News about Oracle's Solaris and Sun Hardware
System News
Oct 21st, 2013 — Oct 27th, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 188, Issue 4 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section


IT - CxO
x
Why Business Executives Need to Pay More Attention to Information Security
Business 2 Community, October 24th, 2013
"It isn't easy to convince non-technical business leaders that they should spend more money on assets that don't deliver obvious or immediate return on investment. Traditional information security systems don't typically affect productivity or move numbers on the bottom line of company spreadsheets. This is apparent when you look at where IT budgets typically get spent. Organizations will pay for better networks and applications that streamline workflows, but they barely invest in technologies to protect those investments. Gartner estimates that less than 5 percent of IT spending goes to security..."
16 Traits of Great IT Leaders
CIO, October 23rd, 2013
"Being an exceptional leader is about more than getting the job done. You've got to balance your team's need with your goals and objectives as well as your emotions. You've got to think about things from other people's perspective and sometimes do things that, while are in the best interest of the team, might not be great for you. While there a number of different leadership styles, the best leaders share some common traits..."
    Five Ways to Become a Best-in-Class CIO
    CIO Insight, October 14th, 2013
    "Today's high-octane business environment is heaping pressure on CIOs to step beyond systems and solutions and address business needs on a more holistic basis. Here are five essential qualities of an effective CIO:

    • Communicate, communicate, communicate!
    • Become an advocate of the business
    • Knock down walls, silos and barriers
    • Embrace Innovation
    • Seek knowledge and skills.

    Embracing these five qualities is essential to your success as a CIO. If there are other CIO qualities you think are equally important, please share them in our comments section..."

    How to Manage the Superstar Employee
    Business 2 Community, October 19th, 2013
    "The internet, social media and mobile technologies are igniting massive changes in business world. These transformations are How Technology Is Redefining The Future Of Work defining the Future of Business and at the same time, defining the workplace of the future.

    What is the future of work? What will the relationship between the employee and employee look like? To help answer these questions, we developed a series of questions and reached out to thought leaders in this discipline..."

      SPARC
      x
      Oracle's Full Line of Integrated Sun Servers
      14-Page Brochure(PDF)
      How to Use The Guide

      This guide features all of Oracle's servers, with each section listing a full line of products and their specifications. Read Oracle's Full Line of Integrated Storage Systems to see all of Oracle's storage products.

      Many enterprises are managing demanding applications and accessing increasing amounts of data. They need computing power that matches their needs and budget, where and when it matters most. Oracle's products and solutions can support business needs from end to end, throughout the lifecycle of the data center.

      More than 30 years of systems expertise and innovative thinking have gone into creating Oracle servers. These systems are some of the most reliable, scalable, and energy-efficient systems in the industry. They are the core building blocks for mission-critical enterprise computing; enterprise application environments; and virtualization and cloud deployments. Oracle's complete portfolio of servers, storage, systems software, and networking products are engineered to work together to deliver record-breaking performance, simplified management, and cost-saving efficiencies.

      Oracle VM Server for SPARC: which domain types should be used to run applications
      LDOM Best Practices - updated- by Jeff Savit
      Jeff Savit writes, "One frequent question 'what type of domain should I use to run applications?' There used to be a simple answer: "run applications in guest domains in almost all cases", but now there are more things to consider.

      Enhancements to Oracle VM Server for SPARC and introduction of systems like the current SPARC servers including the T4 and T5 systems, the Oracle SuperCluster T5-8 and Oracle SuperCluster M6-32 provide scale and performance much higher than the original servers that ran domains. Single-CPU performance, I/O capacity, memory sizes, are much larger now, and far more demanding applications are now being hosted in logical domains.

      Exadata
      x
      Temenos T24 achieves Oracle Exadata Optimized and Oracle Exalogic Optimized status
      Latest achievement underlines Temenos. commitment to a multi-platform strategy
      Temenos, a leading provider of mission critical solutions to the financial services industry, announced that Temenos T24 (JAVA) release 13 has achieved Oracle Exadata Optimized and Oracle Exalogic Optimized status through Oracle PartnerNetwork (OPN). Additionally, T24 (JAVA) release 13 has been tested on and supports Oracle Solaris 11 and Oracle Linux.

      The Temenos core banking software platform T24, is developed using a complete service-oriented architecture (SOA) that is modular and is deployed and integrated with the functionality needed for banks. Temenos is a Gold member in the Oracle PartnerNetwork. Oracle Exadata delivers extreme performance and is the ideal database platform for OLTP applications, data warehouses as well as the varied and unpredictable workloads of cloud computing. It is a complete package of servers, storage, networking, and software that is massively scalable, secure and redundant. Oracle Exalogic Elastic Cloud is hardware and software engineered together to provide extreme performance, reliability and scalability for Oracle, Java and other business applications, while offering lower total cost of ownership, reduced risk, higher user productivity and one-stop support.

      Statoil Fuel & Retail
      Automates planning and distribution operations in eight countries on Exalogic and Exadata
      David Baum writes in the November 2013 issue of "Profit" magazine, "Margins are slim in the ultracompetitive retail fuel business. Motorists will often drive out of their way to save a few pennies on the gallon, especially if they know they can get a favorite item at the in-station convenience store. That's why Statoil Fuel & Retail (SFR) has embarked on an ambitious IT project called Connect to simplify, standardize, and harmonize its business operations using Oracle technology..."
      Virtualization
      x
      October 2013 Virtualization Newsletter
      Oracle VM VirtualBox 4.3; Videos, white papers, customer spotlights, ...
      Chris Kawalek writes, "The October 2013 edition of the Oracle Virtualization Newsletter is here! Some of the highlights from this information packed issue:

      • New Release: Oracle VM VirtualBox 4.3.
      • Airbus Selects Oracle Secure Global Desktop to Increase Efficiency and Accelerate Time to Market.
      • Open Universities Australia Realizes Valuable Savings and Simplifies IT with Oracle VM.
      • Oracle Virtualization Recap from Oracle OpenWorld 2013.
      • Information on the "What's New with Oracle Secure Global Desktop" webcast, happening on November 7th.

