Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 28, Issue 1

Full Contents Now Available!

Jon Seals

Premera Blue Cross, a health insurer based in the Seattle suburbs, announced Tuesday it was the victim of a cyberattack that may have exposed the personal data of 11 million customers — including medical information.

The company said it discovered the attack on Jan. 29 but that hackers initially penetrated their security system May 5, 2014. The attack affected customers of Premera, which operates primarily in Washington, Premera's Alaskan branch as well as its affiliated brands Vivacity and Connexion Insurance Solutions, according to a Web site created by the company for customers. "Members of other Blue Cross Blue Shield plans who have sought treatment in Washington or Alaska may be affected," according to the site.

The company said its investigation has not determined if data was removed from their systems. But the information attackers had access to may have included names, street addresses, e-mail addresses, telephone numbers, dates of birth, Social Security numbers, member identification numbers, medical claims information and bank account information, according to the company's Web site. The company said it does not store credit card information.

...

http://www.washingtonpost.com/blogs/the-switch/wp/2015/03/17/cyberattack-at-health-insurer-exposed-data-on-11-million-customers-including-medical-information

It seems like the breach cycle goes in full circles.

When data breaches began to make the news, the health care industry was hardest hit. Eventually, attacks against the health care industry, while they didn’t disappear, moved off the headlines in order to make room for breaches against the financial industry and retail and entertainment. But then came the Anthem breach, and now the announcement that Premera Blue Cross was hacked, with possibly millions of customers’ medical data exposed. I wouldn’t be surprised if we saw a flurry of news on health care-related attacks in the coming months, either.

The reasons are simple. First, health care organizations hold so much data that is valuable on the black market. You are looking at names, birthdates, addresses, Social Security numbers, insurance numbers, medical records and more.

...

http://www.itbusinessedge.com/blogs/data-security/health-care-industry-returns-as-a-prime-data-breach-target.html

Tuesday, 31 March 2015 00:00

Making a Norovirus Vaccine a Reality

Have you ever experienced severe diarrhea or vomiting? If you have, it’s likely you had norovirus. If you haven’t, chances are you will sometime in your life. Norovirus is a very contagious virus that anyone can get from contaminated food or surfaces, or from an infected person. It is the most common cause of diarrhea and vomiting (also known as gastroenteritis) and is often referred to as food poisoning or stomach flu. In the United States, a person is likely to get norovirus about 5 times during their life.

Norovirus has always caused a considerable portion of gastroenteritis among all age groups. However, improved diagnostic testing and gains in the prevention of other gastroenteritis viruses, like rotavirus, are beginning to unmask the full impact of norovirus

For most people, norovirus causes diarrhea and vomiting which lasts a few days but, the symptoms can be serious for some people, especially young children and older adults. Each year in the United States, norovirus causes 19 to 21 million illnesses and contributes to 56,000 to 71,000 hospitalizations and 570 to 800 deaths.

Protect Yourself and Others from Norovirus.

While there is hope for a norovirus vaccine in the future, there are steps you can take now to prevent norovirus.

Additionally, norovirus is increasingly being recognized as a major cause of diarrheal disease around the globe, accounting for nearly 20% of all diarrheal cases. In developing countries, it is associated with approximately 50,000 to 100,000 child deaths every year. Because it is so infectious, hand washing and improvements in sanitation and hygiene can only go so far in preventing people from getting infected and sick with norovirus.

This is why efforts to develop a vaccine are so important and why in February 2015 the Bill and Melinda Gates Foundation, CDC Foundation, and CDC brought together norovirus experts from around the world to discuss how to make the norovirus vaccine a reality. Participants were from 17 countries on 6 continents and included representatives from academia, industry, government, and private charitable foundations.

Important questions remain regarding how humans develop immunity to norovirus, how long immunity lasts, and whether immunity to one norovirus strain protects against infection from other strains. There are also relevant questions as to how a norovirus vaccine would be used to prevent the most disease and protect those at highest risk for severe illness. These are all critical questions for a vaccine, and this meeting was a step toward finding answers to these questions and making a norovirus vaccine a reality.

For more information on norovirus visit CDC’s webpage: http://www.cdc.gov/norovirus/.

We all know that we need to exercise our business continuity plans, it’s the only way to find out whether they will work. Of course that’s with the exception of a live incident, but during a disaster is never a good time to find out your plan doesn’t work. But what type of exercises should you run, how often should you run them, how to you plan them and how do you assess them?

These are all important questions and are all vital to ensuring that you have an effective business continuity programme in place, one that will provide reassurance to top management that, in the event of a crisis, the organization will be able to deal with it.

