Latest news of interest from the CIO's primary news feed
Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA
The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.
If you wish to subscribe to this news feed the options that you have are:
- IT Standard News Feed - 30 items
- Business and regulatory requirements - regulatory compliance and data preservation
- Economic and budgetary concerns - doing more with less
- Data loss prevention and information protection - protect, preserve and serve
- Environmental and business sustainment - green and economically efficient
- Maximize IT resource effectiveness and return on investment (ROI)
- Reduce total cost ownership (TCO) of IT resources and service delivery
- Know which data they need to secure and protect.
- Have procedures in place for digitizing and storing important information that cannot be retained exclusively in paper format.
- Have lifecycle process Information Technology systems.
- Ensue that business data and records that are no longer needed are securely purged.
- Understand their regulatory and compliance requirements for securing and protecting business data.
- Have file-naming conventions to ensure that secured, protected business data are properly identified.
- Ensures that all staff members know the proper procedures for protecting business information.
- Have automated processes for protecting and backing up data.
- Protect data in secure off-site backup facilities.
- Test their backups to ensure that they are protecting the information that they think that they are protecting.
Not all disasters are equal
Disaster recovery, or DR, is one of those subjects that can be discussed not only at length, but also from many different perspectives. The process of recovering from a storm or other natural disaster that affects people and infrastructure across a wide geographic region is clearly not the same as that required for a business to recover from the impact of, say, a fire at a central warehouse. But no matter at what level one talks about disaster recovery, there are key two metrics, two goals that will inevitably be discussed: the time it takes to recover, to get back to normal, and the state or condition to which one can hope to recover.
These same metrics are central to any discussion of recovery from IT disasters, such as the loss of a server or data center or just the loss of a file or data object. Most commonly, experts in DR planning talk about an organizations recovery expectations in terms of their Recovery Time Objective and their Recovery Point Objective.
Recovery Time Objective (RTO) describes the goal for how quickly data is to be recovered and made available to users after the failure or loss of a system. For example, some companies may be willing to tolerate six to 24 hours of downtime, while others (e.g., large online retailers) are willing to wait only a minute or two.
Recovery Point Objective (RPO) measures the completeness of the data and/or application functionality ultimately recovered. For instance, one shop may be willing to accept the loss (and subsequent manual re-creation) of a days worth of transactions, while another may be willing to tolerate the loss of only transactions that were in process at the very moment the system failed.- more info
Backup makes disaster recovery business continuity daunting
BC-DR is daunting. BC-DR requires offsite duplicate data, infrastructure, storage, systems, networks, floor space, rack space, cables, power, cooling, etc. Far too many organizations take a look at the cost and decide they just cant afford it. Per the May 2010 Information Week Business Continuity Disaster Recovery published survey of the Global 2000 (681 respondents), 37% said they had no current BC-DR plan of which 68% of those said it was because it is too expensive and too complicated. The better question is whether they can afford not to have it. It has been proven that 95% of those organizations that failed to recover their data and systems within two weeks of a disaster were out of business within two years. This is not a pretty picture. Regrettably, the consequences of poor BC-DR preparedness will only come to light when there is a disaster. Up until then, it is a hypothetical risk. Unless an IT organization has experienced a disaster, they are far more likely to tolerate the incredible risk.- more info
Secrutiy threates increase
Cybercrime continues to evolve and grow in both scale and sophistication. As social networking becomes ever more deeply embedded in our everyday lives, it has become an ever more fertile hunting ground for those who would steal and abuse our personal information, and compromise and misuse our computer systems to gain financial advantage by stealing our personal or corporate funds or obtaining illicit funds from advertisers or spammers.
Just companies have changed their habits to accommodate new technologies and new ways of conducting their everyday business, so security providers have needed to implement new strategies to cope with the massive growth in new malware and new attack vectors.