      Plus, videos, white papers, customer spotlights, information on training, and much more!"

      IT - Storage
      x
      Storage Management - It's Back on the Shopping List
      Storage Switzerland, October 21st, 2013
      "Storage management tools have sometimes been viewed as a 'nice to have' tool by many IT infrastructure planners, however, given all the complexities with efficiently managing resources in today's highly virtualized server environments, it is quickly turning into a must have. Aptare is one of the few vendor independent storage management application providers left in the industry. With their 20 year track record and impressive client roster of over 1,000 customers, Aptare remains focused on helping organizations drive down storage costs while mitigating risk..."
      Java Technology
      x
      Java Spotlight Episode 149: Geertjan Wielenga on NetBeans 7.4
      Weekly Podcast
      This week's podcast features an interview by Roger Brinkley with Geertjan Wielenga on the NetBeans 7.4 release. Geertjan Wielenga is a principal product manager in Oracle for NetBeans and has been a member of the NetBeans Team for the past 7 years.
      State of the Java platform and all the roadmaps
      JavaOne 2013: (Key) Notes of a conference by Amis
      The recent JavaOne conference provided insights in the roadmap of the Java platform as well as in the current state of things in the Java community.

      Juergen Kress writes, "The close relationship between Oracle and IBM concerning Java, the (continuing) lack of such a relationship with Google, the support from Microsoft for Java applications on its Azure cloud and the vibrant developer community - with over 200 different Java User Groups in many countries of the world.

      There were no major surprises or stunning announcements. Java EE 7 (release in June) was celebrated, the progress of Java 8 SE explained as well as the progress on Java Embedded and ME. The availability of NetBeans 7.4 RC1 and JDK 8 Early Adopters release as well as the open sourcing of project Avatar probably were the only real news stories. The convergence of JavaFX and Java SE is almost complete; the upcoming alignment of Java SE Embedded and Java ME is the next big consolidation step that will lead to a unified platform where developers can use the same skills, development tools and APIs on EE, SE, SE Embedded and ME development. This means that anything that runs on ME will run on SE (Embedded) and EE - not necessarily the reverse because not all SE APIs are part of the compact profile or the ME environment..."

      IT - Technology
      x
      Disruptive Technology: Follow Fight Club Rules
      Information Week, October 16th, 2013
      "I'm a sucker for blockbuster movies, and one of my all-time favorites is Fight Club starring Brad Pitt and Edward Norton. For those of you unfamiliar with this gritty film, it's the story of an insomniac office worker who meets a soap salesman and together they form an underground fight club. The fight club is a brutal affair, but founded on a set of spoken and indisputable rules.

      This got me thinking about the importance of rules and the struggle IT professionals have every day trying to explain to their business counterparts the value of new disruptive technologies -- and how like in the Fight Club, the winners will be those that stick to the rules..."

        Gartner Identifies Top 10 Strategic Technologies
        CIO Insight, October 21st, 2013
        "According to Gartner, a strategic technology is one with the potential for significant impact on the enterprise in the next three years.

        At the moment, Gartner contends there are 10 strategic technologies that will drive four powerful social, mobile, cloud computing and information forces that will cause fundamental business changes in 2014 while creating new IT opportunities. In fact, Gartner says these technologies are creating nothing less than an advanced programmable infrastructure that can execute at web-scale..."

        Making Smartwatches a Worthwhile Purchase: 10 Essential Features
        eWeek, October 21st, 2013
        "Smartwatches are all the rage in the technology industry right now. Android customers are intrigued by the possibility of buying the Samsung Galaxy Gear smartwatch, while Apple's fans have been waiting months for their favorite company to launch its long-rumored iWatch. Even Nokia appears to be getting into the mix after it filed a patent application in the U.S. for a smartwatch that could come with multiple screens displaying various functions. Despite the hopeful efforts of several device makers that are trying to build interest in smartwatches, there's no indication that the average consumer is especially excited about the concept. It's difficult to say whether or not smartwatches will ever really catch on with mobile device buyers..."
        What Does Android Have to do with Motorcycle Safety?
        SDN, Big Data, and the Self-Optimizing Network
        "After a motorcycle accident in Barcelona, Skully Helmet CEO and founder Marcus Weller discovered that adding a heads-up display to a motorcycle helmet controlled by Android would protect him and other riders from road hazards.

        Android's openness makes it a first choice for this technology because the source code, device drivers, and a wide range of differently priced hardware are available..."

          Solaris
          x
          How to Set Up a Hadoop Cluster Using Oracle Solaris
          Hands-On Labs of the System Admin and Developer Community of OTN by Orgad Kimchi
          Orgad Kimchi presents a hands-on lab presents exercises that demonstrate how to set up an Apache Hadoop cluster using Oracle Solaris 11 technologies such as Oracle Solaris Zones, ZFS, and network virtualization. Key topics include the Hadoop Distributed File System (HDFS) and the Hadoop MapReduce programming model:

          Lab Introduction

          We will also cover the Hadoop installation process and the cluster building blocks: NameNode, a secondary NameNode, and DataNodes. In addition, you will see how you can combine the Oracle Solaris 11 technologies for better scalability and data security, and you will learn how to load data into the Hadoop cluster and run a MapReduce job.

          Prerequisites

          This hands-on lab is appropriate for system administrators who will be setting up or maintaining a Hadoop cluster in production or development environments. Basic Linux or Oracle Solaris system administration experience is a prerequisite. Prior knowledge of Hadoop is not required.

          System Requirements

          This hands-on lab is run on Oracle Solaris 11 in Oracle VM VirtualBox. The lab is self-contained. All you need is in the Oracle VM VirtualBox instance.

          Cloud Computing
          x
          Toshiba America Nuclear Energy Corporation to Deploy Modern Enterprise Applications in a Private Cloud
          Oracle's JD Edwards EnterpriseOne and Oracle Managed Cloud Services
          To maintain highly safe and reliable operations, organizations in the nuclear energy sector face a number of unique and complex industry demands. In order to meet these demands and support its continued growth, Toshiba America Nuclear Energy Corporation (TANE) selected Oracle's JD Edwards EnterpriseOne with Oracle Applications Managed Cloud Service. With enterprise-grade, end-to-end managed cloud services, TANE was able to quickly benefit from a robust, cost-effective, secure and highly available enterprise application framework.

          To support its business growth while meeting complex industry compliance requirements, Toshiba America Nuclear Energy Corporation (TANE) has implemented Oracle's JD Edwards EnterpriseOne with Oracle Managed Cloud Services.

          In order to meet its business objectives, TANE needed a single, modern and scalable business applications suite to standardize and accelerate processes, extend visibility across the enterprise, and help ensure compliance with Sarbanes-Oxley requirements.

          After a competitive review, TANE chose Oracle's JD Edwards EnterpriseOne and Oracle Applications Managed Cloud Service for JD Edwards for managing its business.

          Hybrid IT or Cloud Initiative
          A Perfect Enterprise Architecture Maturation Opportunity
          Ted McLaughlan writes, "All too often in the growth and maturation of Enterprise Architecture initiatives, the effort stalls or is delayed due to lack of 'applied traction'. By this, I mean the EA activities - whether targeted towards compliance, risk mitigation or value opportunity propositions - may not be attached to measurable, active, visible projects that could advance and prove the value of EA. EA doesn't work by itself, in a vacuum, without collaborative engagement and a means of proving usefulness. A critical vehicle to this proof is successful orchestration and use of assets and investment resources to meet a high-profile business objective - i.e. a successful project..."
          Linux
          x
          Unbreakable Enterprise Kernel Release 3 for Oracle Linux
          3rd major supported release of heavily tested and optimized Linux kernel
          Lenz Grimmer writes, "We are excited to announce the general availability of the Unbreakable Enterprise Kernel Release 3 for Oracle Linux 6. The Unbreakable Enterprise Kernel Release 3 (UEK R3) is Oracle's third major supported release of its heavily tested and optimized Linux kernel for Oracle Linux 6 on the x86_64 architecture."

          UEK R3 is based on mainline Linux version 3.8.13. Some notable highlights of this release include, DTrace, Linux containers (LXC), Control Groups (cgroups) and numerous driver updates in close coordination with hardware partners.

          October 2013 Oracle Linux Newsletter
          This issue is absolutely packed with information
          Chris Kawalek writes, "The October 2013 edition of the Oracle Linux Newsletter is here! This issue is absolutely packed with information. Some highlights:

          • Information on the "Why Choose Oracle Linux for Your Oracle Database 12c Deployments?" webcast coming up on October 30.
          • Now Available: Unbreakable Enterprise Kernel 3
          • Oracle Linux Highlights from Oracle OpenWorld 2013
          • Oracle Linux Now Available on Microsoft Azure
          • Faster Downloads of Oracle Linux Updates

          Plus, videos, white papers, customer spotlights, information on training, and much more! You can sign up to get the newsletter in your inbox automatically, or you can read this edition online right now..."

          IT - Cloud
          x
          How to Select a Cloud-based Business Process Vendor . Part 2
          Business 2 Community, October 18th, 2013
          "It's one thing to say that you want to expand your business processes to the cloud. It's another thing to do so without any regard for the business choices that can protect your business.

          However, when we're unsure about the services another business offers - whether that's watering the office plants or hiring a recruiter - sometimes we aren't even sure what questions to ask. These initial guidelines dive right to the heart of your fears: Is my data safe and secure?..."

            Copy Data in the Cloud
            Storage Switzerland, October 21st, 2013
            "While industry pundits and analysts yammer on about the unrelenting growth of data, the real issue for enterprise data centers and Cloud Service Providers (CSPs), is keeping a lid on the extensive number of redundant copies of information that propagate throughout their environment. Between snapshots, offsite backups, business intelligence, test/dev, etc., many organizations have up to 20 extra copies of their primary business data. That drives enormous costs, both capital and operational, into the data center..."
              From Small to Big: 5 Tips for Managing Clouds at Scale
              Network World, October 21st, 2013
              "The enterprise adoption of cloud computing resources has taken a precarious path. Many organizations have started by running small workloads in the public cloud, reticent to use the platform for bigger mission-critical workloads.

              But once they get comfortable with say a test and development use case in the cloud, or an outsourced e-mail platform, perhaps CIOs and CTOs warm up to the idea of using outsourced cloud resources for more jobs..."

