News about Oracle's Solaris and Sun Hardware
System News
Nov 4th, 2013 — Nov 10th, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 189, Issue 1 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section


IT - CxO
x
6 Steps Elite Insurance CIOs Take
Insurance & Technology, November 4th, 2013
"Insurance & Technology recently unveiled its prestigious "Elite 8" honorees, which represents the top executives in insurance who are leveraging technology to drive change and build momentum in the industry. I'd like to take a moment to congratulate the current Elite 8 honorees as well as those of the past 14 years for their stewardship, innovation and contributions toward the overall success of our industry.

We often hear from our clients that inclusion in the "Elite 8" honoree list is a major recognition in the insurance technology world and a true measure of skillfully delivering tangible results. Many want to know what steps to take to achieve this honor. Unfortunately, there's no definitive formula for success. However, there are certain points that I have observed to be consistent among many if not all the Elite 8 insurance leaders which can serve as guiding principles..."

    10 Ways to Lead Like Machiavelli
    CIO Insight, November 5th, 2013
    "Do you seek to lead like a lamb or a wolf? That question serves as a central focus in a new book from Gartner, The Wolf in CIO's Clothing: A Machiavellian Strategy for Successful IT Leadership (Gartner eBooks). In the book, author Tina Nunno offers these and other takeaways that convey often-effective managerial strategies that are aligned with the Renaissance-period writer and political theorist..."
    E-Discovery: Keeping Your Company Ready to Respond to Legal Action
    eWeek, October 31st, 2013
    "Enterprise e-discovery entails fast and effective search for evidence in email, text messages and all other digital documents in the event of a legal action. Ten key components of e-discovery "fitness" have emerged this year as leading indicators of an organization's e-discovery maturity; fitness is an apt metaphor for corporate e-discovery programs for a few key reasons.

    First, an exercise regimen that works for one person may not necessarily work for another person, just as there is no true one-size-fits-all e-discovery program that will work for every company. Second, just as individuals never can give up exercise and nutrition to achieve, and then maintain, a level of fitness, implementing and executing effective e-discovery processes remain an ongoing exercise..."

      Preparing for Your Next Budget
      CIO Insight, November 4th, 2013
      "Budgeting can be a harrowing experience or an opportunity to show that you are a business leader who can help your company accomplish its overall goals...

      The idea of having to justify a budget strikes fear into the hearts of many CIOs. While for some this may feel like the IT version of 'The Spanish Inquisition' (OK, I'm now having a Monty Python flashback!), here are a few steps we can take to lower our anxiety level in preparation for this process..."

        The IT Fundamentals that HealthCare.gov Ignored
        SearchDataCenter, November 1st, 2013
        "If there is one lesson large IT shops can learn from the disaster that is HealthCare.gov, it is what not to do in developing and launching a high-volume website.

        There are few development projects that compare with the scale and societal importance of HealthCare.gov. But if the government's IT organization more carefully considered the technology pieces needed to handle traffic demands and observed time-honored fundamental IT practices, the site today would not be a cautionary tale..."

        The Newbie CIO
        Information Week, November 4th, 2013
        "After initial success, a first-time CIO could not show significant results and had to struggle to get approval for every project. Let's look at the factors that limited his success...

        A newbie CIO was feeling very excited and thrilled to have made the grade and become a CIO, a dream he had cherished and worked towards for some time now. He had sought coaching from many senior CIOs and acted upon most of the advice received from various quarters. He was a good and consistent performer as IT manager having received accolades for emerging stars from various publications who track rising talent. I congratulated him on his new assignment along with others who celebrated his success...:

        What Makes An Elite 8 Executive?
        Insurance & Technology, November 1st, 2013
        "Insurance & Technology reaches out to the industry yearly to find outstanding insurance CIOs. Here's what some of those nominators are looking for...

        Each year, Insurance & Technology's Elite 8 spotlights the best insurance technologists from across the industry. We depend on insurers, vendors, and others to nominate qualified individuals, and then we have a semi-formal advisory board of top industry analysts to help us whittle down what is always overwhelming response. After posting the list this week, I reached back out to that advisory board and asked: What makes a CIO stand out from the crowd? Here's what they told me:..."

        Why CMOs Need to Expand their Tech Skills
        CIO, November 4th, 2013
        "As CMOs take on a more strategic role in the C-suite, they will need to broaden their technical skills and expertise to understand big data analytics, customer online experience, social media and more...

        The balance of power in the C-suite (at least as measured by dollars spent on IT) is shifting. Where once the CIO held most of the purchasing power and the decision-making capability to determine which technology investments would drive business forward, the CMO is poised to take a much more strategic role in a data-driven business climate..."

        Oracle
        x
        Oracle Endeca Information Discovery 3.1
        Gain data-driven insights to increase business agility and performance
        Oracle announced the release of Oracle Endeca Information Discovery 3.1, adding "As the pace of business accelerates, organizations are constantly searching for ways to gain data-driven insights to increase business agility and performance. Yet most business users are forced to choose between enterprise-class business intelligence, which is fast, secure and powerful, but requires close collaboration with IT, and unsecured, self-service desktop discovery tools, which open the business up to security and governance risks. The latest release of Oracle Endeca Information Discovery 3.1 incorporates new enterprise self-service discovery capabilities for business users, allowing them to easily make information-based business decisions with greater success, safety and confidence..."
        Hong Kong Housing Society Reduces Time Required to Manage Housing Contracts and Process Payments
        Improves Governance Control, while Reducing Costs by 25% and Speeds up Approval Processes by 30%
        To address the challenge of frequent downtime during peak periods and increasing cost in maintaining its legacy systems, Hong Kong Housing Society replaced its legacy systems with Oracle Business Process Management Suite, Oracle WebLogic Suite and Oracle Application Development Framework.

