News about Oracle's Solaris and Sun Hardware
System News
Feb 25th, 2013 — Mar 3rd, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 180, Issue 4 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section

Database Isolation in the Private and Public Cloud
Oracle RAC in Solaris 11 Zones Generally Does the Job; Use Encapsulation when Security Issues Demand It
The isolation of natively consolidated databases, whether private or public, on a a single shared Oracle Grid Infrastructure can generally be accommodated by the provisions built in to Oracle Database, B.R. Clouse posts, citing "Best Practices for Database Consolidation in Private Clouds" for details. Database clouds hosting databases with security or compliance considerations can be isolated through the encapsulation techniques, either logical or physical, provided by Oracle Database 11g R2 RAC in Solaris 11 Zones. A second white paper, "Encapsulating Oracle Databases with Oracle Solaris 11 Zones," explains this capability. Clouse also recommends the white paper "The Oracle Optimized Solution for Enterprise Database Cloud."
Performance Tuning an Exalogic System
Surveying What's Built in and What Users can Do for Themselves
Rick Ramsey addresses both the built-in Exalogic optimizations and the DIY types. The built-ins come in two forms: generic optimizations, designed to integrate Infiniband networking seamlessly into all the hardware, software, and firmware distributed throughout the system, and optimizations to run-time components that have been engineered directly into Oracle WebLogic Server (WLS), Coherence, and Tuxedo.

The DIY optimizations, as outlined by Ramsey and drawn by him from the Exalogic: Administration Tasks and Tools white paper, include tunings to middleware, platform, infrastructure, middleware runtime environment, and tuning the applications themselves. Ramsey comments briefly on each of these, noting instances when "enough is enough."

Videos and Presentation Slide Decks from the IOUG 2013 Exadata Virtual Conference
Of Interest to Oracle DBAs Familiar with RAC, 11gR2, ASM and to Database Machine Administrators

A number of videos and presentation slide decks from the Independent Oracle Users Group's recent 2013 Exadata Virtual Conference are now available online. Javier Puerta reports that topics include:

  • Exadata for Oracle DBAs
  • Lessons Learned: A DoD Exadata Migration
  • Exadata Software Maintenance
  • Demystifying Exadata I/O Resource Management (IORM)
  • Exadata in EBS Techniques for POV to Production and Beyond!
  • Exadata Database Machine IOUG – Exadata SIG Update
  • Exadata Evolution from V1 to X3 with Deep Dive into the features
  • MAA Architecture and Operational Best Practices for Oracle Exadata
Two Update Downloads for Oracle VM 3.2
Include Bug Fixes; SPARC Agent Update Not Yet Available
The latest Oracle VM 3.2 update is available on My Oracle Support, Honglin Su posts. The patch updates, Oracle VM Manager 3.2.2 and Oracle VM Server for x86 3.2.2, include all the cumulative bug fixes that have been integrated since 3.2.1 release. Oracle VM Server 3.2.2 build 520 has been validated with Oracle VM Manager 3.2.2 build 520. There's no SPARC Agent update at this time, Su notes. The post provides links to both upgrades as well as to installation instructions. In addition, a list of notable bug fixes is also part of the post.
White Paper: Implementing Root Domains with Oracle VM Server for SPARC
Introduces Root Domain Model as One of Several Architectures Supported by Oracle VM Server for SPARC
"Implementing Root Domains with Oracle VM Server for SPARC," a new Oracle white paper by Mikel Manitius, Michael Ramchand, and Jeff Savit, describes how to use Oracle VM Server for SPARC root domains (domains that are assigned a PCIe bus) along with Solaris zones for maximum performance and a high degree of flexibility. This combination can be used to provide bare-metal performance and eliminate dependencies between domains, and can be a useful alternative to deployments based on service domains and virtual I/O, co-author Savit posts. The paper introduces the root domain model as one of several architectures Oracle VM Server for SPARC product supports.
IT - Storage
Using Network Caching to Solve VDI Storage Problems
Storage Switzerland February 26, 2013
"Virtual Desktop Infrastructure projects will be common undertakings for many IT departments this year. The goal is to reduce operational expenses by enabling the IT staff to work with a centralized desktop asset. The number one priority is to gain user acceptance which means delivering performance that is equivalent to physical desktop platforms. The biggest obstacle towards achieving desktop like performance, however, is the I/O bottleneck within the storage infrastructure..."
Test your SSDs or risk massive data loss, researchers warn
InfoWorld March 1, 2013
"New study finds 13 of 15 flash-based solid-state drives suffer data loss or worse when they lose power...

Companies adopting flash-based SSDs as a cornerstone to the data center storage systems are risking 'massive data loss' due to power outages, according to a new study titled 'Understanding the Robustness of SSDs Under Power Fault' by researchers from the University of Ohio and HP Labs.

In exposing 15 SSDs from five different vendors to power loss, researchers found that 13 suffered such failures as bit corruption, metadata corruption, and total device failure..."

IT - Technology
Happy Birthday, LP: Can You Believe It's Only 65?
The Register February 22, 2013
"This storage medium progressed from spinning disk to flash and then entered the cloud... Sound familiar? It's the long-playing music album and this year marks the sixty-fifth anniversary of its inception.

The 33 1/3rpm vinyl long-playing record was devised in 1948 by Columbia Records and was an upgrade on the prior 78rpm 12-inch shellac records - which were noisy, read by a needle tracing the surface of a spiral grooved track, and only played music for about five minutes..."

Hot or Not: 10 Tech Trends for 2013
ITWorld February 21, 2013
"Some technologies are poised to break out in 2013; others are doomed to whither away and die, while the rest won't fully arrive for some time to come. Join us on a whirlwind tour of 10 technology trends for the coming year, and find out which are hot and which are not..."

  • HOT: Fly-by spies
  • NOT: Ultra HD screens
  • HOT: The body computer
  • NOT: Ultrabooks
  • HOT: Smarter Web pages
  • NOT: QR codes
  • HOT: Friction-free commerce
  • NOT: Windows RT tablets
  • HOT: Internet-enabled everything
  • NOT: Phablets

Read on for details.

Myth Busters Department: 'A Solaris tmpfs Uses Real Memory'
Alan Hargreaves Demonstrates the Truth of His Assertion

Whatever you may have heard, Alan Hargreaves establishes that a Solaris tmpfs uses real memory. This is because, he asserts, a tmpfs uses pageable kernel memory although, if necessary, these pages can be paged to the swap device: a guaranteed result if you put more data onto a tmpfs than you have physical memory. For the skeptics, Hargreaves provides a three-step test that demonstrates what happens in free memory when a user creates a 1GB file in /tmp. Whatever one may have thought, he concludes, tmpfs does not steal some of the disk allocated as swap to use as a filesystem without impacting memory.

Since You Asked... A Couple of Oracle Solaris Resources
IBM AIX to Solaris Migration and Oracle Solaris on Oracle x86 Systems
Larry Wake recommends two Oracle Solaris Resources: "IBM AIX to Oracle Solaris Technology Mapping Guide" and "Oracle's x86 Systems: The Best x86 Platforms for Oracle Solaris." The first title is a 55-page technical white paper identifying and comparing the differences between AIX 7.1 and Oracle Solaris 11. The second was the featured topic on the February 26th webcast on Oracle Solaris on Oracle's x86 systems, which mentioned the bidirectional connection between Oracle Solaris and x86 systems' service processors, and the accompanying white paper mentioned above covers the Oracle Solaris-Aware Service Processor, and other details as well. The webcast itself is now available for replay.
Locks and Killing Sessions in Oracle SQL Developer
The Answer to 'Who's Got My App Tied Up?'
Under the formidable title "Locks and Killing Sessions in Oracle SQL Developer" Jeff Smith instructs readers of his blog in how to 1) identify the activity that causes the Windows "busy" hourglass cursor to linger on their monitor screens and 2) how to "kill" the offending session. He starts on the Tools tab and selects Monitor Sessions, whose context menu allows users to initiate a trace and execute a kill. Under the Database Administration and Locks category, Smith leads readers to the Blocking Locks by User report and, from there, to the trigger pull "Kill Session." BANG! The app is all yours.
Replication Performance Improvements in MySQL 5.6
Reduces Risk of Losing Data When Master Fails and Improves Read Consistency from Slaves
The replication performance of MySQL 5.6 has been improved in a number of ways, Mat Keep blogs. Using MySQL replication to scale out a database across commodity nodes and as a foundation for High Availability (HA) will demonstrate performance improvements resulting from a combination of Binary Log Group Commit, multi-threaded slaves, and Optimized Row-Based Replication. Furthermore, Keep continues, higher replication performance directly translates to reduced risk of losing data in the event of a failure on the master; improved read consistency from slaves; and resource-efficient binlogs traversing the replication cluster. These improvements allow developers and DBAs to get ahead of performance demands, Keep concludes.
Cloud Computing
Oracle Announces Latest Release of Oracle RightNow Cloud Service
Offers Rapid Response to Complex Customer Issues

Oracle has released Oracle RightNow Cloud Service, which includes new capabilities to help organizations automate the management and deployment of the complex business policies required to support customers. The February 2013 release of Oracle RightNow Cloud Service is the only cross-channel cloud service and support solution on the market that offers this level of rapid delivery and easy maintenance of highly complex business policies. Oracle RightNow Policy Automation empowers an organization’s policy experts to manage policies and updates efficiently, and to deliver answers to customer questions effectively over the web, avoiding higher cost escalations.

IT - Cloud
Hybrid Cloud Computing Faces Multiple Challenges
CIO Insight February 22, 2013
"Many IT groups will need to upgrade their infrastructure before they can realize the true advantages of dynamic hybrid cloud computing environments...

Most existing examples of hybrid cloud computing are not all that complicated. They generally involve integrating a CRM application, such as running in the cloud, with, say, an ERP application from Oracle or SAP running on-premise..."

5 Reasons IT Should Choose a Hosted UC Solution
Network World February 26, 2013
"Last week, I posted a blog that highlighted the top business reasons a company should consider a hosted UC solution. While these are important, there are also a number of benefits that are specific to the IT department. These reasons may fly under the radar of the C-level executives or line-of-business managers, but they are significant to the IT organizations..."

  • Centralized management and administration
  • Rapid expansion of services to remote location
  • Enablement of BYOD
  • Efficient use of budget
  • Application diversity

Read on for details.

Chances Are 'Private Cloud' Is No Cloud At All
FierceCIO February 27, 2013
"Cloud computing is shrouded in a big haze of ill-defined terms, but 'private cloud' may be one of the most misused. To be a cloud, a computing platform must be a lot more than a data center with a highly efficient virtualized environment, a web portal and the ability to scale up and down dynamically, reports Brandon Butler at Network World.

