CTO Toolkits News

Current News

Biometrics will be used in the EU 02/21/2008 -

Visitors to Europe will face biometric screening and automated security checks under proposals for a shake-up of EU border controls. Under plans to strengthen checks at European borders laid out by the European Commission, international travelers would also have their stay logged and monitored by an electronic system, which could become operational by 2015.

The system would alert authorities to persons overstaying the length of their visa. Biometric data would be submitted by travelers from outside the EU when applying for a visa, while those not needing a permit would be checked on arrival.

Automated border-control systems and guards would be able to check visitors' identities using the biometric data, with EU and trusted travelers from outside the EU able to speed up the process by using automated gates. The Commission is also investigating the possibility of requiring electronic authorization for outside travelers as an alternative to requiring a visa.

From 2009, all EU passports will feature a digital fingerprint and photograph and, from 2011, non-EU citizens who apply for a visa will have to give their biometric details. The measures would apply to the 24 nations within the EUs Schengen zone for passport-free travel. All EU states except Bulgaria, Cyprus, Ireland, Romania, and the U.K. are part of the border-free area, to which non-EU members Norway and Iceland also belong. The U.K. is believed to be studying whether to opt into the arrangements.

The Commission is also looking at creating a European border surveillance system to help prevent unauthorized border crossings, reduce the number of illegal immigrants dying at sea, and reduce cross-border crime within the EU. The Commission said the system would use state-of-the-art technology for border-surveillance purposes and focus first on the Mediterranean Sea, the Canary Islands, and the Black Sea before being widened to the "whole maritime domain" of the EU.

Data gathered for the system would be protected by security regulations and would be kept for no longer than five years.

Unified Communications is a Hot Issue 02/15/2008 -

Planning unified communications requires focusing on making communications more efficient, both within the company and with outsiders, but not everybody has to be doing everything, says Art Rosenberg, principal analyst for the Unified-View and an affiliate of UC Strategies. The first step is analysis of business processes. That information will lead to identification of pilot programs that target high-value applications and high-value end users. Once in the midst of tests and trials, Rosenberg advises, do not be fooled into thinking that any one vendor can provide every facet of what your company requires. Plan to work with vendors at the network, server and client

Implementing Comploance 02/11/2008 - Understanding the full scope and interdependency of risk in today's complex and distributed business environment is important for achieving compliance with governmental mandates and industry regulations. However, many companies have a limited perception of risk and still struggle making compliance an enterprise-wide, integrated process. Because of the complexity and sophistication of today's variety of security breeches, companies need a broader information assurance approach, a more holistic framework that addresses security, availability and compliance. - more

Microsoft Focus on Mobile Market Drives Yahoo Bid 02/05/2008 - Gaining a bigger share of mobile advertising is a big reason Microsoft Corp. is bidding $44.6 billion for Yahoo Inc., according to industry observers.

Mobile advertising is part of what Microsoft wants to get into, no doubt, said .an analyst at Gartner Inc. Leadership in mobile advertising is still unclaimed, while Google is threatening to do there what it did on the Internet, so Microsoft is being preemptive.

Yahoo touches so many customers and there is so much advertising potential in this deal, said .an independent analyst.

Although Microsoft is a big, strong company, it can still find it difficult to reach out to markets such as advertising, but Yahoo has an estimated 500 million global monthly users of Internet access, he said. It is the kind of world Microsoft loves.

Smart Phones May Make Symantec Obsolete 01/30/2008 -

The Symantec and McAfee approach of dumping a lot of different security products into big packages may become less effective as a new generation of specialized new devices such as smartphones, mostly find themselves in crackers' cross hairs. This new reality may lead to more acquisitions.

Symantec recently purchased Altiris and Vontu. There is nothing new about entrepreneurial firms in security (or elsewhere) being snapped up by bigger companies. Whether and how consolidation proceeds is entirely dependent on the nature of threats. That's why the first iPhone virus is important. In the short term, it will be possible for Apple to figure out a way to protect its hip new device. In the bigger picture, however, smart service providers and vendors no doubt took the iPhone firmware 1.1.3 prep hack as a big yellow flag and will far more seriously look for ways to protect smartphones.