        The Oracle Fusion Middleware solutions provide Hong Kong Housing Society with a flexible, reliable and cost-effective enterprise architecture that enables integration with existing Oracle applications including Oracle's JD Edwards EnterpriseOne and Oracle's PeopleSoft. The cost savings and performance results clearly demonstrate significant benefits.

        Hong Kong Housing Society implemented Oracle Business Process Management (BPM) Suite, Oracle WebLogic Suite, and Oracle Application Development Framework (ADF) to strengthen its business process governance. The implementation of Oracle Fusion Middleware solutions took place in early 2012 and went live in April 2013.

        Features
        x
        Mark Hurd On BT Win, Oracle Growth, And Investing In The Cloud
        CNBC Interview
        Mark Hurd was recently interviewed on CNBC where he said that "the real driver of the cloud is not pricing; it's really the speed of provision and capability, instead of a long roll-out it's now like you get access to software quickly. I also get a standard piece of the software that gets now updated and driven by the company as opposed to me and this is a big trend you're going to see in the IT industry; is customers trying to shift work from their IT budget to the company's R&D budget, and that's what's very attractive about the cloud."

        When asked, "is it time for Oracle just to exit hardware?" Mark said, "There is absolutely zero chance of us exiting the hardware business..."

        See the video for the full 15 minute interview.

        IT - Storage
        x
        Flash Aware Fibre Channel
        Storage Switzerland, October 30th, 2013
        "The key objective for organizations investing in flash is to make sure that they are getting the maximum performance out of their premium investment. This means making sure that the application and storage infrastructures are optimized for the near zero latent performance of this storage. Other than general purpose SAN buffer credits, there has been limited capabilities to optimize specifically for flash based LUNs (Logical Unit Numbers). With their recent announcement, Emulex is set to provide flash specific services designed to deliver maximum flash performance..."
        Is Tiered Storage Obsolete? Yes and No!
        ComputerWorld, November 6th, 2013
        "Traditionally, discussions about enterprise storage economics revolved around the concept of a multi-tiered model. In reality, this often had more to do with vendor portfolio economics than customer requirements. But the emergence of flash has changed this forever.

        Most storage experts now talk in terms of a simple two-tier model, with a performance tier based on solid-state technology - DRAM and flash - and a capacity tier that uses good old electro-mechanical magnetic media - disk and tape.

        However, when you add software-defined storage (SDS) to the mix, it may be time to move past the conventional concept of tiering based on performance..."

        The Future of Storage Is a Horror Show - Just Ignore the Biz Strategists
        The Register, November 6th, 2013
        "Storage was actually simple, before disk-to-disk backup came along and started spoiling the party. Now we need a storage magician to take the horror out of the storage horror show.

        Basically there were monolithic arrays at the high-end, dual controller arrays in the middle, and JBOD variations at the bottom; all disk drive arrays. You accessed data blocks via Fibre Channel, or files via Ethernet on the arrays and backed up to tapes. End of..."

        Java Technology
        x
        GlassFish Announcement
        Facts, not FUD
        Bruno Borges, writee, "Since Oracle announced the end of commercial support for future Oracle GlassFish Server versions, the Java EE world has started wondering what will happen to GlassFish Server Open Source Edition. Unfortunately, there's a lot of misleading information going around. So let me clarify some things with facts, not FUD..."
        Oracle, ARM expand collaboration on servers, Internet of Things
        By Henrik Stahl
        Henrik Stahl writes, "If you have been following Java news, you are already aware of the fact that there has been a lot of investment in Java for ARM-based devices and servers over the last couple of years (news, more news, even more, and lots more).

        We have released Java ME Embedded binaries for ARM Cortex-M micro controllers, Java SE Embedded for ARM application processors, and a port of the Oracle JDK for ARM-based servers. We have been making Java available to the Beagleboard, Raspberry Pi and Lego Mindstorms/LeJOS communities and worked with them and the Java User Groups to evangelize Java as a great development environment for IoT devices. We have announced commercial relationships with Freescale, Qualcomm, Gemalto M2M, SIMCom to name a few. ARM and Freescale on their side have joined the JCP, recently been voted in as members of the Executive Committee, and have worked with Oracle to evangelize Java in their ecosystem..."

        IT - Technology
        x
        Fujitsu demonstrates distributed hardware with Silicon Photonics
        Makes use of the Intel Optical PCIe Express technology (OPCIe)
        "At this week's Fujitsu Forum in Munich, Germany Fujitsu demonstrated a distributed datacenter infrastructure built using Intel's Silicon Photonics technology that allows the creation of servers with components distributed in discrete racks rather than everything built into a single box.

        Working on the premise that the biggest enemies of building high-density systems are space constraints and heat, Fujitsu made use of the Intel Optical PCIe Express technology (OPCIe) to demonstrate a server that was disarticulated, with SSD storage and Xeon Phi co-processors running in their own enclosure connected by the fiber optics, Silicon Photonics modules and Intel-designed FPGAs. Both Intel and Fujitsu feel this technology offers significant benefits over traditional storage server architectures..."

