Current News

Service-Oriented Architecture and IT Service Management Are Keys To Success in the Recovery 10/27/2009 -

SOA and ITSM drive success and productivity

One bad customer experience can cost you that customer for life. Hospitality, travel, retail, healthcare, and financial services are especially prone to losing customers who have a negative experience. It does not take much for a customer to decide that you and your company are not worth his time, effort, or money.

Customers like to feel loved, and they are turned off very quickly when they sense that you do not care about the pain they are feeling. Even if you cannot help them because the situation is beyond your control, acknowledge that you understand both the situation and their frustration.

 No customer wants the person serving her to be distracted or preoccupied. Ever go to the local mall and try to get help from a teenager focused more on texting her friends than helping you find what you’re looking for? On the other hand, being too focused can be a bad thing. Have you ever asked an innocent question out of curiosity and then found yourself stuck for an eternity while a customer support person hunts endlessly for an answer? This person is likely so focused on getting the answer that he does not realize that you really do not care that much about it and would rather not wait for an answer to an inessential question. Be sure your people understand the degree of focus required for the job.

Even if the employee has the right skill set and experience, his odds of being successful and remaining on the job are low if his core behaviors and tendencies do not line up with those needed for success in that particular role. This is especially true for customer-facing roles in which your frontline employees act as extensions of your brand and heavily influence the customer experience.  

Unused Servers Waste Engery and Critical IT Resources 10/20/2009 -

Millions of servers around the world are doing little more than wasting energy, according to a new study.

At least 15 percent of servers are not doing anything useful, said a majority (72 percent) of server managers polled by Kelton Research. In addition, 83 percent said they don't have an adequate grasp of server utilization, and 72 percent rely on CPU utilization as their measure of server efficiency.

The cost of unused servers is estimated at $24.7 billion a year, including the value of hardware, maintenance, management, energy and cooling for unused servers.

Specifically, the study concludes that an estimated 4.75 million servers worldwide are being run 24/7, managed and upgraded without being actively used on a daily basis. Assuming about $4,400 per server per year in operational costs (an IDC estimate), those unused servers cost $20.9 billion to run, plus consume another $3.8 billion in energy costs.

Reasons to block instant messaging 10/17/2009 -

In the workplace, instant messaging (IM)often replaces 

e-mail and phone calls for user-to-user or group conversations. This includes frequent exchanges of files, records and other data, plus regular back-and-forth texting between coworkers or collaborators busy getting their jobs done. Though much IM traffic involves pairs of users, it's neither difficult nor unusual for multiparty IM sessions to replace conference calls. Many IM security problems can expose organizations directly to serious security risks and potentially devastating legal liabilities or financial losses. Because most consumer-grade IM technology is not encrypted, that makes a good place to start exploring how and why this claim holds water. Many IM packages also lack strong proofs of user identity, perform neither file nor content screening on transmissions and directly expose users to malicious software and behavior.

Employment down for IT professionals according to IEEE-USA 10/11/2009 -

 The number of unemployed IT professionals, including  systems analysts, has reached 59,000 in the third quarter, up from 49,000 in the previous quarter.

In 2001, there were 745,000 software engineers. In 2002, that number had fallen to 715,000 but then started to increase until the third quarter of 2008, when it reached 1.078 million; software engineer employment now stands at 970,000.

In 2001, there were 734,000 computer scientists and systems analysts, compared to 745,000 in the most recent quarter -- the same number reported in 2005. The peak employment year in this category was 837,000 in 2008.

While the overall third-quarter unemployment rate for computer professionals rose from to 6% from 5.4% in the second quarter, the jobless rate declined for electrical engineers and software engineers, according to a new analysis of government labor data compiled by the IEEE-USA.

The organization of technical professionals said that the unemployment rate for electrical engineers fell in the third quarter from 8.6% to 7.3%, possibly with the help of increasing investments in smart grid technologies. Unemployment among software engineers in the third quarter also fell, to 4.7% from 5%.

The most recent employment data for software engineers is mixed, improving in some areas but declining overall.

While the overall third-quarter unemployment rate for computer professionals rose from to 6% from 5.4% in the second quarter, the jobless rate declined for electrical engineers and software engineers, according to a new analysis of government labor data compiled by the IEEE-USA.

The organization of technical professionals said that the unemployment rate for electrical engineers fell in the third quarter from 8.6% to 7.3%, possibly with the help of increasing investments in smart grid technologies. Unemployment among software engineers in the third quarter also fell, to 4.7% from 5%.

