LATEST FEATURE: SAN storage and RAID: maximising efficiency in your data centre

In running a data centre environment, is any single factor more important than system reliability? Probably not. After all, without it you have no data centre. And you have an expensive failure instead.

By NAVEEN LOIUS

System reliability is so vital, entire industries are dedicated to ensuring it. RAID systems are a fail-safe solution to the problem of disk failure. In such an instance, data still exists on other disk(s). Mission critical systems have a fail-over system in place. In the event of any server or network failure, another system will initiate and thus remain on-line. Continue reading →

FEATURE: Remote workers and document management

A virtual private network topology

80 percent of business information resides in documents. Today, the Internet has made it possible to access information from coffee shops and airports anywhere in the world.

By Jon Clark

Access to documents remains a barrier to many remote workers and travelers who rely on people in the office to retrieve files from file cabinets and fax or email those documents. Continue reading →

FEATURE: Planning in uncertain times: 5 strategic steps to success

Budgeting. Image: RambergMediaImages

By ROB PRINZO

The end of August marks the end of summer vacation and the beginning of planning and budgeting season. One small problem: the economic sluggishness that was supposed to be behind us has reared its ugly head once again. With wild swings in the market, who can’t help but feel a bit skittish.

Nevertheless, you want to move your initiatives forward and you’ll undoubtedly be asked for your plan regardless of funding limitations. But how do you prioritize the list of projects that have accumulated over the last year and develop a strategy to move forward in this economic environment? Continue reading →

LATEST FEATURE: Enterprise Apps Forecast – Cloudy But With Chance of Transformation

Enterprise. Image: justshootingmemories

Today’s enterprise application forecast: Cloudy with a Chance of Transformation

By ROB PRINZO

The rapid pace of technology innovation combined with market forces creates the opportunity for organizations to find additional operating efficiencies through technology. These efficiencies are being found through consolidation, shared services, outsourcing and new deployment models such as SaaS and cloud computing. Continue reading →

LATEST FEATURE: Morale versus execution – the great debate

Esprit de corps or hive-minded automata? Picture: justified sinner

BY JOHN TREACE

Morale-the esprit de corps or “spirit of the body”-is the capacity of a group of people to hold a common spirit of loyalty and comradeship.

We think of morale as being deep-seated in the psych of the individual or group. Execution, on the other hand, is the process of reaching an objective as the result of performance. A team’s ability to execute is more of a surface measurement that’s easily evaluated by an outside observer. Continue reading →

LATEST FEATURE: Compliance: A hybrid marital troika?

BY HOWARD SKLAR

Compliance is essential for all organisations, not least because of the financial penalties and reputational damage that come with non-compliance.

This, however, is easier said than done when many organisations have no idea that they are failing to comply.

This can often be the case with global companies where they may find they’re complying in one country but not in another, or across the whole. Continue reading →

FEATURE: Mobile capture – pushing the boundaries

Mobile has been a significant growth area in communications for a long while, and the rapid shift towards mobility can be seen globally. According to Canalys, just under 300 million smartphones were sold worldwide in 2010, which is 80% more than in 2009. As the way we use our devices evolves, the importance of application mobility expands and now permeates a much broader range of industries.

By DAVE EVANS

Mobile phones have become ‘smart’ – they have morphed gradually into the ultimate digital toolkit and personal assistant with an ever more extensive array of functions. From a device designed purely for taking calls, we now rely on smartphones as our primary communication tool, for everything from business communications on the go, through mobile banking, to social networking. This opens doors for different types of businesses to take advantage of the mobility phenomenon. Mobile capture is one of the technologies widening our horizons, delivering tangible benefits to businesses. It unlocks innovative new functions for devices, connecting them with enterprise data management systems for advanced document management. Continue reading →

FEATURE: Cloud Computing Standards: The Great Debate

Cloud confusion debate continues

Justin Pine takes a look at the ongoing debate around cloud standards.

