Spring World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 29, Issue 1

Full Contents Now Available!

Jon Seals

LabTech Software is now offering the Symantec (SYMC) Endpoint Protection solution to its managed service provider (MSP) partners. 

The remote monitoring and management (RMM) software provider said Symantec Endpoint Protection now integrates with LabTech and is available for purchase directly through LabTech Software.

"We are excited to begin offering this solution from Symantec," LabTech Software CEO Matt Nachtrab said in a prepared statement. "Through the integration of this product, LabTech Software continues to set the standard for RMM platforms by delivering unparalleled security, allowing administrators to focus on providing their customers with an excellent user experience."

...

http://mspmentor.net/remote-monitoring-management-software/102015/labtech-software-adds-symantec-endpoint-protection-msp-partner

WASHINGTON —The Department of Homeland Security (DHS) Federal Emergency Management Agency (FEMA) National Continuity Programs’ Integrated Public Alert and Warning System Division has begun to assess the feasibility of a public alert and warning capability that is being developed in the private sector.   

New technologies could deliver detailed emergency information to the public with pictures and videos of evacuation routes, storm tracks, and shelter information – increasing community preparedness before, during, and after a disaster. The media alerts will be able to include multilingual and multi-format information to warn non-English speaking populations and people with access and functional needs.  

“FEMA is committed to working with the private sector to examine and improve future alerts and warnings,” said Roger Stone, Acting Assistant Administrator for National Continuity Programs. “New systems could someday include pictures and video as part of the advanced alert and warning information provided to the general public.”

One such technology being considered is the Advanced Warning and Response Network (AWARN).  AWARN works by using advanced capabilities in the next generation of digital television broadcast system called ATSC 3.0 being standardized by the Advanced Television Systems Committee.  The emerging television broadcast standard provides for the transmission of large media rich, data messages over-the-air to mobile, portable, and fixed television and video devices without interrupting ongoing television shows.   

FEMA’s IPAWS is a national system for local alerting. IPAWS enables authorities at all levels of government to alert and warn people in areas endangered by disasters. IPAWS is used by federal, state, and local authorities to send emergency alerts to cellular phones as Wireless Emergency Alerts (WEAs), to radio and television as Emergency Alert System (EAS) broadcasts, to NOAA Weather Radios, and to an All-Hazards Alert and Information Feed for Internet applications, services, and websites.

For more information on IPAWS, go to www.fema.gov/ipaws

###

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Follow FEMA online at www.fema.gov/blog, www.twitter.com/fema, www.facebook.com/fema and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.

The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

Wednesday, 21 October 2015 00:00

Use of Cloud Service Brokers on the Rise

Traditionally, when an enterprise is looking to make a transition to cloud services they go on search to find an MSP that meets their needs. Now however, there is an emerging role in the business of cloud services, the Cloud Service Broker (CSB), a middle man of sorts. Whether a business is looking to move applications to the cloud or invest in cloud-based file sharing, they are increasingly looking to CSBs for help.

Gartner predicts that by 2016, 25 percent of enterprises will secure access to cloud-based services using a cloud application security broker (CASB) platform, reducing the cost of securing access by 30% in the process.

The reason CSBs are becoming so popular probably has something to do with how fast the market itself is growing.  Cisco predicts that by 2018 approximately 59 percent of companies will be using software-as-a-service in some form. On top of that, research shows that employees use an average of 28 different apps for work. In order to provide the necessary services for the enterprise, there needs to be a middle man to facilitate the transition. The good thing for MSPs is that they are already among the most qualified to take on the responsibilities of a cloud service broker. Even if you choose not to add these functions to your business, you should be best equipped to work with CSBs to find the best solutions on behalf of your clients.

...

http://mspmentor.net/infocenter-cloud-based-file-sharing/102015/use-cloud-service-brokers-rise

Wednesday, 21 October 2015 00:00

Do OSHA and HIPAA Rules Stand at Odds?

