News about Oracle's Solaris and Sun Hardware
System News
Jun 10th, 2013 — Jun 16th, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 184, Issue 2 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section


IT - CxO
x
Make Your Employees Happier: Limit Multitasking
IT World, June 10, 2013
"Did you ever have one of those days where you were so busy from 9 to 5 that the day just blew by? But at quitting time, you looked back and realized nothing really got done?

That's the dilemma that multitasking has long presented to the individual. But now it seems that employers are driving their employees crazy as well--causing them to hate coming to work--thanks to the hefty demands of multitasking, according to Maura Thomas, a productivity guru who runs the website RegainYourTime.com..."

    Why Innovation Fails: The Past vs. Future Problem
    InformationWeek, June 11, 2013
    "Having worked with business leaders for years in the pursuit of innovation, I have come to realize that there is a fundamental reason for failure. Companies have two modes of operation that often are viewed as incompatible. One mode focuses on the past and one focuses on the future, and the inability to integrate the two explains why companies find it so hard to innovate.

    Established businesses are great at maintaining value through greater efficiency and effectiveness, but over time these businesses become irrelevant. Start-ups are great at spotting unmet needs and driving a relentless charge -- only to find that they have an unsustainable business model..."

      3 Lessons Learned From a Failed Customer Feedback Test
      IT World, June 11, 2013
      "Things didn't go exactly as planned when we gave three retail businesses a customer feedback system to test for a customer service software buyers' guide . The goal was to see how the features worked in a real-life setting. However, we discovered that testing customer service software in a real-life setting involves more than simply installing and using. It requires a certain amount of planning, and there were several key issues we realized we should have addressed before beginning to test.

      From our experience came three important lessons, here's a look at what those lessons were and what they taught us about how CIOs and other technology buyers should go about evaluating customer feedback systems..."

        6 Emerging Technologies and What They Mean to CIOs
        Government Technology, June 11, 2013
        Here are six Emerging Technologies and a brief discussion of what they mean for CIOs:

        • Mobile Robots
        • 3-D Printing
        • Online Electric Vehicles
        • Remote Sensors
        • Virtual Currency
        • Video Facial Recognition

        Read on for details.

          Can IT Survive Digitization?
          ComputerWeekly, June 12, 2013
          "The role and operations of IT are set to change, as departments build up their own IT expertise.

          According to research from analyst Forrester, the chief operating officer (COO) used to dominate IT priorities but now, sales, marketing and R&D set corporate strategy. Forrester vice-president, Kyle McNabb, says: 'The business does not view digital as someone else problem.'

          The survey showed that 44% of business departments were hiring their own technology staff..."

            CEOs: Five Reasons Your CIO Quits
            Accelerating IT Success, June 12, 2013
            "Sometimes it is because a better job comes along, and sometimes it is because no other job could be worse. Whatever the reason, when a CIO quits, it should be less of a mystery to a CEO why this has happened. Scott Lowe writes a blog post addressed to CEOs about five reasons why CIOs quit:"

            • Relegating IT to 'keeping the lights on'
            • Locking the CIO out of strategy sessions
            • Ignoring governance
            • Ignoring critical advice from the CIO
            • Making no effort to understand what IT can do

            Read on for details.

            CIOs Need To Improve Budget Practices, Says Study
            InformationWeek, June 5, 2013
            "To keep up with the fast pace of business, CIOs must shift their budget strategy to bolster employee productivity.

            CIOs need to be more strategic about budgeting if they want to use technology to better deal with the rapid pace of business change. That's the advice of experts at CEB, formerly the Corporate Executive Board, a global member-led advisory group that has just published a new study on the trends that will shape corporate IT in the next four years..."

              Eight Is Enough! IT's Biggest Frenemies
              InfoWorld, June 10, 2013
              "You probably have a good idea about who your enemies are. But what about your frenemies?

              These are people you deal with on a regular basis, largely because you have no choice. But even when their intentions are good, they can still cause you all manner of grief. They range from BYOD Betty, who insists on using her iPhone at work (but wants you to support it) to Cloudy Claudette, who's running her own shadow IT organization with the help of public cloud providers..."

              • Legacy Larry
              • BYOD Betty
              • Pedro de las Pajamas
              • Leaky Louise
              • Slippery Sam
              • Cloudy Claudette
              • HR Harriet
              • Frightened Frank

              Read on for details.

              From Tactics to Strategy
              InformationWeek, June 11, 2013
              "When Peter Drucker made the comment 'Culture eats strategy for lunch' little did he know that this quote will become one of the most widely used phrases for business community. In fact I am also a fan of this statement for simple reason of my close association with change management in different organizations where I witnessed the conflict between culture and strategy and saw how difficult it becomes when they contradict.

              My experience of successful changes tells me that when culture is in conflict of any strategy, use tactics. Usually tactics is meant for implementing a strategy but can it flow upwards? My answer to this is yes, many a times..."

              Improve the Image of Your IT Department
              TechRepublic, June 4, 2013
              "Sometimes the stereotypical image of your department keeps you from getting the job done. Learn how to fight this image to benefit your employees and the company as a whole...

              For those of us that have worked in the IT industry, we are well aware of the image of the IT department at most businesses. Arrogant, rude, obstructive; these are just a few words that have typically been associated with IT. Stereotypes likes these can limit effectiveness and make it difficult for your IT department to do its job. Improving the image of your IT department is something that is not only beneficial to your employees, but also the company as a whole..."

                Why Conferences Matter
                CIO Insight, June 7, 2013
                "I recently attended and contributed to a major CIO conference. I was fortunate to meet many new people and have conversations with many old friends and colleagues. This experience reminded me of a number of lessons that all of us can take away from these types of events.