Recent research conducted by Mimecast has found that a large proportion of businesses are now using some form of cloud service, with a further 30 percent planning on adopting more cloud services in the future.

Fashionable new architectures within the technology industry are not unusual. However, even allowing for a certain amount of bandwagon jumping, this rate of cloud adoption has been considerable. Continue reading →

FEATURE: GRC – After The Meltdown, Quo Vadis The Fallout?

Former Enron building in downtown Houston

What is being done to restore confidence in corporate reporting and governance and to avoid future attempts to mislead stakeholders by bolstering systems and process controls?

By PAUL QUIGLEY

When Enron fraudsters were given custodial sentences for their parts in the systemic fraudulent trading activities that epitomised Enron’s fall from grace a decade ago, few could have foreseen that such a sorry chapter in corporate governance could ever plumb such depths of ethical disdain and moral hazard again. Continue reading →

FEATURE: Got a copy in the Cloud?

Copy protection in the cloud

BY CLAIRE GALBOIS-ALCAIX

Ten years ago, if you’d asked a small businesses owner what they did to back up their data, the majority would have pulled a tape from their bag and told you how they swapped out a cassette each night and took them home for safe keeping.

But times have changed and, today, everyone is talking about ‘the Cloud’. So what does that mean? Are all Cloud services the same? And is all Cloud data protected? Continue reading →

FEATURE: The Challenges and Business Benefits of Cloud Computing

A row of racks in a server farm

BY JULIAN BOX
The current economic climate has seen the need for organisations across all sectors to identify cost savings strategies. The term ‘virtualisation’ and the concept of ‘cloud computing’ have been long discussed as cost-saving and business continuity solutions. However, before an organisation considers deploying a virtual environment and eventually utilising the cloud, it is important for companies to understand how this will fit into their overall business objectives.

Improving operational efficiency will yield cost savings as many organisations are still stuck with the inefficient model of utilising both physical only or a hybrid of physical and virtual infrastructure. These types of environments are expensive to purchase and maintain, especially when adding on power and cooling costs in server rooms or data centres. While virtual infrastructure brings about significant cost and resource savings, it also brings challenges and a shift in operations to deliver the ultimate benefits.

    Continue reading →

FEATURE: Optimising application delivery in the cloud

BY OWEN GARRETT

The conversation around the Cloud is moving beyond the IT Manager, as professionals from a range of vertical sectors begin to understand how it can improve business efficiencies.

The Cloud unleashes the power of applications and computer workloads, breaking the ties that hold them to physical servers.

This new-found freedom makes possible an entirely new architecture where the hardware serves the applications and the applications serve the business, rather than the other way round.

    Continue reading →

FEATURE: What is non-production data?

BY RICHARD FINE

Every organisation has some data that is core to their line of business, data without which they would not be able to function.

A retailer needs lists of products and prices. A bank needs accounts, transactions and customer details. A personnel and administration department needs a payroll database, with employee details, tax codes, budget allocations and other details. These data requirements are all critical to the continued operation of the organisation; the environments in which they are used are called ‘production’ or ‘live’ environments, in that they impact the day-to-day activity of the organisation and cannot be allowed to fail. Continue reading →

FEATURE: Cloud – Your Servers Are Virtualised – Is Your Security?

All Your Servers Are Belong To Us

BY ADAM POWERS

From IT consumerisation to user mobility, corporate network and security teams have had their fair share of challenges to deal with over the past few years. These trends have created what is often referred to as the ‘vanishing perimeter’. reducing the efficiency of traditional defences, such as proxy servers, firewalls and IDS/IPS. Continue reading →

FEATURE: Times are a-changin’ for customer communications

In customer communications, ‘the times they are a-changin’ Glen Manchester, CEO of Thunderhead, explains why businesses need to move away from siloed, print-centric document output to a much more flexible solution in order to provide truly customer-focused communications.

For any government or organisation engaging with a wide range of stakeholders, Bob Dylan’s anthem of social change has never rung so true.

