Spring World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 29, Issue 1

Full Contents Now Available!

Jon Seals

Healthcare Organization Decreases Logon Times from Several Minutes to 15 Seconds

            

SUNNYVALE, Calif.AppSense, the global leader of user environment management (UEM) solutions for the secure endpoint, today announced that Bolton NHS Foundation Trust, a leading UK provider of health services across the community, has chosen AppSense as the user environment management solution for its new secure desktop infrastructure. Using AppSense DesktopNow, Bolton NHS Foundation has successfully rolled out Windows 7 across thousands of desktops and has significantly cut logon times from several minutes to 15 seconds.

 

A UK-based organization, Bolton NHS Foundation Trust (The Trust) provides integrated patient care across over 20 clinics and healthcare centers - including the renowned Royal Bolton Hospital. The company staffs over 4,000 professionals with 600 beds across its facilities. Focused on providing quality care at high volumes, the Trust treats over 100,000 emergency and accident patients as well as approximately 750,000 community attendances each year.

 

With an extraordinary scope of care and multi-faceted treatment options, Bolton NHS Foundation Trust needed a high-impact IT solution. The organization’s 300 clinical-based applications yielded a highly complex infrastructure that created several unique implementation challenges. These challenges were heightened with the need for confidentiality of patient information as well as the coordination across multiple facilities. Accordingly, The Trust sought a virtual desktop solution capable of delivering these high-impact results.

 

This search is precisely what led the company to select AppSense. With an imminent Windows 7 migration and VDI implementation, The Trust needed to execute its projects with minimal disruption to clinical staff. Ultimately, the project needed to allow IT staff to update and support a robust, mobile virtual desktop environment across more than 30 sites while protecting information security and patient safety.

 

With AppSense DesktopNow, The Trust achieved its goals. Not only did it significantly decrease logon times, it successfully migrated to Windows 7 across thousands of desktops and reduced patch failure and exposures to security vulnerabilities.

 

“AppSense allowed us to deliver a much more personalized experience to each user, while simplifying policy and application management,” said Rachel Dunscombe, CIO, Bolton NHS Foundation Trust. “Clinicians get the information they need faster, which reduces clinical risk. It helps us deliver better, faster support. We love it. And we know there’s much more we can do with AppSense.”

“We couldn’t have done it without AppSense,” added Brett Walmsley, CTO for Bolton NHS Foundation Trust. “End of story!”

 

Read the complete case study on the Bolton NHS Foundation Trust’s use of AppSense here: http://www.appsense.com/wp-content/uploads/2015/08/CS_Bolton-NHS_Public_US.pdf. For more information on the use of AppSense solutions in the healthcare industry, please visit: www.appsense.com/care.

 

About AppSense

AppSense is the leading provider of UEM solutions for the secure endpoint. AppSense user virtualization technology allows IT to secure and simplify workspace control at scale across physical, virtual, and cloud-delivered desktops. AppSense Solutions have been deployed by over 3,500 enterprises worldwide to over 8 million endpoints. The company is headquartered in Sunnyvale, CA with offices around the world. For more information please visit www.appsense.com.

OCEAN, N.J. – BankersEdge by OnCourse Learning has partnered with the Compliance Education Institute to offer a six-course portfolio of vendor management training courses.

Included in the series are courses and resources to build, strengthen and sustain an educational and compliant vendor management program, which is paramount to the success and credibility of banks and credit unions.

"We're extremely pleased to be partnering with OnCourse Learning and offering our specialized Vendor Management Series courseware on their industry-leading Symphony platform," said Mick Kless, CEO of Compliance Education Institute. "Combining our leadership position and deep expertise in vendor management issues with OnCourse Learning's position as the industry leader in training and education will result in a very powerful offering to financial institutions across the country."

The BankersEdge course catalog includes hundreds of courses derived from state and federal regulator feedback, requirements stated in key legislation including Bank Secrecy Act and Anti-Money Laundering, and close monitoring of industry developments including actions from the Consumer Financial Protection Bureau.