The Occupational Safety and Health Administration (OSHA) Act[1] requires most employers with 10 or more full-time employees to keep a yearly log of all work-related injuries and illnesses[2].  OSHA prefers that employers subject to the law use its Form 300 to record the required information.  The OSHA Form 300 is an actual, fillable form for employers to record all reportable injuries and illnesses that occur in the workplace, with spaces to report where and when the incidents occur, the nature of the case, the name and job title of the employee injured or made sick and the number of days away from work or on restricted or light duty, if any.

OSHA requires employers to record all new cases of work-related fatalities, injuries and illnesses if they involve death, days away from work, restricted work or transfer to another job, medical treatment beyond first aid, loss of consciousness or of significant injury or illness diagnosed by a physician or other licensed health care professional.  Each recordable injury or illness must be recorded on the 300 log and OSHA Form 301 Incident Report within seven calendar days after the employer receives notice the injury or illness occurred.  The OSHA 300 log requires employers to check one of six boxes to categorize the illness or injury:  injury, skin disorder, respiratory condition, poisoning, hearing loss or “other.”  Employees, former employees and employee representatives are authorized to review the OSHA 300 logs.

...

http://corporatecomplianceinsights.com/do-osha-and-hipaa-rules-stand-at-odds/

Wednesday, 21 October 2015 00:00

Should you review your tape archives?

If your only exposure to the world of data storage has been in the context of a small to medium-sized business or a startup, you’d be forgiven for thinking that magnetic tape is a relic from another era of enterprise computing. Once the de facto standard for long-term data retention, the format no longer gets much airtime in an age of cloud backups and tumbling HDD prices.

Nonetheless, rumours of the magnetic tape’s demise have been greatly exaggerated. According to an Information Age article from September 2014, all ten of the world’s biggest banks and telecoms firms, as well as eight of the world’s ten biggest pharmaceutical companies, are tape users. And as trends like big data pick up steam, there’s more interest than ever for organisations to invest in low-cost, high-volume storage for offline data.

For all their advantages, though, tape archives need to be looked after. It can be tempting to think that business records are out of sight, out of mind once they’re filed away in a format proven to last upwards of decades, but this is a mistake. The reasons for creating a tape archive aren’t trivial – regulatory compliance, mainly, and disaster recovery – and you don’t want to discover at the critical moment that your records are patchy.

...

http://blog.krollontrack.co.uk/pieces-of-interest/should-you-review-your-tape-archives/

Sacramento, CA – The California Office of Emergency Services (CalOES) and the Federal Emergency Management Agency (FEMA) are continuing to encourage Lake and Calaveras county residents with disabilities, or any survivor with additional needs, who were affected by the recent wildfires, to utilize the many available accessible resources to register for assistance. 

People with disabilities are eligible to receive the same services and assistance that are offered to everyone in the declared disaster area, and both CalOES and FEMA are committed to ensuring services and assistance are available for people with disabilities. 

A direct telephone hotline is operational to process any requests from survivors who may need additional assistance. 

  • 916-381-0330
  • TTY CALL 711

In addition, to serve the whole community, certain accommodations are available at Disaster Recovery Centers (DRCs).

  • For those who are deaf or hard of hearing, the DRCs are equipped with captioned phones and iPads that can access video remote sign language interpreters.  On-site interpreters are also available upon request.
  • For those survivors who are blind or have low vision, documents are available in large print and Braille.
  • DRCs have accessible parking, ramps, and restrooms.
  • If a survivor cannot transport themselves to the DRC, FEMA will arrange a home visit. 

The first step for any survivor is to register with FEMA. While one-to-one registration assistance is available at a DRC, survivors may also register online or over the phone. 

  • Online at DisasterAssistance.gov or by smart phone or tablet at m.fema.gov
  • The number to register for assistance is 1-800-621-3362
  • TTY 1-800-462-7585
  • If you use 711 or Video Relay Service (VRS), call 1-800-621-3362
  • Operators are multilingual and calls are answered seven days a week 24 hours a day.
  • FEMA representatives can also register survivors at a location of their choosing if needed.

