News about Oracle's Solaris and Sun Hardware
System News
Nov 11th, 2013 — Nov 17th, 2013 Generate the Custom HTML Email for this Issue
System News System News for Sun Users
Volume 189, Issue 2 << Previous Issue | Next Issue >>
Sections in this issue:
click to jump to section

Oracle Database Appliance Solution-In-A-Box
Oracle FLEXCUBE Universal Banking on Oracle Database Appliance X3-2
Margaret Hamburger writes, "Another great example of how Oracle Database Appliance simplifies the deployment of high availability database solutions making it easy for Oracle Partners and ISVs to deliver value added solutions to customers on a simple, reliable and affordable database platform.

Oracle FLEXCUBE Universal Banking recently announced that it runs on Oracle Database Appliance X3-2 to deliver mid-size banks a compelling banking-in-a-box solution. With this certification, banks can benefit from a low-IT-footprint, high-performance, full-scale banking technology that is engineered to support end-to-end business requirements.

In a recent performance test of Oracle FLEXCUBE Universal Banking on Oracle Database Appliance X3-2, the system managed more than 2.6 million online transactions in 60 minutes. This equated to roughly 744 transactions per second with an average response time of 156 milliseconds for 98 percent of the transactions. Likewise, the solution completed end-of-month batch processing for 10 million customer accounts in 123 minutes during the performance test..."

Korea Enterprise Data Consolidates 20 Servers to One Platform
Improves System Response Time by 20x, and Lowers Total Cost of Ownership
Korea Enterprise Data (KED) is a leading supplier of business credit reports on Korean midsize enterprises, including credit evaluations and ratings, financial statements, and credit history checks.

The company implemented Oracle's SPARC T4-4 server with Oracle SuperCluster T4-4 to consolidate 20 servers into a single platform, and built a next-generation credit analysis system to improve data quality and reliability. KED also deployed Oracle's Sun ZFS Storage 7420 and Sun ZFS Storage 7320 appliances to provide data storage and backup for Oracle SuperCluster. The company improved system response time by 20x, completed data backups 7x faster, achieved 10x data compression, and improved customer satisfaction.

ADNOC talks about 50x increase in performance
How Exadata can revolutionise your business?
Keith Laker writes, "If you are still wondering about how Exadata can revolutionise your business then I would recommend watching this great video which was recorded at this year's OpenWorld.

First a little background...The Abu Dhabi National Oil Company for Distribution (ADNOC) is an integrated energy company that was founded in 1973. ADNOC Distribution markets and distributes petroleum products and services within the United Arab Emirates and internationally. As one of the largest and most innovative government-owned petroleum companies in the Arab Gulf, ADNOC Distribution is renowned and respected for the exceptional quality and reliability of its products and services...

ADNOC selected Oracle Exadata Database Machine after extensive research because it provided them with a single platform that can run mixed workloads in a single unified machine..."

Oracle VM 3.2.6
Bring Your Oracle VM Environment Up to Date
Honglin Su write, "We incorporate our customer's feedback and bug fixes into the regular updates. It's very beneficial to use the latest update of Oracle VM releases.

Oracle VM 3.2 (Oracle VM Manager and Oracle VM Server for x86) is the current stable release, which has with all the advance management capabilities built-in. 3.2.6 is the latest patch update. You can review the list of bug fixes and enhancements here.

IT - Storage
Server, Server In The Rack, When's My Disk Drive Going To Crack?
The Register, November 11th, 2013
"Cloud backup outfit Backblaze has cobbled together all the data it's gathered from the 25,000 or so disk drives it keeps spinning and drawn some conclusions about just how long you can expect disks to survive in an array.

The study's not the best of guides to data centre performance, because Backblaze happily makes do with consumer-grade drives. As even those drives routinely offer mean time between failure (MTBF) in the hundreds of thousands of hours - decades of operation - or the storage industry's preferred longevity metric of annualised failure rates (AFR) of under one per cent per year, the study tests those claims as well as any other. It's also rather more recent than the 2007 studies from Google (PDF) or Carnegie Mellon University..."

IT - Technology
9 Ways that Technology Uses Helium
ComputerWorld, November 7th, 2013
"Western Digital's new helium-filled hard drives prompted questions about whether it is wise to use already low helium reserves for this purpose. In reality, the helium supply is growing, and the drives would use a minuscule amount of it anyway. Here are 9 other ways that helium is used today..."

  • MRI machines
  • The Large Hadron Collider
  • Helium balloons
  • Fiber optics and semiconductors
  • Chromatography
  • Inner atmosphere operations
  • Gas metal arc welding
  • Breathing mixtures
  • Leak detection

Read on for details.

    MIT's Dynamic Shape Display
    Tangible Media Group, November 11th, 2013
    "inFORM is a Dynamic Shape Display that can render 3D content physically, so users can interact with digital information in a tangible way. inFORM can also interact with the physical world around it, for example moving objects on the table's surface. Remote participants in a video conference can be displayed physically, allowing for a strong sense of presence and the ability to interact physically at a distance. inFORM is a step toward our vision of Radical Atoms..."
      The PC: What a Long, Strange Trip it's Been
      InfoWorld, November 9th, 2013
      "Technology marches relentlessly onward, discarding the old to make way for the new. Today's heroes quickly becomes yesterday's news. As pundits ponder the future of the PC -- Do desktops matter anymore? Are tablets PCs, or something else? What about hybrids like the Surface? -- we figured it was time to hop off the hype cycle and forget the constant tick-tocking of Moore's Law for a moment.