                Regardless of how long you've been in the IT industry, you should never stop learning. I learned a great deal about gamification and crowdsourcing, which are two topics I was somewhat familiar with but hadn't given a great deal of thought to regarding how we could leverage them. The opportunity to unhook from work and attend a conference got my brain working on ways we can use these tools for our competitive advantage..."

                5 Ways to Create a Collaborative Risk Management Program
                CSO Online, June 7, 2013
                "How do you handle understanding the enterprise risks in a corporation where all of the risk management functions are dispersed in differential line management — General Counsel, Finance, Technology, Facilities? How do you define the participating functions? Yes, the ideal situation is having these groups housed under a Chief Risk Officer or Head of Operational Risk, but in the absence of organization structural shifts, here are some tips for you..."

                • Be a Leader in bilateral conversations of risk partners
                • Conduct joint awareness programs
                • Capitalize on the success of low-hanging fruit
                • Establish a joint threat heat map
                • Benchmark with peer companies to collect best practices

                Read on for details.

                Virtualization
                x
                Best Practices - Live Migration on Oracle VM Server for SPARC
                By Jeff Savit
                Jeff Savit writes, "Oracle VM Server for SPARC has supported live migration since 2011, providing operational flexibility for customers who need to move a running guest domain between servers. This can be extremely useful, but there's confusion about when it is the right tool to use, when it isn't, and how to best make use of it. This article will discuss some best practices and "do's and don'ts" for live migration..."
                IT - Storage
                x
                Rethinking the Storage Controller for Unstructured Data
                Storage-Switzerland, June 11, 2013
                "Conventional wisdom suggests that most business data is stored in database applications, however, unstructured data comprises approximately 70-80% of the total data in a typical environment and, according to some industry sources, is growing 5x as fast. File-based data is also increasing in value as this information is often mined for decision support in business analytics systems and is sometimes required for legal discovery as well. As a result, mid-sized or Tier-2 data centers have pressing needs to effectively manage and centrally control their unstructured data repositories..."
                4 Practical Steps to Building a Data Destruction Policy for Your Business
                Business 2 Community, June 12, 2013
                "Data security has become one of the highest priorities for business owners throughout the country in recent years. Reading about high profile cases of data breach, whether they were caused maliciously or accidentally, can make any business owner nervous.

                Could it happen to your business? While it's impossible to completely remove the risk of data breach, there are steps you can take to significantly reduce that risk. Taking these steps to build a secure and reliable data destruction policy will help you avoid paying costly fines, dedicating time and resources to efforts to mitigate the damage, and suffering the embarrassment and loss of customer confidence associated with a data breach..."

                Why NSA Will Have the Capacity for All That Data It's Collecting
                GCN, June 10, 2013
                "The National Security Agency's data gathering operations are generating a lot of debate among security and privacy proponents, but one this is sure: all that data will have some place to go, and NSA will have the capacity for it.

                NSA is a few months away from beginning operations at a massive $1.2 billion code-breaking and data analysis data center in Utah, and it recently broke ground on another new center in Maryland. The agency's Utah Data Center at the National Guard's Camp Williams 26 miles south of Salt Lake City is a 1 million square-foot-plus complex, where high-performance computers alone will fill 100,000 square feet.."

                When Can Worse Data Quality Be Better?
                Information Management, June 12, 2013
                "Continuing a theme from three previous posts, which discussed when it's okay to call data quality as good as it needs to get, the occasional times when perfect data quality is necessary, and the costs and profits of poor data quality, in this blog post I want to provide three examples of when the world of consumer electronics proved that sometimes worse data quality is better..."
                  Java Technology
                  x
                  Java Platform Enterprise Edition 7 (Java EE 7)
                  Also Java EE 7 Software Development Kit (SDK).
                  Oracle and the Java Community Process (JCP) members today the availability of Java Platform, Enterprise Edition 7 (Java EE 7) and the Java EE 7 Software Development Kit (SDK).

                  The standard in community-driven enterprise software, Java EE 7 is the result of industry-wide development involving open review, ongoing builds and extensive collaboration between hundreds of engineers from more than 30 companies within the Java Community Process (JCP) and the GlassFish Community.

                  Java EE 7 features a scalable infrastructure that facilitates building HTML5 applications by reducing response times through low-latency, bi-directional communication with WebSockets; simplifying data parsing and exchange using industry-standard JSON processing and supporting many more concurrent users through asynchronous RESTful Web Services with JAX-RS 2.0.

                  To help further increase developer productivity, Java EE 7 provides a simplified application architecture with a cohesive, integrated platform; reduces boiler-plate code using dependency injection and default resources; broadens the use of annotations to increase efficiency; and enhances application portability with standard RESTful Web Services client support.

                  Java Magazine May/June
                  Java EE 7: License to Code
                  Java EE 7 has arrived, with lots of new tools designed to make you more productive and let you add new capabilities to your Web applications. The May/June issue of Java Magazine focuses on what's new and notible in Java EE 7 - including HTML 5 support, WebSockets, JAX-RS, JSON, batch processing, concurrency, and more. There are interviews and and hands-on articles that help you get up to speed with Java EE 7 right away. Also, articles on Java in Action and a great code teaser on JPA.
                  Java Spotlight Episode 136: Paul Parkinson on JSR 907: Transaction API 1.2 @jcp
                  By Roger Brinkley
                  Paul Parkinson has been designing, developing, supporting, and presenting on transaction processing systems since the early 90s and has worked at Oracle for the past 10 years where he is Development Lead for Middleware Transaction Processing working on WebLogic and GlassFish application servers as well as integration with the Oracle database, Tuxedo, SOA, etc. He is specification lead for the Java Transaction API (JSR907).
                  Solaris
                  x
                  Comparing Solaris 11 Zones to Solaris 10 Zones
                  Solaris 10 Whole-Root, Solaris 10 Sparse-Root, Solaris 11, Solaris 11 Immutable Zones
                  Jeff Victor writes, "Many people have asked whether Oracle Solaris 11 uses sparse-root zones or whole-root zones. I think the best answer is "both and neither, and more" - but that's a wee bit confusing. This blog entry attempts to explain that answer.

                  First a recap: Solaris 10 introduced the Solaris Zones feature set, way back in 2005. Zones are a form of server virtualization called "OS (Operating System) Virtualization." They improve consolidation ratios by isolating processes from each other so that they cannot interact. Each zone has its own set of users, naming services, and other software components. One of the many advantages is that there is no need for a hypervisor, so there is no performance overhead. Many data centers run tens to hundreds of zones per server!..."

                  Cloud Computing
                  x
                  Open source vs. proprietary cloud provider platforms
                  SearchCloudProvider, June 13th, 2013
                  "Open source cloud platforms like OpenStack, CloudStack and Eucalyptus offer providers access to a large pool of development resources, quicker updates and no vendor lock-in. While some cloud providers like the idea of building their cloud services on open source software, others prefer the full feature set and integration that a proprietary platform delivers, as well as the comfort of a service-level agreement, or SLA.

                  The industry remains split on open source vs. proprietary cloud platforms. A recent TechTarget survey found that 22% of 260 cloud providers have adopted OpenStack, while 29% of respondents who aren't using the platform have adopted a proprietary solution..."

                  Cloud Computing: Concepts, Technology & Architecture
                  by Thomas Erl & Ricardo Puttini
                  Juergen Kress writes, "During my holiday I read this book, here is my quote “Cloud Computing: Concepts, Technology & Architecture is an excellent resource for IT professionals and managers who want to learn and understand cloud computing, and who need to select or build cloud systems and solutions. It lays the foundation for cloud concepts, models, technologies and mechanisms. As the book is vendor-neutral, it will remain valid for many years. We will recommend this book to Oracle customers, partners and users for their journey towards cloud computing. This book has the potential to become the basis for a cloud computing manifesto, comparable to what was accomplished with the SOA manifesto."
                  Linux
                  x
                  Unbreakable Enterprise Kernel Release 2 Quarterly Update 4
                  Includes driver updates as well as fixes for bugs and security issues
                  Oracle has announced that the fourth quarterly update release of the Unbreakable Enterprise Kernel Release 2 (Version 2.6.39-400.109) for Oracle Linux 5 and 6 has been published. This release includes driver updates as well as fixes for bugs and security issues.

                  Some notable highlights include:

                  • OpenFabrics Alliance (OFED) 1.5.5 Infiniband stack
                  • Btrfs bug fixes and improvements
                  • Xen improvements
                  • Numerous device driver updates (e.g. storage devices, network cards)

                  For more details, please consult the release notes.

                  IT - Cloud
                  x
                  How to Negotiate and Assure Cloud Services
                  ComputerWeekly, June 10, 2013
                  "How can an organisation safely adopt cloud services to gain the benefits they provide? The easy availability of cloud services has sometimes led to line of business managers bypassing the normal procurement processes to obtain cloud services directly without any consideration of the governance and risks involved.

                  There is a confusing jungle of advice on the risks of cloud computing and how to manage these risks. This guide provides the top tips to negotiating and assuring cloud services..."

                  Ensuring Security in Cloud Computing Environments
                  InformationWeek, June 5, 2013
                  "Delivery of IT services from the cloud assures both capital expense advantages and operation expense advantages. However, unless organizations ensure security of critical data in the cloud, they will not fully benefit from the advantages of cloud, says Kaushik Thakkar of Nevales Networks.

                  True disruption occurs when an improvement in business model displaces an established one. Several shifts in business have been described as disruptive..."

                  Managing Costs on Your Journey to Cloud
                  ComputerWeekly, June 10, 2013
                  "It was not so long ago that cloud computing was just a buzzword which companies struggled to understand. Now, we are in the midst of a major technology wave as we see social, mobile, analytics and cloud converging to create unprecedented disruption and evolution. This convergence means that every business is a digital business.

                  Accenture's 2013 Technology Vision identifies seven technology trends that are shaping the future of enterprise IT, with cloud underpinning all of them. Cloud is pervasive and it is here to stay, and we will see more and more software and platforms delivered in the cloud in the years ahead..."

                  NSA Dragnet Debacle: What It Means To IT
                  InformationWeek, June 7, 2013
                  "Director of National Intelligence James Clapper confirmed Thursday that the U.S. government has been secretly collecting information since 2007, exploiting backdoor access to the systems and data of major Internet and tech companies in search of national security threats. That NSA dragnet, revealed by The Washington Post and The Guardian and code-named PRISM, reportedly taps into user data from Facebook, Google, Apple and other U.S.-based companies. (Those providers have mostly denied that the NSA has such backdoor access.)..."
                  The Next 5 Years: Everything Converges and Rides in the Cloud
                  GCN, June 5, 2013
                  "The intersection of cloud infrastructures, analytics, big data, mobile and social media, delivered through a cloud broker model, will change how IT services are delivered and used by government agencies in the future.