As many as 70 percent of the 'private clouds' out there don't technically qualify as clouds, according to a study by Forrester Research..."

How to Survive Inevitable Cloud Failures
PCWorld February 28, 2013
"Few people are as thoroughly engulfed in the mishmash of online-only services collectively dubbed "the cloud" as I am. Being a modern, always-mobile technology writer, I've arranged my workflow to be completely independent of my physical location. I need the ability to plop down in front of any computer in the world, and suffer from minimal disruption.

Most of my work is stored in SkyDrive. I coordinate story assignments with coworkers using Google Docs, and live the rest of my life in Gmail, Evernote, HipChat, and Pixlr. Heck, I even subscribe to Slacker Radio and numerous video streaming services so that a world of entertainment is always just a URL away—complete with synchronized playlists and instant queues. (Yep, I'm a cord cutter.)

Now that the disclaimers are out of the way, let's turn to the nasty. Several incidents during the past week drove home a bleak realization: Yes, the cloud is flexible and powerful and paradigm-shattering—but you just can't rely on it completely..."

The 9 Most Dangerous Cloud Security Threats
CRN February 25, 2013
"The Cloud Security Alliance, a nonprofit industry group that promotes best practices for cloud security, recently updated its list of top threats to cloud computing in a report, 'The Notorious Nine: Cloud Computing Top Threats in 2013.' The report, according to the CSA, reflects expert consensus about the most significant threats to cloud security and focuses on threats that are specifically related to the shared, on-demand nature of cloud computing..."

  • Data Breaches
  • Data Loss
  • Account Or Service Hijacking
  • Insecure Interfaces And APIs
  • Denial Of Service
  • Malicious Insiders
  • Abuse Of Cloud Services
  • Insufficient Due Diligence
  • Shared Technology Vulnerabilities

Read on for details.

The Enterprise's Problem in the Cloud: Employees
CIO Insight February 26, 2013
"No matter where a CIO turns, he or she is inundated with discussions about cloud computing, its value to employees, and whether it will be the major change agent in the enterprise that so many people say it will. The cloud is not just a theoretical concern for most CIOs; it's arguably the biggest concern he or she faces on a daily basis. And determining the proper reliance upon the cloud is something that CIOs must wrestle with..."
IT - CxO
CIOs Need to 'Unlearn' Before They Can Innovate
CIO February 26, 2013
"It's time to dive into realms where you don't have all the answers, says Chris Curran of PwC. Ditch outmoded ways of thinking, ask business managers and employees what they need to innovate, and find out what customers want before they even know..."
    4 IT Leadership Failures That Make Employees Leave
    InformationWeek February 25, 2013
    "A few weeks ago, in 'How To Scare Off Your Best IT People,' I noted that with the job market heating up, organizations must fix the disconnect between what they say ("Employees are our most important asset!") and what they do. Readers and colleagues weighed in that the problem goes well beyond poor communications. Too many of our leaders fall down in the following areas..."

    • They're Inconsistent
    • They're Not Accountable
    • They're Inauthentic
    • They're Not Candid

    Read on for details.

      IT Services Spending Power Shifts Away From IT Leaders
      CIO March 1, 2013
      "The balance of power in IT spending has always existed, but current economic uncertainty has hastened a growing shift of influence away from enterprise IT towards other business stakeholders. How will enterprise IT address this shift in IT services influence?

      More than 40 percent of companies expect that their CFOs will have more influence over IT services spending over the next 12 months--a five percent increase over the previous year's data, according to new survey results from Forrester Research..."

      How To Improve The IT Decision-Making Process
      InformationWeek February 28, 2013
      "How many times do we prioritize our IT projects and services based on "objective" scores while all the numbers are well within one standard deviation of one another? How many IT decisions should get an F because, behind the numbers, there's an unknown degree of uncertainty?

      All IT decisions should be based on forecasts. We try to predict the immediate and future impact of our decisions, such as picking a product, choosing a vendor, funding a project or launching a new IT service. Forecasting is nothing but the collection of information and the improvement of the signal/noise ratio until we find the option with the best probable outcome..."

        Federal CIOs Need Authority to Improve IT Efficiency
        CIO February 28, 2013
        "The backers of a draft bill that would dramatically overhaul the federal government's roughly $80 billion IT operations and vest agency CIOs with new authorities are planning to introduce formal legislation later this month, with a committee markup process to begin later in the year..."
          The MDM Metrics That Matter
          HealthData Management February 11, 2013
          "Recently had a client ask about MDM measurement for their customer master. In many cases, the discussions I have about measurement is how to show that MDM has 'solved world hunger' for the organization.

          In fact, a lot of the research and content out there focused on just that. Great to create a business case for investment. Not so good in helping with the daily management of master data and data governance..."

          Is Senior Management Calling for More Transparency?
          CIO February 28, 2013
          "I tend to find myself in discussions with CFOs fairly often, and I never miss the opportunity to ask them a question: If you could wave a magic wand and change one thing about your CIO, what would it be?

          The answer they typically give me? 'I wish my CIO would provide more information about what we're spending our money on. I wish I knew why we were prioritizing this project over that project. I wish I had more visibility into the IT organization.'..."