      Let's revel in the roots of the wonder machines that make our lives easier. From the first GPUs and CPUs to the forerunner of the Internet, these are the breakthroughs that birthed computers as we know them today. Staring history in the face reminds us that all computing devices share the same background..."

        The Top 5 Worst Technology Predictions of All Time
        Business 2 Community, November 11th, 2013
        "Bill Gates? Steve Jobs? They're names you'd normally associate with cutting edge technological 'nouse' - but even the masters of the tech space can get it hopelessly wrong..."

        • I think there is a world market for maybe five computers
        • Within five years, I predict [the tablet] will be the most popular form of PC sold in America
        • There is no reason for any individual to have a computer in his home
        • The subscription model of buying music is bankrupt. I think you could make available the Second Coming in a subscription model, and it might not be successful
        • Two years from now, spam will be solved

        Read on for details.

          What Star Wars Teaches Us About Technology
          Information Week, November 7th, 2013
          "Luke Skywalker had it right. Push away the screen and go with The Force from time to time. I hadn't seen the original Star Wars in about 30 years, so I figured it was time to see how the old saga holds up. As a kid, I was in awe of George Lucas's iconic sounds and images. But as a 40-year-old movie snob, I was ready -- even excited -- to not like Star Wars.

          The corny dialog, the '70s-era computer graphics and '70s hair, the special effects that pale next to today's mind-blowing CGI and 3-D technology. And that C3P0! He won't shut up! I assumed it would be dated and silly.

          But I was wrong..."

            World's First 3D-Printed Metal Gun Blows Through 50 Rounds
            ComputerWorld, November 8th, 2013
            "The 45 caliber, semi-automatic pistol was fired at a target more than 30 yards away; several rounds hit the bulls-eye..."

            A 3D printing services company has built a fully functioning, semi-automatic pistol and shown that it works just as a traditionally manufactured gun.

            Built by Solid Concepts, the pistol is a replica of the storied .45-caliber, M1911 semi-automatic that served as the U.S. military's standard-issue sidearm for more than 70 years. Solid Concept demonstrated the gun by firing 50 rounds with it..."

            Focus on Oracle Solaris
            Solaris Sessions from Oracle OpenWorld 2013
            Solaris talks from Oracle OpenWorld 2013:

            General Sessions

            • Oracle Solaris Strategy, Engineering Insights, and Roadmap
            • What's New with Oracle Engineered Systems


            • Building an Ultrafast, Scalable, Multithreaded, Multiprocess Server
            • Best Practices for Maintaining and Upgrading Oracle Solaris
            • Customer Panel: Oracle Solaris in Action
            • Getting Unbeatable App Performance on SPARC Enterprise M-Series and SPARC T-Series Servers
            • Why Oracle Solaris Is the Best UNIX for Oracle Database and Oracle WebLogic
            • How to Set Up a Public Key Infrastructure for Secure Shell and PuTTY
            • Why Oracle Fusion Middleware Runs Best on Oracle Solaris
            • Oracle Solaris Panel: Insights and Directions from Oracle Solaris Engineering
            • Oracle Solaris 11 Best Practices for Software Lifecycle Management
            • ISV Panel: Oracle Solaris and ISV Insights
            • Ten Key Solaris Zones Differentiators Enhancing Cloud Platforms
            • Consolidate Databases and Provide Dynamic Quality of Services
            • Compliance and Security: Least Complexity, Lowest Risk with Oracle Solaris

            See the website for links to talks and/or slides.

            Cloud Computing
            Success of Oracle CloudWorld Sparks Extended Roadshow with Expanded Nine City Engagement
            Beijing, Bogota, Chicago, New Delhi, Paris, San Francisco, Melbourne and Moscow
            Building on the tremendous success of Oracle CloudWorld and continued customer interest in leveraging cloud technologies, Oracle announced that the event series will expand to nine additional global locations.

            Oracle CloudWorld brings together industry leaders, including senior Oracle executives, customers and partners, to share real-world examples of how they are using cloud technologies to transform their businesses.

            Oracle Cloud supports 9 million users and 19 billion transactions each day, running on thousands of servers and 200 petabytes of storage in 17 data centers around the world.

            The expanded format of the one-day conference features keynotes from industry visionaries, multiple tracks aligned to specific customer roles, hands-on demos and exhibits, and networking opportunities. Keynote sessions will highlight Oracle's strategy and roadmap for cloud and social.

            The events will also include content related to the continued expansion of Oracle Cloud and the recent addition of 10 new Oracle Cloud services, announced at Oracle OpenWorld 2013.

            Oracle Expands Its Investment in Global Cloud Infrastructure
            Adds Four Oracle Cloud Data Centers
            As cloud growth continues, Oracle is expanding the number of Oracle Cloud data centers to continue its commitment as being the industry's leading cloud service provider. Oracle Cloud offers a broad range of modern, functionally rich, and integrated services running in a secure, enterprise and standards-based cloud platform. With the new Oracle Cloud data centers scheduled to go online by Q2 2014, Oracle is helping customers and partners further capitalize on the power of cloud computing as well as supporting the demand for local data residency and regulatory requirements.