                  If the Internet is an information superhighway, cloud infrastructures are multiple highways upon which all of the other disruptive technologies will ride, according to leading senior government IT managers. Agency managers will assume that services are deployed in some type of cloud; the emphasis will be on extracting value from data, CIOs say..."

                  To Cloud or Not to Cloud
                  Business 2 Community, June 12, 2013
                  "Why that is NOT the question for your contact center or customer engagement solutions Across the enterprise software industry we have seen many different software functions move to the cloud CRM, HR, ERP and many other functions have seen significant movement towards the cloud; ever heard of a little company called SalesForce.com? It's different in the contact center world however; there are just enough telephony complications, and privacy and security requirements that most contact centers have not yet migrated to the cloud. In fact according to a Nemerets study published in 2012, only 14 percent of companies had leveraged cloud platforms for customer service and contact centers..."
                  Why PRISM kills the cloud
                  ComputerWorld, June 10, 2013
                  "The migration from desktop computing to the cloud is on every tech firm's playlist this season, with Apple [AAPL] expected to deliver improvements to its iCloud service later today -- but recent revelations regarding the US government's PRISM surveillance technology could be the kiss of death to these future tech promises. (You may also wish to read this more recent report)..."
                    IT - DR
                    x
                    How Businesses Prepare for Disasters
                    HelpNet Security, June 11, 2013
                    "With fears of potential security breaches and natural disasters like Superstorm Sandy and the recent Oklahoma tornado weighing heavily on IT executives, businesses nationwide have continued to grow and advance their business continuity and disaster recovery plans to incorporate the adoption of wireless network capabilities, cloud services and mobile applications..."
                    How Virtualized Systems Provide a Strong Platform for Business Continuity
                    eWeek, June 10, 2013
                    "Today's virtualized systems provide a sound platform for business continuity because the platforms and networking are stronger and more agile than they were even a few years ago.

                    One of the key benefits of the cloud model-and all cloud systems are virtualized -- is how virtual machine-driven systems can help to ensure business continuity and speed disaster recovery.

                    Companies of all sizes are always looking for affordable ways to deliver quality IT services reliably and continuously to customers and employees. Cloud computing using virtual machines presents a low-cost disaster recovery and business continuity solution for small and midsize businesses and a more cost-effective alternative to cost-conscious larger corporations..."

                    IT - PM
                    x
                    Ten Ways to Manage Projects Successfully
                    Baseline, June 6, 2013
                    "It can be overwhelming to oversee a major IT project. In fact, only three out of 10 such initiatives are considered successful, according to research from The Standish Group. Of the rest, one-quarter are declared outright failures and are cancelled before completion. The remaining 45 percent finish late, are over-budget, or end up with fewer than the required features and functions...

                    To provide some advice that can make you more confident in the success of the project, we're presenting the following 10 best practices from the recent book, Emotional Intelligence for Project Managers: The People Skills You Need to Achieve Outstanding Results.."

                    • Plan, Plan, Plan
                    • Be Punctual
                    • Seek Great, Not Perfect
                    • Get Comfy
                    • Open Ears
                    • Open Mind
                    • Smart Venting
                    • Make a Joke
                    • Take a Break
                    • Take Earned Time

                    Read on for details.

                      IT - Networks
                      x
                      Five Web-Based Network Troubleshooting Tools
                      TechRepublic, June 5, 2013
                      "Web-based networking toolkits often offer numerous ways to test routes, domains, and other issues that will directly affect your network.

                      Network troubleshooting can run the gamut of possibilities. From hardware to software to external, uncontrollable forces, to powerful Jedi mind tricks. When you're troubleshooting networking issues, the problem can often point toward many and varied issues. When that happens, you'll want to have access to tools to help you diagnose the issue. One place to turn for such a tool set is the good old Internet..."

                      • DNS Stuff
                      • Network-Tools
                      • DNS Inspect
                      • Mr.DNS
                      • MXToolbox Supertool

                      Read on for details.

                        IBM Shows Off Nickel-Sized Chip That Backs Gb/Sec Wireless Data-Rates, Cutting Edge Radar Images
                        Network World, June 4, 2013
                        "IBM says it has packed an integrated circuit about the size of a nickel with technology that can enable gigabit/sec mobile data-rate and clutter-cutting radar image applications.

                        The integrated circuit takes advantage of millimeter-wave spectrum which spans the 30 GHz to 300 GHz range, 10 to 100 times higher than the frequencies used for mobile phones and Wi-Fi. Frequencies in the range of 90-94GHz are well suited for short and long range, high-resolution radar imaging, IBM said..."

                        IPv6 Under Attack?
                        eSecurity Planet, June 7, 2013
                        "Although IPv6 is still not widely adopted, the Internet is seeing the first signs of IPv6-based attacks.

                        A year ago the world celebrated World IPv6 Launch Day, which was supposed to be the day IPv6 was activated by major Web operators and service providers.

                        At the time of the launch, there were concerns about whether or not IPv6 was a security risk. As it turns out, at least one high-profile network has been attacked over IPv6 in the past year..."

                        IT - Operations
                        x
                        Data Center Decision Time: Stay or Go?
                        InformationWeek, June 10, 2013
                        "Bits and bytes are the basics of our business, and business is good. So much so that even the immense capacity of advanced data centers can't keep up with demand. And complexity? Off the charts. Now the question is, does continuing to manage your own data center facilities make financial sense?

                        That might seem like a contrarian takeaway from our InformationWeek 2013 State of the Data Center Survey, given that all respondents are involved with management or decision-making at organizations with data centers of 1,000 square feet or larger. In fact, the percentage of respondents whose operating centers are at least 25,000 square feet jumped four points from our 2012 survey, to 15%..."