              How to Select a Cloud-based Business Process Vendor . Part 3
              Business 2 Community, October 19th, 2013
              "In earlier posts, I described the business value of cloud computing and helped you identify vendors who can ensure your data is safe and secure
              • even in the case of a disaster. However, the day-to-day issues are less about security (which you would like to think can say invisible) than about your cloud applications working well..."
              Is Your Data Safe in the Cloud?
              Business 2 Community, October 23rd, 2013
              "Many businesses share and store sensitive data in the cloud. As more and more of our private data is stored in a way which makes it accessible anywhere, and an increasing number of businesses start storing their valuable documents on cloud based services, a question arises: is your data safe in the cloud?

              Cloud storage is a very convenient tool to help us solve the continuous need for large and more easily accessible storage space to hold all of our digital property, but is our personal data safe out there on the internet? Three cloud technology experts give their opinion..."

                IT - DR
                x
                How to Prepare Your Business for a Disaster
                Baseline, October 18th, 2013
                "A year ago, when Hurricane Sandy slammed into the East Coast of the United States, it reinforced the fact that disaster planning is an inherently difficult proposition. Businesses large and small were shut down for days or weeks as data centers went dark and networks failed. In addition, many organizations found that it was impossible to communicate effectively with employees, customers and business partners, while others found that they were exposed to potential data leaks and other security threats. Adam Simpson, CEO of Easy Office Phone, says that businesses need more than a basic disaster recovery (DR) strategy..."
                IT - PM
                x
                6 Types of Bad Project Managers
                Information Week, October 20th, 2013
                "Running IT projects isn't easy. For a slew of reasons, most fail. In my consulting career, I've come across six types of project managers who do it the wrong way.

                • The Yes-Man
                • The Micromanager
                • The Procrastinator
                • The Know-It-All
                • The Pollyanna
                • The Pessimist

                Read on for details..."

                  Nine Myths That Threaten Software Projects
                  Baseline, August 16th, 2013
                  "IT departments often break down the essential components of technology into two categories - hardware and software - but they usually overlook the importance of 'peopleware.' The term refers to the effective management of successful project teams - the social side of software developments. After all, we're not at the point (not yet, anyway) where we can hire machines to do all the work. Planning, collaborating and brainstorming are
                  • and will remain - valuable parts of the equation. In the recently released third edition of Peopleware: Productive Projects and Teams (Pearson/available now), authors Tom DeMarco and Timothy Lister expand upon these concepts..."
                  IT - Networks
                  x
                  Cloud WAN Architecture: Enterprises Rethink Networks for the Cloud Era
                  SearchNetworking, October 16th, 2013
                  "Public cloud services have upended the traditional approach to wide area networking, and engineers need to respond.

                  Enterprises have been pouring cash into cloud services, particularly Software as a Service (SaaS), but they have failed to invest in the changes to network architecture required to deliver acceptable performance and user experience, according to Andre Kindness, senior analyst with Cambridge, Mass.-based Forrester Research Inc. A new cloud WAN architecture is needed..."

                  Don't Leave Network Virtualization to Server Admins
                  Network Computing, October 21st, 2013
                  "Network virtualization is great for server admins. Even if they don't fully realize what the impact of a product like NSX means for them, they soon will. It means their traffic can be completely contained and controlled in their virtual world.

                  The release of NSX and other network virtualization platforms is the culmination of a trend that will, from the perspective of server admins, commoditize networking and change how they use the infrastructure. Network virtualization liberates their workflow from the organizational silos in an enterprise, particularly the networking and security silos. Server admins can finally compete with the public cloud that developers seem to be using more frequently..."

                  How the Cloud is Blowing Up the Network
                  Network World, October 23rd, 2013
                  "For networking folks, the good old days are fading away.

                  Applications used to be easy to manage, at least compared to today. Traditional network architecture approaches align networks with the applications they're supporting. There are linear data flows, which lead to linear networking flows, and they evolve together. As the application grows, so does the network. These topologies are, relatively, easy to scale horizontally using tools like load balancers, and simple to monitor by tapping single points of traffic flow.

                  'Then, virtualization changed things,' said Eric Hanselman, chief analyst at the 451 Group..."

                    IT - Operations
                    x
                    5 Sure-Fire Ways to Kill Your Computer
                    Business 2 Community, October 24th, 2013
                    "How many times have I heard that one? These days, it seems like my title should be 'Computer Mortician' instead of 'Computer Repair Tech.'

                    Let's face it - today's desktop and laptop computers have a life expectancy of somewhere around 3 to 5 years due to aggressive hardware refreshes and constantly-evolving marketing. Most hardware is covered by a standard 1-year warranty, so the manufacturers obviously don't hold a lot of hope for your machine's longevity. The world's top two hard drive manufacturers, Seagate and Western Digital, have shortened their warranties from the standard five years to just one, with just a few flagship drives retaining a 3-year warranty.

                    • Don't dust it. Mortality rate: 98.5%
                    • Eat, Drink, and Be Sloppy. Mortality rate: 90%
                    • Ignore software updates. Mortality rate: 70%
                    • Overclocking. Mortality rate: 65%
                    • Filesharing. Mortality rate: 50%

                    Read on for details..."

                      10 Things that Scare the Bejeezus Out of IT Pros
                      IT Web, October 22nd, 2013
                      "As Halloween approaches, some may be creeped out by vampires and zombies and other minor evils. But IT workers know that just a few words can carry more horror than most ordinary souls can imagine -- with nightmarish results ranging from wasted IT resources to botched rollouts to failed projects. Presented for your approval: 10 short sentences that will truly make your blood run cold this Halloween..."

