Archive for the ‘IT Security’ category

« Older Entries
Newer Entries »

Online Activism Takes A Giant Step Forward

January 20th, 2012

By now, unless you’ve been living under a rock the past couple of weeks, you know about the highly controversial SOPA/PIPA Acts being pushed in Congress. Many are upset over these proposals and their potential negative impact on the internet. However, in an unprecedented showing of “online activism” Wednesday, it looks like their cries of foul have not fallen on deaf ears. Aside from Wikipedia’s much publicized “Blackout,” other technology giants like Google, Mozilla, and Craigslist joined the fray in their own personal way. Here were some of the results of Wednesday’s actions, according to a CIO.com article:

-4.5 million people signed Google’s anti-SOPA/PIPA petition, according to the Los Angeles Times

-25 Senators now oppose PIPA (the Senate version of SOPA), according to OpenCongress

-Twitter saw more than 2.4 million SOPA-related tweets between midnight and 4 p.m. Eastern on Wednesday

-Two SOPA co-sponsors and several others dropped support for the House bill

-More than 162 million people saw Wikipedia’s protest page

-More than 8 million people used Wikipedia’s search tool to look up their elected representatives’ contact information

While many are calling the protests a success only time will truly tell the story. The plan, as of now, is to move forward with this anti-piracy legislation. The Senate will vote again on PIPA next Tuesday, January 24th.

****Update****

Senate Majority Leader Harry Reid has announced he is postponing Tuesday’s PIPA vote.

No comments »

Posted in IT Security, News, Social Media

Tags:

Take Advantage of a Tiered Network

December 15th, 2011

Advance Persistent Threats are a challenge to any IT organization. Security’s rapidly changing landscape makes the problem that much more difficult. Brent Conran, CIO and CISO for the U.S. House of Representatives, gave a presentation on APT at The IMF Fall Sr. Executive Roundtable in Baltimore back in October. He spoke about security operations today and provided some counter measures to combat these threats. Below is a brief excerpt from the presentation’s report on the advantages of tiering your organization’s network (Download the full IMF Report here):

“If your organization has a flat network you should really consider moving away from it. You constantly hear about the need to be agile these days. The reason a lot of companies are not agile is because they have these large flat networks. If you want to put a new piece of technology in you have to perform your risk evaluation process based on the entire network. If you tier your network (fig. 4 page 11) it allows you to look at stuff on the internal enclaves as a different risk model than perhaps something out in the DMZ. The House has tiered a lot of their networks now. They have made the decision to let people do a lot more in the middle or out in the DMZ but they are going to be extremely cautious about anything that enters those internal enclaves. The enclaves contain the payroll system, HR system, and Remedy among other things. They have found that utility architecture saved a lot of money because they are not building point solutions each time. If a new technology is introduced with a web tier, app tier, and data tier it can snap in pretty seamlessly because the infrastructure is already in place. In other words you are just integrating a new application as opposed to buying all of those components.

At this point your conversations will focus on needs and fees, not the cost of building a new point solution. This tiering system has helped the House of Representatives become more agile and benefit its members, staff, and constituents. They receive better information because when a new technology becomes available IT will let it go a lot easier. The House recently installed Skype but without that tiered network environment it probably would have never happened. With that tiered architecture they were able to push a lot of stuff further down into their enclaves, thus making it much easier to bring in Skype…”

Join us this February for our Sr. Executive Retreat at One Ocean Resort Hotel & Spa in Atlantic Beach, FL. Visit the meeting page for more details or view the current agenda.

No comments »

Posted in IT Innovation, IT Security, Member Identified Trends, Strategy

Tags:

Young IT Professionals Making Their Own Rules

December 14th, 2011

As a young professional myself, I find the results of Cisco’s study on Generation Y’s view on IT policies interesting. I’m sure they may cause CIO’s and IT Managers to do a double-take as well. Seven out of ten employees admitted to breaking IT policies with varying regularity. They say their company’s social media policies are outdated. Why are they breaking those polices? Here are a few of the answers:

-          22% cite the need to access unauthorized programs and apps just to get their job done

-          18% admitted the policies are not enforced

-          18% don’t have the time to think about policies when they are working

-          16% said it’s not convenient

-          15% forget

-          14% do it when their bosses aren’t watching them

Now clearly young professionals should be responsible and abide by the rules. However, I think the problem here lies more at the other end of the spectrum, with management. Outdated policies, lack of enforcement, and probably inadequate education on the rules seem to be the major contributors. I don’t think we need babysitters by any means but you have to have some kind of watch dog in place for enforcement purposes. Young people will push the boundaries for better or worse. In their eyes they there trying to be more efficient and there is no malicious intent. If you do not set standards they have no problem setting their own standard and riding that until someone says “no.”

Outdated policies are never a good thing but that is easy to understand because of IT’s rapidly changing landscape. Policies need to be reviewed on a regular basis. If you do not want these young professionals breaking the rules, perhaps give them some input in terms of what to include in the policy. Collaborate and make compromises to cut down on these issues. This also helps the 22% that said they need access to unauthorized programs and apps just to get their job done. I’m sure there are some sites they think they need access to but in truth they are not really necessary. On the other hand, how are they supposed to complete their work in a satisfactory manner if they do not have the proper tools at their disposal? Go ahead and give them the tools they need within reason and you will start to see these numbers drop.

No comments »

Posted in IT Executive Management, IT Security, IT Workforce, News, Strategy

Tags: