Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 30, Issue 1

Full Contents Now Available!

Industry Hot News

Industry Hot News (7039)

Welcome to 2016 – the year of our digital [r]evolution.

The next few years will be defining moments for the modern data center and the entire cloud ecosystem. We’re beginning to see more markets, industries, and verticals adopting next-generation technologies. All of this impacts the way we design data centers and all of the resource supporting our diverse applications and users.

We’ve reached a point where almost every person has a digital footprint. We can create a digital identifier with critical pieces of information for babies who don’t even have a heartbeat yet. Our data is in the cloud before we’re even born. That’s something we must all become accustomed to.

Today, new market disruptors are pushing organizations to rethink their entire business strategies and find ways to intelligently align their IT environments. With all of this in mind, let’s take a look at the top five trends that will be impacting your data center and cloud environments in 2016.



Wednesday, 20 January 2016 00:00

Destroying Data: Mission Impossible

Why is it possible to recover files that have already been deleted? It’s because a file remains on the hard drive until the physical place where it’s stored becomes overwritten with another file. The process of overwriting is beyond the user’s control (although of course the likelihood of deleted files being overwritten is higher the more files you subsequently save onto your hard drive). Both deleting a single file and formatting a partition are processes that involve system modifications within the file allocation tables (some of the most popular file systems – such as FAT and NTFS – are based on a system of file allocation tables). This process doesn’t include the disk space, which is modified only when another process of writing a file begins, after the file has been ‘deleted’ or the partition has been formatted. So if nothing gets written over the physical space that is occupied by the removed file, it will be fairly easy to restore it (there’s a detailed instruction of how to do it on our blog).

The same goes for all system files that I mentioned previously (such as temporary files, paging files, print and hibernation files), even if a file has been overwritten in one place, it could still be restored from some other place on the hard drive. So as you can see, ‘manual’ deletion is more like playing a game of cat and mouse with your data.



AUSTIN, Texas – State and federal recovery officials encourage Texas residents to watch for and report any suspicious activity or potential fraud from scam artists, identity thieves and other criminals who may try to prey on survivors vulnerable due to the October severe storms, tornadoes, straight-line winds and flooding. The Federal Emergency Management Agency (FEMA) does not endorse any commercial businesses, products or services. FEMA encourages survivors to be especially vigilant for these common post-disaster fraud practices: 

• Fraudulent building contractors. When hiring a contractor: 

o Use licensed local contractors backed by reliable references. 

o Demand that contractors carry general liability insurance and workers’ compensation. 

o Don’t pay more than half the costs of repairs upfront. 

• Bogus pleas for post-disaster donations: Unscrupulous solicitors may play on the emotions of disaster survivors. Disaster aid solicitations may arrive by phone, email, letter or face-to-face visits. 

o Verify legitimate solicitations by asking for the charity’s exact name, street address, phone number and Web address, then phone the charity directly and confirm that the person asking for funds is an employee or volunteer. 

o Don’t pay donations with cash. 

o Request a receipt with the charity’s name, street address, phone number. 

• Fake offers of state or federal aid: 

o Beware of visits, calls or e-mails — claiming to be from FEMA or the State of Texas — asking for an applicant’s Social Security number, bank account number or other sensitive information. Avoid scam artists who promise a disaster grant and ask for large cash deposits or advance payments in full. 

o Federal and state workers do not solicit or accept money. FEMA and U.S. Small Business Administration staff never charge applicants for disaster assistance, inspections or help in filling out applications. 

• Phony housing inspectors: Homeowners and registered FEMA applicants may be vulnerable to phony housing inspectors claiming to represent FEMA or the SBA. 

o Inspectors have each applicant’s nine-digit registration number. FEMA inspectors NEVER require banking or other personal information. 

o The job of FEMA housing inspectors is to verify damage. Inspectors do not hire or endorse specific contractors to fix homes or recommend repairs. They do not determine eligibility for assistance. 

If you suspect fraud, call the FEMA Disaster Fraud Hotline at 866-720-5721. If you are the victim of a home repair scam or price gouging, call the Office of the Texas Attorney General at 800-252-8011. Texas homeowners and renters who register for disaster assistance with the Federal Emergency Management Agency (FEMA), prior to the Jan. 25 deadline, are encouraged by recovery officials to "stay in touch." Survivors changing their address or phone numbers should update that information with FEMA. Missing or erroneous information could result in delays getting a home inspection or in receiving assistance. 