"Our partnership with CEI will provide a training and education program that can't be found elsewhere," said Michael McNulty, OnCourse Learning Executive Vice President, Financial Services. "This program enhances the knowledge of all levels of staff in all departments throughout the institution — from entry-level to executive management."

The Symphony learning management system is the course delivery mechanism as well as the administrative tracking and monitoring tool. With Symphony, administrators may tailor course delivery to individual learning styles, schedule facilities, plan programs and access reporting information. Programs can be customized by job role and/or merchant needs.

BankersEdge is a leading provider of governance, risk and compliance training for the financial services industry, offering a comprehensive course catalog complemented by its sophisticated learning management system, Symphony. To learn more, visit BankersEdge.com.

Enhanced product extends businesses’ ability to manage and control software vulnerability threats comprehensively across their entire application estates

 

MAIDENHEAD, U.K. – Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises, today announced Vulnerability Intelligence Manager 2016, the latest version of its Software Vulnerability Management product. The new release enhances businesses’ ability to manage and control software vulnerability threats comprehensively across their entire application estates, as cybercrime reaches critical mass and organisations realise the need to respond to the increasing threat of breaches.

 

“In the past years, cybercrime against corporations, organisations and government institutions has become a recognised security threat, and the importance of managing software vulnerabilities is an aspect of security that is receiving acute attention in organisations around the world. Software vulnerabilities are by far the most common entry point for cyber attackers to gain access to the IT infrastructure of any organisation,” said Santeri Kangas, Vice President and Chief Architect of Enterprise Products at Flexera Software. “Consequently, it is necessary to receive vulnerability intelligence for all the products that make up the organisation’s software infrastructure, in order for security professionals to assess, prioritise and mitigate the risk to the business. Vulnerability Intelligence Manager 2016 is the only product that can deliver verified vulnerability intelligence for all systems and applications in the environment, thereby effectively reducing the attack surface for cybercriminals.”

 

New capabilities in Vulnerability Intelligence Manager 2016 include information on alleged vulnerabilities that did not pass the validation criteria by Secunia Research and are therefore not categorised as having a security impact. This benefits customers who need to document decisions to not act on possible vulnerabilities for compliance or auditing purposes. Another new feature enables importing software inventories from Microsoft System Center 2012 to correlate vulnerability intelligence with asset lists, thereby reducing time required to mitigate threat and exposure to incidents and breaches.

 

Verified Intelligence for All Systems and Applications

Covering more than 50,000 software systems and applications, Vulnerability Intelligence Manager 2016 provides the most comprehensive intelligence about software vulnerabilities available to organisations, ensuring that all security threats can be dealt with before the IT infrastructure is compromised by cybercriminals. Through verified vulnerability intelligence covering all applications and systems across all platforms, it effectively reduces the attack surface for cybercriminals, drives prioritisation by handling intelligence, workflows, tickets and alerts, and documents the steps to mitigate the risk of costly breaches.

 

“We’re very happy to successfully launch this new version of Vulnerability Intelligence Manager – formerly a Secunia product – under the Flexera Software brand. The quality of the vulnerability intelligence delivered by Secunia Research is the backbone of the product, and this release demonstrates Flexera Software’s commitment to invest, innovate and deliver the market-leading vulnerability intelligence solutions enterprises have come to expect and demand,” said Maureen Polte, Vice President of Product Management for Software Vulnerability Management at Flexera Software.

 

Resources:

Learn more Flexera Software’s Software Vulnerability Management Solutions:

About Flexera Software

Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimised software investments, and to future-proof businesses against the risks and costs of constantly changing technology. A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: www.flexerasoftware.com.