        Making Sense of the Internet of Things
        Network World, October 31st, 2013
        "This week, Cisco hosted the inaugural Internet of Things World Forum in Barcelona, Spain. The event had a little under 800 attendees, which I thought was a great turnout for a first year event. There was a very diverse set of vendors at the event, ranging from traditional IT companies like Cisco, Oracle and SAP to a number of companies that IT people have likely never heard of, such as Grundfos, QnetiQ and AGT International. As diverse as the companies were, though, they all had one thing in common
        • the belief that when you live in a world where everything is connected, it significantly changes the way we live, learn and play..."
        9 Trends for 2014 and Beyond
        InfoWorld, November 4th, 2013
        "The year isn't over yet, but I've already reached my limit of trying to make sense of many new developments. So I'm ready to start the season of prognostication early. Originally, I figured I'd reel off some predictions about the coming year. But we're at one of those rare junctures when a bunch of trends have begun to crystallize -- and I'm pretty sure many of them will persist for more than 12 months.

        Here's my mixed bag of nine trends. Feel free to add your own..."

        • Cloud is the new hardware.
        • Systems of engagement lead the way.
        • Big data gets ahead of itself
        • Cloud integration moves to the fore
        • Identity is the new security
        • Memory is the new storage
        • The future is powered by JavaScript
        • Enterprise developers turn toward to PaaS
        • Developers continue to rule

        Read on for details.

        Amazing Workplace Innovations for the Future
        Baseline, October 25th, 2013
        "Once upon a time, visionary tech folks described computers that you would be able to hold in the palm of your hand! Less visionary people often scoffed at this prediction: "Why, our mainframes are as big as refrigerators! How will you squeeze all that into a device that's smaller than a stick of butter?!" We all know how that story turned out. So keep an open mind about The Kiplinger Letter's "Office Technology of the Future," an eclectic mix of developing innovations that will likely transform the workplace. Some convey a cautionary sense of a Big Brother style of monitoring on the part of organizations, but others are packed with an "Isn't this cool?" factor. All are within the realm of reality..."
        Car Crash Prevention Technologies Face Huge Challenges
        Network World, November 1st, 2013
        "Driver acceptance, costs, insurance, interoperability will test ubiquitous deployment of high-tech car crash tools...

        There is a serious move toward adding ever-more technology to cars in an effort to reduce accidents that take 32,000 human lives a year and cause some 2 million injuries.

        The human toll is obvious but can high-tech automotive communications and sensor technologies - know collectively as vehicle-to-vehicle (V2V) technologies really change those statistics?..."

          IBM Watson: How the Jeopardy-Winning Supercomputer was Born, and What it Wants to do Next
          TechRepublic, November 4th, 2013
          "Between them, they'd racked up over $5 million in winnings on the television quiz show Jeopardy. They were the best players the show had produced over its decades-long lifetime: Ken Jennings had the longest unbeaten run at 74 winning appearances, while Brad Rutter had earned the biggest prize pot with a total of $3.25 million.

          Rutter and Jennings were Jeopardy-winning machines. And in early 2011, they agreed to an exhibition match against an opponent who'd never even stood behind a Jeopardy podium before..."

            Is Technology the Cause of Car Crashes? Or the Cure?
            ComputerWorld, November 2th, 2013
            "The conventional wisdom says smartphones cause deadly car accidents, and Google Glass is already getting banned. But what are the facts? ...

            I totaled my car when I was 16.

            Here's what happened: It was the middle of the day, and I was listening to the car radio while driving. I started fiddling with the radio while I headed toward an intersection with a green light. The second I looked down at the radio, the light changed. By the time I looked up, I was sailing into the intersection..."

            Solaris
            x
            Overview of Process Scheduling Classes in the Oracle Solaris Kernel
            by Brian Bream
            Brian Bream writes, "The Oracle Solaris kernel has a number of process scheduling classes available.

            Timesharing (TS) This is the default class for processes and their associated kernel threads. Priorities in the class are dynamically adjusted based upon CPU utilization in an attempt to allocate processor resources evenly.

            Interactive (IA) This is an enhanced version of TS. Some texts reference this in conjunction with TS, i.e. TS/IA. This class applies to the in-focus window in the GUI. It provides extra resources to processes associated with that specific window.

            Fair Share Scheduler (FSS) This class is 'share based' rather than priority based. The threads associated with this class are scheduled based on the associated shares assigned to them and the processor's utilization..."

            MySQL
            x
            MySQL Still the Right Choice for ScienceLogic's "Best Network Monitoring System on the Planet"
            After 10 Years
            Rebecca Hansen writes, "ScienceLogic has a pretty fantastic network monitoring appliance. So good in fact that InfoWorld gave it their '2013 Best Network Monitoring System on the Planet' award. Inside their 'ultraflexible, ultrascalable, carrier-grade' enterprise appliance, ScienceLogic relies on MySQL and has since their start in 2003. Check out some of the things they've been able to do with MySQL and their reasons for continuing to use MySQL in these highlights from our new MySQL ScienceLogic case study..."
            Linux
            x
            Oracle Linux Tips and Tricks: Using SSH
            By Robert Chase

            Robert writes, "Out of all of the utilities available to systems administrators ssh is probably the most useful of them all. Not only does it allow you to log into systems securely, but it can also be used to copy files, tunnel IP traffic and run remote commands on distant servers. It's truly the Swiss army knife of systems administration. Secure Shell, also known as ssh, was developed in 1995 by Tau Ylonen after the University of Technology in Finland suffered a password sniffing attack. Back then it was common to use tools like rcp, rsh, ftp and telnet to connect to systems and move files across the network. The main problem with these tools is they provide no security and transmitted data in plain text including sensitive login credentials. SSH provides this security by encrypting all traffic transmitted over the wire to protect from password sniffing attacks..."