Survivors with questions regarding the application or the appeals process, or who need to register for assistance may visit online at DisasterAssistance.gov or by phone (voice, 711 or relay service) at 800-621-3362. (TTY users should call 800-462-7585.) The toll-free lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available. For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD). 

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339. 

Visit www.fema.gov/texas-disaster-mitigation for publications and reference material on rebuilding and repairing safer and stronger.

Last Updated: 
January 19, 2016 - 15:32
State/Tribal Government or Region: 
Wednesday, 20 January 2016 00:00

The IoT, IPv6 and DDoS: A Dangerous Mix

The Internet is awash in new things, and two of them, IPv6 and the Internet of Things (IoT), could potentially lead to a whole lot of trouble. Experts say that it is possible that the new addressing scheme, which is necessary to accommodate the explosion of wireless technology and the billions of IoT devices that are flooding the Internet, will create a landscape that allows malicious hackers (crackers) to launch potentially potent distributed denial of service (DDoS) attacks.

A DDoS attack is launched when crackers take over numerous Internet endpoints and turn them into “bots.” These bots, as the name implies, do the bidding of the bad guys. In a DDoS attack, the bots are instructed to repeatedly send data in an effort to overwhelm the target and take it offline.

Together, the IoT and IPv6 raise a series of concerns, as Rene Papp has pointed out at Dark Reading, writing that a number of factors point to potential danger: Tools aimed at identifying malicious traffic in IPv6 are immature and the devices that translate between IPv4 and IPv6 are “brittle.” The term is a shortcut for the idea that the devices’ CPU, memory and bandwidth tend to be maxed out by the stringent demands of mediating the relationship between IPv4 and IPv6.



Wednesday, 20 January 2016 00:00

Nine Main Challenges in Big Data Security

Every year the protection of private and confidential information gains more and more attention. According to the World Quality Report 2015-16, the only global report for application quality, security is the most highly ranked priority in the IT strategies used by survey respondents.

Until recently, a company’s applications were mainly internal and its security was viewed as low risk. However, with the increased adoption of web-based, mobile and cloud-based applications, sensitive data has become accessible from different platforms. These platforms are highly vulnerable to hacking, especially if they are low-cost or free.

Nowadays, organizations are collecting and processing massive amounts of information. The more data is stored, the more vital it is to ensure its security. A lack of data security can lead to great financial losses and reputational damage for a company. As far as Big Data is concerned, losses due to poor IT security can exceed even the worst expectations.



Cybercrime is quickly rising as one of the leading causes of data center outages.

After having risen from being behind 2 percent of outages in 2010 to 18 percent in 2013, cybercrime caused 22 percent of data center outages in 2015, reported in a recent survey conducted by the Ponemon Institute and sponsored by Emerson Network Power. Cybercrime is now the fastest-growing cause of data center outages, the report’s authors said in a statement.


The biennial report’s primary focus is cost of data center downtime to the operators, and that cost is quickly rising. Among operators of the 60-plus data centers surveyed, the average total cost per minute of unplanned downtime went from about $8,000 in 2013 to about $9,000 last year.



Wednesday, 20 January 2016 00:00


The Bank Secrecy Act (BSA) requires that every Money Services Business (MSB) implement a BSA/anti-money laundering (AML) compliance program.  Risk assessments provide a clear view as to the organization’s policies and procedures. Failure to implement a comprehensive BSA/AML compliance program may result in significant fines and/or penalties by state and federal regulators. So what does this have to do with risk management?  Having a risk assessment allows the company to establish a comprehensive AML compliance program.

Regulations state that a company’s BSA/AML compliance program must be commensurate with the risks posed. This means that a comprehensive risk assessment must effectively evaluate the adequacy of policies, procedures and internal controls that have been developed to mitigate the company’s risk.



Wednesday, 20 January 2016 00:00

Putting the Cloud Pricing Wars in Perspective

As the enterprise becomes more steeped in the cloud, greater attention is being paid to the real costs of moving workloads onto third-party infrastructure.

