News about Oracle's Solaris and Sun Hardware
System News
Jul 21st, 2013 — Jul 28th, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 185, Issue 4 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section

25 Years of SPARC Innovation
Get exclusive content and online resources
"For 25 years, SPARC technology has been at the heart of enterprise IT. It has transformed data centers worldwide with industry-leading performance and continuous innovation. And helped organizations like yours build a sustainable competitive advantage.

Join us online to celebrate a quarter-century of innovation. Watch leading SPARC contributors discuss the challenges and rewards of consistently redefining the limits of enterprise IT. And see the featured video of the SPARC 25th Anniversary Celebration Event held at the Computer History Museum in Mountain View, California.

You can also access exclusive content and resources. Get unique insights from the people behind 25 years of SPARC technology, and see case studies, webcasts, e-books, infographics, and more. Discover:

  • How SPARC technology has transformed the IT industry
  • The challenges faced throughout the revolutionary history of SPARC
  • The reality of pushing the boundaries of enterprise IT performance for 25 years
  • The current state of the market and the changes the future will bring
  • What the latest SPARC advancements-including the forthcoming SPARC T5 processor-could do for your organization

Don't miss this opportunity to learn more about SPARC-the past, present, and future..."

IT - Storage
Are Flash Devices Putting Sensitive Data At Risk?
Storage Switzerland, July 22nd, 2013
"Flash based storage systems are now the 'go to' option for improving the response time of performance sensitive applications. Some applications that require high performance are also storing extremely sensitive data that needs to be completely sanitized if the flash device is replaced. Is erasing the data on a flash device enough to satisfy the standard methods for data destruction?..."
IO Patterns.What You Don't Know Can Hurt You
Enterprise Storage Forum, July 22nd, 2013
"Like two fencers in a dark room separated by 50 feet, both users and vendors will insist that they are stabbing in the right direction. Are you asking for vendor benchmarks for configurations that match your applications? Are vendors testing storage solutions with tests that approximate your applications on configurations that you will purchase?

The only way to be sure that both users and vendors are talking the same language is to understand the IO pattern of your applications..."

    A flash in the SAN?
    IT Director, July 23rd, 2012
    "Persistent storage has changed little over the years. Sure, there has been a move away from tape to disk, and direct attached storage (DAS) has moved to storage area networks (SANs) and network attached storage (NAS), and disk drives have got larger and faster, but the fact remains that what we have been working with over the last few decades has been a disk-based subsystem.

    As the move to a more virtualised, data-orientated technical platform has occurred, the problems with spinning magnetic disk-based systems have become more noticeable. The capability for disk to keep pace with the number of input/output operations per second (IOPS) has been a struggle, which, when combined with other factors such as network interconnects and systems latency, has led to storage becoming the main constraint in many compute platforms..."

    The Benefits of Software-Defined Server-Side Storage
    Storage Switzerland, July 24th, 2013
    "Hyperscale Data Centers, Managed Service Providers, Cloud Service Providers and large Enterprises all face a similar challenge; how to cost effectively scale their cloud/virtual infrastructures so that maximum return on investment can be achieved. The answer is to build scale-out compute infrastructures that support very high numbers of virtual machines, something called 'big virtualization'..."
      How to stretch the life of your SSD storage
      IT World, July 22nd, 2013
      "Once a PC enthusiast's dream storage device, the solid-state drive (SSD) is quickly becoming commonplace in custom PC builds and retail desktops alike. After taking a detailed look at SSD technology, we're moving on to basic care and feeding--how to stretch the life of your drive. All it takes is a little education, and some new ways of managing storage that have nothing to do with your traditional hard drive's maintenance routine..."
      IT - Technology
      3D Integrated Circuit Technology Used to Grow Human Tissue
      Network World, July 22nd, 2013
      "Scientists are working on a prototype system composed of integrated circuit technology that they say will help create human tissues for people with congenital defects or serious internal organ damage.

      Draper Laboratory and the Massachusetts Institute of Technology (MIT) built the prototype using what they called an automated 'layer-by-layer' assembly method- usually found within the electronics packing industry to build integrated circuits..."

        How Do You Drive a Supercomputer Round A Formula 1 Track?
        The Register, July 22nd, 2013
        "When you arrive at the Lotus F1 Team HQ you're politely asked not to take pictures without asking first. It soon becomes clear that most of the site is off bounds photographically, so we agree that it'll be easier all round if our guide, senior account manager Luca Mazzocco, simply tells us when we can take photos.

        It's not so much the racing kit itself that Lotus F1 seems concerned about, but rather what might be on any computer screens that creep into shot. Because if you thought that Formula One racing is about dashing James Hunt types having a spin between love-ins with multiple air hostesses and filming Brut 33 ads, you're probably also wondering why off licenses don't sell Double Diamond any more...."

          Top Artificial Intelligence System is as Smart as a 4-Year-Old
          ComputerWorld, July 22nd, 2013
          "Scientists often talk about creating artificial intelligence, but how "intelligent" are these systems really?

          Researchers at the University of Illinois at Chicago came up with an answer after giving one of the top artificial intelligence (AI) systems an IQ test.

          The MIT-built system, dubbed ConceptNet 4, is as smart as the average four-year-old..."

            When Will We See Autonomous Cars? Are We Ready for Them?
            Government Technology, July 22nd, 2012
            "Legislatures in more states than one might expect are considering or have considered bills related to autonomous vehicles. Nevada and California are the most widely reported, but Florida, Arizona, New Hampshire and New Jersey, to name just a few, are also getting into the autonomous vehicle game, according to Stanford.

            But how close are we to human-free driving?..."

