Take Advantage of a Tiered Network

December 15th, 2011 by rschwarz No comments »

Advance Persistent Threats are a challenge to any IT organization. Security’s rapidly changing landscape makes the problem that much more difficult. Brent Conran, CIO and CISO for the U.S. House of Representatives, gave a presentation on APT at The IMF Fall Sr. Executive Roundtable in Baltimore back in October. He spoke about security operations today and provided some counter measures to combat these threats. Below is a brief excerpt from the presentation’s report on the advantages of tiering your organization’s network (Download the full IMF Report here):

“If your organization has a flat network you should really consider moving away from it. You constantly hear about the need to be agile these days. The reason a lot of companies are not agile is because they have these large flat networks. If you want to put a new piece of technology in you have to perform your risk evaluation process based on the entire network. If you tier your network (fig. 4 page 11) it allows you to look at stuff on the internal enclaves as a different risk model than perhaps something out in the DMZ. The House has tiered a lot of their networks now. They have made the decision to let people do a lot more in the middle or out in the DMZ but they are going to be extremely cautious about anything that enters those internal enclaves. The enclaves contain the payroll system, HR system, and Remedy among other things. They have found that utility architecture saved a lot of money because they are not building point solutions each time. If a new technology is introduced with a web tier, app tier, and data tier it can snap in pretty seamlessly because the infrastructure is already in place. In other words you are just integrating a new application as opposed to buying all of those components.

At this point your conversations will focus on needs and fees, not the cost of building a new point solution. This tiering system has helped the House of Representatives become more agile and benefit its members, staff, and constituents. They receive better information because when a new technology becomes available IT will let it go a lot easier. The House recently installed Skype but without that tiered network environment it probably would have never happened. With that tiered architecture they were able to push a lot of stuff further down into their enclaves, thus making it much easier to bring in Skype…”

Join us this February for our Sr. Executive Retreat at One Ocean Resort Hotel & Spa in Atlantic Beach, FL. Visit the meeting page for more details or view the current agenda.

Share and Enjoy:
  • Digg
  • del.icio.us
  • TwitThis
  • LinkedIn
  • Google
  • E-mail this story to a friend!
  • Facebook
  • StumbleUpon
  • blogmarks
  • Fark
  • Live
  • Ma.gnolia
  • Print this article!
  • Reddit
  • Technorati

No comments »

Posted in IT Innovation, IT Security, Member Identified Trends, Strategy

Tags:

Young IT Professionals Making Their Own Rules

December 14th, 2011 by rschwarz No comments »

As a young professional myself, I find the results of Cisco’s study on Generation Y’s view on IT policies interesting. I’m sure they may cause CIO’s and IT Managers to do a double-take as well. Seven out of ten employees admitted to breaking IT policies with varying regularity. They say their company’s social media policies are outdated. Why are they breaking those polices? Here are a few of the answers:

-          22% cite the need to access unauthorized programs and apps just to get their job done

-          18% admitted the policies are not enforced

-          18% don’t have the time to think about policies when they are working

-          16% said it’s not convenient

-          15% forget

-          14% do it when their bosses aren’t watching them

Now clearly young professionals should be responsible and abide by the rules. However, I think the problem here lies more at the other end of the spectrum, with management. Outdated policies, lack of enforcement, and probably inadequate education on the rules seem to be the major contributors. I don’t think we need babysitters by any means but you have to have some kind of watch dog in place for enforcement purposes. Young people will push the boundaries for better or worse. In their eyes they there trying to be more efficient and there is no malicious intent. If you do not set standards they have no problem setting their own standard and riding that until someone says “no.”

Outdated policies are never a good thing but that is easy to understand because of IT’s rapidly changing landscape. Policies need to be reviewed on a regular basis. If you do not want these young professionals breaking the rules, perhaps give them some input in terms of what to include in the policy. Collaborate and make compromises to cut down on these issues. This also helps the 22% that said they need access to unauthorized programs and apps just to get their job done. I’m sure there are some sites they think they need access to but in truth they are not really necessary. On the other hand, how are they supposed to complete their work in a satisfactory manner if they do not have the proper tools at their disposal? Go ahead and give them the tools they need within reason and you will start to see these numbers drop.

Share and Enjoy:
  • Digg
  • del.icio.us
  • TwitThis
  • LinkedIn
  • Google
  • E-mail this story to a friend!
  • Facebook
  • StumbleUpon
  • blogmarks
  • Fark
  • Live
  • Ma.gnolia
  • Print this article!
  • Reddit
  • Technorati

No comments »

Posted in IT Executive Management, IT Security, IT Workforce, News, Strategy

Tags:

Enterprise Social Media Not Measured in Dollars & Cents

November 22nd, 2011 by rschwarz No comments »

While social media exploded into the consumer space several years ago, it is relatively new to the business world. Enterprises have been reluctant to come around on the notion but their resistance is waning. One of the problems is a difficulty in measuring the impact social media has on the enterprise in its various capacities. It is tough to come up with dollars and cents when your metrics are Facebook “Likes” and Twitter followers. However, thinking about it in those terms can be a rather narrow-minded approach. Instead, think in terms of communications, engagement, and innovation. This article from Information Week asks how you can measure the ROI for these activities. That is an excellent point because if anything, social media gives everyone a voice and promotes collaboration. Now you start to get ideas, problems get solved faster, and innovation moves to the forefront. There are over 800 million people using Facebook in the world today. Those users are in fact your customers, employees, shareholders, and partners. They are already there using the service so it makes little sense to resist the move towards a social enterprise any longer. If the number of people using these social channels continues to grow exponentially like they’re doing right now companies may not have an option.

Dr. Jonathan Reichental, CIO for the City of Palo Alto, California, recently led a Web Forum presentation on “Social Media in the Corporate Environment.” He touched on a lot of these points and highlighted the opportunities that are out there for businesses aiming to shift towards becoming a more social enterprise. To read a full report on this presentation by Dr. Reichental, CLICK HERE.

Share and Enjoy:
  • Digg
  • del.icio.us
  • TwitThis
  • LinkedIn
  • Google
  • E-mail this story to a friend!
  • Facebook
  • StumbleUpon
  • blogmarks
  • Fark
  • Live
  • Ma.gnolia
  • Print this article!
  • Reddit
  • Technorati

No comments »

Posted in IT Innovation, News, Social Media, Strategy

Tags: