Fall World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 30, Issue 2

Full Contents Now Available!

Jon Seals

Jon Seals

Jargon crops up everywhere, and business continuity is no exception. RTO, RPO, BIA, and others are often sprinkled liberally into conversations, plans, and reports.

Sometimes expanding the abbreviation makes things clearer to the uninitiated: for example, the terms “recovery time objective” (RTO) for an IT system and “business impact analysis” for BC planning give some hint of what lies behind them.

But what about “recovery point objective” (RPO), also one of the commonest terms used in defining a suitable disaster recovery/business continuity plan? Would we be better off if we banned the use of such jargon?

Banning probably wouldn’t work. For one thing, it would be the curtailing of free speech, and for another, like weeds, jargon would spring up again anyway. We need a better way of managing business continuity jargon, recognizing that it also has its uses.

...

http://www.opscentre.com/business-continuity-jargon/

We all want to know something others don’t know. People have long sought “local knowledge,” “the inside scoop” or “a heads up” – the restaurant not in the guidebook, the real version of the story, or some advanced warning. What they really want is an advantage over common knowledge – and the unique information source that delivers it. They’re looking for alternative data – or “alt-data.”

From the information age where everyone took advantage of easy access to information, we are now entering an age where everyone seeks alternatives: new sources of information and innovative ways of deriving unique insights.  This is the “Age of Alt.”

We know that business leaders want to better leverage data and analytics in their decision-making. But more importantly most decision-makers want to supplement their own data with external data; 81% tell us they want to expand their ability to source new external data.  Demand for data is exploding.

...

http://blogs.forrester.com/jennifer_belissent/17-06-22-the_age_of_alt_data_commercialization_brings_alternative_data_to_market

Friday, 23 June 2017 15:35

5 Hot Storage Technologies to Watch

Many technologies are billed as hot, exciting and revolutionary. But which ones are really deserving of that moniker? Which ones are destined to change — or are changing — the storage universe?

Enterprise Storage Forum asked the experts.

...

http://www.enterprisestorageforum.com/storage-technology/5-hot-storage-technologies-to-watch.html

What comes to mind when you hear the word “compliance”? Do you shiver, sigh, break out into hives, or all three? Believe it or not, your compliance colleagues are crucial to your social marketing success. This is especially true for marketers in regulated spaces such as financial services, healthcare, and pharmaceuticals. I can share from personal experience that my social marketing success at American Express was in part due to the relationships I fostered with compliance, legal, and even outside legal counsel — in fact, I’m still in touch with those former colleagues. Given the importance of breaking down the marketing compliance silo, I partnered with my colleague Nick Hayes on a new report, . And though the intention of this report is to help marketers in regulated industries, Nick and I both agree that all marketers can benefit from it.

...

http://blogs.forrester.com/erna_alfred_liousas/17-06-22-start_silo_busting_strengthen_your_relationship_with_compliance

We all make mistakes, and CCOs are no exception. While CCOs are a creative and dedicated bunch, they are often susceptible to these five common mistakes. Probably unsurprisingly, the cure for these ills is more due diligence and more relationship building.

Chief Compliance Officers are fallible – I know that is not a controversial statement. To err is human, and CCOs are members of the human species.

With the enormous expectations placed on CCOs’ shoulders, they are bound to make some mistakes. I have seen CCOs who have run into difficulties, and occasionally they have contributed to the problem through their own behaviors.

I thought I would identify some of the common mistakes I have seen. It is hard to generalize, but I have observed some common themes.

...

http://www.corporatecomplianceinsights.com/top-5-common-mistakes-made-ccos/

The Business Continuity Institute

One in ten small business owners and employees are regularly putting the security of their data at risk by sharing confidential files on personal devices, or sending documents to personal rather than work emails. This demonstrates a significant lapse in data security among the UK’s five million plus small businesses.

The study by Reckon also found that a quarter of small business owners (25%) and their teams save documents onto their desktops rather than a central server. This also means there is less likelihood of the data being backed up, so should a computer failure occur then the data could be lost. These statistics were just as prevalent in larger SMEs, those with a turnover of £10 million or more, as the findings showed that the same 10% of these larger businesses sent documents to personal devices and a third saved documents on desktops rather than central servers.

"We believe the reasons behind these data breaches may include ease of access when working remotely, and keeping documents to hand rather than sorting through mismanaged folders," said Mark Woolley, Commercial Director at Reckon.

Sending and saving documents incorrectly and to personal devices breaches basic data security guidelines and could even put employers and employees at risk of breaching data protection laws. Such practices also place confidential information at risk of hacks or unauthorised use, and also mean that employers cannot provide complete audit trails of documents within their own business.