                      • They came in with the lowest bid!
                      • Can we add one more feature?
                      • But this one has all this cool stuff!
                      • We don't have the time or money to test it
                      • It works great in the test environment, so it'll work great in the real world.
                      • But we've always done it this way!
                      • We're assigning more programmers to the project.
                      • Documentation is just going to slow us down
                      • IT is in charge here
                      • Why are we doing this again?

                      Read on for details.

                        Efficient Data Center Cabling Requires Plan, Follow-Up
                        SearchNetworking, October 21st, 2013
                        "The conversion from one set of servers to another, more capable, set of servers was supposed to be a slam dunk. In fact, the process was so routine that there was no plan to extend a service outage past a maximum of three hours. However, when the data center technicians began the process, they discovered that none of the cables connecting the old servers were labeled, and the old servers had not been mounted properly in the equipment racks. Once the cables were disconnected, with difficulty, some of the cables were found to have broken plugs and, in any case, it was hard to figure out where they needed to be plugged into the new boxes..."
                          How to Balance Maintenance and IT Innovation
                          ComputerWorld, October 21st, 2013
                          "Social! Mobile! Big data! BYOD! You probably already know what your company's executives most want to see from your IT organization. But unless your company is very new, or you're unusually lucky -- or a very, very good manager -- more than half your time and resources are spent, not on innovative projects, but on 'keep the lights on' activities whose sole purpose is to prevent existing systems from breaking down. And sometimes the percentage is a lot higher than that..."
                          IT - Security
                          x
                          5 IT Security Horror Stories (and 5 Solutions)
                          Network World, October 21st, 2013
                          "Your business relies on the security of its networks, storage and mobile devices to protect personal information and corporate data. But often, the weakest link in a data security plan is the human element. While education and training can go a long way toward helping your employees keep devices and data safe, sometimes it's up to technology to save the day.

                          Jaspreet Singh, CEO and Founder of data protection and governance company Druva, outlines five of the worst data security horror stories and explains how they could have been prevented..."

                          • Problem: Mobile Device Loss
                          • Problem: Data Theft
                          • Problem: Laptop Theft
                          • Problem: BYOD
                          • Problem: Web Traffic Detour

                          Read on for details.

                          4 Ways Metrics Can Improve Security Awareness Programs
                          CSO Online, October 23rd, 2013
                          "Useful and legitimate metrics have long evaded the information security community as a whole. Without proper metrics, you cannot truly prove the value of a security program. This makes it difficult to justify increasing the budget and even maintaining the budget that you have.

                          Security awareness is especially vulnerable to criticism of its value. We take for granted all of the times we do not click on a phishing email or exercise good judgment. It is also hard to know all of the incidents that were prevented, because there was no vulnerability to be exploited..."

                          10 Best Practices to Prevent Enterprise Data Leaks
                          eWeek, October 21st, 2013
                          "As soon as business data leaves a corporate network and moves to any personal device, it becomes an immediate risk and presents a serious security and data management challenge. Businesses are struggling to securely share files because employees are turning to consumer services outside the network to get the job done themselves without bothering to communicate to IT. Easy data access will win just about every time if it comes up against corporate policy. Since the single biggest cause of data leaving the network is a company's employees, guidelines need to regulate how corporate information is shared..."
                          10 Pitfalls of IT Risk Assessment
                          Dark Reading, October 17th, 2013
                          "As IT organizations seek to make better risk-based decisions about security practices, perhaps the No. 1 component for success is the IT risk assessment. However, even when organizations actually conduct a risk assessment, they frequently fall prey to mistakes that can greatly devalue the exercise. Here are some of the most common blunders to avoid..."
                          Calling All Security Gods . DARPA has $2 Million Cyberthreat Challenge for You
                          Network World, October 22nd, 2013
                          "The Defense Advanced Research Projects Agency (DARPA) today called upon the greatest cybersecurity experts to participate in what the group is calling the world's first tournament to see who can build the best fully automatic network defense system.

                          The Cyber Grand Challenge (CGC) will pit teams that will create automated systems that will compete in real-time to evaluate software, test for vulnerabilities, generate security patches and apply them to protected computers on a network. The CGC's goal is to vastly improve the speed and effectiveness of IT security against escalating cyber threats, DARPA says. The winning team from the CGC finals would receive a cash prize of $2 million, with second place earning $1 million and third place taking home $750,000..."

                          Crooks 'Stole' Experian Data the Old-Fashioned Way: They Bought It
                          InfoWorld, October 21st, 2013
                          "Looks like Experian got punked. The credit bureau -- one of the three big ones in the United States -- appears to have sold troves of identity data from over half a million people to a site that turned around and resold the data on the black market.

                          Security researcher Brian Krebs has reported on his blog how the website Superget.info, a personal-data black market based in Vietnam which Krebs has reported on in the past, obtained personal data from Experian.

                          No, not by hacking them. By simply buying it from them..."

                          Five Habits IT Security Professionals Need to Break
                          Information Week, October 21st, 2013
                          "If security professionals want to take their craft in new directions, then they need to stop thinking in old ways, experts said in a panel here Tuesday.

                          In a panel, entitled 'Cyber Security -- Where the Industry Is Headed Next Year and Beyond,' seven industry leaders said security is sometimes stuck in a continuous loop because professionals continue to make the same mistakes and sometimes have trouble thinking in new ways.