            IT - Cloud
            x
            Cloud-Based Security as a Service Set to Take Off
            Network World, October 31st, 2013
            "Gartner is predicting the cloud-based security services market, which includes secure email or web gateways, identity and access management (IAM), remote vulnerability assessment, security information and event management to hit $4.13 billion by 2017.

            According to its “Market Trends: Cloud-based Security Services Market, Worldwide, 2014,” Gartner is predicting growth is likely to come because of the adoption of these cloud-based security services by small- to-mid-sized business (SMB) in particular. Certain market segments mentioned in the report will see higher overall sales and year-over-year growth..."

            Cloud Deployment Debate: Bake Or Bootstrap?
            Information Week, October 30th, 2013
            "Several months ago, I said that Netflix's push to drive the adoption of its open-source cloud-management toolkit, NetflixOSS, had the potential to 'ruin cloud computing.'

            Part of my argument revolved around the Netflix Aminator tool, which facilitates the creation of Amazon Machine Images (AMIs). While Aminator may be a good choice for Netflix, I argued that it encourages exactly the wrong habits for the majority of companies trying to deploy applications in the cloud..."

            Users Reveal Their Biggest Concerns with the Cloud
            Network World, November 5th, 2013
            "I recently wrote a story about what some folks in the cloud industry see as the biggest issues holding back adoption of cloud computing. Topics like process, security and data integration all came up. But all those people are from the vendor side of the house...

            Recently, I had a chance to go to a customer event hosted by SunGard Availability Services in Austin, Texas where a couple dozen CIOs shared their thoughts about where the cloud industry is and what they would like to see from it..."

            IT - Networks
            x
            10 Lessons Baseball Teaches Us About Networking
            Network World, November 4th, 2013
            "As a baseball fan based in Boston, I spent a lot of time watching baseball the last few weeks as the playoffs and, ultimately, the World Series progressed. (And yes, as a life-long Red Sox fan, I was very happy with the final outcome last week!) I've always enjoyed the thinking aspect of baseball. The up-front analysis, the in-game adjustments, the on-the-fly reactions, even the post-game second guessing - it's all fascinating to me...Here is my Top Ten list of things baseball can teach us about networking:"

            • All the thinking is done BEFORE the ball is pitched
            • Every pitch has everyone moving - batter, runners, fielders
            • You never know what will happen next
            • Obstructions happen!
            • Working together results in the right call
            • Resources must be managed carefully and applied accurately
            • There is true value in analytics
            • Things will change, but expectations stay the same
            • Smarts are more important than speed
            • There are no ties

            Read on for details.

            Ghouls that Plague IT Networks
            Baseline, November 4th, 2013
            "Unlike the fiendish characters you'll see during Halloween, the following wicked creatures do not only come out only at night. Nor are they the stuff of a Hollywood script. Instead, they're the very real problems that torment IT network administrators - as well as users throughout the enterprise - as compiled by Ipswitch. The movie line 'Stop me before I kill again' could apply to employees who unwittingly import a lot of bad stuff into the corporate network...:"
              The Democratization of FCoE
              Storage Switzerland, November 5th, 2013
              "Let's face it, Fibre Channel over Ethernet (FCoE) has not been the roaring success that vendors hoped it would be. Why? Probably the number one reason is that it was too expensive. Users expected FCoE to be cheaper, much cheaper, than regular fibre channel and were somewhat put off when it was not. Although vendors came up with elaborate return on investment (ROI) models to justify the extra expense, in reality the upfront costs were prohibitive. As a result FCoE, while being adopted, is being adopted at a much slower pace than originally expected..."
              Biggest Risks in IPv6 Security Today
              Network World, November 4th, 2013
              "Although IPv6 packets have started to flow, network engineers still tread lightly because of lingering security concerns. Here are the top six security risks in IPv6 network security today as voted by gogoNET members, a community of 95,000 network professionals.,,"

              • Lack of IPv6 security training/education
              • Security device bypass via unfiltered IPv6 and tunneled traffic
              • Lack of IPv6 support at ISPs and vendors
              • Congruence of security policies in v4 & v6
              • Bugs in new code
              • Absence of NAT

              Read on for details.

              How to Roll Your Own VPN
              InfoWorld, November 4th, 2013
              "If you need to encrypt traffic from your computer or mobile device, you have many options. You could buy a commercial VPN solution, or you could sign up for a VPN service and pay a monthly fee. Or for less money, you could create your own VPN and gain the use of a Linux VPS (Virtual Private Server) anywhere in the world. This roll-your-own option is made possible through the use of the open source OpenVPN project, Linux, and a few open source client-side applications..."
              Networks are Getting 'Up to Speed' with 10 and 40GpE
              WallStreet & Techology, November 4th, 2013
              "Firms want to scale data centers while accelerating applications, and monitor and secure the data running through the network. To do so, they will need to deploy new technology.

              It's hard to emphasize how important time synchronization is to financial services. When transactions are being conducted in nanoseconds across servers, applications, geographic regions, even a millisecond difference can mean the difference between a successful and disaster trade, and regulatory compliance..."

                Solving Network Security Complexity with Automation
                Help Net Security, October 31st, 2013
                "Network security has become too complex to manually manage, and companies should consider automation and orchestration in order to increase IT agility while maintaining security and compliance across the network, says a recent report by Tufin Technologies.