It’s concerning that so many SMEs in the UK are ignoring basic data protection rules. The findings are especially worrying where SME owners are involved, as they are placing their own organization’s sensitive information at risk. Incorrectly managing data and information in this way can pose financial, reputational and security issues to a business, something that no business owner wants to have to deal with.

Cyber security is as much of an issue for SMEs as it is for larger organizations according to the Business Continuity Institute's latest Horizon Scan Report which showed that organizations of all sizes share the same concerns. A global survey identified the top three concerns for both SMEs and large organizations as cyber attack, data breach and unplanned network outage.

“Bad habits can easily stick, particularly amongst teams within businesses where there aren’t clear policies around data security,” added Mark Woolley. “I’d urge new businesses to set guidelines around working with documents and emails at the outset in order to give themselves a head start when it comes to keeping information safe. Businesses should also consider that new legislation such as the General Data Production Regulation will incorporate additional data security into law, making adhering to basic practices of vital importance."

Achieved Highest Score in Strategy and Automation Capabilities for its OpenStack Private Cloud Offering

SAN ANTONIO, Texas – Rackspace today announced that it was named a leader in the Forrester Research, Inc. June 2017 report, The Forrester Wave™: Hosted Private Cloud Services, North America, Q2 2017. The report evaluated nine vendors based on 33 criteria, including current offering, strategy and market presence. Rackspace was ranked above all vendors in strategy and automation capabilities for its Rackspace OpenStack Private Cloud offering.

According to the report, "Rackspace enjoys a highly visible market position by virtue of its lengthy history in the managed hosting segment, OpenStack contributions and close partnerships with the leading hyperscale public cloud providers … Although its current offering is strong, Rackspace stands out by virtue of its customer-centric, 'Fanatical Support' strategy as well as its coexistence with hyperscale providers through management and migration services." Additionally, customer references contacted during the evaluation called out Rackspace for "its superior self-service control options relative to other evaluated solutions, describing it as best-in-class."

Rackspace scored highest among vendors in the strategy category for its Rackspace® OpenStack® Private Cloud, which Rackspace believes indicates the strength of its go-to-market strategy and future vision for hosted private cloud services. The independent research firm evaluates strategy using eight criteria, and Rackspace received the highest score possible in three of these criteria including: business technology vision, market approach and partner ecosystem.

In addition, Rackspace received the highest score in the automation capabilities criterion within the current offering category, and was among the vendors that scored the highest for self-service portal and user interface, integration strength, service level agreements (SLAs), storage and contract agreements.

"I believe that Rackspace's position in this report further validates that it is the clear market leader in the OpenStack private cloud space," said Scott Crenshaw, SVP and GM of OpenStack and Microsoft clouds at Rackspace. "In my view, our positioning is a testament to our strategy to deliver OpenStack private clouds as a service, providing self-service tools and an industry-leading 99.99 percent API uptime SLA. As a co-founder of OpenStack, Rackspace is well positioned to enable customers of all sizes to succeed through operational expertise gained from more than one billion server hours managing OpenStack clouds at scale. We are proud to be named a leader in this report and will continue to innovate and lead by providing industry-leading SLAs, world-class economics and a revolutionary, utility-based private cloud consumption model."

Rackspace delivers a broad portfolio of managed private cloud solutions that support multiple platforms including OpenStack, VMware® Private Cloud and Microsoft® Private Cloud. These private cloud solutions give customers the agility, scalability and efficiency of the public cloud, with the greater levels of control and security of a single-tenant, dedicated environment.

To view the full report, courtesy of Rackspace, visit https://www.rackspace.com/about/forrester-wave-leader.

For more information about the Forrester Wave: Hosted Private Cloud Services positioning, see the blog post at https://blog.rackspace.com/rackspace-named-leader-forrester-wave-hosted-private-cloud. For more information about Rackspace OpenStack Private Cloud, visit: https://www.rackspace.com/en-us/openstack/private.

About Rackspace
Rackspace, the #1 managed cloud company, helps businesses tap the power of cloud computing without the complexity and cost of managing it all on their own. Rackspace engineers deliver specialized expertise, easy-to-use tools, and Fanatical Support® for leading technologies including AWS, Google, Microsoft, OpenStack and VMware. The company serves customers in 150 countries, including more than half of the FORTUNE 100. Rackspace was named a leader in the 2017 Gartner Magic Quadrant for Public Cloud Infrastructure Managed Service Providers, Worldwide, and has been honored by Fortune, Forbes, and others as one of the best companies to work for. Learn more at www.rackspace.com.