Today’s ‘connected’ world is putting pressure on organisations to deliver timely, personal and compelling communications across a range of communications channels. Continue reading →

FEATURE: The box that could break your business

On the way to Iron Mountain

Why it is time to take your information management seriously

BY CHRISTIAN TOON

The way you handle your information could represent a ticking time bomb for your business. If you routinely store your paper documents on office premises, you may be wasting thousands of pounds that could be better invested elsewhere in the business. Continue reading →

FEATURE: The hybrid route to cloud computing

Shepherds' delight

Andrew Halliwell, director of commercial development at Cable & Wireless Worldwide, discusses how a hybrid approach can enable enterprises to adopt cloud technology

Cloud computing has dominated both the news and the business agenda over the past year. Interest in the technology, and more importantly, how best to migrate towards it and maximise the promised benefits, is increasingly at the forefront of the business IT agenda. Continue reading →

Removing the mist surrounding the Cloud

Removing the mist from the clouds

Advanced 365 highlights the key factors that organisations must consider before moving across to a cloud computing model.

ECM Plus - The hype surrounding cloud computing is expected to reach unprecedented levels over the next few years. According to recent research by analysts, CIOs view the cloud as their top technology priority for 2011 and it expects the number of organisations using on-demand computing to rise to 43% within four years. Continue reading →

FEATURE: Moving to PDF/A

For many organisations, fear of change is the biggest hurdle in moving from their current electronic archiving format to PDF/A.

BY GARY HODKINSON

Many believe the transition to PDF/A is difficult to implement and expensive, and that their current systems are ‘good enough’. Throughout Europe and Asia, and increasingly at U.S. federal government and state government agencies, the PDF/A standard is being successfully adopted for long-term archival of scanned and electronic documents. Continue reading →

FEATURE: How to avoid the pitfalls of moving to the cloud

As the hype curve around cloud computing continues north, it’s increasingly easy to get lost in the pressure – perceived or real – coming from all sides to quickly formulate a strategy to leverage today’s IT super trend.

BY CRAIG BEDDIS

The promise of benefits such as fast time to implementation, cheap infrastructure

in a pay-as-you go model, substantially reduced electricity and overall IT costs, and a host of other tantalising would-be benefits can seem overwhelming. But as the old adage goes, cooler heads will prevail. Continue reading →

FEATURE: Cloud and Business Continuity

Although not a new concept, the popularity of cloud computing is continuing to soar, says Robert Rutherford, Managing Director of QuoStar Solutions.

MANY COMPANIES, however, are still unsure about what impact ‘moving to the cloud’ will have on their business continuity plans.

Cloud Computing, and indeed the whole concept of ‘Software-as-a-Service’, is continuing to grow in popularity. Already, these new web-based models of software distribution are completely transforming the way in which companies access and store their business-critical applications and data. Continue reading →

FEATURE: Clarifying the case for cloud

Cloud computing is a hot topic at the moment, and for good reason. With it, companies have the potential to gain competitive advantages that could make a real difference to business performance.

BY MARK BEAUMONT

Whether shorter time to market; services that can be quickly turned up or down; or reduced upfront IT costs, to name but a few. Yet despite its continued evolution, concerns remain. Is cloud computing secure? Will it provide reliable availability? Can an organization maintain control over business-critical systems and data that exist in the cloud? Continue reading →

FEATURE: Key considerations for ‘cloudsourcing’ contracts – CAMM

Cloud computing sample architecture

BY JOHN WALKER

Economics dictates that the CEO, and CFO have a balancing act delivering security, and quality operational services, whilst at the same time, attempting to reduce the organisational and operational costs of delivering the business’ mission.