              Video: Oracle Solaris 11 for ISVs
              Why Port to Solaris 11?
              Why certify your application on Oracle Solaris 11? John Shell, Sr. Director of Partner Enablement, invites Mike Mulkey, Sr. Manager of Solaris Partner Adoption, to understand the value to ISVs of certifying their applications on Oracle Solaris 11.
              MySQL Connect
              September 21 - 23 in San Francisco, California
              Wei-Chen Chiu writes, "The Early Bird rate for MySQL Connect has been extended for two weeks. Register by August 2 to save US$500 over the onsite price!

              MySQL Connect will be held on September 21 - 23 in San Francisco, California. The conference will start on Saturday with "The State of The Dolphin" keynote presented by Oracle's Chief Corporate Architect, Edward Screven, and Vice President of MySQL Engineering, Tomas Ulin, followed by a panel to discuss "Current MySQL Usage Models and Future Developments", with panelists from renowned web properties including Facebook, Twitter, LinkedIn and Paypal..."

              Cloud Computing
     Deploys Estate Asset Distribution Application on Oracle Cloud Platform Services
              scalability, security and reliability - all at a lower price point
              Security and credibility are extremely important in an industry like asset distribution and management where organizations need to ensure the privacy of estate-related data. Using Oracle Database Cloud Service, has been able to quickly and cost-effectively launch its online estate asset management application and establish a scalable, reliable, and secure foundation for its business.

              "In a sensitive area like asset and wealth distribution, we wanted to provide the best possible customer experience - one that estate planners and executors could have confidence in," said Ron Hardman, Founder, "We considered other clouds, but Oracle Database Cloud Service was the only one backed by Oracle's world-class technology - delivering scalability, security and reliability - all at a lower price point."

              IT - Cloud
              5 Elements Your Cloud Infrastructure Needs to Enable Application Agility
              IT World, July 22nd, 2013
              "A couple weeks ago, I discussed how cloud computing enables affordable agility. Automated provisioning and easy scalability make it possible, for the first time, for companies to experience infrastructure agility.

              However, it's a mistake to assume that agile infrastructure equals application agility (by which I mean both delivering applications into production more quickly and having those applications easily grow and shrink in terms of scale). In fact, one commonly encounters IT personnel who assume that the mere fact of hosting an application in a cloud environment will magically transform it into an all-singing, all-dancing agile application...

              Here are five elements that need to change along with the shift to cloud infrastructure in order to allow business agility to take place:"

              • Agile Development: Making Business Agility Dreams Come True
              • Organizational Silos: Leave Them on the Farm
              • Common Artifacts: Many Cooks, One Kitchen
              • Consistent Tools: One Screwdriver Is Enough
              • Incremental Application Change With Conditional Execution

              Read on for details.

              Cloud Security Risks Lurk in Big Data Projects
              CRN, July 22nd, 2013
              "IT security teams should be on the lookout for business units that may be spinning up servers using a public cloud provider for big data analytics projects because it introduces a variety of security risks, according to a security auditor who frequently reviews the software and infrastructure supporting such projects.

              It is fairly common for businesses to use Amazon (NSDQ:AMZN) Elastic Compute Cloud, Microsoft (NSDQ:MSFT) Windows Azure or the myriad of other cloud infrastructure providers for big data analytics projects, which require the computing power to conduct large-scale data analysis. While they help capture, manage and analyze terabytes or more of structured and unstructured data, they introduce the potential for data loss, account or service hijacking, or abuse if systems aren't protected and overseen with due diligence, said David Barton, principal and practice leader of the technology assurance group at Atlanta-based UHY Advisors, a business consulting firm..."

              How to Assess the Security of a Cloud Service Provider
              ComputerWeekly, July 22nd, 2013
              "As businesses continue to put more of their information online, understanding cloud suppliers and agreements has never been more important

              As a user, when my iCloud, Google Drive, Dropbox, etc. synchronise, seemingly by magic, across my smartphone, tablet and laptop, I do not want to know how the cyber plumbing works. I leave all that to the IT professionals. But can I expect them to warn me if I am taking unreasonable risks? ..."

              The Data Fragmentation Challenge
              IT Web Business, July 23rd, 2013
              "Only a few years ago, it seemed the world was waiting with bated breath for the advent of cloud computing. At that time there was sparse disagreement as to the future of the enterprise technology environment. Virtualisation had already begun to make a significant impact on computing capacity, and with several exciting new developments on the horizon promising to take data off premises, reducing overheads and transforming IT into an operating expense, businesses were enthusiastic at the prospect of an entirely new paradigm.

              What followed was a flood of cloud-based services aimed at both the consumer and corporate markets. As broadband and mobile connectivity gradually became increasingly ubiquitous, so remotely oriented data services began to permeate the strata of daily life..."

              The Risks And Rewards Of Cloud-Based Security Services
              Bank Systems and Technology, July 22nd, 2013
              "Cloud-based services are increasingly attractive to banks seeking cost-effective ways to handle the pace of change in technology and regulation. That interest is extending to some of the most sensitive parts of financial institutions' IT organizations, including security services such as email security, website protection, Web application firewall and application security testing -- even as fraudsters' ability to find new ways to circumvent banks' defenses and the headlines surrounding distributed denial-of-service (DDoS) attacks are presenting a challenging new threat landscape..."
              Top IaaS Security Requirements To Consider
              Network Computing, July 22nd, 2013
              "Poll after poll shows that security remains a major concern for enterprises moving to the cloud. Despite all that concern, companies appear to be increasingly adopting Infrastructure-as-a-Service without paying much attention to IaaS security.According to analysts at TechNavio, the global IaaS market is expected to grow at a compound annual rate of about 45% between 2012 and 2016..."
              Why Netflix is One of the Most Important Cloud Computing Companies
              Network World, July 22nd, 2013
              "Netflix's Open Source Software strategy started on June 23, 2011. One of the company's senior software engineers had an idea: "At some point, I think it would be valuable to open source the Zookeeper library I've written," Jordan Zimmerman wrote to his bosses, talking about a piece of customized code he helped develop. "Does Netflix have a policy on that?"

              The response he got: 'Go for it. Our policy is no policies ;-)'..."

              The Top Five Things the Cloud Can Deliver . If You Get Your Security Right
              AjaxWorld Magazine, July 22nd, 2013
              "Everyone has an opinion about the 'Cloud' and its effect on business - some believe it is dark and scary and fraught with unnecessary risk, while others would argue it's silver lined and the path to greater business performance and cost savings. The truth is that the Cloud undeniably has the potential to open up a whole new dimension of opportunities to businesses - but only if data security is properly addressed..."

              • Data Protection
              • Regulatory Compliance and Data Residency Requirements
              • Scalability and Flexibility
              • Cost Efficiencies
              • Access to Data Anytime, Anywhere

              Read on for details.

              IT - CxO
              5 Insights Into the Data Center Industry
              Data Center Knowledge, July 22nd, 2013
              "This week's Industry Perspectives represented an intersection of top-of-mind topics for data center professionals and executives. If you missed any, here they are in a neat package. Enjoy!..."

              • Are You Up in the Air with Cloud Computing Benefits?
              • Pairing for Scalability: In-Memory Data Grids and the Cloud
              • Data Tape: Dying a Slow Death or Already Dead?
              • Managing What Matters In the Cloud: The Apps
              • Five Key Trends in DCIM

              Read on for details.

              8 Skills You Need to Be a Successful IT Executive
              CIO, July 22nd, 2013
              "The skills that helped you become an IT pro and climb the ladder aren't the same skills you need to succeed in the c-suite. Learn the skills necessary to break through to the top..."

              • Know Your Leadership Style
              • Focus on Strategic Communication
              • Learn How to Develop Talented High-Performance Teams
              • Develop a Strong Technology Strategy
              • Understand Complex Business Problems
              • Know How to Lead in a Crisis
              • Be Able to Market IT to the Business
              • Know the Corporate Culture and Be Willing to Change It

              Read on for details.

              72% Can't Securely Manage Multiple Computing Environments
              Help Net Security, July 24th, 2013
              "AppSense and CTOVision announced the results of a survey that included responses from 245 executives, technologists and contractors - across the defense, intelligence and civilian sectors - to determine the implications of multi-platform computing to Federal users and I.T. organizations.

              More than 8 out of 10 respondents confirmed they are moving to a multi-platform (physical, virtual, mobile) computing environment to help them achieve operational efficiencies and employee productivity. However, many of these agencies lack the proper foundation and elements to deliver a consistent way for employees to fully take advantage of these platforms..."

              IT Market Forecasting Gets Dicey in Cloud Services, BYOD Era
              eWeek, July 22nd, 2013
              "The half year mark is when the major technology research organizations recalibrate their technology predictions. This year is no different, with both Forrester Research and Gartner recasting their forecasts.

              Forecasting technology markets, like forecasting the weather, is an inexact science but a topic that draws much discussion. In 2013 the major trends of mobile, cloud, social and bring your own device are rapidly altering the enterprise technology market.

              When you consider Microsoft reorganizing itself into a services operation, Dell working desperately to go private, Lenovo as the new leader in a declining personal computer market, and Samsung and Apple as the smartphone leaders, you get an idea of just how rapidly the tech globe is spinning...."

              Will CSOs Become CROs In The Future?
              CSO Online, July 22nd, 2013
              "Few would deny the chief security officer role has evolved quite a bit in recent years. At many large companies, the heads of both physical and information security now report in to the same person, an enterprise CSO. The pace of change for the function is accelerating along with the ever-changing nature of threats.

              Today, many believe CSOs will morph, sooner rather than later, into chief risk officers (CROs), monitoring and mitigating enterprise risks, including those relating to information security and facilities (but excluding financial risks, which are covered by the more traditional CRO function in large companies). At a high level, the new responsibilities include understanding your company's risk profile and risk appetite and then mitigating the risks accordingly..."

              Federal IT Efforts Slowed by Weak CIO Roles, Uneven Reporting
              CIO, July 25th, 2013
              "Though the federal government has made considerable strides in streamlining and modernizing its $80 billion IT operation, those efforts have been slowed by loose reporting about failing investments and weak CIO authorities across the agencies, a panel of senior officials told members of a House subcommittee on Thursday.

              David Powner, director of IT management issues with the Government Accountability Office, allowed that the Obama administration's tech team has put some 'excellent initiatives in place,' but that their implementation has been slowed by a 'poor track record' on large-scale IT projects, while agencies have been erratic in their self-reporting obligations..."

              IT - PM
              11 top Tips to Consider When Managing Risks in Your Projects
              Project Management Hut, July 22nd, 2013
              "All projects bring with them a definite level of risk and uncertainty and therefore going forth with a project without carrying out a risk analysis could ultimately cause huge complications for the project. Logically it's a choice of putting the time and effort into dealing with the risks and having a procedure in place to deal with the consequences before they hit or come up with a plan only when a problem arises.

              So how do you deal with a project risk effectively?..."

              • Early bird catches the worm:
              • Assess the risk:
              • Communication:
              • Make a plan:
              • Accept:
              • Avoid:
              • Minimise:
              • Sharing is caring:
              • Changes in your risk status:
              • Strict control and management:
              • Past risk management scenarios:

              Read on for details.

              15 Ways to Screw up an IT Project
              ComputerWorld, July 22nd, 2013
              "Paul Simon famously sang that there must be 50 ways to leave your lover. Similar could be said (if not sung) regarding projects: There must be 50 ways to screw up your IT projects..."

              • Having a poor or no statement of work
              • Not setting expectations up front
              • Not securing management buy-in
              • Using the same methodology for all size projects
              • Overloading team members
              • Waiting or not wanting to share information
              • Not having a clearly defined decision-making process
              • Not using a project management software system
              • Allowing scope creep (or excessive scope creep)

              Read on for more ways to screw up and for details.