Vista Service Pack 1 to be released within two weeks 01/27/2008 -

Microsoft has said the highly anticipated service pack will be out in the first quarter of this year, but some say it could be available in the next few weeks, more than a month before the quarter ends on March 31.

A Taiwanese news service yesterday reported that Vista SP1 will be released Feb. 15, but that date is as good as any other, said an analyst at Directions on Microsoft. For all we know, they could make it available tomorrow.

Microsoft, through its public relations agency, declined to comment on the Feb. 15 date beyond reiterating that the software will be available in the first quarter. Still, several sources who work closely with Microsoft said that a mid-February release is not unlikely and that they expect the software to be out before the end of March.

Open-source software has place but does not do everything 01/25/2008 - (Computerworld) -- Linux, Apache and other open-source applications have long been used to power Web and file servers. But when it comes to managing the data center, many companies have held back. Now, though, some users have turned into big believers that open source works here, too.

It is true that with open-source products, users generally forfeit the security of professional support teams to help resolve their problems quickly, says the chief technology officer at Sabre Holdings, a travel marketing and distribution technology company in Southlake, Texas. But in our environment, we almost always purchase support for our open-source products from high-quality vendors. This, of course, reduces some of the cost advantages of using open source, but the advantages are big enough that there is still plenty left over, and the security we get from a service contract lets us sleep better at night.

The company uses enterprise system buses (ESB) for message transformation, routing and other tasks. Sabre is implementing an open-source-based ESB within multiple systems including its Supplier Side Gateway product, which is used by all Sabre systems that need content from external sources. Other open-source software in use at Sabre includes Subversion and Concurrent Versions System (version control systems), Eclipse (a Java development environment), JUnit (unit test), Hibernate (object/relational mapping to abstract services from the underlying database calls) and Apache Ant, a Java-based tool.

Sabre started using open-source products about six years ago, as the quality and flexibility of open source began to increase, mainly because of the lower cost. But for them, it had to be low cost and high quality. Stability and high performance are the most important requirements.

What Impact Does Firmware Have on Your DRP 01/14/2008 -

Security is the Focus of IT in 2008 01/14/2008 -

Janco predicts that in 2008 we will see the first serious security exploit in corporate VoIP networks?

If things go badly then network security breakdowns can cast a pall on the upcoming presidential elections and the Olympic games?

Perhaps users Web 2.0 forays open the malware floodgates? Janco says security concerns will dominate the network landscape in 2008 whether we like it or not. But it will not be all gloom and doom. Faster wireless LANs are on the way, enterprise-class open source applications are multiplying, and Google is continuing to muscle its way into new markets -- raising the bar for competitors along the way.

Enterprise IT teams can expect in the new year. Two high-profile events -- the 2008 Olympics in China and the U.S. presidential elections -- will trigger a stream of exploits.  Both of these events will have sites that will attact many users and be a target for secutiy fraud.

Why Do Companies Change 12/30/2007 -

Companies change or update the way they do business for one of three reasons:

• They are leading their competition and want to continue to be in the front of their industry.
• They feel that their competition is about to overtake them and they do not want that to happen.
• They are behind their competition and need to change in order to survive and be profitable.

If they make changes for reasons other than those they should re-evaluate why and what they are doing.

Vista piracy rate is half that of XP 12/04/2007 -

Microsoft said Monday that it's seeing piracy rates for Windows Vista that are half those of Windows XP.

Now cynical me wanted to write this up as "even pirates prefer XP two to one over Vista," but that wouldn't be fair. In reality, the decline in piracy rates is largely due to the fact that Vista is much tougher to fake than XP.

"Piracy rates are lower because it's harder," Microsoft Vice President Mike Sievert said in an interview Monday.

There are a variety of reasons for that, including the fact that businesses no longer have volume license keys that can be used to activate an unlimited number of machines. Another is the fact that Vista machines that aren't properly activated pretty quickly become basically unusable once they enter "reduced functionality mode."

Does your enterprise have a succession plan in place for your CIO? 11/27/2007 -

What is the process that you have in place for succession planning for your CIO?

You must build an excellent succession plan or refine your current one using the practices.  Which include:

• Setting Corporate Succession Priorities  - Align your succession plan with corporate values and strategy. Your plan must support leadership development and mentoring programs, drive diversity goals, and strengthen rewards and recognition.
• Identifying Key Competencies  - Competency models for key positions are the backbone of any succession planning initiative. Your plan must identify and communicate key competencies and design tools to complement the enterprise's needs.
• Designing the Succession Plan - Document a detailed succession plan. Use methods to create a balanced succession planning design team which is detailed

Politicians Call for a National CTO 11/15/2007 -

Would a National Chief Technology Officer Help or Hurt IT in the US?

Speaking at a Town Hall meeting at the Google Mountain View, Calif., headquarters, Democratic presidential candidate Barack Obama said he would appoint a national chief technology officer to ensure that every government agency is meeting 21st century standards.

Obama talked about his plan to connect Americans through technology. Google invited the candidates to hear their views on some of the issues that affect their company as well as the technology industry in general. Obama was the seventh presidential hopeful to participate.

Other presidential candidates who have talked to Googlers are Republicans Ron Paul and John McCain and Democrats Hillary Rodham Clinton, Bill Richardson, John Edwards and Mike Gravel.

Dell Inc. also has invited the candidates to its campus.

What is the CIOs Role 11/08/2007 -

(CIO Insight) What is the essence of the CIOs role? It is an important question because the definition of the CIO is morphing and fracturing. Our surveys say fewer than half of CIOs report to CEOs while more report to CFOs. Does that mean the CIO role has been downgraded, or that Sarbanes-Oxley is changing the CFOs role? In our April 2007 CIO Role survey, three quarters of CIOs say helping set their companys strategy will be one of their most important responsibilities in the future, yet just one-third say their role is creating business strategy.

Defining the CIOs role has never been simple.

• The Cyclical CIO When a CEO believes the IT organization needs a shakeup, he or she hires a CIO who thrives on radical visions and changes. When the shakeup is over, out goes the visionary and in comes a chief information offier with a more operational bent. Repeat ad infinitum
• The Band-Aid CIO Sometimes job No. 1 is fixing what your predecessor broke. Couldn't deliver projects on time? Get a project manager. IT out of alignment? Put in someone with more business experience.
• The Rotational CIO Some companies believe potential CEOs need to be well rounded. The CIO job can be just a stop on the Grand Tour.
• The Multitasking CIO CIOs frequently run other functions besides IT, such as strategy, administration and e-commerce. What a mish-mash. Try making a Myers Briggs-style categorization scheme out of this and you'll wind up with scores of possible roles.

PCI Standard to be Expanded in 2008 11/05/2007 -

PCI Security Standards Council, which represents Visa, MasterCard, American Express and Discover, anticipates expanding requirements to cover wireless and web based transactions.  This standard could be defined in 2008 and many small merchants could be faced with compliance issues.  That will be a problem because many of the merchants do not comply with the PCI-DSS version 1.1 standard.

The Councils general manager was quoted in Network World say that the organization is devising new standards for how to design and evaluate any Web-facing business applications for credit-card processing as well as security rules for wireless. But a final decision is still pending, he said, since there is a growing resistance to new requirements for payment-card holders, many of whom are not yet achieving official compliance with the existing PCI standards yet.

Many Employees Violate Security Policies 11/02/2007 -

Security Violations Are Common Amoung Employees

(Computerworld)  As many as 35% of workers have knowingly violated their corporate IT policies at least once, according to results of a study released this week.

MARC Research polled 301 U.S. based workers in businesses with at least 100 employees about their corporate computer usage.

The Information Systems Audit and Control Association, a Rolling Meadows, Ill.-based professional association that represents some 65,000 IT professionals who are responsible for auditing computer systems, commissioned the study.

The survey also found that while 84% of respondents are comfortable with workplace computer security measures, 64% said their home computers are not adequately protected.

Despite warnings about security threats posed by peer-to-peer file-sharing systems, 15% of respondents admitted logging onto such networks from work computers. And 74% of respondents said they don't believe that downloading unauthorized content or software to work PCs is a business risk.