                        IT - Security
                        x
                        9 Tips, Tricks and Must-Haves for Security Awareness Programs
                        CSO Online, June 3, 2013
                        "What are the essential ingredients for making a security awareness program successful? Check out these 9 tips from CSO contributors on how to make awareness work in your organization..."

                        • Metrics
                        • Flexibility
                        • Some allowance of rule breaking
                        • A challenging new approach
                        • C-Level support ?
                        • Partnering with key departments
                        • Creativity ?
                        • An effective time frame
                        • A multimedia approach

                        Read on for details.

                        Careless Employees Are .Greater Security Risk. Than Cybercriminals
                        Enterprise Apps Tech, June 13, 2013
                        "A report published this week by Check Point has revealed that, for two in three companies, their own employees carry a greater security threat than cybercriminals.

                        The startling finding, from the latest mobile security report polling nearly 800 IT professionals, comes amidst the continued rise of BYOD, with more and more methods of compromising company networks being found.

                        Indeed, it's not the devices that are the main asset, but the information stored on them. 63% of survey respondents do not manage corporate information on their personal devices, whilst a whopping 94% admitted that lost or stolen information was a 'grave concern'..."

                        Data Breach Cost Declines for 2nd Year
                        eSecurity Planet, June 6, 2013
                        "Americans may be doing something right when it comes to data protection, finds a Ponemon Institute study - or are they just too overwhelmed to care?

                        While there are still significant challenges to overcome, there is good news in the battle against data breaches.

                        According to the 2013 Cost of Data Breach Study from Symantec and the Ponemon Institute, the cost of a data breach in the United States declined to $188. This is the second year in a row that Ponemon saw a drop. In the 2012 study, it reported the cost of a data breach was $194 per record, which was a decline from the $214 per record reported in 2011..."

                          Data Breach Costs: 10 Ways You're Making It Worse
                          CRN, June 7, 2013
                          "Inadequate response plans and poorly executed procedures caused data breach costs to rise significantly at some businesses, according to the Ponemon Institute. The research firm interviewed more than 1,400 individuals in 277 companies.."

                          • Poorly Executed Or Nonexistent Incident Response Plan
                          • Poor Or Nonexistent Security Culture
                          • Lack Of Strong Leadership
                          • Poor Control Over Third-Party Responsibilities
                          • Publicly Announcing A Breach Too Soon
                          • Lost Or Stolen Smartphones Or Tablets
                          • We Can Handle It Ourselves
                          • Lack Of Experience
                          • All Sensitive Data Was Exposed
                          • Reputation, Customer Turnover Matter

                          Read on for details.

                          Five Immutable Laws of Security Fragility
                          CIO Insight, October 17, 2011
                          "Organizations must recognize that 'secure' systems will continue to fail in the face of out-of-context attacks, says security chief Hugh Thompson in his keynote at RSA Conference Europe. Here's my analysis of what his five immutable laws of security fragility indicate for CIOs and other IT leaders...

                          • Organizations must recognize that "secure" systems will continue to fail in the face of out-of-context attacks.
                          • Organizations need to expect failure. They must create safety nets. They must adapt to the current reality as it unfolds and morphs each hour of each day.
                          • An organization's employees, contractors, partners, suppliers, and others connected to the company will make mistakes; it is unavoidable. Organizations must plan for these mistakes.
                          • Organizations must assume that the environment is contested and behave accordingly.
                          • Organizations must constantly re-evaluate assumptions; pillars of trust can erode quickly, unexpectedly, and repeatedly.

                          Read on for details.

                          Gartner: 7 Major Trends Forcing IT Security Pros to Change
                          IT World, June 11, 2013
                          "Enterprises are under heavy pressure to change their approach to IT security because of a "nexus of forces" that include big data, social networking, mobile and cloud computing, according to Gartner.

                          Ray Wagner, managing vice president of Gartner's secure business enablement group, summed up these forces at the Gartner Security & Risk Management Summit in National Harbor, Md., Monday, which has attracted 2,200 or so chief information security officers (CISO) and chief security officers (CSO)..."

                          Gartner reveals Top 10 IT Security Myths
                          Network World June 11, 2013
                          "When it comes to information security, there are a lot of 'misperceptions' and 'exaggerations' about both the threats facing businesses and the technologies that might be used to protect their important data assets, according to Gartner analyst Jay Heiser.

                          These false assumptions all add up to 'security myths' that have gained wide credence among security pros, the employees they're trying to protect from data loss and the business managers apt to blame chief information security officers (CISO) for breaches and other mishaps. Heiser, in his presentation on this topic at the Gartner Security & Risk Management Summit held in National Harbor, Md., held forth on his 'Top 10 Security Myths':"

                          • It won't happen to me
                          • Infosec budgets are 10% of IT spend.
                          • Security risks can be quantified
                          • We have physical security (or SSL) so you know your data is safe
                          • Password expiration and complexity reduces risk
                          • Moving the CISO outside of IT will automatically ensure good security
                          • Adhering to security practices is the CISO's problem
                          • Buy this tool <insert tool here> and it will solve all your problems
                          • Let's get the policy in place and we are good to go
                          • Encryption is the best way to keep your sensitive files safe

                          Read on for details.

                          PRISM Program Gives NSA Direct Access To Tech Companies' Servers
                          eSecurity Planet, June 7, 2013
                          "The Guardian is reporting that the U.S. National Security Agency, as part of a secret program called PRISM, has been directly accessing the systems of leading technology companies, including Google, Facebook and Apple, for several years.