This is why the Business Continuity Institute has published a new guide that will assist those who have responsibility for business continuity to manage their exercise programme. ‘The BCI guide to… exercising your business continuity planexplains what the main types of exercises are and in what situation it would be appropriate to use them. It explains how to plan an exercise and what needs to be considered when doing so, from the setting of objectives to conducting a debrief and establishing whether those objectives have been met.

Following feedback from those working in the industry, testing and exercising was chosen as the theme for Business Continuity Awareness Week and the BCI is keen to highlight just how important it is to effective business continuity. A recent study showed that nearly half of respondents to a survey had not tested their plans over the previous year and half of those had no plans to do so over the next twelve months. This guide is intended to make it easier for people to develop an exercise programme and demonstrate that it does not have to be an onerous task to do so.

To download your free copy of the guide, click here. Visit the BCAW website for further guidance and tips on how to develop an exercise programme.

Tuesday, 31 March 2015 00:00

How to Fight the Next Epidemic

SEATTLE — The Ebola epidemic in West Africa has killed more than 10,000 people. If anything good can come from this continuing tragedy, it is that Ebola can awaken the world to a sobering fact: We are simply not prepared to deal with a global epidemic.

Of all the things that could kill more than 10 million people around the world in the coming years, by far the most likely is an epidemic. But it almost certainly won’t be Ebola. As awful as it is, Ebola spreads only through physical contact, and by the time patients can infect other people, they are already showing symptoms of the disease, which makes them relatively easy to identify.

...

http://www.nytimes.com/2015/03/18/opinion/bill-gates-the-ebola-crisis-was-terrible-but-next-time-could-be-much-worse.html

LONDON, UK – March Networks®, a leader in intelligent IP video surveillance for financial institutions worldwide, is pleased to introduce March Networks Searchlight™4 for Banking. The new, video-based business intelligence solution provides banks and credit unions with exceptional insights into customer service, operations and marketing, helping them improve performance and win new business. It also delivers powerful search and investigation capabilities that enable financial institutions to reduce costs associated with ATM skimming, cash harvesting and other fraudulent activity.

 

Most banking organisations have invested significantly in video surveillance systems to ensure the security of their customers, employees and assets. Many have taken that investment further by adopting software applications that combine recorded video with ATM and teller transaction data, making it easier to investigate suspicious transactions.

 

New Searchlight for Banking extends the benefits of integrated data by incorporating intelligent analytics – including people counting, queue length and dwell time – from March Networks’ MegaPX Indoor Analytics Dome camera. Conveniently accessible via the software’s browser-based dashboard, Searchlight provides financial institutions with a complete view of their retail banking business using customisable reporting tools that enable them to:

  • Improve customers’ experience and optimise staffing;
    Searchlight delivers metrics on customer experiences, including wait times and the number of people in line at teller stations or ATMs. Managers can easily run reports to analyse and compare data from one or multiple locations and use that information to optimise staffing or identify where more training is needed. This knowledge is key to branch performance, as customer experience is the most common reason consumers give for opening and closing accounts, ahead of fees, rates, locations and convenience (
    Ernst & Young 2014 global consumer banking survey).
  • Improve fraud defenses and cut investigation costs;
    Searchlight enables banks to identify potential fraud and reduce investigation times considerably with integrated video, audio and transaction data, and the ability to search across multiple sites simultaneously. Managers can easily view statistics on which branch, teller or ATM has the most withdrawals or deposits over a certain amount, for example, and pull up the recorded video for further review. The software can also proactively alert managers or investigators to suspicious activity at an ATM, which could indicate ATM skimming or cash harvesting.
  • Assess financial services and promotional success;
    Measuring how well a promotion is working in a branch, or seeing if it’s been executed correctly across the organisation, can be invaluable to marketing teams. Searchlight delivers visual auditing capabilities and sophisticated metrics on customer dwell times. Staff can use the software to assess how long a potential customer waited to speak with a financial service advisor or if promotional signage is having an impact. If one branch is outperforming, they can use Searchlight to uncover the reasons why and make adjustments at other locations.
  • Enhance security and operations.
    With Searchlight, authorised managers and security/operations staff can remotely spot-check branches from any networked location to assess customer activity, maintenance, policy compliance and overall operational efficiency. The software provides detailed reports on a variety of events, such as when a safe is opened, and makes it easy to review suspicious activities using synchronised video and audio.

“Searchlight extracts relevant information from vast hours of recorded video and data and turns it into effective business intelligence,” said Net Payne, Chief Marketing Officer, March Networks. “It gives financial institutions the insights they need to improve customer service and overall performance, and allows them to leverage investments they’ve already made in video surveillance by extending the value it delivers to additional groups within the organisation.”

 

For a demonstration of the new Searchlight for Banking platform please contact March Networks: PreSalesEurope@MarchNetworks.com. For more information, please visit www.marchnetworks.com.

http://www.marchnetworks.com/company/news-center/default.aspx

 

About March Networks

March Networks®, an independent subsidiary of Infinova®, is a leading provider of intelligent IP video solutions. For more than a decade, the company has helped some of the world’s largest commercial and government organizations transition from traditional CCTV to advanced surveillance technologies used for security, loss prevention, risk mitigation and operational efficiency. Its highly scalable and easy to use Command video management platform incorporates a web-based client interface to enable rapid system deployment and complete system control. It is complemented by the company’s portfolio of high-definition IP cameras, encoders, video analytics and hybrid recorders, as well as outstanding professional and managed services. March Networks systems are delivered through an extensive distribution and partner network in more than 50 countries. For more information, please visit www.marchnetworks.com.

March Networks, March Networks Searchlight and the March Networks logo are trademarks of March Networks Corporation. Infinova is a trademark of Infinova Corporation. All other trademarks are the property of their respective owners.

New Product Automates Production of Sophisticated Data Integration, Cleansing, and Mastering Processes

 

NEW YORK, NY – Information Builders, a leader in business intelligence (BI) and analytics, information integrity, and integration solutions, today announced the launch of Omni-Gen™, an enterprise software product that accelerates the deployment of complete master data management (MDM) and data integration applications.

 

Omni-Gen codifies and automates the best practices associated with multi-domain MDM application implementations. These processes involve data integration, cleansing, and mastering, and are usually implemented manually, with months spent on specification, design, coding, and testing. Omni-Gen, by contrast, enables organisations to develop the models and “golden records” they desire for a result and then automatically generates the processes needed to complete the job.

 

As a result, months of development work and rework can be reduced to weeks of model-driven, agile-enabled design. Issues that might otherwise be forgotten or get lower priority, such as change history maintenance and automatic management of cross-domain references, are built into the Omni-Gen generated processes. This ensures a better and more comprehensive result on the very first cut of a project.

 

Omni-Gen also dramatically reduces the time to value for analytics. Because Omni-Gen begins with end results in mind, users can create data marts, visualisations, and reports from the MDM model even before the repository is fully populated with production-ready data. This parallel effort ensures that analytics won’t lag data availability.

 

Omni-Gen includes previously available technology components for data access, transformation, validation, enrichment, cleansing, and mastering, as well as new modeling, process generation, and process management capabilities needed to automate best-practice MDM application development. Organisations will also benefit from an app store-like facility that enables the sharing of templates and artifacts across teams.

 

“Many organisations think that MDM is a big project, maybe even out of their reach,” said Gerald Cohen, president and CEO of Information Builders. “Omni-Gen is going to make MDM far faster to implement and more cost-effective for companies that are already doing it, and enable a lot of others to reap benefits they never thought they’d see. It’s a game changer.”

 

About Information Builders

Information Builders helps organisations transform data into business value. Our software solutions for business intelligence and analytics, integration, and data integrity empower people to make smarter decisions, strengthen customer relationships, and drive growth. Our dedication to customer success is unmatched in the industry. That’s why tens of thousands of leading organisations rely on Information Builders to be their trusted partner. Founded in 1975, Information Builders is headquartered in New York, NY, with offices around the world, and remains one of the largest independent, privately held companies in the industry. Visit us at informationbuilders.com, follow us on Twitter at @infobldrs, like us on Facebook, and visit our LinkedInpage.

Unique bring your own key capability enables you to have total control over your keys and sensitive data in the Azure Cloud

 

PLANTATION, Fla. Thales, leader in information systems and communications security and pioneer with Microsoft in bring your own key (BYOK) technology, announces the launch of its BYOK Deployment Service Package. The new service offering makes the process of creating and securely transferring keys to Microsoft Azure cloud easy and allows organizations to take advantage of cloud services with greater confidence.

 

Cloud services like Microsoft Azure Rights Management Services (RMS) offer organizations flexibility, convenience and cost-effectiveness. BYOK provides the added confidence that the keys used to protect your sensitive data in the cloud are under your exclusive control.

 

The Thales BYOK Deployment Service Package provides everything you need to safely generate and transfer your own keys to the Microsoft Azure cloud. The service package includes an nShield hardware security module (HSM) and the professional services to quickly get you cloud-ready and in control of your sensitive data and keys in the cloud.