The application deadline is November 23. For those survivors with a disability, and others with additional needs who require assistance, should not hesitate to contact FEMA and ask for help.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362).  If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Watching the Dell/EMC story, as with any big merger, a lot of misinformation is being tossed about, particularly with regard to what is going to happen to parts of EMC once Dell buys them. Much of this is coming out of the various research firms and is being authored by folks that I know and respect. However, most of it that I’ve seen is poorly founded, because it doesn’t start with Dell’s acquisition process, which is unique within the industry. Granted, that process has largely been used for small acquisitions, but it does scale. Given how successful it has been for Dell and how unsuccessful the more traditionally invasive acquisition processes that firms like HP use are, it would seem unlikely that for any acquisition, let alone one of this scale, Dell would throw out the process that works in favor of one that doesn’t work.

The most recent report I’ve seen suggests that within a few months of the acquisition, Dell will effectively blow up VCE (despite commitments to the contrary), because it competes with Dell’s own converged infrastructure unit. VCE is profitable, growing in the double digits, and a multi-billion dollar business, so any suggestion that Dell would off the venture makes Michael Dell seem like an idiot. I assure you he isn’t, I know the guy. Let me explain.

...

http://www.itbusinessedge.com/blogs/unfiltered-opinion/vce-and-misinformation-surrounding-the-dellemc-merger-is-michael-dell-an-idiot.html

The potential for big problems on the Internet of Things (IoT) makes for scary reading. Last week, The Internet Society released a document titled, “The Internet of Things: An Overview - Understanding the Issues and Challenges of a More Connected World.” It puts security at the top of the list of vital IoT topics, according to a blog at the society’s website by Karen Rose, the society’s senior director, Office of Strategy & Research:

As you will see in the document, we believe the security in the Internet of Things is perhaps the most significant challenge and we believe ensuring security in IoT must be a fundamental priority. Poorly secured IoT devices and services can serve as potential entry points for cyber attack and expose user data to theft by leaving data streams inadequately protected. A proliferation of poorly secured devices also has the potential to impact the security and resilience of the Internet globally.

The challenge must be faced at several levels. Lev Lesokhin, the executive vice president of Strategy at CAST, makes a very important point at Dark Reading. The IoT, he writes, is not introducing security vulnerabilities. Rather, it is increasing the possible damage that will occur when long-known vulnerabilities are multiplied by the huge increase in sensors and other elements that are deployed.

...

http://www.itbusinessedge.com/blogs/data-and-telecom/it-cant-be-said-enough-security-is-job-one-on-the-iot.html

Wednesday, 21 October 2015 00:00

The Many Flavors of Data Infrastructure

It seems that with each passing day, the software-defined data center (SDDC) becomes more of a fait accompli. Data infrastructure will consist of advanced software architectures resting atop commodity hardware, and all but the largest of organizations will shift their entire data environment to the cloud.

This is both cheaper and easier to do, and it will also provide for much greater flexibility and scalability to meet next-generation workloads.

There is nothing wrong with this vision, of course, and with the advent of software-based networking architectures to supplement virtualized server and storage environments, the dream of implementing a fully abstracted data ecosystem is closer than ever. But just because we can do this, does that mean we should? And does that then mean it is the appropriate infrastructure for every organization or every workload?

...

http://www.itbusinessedge.com/blogs/infrastructure/the-many-flavors-of-data-infrastructure.html

Nine out of 10 health care organizations have been breached since 2013.

That is a mind-boggling statistic. And it gets worse. According to Trustwave’s 2015 Security Health Check Report, hackers are causing some costly damage:

[T]he number of individuals who have had their medical records compromised has doubled in the past five years. All told, cybercriminals are wreaking $6 billion in annual damage on America’s largest private-sector industry.

The Trustwave study is just the latest one to report on the serious security issues within the health care industry. An eSecurity Planet article reported on a health care study conducted by Raytheon/Websense, which found that:

...

http://www.itbusinessedge.com/blogs/data-security/health-care-data-equals-big-bucks-for-cybercriminals.html