                          A top secret 41-slide PowerPoint presentation apparently details the program's capabilities, including "collection directly from the servers" of U.S. service providers.

                          According to a PowerPoint slide printed by the Guardian, PRISM collection began for Microsoft in September 2007, for Yahoo in March 2008, for Google in January 2009, for Facebook in June 2009, for Paltalk in December 2009, for YouTube in September 2010, for Skype in February 2011, for AOL in March 2011, and for Apple in October 2012. The presentation also states that Dropbox will soon be added to the program..."

                          Shadow IT Networks Putting Organizations at Risk
                          Continuity Central, June 7, 2013
                          "IT managers believe that the fragmentation of corporate data across their IT infrastructure and an emerging 'Shadow IT' network of user devices or consumer cloud services outside their control, are putting their organizations at risk.

                          New research from Freeform Dynamics shows over 80 percent of respondents believe effective business decision making is hampered by data availability and inconsistency issues. 83 percent are concerned about the security of their corporate data as it is increasingly dispersed across their network and outside. Getting the situation under control is also proving difficult with 93 percent saying that tracking and managing critical corporate data is now a big challenge, with the associated costs highlighted by 84 percent as being a further concern..."

                          Strong Security Management Helps Control Data Breach Costs: Study
                          eWeek, June 6, 2013
                          "Companies can reduce the cost of data breaches when they occur by imposing strong security management practices, according to a Ponemon Institute study.

                          Companies that take a strong security posture, create an effective incident response team and hire a chief information security officer will likely reduce the costs of network breaches by as much as 25 percent, according to a study by the Ponemon Institute that was sponsored by Symantec.

                          While the average cost of breaches worldwide inched up to $136 per compromised record, compared to $130 per compromised record last year, the cost of a data breach declined in the United States by $6 per record, down to $188.."

                          The Future of Online Authentication
                          HelpNet Security, June 10, 2013
                          "Recently, Twitter has introduced 2-factor authentication - the latest in a long list of large-scale web services that have taken this step including Google, Microsoft and Dropbox. Why have these organizations all added complexity to their login experiences? Because the current state of online authentication isn't meeting the needs of either businesses or consumers.

                          The industry has reached a point where we need to confront a legacy of 50 years of computing - the username/password problem. We've lived with this problem until now because it is the lowest common denominator. Everyone understands how it works, however it hasn't scaled to meet the growing demands of modern computing..."

                          Those Meters That Rate Password Strength Work, Until They Don't
                          GCN, June 12, 2013
                          "We know the limitations of passwords: They are difficult to scale, and managing truly secure passwords is a headache for administrators and end users. We also know that although there are alternate technologies for online authentication, passwords probably are here to stay. 'Passwords are not going to disappear overnight, or in the next 10 years or 20 years,' said Lujo Bauer, assistant research professor in Carnegie Mellon University's Electrical & Computer Engineering Department.

                          So how to make the best of what we are stuck with? ..."

                            IT - Careers
                            x
                            How to Be Superb at What You Do
                            TLNT, June 7 2013
                            "Whenever you are asked if you can do a job, tell 'em, 'Certainly I can!' Then get busy and find out how to do it." - Theodore Roosevelt, 26th President of the United States.

                            "Competence. These three syllables mean everything in business, art, and industry alike, embodying as they do an individual's overall capability as a practitioner of their chosen field.

                            Like the older terms 'able seaman' or 'journeyman,' competence signifies an individual's capacity to handle all aspects of a particular job, and even in our overhyped world remains something to be proud of..."

                              The 12 Most Controversial Facts in Mathematics
                              Business Insider, March 25, 2013
                              "Mathematics has little surprises that are designed to test and push your mental limits. The following 12 simple math problems prove outstandingly controversial among students of math, but are nonetheless facts.

                              They're paradoxes and idiosyncrasies of probability. And they're guaranteed to start an argument or two.

                              If you're looking for a mathematical way to impress your friends and beguile your enemies, here's a good place to start..."

                                5 Great Things You Can Learn by Working for Bad Bosses
                                TLNT, June 11, 2013
                                "Most articles about bad bosses say that the best thing you can learn from them is how not to manage employees. Can't disagree with that!

                                But aside from that, there are some other things you can learn from a bad boss that you can't learn from a good boss...

                                So, here are the five (5) things you can learn from a bad boss:

                                • You must do your best work - always.
                                • You learn how to be creative.
                                • You learn how to protect yourself
                                • You learn how to 'read' people and situations
                                • You learn the value of having close working relationships

                                Read on for details.

                                  20 People Who Changed Tech: Steve Case
                                  InformationWeek June 10, 2013
                                  "The book AOL.com by Kara Swisher starts with the funeral of Bill von Meister, the man who understood what an online world was before there was an online world.

                                  When a new industry emerges, sometimes it's the charlatans and sneaky guys who come before the visionaries. Think how pornography helped jumpstart the video industry and then the Internet. And let's not forget the key role "sex chat" had in getting America Online off the ground, with its private rooms and closed user groups. (You've got porn!)..."

                                  IT - Social Media
                                  x
                                  Microsoft Study Shatters Myth, Says Social Media Use Increases Work Productivity
                                  Network World, June 6, 2013
                                  "Does your boss frown on using social media while you are at work because it is a distraction that decreases productivity? Well you can tell him or her that's a myth, since new results from a two-year study found that using social media at work actually increases productivity. A new Microsoft global survey agrees, 'Nearly half of employees report that social tools at work help increase their productivity, but more than 30% of companies underestimate the value of these tools and often restrict their use.'..."
                                  IT - Compliance
                                  x
                                  Harsher Penalties for HIPAA Violations Altering Compliance Efforts
                                  Search Security, June 11, 2013
                                  "The Health Insurance Portability and Accountability Act went into effect in 2006, but increasingly large penalties for HIPAA violations in recent years, combined with a greater risk of audits, are forcing enterprises to redouble their HIPAA compliance efforts.