          There Are Reasons Oracle WebLogic Server 12c Has 43% Market Share
          Performance Improvements Inherent in New Release Boost Adoptions
          The new features in Oracle WebLogic Server 12c, which contribute to its 43% market share, result in lower cost of operations, improved performance, enhanced scalability, support for the Oracle Applications portfolio, and improved developer productivity, Juergen Kress posts. He draws reader attention to a number of training aids, which include:
          • "Benefits, Strategies, and Best Practices for upgrading to Oracle WebLogic Server"
          • "Java Management Extensions with Oracle WebLogic Server 12c"
          • "Oracle Learning Library Self-study Tutorials"
          IT - DR
          How Virtualization & the Cloud Help Disaster Recovery
          Business 2 Community February 22, 2013
          "Most modern data centers that are dealing with an ever-increasing number of business-critical applications and information must face the possibility that digital and physical events may lead to the destruction of important data and the loss of productivity. This threat could come from natural disasters, malicious software, or even complications that arise from the sheer amount of data and trying to keep up with the shift between the devices that are used to access the servers.

          Many companies have become dependent on constant and consistent uptime as well as easy access to data center information. When a disaster occurs, any interruption in the status quo can lead to major problems for everyone involved. This is why a strong disaster recovery plan is so important, and why many companies and data centers are turning to virtualization and the cloud to build a solid DR platform..."

          IT - Networks
          Exploring the SDN WAN Use Case
          Network World February 25, 2013
          "While deploying SDN technology to improve data center operations gets a lot of attention, utilizing SDN to improve the quality of service in the private wide area network (WAN) is an application that can bring significant benefits to an organization. By providing lower cost and easy to deploy software solutions, SDN will expand the use of WAN optimization by enabling adoption by a wide range of large, midsize and small businesses..."
            What IT Can Learn From the European Horse Meat Scandal
            Computerworld February 26, 2013
            "As a lot of you probably know, Europe is in the midst of a horse meat scandal at the moment. The main issue is that meat products labelled as beef have been found to contain large quantities of horse meat. So, what can IT possibly learn from this? ..."
              Sandia Lab lays claim to world.s largest fiber optic local area network
              Network World February 28, 2013
              "Sandia National Laboratories said today it has completed over 90% of what it calls the largest fiber optical local area network in the world.

              According to Sandia the lab began looking at fiber optics because of its promise of higher bandwidth - greater communication speed - at longer distances. The lab started converting from copper in the 1980s, first installing fiber optics in a single building and bumping that facility to megabit speeds. 'Today we're way past that. We're at 10 gigabit-type rates and looking hard at 100,' said Steve Gossage, a senior engineer at Sandia National Laboratories in a statement..."

                IT - Security
                Phishing Concerns Cause Double Trouble
                Computerworld February 25, 2013
                "Episode 1: Last week the administrators of 7,000 university websites were being called upon to change their .edu domain account passwords after a server security breach. Trouble was that the breach had been reported to the admins by Educause -- the non-profit higher-education IT group that runs .edu -- via an email that some recipients complained bore the familiar markings of a phishing attempt.

                The notification was legit ... but so were the phishing concerns..."

                14 Dirty IT Tricks, Security Pros Edition
                InfoWorld February 25, 2013
                "The IT security world is full of charlatans and wannabes. And all of us have been "advised" by at least one of them. All you want in an IT security consultant is expertise, unbiased advice, and experienced recommendations at a reasonable price. But with some, you get much more than you bargained for ...'

                • Feigning practical experience
                • Proposing one solution for all
                • Knowledge bluffing
                • Full-court sales press
                • Eye candy
                • Recommending tiny solutions to specific problems for big money
                • Travel bribes
                • "One last thing"
                • Ignoring your deadline
                • Promoting product -- and getting kickbacks
                • Knowingly recommending products that will be discontinued
                • Saying one thing, signing another
                • Shortchanging accountability
                • Consultants who make big changes before leaving

                Read on for details.

                DHS Cybersecurity Official Says Industry Falling Behind Attackers
                CRN February 25, 2013
                "The security industry needs to create innovative new ways to address antiquated security systems that are being constantly attacked and defeated by cybercriminals, according to an official at the Department of Homeland Security overseeing cybersecurity.

                Speaking to hundreds of security professionals at the Cloud Security Alliance Summit, Mark Weatherford, who is Deputy Under Secretary for Cybersecurity for the National Protection and Programs Directorate (NPPD), said the nation faces serious consequences if outdated systems aren't addressed. The NPPD oversees physical and cybersecurity of federal agencies and coordination of critical infrastructure protection..."

                Don't Blame China for Security Hacks, Blame Yourself
                InformationWeek February 25, 2013
                "The Chinese are coming! The Chinese are coming!

                Thanks to headlines splashed over every major newspaper in recent weeks, you'd be hard-pressed to miss the news that digital forensic investigation firm Mandiant has blamed People's Liberation Army (PLA) Unit 61398, a Chinese military cyber operations group, for launching advanced persistent threat (APT) attacks against over 140 businesses and government organizations since 2006..."