CIO and companies look towards virtualization solutions 10/05/2009 -

Virtualization management is increasingly more important as CIOs and companies look for every way possible to extract as much value as they can from their IT investments. For many, the answer is next generation tools that deliver proactive monitoring and predictive capacity analysis to enhance the most popular virtualization solutions and improve the odds of a fast return on investment (ROI).

CIOs are looking for virtualization management solutions that will immediately demonstrate its value by predicting your resource utilization trends and alerting you in advance of potential issues. In this process CIOs hope to:

• Discover the benefits and features of a self-contained virtualization analyzer that instantly deploys and begins solving your capacity planning and monitoring needs.
• Learn how better capacity planning enables users to increase virtual machine (VM) densities on existing hardware while maximizing performance of the virtual data center
• Find out how an effective virtualization analyzer can quickly identify capacity bottlenecks, find available capacity for new virtual machines (VMs), and increase VM densities with your existing hardware

Cost cutting continuing in many IT organizations 10/04/2009 -

No matter what the media says about the recession bottoming out, times are still tough for may IT organization -  hiring is down and budget cuts continue. Over 200 CIOs interviewed by Janco associates say, many IT projects are delayed or stopped, layoffs continue and next year's budget will be lower.

Most CIO's continue to look for ways to reduce costs.  Many no longer are willing to pay a premium for vendors to fix any problems in key software and hardware within four hours instead of a 24-hours. Sometimes things stay broken until IT staffers can figure out the fixes themselves.

Steps that CIOs are taking include:

• Reducing systems maintained on a 7/24 level - Instead of eliminating maintenance contracts, reduce the frequency of turnaround time -- from, say, four hours to 24 hours or even longer.
• Reducing weekend and late-night service levels.
• Reducing contracted fees paid to vendors -- many are more willing than in the past to wheel and deal, rather than lose a contract completely.
• Communicating with users that they can expect decreased maintenance, particularly with regard to timing and service levels.

However it is critical  to not impact core infrastructure systems or those that are customer centric.

What does Web 2.0 Promise 10/01/2009 -

Web 2.0  is the next step in the evolution of the computer industry caused by the move to the Internet as platform. While most focus on the implications of software development technologies used to create Web 2.0 applications, it is important to understand the attitude of empowerment of Web 2.0 software developers place a high priority on accomplishing the following objectives with Web 2.0 in order to attain the larger business goals:

• Graphical user interface (GUI) functionality, such as "drag and drop" enable applications with functionality on par and superior with applications built for traditional GUI-based operating systems such as Microsoft Windows.
• Richer content. Web 2.0 developers are fond of creating applications known as "Mashups." Mashups increase the usefulness of an application by combining content from multiple sources, but may include sources with questionable pedigrees.
• Performance. Improve the speed of applications, often by leveraging the client computing resources and reducing the frequency with which a Web application performs GET and POST calls to the Web server. This is accomplished by transferring application and business logic from a tightly controlled host environment to a client system, which can be more readily manipulated.
• Interactivity. Making the application more attractive, engaging, user friendly, and ultimately more productive for the user.

PCI-DSS is not working as designed 09/29/2009 -

PCI is not working as designed according to the survey of more than 500 U.S. and multinational IT security practitioners at companies with an average of $5.6 billion in annual revenue:

• 71% of respondents do not treat PCI as a strategic initiative, yet 79 percent have experienced a data breach involving the loss or theft of credit card information.
• 55% of respondents focus only on credit card data protection and do not attempt to secure sensitive information such as Social Security numbers, driver’s license numbers, bank account details and other data about people and families.
• 60% of respondents do not think they have sufficient resources to comply with PCI and bring about a necessary level of cardholder security.

Scam shows creativity of Internet thieves 09/19/2009 -

A security vendor has identified an online service offering to help anyone to hack into any Facebook account for $100. However, those who sign up for the service could find themselves becoming the victims instead.

Users of the service are required to first register with the site and then provide an ID of the Facebook account they want hacked. Users who enter the ID and click on a "Hack it" button are then presented with the username of the owner of the Facebook account. They then have the option to "Start Facebook hacking."

Those who follow the instructions are eventually told that the hack was successful and a password for the account was retrieved. In order to get the password, the user is then required to send $100 via Western Union to an individual in the Ukraine.

Threats CIOs and CSOs need to address 09/12/2009 -

CIOs and CSOs need to be aware of the threats that their enterprise networks and users face.  As threats change and attacks increase, it is necessary to develop and adapt new security measures.  Areas of threat and security exposure are:

• Operating systems vulnerabilities that can lead to massive Internet worms
• Client-side vulnerabilities, including vulnerabilities in browsers, in office software, in media players and in other desktop applications.  
• Users who are allowed by their employers to browse the Internet have become a source of major security risk for their organizations.
• Web application vulnerabilities in open-source as well as custom-built applications.
• Default configurations for many operating systems and services leave security gaps.
• Attackers are finding more creative ways to obtain sensitive data from organizations.