The survey also found that 73% of respondents are not worried about sending sensitive or confidential company information from work PCs to home systems via e-mail. Further, 68% said they regularly work on business documents that were sent from business systems to home PCs.

Congress Approves 7 year extension of Internet Tax Ban 10/30/2007 -

Internet to be Tax-Free for seven more years

(Bloomberg) -- The U.S. House of Representatives approved a bill to bar states from levying taxes on Internet access through 2014, clearing the way for President George W. Bush to sign the measure into law before an existing ban expires.

The unanimous House vote today resolved a dispute with the Senate, which last week called for the longest-ever Internet-tax ban by passing the seven-year moratorium. The House had voted Oct. 16 to prohibit the taxes for four years. The current ban ends Nov. 1, 2007

Since 1998, a federal law has prohibited cities and states from taxing most forms of Internet access, including cable-modem and digital subscriber-line service. The moratorium was last extended in 2004. Groups representing state and local officials had pushed for a four-year ban.

High-speed Internet providers AT&T Inc., Verizon Communications Inc. and Comcast Corp., as well as Web companies such as Google Inc., had sought a permanent ban. Still, they welcomed the seven-year renewal.

Top 10 CIO & CTO Management Concerns 10/23/2007 -

Top management concerns are:

• IT and business alignment
• Building business skills in IT
• Reducing the cost of doing business
• Improving IT quality.
• Security and privacy.
• Managing change.
• IT strategic planning.
• Making better use of information.
• Evolving CIO leadership role.

Most Technology Based Cities in the US Identified 10/22/2007 -

(Computerworld) -- The highest concentration of IT professionals in the U.S. is in Silicon Valley. But naming the No. 2 spot is not as easy, and the answer might surprise you.

The runner-up is not a well-known tech center like Boston or Seattle/Redmond; it is the Washington metro area.

Data for 2006 from the U.S. Census Bureaus annual American Community Survey (ACS), released just last month, reveal what could be called a metropolitan areas TQ (technology quotient) -- how techie a regions overall workforce is, based on the number of self-reported computer professionals.

Roughly 6% of the D.C. metro area workforce is made up of computer specialists, compared with 8.3% in Silicon Valley. The third-highest concentration of IT workers is in Raleigh/Cary, N.C., at 5.3% of the workforce, followed closely by Boulder, Colo., and Huntsville, Ala., each at 5.2%. The remainder of the top 10 technology worker areas is rounded out, in order, by Bloomington/Normal, Ill.; Trenton-Ewing, N.J.; Austin-Round Rock, Texas; Manchester-Nashua, N.H.; and Seattle-Tacoma-Bellevue, Wash.

Improving opportunities for innovation are the key to IT Infrastructure 10/17/2007 -

Are Your Policies & Procedures Stifling Innovation?

IT Infrastructure is the key to value added processes that aid in creating situations that encourage innovation and improved customer service.

Dealing with pressure can lead managers toward the temptation of taking complete control. However, implementing a strict set of policies and procedures across all customer-facing functions often stifles the one element that enables companies to break away from the pack and grow profitably and consistently  employee-driven innovation.

In many situations, an empowered, engaged employee is a more productive and profitable one. Customer relationship management solutions must enable these types of ad hoc, collaborative interactions to better serve customers, while also automating the process-driven, transactional interactions that serve the needs of the organization.

Infrastructure to support DRP is often neglected 10/13/2007 -

There is no way to predict when disaster may strike, but smart strategizing now can save time and money, if not your entire business when the time comes….

A comprehensive disaster plan starts with a thorough analysis of your I.T. needs and a cost analysis of each preparedness measure.

Experts agree that I.T. administrators, business users and executives must work together to set policy for company-wide crisis response and operational recovery.

Disasters are far less devastating when you have the right equipment, including uninterruptible power supply systems, off-site backup media and top-notch network hardware.