              Online Solaris Forum - including live Q&A throughout
              Wednesday, 7th August 2013
              Larry Wake writes,"We're back with the next installment of our very popular Oracle Solaris web forum series. It's our way to check in with everyone and let you know what we've been doing lately, and it's also the a way for you to interact with Oracle Solaris engineers and get your most interesting questions answered in our live Q&A session that takes place throughout the forum.

              This one takes place on Wednesday August 7th, at 9 AM PT, and features Markus Flierl, VP of Oracle Solaris Core Engineering. Michael Palmeter, Senior Director of Oracle Solaris Product Management, Duncan Hardie, Principal Product Manager in Oracle Solaris, and Rob Ludeman, Principal Product Manager in Oracle Systems.

              Markus will bring us all up to date on the latest news about Oracle Solaris 11, followed by Michael, Duncan and Rob, who will discuss the payoffs of the last few years of co-engineering among our OS, software and hardware teams..."

              IT - Networks
              SDN 101: Software-Defined Networking Explained in 10 Easy Steps
              InfoWorld, July 22nd, 2013
              "The very heart of networking is about change. Your current network infrastructure is a platform on which the entire IT portfolio depends for communication and services. Although the network is made of many physical elements, such as routers, switches, and firewalls, it is for all practical purposes a single system. A change in any part of the network can cause a failure of the whole. This interdependence has led to a fear of change among network operators that prevents new services, new features, and even good operational practices.

              SDN is a network architecture that changes how we design, manage, and operate the entire network so that changes to the network become practical and reliable..."

              • Planes of operation
              • Controller networking
              • Hypervisor connectivity
              • Hypervisors and the network
              • Tunnel networking
              • Tunnel fabric
              • Multitenancy
              • Network agents
              • Network agent as router
              • The bigger picture

              Read on for details.

              The Debate: Whether to Hire or Outsource Computer Network Support
              Business 2 Community, July 25th, 2013
              "Technology problems, from the minor to the catastrophic, are inevitable. Anyone that has used a computer for any length of time knows this. When problems happen, being able to turn to an IT professional to provide you with support is usually the fastest and most reliable way to get the problem fixed. There is a debate that many small businesses wrestle with about whether to keep this support network in-house, or whether to hire an outside company to handle it for them. The needs and means of every company are different, and there is no hard and fast answer as to which form of support is better. If you find yourself needing to make a choice, weigh the following factors before you make any commitment..."
                IT - Operations
                Georgia's CIO Gets IT Outsourcing Deal Back on Track
                ComputerWorld, July 22nd, 2013
                "When then Georgia governor Sonny Perdue ordered in 2007 that the state's central IT organization turn to the private sector to transform its aging IT infrastructure, it was one of a handful of large public sector outsourcing efforts attempted.

                Virginia, Texas, the city of Minneapolis and the county of San Diego had inked high-profile IT services deals, with mixed results. In 2008, the Georgia Technology Authority (GTA) awarded the IT infrastructure business, worth $1.2 billion over eight years, to IBM Global Services and AT&T, with the promise of bringing the state into the 21st century and thus, cutting costs, reducing operational risk, and improving data security.

                But, as late as 2011, the outsourcing plan was failing to deliver..."

                Software Defined Data Center (SDDC): Marketing or Meaty?
                Network World, July 22nd, 2013
                "It seems like all IT hardware is now being defined by software. In the network, software defined networking (SDN) is a daily topic of debate. On the storage side, discussions about abstraction and programmability are starting to be lumped into the category of software-defined storage (SDS). And now a term is emerging to denote the convergence of all these things into something much bigger: the software-defined data center (SDDC).

                SDDC was coined by the former CTO of VMware, Dr. Steve Herrod. The first mention was at Interop 2012. Dr. Herrod was talking about the convergence of networking, storage and server virtualization, and how it would affect engineers and architects and change their vision of the data center..."

                Outsourcing, Adieu: Companies Retake the Reins on IT Services
                ComputerWorld, July 22nd, 2013
                "Almost as soon as the outsourcing deal was inked, it was an $800 million disaster.

                The Fortune 500 company's seven-year, $120 million-a-year IT services deal had all sorts of problems from the beginning, according to an IT director whom we'll call Skip Currier (not his real name), who had a front-row seat to the debacle. "From the beginning, the project was understaffed and overambitious. They didn't fulfill certain parts of the contract, and our executives didn't force them to," he says with a sigh of exasperation. All told, the deal was badly executed and badly managed, with plenty of blame to go around..."

                IT - Security
                How to Keep Your Customers Protected from Password Risk: Best Practices
                Business 2 Community, July 23rd, 2013
                "These days, no one stays in their jobs forever. Try as you might to hold on to your most talented techies (or, let's face it, your less talented ones), eventually, life circumstances will take them away from your managed service provider (MSP) business, and with them, all the passwords for the customer accounts they worked on. Earlier in 2013, we surveyed the attendees of a webinar we gave. I was not at all surprised to learn that 74 percent of the IT companies attending the webinar had experienced staff turnover in the past year. When a staff member leaves your business, you can take away his key card, but you can't erase from his memory the passwords he used to access your clients' systems, applications, and networks..."
                  True Tales of (Mostly) White-Hat Hacking
                  InfoWorld, July 22nd, 2013
                  "In the mainstream media, hacking gets a bum rap. Sure, the headline grabbers are often nefarious, but all computer professionals are hackers at heart. We all explore the systems we use, often reaching beyond their normal intent. This knowledge and freedom can come through big time in sticky situations.

                  In my three decades fighting malicious hackers, I've come to rely heavily on that desire to scratch an itch. Improvisation and familiarity with computing systems are essential when combating those who will do almost anything to compromise your network...."