                  5 Lessons from The FBI Insider Threat Program
                  Dark Reading March 1, 2013
                  "Insider threats may not have garnered the same sexy headlines that APTs did at this year's RSA Conference. But two presenters with the Federal Bureau of Investigation (FBI) swung the spotlight back onto insiders during a session this week that offered enterprise security practitioners some lessons learned at the agency after more than a decade of fine-tuning its efforts to sniff out malicious insiders following the fallout from the disastrous Robert Hanssen espionage case..."
                  Four Tips for Getting the Most Out Of Your SIEM
                  Network World February 22, 2013
                  "Anyone who has ever had to implement a Security Information and Event Management (SIEM) solution can attest that it takes concerted effort to get the best value from the solution. SIEMs are pretty complex products, as they are designed to take log and event data from various devices, apply rules to correlate the information in real-time, and then alert security professionals when significant events are discovered..."
                  Move Over, APTs -- The RAM-Based Advanced Volatile Threat Is Spinning Up Fast
                  Dark Reading February 22, 2013
                  "By attacking random access memory, AVT creators make their exploits less persistent -- and harder to detect

                  For security pros, the advanced persistent threat (APT) has become a term as everyday as virus or Trojan horse. But as defenders become increasingly wise to the APT, experts say, attackers are now trying a new approach: the advanced volatile threat (AVT).

                  An AVT is an attack on random access memory (RAM), rather than stored data or applications, according to John Prisco, CEO of Triumfant, a security vendor that has been studying the trend in recent months and coined the term..."

                  Security Firms Slow To React to Spear Phishing Like That Used In China Hack
                  CSO February 21, 2013
                  "Email security vendors have failed to do enough to protect customers against advanced cyberattacks like the one recently linked to the Chinese military, experts say. Vendors have needlessly left customers exposed to spear phishing, which is the most effective way hackers have of penetrating corporate networks. The technique involves scouring the Web for information related to the target in order to craft an email most likely to trick the person into clicking an attachment or visiting a malicious website..."
                  The Near Impossible Battle against Hackers
                  Reuter February 21, 2013
                  "Dire warnings from Washington about a 'cyber Pearl Harbor' envision a single surprise strike from a formidable enemy that could destroy power plants nationwide, disable the financial system or cripple the U.S. government.

                  But those on the front lines say it isn't all about protecting U.S. government and corporate networks from a single sudden attack. They report fending off many intrusions at once from perhaps dozens of countries, plus well-funded electronic guerrillas and skilled criminals..."

                    The Stupid Emperor and the Art of Information Security
                    InformationWeek February 27, 2013
                    "Centuries ago, there lived an emperor who loved beautiful clothes and spent all his money on being finely dressed. One day two weavers came to the emperor claiming that they could make the best cloth imaginable. The cloth would have an amazing property in that it would be invisible to anyone who was incompetent or stupid. The emperor ordered for the clothes and gave the weavers lot of money..."
                      Twitter On Password Security
                      ITWorld February 21, 2013
                      "Twitter has a hacking problem. This week alone, Burger King and Jeep were taken over by hackers, following a security leak earlier this month that affected about 250,000 users. In response, Twitter has posted 'a friendly reminder about password security,' suggesting it's up to you/your company to keep your account secure..."
                      Understand Your Enterprise.s Biggest Security Threats
             February 22, 2013
                      "Even though security solutions are becoming more advanced, hackers and other external forces are working just as hard to overcome these barriers to access sensitive company information. With attackers unleashing new viruses and developing more sophisticated approaches to network infiltration, companies may feel like they're fighting a losing battle. But as long as you keep up with the current security trends and know what types of attacks are a threat to your business, you'll give yourself a much needed advantage. We'll show you some of the new ways outsiders are getting past data center defenses and how you can fix vulnerabilities in your network to prevent those attacks..."
                      Watch a Chinese Military Hacker Launch a Successful Attack
                      Network World February 19, 2013
                      "Thanks to cybersecurity firm Mandiant, we now have a video of a hacker believed to be linked to the Chinese military infiltrating and stealing files from unidentified English language targets. The video comes as part of Mandiant's 60-page report, first reported by the New York Times, that claims China's military is responsible for cyberattacks on more than 140 foreign businesses, many of which are in the United States..."
                        Risk Vs Innovation: 5 Steps To Finding the Right Balance
                        Wall Street and Technology February 28, 2013
                        "In today's ultra-competitive, fast-moving environment, only the most agile and innovative financial firms can thrive. But with budgets still tight and investors' appetite for risk at an all-time low, firms who want to keep staying ahead of the game need to strike the right balance between risk and innovation..."

                        • Evaluate whether you will gain a competitive advantage
                        • Do a PoC.
                        • Find a business case for it.
                        • Decide how you are going to build a competitive edge
                        • Analyze risk at every point.

                        Read on for details.

                          Researchers Uncover New Global Cyber-Espionage Campaign
                          Computerworld February 27, 2013
                          "Security researchers have identified an ongoing cyber-espionage campaign that compromised 59 computers belonging to government organizations, research institutes, think tanks and private companies from 23 countries in the past 10 days.

                          The attack campaign was discovered and analyzed by researchers from security firm Kaspersky Lab and the Laboratory of Cryptography and System Security (CrySyS) of the Budapest University of Technology and Economics..."

                          IT - Careers
                          Nine Tips for Getting Hired
                          TechRepublic February 26, 2013
                          "The problem with career advice, there's just so darn much of it out there. Everybody has a personal slant on how best to present yourself in an interview. It's refreshing to come across something as simple as a bulleted list of best practices to follow. That's why I like this advice, provided by Jim Camp, an internationally coach and trainer, and author of NO: The Only Negotiating System You Need for Work and Home...