 

Secunia Research at Flexera Software

In September 2015, Flexera Software acquired Secunia, adding Secunia’s Software Vulnerability Management solutions to complement Flexera Software’s Software License Optimisation and Application Readiness solutions. Under Flexera Software, Secunia Research continues to perform vulnerability verification, issue Secunia Advisories and publish data on the global vulnerability landscape.

 

Follow us on…

·         via RSS

LONDONNaviSite Europe Limited, a Time Warner Cable company today announced its partnership with MetricStream, the market leader in Governance, Risk, and Compliance (GRC) Management Solutions, to deliver Managed Services to expand MetricStream’s GRC cloud offerings in Europe. After a thorough review of several datacentre facilities, MetricStream selected NaviSite for their proven ability to secure sensitive customer data, their ability to provide the highest standards of professional services, and their scalable hosting facilities.

 

MetricStream GRC solutions help organisations simplify, streamline, and strengthen their risk management, regulatory compliance, vendor governance, and quality management programs. With better risk-based information, organisations are able to make decisions that drive superior business performance. MetricStream’s customers are focused on their financial performance, as well as protecting their brand and reputation, and they use MetricStream’s innovative technology solutions and services to achieve superior quality standards, demonstrate compliance, meet regulatory requirements, and manage risk. Working with customers of all sizes from across industries and regions around the world, MetricStream is committed to protecting customers’ sensitive and confidential data.

 

A critical factor in MetricStream’s decision to partner with NaviSite was their responsiveness, professionalism, and methodology in truly understanding the business landscape and customer needs. “At MetricStream, we help our customers build successful, financially sound, and reputable businesses through our compliance and governance solutions,” said Murali Krishnan, Vice President of Technology Operations at MetricStream. He continued, “Driven by significant customer adoption across Europe, and increased demand from European customers for MetricStream’s GRC Cloud offerings, MetricStream conducted a thorough review of several vendors, and selected NaviSite as a critical GRC solutions hosting partner.”

 

Sean McAvan, Managing Director of NaviSite Europe said, “For companies looking to expand into Europe, it’s important to work with a local MSP that can help navigate the changing data regulation landscape in Europe. The pending EU Data Protection Regulation will impact all organisations that either use or process the personal data of EU citizens. With two datacentres in the UK, we’re ideally positioned to provide the facilities, expertise and back-end infrastructure to keep MetricStream customers’ data secure. We look forward to supporting MetricStream and its customers as its business grows in Europe.”

 

About NaviSite Europe Limited

NaviSite Europe Limited is a wholly owned subsidiary of NaviSite, Inc., a Time Warner Cable company, is a leading international provider of enterprise-class, cloud-enabled hosting, managed applications and services. NaviSite provides a full suite of reliable and scalable managed services, including Application Services, industry-leading Enterprise Hosting, and Managed Cloud Services for organisations looking to outsource IT infrastructures and lower their capital and operational costs. Enterprise customers depend on NaviSite for customised solutions, delivered through a global footprint of state-of-the-art data centres. For more information about NaviSite’s services, please visit www.navisite.co.uk

 

About MetricStream

MetricStream is the market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions. MetricStream solutions are used by leading global corporations in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-Tech and Manufacturing to manage their risk management programs, quality management processes, regulatory and industry-mandated compliance and other corporate governance initiatives. MetricStream is headquartered in Palo Alto, California, USA (www.metricstream.com).

Assured cloud services company extends PaaS capability with Hadoop offering

 

LONDON – Skyscape Cloud Services Limited, the easy to adopt, easy to use and easy to leave assured cloud services company has today announced a strategic partnership with Cloudera, the leader in enterprise analytic data management, making Skyscape the UK’s first certified Cloudera Hadoop Platform-as-a-Service (PaaS) provider for the public sector.

 

With UK public sector organisations being the guardians of large amounts of sensitive data, Skyscape is committed to collaborating with partners to offer end-to-end solutions that ensure that data is secure. Skyscape’s Hadoop in the Cloud offering is a highly-secure PaaS implementation, delivered with multiple connectivity options. Organisations can use it as a highly connected, secure and optimised solution for big data from concept through to production — while minimising the investment, time and risk associated with buying and configuring Hadoop infrastructure.