                    3 Truths for Getting Started with Security Awareness
                    CSO Online, July 22nd, 2013
                    "The process from awareness to mindful action is a journey. Not everyone starts at the same place or progresses in the same way.

                    The journey begins with awareness. The powerful moment when an individual realizes the impact of actions, decisions, or events. In their own context, using their own words. Initially, awareness may not include understanding, or even a pathway to action. It serves as an awakening. It stokes the desire to learn. It reveals the *need* to change behaviors.

                    So where does it start?..."

                      10 Top Password Managers
                      Information Week, July 22nd, 2013
                      "In 2011, IBM predicted that in five years we will not be using passwords to access secure resources such as ATMs and PCs. Instead of entering a PIN or typing a username and password into a PC, we will simply look into a camera or speak a name into a microphone, because our eyes and voices are unique, IBM says... Password managers also generate complex passwords, provide import and export tools, allow for simple notes and automatically complete online forms for more efficient online checkout. Here are 10 password manager tools worth considering:"

                      • LastPass
                      • Password Genie
                      • SplashID Safe
                      • RoboForm
                      • Dashlane
                      • mSecure
                      • KeePass
                      • DirectPass
                      • Norton Identity Safe
                      • MyLOK+

                      Read on for details.

                      A Question of Trust
                      Help Net Security, July 24th, 2013
                      "Trust is the foundation for many of our relationships, both in our personal and business life. Trust is one of the strongest elements supporting a relationship and helps it survive the toughest of challenges, but it can also be one of the most brittle parts, easily broken beyond repair. Building up trust can take years, and losing it can sometimes take mere seconds.

                      In information security, trust is a cornerstone in all that we do. We trust the technology we use to help defend our systems, we trust our staff to comply with policies and not to fall victim to phishing emails, we trust those we appoint to manage our sensitive data not to divulge it to others, we trust our business partners to take the necessary steps to protect information we share with them, and we trust our governments to provide a safe business environment and to protect our rights..."

                      Firms Far From Taming the Tower of APT Babel
                      Dark Reading, July 25th, 2013
                      "Companies looking to learn more about the attackers who are targeting their systems will likely have to translate between reports from different incident-response and security firms. While early efforts are under way to allow threat-intelligence firms to better exchange information on adversaries and their tools, security companies each have its own naming scheme, making identifying common threats more difficult. Take the Comment Crew, for example. The espionage group, which targets intellectual property in nearly a dozen industry sectors and is thought to be connected to an intelligence component of the People's Liberation Army, is also known as Comment Panda by security startup CrowdStrike and APT-1 by incident-response firm Mandiant. Managed security service provider Dell Secureworks puts the group into a broad bucket known as the Shanghai Group, based on its infrastructure's location..."
                      How to Protect Your Company From the Password Risks of Techy Turnover
                      Business 2 Community, July 23rd, 2013
                      "This is advice I usually give to managed service providers (MSPs), but really it applies to any company with sensitive data and systems protected behind passwords: When your employees leave (and, inevitably, some will) they take their knowledge of your passwords with them. I'm not just talking about their personal login to your network and email system; presumably those accounts are deactivated as soon as someone leaves your company's employ. Passwords protect a host of business systems. You can probably rattle off several yourself just by scanning the equipment in your office and the applications on your computer. Here are just a few:..."
                        Key Security Metrics Revealed
                        Help Net Security, July 25th, 2013
                        "A new Ponemon Institute study examined the key risk-based security metrics IT security managers used most frequently to gauge the effectiveness of their organizations' overall security efforts.

                        Top Metrics included: time taken to patch, policy violations, uninfected endpoints, data breaches, reduction in the cost of security, end users training and reduction in unplanned system downtime.

                        The survey respondents included 571 UK professionals in the following areas: IT security, IT operations, IT risk management, business operations, compliance/internal audit and enterprise risk management..."

                        Safeguard Your Code: 17 Security Tips for Developers
                        IT World, July 22nd, 2013
                        "The scary stories from the Web are getting worse. First there were a few stolen credit card numbers. Now, millions of financial records are exposed by security breaches, and we grow numb to the threat.

                        Writing secure code begins long before the first loop is formed -- and is no easy task. To even approximate bulletproof code, architects, engineers, auditors, and managers must try to imagine everything that could go wrong with every aspect of the code. Although it's impossible to anticipate every nasty curve the attackers will throw, you have to do all you can to reduce your attack surface, plug holes, and guard against the fallout of a potential breach.

                        Here are 17 tips for producing more secure code..."

                        • Test inputs rigorously
                        • Store what you need, and not one bit more
                        • Avoid trusting passwords more than necessary
                        • Negotiate requirements
                        • Add delays to your code
                        • Use encryption more often than you think you should
                        • Build walls
                        • Tested libraries -- use them
                        • Use internal APIs
                        • Bring in outside auditors to critique your code

                        Read on for more tips and details.

                        The Dangers of Unsecured USB Drives
                        CIO Insight, July 22nd, 2013
                        "Savvy CIOs have policies in place to protect their networks against infected USB flash drives. That's because most IT professionals know the amount of damage that can be caused by plugging in such a device.

                        For instance, Stuxnet, one of the world's most sophisticated cyberweapons, is said to have gained access to its target system through a USB drive that someone found..."

                        IT - Careers
                        10 Free Tools that Deserve a Price Tag
                        TechRepublic, July 22nd, 2013
                        "How would you feel about paying for the software you currently get for free? Here are some open source projects that deserve more than the odd donation...

                        I've come up with my list of open source tools that deserve a price tag. I would pay to use every one. See how my list compares to yours:"

                        • Ubuntu
                        • LibreOffice
                        • Audacity
                        • OpenShot
                        • Clementine
                        • GIMP
                        • PhpMyAdmin
                        • Apache
                        • GnuCash
                        • Thunderbird

                        Read on for details.