One opportunity in focus is that of ‘CloudSourcing’, where, depending on the size and type of business, they may be considering engaging in a contract in which part, or all, of their operations are placed into the hands of a Cloud Provider, be this SaaS, PaaS, IaaS or any other such ‘Anything-as-a-Service’ that may accommodate the operational model. Continue reading →

FEATURE: Cloud – how a code of practice can benefit your business

The cloud is at once touted by the industry as the greatest revolution in the delivery of IT services for a generation and an obscure concept by many prospective adopters.

BY ANDY BURTON

Whilst the former is not surprising, the latter is due to the lack of understanding about how to scope cloud services and how to integrate them within the wider IT strategy.

This uncertainty can be compounded by a lack of knowledge of who to trust in balancing an on-premise capability with an online one and has, therefore, made some IT managers and business leaders reluctant towards investing in cloud services.

A credible and certifiable Code of Practice that can provide transparency of cloud service providers and their capabilities with clear guidelines of what is important, and why, is one sure step to advance adoption.

Cloud service providers need to provide information that relates to their business and operations in a standardised format to cut through pure marketing messages to the core of what and how they offer services. By providing answers to essential questions in a common form will enable end-users to make rational and informed decisions on how to progress with specific vendors. As such, a Code can encourage consumers to have clarity and confidence in their choice of provider.

Due to businesses’ uncertainty of how to embark upon a strategy that includes cloud computing, it is important to understand specifically what it is by definition, and, how it can benefit both businesses and end-users at a practical level. Cloud computing at its most basic level enables someone to access computing power and applications ‘online’ via the internet on demand.

To help cut costs for businesses, it is typically offered on a pay-as-you-use or subscription model and there are no capital costs to participate. Operating independently from hardware, it also provides resource and services to store data and run application, in any devices, anytime, anywhere, as a service.

A Code can help end-users to select the best practices and the service providers that are most suitable to their business. It takes into account three key points: transparency, capability and accountability to accurately define the services offered, standards of operation and security.

As it stands, cloud computing is so new and driven by specific vendor messaging that it lacks transparency, and for some that leads to a lack of credibility. A Code can highlight information that’s vital to making an informed business decision, such as stating the vendor’s real legal entity (behind the web presence), where their data centre operations are based, if they are owned by another company, what their operational practices are etc.

In terms of capability, organisations complying with a Code of Practice should have documented management systems, processes and resources in order to deliver services consistently for their customers 24/7 and enable service level information to be accessed by them.

Accountability involves educating the customer on the legitimacy of organisations. Service providers should be accountable for their operational practices and public website declarations, and in particular, they should actualise any public claims that they make about their service on their websites or promotional materials.

A Code of Practice is necessary to engender the trust required between businesses and cloud service providers to collaborate on the delivery of an IT strategy. If cloud service providers follow the requirements within a Code of Practice and make the information needed to make an informed decision available they are able to place a certification mark on their websites that end users will be able to recognise as a public statement of their operational and ethical intent. What is not in doubt is that what we call cloud services will continue to grow in capability and adoption, what is not so clear is the pace at which that transformation will arrive.

Andy Burton is Chairman of the Cloud Industry Forum

 

FEATURE: Cloud computing – the calm before the storm

Sourcefire. Picture: joelesler

Enterprises across the world are hunting down the best way to scale their computing capability. Finding ways to work smarter has become increasingly important in today’s cost-controlled market. IT departments searching for a solution often demand that the infrastructure has to be quick, cheap and dynamic and this is one of the reasons that cloud computing is being touted as a potential corporate game changer.

BY LEON WARD

Cloud Computing has been described as, arguably, the third revolution of IT, following the Personal Computer and Internet revolutions. But like most revolutions, progress towards widespread acceptance of the new regime is likely to take some time, amidst suspicion, a lack of confidence, wise skepticism and some false starts.

Many CIOs are in the process of moving applications and services into the Cloud. Some are considering Cloud-based computing due to economic reasons, while others are looking to create new dynamic IT services. Regardless of the reasons, with organisations contemplating moving to a Cloud environment many are forgetting a potentially fatal element, security. Before an IT director can make a clear sensible decision about a future Cloud strategy, let’s investigate where some risks lie, and work out where responsibility and accountability falls.