            Oracle Cloud provides the industry's most complete suite of modern, enterprise SaaS applications including Human Capital Management, Customer Experience, and Enterprise Resource Planning with built-in business intelligence, social, and mobile capabilities.

            Oracle offers customers and partners choice and flexibility in where they deploy Oracle software: in Oracle Cloud and other public clouds, at traditional on-premise data centers, private clouds and private managed clouds, meeting the most comprehensive security and compliance standards in the industry (ISO 27001, ISO 27002, HIPAA, ISAE 3402 / SSAE 16, NIST, DIACAP, PCI, CFR Part 11).

            IT - Cloud
            Cloud Migrations: Don't Forget About The Data
            Information Week, November 5th, 2013
            "Focus on your data migration separately from your application migration to get better results...

            Gartner research director Richard Watson once observed, "When the CIO issues the simple directive: 'Move some applications to the cloud,' architects face bewildering choices about how to do this, and their decision must consider an organization's requirements, evaluation criteria and architecture principles."

            Creative Destruction and the Cloud: Why It's a Good Thing
            SearchCIO, November 11th, 2013
            "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin, creator of the initial concepts that became the Apple Macintosh computer, as quoted in Dr. Dobb's Journal.

            "I must admit that I have heard many descriptions of computing but, when I came across this exploding-shoe metaphor, it was (a) different, and (b) caught my attention. Then again, I have always been fascinated by what people have to say about technology, especially new technology, and especially new technology that is disruptive by its nature. Here are a few of my favorites:..."

              IT - CxO
              6 Tips to Help CIOs Manage Shadow IT
              CIO, November 13th, 2013
              "With the increase in cloud computing and BYOD in the workplace, it's become increasingly difficult for IT departments to keep track of and manage software and hardware -- and maintain a secure environment.

              So what can CIOs and other IT leaders do to identify and manage Shadow IT -- software and hardware not directly under the control of IT -- and mitigate the potential risks? asked dozens of IT, mobile and cybersecurity professionals to find out. Here are their top six tips for managing Shadow IT in the enterprise..."

              • Monitor your network -- to find out if or where you have a Shadow IT problem.
              • Prioritize risk
              • Establish guidelines around BYOD and apps/cloud services
              • Offer alternatives
              • Restrict access to third-party apps
              • Offer amnesty on Shadow IT

              Read on for details.

              Five Ways CIOs can Improve IT Security
              TechWorld, November 12th, 2013
              "IT security is a difficult issue, especially with the topic gaining unprecedented exposure in the press as of late. Not only do you have to worry about nefarious governments and freelance hackers, but now must add government agencies like the NSA and even organized crime to the list of security concerns. Budget discussions are no longer simple matters of dollars and cents, but questions about the very security of your company's proprietary, financial, and customer information. So what are some pragmatic and quick steps you can take to increase security? Here are some ideas:..."

              • Determine the risk
              • Provide a voice of reason
              • Identify and highlight the human factor
              • Simplify security
              • Plan and execute

              Read on for details.

              The Problem with Putting 'Do Not Hire' Notes in Personnel Files
              TLNT, November 11th, 2013
              "If I ever handled a plaintiff's case again, at deposition, I would be sure to take a page out of the playbook of Texas employment lawyer Mike Maslanka:

              Ask the manager who decided to fire the plaintiff whether he's eligible for re-hire. An unprepared manager might blurt out, 'Of course not; he's suing us.' Say hello to a retaliation claim..."

                Your Field Guide to the Odd Creatures in Today's C-Suite
                ZDNet, November 1th, 2013
                "Be honest. The first time you heard someone talk about the C-suite or mention the term 'CXO,' you rolled your eyes.

                We don't blame you.

                The fact that people waste their time coming up with jargon to talk about these roles indicates how fashionable it has become to have a title that makes you the chief officer of something. In fact, with so many of them running around with these titles now it's getting tough to keep them all straight, right?

                Well, that's where we come in. We've put together a field guide to help you recognize these creatures when you see them in the wild. And if you're involved in tech, then you better take note because more and more of these wild beasts are involved in making technology buying decisions..."

                  iRacing Drives Extreme Performance with Oracle Database Appliance
                  Online Gaming Leader Enhances Customer Experience
                  With tens of thousands of players competing against each other on its online system, iRacing Motorsports Simulations, LLC, the world's premier motorsports racing simulation, determined it needed to enhance its database environment to continue delivering reliable uptime and an exceptional player experience. In the Oracle Database Appliance, the company found an easy-to-implement database infrastructure that proved a cost-effective solution for providing players peak performance, while laying the track to effectively manage future growth.

                  To support and improve the performance of its online racing simulation, iRacing is successfully leveraging the Oracle Database Appliance.

                  After evaluating multiple options, including deploying commodity hardware from Dell and launching an Amazon-hosted cloud database, iRacing selected the Oracle Database Appliance.

                  With the Oracle Database Appliance, iRacing is able to take advantage of a complete package of software, server, storage and networking engineered for simplicity and high availability.