                The survey reveals that C-level managers and IT professionals are tackling increasingly complex enterprise networks, with trends such as virtualization, IPv6 and the Cloud requiring more automation of network management. The research also demonstrates an ever-changing IT network with companies from financial services, telecom, technology and public sectors facing frequent network configuration changes, and suffering from human error and recurrent firewall outages..."

                WTF is ... 802.15.4e?
                The Register, November 4th, 2013
                "Among the causes of the serious bushfires that are still burning near Sydney, Australia, was a tree branch falling over a powerline.

                Some Internet of Things (IoT) boosters suggest this kind of thing could be avoided by placing connected sensors just about everywhere so that news of a single failure could quickly trigger a useful action, in this case shutting down the live wire before it wriggles into a pile of dry leaves and ignites them..."

                  IT - Operations
                  x
                  How SMBs can Meet Enterprise Performance Expectations
                  Storage Switzerland, November 8th, 2013
                  "Small to medium sized businesses aren't in the enterprise category but their users certainly have enterprise expectations. Storage Switzerland Founder George Crump calls it the 'Facebook-ing of IT', in reference to the always-on, always-available services that big cloud and social media companies have created thanks to their advanced infrastructures and enormous IT investments. These services are as reliable as a public utility, a fact that has 'trained' the data consuming public to expect this from all their on-line and internal IT experiences..."
                  Avoiding Data Center Downtime
                  Baseline, November 4th, 2013
                  "According to the '2013 Study on Data Center Outages,' a recently released study conducted by Ponemon Institute for Emerson Network Power, outages present a difficult and costly challenge for organizations. In fact, data center outages are so dreaded that 84 percent of the 584 U.S.-based data center professionals who were surveyed for this study stated that they would rather walk barefoot over hot coals than have their data center go down. 'The vast majority of companies have an unplanned outage at some point,' says Larry Ponemon, founder and chairman for Ponemon Institute. In fact, 91 percent of the respondents indicated that they had endured at least one outage over the past 24 months..."
                    5 IT Outsourcing Tips in the Wake of Infosys's Visa Fraud Settlement
                    CIO, October 31st, 2013
                    "Following the Infosys visa fraud $34 million settlement, IT outsourcing customers should take these five steps to protect themselves. Here's a look at what outsourcing customers need to do..."

                    • Talk to your vendor.
                    • Conduct an HR audit.
                    • Review billing.
                    • Monitor immigration reform.
                    • Reconsider pricing models.

                    Read on for details.

                    The Educated Approach to Outsourced Data Center Services
                    SearchDataCenter, November 4th, 2013
                    "Outsourcing data center services isn't as quick and simple as it sounds.

                    As businesses grapple with shrinking IT budgets, staffing cuts and spiraling energy costs, outsourced data center services become more attractive. Consider workloads and evaluate providers carefully when developing an IT outsourcing policy. You might decide against that route..."

                    Once-A-Year Risk Assessments Aren't Enough
                    Dark Reading, November 4th, 2013
                    "While it may be important that security organizations employ effective methods to walking through an IT risk assessment, the frequency with which they go through that process is almost as important as the means of carrying them out. Unfortunately, even when security organizations cover all of their bases in an IT risk assessment, if they don't assess often enough they could still be keeping themselves open to a great deal of risk..."
                    IT - Security
                    x
                    11 Sure Signs You've been Hacked
                    InfoWorld, November 4th, 2013
                    "In today's threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable.

                    To combat this, many antimalware programs monitor program behaviors, often called heuristics, to catch previously unrecognized malware. Other programs use virtualized environments, system monitoring, network traffic detection, and all of the above at once in order to be more accurate. And still they fail us on a regular basis..."

                    Eliminating Security Solution Islands
                    IT Web, November 4th, 2013
                    "With hundreds of different security products and new start-ups entering the market every week, one would think enterprises are well-equipped to keep attackers out.

                    But this is not the case.

                    During his keynote address at RSA Europe in Amsterdam yesterday, Stephen Trilling, senior VP and CTO at Symantec, noted that the best solutions on the market do identify and block many attacks, but fail to collaborate their defences..."

                    Looking For A Security Job? You Don't Need To Be Bo Derek
                    Information Week, October 31st, 2013
                    "After my last column, I received tons of great feedback (thanks, Mom) and lots of questions. There was a common, and somewhat Catch-22-like, theme: How does one find a security job without security experience? And how does one obtain security experience without a security job?

                    The cybersecurity industry is immature but growing rapidly. There's no standardization of job titles or classifications -- an 'Information Security Analyst' and an 'Information Security Engineer' might perform the same functions for two different companies...:"

                    Long Live Perimeter Security
                    CSO Online, November 4th, 2013
                    "It is not possible to build the perfect security perimeter. But that doesn't mean you shouldn't try.

                    Most security experts agree that just because something is not 100% bulletproof doesn't mean it is worthless, even if, as Bayshore Networks CEO Francis Cianfrocca, puts it: "The traditional network perimeter is no longer defensible."

                    The most recent stark illustration of that is Adobe..."

                    Security Expert Seeks to Make (NSA) Surveillance Costly Again
                    ComputerWorld, November 7th, 2013
                    "The ongoing revelations of governmental electronic spying point to a problem larger than National Security Agency malfeasance, or even of security weaknesses. Rather the controversy arising from Edward Snowden's leaked documents suggest we face unresolved issues around data ownership, argued security expert Bruce Schneier.

                    'Fundamentally, this is a debate about data sharing, about surveillance as a business model, about the dichotomy of the societal benefits of big data versus the individual risks of personal data,' Schneier told attendees of the Usenix LISA (Large Installation System Administration Conference), being held in Washington this week..."

                    Security Misconceptions among Small Businesses
                    Help Net Security, November 1st, 2013
                    "More than 1,000 SMBs participated in a joint McAfee and Office Depot survey last month, and the majority (66 percent) felt confident that their data and devices are secure and safe from hackers, with 77 percent responding that they haven't been hacked.

                    The results are at odds with industry research that has revealed these same businesses are prime targets of complex and evolving cyber threats..."

                      Security Starts with Awareness: How to Conduct a Self-Audit
                      Help Net Security, November 7th, 2013
                      "Far too many security conversations start with a list of tools and price points, when actually, the environment is the most important factor to consider. Before you ever sit down to make your lists of must-have and want-to-have defense devices, examine your organization's information landscape. Consider which assets are your most critical, who has access to them and in what systems they reside. From there, you can begin to consider the best methods for protecting those resources. We call this a self-audit, and here are the basic steps for conducting one:.."
                      Social Engineering Tricks U.S. Security Agency into Baring All
                      IT World Canada, October 31st, 2013
                      "There have been weekly reports of the alleged omnipotence of U. S. intelligence agencies, giving to the impression they are on the leading edge of offensive IT security.

                      Apparently, however, at least one of those agencies doesn't know how to play defence. According to a presentation this week at the RSA European security conference, the agency fell for one of the oldest tricks, a person pretending online to be an employee..."

                      The Ultimate Guide to Preventing DNS-Based DDoS Attacks
                      InfoWorld, November 4th, 2013
                      "Celebrated author/Infoblox technologist Cricket Liu explains how to prevent DNS-based DDoS attacks -- and avoid being an unwitting accomplice to one...

                      When it comes to DNS, Cricket Liu literally wrote the book. He has co-authored all five editions of O'Reilly's "DNS and BIND" book, which is generally regarded as the definitive guide on all things relating to the Domain Name System. Cricket is currently chief infrastructure officer at Infoblox..."

                      Think Hackers Are IT's Biggest Threat? Guess Again
                      Information Week, October 30st, 2013
                      "Hacker groups such as LulzSec and Anonymous likely come to mind when discussing data breaches in the public sector. Both groups, along with other rogue hackers, have proven themselves more than capable of bypassing government security measures and gaining access to confidential data. But, surprisingly, they are not IT's biggest threat..."
                      Western Union: A Day in the Life
                      CSO Online, November 4th, 2013
                      "I've been involved with security awareness training for several years now, and I can't remember one single compliment on any of our previous courses," sighed Alex Yokley, Director of Corporate Information Security at Western Union.

                      "Sound familiar? Probably so, as too many people involved in training employees on information security are singing the same song. And who can blame the bored employees? The fact is most compliance training programs are incredibly dull. User surveys consistently report that the only reason people take the courses is because they have to..."

                      IT - Careers
                      x
                      Global Standards, Meet Local Constraints
                      ComputerWorld, November 4th, 2013
                      "Global IT systems sound so appealing, at least to headquarters staff. But don't fool yourself; the benefits of standardization will always run up against the arcane needs of far-flung field locations. Most obviously, there's the need to support multiple languages, alphabets and currencies, not to mention local data in formats that differ from headquarters' systems. But that's just scratching the surface of the constraints you can encounter. Consider these, for example:..."
                        Lesson from Healthcare.Gov: A Launch is No Time for a Beta Test
                        GCN, November 1st, 2013
                        "So, just how bad was the roll-out of the Affordable Care Act portal, HealthCare.gov? It depends. As a production launch, it was really bad. Failures on the site frustrated users and burned up a lot of goodwill that the administration could ill afford to lose.

                        As a beta test, it still was pretty bad; but that's what beta tests are for. There is no disgrace in finding problems in an application during testing. 'This is pretty standard,' said David Lindsay, senior security product manager at Coverity, a development testing company. The failure with HealthCare.gov is that the beta test started Oct. 1 rather than two months earlier...:"

                        Monster Bosses: Be Very Afraid
                        ComputerWorld, November 4th, 2013
                        "Even the best bosses can occasionally take on some of the traits of these monsters, on Halloween or any other day. (Not my manager, of course; if anyone's asking, she's perfect.)

                        But if your boss starts exhibiting any of these unfortunate characteristics, we recommend you hightail it out of there as soon as possible, because you never know when he or she will turn against you. If that's not possible, at least keep some high-grade chocolate on hand; even a scary boss enjoys a good piece of candy every now and again..."

                          IT - Compliance
                          x
                          The C-Suite: A Crucible for Misconduct
                          FCA Blog, November 5th, 2013
                          "At the heart of the compliance profession lies the complex, entrenched problem of serious criminal misconduct by senior executives. That's why I have suggested that for some multinationals, the 'problem of overseas corruption is not overseas. It's in the corner office.'

                          Misconduct at the top is now receiving the increased scrutiny it deserves..."

                            IT - Email
                            x
                            Happy Birthday, Internet! Here are Your Lamest Lifetime Moments
                            TechHive, October 29th, 2013
                            "It all began on October 29, 1969, when a host computer at UCLA sent a few packets of data to another host computer at Stanford. The plan was for Leonard Kleinrock, who oversaw the ARPANet lab at UCLA, to send a message containing the word 'log' to his colleagues at Stanford, who would then respond with the word 'in.'