                        NASA Reveals Earth's Portrait Taken from Deep Space
                        ComputerWorld, July 23rd, 2013
                        "For everyone who ran outside to wave and smile for the camera last Thursday, well, you didn't quite make it into the picture, unless you can spy yourself in what looks like a bright spot in the dark heavens.

                        Late Monday, NASA released images of Earth and the moon taken from both its Cassini spacecraft, which is about 900 million miles away from Earth studying the Saturn system, as well as from Messenger, which is about 61 million miles away studying Mercury..."

                          6 wishes for SysAdmin Appreciation Day
                          InfoWorld, July 22nd, 2013
                          "What? You didn't know today was SysAdmin Appreciation Day? Better slip around the corner and buy flowers. Better yet, do your best to fulfill at least one wish from this list.."

                          • Let us have at least some input into high-level system decisions
                          • Remember that poor planning on your part does not constitute a crisis on our part
                          • When we ask for specific workstation hardware, don't equivocate, just give it to us
                          • Users, please have some sort of understanding that security is important
                          • Don't assume we sit around loafing when your support request is dealt with quickly
                          • Don't ask us to violate the laws of physics, as we are not actual wizards

                          Read on for details.

                          Nine Trouble Signs When Hiring a Tech Star
                          CIO Insight, July 22nd, 2013
                          "Be careful of what you wish for. Because if you step up recruiting efforts to get the very best tech talent, you could create a huge headache in the process. That's because highly capable people may still lack proper motivation or a team-focused mindset, and this will make for toxic outcomes. Face it: You want eager, resourceful self-starters, not prima donnas who are unwilling to roll up their sleeves and get their hands dirty..."

                          • Lack of a Track Record
                          • A State of Dysfunction
                          • Solo Artists
                          • On the Spot
                          • Above It All?
                          • Benefiting From Others
                          • Culture Clash
                          • Uninspired at Work
                          • Looking Out for #1

                          Read on for details.

                            IT - Social Media
                            7 Elements of a Successful Social Business
                            Information Week, July 22nd, 2013
                            "What is the common thread in the following statistics? Thirty-six percent increase in brand awareness, 66 percent less time to bring products to market, 20 percent improvement in customer conversions, 15 percent increase in successful innovations and new ideas?

                            Answer: These are just some of the quantitative results attributed to becoming a social business. With dramatic benefits like these, why aren't all businesses social by now? The fact is, becoming a social business can be quite difficult, especially without a well-thought-out implementation plan..."

                            • Define A Meaningful Purpose
                            • Simplify The User Experience
                            • Designate A SOCIAL Executive Sponsor
                            • Trust Your People!
                            • Implement And Drive Engagement With Social Tools
                            • Measure Adoption And Recognize Achievements
                            • Passionately Embrace Change And Have Fun

                            Read on for details.

                              IT - Compliance
                              Lawmakers Push for Federal Data Breach Notification Law
                              ComputerWorld, July 22nd, 2013
                              "U.S. lawmakers plan to resurrect national data breach notification legislation that has failed to pass in past sessions of Congress, but some advocates don't agree on what should be included in a bill.

                              Six witnesses at a U.S. House of Representatives hearing Thursday called for a national law requiring businesses that lose data in hacker attacks to notify affected customers, but there were differences about whether the bill should preempt 48 state laws or should set a minimum standard that state laws can build on..."

                                Attack of the Killer Initiative?: Opt-In Privacy Regime on Deck for a California Ballot Initiative
                                Technology's Legal Edge, July 22nd, 2013
                                "On July 17th, former California State Senator Steve Peace (director of the film, 'Attack of the Killer Tomatoes') and trial lawyer Michael Thorsnes filed a potentially revolutionary draft ballot initiative with the California Attorney General's Office ('the Initiative'). If approved by voters, it would amend the California Constitution to establish a very broad opt-in privacy regime with narrow exceptions. If supporters are able to collect the requisite number of signatures, the Initiative would face a vote in November, 2014, and if approved on in that election, would take effect less than two months later, bringing to California a very different set of privacy rules than apply anywhere in the United States..."
                                  Wyndham Lawsuit Tests FTC's Data Security Enforcement Authority
                                  ComputerWorld, July 22nd, 2013
                                  "A federal court judge in New Jersey on Wednesday agreed to allow the U.S. Chamber of Commerce and several other organizations to seek the dismissal of a closely watched data breach lawsuit filed by the Federal Trade Commission against Wyndham Worldwide Corp.

                                  The groups accused the FTC of holding breached entities like Wyndham to unfair and arbitrary standards and alleged that the FTC is forcing businesses into lengthy data breach settlements and imposing costly fines for violating security standards the agency hasn't even formally promulgated..."

                                  IT - Backup
                                  The Future of Backup is an Architecture Not an Application
                                  Storage Switzerland, July 25th, 2013
                                  "While the applications that protect data have vastly improved over the last 20 years, they still often struggle to keep up with the technical challenges of data growth, shrinking backup and recovery windows and demands for greater disaster resilience. At the same time, user expectations have also risen.

                                  Application owners and storage and virtual machine administrators are now insisting on an increased level of control and visibility into the data protection process. This often leads to these individual stakeholders deploying their own data protection infrastructures. Sometimes this is simply the outgrowth of a desire to use the native backup utilities that come with applications, but other times it's a reflection of a loss of confidence that their individual recovery objectives can be met using the existing tools and processes offered by the backup team..."