                          Five examples of bad habits that security pros need to break, according to the panel:

                          • Treating IT security as something that's separate from the business
                          • Saying "no"
                          • Preaching to the choir
                          • Confusing security and compliance
                          • Failing to reach out to students and young professionals

                          Read on for details..."

                          How Threat Intelligence Can Give Enterprise Security the Upper Hand
                          SearchSecurity, October 21st, 2013
                          "To the surprise of no one that follows the information security market, threats and attackers are advancing at such a rapid pace that most enterprises have been unable to match it. New, sophisticated zero-day vulnerabilities are constantly being discovered and exploited to gain access to corporate systems; sophisticated attackers can then hide for months and even years while siphoning valuable data..."
                          How To Avoid Breaches Where You Least Expect Them
                          Dark Reading, October 21st, 2013
                          "In the real world of constrained budgets and limited personnel, prioritization of security resources is a must. Many departments prioritize practices based on the severity of vulnerabilities, the value of a target, and the likelihood of a threat hitting said target. However, the flip side of that is to remember the real world is also a connected one. And as many security experts can attest, enterprises often forget to account for how attacks against the vulnerabilities in less critical systems can jeopardize the crown jewels..."
                          Security and the Island of Misfit Toys
                          Network Computing, October 17th, 2013
                          "The poor misunderstood security analyst: feared by the user community, reviled by networking staff and treated with disgust by systems administrators. Overworked by the 'whack a mole' nature of incident response and overwhelmed by ever-increasing classes of malware and threats that never seem to stop. Is it any wonder that as a group, they are bitter, frustrated and generally stressed out?

                          It's a thankless job. No one is every happy to hear from the security team, because it usually means there's a problem: with an application, a device configuration or an infection on a user's desktop or device..."

                          US NIST Recommends Ways Businesses can Improve Cybersecurity
                          IT World, October 22nd, 2013
                          "Businesses that want to improve their cybersecurity posture can take a number of steps, including conducting a risk assessment and prioritizing ways to address gaps in their security, a U.S. agency said in recommendations released Tuesday.

                          The U.S. National Institute of Standards and Technology's Preliminary Cybersecurity Framework calls on businesses to assess their current cybersecurity practices and aim for a higher level of sophistication in defending against cyberattacks..."

                          US Power Plants at Risk
                          IT Web, October 18th, 2013
                          "Power plants in the US and Canada could be at risk of being taken over by cyber attackers, following the discovery of 25 new security vulnerabilities in the protocols used in their critical infrastructure systems.

                          While vulnerabilities in supervisory control and data acquisition (SCADA) and industrial control system (ICS) protocols are not new, the recent vulnerabilities stand out, as they lie in the protocol by which power plants and other parts of the electricity grid communicate internally, known as serial communication..."

                          IT - Careers
                          x
                          9 Things Job-Hunters Expect and What Employers Really Want
                          Network World, October 23rd, 2013
                          "The rules of landing a job continue to shift and CareerBuilder has provided you with a map for avoiding them.

                          Its latest survey polled more than 5,000 job seekers and 2,700 hiring managers on what to expect during the hiring process and unveiled a series of surprising mistakes candidates are making that are keeping them from landing the job.

                          Rosemary Haefner, vice president of HR at CareerBuilder, said the survey highlighted a sharp disconnect between what job hunters and companies expect when it comes to the hiring process..."

                            The IT Road to Hell
                            Network World, October 21st, 2013
                            "Although this article is primarily intended to look at the IT security implications of the Snowden and Manning affairs, the question that I believe needs asking is whether the incessant drive to reduce costs and increase shareholder value is ultimately resulting in the demise of our economies, and the destruction of our infrastructures. The days when employees could be sure of their long-term future are long gone. History shows that once any organization becomes dependent on outsourcing and off-shoring, will sooner rather than later cease to exist..."
                            Word at 30 Quiz
                            Network World, October 21st, 2013
                            "On Oct. 25, 1983 Microsoft released the first version of what was to become one of its staple programs, Word. Built on technology developed at Xerox under the direction of Charles Simonyi, who was hired away from Xerox to perform the task, Word became an anchor of the Microsoft Office suite and the word processing platform that just about everybody knows. But it wasn't always that way. Here are a few questions about the early days of Word to test your knowledge. Keep track of your score and check at the end to see how well you did..."
                            IT - Social Media
                            x
                            Social Media Policies: Empower, Don't Restrict
                            Business 2 Community, October 20th, 2013
                            "In our second article looking at the cultural challenges which social media poses to an organisation, we're looking at guidelines, policies and empowerment: how to allow your employees to interact authentically in the online world...

                            In our second article looking at the cultural challenges which social media poses to an organisation, we're looking at guidelines, policies and empowerment: how to allow your employees to interact authentically in the online world..."

                              IT - Compliance
                              x
                              Federal Security Breaches Traced to User Noncompliance
                              CSO Online, October 17th, 2013
                              "According to a new study by MeriTalk, federal cybersecurity professionals are so focused on implementing rigid policies to lock down data that they often ignore how those rules will impact end users within their agencies.

                              The result, perhaps predictably, is that many government workers resent the burden that security protocols impose, complaining that they are time-consuming and hinder productivity, while nearly a third say that they regularly use a workaround to circumvent the security roadblocks..."