                            Unfortunately the system crashed right after Kleinrock had sent 'lo,' but the deed had been done, and the Internet concept proved.

                            From that garbled first word, the Internet grew into the world's connective tissue..."

                              IT - Mobile
                              x
                              What's the best backup solution for mobile devices?
                              If you have to back up client devices, you're doing something wrong
                              Brian Madden writes, "At TechTarget's Storage Decisions conference last week in San Francisco, one of the attendees asked me, "What's the best backup solution for mobile devices?"

                              What was weird about that question is that I didn't have a quick answer. Since I spend all my time thinking and talking about end user computing, it's rare for someone to ask me a question that I haven't heard before or that I don't have a quick answer for.

                              So why didn't I have a solution for mobile device backup on the tip of my tongue? Simple. Mobile devices shouldn't need to be backed up!..."

                              IT - Big Data
                              x
                              8 Cool Heat Maps that Help Visualize Big Data
                              CIO, October 24th, 2013
                              "A heat map is one of the great innovations of visual communication. In an instant, you can spot a weather formation and judge the seriousness of the storm or see the heaviest concentrations of U.S. Internet outages.

                              We're already inundated with too much information - Twitter feeds, status updates, email archives, etc. - but a heat map represents a good way for upper level management to see problems and successes instantly. The heat maps featured here communicate massive data sets in a way that few images can accomplish..."

                              Big Data Blues: The Dangers of Data Mining
                              ComputerWorld, November 4th, 2013
                              "Big data might be big business, but overzealous data mining can seriously destroy your brand. Will new ethical codes be enough to allay consumers' fears?

                              More than simply bits and bytes, big data is now a multibillion-dollar business opportunity. Savvy organizations, from retailers to manufacturers, are fast discovering the power of turning consumers' ZIP codes and buying histories into bottom-line-enhancing insights..."

                              Big Data Definitions Fail to Describe Challenges of Large Data Sets
                              SearchBusinessAnalytics, November 1st, 2013
                              "By now many data management professionals are familiar with the "three Vs" definition of big data -- volume, velocity and variety. But as the various types of databases become increasingly more proficient at handling large volumes of streaming data, the last V, variety, may become the trickiest piece of the big data puzzle to solve.

                              Speaking at the SAS Premier Business Leadership Series, David Judson, senior director of business intelligence initiatives at Scotts Miracle-Gro Company, said when he took over responsibility for the organization's big data initiatives in 2011, no one was concerned about data volume or the speed with which it was coming into databases. The existing infrastructure was sufficient to handle the load..."

                              Breaking Big Data into Byte-Sized Bits
                              ComputerWorld, November 4th, 2013
                              "Big Data solutions in isolation provide little value to an organization unless that data can be acted upon to support the decision-making process. It is only in the analysis of that data that real value is extracted...

                              India is South Asia's largest economy as we know and has been contributing significantly to strengthen its market over the last decade. India's uniqueness lies in its culture diversity, partnership, free market and harnessing the potential of innovation. Till about two decades ago Information Technology was a forte of a privileged few, today IT has reached a new paradigm shift where it plays a defining role in creating business success..."

                              Companies Grapple With Big Data Challenges
                              Baseline, October 29th, 2013
                              "More enterprises seek to leverage the opportunities offered by big data, but constructing a framework that lets them put the data to maximum use is a challenge.

                              As organizations attempt to navigate the information age, executives are discovering that the biggest obstacle isn't collecting data or finding ways to manage and store it efficiently. It's constructing a framework that allows business and IT leaders to connect all the dots and put all the data to maximum use.

                              "There is a growing need to analyze many different types of data and to use it to make decisions more quickly and for entirely new types of processes and events," says Vincent Dell'Anno, leader of the big data practice at Accenture..."

                              Five Tips for Mitigating the Fallout from a Big Data Breach
                              IT Business Edge, November 4th, 2013
                              Big Data is pervasive in the enterprise today, and it is only going to get bigger. For example, IT departments are adopting longer retention times for saved data (six months or longer) which, in turn, requires expansion of their existing networked data storage. And with mandated retention policies like Sarbanes-Oxley to account for, end users are also required to capture every data packet that is transacted and retrieve historical data for analysis without any potential data packet loss.

                              • Don't assume that your network won't be compromised - it will.
                              • The best time to prepare for a breach is before it happens.
                              • Continuously monitor the traffic on both sides of your firewall.
                              • Look at integrating the workflow of your SEM/SEIM tools so that you can reduce time to resolution for breaches.
                              • Make sure that your SEM/SEIM tools are secure.

                              Read on for details.

                              Good Luck Finding a Data Scientist
                              Wall Street and Technology, October 31st, 2013
                              "Challenge: With every company focused on big data, finding data scientists to manipulate, crunch and make sense of petabytes of data is nearly impossible. Moreover, most universities are only beginning to launch data science graduate programs, so candidates with degrees in the field are still a few years away, at best.

                              Why It's Important: Financial firms have been investing heavily in big data technologies for the past few years. The term big data is definitely overused, but there is no doubt that business and technology leaders are banking that big data will help provide analytics for a variety of needs in the very near future, including regulatory reporting, client targeting, trading strategies, portfolio management and more..."