The prevailing attitude is that the cloud is cheaper than on-premises in just about every circumstance, and by a wide margin. But is this really true? And does that mean we don’t need to run the same cost-benefit analysis in the cloud to make sure we are getting an optimal return on our investment?

After a brief respite, it seems that the price-cutting has resumed among the top public cloud providers. AWS and Google both announced price cuts shortly after the new year, and now Microsoft is following suit for its Azure service. All three are playing fast and loose with the cost basis, however, as they usually revolve around service bundling, machine categories, automated tiering and a host of other factors that can cause prices to fluctuate wildly.



Wednesday, 20 January 2016 00:00

New 911 Center Enters Final Stretch

(TNS) - Construction of a new, $8.25 million 911 call center, which will serve residents throughout Doña Ana County, has entered the final stretch.

The project has seen several delays, putting it months behind schedule. But it is still within budget, according to county and 911 call-center officials.

Staff with the 911 dispatch center organization, known as the Mesilla Valley Regional Dispatch Authority, have been eager to move into the new building, which will replace an aging and outdated facility near Lohman Avenue and South Main Street.

MVRDA Executive Director Hugo Costa said the work is in its final weeks.



(TNS) - State officials have ended a ban on public bird shows and sales in North Carolina because they say it’s no longer needed to prevent the spread of a deadly avian flu virus.

But state and industry officials also say the threat of a flu outbreak will never go away, meaning some of the measures adopted in recent months to protect the state’s $5 billion poultry-growing industry will become common practice.

“Some of the ways we’ve done business in the past can’t be the way we do business going forward,” said State Veterinarian Doug Meckes. “All that guidance, all the caution, has been taken to heart, and I know the poultry industry has changed the way they do business.”



AUSTIN, Texas – Texas homeowners and renters who have registered for disaster assistance with the Federal Emergency Management Agency (FEMA) are encouraged by recovery officials to “stay in touch,” even after the Jan. 25 application deadline.

Applicants changing their addresses or phone numbers should update that information with FEMA. Missing or erroneous information could result in delays getting a home inspection or in receiving assistance.

FEMA has provided two ways for homeowners and renters to update their information:

  • Log on to the FEMA website at DisasterAssistance.gov to upload documents, and
  • Call the toll-free FEMA Helpline (voice, 711 or relay service) at 800-621-3362. TTY users should call 800-462-7585. Lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available.

When updating status information, callers should refer to the nine-digit number issued at registration. This number is on all correspondence applicants receive from FEMA and is a key identifier in tracking assistance requests.

For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245, Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.  

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

Last Updated: 
January 19, 2016 - 09:32
State/Tribal Government or Region: 

Skip footer content.


Tuesday, 19 January 2016 00:00

Enterprise Still Unclear on Storage

Of the three pillars of enterprise hardware – compute, storage and networking – the future of storage is the least clear. Servers are being virtualized and containerized, networking is being defined by software, but storage is still swirling amid a plethora of media types and architectures.

For any given application, then, data managers or their automated systems have to match data loads to tape, disk, Flash or optical systems, using in-line, near-line or even off-line architectures in the data center, on the cloud or in a colocation setting for real-time, short-term, medium-term or long-term archival purposes. And all of these situations must be built, managed and maintained under tight budgets and in ways that accommodate rapidly shifting data requirements.



Tuesday, 19 January 2016 00:00

BCI: A world at risk in 2016

A world at risk in 2016

An increased likelihood for all risks, from the environmental to society, the economy, geopolitics and technology, looks set to shape the global agenda in the coming year, the World Economic Forum’s Global Risks Report 2016 has found.

In this year’s annual survey, almost 750 experts assessed 29 separate global risks for both impact and likelihood over a 10-year time horizon. The risk with the greatest potential impact in 2016 was found to be a failure of climate change mitigation and adaptation. This is the first time since the report was published in 2006 that an environmental risk has topped the ranking. This year, it was considered to have greater potential damage than weapons of mass destruction (2nd), water crises (3rd), large-scale involuntary migration (4th) and severe energy price shock (5th).

The number one risk in 2016 in terms of likelihood, meanwhile, is large-scale involuntary migration, followed by extreme weather events (2nd), failure of climate change mitigation and adaptation (3rd), interstate conflict with regional consequences (4th) and major natural catastrophes (5th).