                          Here are his nine other tried-and-true tips to getting hired:"

                          • Do impeccable research on the company and position before the interview
                          • Don't try to impress them with your dress, attitude, or speech
                          • Find out what your interviewer wants by asking questions
                          • Ask interrogative-led questions–what, how, and why–to help YOU direct the dialogue
                          • Get your interviewer to reveal what a 'good fit' means to them
                          • Don't volunteer too much information
                          • Be a blank slate
                          • Don't be needy
                          • Focus on what you can control

                          Read on for details.

                            HR Strategies for Finding--and Keeping--IT Talent
                            CIO Insight February 27, 2013
                            "Nearly one in four IT employers says it's harder to find the right talent today compared to a year ago, especially in the areas of mobile app development and programming, data network, and data center. They expect it will become even more difficult as the economy recovers.

                            That's according to a December, 2012 ManpowerGroup research report. And, says ManpowerGroup's 2012 Talent Shortage Survey, IT is one of the top 10 job areas that employers are having difficulty filling in both the U.S. and globally.

                            So what's a CIO to do?..."

                            Nine 'Best Practices' For Telecommuting
                            CIO Insight February 27, 2013
                            "Despite Yahoo! CEO Marissa Mayer’s ban on telecommuting, CIOs and other senior managers are warming up to the idea of allowing certain employees to telecommute. For certain, these workers must hold job positions that are compatible with the concept. And they have to "earn" this accommodation through proven performance. ... these best practices are part of an extensive report from Janco titled CIO IT Infrastructure Policy Bundle:"

                            • Executive Decision
                            • Qualified Privilege
                            • Revoked Rights
                            • Expense Report
                            • Timely Concern
                            • Parental Duties
                            • Attendance Required
                            • Proprietary Interest
                            • Footing the Bill

                            Read on for details.

                            8 Famous Software Bugs in Space
                            CIO February 26, 2013
                            "There's never a good time to run into software bugs, but some times are worse than others - like during a mission to space. Spacecraft of all shapes and sizes rely heavily on software to complete their objectives... Despite the care with which these systems are built, bugs have been occurring in spacecraft software since we started to fling rockets into space, as the following examples demonstrate:"

                            • 1962: A missing overbar dooms Mariner 1
                            • 1988: One missing character drains the life out of Phobos 1
                            • 1996: Integer overflow error leads Cluster to self destruct
                            • 1999: Milstar satellite can’t reach intended orbit due to bug
                            • 1999: English instead of metric units cause Mars Climate Orbiter to disintegrate
                            • 1999: Premature touchdown celebration kills Mars Polar Lander
                            • 2004: Flash memory error almost keeps Mars Spirit from roving
                            • 2006: Memory allocation fault ends Mars Global Surveyor’s extended mission

                            Read on for details.

                            You're a Piece of Conference Meat
                            Dark Reading February 24, 2013
                            "It's always entertaining to see the outlandish attempts that companies make to get some attention at big trade shows. This week at the RSA Conference, I'm sure you'll see a bunch of banners in the airports and BART around San Francisco of security companies trying to get attention. You'll see box trucks circling the Moscone Center also. All of these tactics have one (and only one) objective: to get you to the vendor's booth on the trade show floor. Being a former VP of marketing, I'm all too familiar with the seedy underbelly of a big-time industry trade show..."
                            IT Security Understaffing Worries CISOs
                            InformationWeek February 25, 2013
                            "More than two-thirds of the world's chief information security officers (CISOs) and other c-level executives report that their current information security operations are understaffed, and that it's compromising their company's security.

                            That finding comes from a new study released Monday by information security professional body (ISC)2, and is based on an online survey of 12,000 information security personnel, 14% of whom are C-level managers or officers, at the end of last year. The study was sponsored by (ISC)2 -- which counts nearly 90,000 members -- and Booz Allen Hamilton, and conducted by Frost & Sullivan..."

                            Seven Reasons Your Coworkers Don't Trust You
                            TechRepublic February 25, 2013
                            "You don't have to commit a major scandal for your coworkers to lose faith in you. Sometimes it's a bunch of little things that add up... To those people, Dennis and Michelle Reina, leading experts on promoting workplace trust say, 'Think again.'.. The Reinas spell out seven reasons your co-workers might not trust you and show how to avoid the most common mistakes. The highlights are:"

                            • You withhold trust in others
                            • You fail to acknowledge effort
                            • You miss deadlines
                            • You arrive late for meetings
                            • You don’t admit your mistakes
                            • You spin the truth
                            • You behave badly

                            Read on for details.

                              IT - Compliance
                              Getting the Most Out of a GRC Platform
                              Dark Reading February 22, 2013
                              "Conference track sessions and talking heads may tout the importance of instituting technology-backed governance, risk, and compliance (GRC) processes that integrate the G, R, and C. But the truth is that when the rubber meets the road, most organizations still use GRC platforms for only a single domain.

                              In order to get the most out of their GRC technology and risk management programs, organizations still have a lot of work to do in developing more comprehensive and harmonized risk measurable, and bringing together IT risk professionals with enterprise risk stakeholders to ensure the whole team is on the same page..."