                              Three-Quarters of Insurance Companies Use Predictive Analytics in Pricing
                              Insurance & Technology, November 4th, 2013
                              "Predictive analytics use has increased greatly in insurance businesses, especially for the biggest companies, according to the 2013 Insurance Predictive Modeling Survey. While the survey showed an increase in predictive modeling throughout the industry, all respondents from companies that write over $1 billion in personal insurance employ predictive modeling compared to 69% of companies with less than that amount of premium.

                              The study was released by Earnix, a provider of integrated pricing and customer analytics solutions for banking and insurance, and ISO, a source of information on property and casualty insurance risk..."

                              IT - BYOD
                              x
                              BYOD? Sure! BYOPC? Not so fast...
                              InfoWorld, November 1st, 2013
                              "The forces that propelled use of employee-owned smartphones and tablets don't apply so much to PCs and Macs...

                              The notion of bring-your-own devices is common at most companies; according to research firm estimates, two-thirds to three-quarters of all companies now allow people to use their own mobile devices for work, meaning at least for email access. We should expect companies to allow the same for PCs, right?

                              Yes and no..."

                                Top10
                                x
                                Top Ten Articles for last few Issues
                                Vol 188 Issues 1, 2, 3 and 4; Vol 187 Issues 1, 2, 3 and 4
                                We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                • Oracle VM Server for SPARC: which domain types should be used to run applications
                                • How to Set Up a Hadoop Cluster Using Oracle Solaris
                                • State of the Java platform and all the roadmaps
                                • Oracle's Full Line of Integrated Sun Servers
                                • Oracle Licenses VMware vSphere Storage APIs for Oracle Storage
                                • October 2013 Virtualization Newsletter
                                • Temenos T24 achieves Oracle Exadata Optimized and Oracle Exalogic Optimized status
                                • Unbreakable Enterprise Kernel Release 3 for Oracle Linux
                                • October 2013 Oracle Linux Newsletter
                                • Java Spotlight Episode 149: Geertjan Wielenga on NetBeans 7.4

                                The longer version of this article has list of top ten articles for the last 8 weeks.

                                  IT - Encryption
                                  x
                                  Five Free Apps for Encrypting Email
                                  TechRepublic, November 4th, 2013
                                  "Whether you are using an email client or a web-based email solution, you can encrypt your email.

                                  There are those that claim encryption is dead. Not so, says many small and medium sized businesses across the globe. There are plenty of reasons why you might need to encrypt an outgoing email - just as many reasons as there are ways. Whether you are using an email client or a web-based email solution, you can encrypt your email. I have searched for some of the easier (and free) means to successfully get those outgoing emails wrapped in a warm blanket of secrecy.

                                  With the exception of one, these tools serve a singular purpose - to encrypt email messages. Each of them offers a fairly straight-forward learning curve that anyone should be able to get up to speed with quickly. That said, let's dive in and see what each of these tools can do for your encryption needs..."

                                  IT - Server
                                  x
                                  Patch First, Ask Questions Later
                                  InfoWorld, November 5th, 2013
                                  "Secunia just released its 2013 Q3 vulnerability report for the United States. I'm a big fan of Secunia and the data it's collected in the fight against badness. As I said last week, it's a lot better to use solid data rather than vendor suggestions to drive your security strategy.

                                  Along with a few other sources (including Kaspersky Lab and Microsoft's Security Intelligence Reports), Secunia has helped me realize that unpatched software is to blame for the majority of successful exploits. According to Kaspersky, Oracle Java and Adobe Acrobat accounted for more than three-fourths of all successful exploits last year. Got that? Then you should have your marching orders: Patch two programs and you'll remove the bulk of the risk in your organization..."

                                  Sysadmin
                                  x
                                  Oracle Enterprise Manager 12c Delivers Advanced Self-Service Automation
                                  For Oracle Database 12c Multitenant
                                  Database as a Service (DBaaS) offers organizations accelerated deployment, elastic capacity, greater consolidation efficiency, higher availability and lower overall operational cost and complexity. Oracle Database 12c provides an innovative multitenant architecture featuring pluggable databases that makes it easy to offer DBaaS and consolidate databases on clouds. To support customers' move to this model, Oracle Enterprise Manager 12c adds new automation capabilities to enable quick provisioning of database clouds through self-service, saving administrators time and effort. These new capabilities can help customers adopt Oracle Database 12c faster and pave the way to a DBaaS delivery model.

                                  Oracle announced a new release of Oracle Enterprise Manager 12c, which provides a turnkey, full lifecycle DBaaS management solution for Oracle Multitenant, an option for Oracle Database 12c Enterprise Edition.

                                  Security
                                  x
                                  Oracle White Paper about Directory Services Integration with Database Enterprise User Security (EUS)
                                  EUS deployment options available with Oracle Unified Directory (OUD) and Oracle Internet Directory (OID)

                                  IT departments are under consistent pressure to reduce cost, enhance security, and improve compliance to support ever-competitive business. Databases are critical components of enterprise IT infrastructure, so it is key to centralize and integrate database users and privileges into an enterprise identity management framework. However, many enterprises today still manage users and privileges on an individual database basis. From an end-user perspective, this means that each user must remember multiple passwords. From an administration perspective, redundant user management is costly; managing user authorizations in multiple databases is error-prone. From an auditing and compliance perspective, on-time provisioning and de-provisioning of user access and privileges across databases is challenging. Enterprise User Security (EUS), an Oracle Database Enterprise Edition feature, leverages the Oracle Directory Services and gives you the ability to centrally manage database users and role memberships in an LDAP directory...

                                  Trending in
                                  Vol 231, Issue 3
                                  Trending IT Articles