Geopolitical instability is exposing businesses to cancelled projects, revoked licenses, interrupted production, damaged assets and restricted movement of funds across borders. These political conflicts are in turn making the challenge of climate change all the more insurmountable – reducing the potential for political co-operation, as well as diverting resource, innovation and time away from climate change resilience and prevention,” said Cecilia Reyes, Chief Risk Officer of Zurich Insurance Group.

One potential black swan event could be in the area of technological risk. While cyberattacks rises slightly in terms of likelihood and impact in 2016, others, including failure of critical information infrastructure, appear to be declining as a risk in the eyes of experts. Technological crises have yet to impact economies or securities in a systemic way, but the risk still remains high, something that potentially may not have been fully priced in by experts.

Unemployment and under-employment appears as the risk of highest concern for doing business in more than a quarter of the 140 economies covered, and is especially featured as the top risk in two regions, sub-Saharan Africa and the Middle East and North Africa. The only region where it does not feature in the top five is North America. Energy price shock is the next most widespread risk, featuring in the top five risks for doing business in 93 economies. Cyberattacks, mentioned above, feature among the top five risks in 27 economies, indicating the extent to which businesses in many countries have been impacted already by this rising threat.

Remember the hover boards in the "Back to the Future" movies--those levitating skateboards that characters in the films used to get around? As you’ve no doubt seen if you’ve stepped outside your house lately, more than 25 years after they first appeared in those movies, hover boards are finally here—in the real world—sort of. (They unfortunately don’t actually levitate.)

Science fiction often provides the inspiration for real-world innovations. And one very recent example in the medical industry offers an important lesson to you as an MSP. An amazing new personal medical device, which CNN reported on in early 2015, is based on the fictional medical “tricorder” from Star Trek. The real device is a handheld scanner that, when placed against your forehead, measures your heart rate, blood pressure, oxygen levels and other key details about your health.

Then (and here’s the lesson for your MSP business) the device will send all of this medical data wirelessly, via a Bluetooth signal, to a smartphone or other device—or directly to your doctor.



Remember Alice in Wonderland? For most of us, the world of data is a wonderland — we don’t care how it works, we just want it to work. But I’m here to take you all the way down the rabbit hole of binary code to show you what’s hiding at the bottom. You’ll have to be vigilant — a mole could follow you down there when you aren’t looking. You make a mistake, he infiltrates your hard drive!

Who could be a mole?

Data thieves, IT investigators, forensic data experts – one thing they all have in common is that they’d follow exactly the same traces when going through your hard drive (I will describe these traces in this part of the course). All of these could be used either against you, or to your advantage (for example, if you accidentally lose your data, it would be retrieved in the same way). Only someone intent on hurting you, who would go behind your back and without your consent, would be considered a mole. Here are some sample situations that would call for your heightened interest in thoroughly erasing your data:



Once upon a time, enterprises made products and supplied the occasional service. Now it seems this situation is being turned upside-down. The trend is to supply far more as a service or a subscription, with one-off product sales becoming the exception, instead of the rule. Much of this started in IT, as cloud computing became popular. Enterprises saw the advantage of paying for software and hardware usage month by month and according to how much they wanted, instead of large lump sum capital payments for resources they did not always use fully. Cloud providers often offered better business continuity too. But will the same be true when the client enterprises become service providers in their own right?



OXFORD, Miss. – The Mississippi and federal emergency agencies are operating five disaster recovery centers in Mississippi to offer a number of services to individuals affected by the December storms. The centers, located in Benton, Coahoma, Marshall, Quitman and Tippah counties, are jointly operated by the Mississippi Emergency Management Agency and the Federal Emergency Management Agency in partnership with county and local agencies. They serve as one-stop-shops to provide community access to recovery services, referrals and information.

Anyone who needs reasonable accommodations when visiting the centers may request them by calling the FEMA helpline at 800-621-3362, or (TTY) 800-462-7585. Accommodations include American Sign Language interpreters, listening devices for the hard of hearing, magnifiers for low vision and video remote sign language interpreting. Service animals are welcome, and the centers are accessible to everyone.