                              The Real Code of Conduct Nobody Mentions
                              FCPA Blog, October 1st, 2013
                              "We've been talking about codes of conduct for compliance officers. But let's face it. At too many companies, the true code is simple: Please Your Boss. The conflict resolution principle is Go Along to Get Along. In practice, at these companies compliance is subservient to the power and prerogatives of top management.

                              Said another way, compliance is useful only until it conflicts with a career-making, super profitable business strategy. Then compliance is an Inconvenient Truth to be gotten round -- and who better to reflect the unethical management culture at Irresponsible Inc than the compliance department itself?"

                              IT - Email
                              x
                              Two Abbreviations that Revolutionize E-Mail Efficiency
                              IT World, October 22nd, 2013
                              "We all want two things when it comes to e-mail:

                              • Less time handling it.
                              • Our messages get read and acted upon.

                              Asian Efficiency co-founder Thanh Pham highlights two abbreviations that could help us meet both goals: EOM and NRN

                              Pham says the key to getting e-mail messages read is productive subject lines, those that are short (but not too short), specific and actionable..."

                                Storage
                                x
                                Oracle Licenses VMware vSphere Storage APIs for Oracle Storage
                                Agreement Enables Customers to Access and Manage Oracle Storage from VMware Environments
                                Oracle has licensed VMware vSphere Storage APIs to enable customers to more easily manage Oracle storage from VMware environments. VMware users and service providers will be able to more easily take advantage of the higher levels of performance and efficiency available with Oracle's ZFS Storage Appliance and Pillar Axiom storage systems. Customers can also streamline their data centers by consolidating storage onto fewer, higher performance storage systems to support an ever growing number of virtualized servers.

                                Oracle announced it has signed an agreement with VMware enabling support of VMware vSphere Storage APIs on Oracle storage products, including Oracle's ZFS Storage Appliances and Pillar Axiom storage systems.

                                The license enables development across VMware infrastructure, including the VMware vSphere API for Array Integration (VAAI), VMware vSphere API for Storage Awareness (VASA), VMware vCenter Site Recovery Manager (SRM), and VMware vSphere.

                                IT - Mobile
                                x
                                Make the Move
                                IT Web, October 21st, 2013
                                "South African companies are not doing enough when it comes to implementing mobile solutions. There still seems to be a disconnect between the needs of the business and the deliverables the IT department can produce.

                                This discrepancy stems from business wanting to mobilise, build apps, and reach out to its customers and staff, and IT departments that want to limit and control mobile devices. While both agree that using mobile devices and solutions are necessary in today's connected world, they struggle to find common ground. Business wants apps and content delivery, while IT departments are focusing on securing and managing mobile devices, with little or no focus on application and content management. This often results in less than satisfactory results, with IT not really being able to deliver the required business needs..."

                                BYOD Creates Big Headache for Enterprise IT
                                Information Week, October 16th, 2013
                                "Enterprises continue to struggle with BYOD management, despite a plethora of available solutions and services designed to alleviate the pain.

                                During last week's Gartner ITxpo in Orlando, IT professionals told me BYOD ranked as one of their top concerns, right up there with recruiting and retaining top staff. Products are out there, but they're often expensive, said one technology exec at a four-state utility. He carried a BlackBerry for business and an iPhone for personal use, because he doesn't want to risk getting his own data erased. Most employees, however, wanted the convenience of one smartphone, but the preferred management provider's current price was too high, he said..."

                                Public WiFi Exposes Users to Spies
                                IT Web, October 23rd, 2013
                                "Over one third of users take no extra security precautions when logging onto public WiFi.

                                This was revealed in the Kaspersky Consumer Security Risks report conducted by B2B International and Kaspersky Lab. The survey was conducted over several months in mid-2013 and questioned 8 605 respondents, both men and women, across 19 countries in Europe, the Americas, the Middle East and the Asia-Pacific region. All participants were older than 16 and the 'overwhelming majority' use the Internet and various mobile devices..."

                                IT - Big Data
                                x
                                Dark Data: B2B's Big Data Challenge
                                Information Management, October 23rd, 2013
                                "It's estimated that in 2013, the world will produce an astounding 4 zetabytes (or 4 million petabytes) of new data. But unlike B2C companies, which are pressed to make use of massive quantities of unstructured consumer data, B2B companies face a big data challenge that goes well beyond volume.

                                The issue is this: Efforts to scrape and utilize data from external sources like the Web and social networks hold little value if the data can't be matched with a company's own internal data - much of which is 'dark' ..."

                                How Companies Can Improve Their Big Data Analytics
                                CIO Insight, October 17th, 2013
                                "If you had a car with a fantastic engine in your garage, you'd drive it, wouldn't you? After all, it makes no sense to invest in such a product and leave it hidden under a tarp, right? If so, then think of big data as the great, potential "engine" within your organization that remains, well, pretty much in storage, as CIOs and tech professionals agree that they're not doing nearly enough to maximize the use of effective analytics to unleash big data's potential, according to a recent survey from TEKsystems..."
                                SDN, Big Data, and the Self-Optimizing Network
                                The Benefits of Big Data in Helping Create a Competitive Advantage
                                "SDN (software-defined networking) gains more mind share every day. The concept of reinventing networking to better match today's applications and infrastructures is a tantalizing goal, but clearly not without its challenges.

                                Michael Bushong has been around the SDN space for some time, having spent years leading SDN efforts at Juniper Networks. Bushong is currently working at SDN vendor Plexxi, and in this week's New Tech Forum, he takes a close look at what SDN promises -- and what questions need to be answered in order to truly reinvent the network as we know it. For that goal to be realized, says Bushong, SDN and big data must go hand in hand..."