                  Oracle Big Data Appliance X4-2
                  A comprehensive Big Data platform optimized for both batch and real-time processing
                  Oracle Big Data Appliance X4-2 is now available, providing enterprises with a comprehensive and secure engineered system optimized to run Cloudera's entire Platform for Big Data, Cloudera Enterprise, at a low overall total cost of ownership. Together, Oracle Big Data Appliance X4-2, Oracle Big Data Connectors, and Oracle Exadata form a complete and integrated platform for Big Data.

                  Oracle Big Data Appliance X4-2 is a pre-integrated full rack configuration with 18 of Oracle's Sun servers that include InfiniBand and Ethernet connectivity to simplify implementation and management

                  Oracle Big Data Appliance X4-2 Starter Rack, contains six Oracle Sun servers within a full-sized rack with redundant Infiniband switches and power distribution units. Oracle Big Data Appliance X4-2 In-Rack Expansion includes a pack of six additional servers to expand the above configuration to 12 nodes and then to a full rack of 18 nodes.

                  IT - DR
                  How to Create an Effective Business Continuity Plan
                  CIO, November 14th, 2013
                  Natural and manmade disasters underscore the challenges of seamless disaster recovery in the real world. Having a comprehensive business continuity plan isn't just an IT concern; though. Nothing less than the survival of your company is at stake

                  We rarely get a head's up that a disaster is ready to strike. Even with some lead time, though, multiple things can go wrong; every incident is unique and unfolds in unexpected ways.

                  This is where a business continuity plan comes into play. To give your organization the best shot at success during a disaster, you need to put a current, tested plan in the hands of all personnel responsible for carrying out any part of that plan. The lack of a plan doesn't just mean your organization will take longer than necessary to recover from an event or incident. You could go out of business for good..."

                  IT - PM
                  14 Quality Checks for Your IT Project Schedule
                  TechRepublic, November 12th, 2013
                  "One way to evaluate whether your project schedule is good is to measure it against this list of quality checks from the Defense Contract Management Agency.

                  IT project management consultants and Project Management Office (PMO) managers see project schedules that vary in quality. A PMP certified project manager (PM) may have 10 years of experience managing projects, but that isn't an indicator of the PM's ability to build a good schedule.

                  Evaluating a project schedule can be subjective unless there is a set of objective criteria to follow. Well-structured PMO organizations may have project schedule quality guidelines, but unless there's a schedule review, the schedule could still have significant defects that impact realistic project delivery..."

                  Why Ignoring the End-User Makes You Seem Incompetent
                  TechRepublic, November 7th, 2013
                  "IT product developers who don't try to understand the needs of end-users are doomed to fail. The recent high-profile fiasco of the website has reminded me of an issue I've seen more and more of lately, and that is: a disregard for customer service.

                  Now, this goes as high up as CEOs making decisions that they think their customers will want. And then it turns out that they're wrong (Most companies fail customer service test - MoneyWatch). As the author of this piece, Michael Hess, says, companies should be more concerned with the way their customers feel because technology has made it much easier to praise (or pan)..."

                  IT - Networks
                  All About Beamforming, the Faster Wi-Fi You Didn't Know You Needed
                  PCWorld, November 8th, 2013
                  "Beamforming is one of those concepts that seem so simple that you wonder why no one thought of it before. Instead of broadcasting a signal to a wide area, hoping to reach your target, why not concentrate the signal and aim it directly at the target?

                  Sometimes the simplest concepts are the most difficult to execute, especially at retail price points. Fortunately, beamforming is finally becoming a common feature in 802.11ac Wi-Fi routers (at least at the high end). Here's how it works..."

                    Don't Expect Data on P2P Networks to be Private, Judge Rules
                    ComputerWorld, November 12th, 2013
                    "Defendants claimed that searching for files on their computers violated Fourth Amendment rights

                    There can be no expectation of privacy in data exposed to the Internet over a peer-to-peer file-sharing network, a federal judge in Vermont ruled in a case involving three individuals charged with possession of child pornography.

                    The three men had argued that police illegally gathered information from their computers using an automated P2P search tool and then used that information to obtain probable cause warrants for searching their computers. Each of the defendants was later charged with possession of child pornography based on evidence seized from their computers..."

                      Elephants Need Affinities
                      Business 2 Community, November 11th, 2013
                      "Perhaps somewhat lost in a ridiculously hyper week of datacenter announcements last week was this article from some of the network minds at VMWare. The article describes a division of flow types in datacenter environments (they probably exist elsewhere too but probably less pronounced). Elephant flows are those flows that are long lived between sets of applications and are responsible for the majority of traffic exchanged in a data center network. Their counterparts, mice flows, are very short lived, bursty flows that are responsible for the bulk of the total flows..."
                      Fact or fiction: What affects Wi-Fi speed?
                      Macworld, November 4th, 2013
                      "Believe it or not, there was a time not long ago when surfing the Internet from your back porch required a very, very long ethernet cable. These days Wi-Fi seems to be everywhere, with inkjet printers, digital cameras, TVs, and even refrigerators connecting to home and office networks without the need for cables.

                      But for all of the gains made in Wi-Fi technology, much confusion remains about wireless networks and the problems that can plague them. To help clear up some of the confusion, we gathered a list of common beliefs about Wi-Fi speed and set about proving or disproving them using the tools available to us here in the Macworld lab..."