Ensuring a security evaluation is undertaken is a ‘must do’. Never simply assume that a service provider’s security is up to scratch. It must be checked. Matt Watchiniski, Sourcefire’s Director of Vulnerability Research Team, endorses this view. He says that as more and more enterprises and organisations move their applications to SaaS platforms, some provider is bound to fail miserably. We haven’t seen the major compromise, but this risk has to be on the horizon. So with storm clouds ahead, who is going to be in the dock when there is a failure? An understanding of accountability needs to be clear. Businesses using these types of services need to make sure they understand who is responsible for fixing these problems when they crop up, and who is legally accountable for the data loss. Outsourcing your data to the Cloud does not equate to outsourcing the risk, if your Cloud provider was responsible for the loss of your customer’s data, you could still find yourself accountable.

The impact of failure

Serious failures within a cloud infrastructure can have repercussions that reach much further than within a single enterprise. Last year, after a major server outage, thousands of users of the Sidekick mobile phone and messaging service were warned that their personal data and photos had “almost certainly been lost”. Over a week later Microsoft, owner of Danger the cloud-computing provider, confirmed that they had managed to recover “most, if not all the customer data”. This example publically highlights the potential danger of entrusting trusting personal data to the cloud, but it doesn’t mean there’s a major design flaw in the Cloud-Computing concept. It’s implementation specific, but it negatively impacts confidence in the whole market.

On the positive side, Cloud service providers typically have more resources to put into security and reliability than most businesses, and far more than a small business. Where would you rather your sensitive, client and internal data was stored? Public clouds advertise a robust, highly physically secure data centre. Additionally there should be a team of on-site security experts focused on protecting that information stored. Compare this to the alternative of the data being stored on a laptop which is continually moving around and being accessed in different locations. The data centre now seems the smart choice, but don’t forget you are handing over your information to someone else, and therefore losing direct control over it.

Compliance matters

Those considering a move to the Cloud need to consider how their market is regulated. Strict codes of conduct apply to many businesses and in some cases, regulations might stipulate that personal data has to remain within a specific country thus ruling out the use of certain providers who distribute data globally. In some situations the storage and processing of information away from a user or the enterprise is seen as a real advantage, a good example of this would be in a government, military or other high-security environment. Because of this advantage I expect to see some near-term implementations of Government controlled and designed community Cloud infrastructures. If those who are accountable for potential data loss are in control of the Cloud constructed to protect it, many of my concerns dissipate and central responsibility can be re-established around critical information that has traditionally been distributed. Imagine a world where DVDs of sensitive data are no longer lost in the post; they are simply re-referenced within the Cloud.

Make sure your house is in order

If the idea of storing and working with your critical data in a shared external infrastructure looks attractive in terms of cost metrics, before looking for a provider it is clear that some research needs to be undertaken.

Firstly, you need to prepare a list of mandatory security controls that you demand around the data you consider most sensitive, and then come up with suggestions of how a provider could potentially demonstrate these controls to you in action. Only then start to research the providers that believe they can meet the demands you place on your data. This should be part of ­any due diligence process. As the service consumer you should be in control of your data wherever it is, and you should have the ability to demand that any provider can prove their security capability, as it is likely that you will ultimately be accountable for a breach. Find out who you call if there is a problem and details around what service can you expect? In times of crisis you need guarantees that it will be prompt and responsive. The Cloud provider needs to be transparent.

If you have performed in-depth research before looking at service offerings you should understand the problems that face Cloud providers. Never be scared to call foul when you see a complex problem with an over simplified solution. It’s a cliché, but if it sounds too good to be true, it probably is. Always make sure you keep the horror show that is accountability in mind. Out of sight should never mean out of mind.

Leon Ward is Senior Security Engineer, Sourcefire – www.sourcefire.com