Performance Issues are Increasing with More WAN usage 10/13/2007 -

WAN traffic increases are driven by six factors that are beyond the CIOs control.  They are:

• Increased application traffic as more of the enterprises infrastructure and process are placed on the WAN and Internet.
• Increased non-work (recreational and personal) traffic as users integrate work environment with personal environment.
• Convergence of voice, video, and data networks with peak demand that impacts enterprise operations
• Implementation of user friendly web applications which have more demand on WAN resources.
• Distributed workforce and applications which are run over the WAN and Internet instead of a single IT silo location
• Concentration of servers in fewer locations  creates WAN and Internet bottlenecks
• Increased overhead for security and attacks on enterprise resources

WAN performance issues include:

• Bandwidth upgrades increase costs yet fail to permanently increase performance.
• Surges from recreational traffic cause urgent, interactive applications to struggle.
• Enthusiasm for VoIP (Voice over Internet Protocol) fades when callers routinely face stutter and static during peak network usage.
• Intranet applications at a main data center offer easy access but poor performance.
• Performance plummets whenever an employee syncs email at a branch office

Fees for PCI Compliance Testing Can Run to Over $500,000 10/01/2007 -

When businesses select a credit card processor, the first step is typically a basic security evaluation, carried out in tandem with business managers, to determine where the business might be deficient and fall short of compliance. Remediation to bring the organization up to PCI compliance involves a process, which if goes smoothly, could take a matter of a few weeks, though there is the possibility the company never makes it through.

PCI compliance often kicks off in earnest with a letter from the bank to the merchant. PCI is forcing organizations to go look in the nooks and crannies of legacy systems. The evolution of PCI is extending the compliance mandate into areas such as point of sale terminals, where new requirements may mean retiring older ones.

CIO Looking to Hire More Networking Specialists 09/27/2007 -

Networking skills are the name of the game this quarter, finds a new survey, as CIOs are scrambling to find IT pros able to make wireless tools work on enterprise networks.

Fourteen percent of CIOs said they'll be hiring and two percent of CIOs expected to be making job cuts in the fourth quarter of 2007, finds a survey issued Sept. 11 by Robert Half Technology, an IT recruiting firm. The net 12 percent hiring increase compares favorably with net increases of 15 percent projected in the third quarter of 2007. Nearly three-quarters (73 percent) of CIOs surveyed said that the technical set they were in the shortest supply of in their departments was Windows administration (for Server 2000/2003), while 70 percent of CIOs cited a shortage in network administration (Cisco Systems, Nortel) as being in shortest supply. Database management skills (Oracle, SQL Server, DB2) were cited by 60 percent of CIOs.

But it was networking that CIOs ranked the most in-demand job category, noted by 18 percent of respondents

Where are CTOs Going 09/24/2007 -

Rapid transformation marks CTOs careers and their impact on companies, according to a  CTO research survey of senior business and technology professionals. CTOs are in overdrive and are finally earning recognition as indispensable business visionaries. Their role in shaping business strategy marks a notable shift in responsibilities that's literally redefining what a CTO is and counters the critics who question the value of IT.

CTOs are increasingly being counted on to help business leaders make their companies more agile and customer-centric. Contributing to this trend is trust in technology and the Information Technology department to aggressively transform the business. Other critical factors include a CEO who gets it, a CTO with the well-rounded skills to be a trusted business leader, and a CTO who spends a good deal of time communicating with constituents.

Despite these very encouraging developments, the survey also showed that companies and their CTOs still continue to focus a fair amount of their attention on how to migrate away from maintenance IT and into innovation IT and how to find and retain top talent.

The average tenure of CTOs has become notoriously short. Often enterprises are caught in a vicious cycle, hiring each new CTO with the belief that his or
her strengths will somehow fix the problems caused by their predecessors weaknesses. Since no CTO is perfect, however, the cycle can run for many years, resulting in thrashing of priorities and untold missed opportunities. Technical savvy is still indispensable in any IT group, but in addition to the underlying technology, CTOs must understand how the computing services and products depend on each other and fit together. CTOs should also have extensive management experience and financial acumen. The CTO must truly understand the other business units in the enterprise, each with its own goals, metrics and end-customers. These are, after all, the CIOs direct customers.