                                IT - BYOD
                                x
                                Most Companies Still Struggling with BYOD Policies, Capabilities
                                Business 2 Community, October 21st, 2013
                                The great majority of knowledge workers show up at the office each day with at least one mobile device in tow-worldwide, that's hundreds of millions of smartphones and tablets, many of which are connected to corporate email and are capable of storing sensitive company documents. How secure are those smartphones and tablets? What's to prevent someone from walking out the door with company secrets? The answer for most companies-it seems-is, 'We don't know' ..."
                                  Young Employees don't Care About Corporate Policies
                                  Help Net Security, October 24th, 2013
                                  "There's a growing appetite of Generation Y employees to contravene corporate policies governing use of own devices, personal cloud storage accounts and new technologies such as smart watches, Google Glass and connected cars.

                                  Based on findings from an independent 20-country survey of 3,200 employees aged 21-32 conducted during October 2013..."

                                  Top10
                                  x
                                  Top Ten Articles for last few Issues
                                  Vol 188 Issues 1, 2 and 3; Vol 187 Issues 1, 2, 3 and 4 ; Vol 186 Issue 4
                                  We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                  • Oracle VM VirtualBox 4.3 is available
                                  • Oracle Multitenant on SPARC Servers and Oracle Solaris
                                  • How Does Oracle Make Storage So Freaky Fast?
                                  • Oracle Becomes Second Largest Software Company in the World
                                  • The Department of Defense (DoD) and Open Source Software
                                  • Using a mirrored ZFS pool with virtual disks
                                  • NTT DOCOMO Deploys Oracle WebLogic Server as Application Platform
                                  • Key Facts about Disaster Recovery
                                  • Oracle Database and Oracle Linux on Oracle x86 Hardware
                                  • Java Spotlight Episode 148: Bruno Souza on SouJava and the JCP @JCP @Soujava

                                  The longer version of this article has list of top ten articles for the last 8 weeks.

                                    IT - Encryption
                                    x
                                    Court Ruling in Lost PHI Case Muddies HIPAA Waters
                                    mHealthNews, October 22nd, 2013
                                    "A recent court decision ruling that a HIPAA-covered entity was not liable for losing a hard drive containing patients' protected health information could have big implications for future cases in the realm of privacy and security.

                                    A California appeals court has ruled that the Board of Regents at the University of California can't be held accountable when they lost the hard drive of a UCLA Health physician containing PHI of more than 16,000 patients - including the plaintiff, Melinda Platter - as officials could not confirm that patient data was actually accessed..."

                                    IT - Server
                                    x
                                    Don't Lose Control of those Fast-Breeding Endpoints
                                    Channel Register, October 22nd, 2013
                                    "So you want to know about security? Well you have come to the right place. I have been here for a while and I can tell you that outside these gates it's full of cowboys, sharks and pirates, none of whom will hesitate to take what is yours and call it their own.

                                    The above is is a quote from a brochure I wrote in an attempt to connect with small and medium-sized enterprises (SME) owners and CEOs on the topic of endpoint security.

                                    It wasn't my best work ever, which might explain why it never saw the light of day. But the point I tried to get across is as important now as it was when I wrote it five years ago: you need to protect your endpoints..."

                                    Unix: Where Shutdowns are not Disasters
                                    IT World, October 22nd, 2013
                                    "In the wake of the federal shutdown, I can't help but spend a little time reminiscing about how easily and non-traumatically Unix systems generally shut down ... and reboot. No tens of billions of dollars lost from the economy. No sturm und drang about what gets funded. A planned reboot of a Unix system is often a healthy operation that can help to ensure that your system is running smoothly and that required services are configured properly. After a successful reboot, you can feel more confident that your Unix system can be restarted without unexpected consequences any time you may feel the need..."
                                    NetBeans
                                    x
                                    HTML Tidy for NetBeans IDE 7.4
                                    Finds 6 times more problems than the standard NetBeans HTML hint infrastructure
                                    Geertjan writes, "The NetBeans HTML5 editor is pretty amazing, working on an extensive screencast on that right now, to be published soon. One thing missing is HTML Tidy integration, until now...

                                    As you can see, in this particular file, HTML Tidy finds 6 times more problems (OK, some of them maybe false negatives) than the standard NetBeans HTML hint infrastructure does.

                                    You can also run the scanner across the whole project or all projects. Only HTML files will be scanned by HTML Tidy (via JTidy) and you can click on items in the window above to jump to the line.

                                    Future enhancements will include error annotations and hint integration, some of which has already been addressed in this blog over the years.

                                    NetBeans IDE 7.4
                                    Extends Advanced HTML5 Development Features for Java EE and PHP Developers
                                    New Release Extends Advanced HTML5 Development Features for Java EE and PHP Developers and Provides Support for JDK 8 Developer Preview Builds

                                    Java development teams around the world are looking to leverage their existing Java skills while building advanced user interfaces based on newer technologies, accessible from any device. To address this need and respond to developers' requests, Oracle has released NetBeans IDE 7.4. The new release includes enhanced HTML5 and JavaScript development features and browser integration with existing and new Java Platform, Enterprise Edition (Java EE) and PHP applications. In addition, it also allows developers to work with and become familiar with the new features of the forthcoming Java Development Kit (JDK) 8 release.

                                    Oracle announced the general availability of NetBeans Integrated Development Environment (IDE) 7.4.

                                    Trending in
                                    Vol 232, Issue 2
                                    Trending IT Articles