                                  In a presentation at the 2013 Gartner Security and Risk Management Summit, Wes Rishel and Paul Proctor, both vice presidents and distinguished analysts with the Stamford, Conn.-based IT research giant, walked attendees through an increasingly harsh HIPAA landscape..."

                                  IT - Database
                                  x
                                  Bad SSH Key Management Leaves Databases at Risk
                                  Dark Reading, June 11, 2013
                                  "A 'gaping hole' in the way enterprises govern the use of one of IT's least sexy but most used access control and encryption protocols is leaving many sensitive database servers and other network devices at serious risk.

                                  Secure Shell (SSH) -- a Swiss army knife in the arsenal of many an IT department -- is best known for aiding in the creation of encrypted tunnels to secure remote access and file transfers, but has gradually gained even more acceptance as a way to secure machine-to-machine connections to help enterprises move large amounts of valuable and sensitive data..."

                                  IT - Backup
                                  x
                                  The Role Of Enterprise Backup In The Modern Data Center
                                  Storage-Switzerland, June 11, 2013
                                  "Data has changed. There is more of it, it's larger and is no longer all located on a single storage device in the middle of the data center. As a result backup, an already challenging process, is now reaching the breaking point. Just one example of how this is manifesting itself is that some application owners and users no longer trust their data to IT. They're taking matters into their own hands by using application backup or point backup utilities, which actually makes managing the backup process even more difficult. Data protection must change with this new reality so that user confidence can be restored and IT can adequately protect corporate assets..."
                                    IT - Mobile
                                    x
                                    8 Steps CIOs Should Take to Maximize BYOD ROI
                                    InformationWeek, June 7, 2013
                                    "An effective BYOD program balances the organization's requirements with the requirements of the employees. Here are key steps that enterprises need to take to ensure successful BYOD rollout..."

                                    • Management Readiness Assessment
                                    • Define BYOD Program Charter
                                    • Create a BYOD Governing Council
                                    • Create IT Process Group
                                    • Assess, Choose and Operationalize tools
                                    • Connecting Employee Devices:
                                    • Roll out Strategy for BYOD Program
                                    • Effective Communication Plan and Post Deployment Support

                                    Read on for details.

                                    How Key MDM Features Affect Mobile Security Policy Management
                                    Search Security, June 12, 2013
                                    "There's no doubt that IT security professionals charged with securing enterprise information assets know that mobile devices present new challenges. As the role, variability and specific requirements of mobile devices become increasingly important within the enterprise, so do the controls necessary to secure data accessed by those devices.

                                    In order for security managers to ensure corporate data is secure, they require an accurate and comprehensive view into rapidly shifting employees' work and device preferences..."

                                    Ten Tips for Realizing a True Mobile Enterprise
                                    IT Business Edge, June 7, 2013
                                    "A mobile enterprise is one where people can work from anywhere, anytime. There is a host of reasons businesses are finding it hard to 'go mobile.' First of all, mobile at work means a lot more than having access to a smartphone or tablet..."

                                    • Clearly define business goals of the mobile initiative
                                    • Focus on collaborative activities
                                    • Articulate the goals of the initiative
                                    • Brand the initiative
                                    • Embrace BYOD
                                    • Provide a consistent user experience
                                    • Provide appropriate levels of security
                                    • Don't make people change the way they work
                                    • Train workers appropriately and start slowly
                                    • Identify 'connectors'

                                    Read on for details.

                                    IT - Big Data
                                    x
                                    Big Data's Human Error Problem
                                    InformationWeek, June 10, 2013
                                    "We humans are our own worst enemies in the quest for better data quality, says one expert. Think false memory syndrome, typos, slips of the tongue and confirmation bias.

                                    Has the problem of bad data grown worse in the era of big data? No, not really, says author and industry analyst Joe Maguire, one of the organizers of the MIT Chief Data Officer and Information Quality (CDOIQ) Symposium, to be held July 17-19 in Cambridge, Mass..."

                                    How to Overcome Big Data.s Main Stumbling Block
                                    TechRepublic, June 10, 2013
                                    "The stumbling block for many companies-and the reason why organizations fall behind in the planning and pre-planning stages of big data, appears to be confusion on how best to make big data work for the company and pay off competitively.

                                    With all the talk about rapid deployment and breakneck business change, there can be a tendency to assume that businesses are up and running with new technologies as soon as these technologies emerge from proof of concept and enter a mature and commercialized state. However, the realities of where companies are don't always reflect this..."

                                    Skepticism Moves Big Data toward Causation
                                    InformationWeek, June 6, 2013
                                    "I'm a big fan of O'Reilly Media author Mike Loukides. Loukides' substantive writings are clearly distinguished among those from the now-too-many big data and analytics talking heads. I don't think I've seen a better article on the foundations of data science than his seminal piece from a few years back.

                                    So I was anxious to read his latest articles on data skepticism. Skepticism is generally considered among the most important qualities of a data scientist, mentioned in the same breath as deep skills in data programming/wrangling, statistics/machine learning/optimization, visualization/infographics, business acumen and off-the-charts curiosity..."

                                    IT - BYOD
                                    x
                                    BYOD Policies, WiFi Drive Workplace Productivity
                                    eWeek, June 7, 2013
                                    "The survey revealed that 39 percent of mobile workers have paid more than $20 for one-time use of WiFi.