                              IT - Backup
                              Designing Disk for VMware and Hyper-V Backups
                              Storage Switzerland February 28, 2013
                              "One of the key advantages of a virtualized environment is how well it can be protected. VMware and Hyper-V specific applications like Veeam provide efficient changed block and deduplicated backups, as well as flexible in place recoveries. A challenge remains, however, in selecting the backup storage for these environments. Designing the right backup target is critical to realizing the maximum benefit from VM specific backup applications..."
                              MSPs - Are You Looking for a Better Backup Offering?
                              Storage Switzerland February 27, 2013
                              "Backup is something that every business needs to do, however, few are adept at ensuring consistent backups are done properly. As a result users are looking for a little help. Outsourcing backup is a popular service offering of Managed Service Providers (MSP) and it is one of the first cloud service solutions that businesses will consume.

                              The quality of the experience for the end customer, therefore, should be of critical importance to the MSP. In addition to being liable for protecting an organization’s critical data assets, the MSP wants to ensure the quality of this initial experience since it may well determine if the customer opts to subscribe to any of the other MSP cloud service offerings..."

                              Boost Enterprise Backups
                     February 22, 2013
                              "If there is a necessary evil that exists within enterprise data centers, it’s the data backup process. IT and data center managers may not enthusiastically embrace having to perpetually deal with the ins and outs of backing up the company’s data, but failing to do so can ultimately prove to be a far greater pain in their necks. The good news is that there are numerous steps that managers can implement to make backup duties less painful. These include relatively quick and simple approaches that can prove extremely effective..."
                                IT - Big Data
                                Big Data, Big Business, Big Government, Bigger Brother
                                Network World February 25, 2013
                                "In his 1990 book 'The New Realities,' Peter Drucker noted: 'Knowledge is information that changes something or somebody - either by becoming grounds for action, or by making an individual (or an institution) capable of different and more effective action.' And that is what Big Data is delivering ... new knowledge, new insights and new actions, all of which will give us new problems to deal with..."
                                Big Data's New Buzzword: Datafication
                                InformationWeek February 25, 2013
                                "Just when you thought you had mastered all the data-riffic buzzwords out there, another rears its trendy head. Never mind big data, we're talking about 'datafication,' the notion that organizations today are dependent upon their data to operate properly -- and perhaps even to function at all.

                                Wait, isn't that what big data is supposedly all about? Not really, says Andrew Waitman, CEO of Pythian, a data infrastructure management and consulting firm..."

                                Big Data Pointless without Integration
                                Information Management February 25, 2013
                                "Big data involves interplay between different data management approaches and business intelligence and operational systems, which makes it imperative that all sources of business data be integrated efficiently and that organizations be able to easily adapt to new data types and sources.

                                Our recent big data benchmark research confirmed that big data storage technologies continue to follow many approaches, including appliances, Hadoop, and in-memory and specialized DBMSes..."

                                How InMobi tamed the Big Data elephant
                                InformationWeek February 28, 2013
                                "At InMobi, data processing, analysis and visualization of data happens at a scale that is extremely complex and challenging. Its network reaches more than 580 million customers in over 165 countries, through more than 100 billion monthly ad impressions. The firm receives close to 4 billion events per day and each event contains close to 200 primary dimensions along which data can be aggregated. In a detailed discussion with Srikanth RP from InformationWeek, Gaurav Agarwal, who leads the Data Analytics system at InMobi, shares his perspective on how his firm handles this massive scale of analysis of data, and the lessons learnt from building the analytics system..."
                                More Improvements to SIEM than Big Data
                                Dark Reading February 22, 2013
                                "For big companies looking to spend big budgets, the Big Data pitch for security information and event management (SIEM) systems is a good fit. But other improvements are on the way...

                                So let's get this out of the way: When vendors utter the phrase "security information and event management," or SIEM, at next week's RSA Conference, it's business beau "Big Data" will be no more than a sentence away..."

                                Raytheon's 'Google for Spies' . Is It Legal?
                                Big Data Republic February 21, 2013
                                "Raytheon's combination of social media and spying seems to have got a lot of people's backs up, but no one seems to be talking about the legalities behind the concept.

                                The Guardian recently reported on a big data product built by defence contracting giant Raytheon, which Saul Sherry wrote about in I Predict a Riot. A video demonstration obtained by the Guardian shows some impressive features: The product, RIOT (Rapid Information Overlay Technology), takes publicly available online data and structures it in a way that makes it easier to discover details of a person's activities -- to the extent that their movements could be predicted. For this reason The Guardian described it as a 'Google for spies'..."

                                The Morality of Big Data
                                Bank Systems and Technology February 27, 2013
                                "The writings of Alan F. Westin, a legal scholar and expert on privacy who died recently, raise important questions for banks and other businesses seeking to capitalize on big data...

                                Big data may have become the catchphrase du jour, but concerns about data -- how to gather and organize it, how to extract meaning and value from it, and how to protect it -- have been around for decades, if not longer..."

                                The Next Wave: Analytics as a Service
                                Bank Systems and Technology February 21, 2013
                                "The next wave in the big data ocean is the capability of enterprises to consume the benefits of big data as a service.

                                As experts spend more time understanding the power of big data, as insights mature, the logical next step for the experts is to provide big data analytics as a service to enterprises..."

