On January 1, 2015, version 3.0 of the PCI (Payment Card Industry) Data Security Standards replaced version 2.0 as the standard. In other words, what some financial institutions, merchants, and other credit card payments industry members already saw as an onerous process—complying with PCI standards and possibly being audited—is about to get even harder. While I can’t take the blood, sweat and tears out of PCI compliance, as an experienced Qualified Security Assessor (QSA) I can give you some context for why PCI is issuing a new version of its standards, and why 3.0 is a good thing for your business in the end.
By David Honour
As we enter a new year it’s always a good exercise to look ahead at potential changes in the coming 12 months and what these might mean for existing business continuity plans and systems. Will the strategies you had in place in 2014 remain fit for purpose, or will some reworking be necessary? What emerging threats need to be considered to ensure that new exposures are not developing? In this article I highlight three areas which are likely to be the biggest generic business continuity challenges in 2015.
The rise and rise of information security threats
2014 was the year that information security related incidents took many of the business continuity headlines, with attacks increasing in sophistication, magnitude and impact. This situation is only going to get worse during 2015.
The greatest risk is that of a full-on cyber war breaking out, which would inevitably result in collateral damage to businesses. The first salvoes have been seen in a potential United States versus North Korea cyber war; but other state actors are also well geared up for cyber battle, including Israel, Russia, China and India. The cyber-warfare skills of terrorist groups such as ISIS should also not be under-estimated.
While attention is focused this week on the CES 2015 show in Las Vegas and all the new technology, gadgets and apps that may change the way we work in the near future, Pew Research has a reminder of the technology that we truly consider indispensable at work: Email and the Internet.
After a survey of 1,066 adult Internet users, Pew Research analyzed results from those who have full- or part-time jobs. When it comes to the digital work lives of these respondents, the findings indicate, the tools designated as “very important” are nothing new. Sixty-one percent named email, 54 percent “the Internet,” and 35 percent a landline phone. Cell phones and smartphones trailed at 24 percent, and social networking sites grabbed a measly 4 percent.
Pew notes that email is still king despite increasing awareness of drawbacks, including “phishing, hacking and spam, and dire warnings about lost productivity and email overuse.” In fact, 46 percent of respondents said they think they are more productive with their use of email and other digital tools; 7 percent say they are less productive. Being more productive, these workers report, includes communicating with more contacts outside the company, more flexible work hours, and more hours worked.
Freezing weather now sweeping across much of the U.S. brings a greater risk of ice storms and underlines the need for careful planning and heightened safety measures.
In fact, it does not take much ice to create disaster conditions. Even a thin coat of ice can create dangerous conditions on roads. Add strong winds and you have a recipe for downed trees and power lines, bringing outages that can last for days.
Customers Across Education, Energy, Finance, Government, Healthcare, Manufacturing and Retail Speak Out on the Benefits and Value of StorTrends Flash Storage Arrays
NORCROSS, Ga. – StorTrends® today announced the close of a record breaking year as sales for its storage appliances grew by 500% with the introduction of the StorTrends Hybrid (HFA) and All Flash Arrays (AFA).
StorTrends 3500i flash storage delivers the first and only storage area network (SAN) to combine solid-state drive (SSD) caching and SSD tiering into a single storage appliance. Optimized to support VMware, Microsoft Hyper-V, Citrix and RHEV enterprises of all sizes, the StorTrends 3500i is available as a hybrid or full flash array, and delivers dramatic enterprise performance and reliability at an extremely affordable price point.
"The flash-based storage market, which includes both AFAs and HFAs, is on fire. In the first half of 2014, the combined markets grew at noticeably higher rates than what IDC had forecast it to grow with previous projections. Individually, each market segment also outgrew our 2013 forecast projections," said Eric Burgener, Research Director, Storage, IDC. "End users are learning that flash storage provides improved performance, higher reliability, longer endurance and compelling TCO when deployed at scale, as well as enterprise-class data services. Clearly, if you are an end user, you should be considering flash-based arrays when the time has come to retire your existing enterprise storage platforms."
StorTrends Key Milestones:
- Premieres StorTrends 3500i™ SSD Array - StorTrends 3500i SSD Array offers an all-inclusive set of features including SSD Caching, SSD Tiering, Automatically Tiered Volumes (ATV), Automated Data Tiering, and replication with WAN optimization. These features, together with the unique combination of SSD and HDD technology in a slim 3U configuration, deliver up to 64TB of storage capacity within the 3U and expansion capacity of up to 256TB. The SAN storage solution features hot-swappable dual controllers with Active/Active or Active/Passive high availability and redundant, hot-swappable power supply units.
- Introduces StorTrends iDATA™ IT Infrastructure Assessment Tool - a free intelligent data analysis tracking application (iDATA) that provides a comprehensive and accurate assessment of IT infrastructure statistics such as performance, capacity and throughput requirements, in order to find and assess pain points, before they become disruptive, as well as to enable IT professionals to proactively and accurately plan for future IT investment/deployment.
