Data Protection

Protect your data warehouse

Mon, 14 Jan 2008 06:59:58 -0500

Does your disaster recovery plan include your data warehouse? If it doesn't, you are facing a critical gap that could cost you years of saved data and lots of trouble. Now that data warehousing is increasingly tied to mission-critical applications such as business intelligence, you had better be sure that the mass of data that your office has collected is secure and that it is protected in event of a power outage, a hurricane or any other disaster that could wipe the system out.

"Data warehousing and business intelligence did start out as being not mission critical," said Claudia Imhoff, president and founder of Intelligent Solutions, a Boulder, Colo., consulting firm. "People would extract data out of the operational system and run away into their own environment, completely separated from operations. But in the past 10 years, analytics have become quite critical."

There are many questions about how to treat a data warehouse, including whether it should be absorbed into the IT infrastructure. "The litmus test here is whether a data warehouse becomes so mission critical that when it goes down, people begin to have problems. Then you want to move it into a data center operation. In a lot of cases, those data centers already exist, and they are more than happy to provide an environment for you with 24-by-7 backup and restore and all that,'' Wayne Eckerson, director of research at The Data Warehousing Institute in Renton, Wash., told SearchCIO.This is one more must-do item on the CIO list to make the IT department stronger. CIOs should be asking themselves, "Where would my company be if this data is lost?"

For more you data warehouses:
- See this SearchCIO article

Laptop batteries that won't die

Thu, 03 Jan 2008 06:59:58 -0500

Laptop batteries were never meant to die. But plenty of CIOs have a different kind of experience. Even when fully charged, a laptop battery might last for half the trip across the country, not even even a full non-stop flight. And plenty of executives know that carrying a spare makes for an awkward juggling experience on a crowded plane.

Now a professor at Stanford University has come up with a way of creating longer-life lithium batteries. Yi Cui, assistant professor of Materials Science and Engineering, has developed a way for batteries to produce 10 times the electricity that most batteries are able to do. And that results in as much as 20 hours of device power, nearly enough to fly from New York to Africa without changing batteries or halting your laptop work.

The technology is simple. Instead of using carbon inside a battery, silicon is used in the battery's anode. The silicon can hold much more lithium than carbon. Cui's battery also uses nanotechnology to increase capacity. Cui has already filed a patent, and he is considering the formation of a company that sells these batteries. As the world gets smaller, so does the technology that drives it around. We can only ask: What's coming next?

For more on charging batteries:
- Check out this CIO Magazine Article

Data loss costs a bundle

Thu, 29 Nov 2007 06:59:58 -0500

It doesn't matter whether you are the CIO of a big company or a small one. Losing customer data will always cost you plenty. The Ponemon Institute, an independent information practices research group, concluded that data breaches cost businesses an average of $197 per customer record in 2007, up from $182 in 2006. And when you add it all together, it comes to millions--$6.3 million in 2007, up from $4.8 million in 2006. These are not numbers to sneer at, especially if you are the CIO in charge of the ship. "In the past, there hasn't been the evidence to say that people are losing customers due to a breach," said John Dasher, director of product management for encryption technology company PGP Corporation. "I think that's changing."

There are plenty of reasons for the increased loss of data and many other reasons why customers pack up and leave after an incident. The study identified outsourcing as a major reason for breaches. The report said that breaches attributable to third-party organizations, including outsourcers, contractors, consultants and partners, were reported by 40 percent of respondents--an increase of 29 percent from 2006. Is your data safer or more threatened these days, and what are you doing about it?

For more on data leaks:
- See this Informationweek article

Chaos across the pond

Mon, 26 Nov 2007 07:00:00 -0500

It was a bad week in England when it was disclosed that the personal identity and banking details of 25 million Britons had been lost in the government's internal mail system. The outrage and fallout was similar to several cases that have occurred in the United States when both public and private sector data went missing.

The British government says that it does not know how two compact discs containing the material disappeared. That is not too different from some circumstances here in this country. And it raises the issue of how to protect data around the world at a time when electronic files have become the norm everywhere, not the exception. "Half the country will be very anxious about the safety of their family and the security of their bank accounts, and the whole country will be wondering how on Earth the government allowed this to happen," said the opposition Conservative Party's shadow chancellor, George Osborne.

More importantly, the world is still in its infancy in protecting electronic data and merely saying it is protected does not make it so. There are plenty of tools on the market to restrict access to data, to back it up and to keep it protected. The big question is: are you protecting yours? You should take a second look at what is under wraps and inaccessible to anyone but a very small circle. -Judi

McAfee: Microsoft Visa a security risk

Mon, 19 Nov 2007 06:59:59 -0500

Are you worried about Microsoft Vista's security? You probably should be. Criticism of Microsoft's latest Windows operating system has been common, especially with regard to security. Now McAfee, an intrusion prevention and security risk management company, has identified Vista as one of 10 pending security threats in the coming year. Vista was not alone on the list. CIOs need to sit up and take note about all of these warnings.