Big Brother gets bigger and bolder - Security at Risk 09/07/2009 -

Travelers arriving at U.S. borders may soon be confronted with their laptops, PDAs, and other digital devices being searched, copied and even held by customs agents -- all without need to show suspicion for cause.

Health related information technology - growth area 09/03/2009 -

The federal government's emphatic push into health-related information technologies is likely to generate a wave of new work for IT contractors.

The deployment of health IT systems - most notably electronic medical records that can be exchanged among patients, doctors, specialists and other health care providers - is high on President Barack Obama's priority list. He has contended that digitizing all health care records within five years will help the effort to revive the economy.

Indeed, the American Recovery and Reinvestment Act of 2009 allotted $19 billion in health IT investments. And any major health reform legislation that Congress passes this year is expected to add more funding for electronic medical records exchange, sources say.

The stimulus package contains funding for regional health IT extension centers, which assist health providers across the country to adopt or enhance EHRs.

Productivity metrics defined in HandiGuide 08/30/2009 -

Metrics are the key to managing productivity.  Today revenues are down and budgets have fallen along with them. Companies have frozen capital expenditures and the push is on to cut the costs of operations. In such an environment, companies look hard to create efficiencies wherever possible. For IT, this means intense pressure to do far more with existing resources.

So where’s the upside? For many companies, it comes in the form of an opportunity to consolidate IT operations. For years, companies have known that this can help eliminate duplication of effort, lower service costs, increase efficiency, and improve business agility by reducing complexity. But obstacles born of internal politics and IT domain turf battles have often stood in the way.

The stark reality of today’s economic conditions is helping many organizations break through this resistance and make the business case for consolidated IT operations. The fact is, consolidating IT operations should be seen as one of the best options available for organizations that need to quickly optimize costs and increase efficiency. What’s more, IT consolidation enables you to redeploy valuable IT resources to focus on strategic activities that help improve business performance. And because these initiatives leverage what you already have, projects to consolidate operations typically lack the uncertainty and risk of other IT projects. In the end, the business case is solid, the investment is minimal, and the ROI is rapid. You’ll be able to conserve resources to survive the recession today while setting yourself up to capitalize on new business opportunities as the economy recovers.

Netbook offerings expanding - 12 hour battary life 08/24/2009 -

Nokia has unveiled the Booklet 3G, a netbook with high-speed mobile broadband and Wi-Fi connectivity, and a GPS receiver, the company said on Monday.The Booklet 3G should run for up to 12 hours on one battery charge, Nokia said. It weighs 1.25 kilograms, has an aluminum chassis and is slightly more than 2 centimeters thin.

Detail specifications:

• 10 inch HD ready screen (1366 x 768 pixels), more than other 10 inch netbook models
• Atom CPU
• 12 hours battery life (manufacturer claim)
• 1.25 kilograms (2.75 lbs)
• 20 mm thickness
• 3G/HSDPA/WiFi, Bluetooth connectivity
• HDMI video out port
• SD card reader
• A-GPS - Comes with Ovi Maps preinstalled
• Windows operating system (maybe Windows 7 Starter as in the video above, but nothing sure)

The mobile broadband connection will be based on HSPA (High-Speed Packet Access), but Nokia doesn't want to elaborate on what speeds it will support.

Record mangement key to information goverance 08/20/2009 -

Effective record management and information governance provides a foundation for addressing the various challenges faced with electronic information, including:

• Management of information growth. Proactively monitoring and managing what content is being stored based on business value and record keeping obligations;
• Mitigation of risk. Reducing risk and ensuring conformance with different regulatory, legal and business policies; and
• Management of access to content. Driving competitive advantage and improving business operations through both access control and better re-use of information. Policy is at the heart of each of these challenges and key to an information governance strategy.
• Information governance is most effective when policies can be carried forward consistently with enabling technologies. Foundational technologies at the core of a good information governance strategy include classification, security and access control, retention policy management, search, archiving and content management.

Escalation and Incident Management Defined by Janco 08/14/2009 -

 Escalation is often mentioned when dealing with Incident and Problem Management processes. The ITIL Incident Management process talks about Hierarchical and Functional escalations but did not call out "Escalation Management" as a separate and important ITIL process within Service Operation.

The criteria to trigger an escalation depend on the organization or service provider. However, it should be well defined and the Internet and IT Infrastructure Temple does just that as it defines the processes that are necessary for that to take place efficiently and effectively.

The process could consist of the following activities:

• Initiate an Escalation, based on meeting specific escalation criteria
• Assign an Escalation manager for the escalation
• Log the Escalation and link the Escalation record to related Incident or Problem records
• Escalation manager assigns or appoints the escalation team. The escalation team should include the Incident owner, Problem owner, and other subject matter experts, as required
• Identify appropriate Service Provider and Customer management contacts
• Conduct a detailed situation appraisal and review, led by the Escalation manager
• An escalation management action plan, including additional resources needed, is developed in conjunction with the Customer. The escalation management plan is to be executed in parallel with the detailed technical action plan (as per Incident/Problem Management)
• The escalation management action plan is reviewed and adjusted as required
• A Hierarchical Escalation (as per Incident Management process) is initiated, if appropriate. Senior management and executives are alerted.
• Escalation team works to resolve the problem. At each stage, records are updated and management contacts and team are informed of the progress and escalation plan reviewed and adjusted as required.
• Once resolved to the Customer’s satisfaction, the situation is monitored for an agreed period
• The escalation team remains on standby and available in case the problem recurs during the monitoring period
• Once the monitoring period is successfully completed, the escalation is closed by the Escalation manager, after seeking agreement with the Customer
• Once the escalation is closed, a post escalation review is conducted and input provided to the Problem Management process. This can be done in conjunction with a post solution review as part of the Problem Management process.

Are Tablet Computers a Wave of the Future 08/05/2009 -

Tablet computers--elegant slates that you operate with a touch screen--are attractive if you're a sci-fi fan. There's something functionally beautiful about a computer that's all screen and nothing else, and where your interaction is directly through that screen, not an intermediary like a keyboard or mouse. And the concept works great on smartphones.

But what you can do with a screen-only computer gets really limited when you expand the device beyond pocket size. There are two big limitations. First, you need a keyboard for doing real work. At least most people do. Perhaps a generation of kids will grow up that are as speedy on a virtual keyboard as they are on a real one, but until then anyone who does more than write quick e-mails and Twitter messages on a computer will want to take a keyboard with them. And typing on the screen, even if you can do it, is an ergo disaster. Either you have to keep your hands up in the air (if the computer is mounted vertically in front of you) or you have to hunch over your screen to see it. Maybe it's the national chiropractors association that's pushing this form factor.

Steps CIO can take to improve security 07/28/2009 -

Five Steps CIOs can use to find solutions that help address their enterprises' security requirements

• Evaluate the service-level agreement associated with the solution
• Evaluate the infrastructure costs of the solution
• Understand your integration and conversion requirements
• Check references to validate solution claims
• Understand support requirements

CIOs face pressure due to email and Web security effectively to handle traffic generated by spam.  For instance, if a company builds its network to support 15 million inbound email messages per day and 14 million are purely junk.

Janco advices companies have a multilayered approach to security given the facts that 711,912 new malware threats were reported in 2007, which translates into 1,950 new malware attacks each day.

Typically, IT teams must physically build out their networks to handle corporate growth. And as the network expands, so does the need for IT staff to manage it. For many enterprises security revolves around building and managing either hardware and software or appliances. IT teams must spend a majority of their time focusing on licensing, updates, performance and availability for a host of security systems strewn about the enterprise. They also struggle with implementation and setup costs, as well as compatibility issues. This leaves little time for managing what iss most important - the business processes that mitigate risk.

Security Service Level Agreements traditionally guarantee a higher level of performance, availability, uptime and security than IT teams would be able to deliver in-house. And there are penalties to collect on if the provider fails to meet this agreement. Most SLAs offer a way for companies to access reports that feature details on threat mitigation, throughput and response-time performance, as well as other metrics.

US House Takes Aim At Domestic Outsourcing 07/20/2009 -

The House has passed an appropriations bill that would require civilian agencies to take an inventory their services contracts.

The $24.1 billion fiscal 2010 Financial Services and General Government Appropriations Act (H.R. 3170) passed 219 to 208 on July 16.

The legislation would have agencies create an annual inventory of services they’ve outsourced to the private sector and review whether to return the work to government employees.

The new provision copies what the fiscal 2008 National Defense Authorization Act wanted from the Defense Department. However, the department has yet to submit its inventory to Congress even two years later.

New York City Wastes Taxpayer Dollars on Manual and Electric Typewriters 07/16/2009 -

Government agencies continue to find ways to spend taxpayer dollars and not look towards using technology a productivity tool.

The New York Post reported that despite the adoption of high-tech equipment that can read license plates from the air and detect radiological events before they happen, manual and electric typewriters continue to be used throughout the NYPD - and they will not be phased out anytime soon.