 

Further, customers in the public sector will benefit from a UK-sovereign cloud platform delivered from two secure UK data centres suitable for all data classified at OFFICIAL, including OFFICIAL-SENSITIVE, under the Government Security Classification Policy (GSCP), and for legacy IL0–IL4 solutions. Skyscape’s agile PaaS platform powered by Cloudera enables customers to scale services to meet changing needs as well as peaks and troughs in demand. This will deliver significant cost savings and efficiency improvements for public sector organisations.

 

“Our partnership with Skyscape will provide customers with access to a high standard of secure cloud services and assurance credentials that the UK public sector demands,” said Tim Stevens, vice president, Corporate and Business Development at Cloudera. “Our industry leading security, management, governance and compliance capabilities combined with Skyscape’s highly secure, scalable and agile cloud infrastructure is a great solution for public organizations, enabling them to maximise the benefits of open and big data.”

 

Skyscape’s public sector customers will now benefit from Cloudera’s data management expertise. This will give them access to data that they can share with other public sector organisations, in order to deliver successful big data solutions that will ultimately drive significant improvements to public services. Cloudera’s Professional Services organisation will complement the many solutions delivered on Skyscape’s PaaS assured cloud platform, supporting its ongoing commitment to delivering secure cloud services to UK public sector organisations.

 

“We’re thrilled to announce our partnership with Cloudera, a company that shares our values and objectives to deliver end-to-end solutions that will help improve public services and ultimately benefit UK citizens,” said Simon Hansford, CEO at Skyscape Cloud Services. “Cloudera’s data analytics management, solutions and experience makes it a valuable addition to our growing partner programme.”

 

Launched in August 2013, Skyscape’s dedicated channel partner programme now consists of more than 180 organisations. Focused on delivering secure, high quality yet cost-effective cloud services at scale, Skyscape’s solutions provide a building block for many of its partners’ offerings.

 

About Skyscape Cloud Services

Skyscape’s assured cloud solutions have been specifically designed to meet the needs of the UK public sector, delivering UK sovereign services that are easy to adopt, easy to use and easy to leave, with genuine pay-by-the-hour consumption models. As a UK SME, Skyscape has won a number of high-profile contracts via the G-Cloud Framework and through its large number of channel partners that embed Skyscape’s cloud platform in their solutions.

Skyscape’s full range of services are Pan Government Accredited (PGA) up to IL3, hence suitable for all data at OFFICIAL (including OFFICIAL-SENSITIVE) and connected to government networks including the Public Services Network (PSN), the N3 health network and others. Its services are delivered with leading technologies from the Skyscape Cloud Alliance Partners: QinetiQ, VMware, Cisco, EMC and Ark Data Centres.

Monday, 09 November 2015 00:00

BCI: Lack of resilience in the retail sector

Lack of resilience in the retail sector

Many retailers are leaving themselves open to the high financial and reputational cost of disruption by not investing in business continuity

CAVERSHAM, UK – More than one in five retail organizations do not have a formal business continuity policy in place. That is according to report published today by the Business Continuity Institute and supported by the Retail Business Continuity Association.

The Retail Resilience Report also highlighted that, of those that do have a policy in place, less than half have Key Performance Indicators attached, making it difficult to assess whether the policy is effective. With retailers being at the frontline of modern society where sales can be made or lost in an instant, it is perhaps more important for retailers to have plans in place to manage disruption.