                        'More' Meaningful Metadata . for Network Security
                        CSO Online, November 12th, 2013
                        "A couple weeks ago I wrote my first blog about metadata. In that blog I highlighted five of the core requirements of a successful metadata program from privacy concerns to data retrieval. This blog will go deeper into metadata for network security strategies to include five more considerations including: integration of multiple solutions, the enrichment of data, analytics, reporting, and incident response..."
                        IT - Operations
                        Fuel-Cell Powered Data Centers Cost Less, Improve Reliability
                        Network World, November 12th, 2013
                        "Data centers powered by fuel cells, not the public power grid, could cut both capital and operational costs, improve reliability, pollute less and take up less space, according to Microsoft researchers.

                        This technology could make data center expansion possible in regions where utility-supplied power is tapped out but natural gas is abundant, according to a paper posted by Microsoft Research. Also, since the reliability of gas supply is better than that of electrical power, these data centers would suffer less downtime.

                        The researchers say there are many variables that need to be taken into account in engineering these facilities, but overall they hold potential for greener data centers..."

                        Hot or Not? Know Your Data Center's Environment
                        InfoWorld, November 11th, 2013
                        "Whether we're designing, building, or maintaining data centers, we need to pay attention to a lot more than how and where the bits flow. We also need to know about the physical environment. We need to keep all the gear at a reasonable temperature, and we need to protect it from all kinds of possible mayhem -- from unauthorized access to burst pipes.

                        Environmental monitoring is one of the elements of data center construction and maintenance that seems to be missed at many levels..."

                        The 9 Hardest Things Programmers Have to Do
                        IT World, November 11th, 2013
                        "Most people who aren't programmers assume that the job of developing software is hard - and it is, but not in the ways that non-developers would figure. A recent discussion thread on Quora got developers to share what they felt were the hardest tasks that the job requires. Using the input and scores from that thread, and another, older one on Ubuntu Forums, ITworld has compiled a list of the 9 hardest tasks for programmers..."

                        • Naming thing
                        • Explaining what I do (or don't do)
                        • Estimating time to complete tasks
                        • Dealing with other people
                        • Working with someone else's code
                        • Implementing functionality you disagree with
                        • Writing documentation
                        • Writing tests
                        • Designing a solution

                        Read on for details.

                          The Educated Approach to Outsourced Data Center Services
                          SearchDataCenter, November 11th, 2013
                          "Outsourcing data center services isn't as quick and simple as it sounds.

                          As businesses grapple with shrinking IT budgets, staffing cuts and spiraling energy costs, outsourced data center services become more attractive. Consider workloads and evaluate providers carefully when developing an IT outsourcing policy. You might decide against that route..."

                          IT - Security
                          Top 12 Scams of the Holiday Season
                          Help Net Security, November 11th, 2013
                          "McAfee released its annual “12 Scams of Christmas” list to educate the public on the most common scams that criminals use during the holiday season to take advantage of consumers as they shop on their digital devices. Cybercriminals leverage these scams to steal personal information, earn fast cash, and spread malware..."

                          • Not-So-Merry Mobile Apps
                          • Holiday Mobile SMS Scams
                          • Hot Holiday Gift Scams
                          • Seasonal Travel Scams
                          • Dangerous E-Seasons Greetings
                          • Deceptive Online Games
                          • Shipping Notifications Shams
                          • Bogus Gift Cards
                          • Holiday SMiShing
                          • Fake Charities
                          • Romance Scams
                          • Phony E-Tailers

                          Read on for details.

                            5 Reasons Why You Should Be Using A VPN
                            Yahoo! Small Business Advisor, November 11th, 2013
                            "In our increasingly digital world, it's more important than ever to prioritize online privacy and security. Over the past few years we've seen developed countries step up their internet surveillance and in some cases, internet censorship. During the 'Arab Uprising' we watched Turkey cut off access to Twitter. Recently China has openly admitted to censoring the Internet. Iran has made it near impossible to log on to all popular western social media sites...

                            Thanks to technological advancements, you can take matters into your own hands and protect yourself while standing up for your own rights. Perhaps one of the best ways to do this is by using a Virtual Private Network, or VPN for short. VPN technology has been on the rise in recent years, especially with all the hype about the NSA and Edward Snowden. Let's take a look at 5 reasons why you should be using a VPN...:"

                            • Log on to Public Wifi with Confidence
                            • Access Blocked Content While Traveling
                            • Bypass a restrictive Network
                            • Share Files Privately
                            • Because You Have A Right To Privacy

                            Read on for details.

                            7 Must-Have Technical Security Controls for Any Budget
                            Help Net Security, November 11th, 2013
                            "Prioritizing items on a security budget can be difficult. Here are seven key technical controls every IT shop should include in a security budget..."

                            • Perimeters defenses
                            • Secure build
                            • Spam and email content control
                            • Network segmentation and isolation of critical assets
                            • Patch management
                            • Anti-virus, anti-spyware, and anti-malware
                            • Data leakage protection and Internet access control

                            Read on for details.

                            12 Hot Security Start-Ups to Watch
                            Network World, November 13th, 2013
                            "Going into 2014, a whirlwind of security start-ups are looking to have an impact on the enterprise world. Most of these new ventures are focused on securing data in the cloud and on mobile devices. Santa Clara, Calif.-based Illumio, for example, founded earlier this year, is only hinting about what it will be doing in cloud security. But already it's the darling of Silicon Valley investors, pulling in over $42 million from backer Andreessen Horowitz, General Catalyst, Formation 8 and others.