                                  6 Common Questions About Locating And Backing Up Your Data
                                  Business 2 Community, July 22nd, 2013
                                  "You've taken the first step and decided to protect your valuable business data by using an automated, cloud-based backup like Carbonite. Depending on your technical expertise and the service you're using, you probably still have questions: How do I know what data to back up? How much data do I have stored on my computers, and where is it? Can I back up my mobile device?.."
                                    Implementing High-Performance Backup Recovery: 10 Best Practices
                                    eWeek, July 22nd, 2013
                                    "Data protection capabilities for high-performance, virtualized environments come with some of the thorniest issues in IT. Problems exist in how well backup and recovery practices work in both physical and virtual realms-because most enterprises now have both-as well as in cost and complexity... Here are 10 key recommendations for implementing a high-performance, cost-effective, grid-scalable backup and recovery system with high deduplication rates:"

                                    • Focus on Performance
                                    • Consolidate Backups Onto a Single System
                                    • Use Enterprise-Optimized Deduplication
                                    • Deduplicate Multiplexed, Multistream Databases
                                    • Use Reporting to Plan Accurately for Future Needs
                                    • Migrate to the Latest IT Without Disruption
                                    • Pay Only as You Grow
                                    • Ensure Data at Rest Is Secure
                                    • Only Use Replication With Deduplication for Disaster Recovery
                                    • Fewer Systems Mean More Uptime

                                    Read on for details.

                                    The Value of Negotiating SLAs Before Establishing Backup Policies
                                    SearchDataBackup, July 22nd, 2013
                                    "Should IT negotiate service level agreements with business stakeholders prior to establishing backup policies?

                                    In order to set the right expectations, it is important to negotiate service-level agreements (SLAs) with the appropriate business stakeholders up front, prior to establishing data backup policies..."

                                      IT - Big Data
                                      Hello, World. I'm Learning From Data!
                                      TechRepublic, July 22nd, 2013
                                      "Does discovery depend on the scale of your experiment? In some cases, no! Whether Christopher Columbus sailed with three ships or 3000, he still would have found the New World, probably in the same amount of time.

                                      In this case, the existence of the Americas is independent of the scale of the exploration resources. Conversely, there are many more cases where the potential for discovery does scale with the size of your resources. If those resources are big data, then prepare to say "hello, world" to many more new worlds (and new discoveries)..."

                                      7 Ways The U.S. Dept. Of Veterans Affairs Tackled Its Big Data Big Challenges
                                      CRN, July 22nd, 2013
                                      "The U.S. Department of Veterans Affairs (VA) had a big problem with big data. Just ask Dat Tran, deputy assistant secretary for data governance and analysis at the VA... Tran and his team recently set out to change all that, launching a massive data quality initiative across the VA. Here, according to Tran, are the department's top lessons learned along the way:"

                                      • Take A (Much) Closer Look At Your Data
                                      • Map Data To Business Processes
                                      • Don't Confuse Data For Information
                                      • Secure Executive Buy-In
                                      • Appoint A Chief Data Officer
                                      • Data Governance Is Not A 'Project'
                                      • Get Creative With BI

                                      Read on for details.

                                      Damn the Petabytes, Full Speed Ahead!
                                      Big Data Republic, July 23rd, 2013
                                      "Who owns big data? If you're a techie, you might not like the answer: The business, not IT, owns big data.

                                      Follow the breadcrumbs: Big data is about the goal, not the process. That is, it's about gaining new insight by bringing together siloed data streams, not about building Hadoop clusters or spinning up Mongo or Couch or deciding whether to use Sqoop or Flume.

                                      That's why big data is no longer just for those with a classical 'big' data problem, meaning all three 'Vs': volume, velocity (both data set growth rate and real-time response rates), and variety of data types and sources..."

                                      12 Predictive Analytics Screw-Ups
                                      ComputerWorld, July 24th, 2013
                                      "We asked experts at three consulting firms -- Elder Research, Abbott Analytics and Prediction Impact -- to describe the most egregious business and technical mistakes they're run across based on their experiences in the field. Here is their list of 12 sure-fire ways to fail..."

                                      • Begin without the end in mind
                                      • Define the project around a foundation that your data can't support
                                      • Don't proceed until your data is the best it can be
                                      • When reviewing data quality, don't bother to take out the garbage
                                      • Use data from the future to predict the future
                                      • Don't just proceed, but rush the process because you know your data is perfect
                                      • Start big, with a high-profile project that will rock their world
                                      • Ignore the subject matter experts when building your model
                                      • Just assume that the keepers of the data will be fully on board and cooperative
                                      • If you build it they will come: Don't worry about how to serve it up
                                      • If the results look obvious, throw out the model
                                      • Don't define clearly and precisely within the business context what the models are supposed to be doing

                                      Read on for details.

                                      Insights Ahead: The Rise of Analytics as a Service (AaaS)
                                      Information Management, July 22nd, 2013
                                      "How will businesses compete in the race to gain competitive advantage from the ever-increasing volume of internal and external data to which they now have access? One option is to build sophisticated in-house analytics toolkits, which could potentially generate a wide array of insights from such information. But an increasingly useful alternative will be to gradually buy those tools - and the underlying processing capability and data experts - when they are needed..."
                                      Quality Data Takes More Than a Quick Technology Fix
                                      eWeek, July 22nd, 2013
                                      "Big data means big problems if the data isn't accurate. But don't think there is a quick technology fix to data quality. Instead, business strategies must be installed to make data dependable.

                                      You are embarrassed to discover your company is sending mail to a former customer now deceased. You have to hire a swivel chair data input operator who spends the day re-entering data between incompatible systems by swiveling from screen to screen. Government organizations are supposed to share data on suspicious individuals, but a name falls through the cracks and a bombing occurs. Those are all examples-ranging from embarrassing to fatal-of data that should have been updated, integrated and shared, but wasn't..."

                                      IT - Mobile
                                      3 Key Things to Know: Data Erasure & Disposition for Mobile Devices
                                      Business 2 Community, July 22nd, 2013
                                      "Enterprises are taking advantage of the mobility, ease of use, and the applications offered by tablets. For many workers, tablets are replacing PCs or specialized devices as their mobile work device. IT Asset Managers and Data Security Managers have been focused on keeping track of these devices while in use, and ensuring they can only access and store data and corporate applications securely. As companies upgrade and replace these devices with newer versions, some new concerns, as well as some of the same old ones, for disposition come into play..."
                                      SIM Card Security Flaws Leave Billions of Mobile Phones Vulnerable to Attacks
                            , July 22nd, 2013
                                      "Outdated technology in SIM cards is leaving millions of mobile users open to remote attacks, according to Berlin's Security Research Labs.