In 2008, the city signed a $982,269 contract with New Jersey-based company for the purchase of thousands of new manual and electric typewriters over the next three years - some of which retail for as much as $649 apiece.

In June, the New York city signed a $99,570 deal with company in Manhattan for the maintenance of its existing Brother, Panasonic and IBM Selectric typewriters.

Apparently, even though most of the NYPD's arrest-report forms have been computerized, officers still use typewriters to fill out property and evidence vouchers that are printed on carbon-paper forms.

People Continue to Open Spam 07/15/2009 -

The Messaging Anti-Abuse Working Group (MAAWG) (an industry wide security think tank composed of service providers and network operators dedicated to fighting spam and malicious software) report about one in six consumers have at some time acted on a spam message. This confirms there is an economic incentive for spammers to keep churning out millions of spam pitches per day. The computer science departments of the University of California at its Berkeley and San Diego campuses, showed the number people who actually made a purchase following a spam pitch was just a fraction of a percent.

And some 80% of people felt their machine would never be infected with a bot (a piece of malicious software that can send spam, harvest data and do other harmful functions).

Five Steps to Detect and Prevent Security Breaches 07/12/2009 -

How do you defend against system attacks and security breaches?  Janco Associates has defined a set of steps that enterprises of all sizes can follow to help to achieve a safe and secure computing environment.  The steps that CIOs and CSOs should follow are:

1.       Access the network and computing environment - Have an inventory of all devices, accesses points, security protocols, encryption levels, programs, and users.  This inventory should have limited distribution and should be reviewed and updated frequently (at least quarterly).

2.       Conduct in-depth system and network security audits -Test and validate that only the authorized items are running on the systems and network.  Create and review in-depth logs files to monitor compliance to security protocols, violation alerts, and actions taken.

3.       Establish network access rules that allow on valid access - Close all un-used ports on routers and disable all unused user ids and passwords.  Implement a "two-factor" authentication and encryption process for all sessions.  Require all users to use "two-factor" authentication.  On the third authentication violation within a specified period, disable the device, port, or user from the system and network.

4.       Mechanize and retain detail logs - Record everything possible including dates with full timestamps and implement firewalls that minimize inbound attacks.  Review these logs in detail daily and report at least weekly to the CIO or CSO the types of issues that occur.

5.       Assume someone is attacking you now  - Use the logs in a comparative way to see differences between prior periods and the current period to identify how someone could be getting into the system and network.  Have outside third parties try to break in - see if you can identify and block them.

Security Procedures vs Cyber Attacks 07/08/2009 -

Cyber attacks target the computer or telecoms networks of critical infrastructures, such as power systems, traffic control systems or financial systems. What many have assumed is the worst thing you can do is shut things down. That is not necessarily the case. Many times the worst thing you can do, for example, is open a valve -- have bad things spew out of a valve.

Internet Misuse Concerns CIOs 06/30/2009 -

When employees and enterprise associates misuse the Internet there are ramifications for and to your enterprise:

• Higher operating expenses and reduced productivity
• Exposure to security problems such as malware
• Exposure to legal risks due to inappropriate material  
• Wasted bandwidth to support the misuse
• Unlicensed software when users download and install software from the internet
• Reputation risk from social networking which can create opportunities for employees to leak confidential information or spread damaging rumors online

Expenditures Closely Watched by CIOs and CFOs 06/18/2009 -

In today's economy, all purchases are carefully scrutinized to ensure that each new piece of hardware and software can produce a rapid return on investment (ROI). However, even attractive and accelerated paybacks are not enough to justify additional expenditures as cautious CIOs and CFOs must continue to slow their technology spending in order to ensure weathering the current economic conditions.

According to an annual survey of top CIOs from multinational Fortune 1000 companies conducted by Goldman Sachs & Co., networking equipment emerged as one of the greatest potential areas for cost reductions in 2009. The CIOs surveyed also indicated an intensified focus on projects involving total cost of ownership (TCO) reductions, such as server virtualization and server consolidation. Faced with severe budget constraints, many CIOs also are delaying product upgrades and technology refreshes, despite the fact that OEMs continue to release next-generation products in increasingly rapid-fire succession.

As a result, increasing numbers of corporations are embracing asset recovery strategies as part of their recession survival tactics. Corporate network budgets, in particular, can be willing recipients of a welcome boost from asset recovery since high-end routers and switches retain more value than many other types of hardware. The keys to maximizing the value of surplus technology in a down economy are determined by how, when and where to offload unwanted gear as well as identifying the partner that can offer top dollar for extraneous equipment along with unparalleled responsiveness and superior customer attention.