Keeping track of these continuous and rapid changes is a demanding and complex task, but one that will doubtless be rewarding to the diligent and conscientious. Knowledge is power, and understanding the dangers posed by the modern interconnected world is the first step toward keeping ones identity, possessions and finances safe and secure.- more info
Net neutrality stalled in Congress
A network neutrality proposal floated by members of the U.S. House Energy and Commerce Committee has stalled.
The proposals would have prohibited wired broadband providers from "unjustly or unreasonably" discriminating against legal Web traffic, but would not apply that prohibition to mobile providers. The bill would have prohibited all broadband providers from blocking consumer access to websites and from blocking legal websites, and it would have prohibited the U.S. Federal Communications Commission from reclassifying broadband as a regulated common-carrier service for two years.
The committee may try to push forward on net neutrality legislation after November's elections, he said, when a lame-duck session of Congress is likely.- more info
Recent Backup Critical For Disaster Recovery
It has been proven over time that most data recovery requests are for relatively recent data, and that there is a direct correlation between the age of data and the possibility that it would be required for restore purposes. Most restore requests are driven by issues such as an inadvertently deleted file or data corruption that is introduced by a virus or a hacker.
Typically these problems are discovered within several hours or at most a few days from when they first occur, resulting in restore requests for more recent data. In general, the only time you may need to restore data that has already been archived would be in the event of a disaster that physically destroys computer equipment and facilities, such as an earthquake or a tornado. While it pays to be prepared against these occurrences, they are very rare.
The Backup and Backup Retention Policy Template has been used to create customized policies for well over 2,000 enterprises world wide. This policy in concert with the Record Mangement Policy Template are must have Best Practices Tools for CIOs and IT professionals.
For example, factors that CIOs and IT professionals need to consider for backup retention include:
With the ever changing economic climate and security threats, downtime and data loss pose intolerable risks to every business today. From CIOs to the Executive Suite, managers have seen the importance of business uptime and data protection to continued success, productivity and profitability. The Disaster Planning Template provides a road map to the most effective strategies and technologies to protect data and provide fast recovery should data be lost or corrupted due to accident or malicious action.- more info
26% of All Firms Faced Disaster in Last 5 Years
Janco has found that more than a 26% of its client firms have faced some sort of a disaster over the past five years. CIOs need to convince executives in their enterprise to invest in business continuity and disaster recovery systems. CIO's need to effectively communicate that business continuity and disaster recovery planning is not just an insurance policy.
CIOs know their systems are vulnerable and they want to do something about it. In these tough economic times, it is hard to get funding for business continuity and disaster recovery. CIOs who tie business continuity and disaster recovery planning to mandated compliance needs are more successful in obtaining the necessary funding.
Many of these same companies consider disaster recovery investment as a rolling upgrade that consistently augments existing infrastructure and application investments rather than a one-time event that can be delayed.
In one research study by another firm many CIOs blamed disasters on non-natural disruptions and incidents. The data shows that 42% of the firms surveyed said power failure was the most common cause of declared disasters and downtime, while 32% cited hardware failure, and 21% cited network failure.- more info
Core security goals for CIOs and IT Managers
CIO and IT Managers need to set minimum security goals for their organizations.
- more info
eCommerce security is basis for customer trust
With the skyrocketing rise in Internet fraud, security of personal data transmissions has never been more critical to e-commerce. The prevalence - and consequences - of identity theft are all too well known and documented. With the increased level of Internet data theft, potential customers have become more savvy, more skeptical, and frankly, more scared. They expect to be protected, and 83% of consumers want more assurance that their information is secure.
Creation of customer trust makes all the difference. Investment in technology to protect customers and earn their trust is trivial when compared to the overall cost of doing business. When the costs are dwarfed by the potential upside, its clear that enhancing e-commerce site security, with technologies like SSL, is an obvious choice for online businesses looking to be successful. To ensure that current and future customers are fully aware of security investments being taken by e-commerce businesses, it is critical to go with a security vendor whose brand name is the best known and the most trusted.- more info