Copyright © 2017 Rackspace | Rackspace®, Fanatical Support® and other Rackspace marks are either service marks or registered service marks of Rackspace US, Inc. in the United States and other countries. All other trademarks, service marks, images, products and brands remain the sole property of their respective holders and do not imply endorsement or sponsorship.

The Business Continuity Institute

Cyber attackers are relying more than ever on exploiting people instead of software flaws to install malware, steal credentials/confidential information, and transfer funds. A study by Proofpoint found that more than 90% of malicious email messages featuring nefarious URLs led users to credential phishing pages, and almost all (99%) email-based financial fraud attacks relied on human clicks rather than automated exploits to install malware.

The Human Factor Report found that business email compromise (BEC) attack message volume rose from 1% in 2015 to 42% by the end of 2016 relative to emails bearing banking Trojans. BEC attacks, which have cost organizations more than $5 billion worldwide, use malware-free messages to trick recipients into sending confidential information or funds to cyber criminals. BEC is the fastest growing category of email-based attacks.

“Accelerating a shift that began in 2015, cyber criminals are aggressively using attacks that depend on clicks by humans rather than vulnerable software exploits - tricking victims into carrying out the attack themselves,” said Kevin Epstein, vice president of Proofpoint’s Threat Operations Center. “It’s critical that organizations deploy advanced protection that stops attackers before they have a chance to reach potential victims. The earlier in the attack chain you can detect malicious content, the easier it is to block, contain, and resolve.”

Someone will always click, and fast. Nearly 90% of clicks on malicious URLs occur within the first 24 hours of delivery with 25% of those occurring in just ten minutes, and nearly 50% of clicks occur within an hour. The median time-to-click (the time between arrival and click) is shortest during business hours from 8am to 3pm EDT in the US and Canada, a pattern that generally holds for the UK and Europe as well.

Watch your inbox closely on Thursdays. Malicious email attachment message volume spikes more than 38% on Thursdays over the average weekday volume. Ransomware attackers in particular favor sending malicious messages Tuesday through Thursday. On the other hand, Wednesday is the peak day for banking Trojans. Point-of-sale (POS) campaigns are sent almost exclusively on Thursday and Friday, while keyloggers and backdoors favour Mondays.

Attackers understand email habits and send most email messages in the 4-5 hours after the start of the business day, peaking around lunchtime. Users in the US, Canada, and Australia tend to do most of their clicking during this time period, while French clicking peaks around 1pm. Swiss and German users don’t wait for lunch to click, their clicks peak in the first hours of the working day. UK workers pace their clicking evenly over the course of the day, with a clear drop in activity after 2pm.

The Business Continuity Institute

The United Nations Office for Disaster Risk Reduction has claimed that climate change is greatly increasing the likelihood of devastating wildfires, such as the one that burned its way across Portugal last weekend but is now reported to be under control.

More than 60 fires broke out in a densely forested area near the small town of Pedrógão Grande, 200km north-east of Lisbon, killing more than 60 people, in what Portuguese Prime Minister Antonio Costa described as the country’s “greatest human tragedy in living memory."

Dr Robert Glasser, the United Nations Special Representative of the Secretary-General for Disaster Risk Reduction, urged countries to integrate climate change risk in their fire prevention and response planning, commenting that "the fire highlights the urgency of global efforts to reduce greenhouse gases as quickly as possible."

Organizations in regions where wildfires are a possibility need to consider how they would respond to such an incident, or any incident that could result in the loss of facilities, danger to staff, or the evacuation of people from the region. Actions that need to be thought through are how to communicate with staff, or other stakeholders, during the event, primarily to ensure their safety, but also to liaise with them about alternative work arrangements . If facilities have been damaged then they will need to consider where staff can work both in the short-term and the long-term, bearing in mind that staff may not want to work in the short-term as the organization is unlikely to be their top priority.

Adverse weather, which can lead to the conditions that cause and spread wildfires, such as no rainfall, high temperatures and strong winds, featured fifth in the list of concerns that business continuity professionals have, as identified in the Business Continuity Institute's latest Horizon Scan Report. Climate change is not yet considered an issue however, as only 23% of respondents to a global survey considered it necessary to evaluate climate change for its business continuity implications. given this latest statement from UNISDR, perhaps now is the time to start giving it greater consideration.

A new study published in Nature Climate Change found that 30% of the world’s population is currently exposed to potentially deadly heat for 20 days per year or more.