While individuals are encouraged to register with FEMA before visiting a disaster center, they can use on-site services to contact FEMA and register for disaster assistance by calling 800-621-3362 or (TTY) 800-462-7585. Those who use 711-Relay or Video Relay Services can call 800-621-3362 to register. Online registration can be done at DisasterAssistance.gov by computer, tablet, iPhone, Android or other mobile device. MEMA and FEMA staff are available to answer questions on the status of applications and on special programs such as disaster unemployment assistance and disaster legal services.

Survivors are strongly encouraged to submit their claims to their private insurance providers early. If private insurance leaves coverage gaps, survivors may be eligible for FEMA assistance for their remaining needs. “Remaining needs” includes temporary lodging, personal property losses, medical or dental expenses, moving and storage fees or other costs not covered by personal insurance.

Applicants with questions about the determination letters they receive from FEMA can sit and talk with staff members who are prepared to explain the terms of the letters and to help applicants with the appeal process.

The Mississippi State Board of Contractors has provided the centers with two handouts – “A Consumer’s Guide to Home Improvement Contracts” and “Don’t Get Scammed!” – to aid people facing property repairs. State regulations require contractors to be licensed. Consumers can contact the Board’s hotline at 800-880-6161or 601-354-6161 to report fraudulent activity.

Center staff may direct storm survivors dealing with high levels of stress after the December storms to call the Mississippi Department of Mental Health hotline at 877-210-8513 from 9 a.m. to 4 p.m. Monday through Friday. The call is free and confidential.

Business owners, homeowners, renters and private nonprofit organizations whose losses were not fully covered by their private insurance can apply for a low-interest loan from the U.S. Small Business Administration. The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. An SBA representative is available at each center to assist applicants with the application process. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

All of these resources are located at the following disaster recovery centers:

Benton County

Ashland Fire Department

60 Third St.

Ashland, MS 38603

Coahoma County

Clarksdale Civic Auditorium

506 East 2nd St.

Clarksdale, MS 38614

Marshall County

Spring Hollow Plaza

198 N. Memphis St.

Holly Springs, MS 38635

Tippah County

The former Magnolia Women’s Center

41 B Mitchell Ave.

Walnut, MS 38683

Quitman County

Marks Fire Department Station

108 W. Main St.

Marks, MS 38646


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Last Updated: 
January 18, 2016 - 17:53
State/Tribal Government or Region: 

Users of eBay may be the latest victims of a spearphishing campaign, thanks to an XSS security vulnerability. The good news is that eBay has patched the vulnerability. The bad news is that it is an example that spearphishing is a problem that’s not going away and, in fact, tops the list of security concerns among enterprises, according to a new study from Cloudmark.

Let’s start with the eBay story. According to ZDNet:

The Cross-Site Scripting (XSS) vulnerability, implemented through Java, allowed an attacker to inject their own malicious page within eBay via an iframe. MLT leveraged the weakness in eBay's domain to inject a login page into eBay's URL system, which made the malicious URL look like it was hosted on the legitimate eBay website.



(TNS) - Behind New Orleans, streets in Hampton Roads are the most vulnerable in the nation to sea level rise.

Picture Boush Street near Nauticus and City Hall Avenue up to MacArthur Mall as a new urban canal. Bits and pieces of roads in Chesapeake, Virginia Beach and Norfolk would be water.

That picture is bad, but even a little bit of permanent flooding drastically alters connectivity. Easy access from Downtown Norfolk to I-264 would be severed by the Boush Street/Waterside Drive artery. Many bridges are not expected to be inundated, but the roadway approaches are susceptible to flooding, making bridges inaccessible.



Tuesday, 19 January 2016 00:00

Flood Insurance: A Roll of the Dice

(TNS) - You’ve seen the headlines, and you’ve heard the hype.

Now you’ll have to decide: Does the arrival of El Niño call for buying flood insurance?

“Yes,” thousands of Californians have concluded. The Federal Emergency Management Agency, which administers the nation’s public flood insurance program, says more than 28,000 new policies were purchased from September through November, a 12 percent increase that is unmatched in recent history.

Stockton and much of San Joaquin County are prone to flooding at the bottom of this Central Valley bathtub. And this year, some Calaveras County residents may be vulnerable to mudslides from the Butte Fire burn scars.