                                Are You A Data Hoarder?
                                Wall Street and Technology February 26, 2013
                                "Big data craze inspires some IT managers to save every possible bit of data. Bad idea, says an industry practitioner's group... a hoarding impulse can backfire too. In fact, enterprises that implement big data analytics platforms -- applying complex mathematical algorithms to unlock new trends and customer insights -- can easily turn into information pack rats, says the Compliance, Governance and Oversight Council (CGOC), a forum of about 2,300 legal, IT, records and information management professional from business and government agencies..."
                                Want Better Data? Add Quality Checks to Work Routines
                                ITBusinessEdge February 1, 2013
                                "Lance Speck, vice president and general manager of Integration Products at Pervasive Software, explains to IT Business Edge’s Loraine Lawson why organizations need to incorporate data quality into regular work processes, rather than a one-time task, if they want to fix the data quality problems created by nearly a decade of neglect..."
                                  IT - BYOD
                                  Federal CIOs Still Say No to BYOD
                                  CIO March 1, 2013
                                  "As federal CIOs develop new strategies to support an increasingly mobile workforce, they will inevitably have to decide whether or not to adopt a bring-your-own-device policy, just as a similar challenge confronts their counterparts in the private sector.

                                  For some agencies, the answer is a hard 'no.'

                                  'I'm not doing BYOD,' says Coast Guard CIO Rear Adm. Robert E. Day Jr., who also serves as director of the Coast Guard Cyber Command..."

                                  10 considerations for BYOD cost/benefit analysis
                                  TechRepublic February 26, 2013
                                  "Perhaps the most difficult element of the whole Bring Your Own Device (BYOD) movement is determining whether it will save your organization money. There’s no guaranteed formula for assessing the costs versus benefits of BYOD for an organization — BYOD is far from a one-size-fits-all initiative. But all organizations contemplating BYOD should do a thorough, upfront cost/benefit analysis. Here are 10 things to keep in mind when you prepare to conduct a BYOD cost/benefit analysis for your organization..."

                                  • Current costs of company-owned devices
                                  • Cost of implementing and managing an MDM solution
                                  • Costs of BYOD policy development and program management
                                  • Updating in-place enterprise security and help desk
                                  • Hidden back-end costs
                                  • Benefits to employee morale and productivity
                                  • Costs of BYOD stipends and/or allowances
                                  • Risk management expenses
                                  • Internal app development costs
                                  • Benefits of employees being more responsive to your customers

                                  Read on for details.

                                  10 Legal Challenges to Creating A BYOD Policy
                                  itWorldCanada February 22, 2013
                                  "Overheard recently at a BYOD symposium: "We've now gone from mainframe computers to desktops and on to the coffee shop." This says it all.

                                  While today's workplace environment reflects IT consumerization through widespread proliferation of consumer mobile devices that include an array of smartphones, tablets, and netbooks, a host of enterprises still lack strategies regarding mobile device management (MDM) and in particular, strategies that are coupled with a formalized and well-articulated set of mobile use policies..."

                                  • General Duty of Care under our Legal System
                                  • Privacy (Personal Information)
                                  • Data Security and Protecting Data Integrity
                                  • Prohibition against "Jail Breaking" or “Rooting”
                                  • Confidential Information
                                  • Licensing & Intellectual Property Rights
                                  • Employee-Employer relationship
                                  • Electronic Communications, Document Preservation and Evidentiary Obligations
                                  • Insurance and Liability Considerations
                                  • Training & education

                                  Read on for details.

                                  Top Ten Articles for last few Issues
                                  Vol 180 Issue 1, 2, 3; Vol 179 Issues 1, 2, 3, 4 and 5
                                  We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                  • The Document Foundation Announces LibreOffice 4.0
                                  • Five Perspectives on Virtual Networks
                                  • SPARC T4 Digest and Crypto Optimizations in Solaris 11.1
                                  • Oracle's StorageTek Tape Products Capture Awards, Media Attention
                                  • How to Avoid Erroneous Results in Performance Testing
                                  • Oracle and Linux Foundation Partnership Growing Stronger
                                  • NetBeans IDE 7.3 now in GA
                                  • JavaOne 2012 Videos Posted on OracleLearning YouTube Channel
                                  • Java Spotlight Episode 121: Kirk Pepperdine on System Performance Tuning @javaperftuning
                                  • In Touch (February 2013): Spotlight on Cloud

                                  The longer version of this article has list of top ten articles for the last 8 weeks.

                                    IT - Server
                                    Choose the Best Servers for Virtualization & Consolidation
                           February 22, 2013
                                    "By virtualizing applications and efficiently using available server resources, you can cut down on the physical equipment you need, saving space and money. But you can't implement virtualization and benefit from consolidation if you don’t have the right servers for the job. We'll show you some of the most important features to look for and help you get the best performance for your money..."
                                    How to: Build a Private Virtual Network with Zones in Solaris 11
                                    Networking with a 'Roll-your-own' Virtual Switch
                                    Courtesy of User 13333379, readers are alerted to Stefan Schneider"s multi-part how-to on building a private virtual network with Solaris 11 Zones. Among the several tasks Schneider leads readers through are:
                                    • Creating a virtual switch (gbswitch0) inside your Solaris 11 servers
                                    • Creating virtual network interfaces which will be attached to the virtual switch
                                    • Creating zones which will use the virtual switch
                                    • Configuring the routing to keep all communication inside your Solaris server
                                    • Configuring a network address translation (NAT) which allow your internal zones to access external services like DNS
                                    • Configuring a reverse proxy for the public network interface.
                                    Trending in
                                    Vol 235, Issue 2
                                    Trending IT Articles