                                      SRLabs revealed the security issues in a statement online, warning that the flaws could let hackers root the cards and infect mobile phones with mobile malware using a multi-stage attack strategy."

                                      The Latest Mobile Security Darlings Won't Work Either
                                      InfoWorld, July 22nd, 2013
                                      "I've been skeptical for some years now of the straitjacket technologies proposed by security vendors to antsy IT organizations seeking to lock down users' mobile devices. The whole reason smartphones and iPads became the most quickly adopted technologies in history is because they support people's freedom to get stuff done the way they prefer. Yet these tools try to convert them into the limited-functionality, hard-to-use devices that people are trying to escape.

                                      Of course they fail..."

                                      Wearables Are a Real Lifesaver for First Responders
                                      Business 2 Community, July 25th, 2013
                                      "Wearables like Google Glass are shaping up to be as useful as they are cool. For police officers, firefighters and other public servants, that's very good news indeed. When your job involves keeping the public safe, even a slight technological edge can save lives. From finding the exact address of a fire to identifying a perp, it's easy to see how first responders can benefit from the wearable computing revolution, even if it never catches on with the public at large..."
                                      IT - BYOD
                                      Forget Standardization -- Embrace BYOD
                                      Dark Reading, July 22nd, 2013
                                      "Despite its rocky start, Windows 8 has IT departments salivating over the idea of standardizing on a single platform. It's a compelling vision: phones, tablets, and workstations all running a single OS and managed through a shared set of native Microsoft tools. Compelling, perhaps, but for most organizations, it ain't gonna happen.

                                      Except in the most locked down, high security environments, platform standardization is quickly becoming a thing of the past..."

                                      Top Ten Articles for last few Issues
                                      Vol 185 Issues 1, 2 and 3; Vol 184 Issues 1, 2, 3, 4; Vol 183 Issue 5
                                      We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                      • New feature development for SunRay Software and Hardware, VDI, OVDC Ended
                                      • The Case for Running Oracle Database 12c on Oracle Solaris
                                      • ZFS Storage Appliance Compression vs Netapp, EMC and IBM
                                      • Availability Best Practices - Example configuring a T5-8
                                      • IBM AIX to Oracle Solaris Technology Mapping Guide
                                      • Oracle Switch ES1-24
                                      • Oracle Exalytics In-Memory Machine X3-4
                                      • July 2013 Critical Patch Update Released
                                      • Strata Health Helps Customers Speed Patient Care with Oracle Database Appliance
                                      • Read about the Cloud and the Oracle user experience

                                      The longer version of this article has list of top ten articles for the last 8 weeks.

                                        Apache OpenOffice 4.0
                                        Features an innovative new Sidebar user interface
                                        Apache OpenOffice 4.0 is now available for download from the official download page. Building upon the great success of the OpenOffice 3.4 release, which has seen over 57 million downloads, this major update brings exciting new features, enhancements and bug fixes.

                                        OpenOffice 4.0 features an innovative new Sidebar user interface, additional language support for 22 languages (including 3 new languages), 500 bug fixes, improvements in Microsoft Office interoperability, enhancements to drawing/graphics, performance improvements, etc. You can read the details of these later in the Release Notes.

                                        LibreOffice 4.1: A Landmark For Interoperability
                                        Improvements bring compatibility with proprietary and legacy file formats to the next level
                                        The Document Foundation announces LibreOffice 4.1, not only the best but also the most interoperable free office suite ever. LibreOffice 4.1 features a large number of improvements in the area of document compatibility, which increases the opportunities of sharing knowledge with users of proprietary software while retaining the original layout and contents.

                                        Interoperability is a key asset for LibreOffice, which is the de facto standard for migrations to free office suites since early 2012. Numerous improvements have been made to Microsoft OOXML import and export filters, as well as to legacy Microsoft Office and RTF file filters. Most of these improvements derive from the fundamental activity of certified developers backing migration projects, based on a professional support agreement.

                                        Instrumental for interoperability are also new features such as font embedding in Writer, Calc, Impress and Draw - which helps in retaining the visual aspect when fonts used to produce the document are not installed on the target PC - and import and export functions new in Excel 2013 for ODF OpenFormula compatibility.

                                        Just How Messed Up Is My Code?
                                        Enter NetBeans code metrics
                                        Geertjan writes, "More often than not, you know your code is pretty messed up. The excuse you have is that you inherited it from someone else. That, of course, doesn't change the fact that your code is messed up. It changes how responsible you feel about it but, as you'll soon be reminded by someone, the fact that you now own the code means that it's your responsibility now. The fact that your code works doesn't mean that you understand it and that's because the code is messed up in numerous different and interesting ways. The fact that you don't understand how it works means that it's hard to maintain it...

                                        Enter NetBeans code metrics, introduced in NetBeans IDE 7.4 which, at the time of writing, is in its Beta phase..."

                                        Official Support for PhoneGap in NetBeans IDE
                                        Create cross-platform mobile applications
                                        Geertjan writes, "PhoneGap is a free and open source framework that allows you to create cross-platform mobile applications with standards-based Web technologies, such as HTML, JavaScript, and CSS.

                                        NetBeans IDE 7.4, with its Beta released a few days ago, supports PhoneGap. For free. Without the need to install plugins. Because the NetBeans IDE free PhoneGap support is provided out of the box when you install the Java EE or All distributions of NetBeans IDE 7.4..."

                                        Trending in
                                        Vol 235, Issue 3
                                        Trending IT Articles