Incident Management

Plan for power outages

Mon, 14 Jan 2008 06:59:59 -0500

Most of us forget that computer systems are only as good as the electrical power that keeps them up and running. So it is especially alarming to hear that most business continuity plans could not withstand a regional outage lasting more than 7 days. A new Gartner poll found that organizations must grow their business continuity and disaster recovery strategies to make sure that they can handle a power outage lasting at least a month. Gartner surveyed 349 IT professionals from the United States, the United Kingdom and Canada. It found that nearly 60 percent had business continuity plans for outages that lasted only 7 days, and that most companies focused on internal IT disruptions, not regional ones.

"If you start looking at some of the events we've [experienced] over the last few years, companies must plan for events that actually take much longer to recover from," said Gartner analyst Roberta Witty said. "This is an issue [businesses] have to deal with -- it's in front of everyone's face right now."

The survey found that continuity plans were spotty. Only half the companies are prepared to deal with terrorism-related IT outages while two thirds have plans to deal with outages caused by fire. The survey suggests companies must be prepared for quicker responses and should install incident management techniques that work. "That's what [business continuity] is about. If you don't have people to manage it, a data center is useless," Witty said.

For more on getting ready for power outages:
- See this ComputerWeek article

Using SIM tools to protect your networks

Thu, 19 Apr 2007 20:01:36 -0400

Finding problems in network logs is a great way to monitor network activity, but it's next to impossible in large corporations that are capturing as many as 50,000 logged events per second. SIM (Security Incident Management) technologies can help. Many consist of software that gathers logs throughout the network and sends them first to a collection point, then on to a correlation engine, where the data is analyzed. The results are then sent on to a console so that IT managers can assess any potential or actual threats that have been found. This can be a very effective way of collecting log information from a wide variety of sources. The technology is also used by many larger companies to prove they are complying with regulations. SIM systems, from vendors like ArcSight, Network Intelligence, netForensics and eIQnetworks, range from $15,000 to $200,000.

Learn more about SIM systems:
- read the article at TechTarget

ITIL: Not ready for prime time in the midmarket?

Mon, 02 Apr 2007 20:01:38 -0400

Although the IT Infrastructure Library (ITIL)--a sort of roadmap of best practices that helps IT departments adopt more efficient service management--is making great strides in the enterprise, some say that smaller companies won't get the benefits, at least not yet. Implementing ITIL requires making some big changes in infrastructure and working style, and it can be expensive and time-consuming. If you are set on it, though, try service management-specific solution providers like Pink Elephant, Service-now.com, Getronics and TraverseIT LLC, which help companies implement ITIL. Ultimately, however, ITIL will make inroads in the midmarket, and will make IT services more efficient in these companies. By mastering five processes that make up ITIL--incident management, problem management, change management, configuration management and release management--companies can minimize the time to identify and resolve service incidents.

Learn more about ITIL in the midmarket:
- read the article at CIO Decisions

ALSO:
- read this on the ROI of ITIL
- and this on putting business ahead of technology

Merging physical security and IT security

Tue, 06 Feb 2007 19:01:38 -0500

The convergence between physical security and IT security, which began in earnest last year, is crucial to enabling organizations to fully protect their data and networks during security attacks. On the physical security front, important technologies include video surveillance, IP video technologies and alarm technologies, all of which can communicate in real time to provide up-to-the-minute information. The challenge is in managing, correlating and analyzing all of this physical security in an IT framework, in order to drive correct decisions. This can be a complex process often requiring outside assistance, but new technology, such as Security Event Management (SEM) and Security Incident Management (SIM) can help.

Learn more about what it takes to merge IT and physical security:
- read the article at TechNewsWorld