                            The cloud's lure is easy to see. More businesses continue to adopt a wide range of cloud services -- whether software-as-service, infrastructure-as-a-service or platform-as-a-service. That means the enterprise IT department needs more visibility, monitoring and security controls for what employees are doing and evidence their data is safe. In addition, employees today increasingly use smartphones and tablets they personally own for work in 'Bring Your Own Device' mode, leading to other management and security questions. When there are perceived security 'gaps,' start-ups see opportunities, as the 12 firms we identify here do..."

                            Beyond Breach Prevention: The Need for Adequate Response
                            CSO Online, November 11th, 2013
                            "If there's been any lesson learned in the past decade, it's that despite tens of billions having been spent on anti-malware, firewalls, intrusion-detection and prevention systems, and other defensive technologies - it's just not realistic for enterprise security teams to expect to be able to stop every attack.

                            Yet, surprisingly, enterprises focus their efforts and their budgets as if they can do precisely that. Sourcefire (recently acquired by Cisco) founder and CTO Martin Roesch, says a recent analysis by the IT security firm found that enterprises currently often only spend as little as 10% on incident response and about 30% on detection: the rest is on prevention..."

                            British Spies Reportedly Spoofed LinkedIn, Slashdot to Target Network Engineers
                            ComputerWorld, November 11th, 2013
                            "British intelligence agency Government Communications Headquarters (GCHQ) reportedly used spoofed LinkedIn and Slashdot pages to compromise the computers of network engineers working for global roaming exchange providers based in Europe.

                            Special teams from GCHQ's My Network Operations Centre (MyNOC) division identified key employees doing network maintenance and security at the targeted companies and determined which of them were users of LinkedIn or The teams then directed the targeted individuals to fake versions of those sites which contained malicious code designed to install malware on their computers..."

                            The Quest for Weak Links in Information Security
                            CSO Online, November 12th, 2013
                            "A widely accepted definition of information security risk is the potential of a specific threat exploiting the vulnerabilities of an information asset, with the following formula used to represent information security risks: Risk = Likelihood x Impact.

                            The potential impact on information, processes and people is typically estimated during a business impact analysis as part of corporate business continuity planning. However, estimating likelihood of information security risks is often guesswork resulting from combined vulnerability assessments and threats assessments..."

                            This Time, It's Personal: Government Spying Hits Google where it Hurts
                            InfoWorld, November 8th, 2013
                            "Google is truly mad over revelations about government spying on its networks. Finally, some good comes from Snowden's leaks?

                            Silicon Valley's reaction to Edward Snowden and his leaks about government surveillance has taken on an indignant tone that was previously missing. All it took for the worm to turn was for the snooping to get personal.

                            After this summer's revelations, Microsoft, Google, and the rest issued tepid calls for 'greater transparency' -- basically asking for the right to report the number of information requests made by government agencies. But now the tables have turned, and the latest leaks reveal that tech companies themselves have been spied on, their networks tapped without their knowledge or cooperation. Cue the outrage..."

                            10 Mistakes Companies Make After a Data Breach
                            CSO Online, November 13th, 2013
                            "The aftermath of a data breach, such as the one recently experienced by Adobe, can be chaotic if not dealt with properly. The result of such poor handling could see organizations facing a hit to reputation, or worse, financial and legal problems. Read on for advice on what NOT to do in the event that your organization is hit..."

                            • No external agencies secured
                            • No engagement with outside counsel
                            • No single decision maker
                            • Lack of clear communication
                            • No communications plan
                            • Waiting for perfect information before acting
                            • Micromanaging the Breach
                            • No remediation plans post incident
                            • Not providing a remedy to consumers
                            • Failing to practice

                            Read on for details.

                              IT - Careers
                              12 Ways to Stand Out at Work
                              Baseline, November 5th, 2013
                              "Here's a not-so-well-kept secret about work: It's too easy to sink into the abyss of anonymity. Some people prefer this because they think it's the best way to hold on to a job - by not making waves. But experts say those who take intelligent risks will better themselves by rising above the crowd, especially if they take advantage of the following 12 tactics to advance their careers. After all, there are many people in your department who are essentially competing for the same kinds of opportunities, but only one person will get that breakthrough assignment or promotion..."

                              • Take on Challenging Projects
                              • Propose Value-Adding Initiatives
                              • Collaborate With Multifunctional Teams
                              • Perform Functions That Help Execs
                              • Be a Go-To Person for Must-Have Needs
                              • Know Your Numbers
                              • Know Your Company
                              • Contribute at Meetings
                              • Clean Your Space
                              • Look the Part
                              • Display Your Knowledge
                              • Know Your Colleagues

                              Read on for details.

                                Tech's Greatest Flip-Floppers: When Big Shots Change their Tunes
                                IT World, November 5th, 2013
                                "Maybe it's not fair to expect consistency from business leaders working in an industry as fast-moving as technology. But thanks to the Internet, the pronouncements of these luminaries are preserved online forever and are easy to find -- and some of their changes of heart have been pretty dramatic. We present for your amusement, in (mostly) their own words, some of the greatest flip-flops in the history of the tech business..."

                                • David Karp on advertising
                                • Bill Gates on software patents
                                • Steve Jobs on PowerPC chips
                                • Google on banner ads
                                • Steve Ballmer on acquiring Yahoo
                                • Larry Ellison on the cloud
                                • Google's legal department on net neutrality
                                • Mark Zuckerberg on teens

                                Read on for details.

                                IT - Social Media
                                Social Media Costs -- and Some Workers Are Paying With Their Jobs
                                CIO, November 11th, 2013
                                "A woman says she was fired from her job at Xerox for posting a photo on Instagram and using the company's name as a hashtag. It's just one example of how social media can cost employees their jobs, expose employers to lawsuits and sour the workplace with distrust..."
                                  IT - Virtualization
                                  Persistent or Non-Persistent VDI?
                                  Brian Madden, November 8th, 2013
                                  "Which VDI deployment strategy is the best, persistent or non-persistent? For years, we've been stating that the persistent approach is more appropriate in situations, mainly because RDSH is equally appropriate in situations where non-persistent VDI could be used. VMware has traditionally argued in favor of non-persistent VDI, which Brian recently called them out on. The argument has dulled slightly as technology has matured enough to bring density numbers more in line with each other (meaning you can support a similar number of desktops on like-hardware in either RDSH or non-persistent VDI scenarios), but there are still issues of complexity, management, infrastructure, and cost that make this a wildly divisive topic.

                                  During the conference, Gunnar Berger organized a debate between two people in favor of persistent VDI - Andre Leibovici & Shawn Bass, and two people that prefer non-persistent VDI - Jason Langone and Jason Mattox..."

                                  IT - Compliance
                                  Why Compliance and Customer Experience Go Hand-in-Hand
                                  Bank Systems and Technology, November 12th, 2013
                                  "The internet has redefined business in too many ways to count, but most importantly it has given every consumer a much louder voice than they ever before enjoyed. For any business that wants success, their business motto must be, 'It's all about the customer experience.' Now that the internet has become ubiquitous in almost every part of life, traditional brick and mortar businesses face a real threat from online competitors. In particular, banks face a new and significant challenge from emerging payment providers..."
                                    IT - Backup
                                    Businesses Offer Best Practices for Escaping Cryptolocker
                                    Network World, November 14th, 2013
                                    "It is an IT nightmare: Businesses hit with the CryptoLocker malware find their electronic files locked up inside strong encryption and the extortionist operating the malware botnet demanding money to give them the security key that would let companies get their data back.

                                    What do you do to escape this crypto hell of ransomware? A few corporations here detail their experiences with the nasty malware and say in many cases back-up and restoration was their only way out..."

                                    IT - Big Data
                                    Big Data & Legal Informatics
                                    Big Data Republic, November 6th, 2013
                                    "Big data has thus far been mainly connected to consumer-orientated domains, but its role in professional domains has been growing.

                                    In Medicine, big data has been utilized to create a persuasive case for evidence-based healthcare; treatment of chronic diseases and health management in conjunction with data from pharmaceutical companies; wellness programs with insurers; and clinical areas such as genetics and gene therapy..."

                                    Big Data Storage and Analytics
                                    SearchStorage, November 11th, 2012
                                    "The term big data analytics has crept into the IT vernacular to represent our fixation on what might be called the 'big data assumption' -- the belief that the answers to all our questions are buried in piles of data. Somehow, if we can compare and cross-reference enough data points, we'll gain insights that will help us beat the competition, catch all the crooks and save the world from the brink of disaster.

                                    The problem is that all this analysis requires lots of data, and therein lies the challenge for IT: How do you capture, store, access and analyze enough data to garner those insights and justify the resources that have been committed to the task?..."

                                    Cool or Creepy? The Ethics of Big Data Is on the Table
                                    SearchCIO, November 11th, 2013
                                    "A few years ago, Kord Davis found himself in meeting after meeting with technologists and product marketers who were -- without exactly knowing it -- discussing the ethics of big data. The meetings went something like this: The technologists would introduce new stuff they could do with data; one product marketer would call it cool and another would call it creepy..."
                                    How Many Data Scientists Does the World Really Need?
                                    CIO, November 11th, 2013
                                    "The tech media buzz surrounding big data suggests that organizations should invest huge sums into hiring and retaining highly skilled (and highly paid) data scientists. But you might not want to submit that graduate school application just yet.

                                    In reality, most firms will address their big data challenges by leveraging data analytics technology and training employees they already have to turn big data into smart data.

                                    For many smaller and mid-sized firms, the hype surrounding big data doesn't resonate, and probably won't translate into hiring, because the challenges those businesses face aren't truly related to Big Data, says Tim Herbert, director of research at CompTIA..."

                                    McDonald's Mulls 3D Printing in Stores as Big Data Causes Headaches
                          , November 11th, 2013
                                    "McDonald's IT services director is faced with an increasingly tough set of challenges posed by the rise of an 'always-on' society. Meanwhile, the firm continues to toy with the idea of new digital attractions for tech-savvy consumers, including 3D printing.

                                    Speaking at the Fujitsu Forum in Germany, Mark Fabes explained how what he calls the 'disruptive customer' is pushing demand for digital playthings, and what McDonald's is planning in response..."

                                    IT - BYOD
                                    How Security is Using IAM to Manage BYOD
                                    CSO Online, November 8th, 2013
                                    "Companies will face next year emerging threats in cloud data storage that will demand security measures that go far beyond what is offered by service providers, a university report says.

                                    In addition, the Georgia Institute of Technology is warning that the bring-your-own-device (BYOD) trend among employees using their smartphones for work will present unique challenges that will need to be addressed.

                                    The prestigious university recently released its 2014 Emerging Cyber Threats Report, giving its researchers take on the security landscape and how companies should respond..."

                                    Why You Need a New Policy for BYOD
                                    Yahoo! Small Business Advisor, November 14th, 2013
                                    "Whether you know it or not, it is likely that at least a few of your employees are using their own personal laptops, tablets and smart phones to work on business data. For small businesses, this may seem like an easy way to increase productivity and control technology costs, but there are risks. If you don't have a comprehensive and enforceable BYOD policy in place, your employees' devices could cost you more than they save.

                                    Larger companies have long known that personal devices and smart business practices do not fit comfortably together. As these devices have become more powerful and ubiquitous, it is time for smaller companies to learn this lesson too. An effective BYOD policy can help you avoid common pitfalls and get the most out of new technologies..."

                                    Top Ten Articles for last few Issues
                                    Vol 189 Issue 1; Vol 188 Issues 1, 2, 3, 4 and 5; Vol 187 Issues 3 and 4
                                    We track how frequently each article is viewed on the web site to determine which the readers consider the most important. For last week, the top 10 articles were:

                                    • Mark Hurd On BT Win, Oracle Growth, And Investing In The Cloud
                                    • Oracle Linux Tips and Tricks: Using SSH
                                    • Oracle, ARM expand collaboration on servers, Internet of Things
                                    • GlassFish Announcement
                                    • Open Source Systems Performance
                                    • Overview of Process Scheduling Classes in the Oracle Solaris Kernel
                                    • Oracle Enterprise Manager 12c Delivers Advanced Self-Service Automation
                                    • Oracle White Paper about Directory Services Integration with Database Enterprise User Security (EUS)
                                    • MySQL Still the Right Choice for ScienceLogic's Best Network Monitoring System on the Planet"
                                    • Oracle Endeca Information Discovery 3.1

                                    The longer version of this article has list of top ten articles for the last 8 weeks.

                                      IT - Server
                                      How to Reduce Server-side Cache Risk
                                      Storage Switzerland, November 11th, 2013
                                      "A cache in a manufacturing environment is an intermediate store of components or partially assembled products, often referred to as 'in-process inventory', that serves to make the overall production process more efficient. In a computer system, caches, also called 'buffers', similarly decouple various components in the data path from each other maximizing the throughput of the system as a whole. Like a factory's in-process inventory, buffers hold data and smooth the transition between components (steps in the 'data production line') that run at different speeds.

                                      Storage systems have caches too..."

                                        Data Center Servers Exposed
                                        Dark Reading, November 11th, 2013
                                        "You definitely don't want to show up on one of HD Moore's Internet scans. But some 35,000 -- and counting -- servers have been found exposed on the Internet by the renowned researcher and his team in their ongoing global scanning project aimed at detecting networked devices in danger of attack. In the latest twist, popular server firmware exposed on the Net also contains multiple zero-day bugs that leave corporate servers open to outside attackers. Rapid7 late last week disclosed several previously unknown security bugs in Supermicro's Intelligent Platform Management Interface (IPMI)..."
                                        Snowden Used Sys Admin Role To Collect Passwords: Reuters
                                        Network World, November 8th, 2013
                                        "Reuters is reporting this morning that former NSA contractor Edward Snowden "persuaded" some two dozen colleagues at a Hawaii government facility to give him their login credentials by claiming it was necessary for him to do his job as systems administrator..."
                                          IT - Encryption
                                          Researchers Dare AI Experts to Crack New GOTCHA Password Scheme
                                          Network World, November 11th, 2013
                                          "If you can't tell the difference between an inkblot that looks more like 'body builder lady with mustache and goofy in the center' than 'large steroid insect with big eyes,' then you can't crack passwords protected via a new scheme created by computer scientists that they've dubbed GOTCHA.

                                          GOTCHA, a snappy acronym for the decidedly less snappy Generating panOptic Turing Tests to Tell Computers and Humans Apart, is aimed at stymying hackers from using computers to figure out passwords, which are all too often easy to guess. GOTCHA, like its ubiquitous cousin CAPTCHA, relies on visual cues that typically only a human can appreciate..."

                                            Chalk Talk with John: Business Value of Identity and Access Management
                                            Conveying the business value of Identity and Access Management to non technologists
                                            Conveying the business value of Identity and Access Management to non technologists can potentially be challenging, especially considering the breadth capability supplied by these technologies.

                                            In this episode of Chalk Talk with John, Bob at Codeaway Valley asks Jim from Middleware Fields how they are able to manage access to buildings and facilities throughout their community. Bob and his team struggle to keep up with the needs of their community members, while ensuring the community's safety. Jim shares his creative solution to simplifying the management of access throughout their community in Middleware Fields.

                                            Trending in
                                            Vol 235, Issue 2
                                            Trending IT Articles