Some of the other findings in the report include:

  • Less than one in ten respondents (9%) claimed their organization was certified to ISO22301, the international standard for business continuity management, although 43% claimed to align to it.
  • Nearly a quarter of respondents (22%) stated they had not conducted a formal Business Impact Analysis, a fundamental part of business continuity management as it provides the data from which appropriate continuity strategies can be developed.
  • Nearly one in ten respondents (9%) admitted that their organization did not have a formal IT Disaster Recovery Plan, while 12% claimed it was still in development.
  • Fires are the number one concern for organizations (63%), closely followed by human illness (62%), cyber attacks (51%) and physical security (51%). 16%, 9%, 12% and 9% of respondents claim to have invoked their business continuity plans due to these threats materialising.

The report underscores the need to get continuity and resilience at the heart of the agenda for retailers, yet there are existing challenges in communicating the value proposition of resilience. There is a need to promote metrics that allow top management to sense the urgency of driving resilience within their organizations.

Patrick Alcantara DBCI, Senior Research Associate at the Business Continuity Institute and author of the report, commented: “The BCI acknowledges the RBCA’s efforts in building resilience across the retail industry through this pioneering study. We believe that it is important for BC and resilience practitioners across different sectors to obtain relevant, industry-specific data that benchmarks their performance and adds value to their practice. This report is an excellent contribution to the retail industry and we encourage other sectors to follow suit.

John Frost MBCI, Head of Business Continuity at Marks and Spencer and Chairman of the RBCA, commented: “The RBCA have been overwhelmed by the number of retailers from across the world that chose to take part in this survey. The results have given Retail Business Continuity and Resilience professionals the ability to benchmark their activities against their peer group for the first time. This visibility will assist with those all-important conversations with Top Management by offering credible evidence and industry comparisons. We would like to thank the BCI for providing their expertise and support for this first survey of its kind, and of course all those who took part. We look forward to developing and improving the survey in the future with the BCI, and supporting our fellow professionals from around the world in developing their retail resilience capability.

Retail organizations depend heavily on technology in building resilience. This may introduce considerable risks and points of failure. Retail business continuity professionals must be aware of this in implementing an agile, holistic and responsive programme lifecycle. Developing relevant competencies within the team is imperative given an evolving retail industry landscape. Retail professionals understand how agility is a competitive advantage in an industry considerably influenced by market trends, rapidly changing tastes and fickle consumer behaviour. Building resilience therefore requires building skills sets among professionals in the ‘protective disciplines’ such as BC that enable them to respond to this context.

For more information please contact the Senior Communications Manager at the Business Continuity Institute – Andrew Scott CBCI – by emailing andrew.scott@thebci.org or by phoning 0118-947-8241.

Notes:

  • Download a full copy of the report by clicking here.
  • Note to the online survey: 104 respondents were from 26 countries.

About the Business Continuity Institute

Founded in 1994 with the aim of promoting a more resilient world, the Business Continuity Institute (BCI) has established itself as the world’s leading Institute for business continuity and resilience. The BCI has become the membership and certifying organization of choice for business continuity and resilience professionals globally with over 8,000 members in more than 100 countries, working in an estimated 3,000 organizations in the private, public and third sectors.

The vast experience of the Institute’s broad membership and partner network is built into its world class education, continuing professional development and networking activities. Every year, more than 1,500 people choose BCI training, with options ranging from short awareness raising tools to a full academic qualification, available online and in a classroom. The Institute stands for excellence in the resilience profession and its globally recognised Certified grades provide assurance of technical and professional competency. The BCI offers a wide range of resources for professionals seeking to raise their organization’s level of resilience, and its extensive thought leadership and research programme helps drive the industry forward. With approximately 120 Partners worldwide, the BCI Partnership offers organizations the opportunity to work with the BCI in promoting best practice in business continuity and resilience.

The BCI welcomes everyone with an interest in building resilient organizations from newcomers, experienced professionals and organizations. Further information about the BCI is available at www.thebci.org.