- Launches StorTrends PROFIT Program - offering one of the highest protected margins in the industry to allow channel partners to capitalize on the exploding demand for cost-effective hybrid and/or full flash storage solutions.
Industry Lab Validations Speak to Power of StorTrends 3500i Storage Array:
Taneja Group Technology Validation- "We observed in our hands-on Technology Validation of the StorTrends 3500i array that StorTrends has crafted SSD into a mature, field-proven, and well-architected storage system. With a comprehensive set of storage features and an intriguingly flexible ability to integrate SSDs with the StorTrends cache and tiering architecture, the 3500i showed us that it is ready to deliver superb performance, extreme versatility, and serious value for mid-range storage customers," said Taneja Group founder, Arun Taneja when asked about the report. "The NetNet is there is no need to look for alternatives to make solid state more affordable and practical for the mainstream - with the AMI StorTrends 3500i, it is clearly here."
StorTrends 3500i Validated by StorageReview Enterprise Lab - during independent testing the StorTrends 3500i storage array was deemed a "powerful and easy to deploy hybrid storage platform built for high performance and maximum capacity" - demonstrating top-of-the-class performance in benchmark conducted against well-known Tier 1 storage vendors. "The AMI StorTrends 3500i provides businesses with a powerful and easy to deploy 3U hybrid storage platform built for high performance and maximum capacity. It didn't take long for the StorTrends 3500i to demonstrate its top-class performance during our benchmarking. In the first application test, which measured performance with VMmark, the StorTrends 3500i posted excellent results. The StorTrends 3500i cluster was at or near the top of the pack, slipping ever so slightly at the 10th tile. In the 15k and 30k virtual-user SQL Server benchmark, the 3500i was easily the best of the bunch especially when measuring the average latency. The 3500i recorded only 41ms latency during 30k virtual users benchmark where the second place system posted 133ms; a significant gap in responsiveness. The StorTrends 3500i is able to achieve all of these impressive numbers for a variety of reasons, one of the biggest being how they handle flash. First off, the array offers both caching (a copy of the hot data on SSDs) and tiering (a permanent location of hot data on SSDs), which is relatively rare among the hybrid storage array vendors. Most provide one or the other, which certainly adds to top-line performance, but as we see here, there can be a benefit to using both. AMI is also using higher capacity SSDs for tiering, at 4x800GB in RAID10, 1.6TB usable in a 16-bay system is well above what many competitive systems offer. The drives are also modern, many of the large storage vendors are using SSD technology that's very stable but a few years older. The only thing really working against the 3500i is lack of awareness in a crowded market; that likely won't last long though as the 3500i really shines."
StorTrends iDATA Named "Invaluable" Tool by SSG-NOW - for accurately assessing an IT infrastructure in order to find and eliminate pain points, avoid business disruption and make informed storage investment decisions.
Customers Speak Out on Value of StorTrends Flash Storage Appliances:
"We needed something that was going to perform at the level our SQL servers needed. The specification certainly seemed to be there and pricewise StorTrends compared favorably against other devices in its same class. We found that metrics such as IOPS, throughput, capacity and replication - as well as the flexibility of being able to connect to multiple devices of StorTrends products were higher than our current solution and in the range that we wanted to be."
RTI - Phil Blakely, Network and Systems Administrator
"I cannot stress enough how good the customer service is. The StorTrends team has done nothing but accommodate our needs and bend over backwards for us. Everything has performed as they described and I have never had the feeling of being over-promised or under-delivered."
Charlotte Radiology - Tony Maynard, Manager of Information Technology
"The StorTrends array had the specific capabilities we were looking for, the integration with Hyper-V and a price tag that was much less than we anticipated."
National Fish and Seafood - Andrew Marenghi, IT Director
"When I started here there were already two StorTrends appliances that had been here for about four to five years. They ran flawlessly, untouched for about two more years. I didn't even have to reboot the boxes. I really paid very little attention to them. So, when it was time to add storage for our video project - I was already looking in StorTrends' direction." University of Western Ontario - Clint Bourdeau, Network Systems Specialist
"Indeed, 2014 was a stellar year for StorTrends. Driven by our number one asset - our people, combined with the industry's top storage solution - StorTrends, and relationships with the channel's superstars as the icing-on-top, we grew our customer base with companies large and small, across virtually every industry vertical, around the world," said Justin Bagby, Director of StorTrends. "We look forward to this year, as we continue to hone our product roadmap in order to innovate and deliver the features our customers require to accelerate application performance, protect and ensure data availability, and decrease overall cost and complexity."
Tweet this: Huge sales growth across full & hybrid flash arrays, innovation & channel development = record year for @StorTrendshttp://www.stortrends.com/company/news-events/
StorTrends® from American Megatrends (AMI) isPerformance Storage with Proven Value. StorTrends SAN and NAS storage appliances are installed worldwide and trusted by companies and institutions in a wide range of industries including education, energy, finance, state and local government, healthcare, manufacturing, marketing, retail, R&D and many more. StorTrends meets the challenges and demands of today's business environments by offering a wide variety of solutions from all-flash storage, hybrid storage to spinning disk solutions. StorTrends is backed by 1,300+ customer installations, 125+ storage patents and nearly 30 Years of IT leadership from a company that millions of people trust on a daily basis, American Megatrends, Inc. For further information, please visit: http://www.stortrends.com.