                                    Mobile workers are using connectivity to be more productive and work longer hours, and most of this work is being done over WiFi, but poor connectivity and expensive WiFi still impede them, as does overly strict bring-your-own-device (BYOD) policies, according to mobility services provider iPass - quarterly Mobile Workforce Report..."

                                    Security Think Tank: BYOD Security: Policy, Control, Containment, And Management
                                    ComputerWeekly, June 7, 2013
                                    "The IT department has been accustomed to providing security for the devices and tools that it selected, owned, deployed and controlled.

                                    With bring your own device (BYOD) practices, the goal of enterprise information security remains the same.

                                    Protecting enterprise data is the number one priority, but the legacy approach to information security needs to be updated.

                                    There are the four main areas to address around BYOD and personal clouds in the workplace..."

                                    BYOD Movement: What's the Security Cost?
                                    eWeek, June 11, 2013
                                    "Mobile devices cause ongoing concern for IT teams responsible for information security, as the bring-your-own-device (BYOD) movement has dramatically increased the number of expensive security incidents. For one thing, sensitive corporate information can be easily transported and lost. With such issues in mind, security specialist Check Point conducted a global survey of 790 IT professionals in the United States, Canada, the United Kingdom, Germany and Japan to gather data to quantify the impact of mobile devices on corporate information security..."

                                    • Larger Businesses More Likely to Manage Data
                                    • Android, Apple Trusted Less Than Windows, BlackBerry
                                    • Personal Devices at Work Become More Commonplace
                                    • Mobile Security Incidents are Expensive
                                    • Businesses of All Sizes are Deploying BYOD
                                    • Careless Employees and Cyber-criminals
                                    • Fears of Data Loss Are Top Concern
                                    • Corporate Email, Customer Data Stored on Devices
                                    • A Dearth of Mobile Management Persists
                                    • Corporate Networks Including More Personal Devices

                                    Read on for details.

                                    Top 10 BYOD Pitfalls to Avoid If You Allow Personal Devices
                                    Search Consumerization, June 11, 2013
                                    "More than 75% of businesses now allow employees to bring their own devices, according to research firm Ovum, and Gartner predicts that half of employers could make bring your own device (BYOD) mandatory by 2017. With BYOD programs rapidly moving from nascent pilots to primetime deployments, the stakes are growing. Gaps that were once inconsequential could soon have major security and cost implications. As such, it's important to take stock of BYOD's pitfalls and how to avoid them..."
                                    Top10
                                    x
                                    Top Ten Articles for last few Issues
                                    Vol 184 Issue 1; Vol 183 Issues 1, 2,3, 4 and 5; Vol 182 Issues 3 and 4
                                    We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                    • Overview of Oracle's 5 SPARC CPUs
                                    • Why The Era of General Purpose Storage is Coming to an End
                                    • Why Sun's NIS will never die
                                    • Instant Automated Installer Zone for Oracle Solaris 11.1
                                    • Integration Matters -- Oracle ZFS Has it, NetApp FAS Doesn't
                                    • Using DTrace on Oracle Linux
                                    • eBook on Oracle's Sun Blade Server Modules
                                    • MySQL (5th Edition) - By Paul DuBois
                                    • A Summary of Identity Management R2 PS1
                                    • From Hybrid cars to Hybrid Clouds - it's great to have choice

                                    The longer version of this article has list of top ten articles for the last 8 weeks.

                                      IT - Encryption
                                      x
                                      How to avoid Big Brother's gaze
                                      ComputerWorld, June 13, 2013
                                      "Deciding on the level of encryption you should be using requires careful consideration...

                                      The revelations about the National Security Agency's Prism program have had many people thinking about George Orwell's dystopian novel, 1984. A lot of pixels and ink have been devoted to questions about the rightness or wrongness of Edward Snowden's decision to unmask the program and the relative importance of privacy vs. security. I'll leave those questions to others and instead focus on what we all can do to better protect our online activities from prying eyes..."

                                      The Pros and Cons of SSL Decryption for Enterprise Network Monitoring
                                      Search Security, June 12, 2013
                                      "My organization wants to keep watch over outbound network traffic to make sure that valuable IP isn't leaking out, so we're considering SSL decryption. Could you walk through some pros and cons? Ultimately, is this a viable technique or should we consider other options?

                                      The concept of SSL decryption has been around for quite some time, but it's usually carried out by nefarious individuals as part of man-in-the-middle attacks..."

                                        IT - Tape
                                        x
                                        Linear Tape File System Slow To Take Hold for General-Purpose Storage
                                        Search Data Backup, June 4, 2013
                                        "In May, QStar Technologies announced that its QStar Archive Manager and Archive Replicator software now offers support across all tape drives and libraries that are compatible with the Linear Tape File System.

                                        According to QStar, its software allows tape libraries to use the Linear Tape File System (LTFS) within any archiving environment and application. The software can manage data across "tens, hundreds or thousands of pieces of tape media, as a single network share," the company said..."

                                        Sysadmin
                                        x
                                        Monitoring per Zone Filesystem activity
                                        fsstat(1M)
                                        Solaris 11 added a new at fsstat(1M) monitoring command that provided the ability to view filesystem activity at the VFS layer (ie filesystem independent). This command was available in Solaris 11 Express and the OpenSolaris releases as well.

                                        In Solaris 11.1 support was added for per Zone and aggregated information so now we can very quickly determine which zone it is that is contributing to the operations...

                                        Trending in
                                        Vol 232, Issue 2
                                        Trending IT Articles