 

Key benefits:

  • Take advantage of cloud services with confidence
  • Secure your sensitive data with keys that you fully control and are never visible to Microsoft
  • Ease of deployment - receive expert guidance on how to securely generate and securely transfer your keys to the cloud
  • Protect and manage your keys on your premises with robust FIPS 140-2 certified hardware

Dan Plastina, Group Manager, Microsoft says:
"The Azure Rights Management service helps customer safeguard their data, both inside and outside of the organization. Our collaboration with Thales on BYOK puts the customer in control of their keys. Organizations can generate their RMS master keys on-premises, using their own Thales HSMs, and then securely transfer those keys to our Azure-hosted Thales HSMs. The new Thales BYOK Deployment Service Package now makes the process of getting started even easier, providing everything that's required to successfully deploy, generate, and transfer your own keys to the Azure cloud."

 

Richard Moulds, vice president strategy at Thales e-Security says:
"The goal for any security-oriented cloud service is to convey confidence that sensitive data in the cloud is protected, confidence that different tenants are strongly segregated and that control over critical security assets such as cryptographic keys remains with the customer. BYOK and the use of HSMs can protect both the consumer and the cloud provider and build the confidence to trust the service with an organization's most valuable assets. Customers new to hardware security module technology often find that expert assistance can make for a smooth and secure deployment and our BYOK Deployment Service can be tailored to meet a customer's specific need."

 

Expert consultancy
Thales Advanced Solutions Group (ASG) is ready to help you deploy BYOK for your Azure cloud. A dedicated consultant will spend time at your location to explain the technology behind BYOK and take you step-by-step through the process of generating your own keys on your own premises. The consultant will instruct you on how to securely transfer these keys to the Azure cloud, and help you plan the key generation ceremony as well as assist you in conducting it. In addition, you will be left with a step-by-step document detailing the ceremony for future reference.

 

Supporting resources:
Whitepaper: Hardware Key Management in the RMS Cloud www.thales-esecurity.com/msrms

 

Microsoft RMS BYOK Guidance: technet.microsoft.com/en-us/library/dn440580.aspx

 

Updates on Microsoft RMS: www.twitter.com/TheRMSGuy

 

For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs

 

Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube

 

About Thales e-Security
Thales e-Security is a leading global provider of trusted cryptographic solutions with a 40-year track record of protecting the world's most sensitive applications and information. Thales solutions enhance privacy, trusted identities, and secure payments with certified, high performance encryption and digital signature technology for customers in a wide range markets including financial services, high technology, manufacturing, and government.  Thales e-Security has a worldwide support capability, with regional headquarters in the United States, United Kingdom, and Hong Kong. www.thales-esecurity.com   

 

About Thales
Thales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 61,000 employees in 56 countries, Thales reported sales of €13 billion in 2014. With over 20,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements. Its unique international footprint allows it to work closely with its customers all over the world.

Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe's leading players in the security market. The Group's security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure.

Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France and the United Kingdom.

World Backup Day on Tuesday 31st March underscores the importance of properly and diligently deploying, testing and validating backup solutions to prevent data loss

 

EPSOM – Employing a backup solution does not entirely eliminate data loss. That’s the main takeaway from updated data released today from Kroll Ontrack, the leading provider of data recovery and ediscovery. The 2015 survey [1] of customers who lost valuable computer data confirms that the majority of consumers and businesses are implementing backup solutions, but unintentional gaps in back up protocols are nevertheless proving costly. For the third-year running, well over half (61 percent) of respondents had a backup solution in place at the time of data loss, down slightly from 65 percent in 2014 and 63 percent in 2013.

 

With 71 percent of respondents backing up their data on a daily (42 percent) or weekly (29 percent) basis, why is data loss still so prominent? Unfortunately, minor oversights or an unknowingly non-functioning backup can render backup procedures ineffective. In fact, this year’s survey data shows that of those who had a backup in place at time of data loss:

  • 21 percent report that their backup was not operating correctly
  • 21 percent simply did not have their device included in their backup procedure
  • 19 percent report their backup was not current, reducing the likelihood of retrieving needed data

“What stands out once again this year is that it is not enough to simply deploy a backup solution and hope for the best,” said Paul Le Messurier, programme and operations manager at Kroll Ontrack. “When nearly three-fourths of respondents confirm they are regularly backing up data yet are still experiencing data loss, the criticality of a complete backup strategy becomes crystal clear. This includes regularly validating that your solution is functioning as expected, and frequent testing and monitoring to ensure the backup is current and complete. In cases where oversight or backup failure leads to data loss, consider enlisting the assistance of a reputable and experienced data recovery provider.”