Enhanced Management, Security and Monitoring Increases Business Agility for Competitive Advantage in one of the Industry’s Leading API Management Portfolios

NEW YORK – CA Technologies (NASDAQ:CA) today announced new solutions and capabilities within its API Management portfolio to help developers, enterprise architects and digital leaders create and deploy microservices—and manage the APIs that connect and orchestrate microservices to build modern application architectures. The latest innovations include:

“We chose a cloud-first and API-driven approach to continue leveraging existing business critical systems while developing the architecture to quickly create modern applications using microservices.”

Tweet this
  • Expanded capabilities of CA Live API Creator to quickly, effectively and independently create, deploy and run microservices.
  • Docker® container deployment options across many products within the API Management portfolio for end-to-end support in microservices architectures.
  • Expanded API Management portfolio integrations to address management, security and advanced monitoring of APIs for modern architectures in any enterprise or cloud environment.

“Successful digital businesses require a modern application architecture to accelerate development, open new business opportunities and innovate faster,” said Rahim Bhatia, general manager, CA Technologies Developer Products. “CA provides one of the broadest portfolio of microservices and API management solutions – from design and development to deployment and management – supporting application agility and scale for competitive advantage.”

New Capabilities for Microservices Creation and Management

The ability to create and manage microservices deployed using container-based technology is required in today’s modern application architecture. CA supports Docker® container-based deployment of CA Live API Creator and CA API Gateway for microservices creation, security and management. CA also has expanded its powerful, yet easy point-and-click solution, CA Live API Creator, to quickly produce comprehensive microservices incorporating data, logic and robust APIs. In addition, the new CA Microgateway, currently available in beta, helps enforce local policies for microservices, such as service discovery, routing, last mile security and rate limiting.

Beachbody, a leading provider of fitness, nutrition and weight-loss programs, used CA’s products and services to help transform its IT architecture. “We recently went through a three-year project to modernize a wide range of infrastructure and applications to give us the agility to meet rapidly changing market conditions,” said Michael Lee, Technology vice president at Beachbody. “We chose a cloud-first and API-driven approach to continue leveraging existing business critical systems while developing the architecture to quickly create modern applications using microservices.”

Expanded Full Lifecycle API Management Capabilities Support Modern Application Architectures

CA’s newly architected CA API Developer Portal gives organizations the flexibility to manage APIs wherever and however they want – on-premises, hybrid or cloud – with the ability to switch among them seamlessly. The containerized, API-first architecture eases deployment and migration to the cloud, and simplifies management, policy configuration and integration with existing analytics and content management system investments.

New capabilities and integration between CA Mobile API Gateway and CA Advanced Authentication accelerate the development of mobile security while delivering risk-based security from the mobile app to the API. A new, unified mobile SDK helps developers easily integrate authentication requirements while maintaining a streamlined experience for end users. In addition, CA APM integration with CA API Management provides visibility into API and app performance metrics with transaction tracing for precise triangulation and resolution of performance issues.

“Agility and time-to-market for new and compelling apps are essential to compete in the market. CA API Management has demonstrated it can help take ideas and turn them into viable solutions quickly,” said Joe Farrell, Chief Product Officer and co-founder of BiTE Interactive, a mobile product studio. “For example, working with CA API Management we were able to complete the single sign-on feature for an app in just one sprint. When we built this feature without CA API Management for a large financial client, it required four sprints.”

Resources

  • Learn from the API Academy Experts: The API Academy provides expert counsel on microservices and API strategy and design. The API Academy team has also contributed open-source software to help organizations sketch and brainstorm ideas for microservices in a disposable fashion for faster iteration, innovation and inspiration.
  • API Academy Book: Microservice Architecture: Aligning Principles, Practices, and Culture
  • developer.ca.com: Find the right tools and resources for your next project, whether you are interested in microservices and APIs, secure and reliable mobile apps or want to add a whole new level of visibility with app analytics.

Join the API Academy, CA API and microservices technologists and CA customers for a virtual summit, Modernizing Application Architectures with Microservices and APIs, on July 11, 2017, at 12 p.m. ET to learn how to get started with, or advance, microservices initiatives within your organization.

About CA Technologies

CA Technologies (NASDAQ:CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business in every industry. From planning, to development, to management and security, CA is working with companies worldwide to change the way we live, transact, and communicate – across mobile, private and public cloud, distributed and mainframe environments. Learn more at www.ca.com.

Follow CA Technologies

Twitter

Social Media Page

Press Releases

Blogs

Legal Notices

Copyright © 2017 CA, Inc. All Rights Reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

Page 1 of 209