The other threats include continued distribution of malicious software and data mining of personal information through popular online applications such as MySpace and Monster.com. Increased proliferation of Storm Worm, a malicious program that began infecting computers in January 2007, remains a threat. And don't forget viruses spread through Instant Messaging programs. What CIO does not have Microsoft Vista in his shop or plans to get it as soon as the program expands? It may be a big issue for every CIO system in the coming year. And we would like to know what you are doing to make sure your Vista system is protected--let us know in the comments.

For more on Vista headaches:
- See this CNNMoney article

Why consultants get axed

Mon, 22 Oct 2007 06:59:58 -0400

Sometimes a CIO has to bring in a tech consultant to upgrade a system. It might happen when there are no people in the IT shop who can handle the task. But there is always a risk in doing this. The consultant may not be on time, the job may be far more complicated than expected, or the consultant and CIO may not be on the same page for efficiently achieving success. In order to protect your company, make sure you have a way out when hiring a consultant. Know who you are hiring and, if at all possible, bring in a trusted consultant that you've worked with before.

To read more on why consultants get axed:
- see this Baseline article

Tech storage grows up Hack attack alert Why consultants get axed Tech storage grows up

Mon, 22 Oct 2007 06:59:58 -0400

Most CIOs realize that hack attacks are becoming more sophisticated. The days of throwing up a firewall to fix a problem are over. And it's less common now for attackers to break in through the front door. It's becoming more likely that an end-user will launch a worm or bot that causes an attack. It's not that hard; a hacker can send 100 spam e-mails to a company and get one lucky hit. So if you are working on your company's computer security strategy, pay at least as much attention to client-side protections as you do the hacker's old habits.

For more on tech threats:
- check out this InfoWorld article

To read more on why consultants get axed:
- see this Baseline article

Data storage is becoming more sophisticated. The use of a rotating magnetized disk is receding, and taking its place are solid state drives (SSDs), sometimes referred to as flash drives. They use no moving parts. SSDs are changing the way CIOs view storage for workstations and data centers. Once packaged, these drives are no different from platter-based predecessors as far as interface controllers are concerned. The key difference is the lack of moving parts, and advancement that will deliver an immediate result: data access is near instantaneous.

For more about storage:
- see InformationWeek article

Data breach costs rising

Thu, 18 Oct 2007 06:59:59 -0400

It might be time to open your company's wallet a little wider. A new study by Gartner says that data breaches are set to cost businesses 20 percent more each year through 2009. Are you ready for increasing phishing and other hack attacks that may take your system down? It's definitely a headache for any CIO. Gartner VP John Pescatore said that more attackers are using the credentials of legitimate users to sneak into secure systems. So what's a CIO supposed to do? Gartner estimates that the average business is already spending more than 5 percent of its IT budget on security, and another 7 percent on disaster recovery. The study also said that 90 percent of targeted attacks could be avoided without an increase in firms' security budgets, and said that the investments that enterprises had made in intrusion prevention, vulnerability management and network access control had largely paid off. Gartner warned that just spending more money was not the right answer. It advised CIOs to make sure that security was a top requirement for every new application, process and product. It also recommended establishing security metrics to measure spending efficiency.

To read about data breaches:
- see Washington Post article

Where to put the data?

Thu, 18 Oct 2007 06:59:59 -0400

Your garage is just not big enough to store all of the data that your company expels each year. And it's getting harder and harder for many CIOs to find a safe place to store all that information. You could try Iron Mountain, which transmits data to a secret location in Pennsylvania. Or you could try someplace more local. To meet this demand, there are several projects underway in Northern Virginia, one of the biggest data hubs in the United States, to store and protect data closer to its origin. Data-center construction accelerated this year, according to John Kraft, chief executive of Server Vault, a data center manager in Northern Virginia. For CIOs, data storage is a growing problem especially in the wake of two recent catastrophes--Sept. 11, 2001, and the Katrina hurricane which devastated parts of the South. It is estimated that there are now 15,000 to 20,000 data centers across the country. Where is yours, and do you need more space?

For more on this:
- see Washington Post article

Tips for avoiding Web hacks

Mon, 08 Oct 2007 06:59:58 -0400

Over the past 18 months or so, websites have replaced email as the main source of risk for being attacked by a hacker. Websites are rich targets for bad guys because most organizations have taken significant steps to "harden" only internal applications. Very little thought, however, is being put into web-development initiatives from a security standpoint while these apps are being built. Security is typically an afterthought that is bolted on after the Web application has been built. The biggest problem is designers aren't building walls within Web applications to partition and validate data moving between parts of the system. Khalid Kark, senior analyst at Forrester, tells InfoWorld, that as a result, most websites can be easily hacked. It is an issue that is being taken on at the Open Web Application Security Project (OWASP). The organization has released a report entitled "The Ten Most Critical Web Application Security Vulnerabilities."

Read about their findings:
- in the article in Infoworld