Group items tagged

"Private cloud computing offers a number of significant advantages - including lower costs, faster server deployments, and higher levels of resiliency. What is often over looked is how the Private Cloud can dramatically changes the game for IT disaster recovery in terms of significantly lower costs, faster recovery times, and enhanced testability."

In a presentation titled "Computing (strike that - Litigation) in the Cloud," Steven Teppler, senior counsel at KamberEdelson in New York, said cloud computing and services are a corporate counsel's nightmare.

When I joined the Obama administration as the chief information officer, we quickly discovered vast inefficiencies in the $80 billion federal I.T. budget. We also saw an opportunity to increase productivity and save costs by embracing the "cloud computing"

The shift toward cloud services hosted outside the enterprise's firewall will necessitate a major shift in the IT hardware markets, and shrink IT staff, Gartner said. "The need for computing hardware, either in a data center or on an employee's desk, will not go away," Gartner said. "However, if the ownership of hardware shifts to third parties, then there will be major shifts throughout every facet of the IT hardware industry. For example, enterprise IT budgets will either be shrunk or reallocated to more-strategic projects; enterprise IT staff will either be reduced or reskilled to meet new requirements, and/or hardware distribution will have to change radically to meet the requirements of the new IT hardware buying points."

At HIMSS' annual conference this year, Symantec sponsored a survey to find out what the forecast is like for the healthcare IT industry. The consensus: cloudy. In general, the survey showed healthcare providers are beginning to see some of the needs and problems with their current situations. Of the 568 healthcare professionals who responded to the survey, 55 percent said disaster recovery keeps them up at night. This is understandable since a healthcare system is subject to HIPAA and other legal and regulatory requirements as well as having to support complex infrastructures. What makes the situation worse is that many providers don't have a solid plan. Of the systems most likely to have full-proof disaster recovery plans, only 31 percent do.

A survey of high-risk organisations has found that more than three quarters fail to perform quarterly security and compliance training. According to a survey by enterprise key and certificate management solutions provider Venafi and IT security research provider Echelon One, 77 per cent of respondents failed to perform quarterly security and compliance training while 64 per cent failed to encrypt all of its data in the cloud. However 90 per cent did use encryption throughout the organisation. The survey of 420 enterprises and government agencies also found that almost 100 per cent of respondents had some degree of unquantified or unmanaged risk. When asked if their organisations encrypted data stored in public clouds such as Google Apps, Salesforce.com and Dropbox, 40 per cent said they did not know.

"SAN FRANCISCO - May 18, 2011 - The City and County of San Francisco today announced that it will upgrade and consolidate its multiple citywide email systems used by more than 23,000 employees as part of its ongoing efforts to improve the quality and efficiency of its services and reduce IT management costs. "A key part of serving a community as diverse and vibrant as ours starts with making the right investments in information technology," San Francisco Mayor Edwin M. Lee said. "It is our responsibility to make decisions that are fiscally responsible, forward-looking, and improve the services that city and county employees provide to our constituents.""

Just a few weeks ago, Lincoln Medical and Mental Health Center learned a hard lesson. If you didn't see the news reports, the N.Y.-based healthcare provider notified over 130,000 individuals that their records -- including diagnostic information, Social Security numbers, dates of birth, and other information of use to identity thieves -- was potentially lost."

CERT'S PODCASTS: SECURITY FOR BUSINESS LEADERS: SHOW NOTES Tackling Tough Challenges: Insights from CERT's Director Rich Pethia Key Message: Rich Pethia reflects on CERT's 20-year history and discusses how he is positioning the program to tackle future IT and security challenges. Executive Summary CERT's vision is a securely connected world. CERT's mission is to enable informed trust and confidence in the use of information technology. To achieve this vision and mission, CERT has broadened its perspective to include the full system/software engineering and operations life cycle and is reaching out to thought leaders in the global IT and security community. In this podcast, Rich Pethia, director of the CERT Program at Carnegie Mellon University's Software Engineering Institute, discusses the past, current, and future state of Internet security and CERT's role in tackling future challenges as CERT celebrates its 20th anniversary. PART 1: LOOKING BACK, LOOKING FORWARD: THE GOOD, THE BAD, AND THE UGLY CERT's Vantage Point CERT's vision is a securely connected world, supported by CERT's mission of enabling informed trust and confidence in the use of information technology. As the director of CERT, Pethia has unique access to government, commercial, and industry leaders. The Good News Internet use continues to grow, not just in size (number of people, volume of traffic) but also in utility, for example: * the increasing amount of real government and business operations * the introduction of new applications * the growing use of new mobile appliances User awareness of the need to address security is increasing along with increasing attention from service providers (firewalls, virus protection, anti-spyware, data backup). Developers are paying more attention to building security into their products. Vendors have more mature processes for providing cost-effective, timely updates for software vulnerabilities. Users are more willing

Hacking attacks against companies are growing bigger and bolder-witness a string of high-profile breaches this year at Sony Corp., Citigroup Inc. and others. But gone are the days when hackers would simply find holes in corporate networks to steal valuable data. Large companies have grown wise to the threat of hacking, and have spent the past 30 years hardening the perimeters of their networks with upgraded technology.

In many cases, banks or merchant service providers are now sending letters to organizations that have smaller payment card transaction levels and asking them to prove they are compliant by completing a self-assessment questionnaire, he explains.