows that cloud users you hit a combination of events for which the backups don't work. Users see the promise of cloud technology as a way to reduce costs and be greener, but that also means concentrating processing in fewer, bigger places. Thus, when something goes wrong, it has a bigger impact.

Cloud Computing Puts Enterprises at Risk

Webmaster — Fri, 15 Apr 2011 07:57:03 -0700

Security is only as tight as the weakest link. For example, an administrative employee at Twitter was targeted and her personal email account was hacked. From the personal account, a hacker was able to gain information which allowed access to the employee's Google Apps account which contained Docs, Calendars, and other Google Applications that Twitter relied on for sharing notes, spreadsheets, ideas, financial details and sensitive data for the company.

Following that attack, Twitter conducted a security audit and they concluded that there was not security vulnerability in Google Applications. Twitter continues to use the suite internally.

Are your security policies and procedures strong enough to withstand such a breach?

Metrics are key to budgeting

Webmaster — Wed, 06 Apr 2011 09:10:17 -0700

CIOs have to justify their budgets, the value of the applications they are running, and how IT is driving corporate productivity. This increased role requires focus, vision and, above all, transparency - into services, costs, demand, processes and impact on corporate performance.

For the CIO to compete for resources, the IT function needs to operate as a business within a business - providing valuable services to the rest of the orga¬nization. The CIO must effectively educate the organization and provide clearly articulated and relevant cost information.

A detailed understanding of the cost within the Information Technology function provides advantages to the CIO because it:

Ensures a better resource allocation
Reduces complexity and bureaucracy
Provides and informed budgeting process
Provides a better understanding of ITs capacity and capability
Allows the CIO to link IT investments to overall organizational benefits