 

Backup Methods and Barriers to Use

Once again in 2015, of those respondents utilising a backup solution, external hard drives prevailed as the most used approach (68 percent) for both business and personal data (compared to 63 percent in 2014 and 59 percent in 2013). Only 16 percent report leveraging cloud backup and five per cent tape backup.

Of those respondents not utilising a backup solution, 87 percent (compared to 89 percent in 2014 and 96 percent in 2013) said they are extremely likely or somewhat likely to seek a backup solution, with external hard drives as the preferred method (77 percent). When asked about the primary barriers preventing adoption of a backup solution, time to research and administer a backup solution remained the most common reason, cited by 50 percent in 2015, compared to 49 percent in 2014 and 56 percent in 2013. Expense of backup solution, cited by 31 percent of respondents, was the next most common barrier to leveraging a backup solution.

 

World Backup Day (31st March, 2015) marks an excellent opportunity for individuals and businesses alike to evaluate their backup technology and protocols. Kroll Ontrack recommends taking the following proactive measures when implementing a backup solution to optimise results:

  • Set up a backup schedule that includes coverage for all identified devices and media
  • Ensure that backups are running regularly and in accordance with the determined schedule
  • Regularly check backup reports for error indications of failure
  • Test backups on a regular basis to validate that data has been accurately captured and files are intact

[1] Kroll Ontrack surveyed 841 Ontrack Data Recovery customers across North America, Europe and Asia Pacific.

http://www.krollontrack.co.uk/company/press-room/press-releases/world-backup-day-2015/

 

About Kroll Ontrack Ltd.

Kroll Ontrack provides technology-driven services and software to help legal, corporate and government entities as well as consumers manage, recover, search, analyse, and produce data efficiently and cost-effectively. In addition to its award-winning suite of software, Kroll Ontrack provides data recovery, data destruction, electronic discovery and document review. For more information about Kroll Ontrack and its offerings please visit: krollontrack.co.uk, follow @KrollOntrackUK on Twitter or subscribe to the Kroll Ontrack Data Blog.

Simplifies roadmaps and strategies for data center transformation

NEW YORK – Dimension Data, the $6.7 billionglobal ICT solutions and services provider, today launched a new maturity tool that helps organizations assess their capabilities and prioritize initiatives for building a next-generation data center.  The Data Center Development Model – the first assessment that covers such a broad spectrum of the data center – was created off the back of strong demand from clients seeking guidance and actionable plans to make their data centers more responsive and agile.

According to Steve Joubert, group executive for data centers at Dimension Data, global competitive pressures brought on by social, mobile, analytics and cloud have had a tremendous impact on data centers to transform to remain relevant. “Every client we speak to is looking for ways to transform their data center to become more responsive to business needs. This is not an easy undertaking.”

With the expansion of the data center beyond traditional boundaries to include cloud, networking and security, it is important to look at these areas holistically and not in isolation. A change in one area can have a costly impact in another. Most IT departments still have siloed functions and do not understand the impact of their projects on other parts of the infrastructure, including the data center. And deciding where to start for the maximum benefit, is not easy either.

For example, Dimension Data has seen that virtualization and converged infrastructure projects that do not include a review and strategy for the underlying network, can increase the ultimate cost of the project three-fold.

“It’s with this in mind that we developed the Data Center Development Model. It’s all about helping our clients make the shift to new operating models across the entire next-generation data center, while focusing on business outcomes with technology being the enabler and differentiator, instead of a hindrance,” said Joubert.


Dimension Data’s Data Center Development Model is ideal for organizations that need to understand the requirements of building a future-state data center. The Model scrutinizes the 11 critical domains in the data center (“as-is” state) and what their future needs are (“to-be” state). The output of the workshop-style engagement is a roadmap, which provides practical implementation recommendations for the most valuable initiatives around their data center. Recommendations include:

       identifying infrastructure gaps in an organization;            

       determining the most efficient operating model for the data center, inclusive of management  and operations;

       understanding the best ways to exploit public cloud, hosting and co-location where it
creates value for the business;

       ensuring the network is geared to support the journey of transformation; and

       embedding security at every step of the journey.

Joubert said that Dimension Data has already helped a number of organizations using its Data Center Development Model with excellent results.  “We helped one organization build a virtual data center, which delivered a 30 percent reduction in real estate through consolidation and data center design. Another client saw new resources deliver services 75 percent faster to its end-users leveraging network extensions to cloud resources.”

About Dimension Data
Founded in 1983, Dimension Data plc is an ICT services and solutions provider that uses its technology expertise, global service delivery capability, and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group. Visit us at http://www.dimensiondata.com/en-US and www.facebook.com/DimensionDataAmericasor follow us on Twitter: @DimensionDataAM.