When it comes to mobile computing MSPs should be gearing up for a lot more complexity going into 2015. For all practical purposes usages of mobile computing devices has been fairly limited to accessing email and using browsers to surf the web. But by the end of this year most employees will probably have as many five to ten applications developed by the companies they work for running on their devices. For MSPs that means developing a capability to manage mobile applications, not just the devices they run on, will be critical requirements in 2015.
According to Phil Redman, vice president of mobile solutions and strategy for Citrix, mobile applications almost by definition will be accessing a mix of backend service running on premise and in the cloud. As such, IT organizations will be looking to work with MSPs that not only have application management expertise, but also familiarity with the entire scope of their enterprise IT operations.
Policy uncertainty at home and economic and geopolitical risks overseas are the central challenges facing chief financial officers (CFOs) of the UK’s largest companies as they enter 2015, according to a survey by Deloitte.
Deloitte’s latest CFO Survey gauged the views of 119 CFOs of FTSE 350 and other large private UK companies. It found that risk appetite among CFOs fell in Q4 2014. 56 percent of CFOs say that now is a good time to take greater risk onto their balance sheets, down from a record reading of 71 percent in Q3 2014 but still well above the long-term average. The change was driven by concerns over political and economic risk uncertainties: when asked to rate the level of risk posed between 0 and 100, CFOs attached a 63 rating to the UK General Election and 56 to deflation and weakness in the Euro area and to a possible referendum on the UK’s membership of the EU. The level of risk posed by each factor has risen in the last three months. 60 percent of CFOs enter 2015 with above normal, high or very high levels of uncertainty facing their businesses, up from a low of 49 percent in Q2 2014 but at the same level seen 12 months ago.
Ian Stewart, chief economist at Deloitte, said: “The central challenges facing the UK’s largest companies as they enter 2015 are policy uncertainty at home and economic and geopolitical risks overseas. Rising levels of uncertainty have caused a weakening of corporate risk appetite which, nonetheless, remains well above the long-term average.”
According to preliminary estimates, total economic losses from natural catastrophes and man-made disasters were USD 113 billion in 2014, down from USD 135 billion in 2013. Out of the total economic losses, insurers covered USD 34 billion in 2014, down 24 percent from USD 45 billion in 2013. This year disaster events have claimed around 11 000 lives.
Of the estimated total economic losses of USD 113 billion in 2014, natural catastrophes caused USD 106 billion, down from USD 126 billion in 2013. The outcome is well below the average annual USD 188 billion loss figure of the previous 10 years. The total loss of life of 11,000 from natural catastrophe and man-made disaster events this year is down from the more than 27,000 fatalities in 2013.
Insured losses for 2014 are estimated to be USD 34 billion, of which USD 29 billion were triggered by natural catastrophe events compared with USD 37 billion in 2013. Man-made disasters generated the additional USD 5 billion in insurance losses in 2014.
The BCI has published an updated version of its guide to business continuity legislation, regulation, standards and guidance around the world.
Although not completely comprehensive the guide is probably the best available currently.
The guide starts by listing current and projected international initiatives, particularly those supported by the International Standards Organization (ISO), The European Union (EU) and the Basel Committee on Banking Supervision.
Each entry is categorized into one of four headings:
Legislations: government laws which include aspects of business continuity management by name or are sufficiently similar in nature (disaster recovery, emergency response, crisis management) to be treated as BCM legislation. To be included in this category they must be legally enforceable legislation passed by a national, federal, state or provincial government.
Regulations: Mandatory rules or audited guidance documents from official regulatory bodies.
Standards: Official standards from national (and international) accredited standards bodies which relate to business continuity as a whole or to a specific related subset such as IT service continuity.
Good practice: Guidelines published as good (or best) practice by various authoritative bodies.
By 2050, most of the US coast can expect to see 30 or more days a year of floods up to two feet above high tide levels, says a new NOAA study.
The study, ‘From the Extreme to the Mean: Acceleration and Tipping Points for Coastal Inundation due to Sea Level Rise’, has been published in the American Geophysical Union’s online peer-reviewed journal Earth’s Future.
NOAA scientists Sweet and Joseph Park established a frequency-based benchmark for ‘tipping points,’: when so-called nuisance flooding, defined by NOAA’s National Weather Service as between one to two feet above local high tide, occurs more than 30 or more times a year.
Based on that standard, the NOAA team found that these tipping points will be met or exceeded by 2050 at most of the US coastal areas studied, regardless of sea level rise likely to occur this century. In their study, Sweet and Park used a 1.5 to 4 foot set of recent projections for global sea level rise by year 2100 similar to the rise projections of the Intergovernmental Panel for Climate Change, but also accounting for local factors such as the settlement of land, known as subsidence.