About the Retail Business Continuity Association

The RBCA was established to assist all business continuity personnel in the retail industry to share views, experiences, and information to the benefit of the sector. The aim of the RBCA is to create a community within which competition issues are set aside for the good of the retail industry at large with a vision to become a resource centre representing all retailers large or small across all sectors and multi government agencies. The core objectives are to: identify and assess the threats and risks to business as usual in retail; promote effective retail business continuity to manage and mitigate the most serious threats and risks; share intelligence and retail business continuity data, information, experience and best practice; recognise and respond to significant changes in threats and risks to retail; and embrace major developments and technologies to aid effective business continuity management. Further information about the RBCA is available at www.therbca.co.uk

In my last threat intelligence blog I discussed my new research on threat intelligence providers. I included a graphic which carved four functional threat intelligence areas: 1) Providers 2) Platforms 3) Enrichment 4) Integration. In December, I will start the next piece of research in the series focusing on Threat Intelligence Platforms (TIPs). This will likely be two reports one focusing on people, process and use cases and the other focusing on the vendor landscape. My presentation at the 2016 SANS Cyber Threat Intelligence Summit will include some perspective on the state of threat intelligence platforms. 

...

http://blogs.forrester.com/rick_holland/15-11-07-starting_soon_threat_intelligence_platforms_research_0

Monday, 09 November 2015 00:00

When to Use a Bare-Metal Cloud

We’re hearing a lot about the “bare-metal cloud” these days. The idea is that you can have cloud services not on a virtualized infrastructure but running directly on local infrastructure or leased hardware in a remote data center.

Naturally, this has a lot of people puzzled as to the difference between a bare-metal cloud, a hosted private cloud, and a standard colocation agreement that just happens to be used for dedicated cloud services. And the truth is, there isn’t really much difference at all, save for various vendors’ ability to differentiate on price, flexibility, scale and integration support.

Some of the latest examples of bare-metal clouds target long-term infrastructure needs like VDI and backup and recovery. Hive-IO’s new software-defined compute solution, for example, provides IaaS support on bare-metal infrastructure, which the company says eliminates vendor-layer complexity and reduces hardware consumption by 30 percent. Hive-IO can be deployed on-premises or in a hosted environment, enabling lightweight infrastructure support for virtual desktops without the usual agents, service line-ups and physical footprints that hamper many VDI deployments. The platform also provides local and/or remote management.

...

http://www.itbusinessedge.com/blogs/infrastructure/when-to-use-a-bare-metal-cloud.html

Monday, 09 November 2015 00:00

Is Disk Storage in Trouble?

On the surface, the future of hard disk drives (HDDs) seems secure. They account for the bulk of all storage capacity shipped and have had a strong growth curve for years. It’s a $32 billion-per-year industry, and HDDs are found in just about every office and home.

But that rosy picture hides some underlying problems. At the high end, 15k SAS and Fibre Channel disk is being squeezed out of the picture by much faster flash for systems that require near-instant response.

“A greater amount of flash was shipped last year than 15k disk, and that trend is not going to stop,” said Chris Powers, vice president of the data center development unit at HP.

...

http://www.enterprisestorageforum.com/storage-hardware/is-disk-storage-in-trouble.html

Where are the big city emergency managers of tomorrow to come from?

That’s a question that Target and Big City Emergency Managers (BCEM) a nonprofit group of emergency managers in the 15 largest U.S. cities are helping to answer. Since 2010, Target and BCEM have hosted the annual “Emerging Leaders” training program at the retailer’s Minneapolis headquarters.

It is a multi-month training process that helps 15 early-and-middle management employees nominated by their BCEM member cities to significantly enhance and expand their emergency management skills.

“Supporting this program is a unique way for Target to give back to the communities we serve,” said Target spokesperson Molly Snyder. “By helping to train these emergency managers on leadership essentials, we are empowering and uniting them with their peers so that they can be effective leaders and support their communities when they need it most.”

...

http://www.emergencymgmt.com/disaster/Target-Helps-Train-Tomorrows-Emergency-Managers-Today.html