(TNS) - A quiet, Pittsburgh-based cybersecurity nonprofit expects to announce plans this week for offices in New York City and Los Angeles, marking its first expansion out of Western Pennsylvania, the Tribune-Review has learned.

The National Cyber-Forensics & Training Alliance keeps a low profile but has been hailed by President Obama and national leaders for bringing together public agencies and private companies to fight online crime.

The group began informing its members about the expansion during the past two weeks.

“It's only going to make us stronger,” Matt LaVigna, the group's interim president, CEO and director of operations, told the Trib. “By going to Los Angeles and New York, these are going to be extensions of the work we're doing here. The command and control will still be here in Pittsburgh.”



(TNS) - Recent storms that deluged homes and cars, along with the likely prospect of more to come because of El Niño, have thrown into stark relief the region’s age-old approach to flood control.

Ahead of this month’s rain-related flooding, San Diego city officials repeatedly debated how fast and aggressively to perform the costly stormwater maintenance on its channels that are considered most prone to spilling over.

Officials said they inspected and cleared all of the city’s more than 24,000 storm drains and repaired several corrugated metal pipes in the run-up to the first series of storms.



Employers focus on flexible working to manage absence rates

Blue Monday is considered by some to be the day when employers should brace themselves for the possibility of increased absences as staff struggle with low morale and motivation following the Christmas break.

While a quarter (25%) of UK employers have seen their absence rates improve over the last 12 months, one in 10 have seen their rates worsen over the same time period according to new research from Group Risk Development (GRiD).

Of course it is not just on Blue Monday that organizations should be prepared to manage staff absences, but every day. There are many reasons why staff could be absent with illness being one of them. The Business Continuity Institute’s latest Horizon Scan Report highlighted that Human Illness was a major threat to organizations with 42% of business continuity professionals expressing concern about the prospect of this threat materialising. It is therefore essential that organizations have succession plans in place, so important work does not get missed during someone’s absence.

According to the study by GRiD, 57% of businesses said absence cost them up to 4% of payroll, but employers are using a range of initiatives to address this, and to improve general attendance. This includes introducing flexible working initiatives (36%), a 4 percentage points increase on last year, allowing employees to work around schedules which suit them. By introducing flexible working, it also enables organizations to become more adaptable to other crises that may arise.

It is estimated that long-term sickness absence costs private sector businesses in the UK a total of £4.17 billion a year, and is set to reach £4.81 billion a year by 2030. This makes it all the more important that employers work with staff to manage their return to work, maintain morale and invest in their wellbeing.

Katharine Moxham, spokesperson for Group Risk Development, said: “It’s important that strategies to manage absence are kept up, and that rates aren’t allowed to increase as it really will have a significant impact on business costs in the long-run. That said, it can’t be denied that a quarter have seen rates improve – whether or not this is down on last year – and employers are actively introducing initiatives that focus on the health and wellness of their staff. Flexible working can help to retain talented staff, allowing them to balance home commitments as well as focus on work.

Tuesday, 19 January 2016 00:00

What is the black market value of your data?

In 2008 two big banks — The Royal Bank of Scotland (RBS) and NatWest — experienced a massive security breach. When an employee sold an old company computer on eBay, private data of over a million clients was compromised — their credit histories, details of their bank transfers and even their signatures leaked out. All of this valuable and sensitive data had been purchased for a mere £35. Two years later, in 2010, a similar story happened at NASA – the agency decided to sell redundant IT equipment left over from the defunded space programme. It soon turned out that many of those computers had contained ‘highly sensitive’ data, and the whole thing ended in a scandal.

Gigantic dumping grounds of e-waste, most of which are located in Africa, Asia and South America, are routinely scoured by professional scavengers who specialise in salvaging old equipment and retrieving valuable data left on old hard drives. In Ghana, Nigeria and Guatemala, our old hard drives full of sensitive data collected by banks, the healthcare industry and e-commerce end up on piles of landfill. Some of that data could potentially compromise national security (of most countries, including the US), while some could no doubt compromise your personal online identity. All it takes to dig it out is a lot of free time and some determination.

There are plenty of takers for your bank accounts, infrastructure and personal data. Some of them might be closer to you than others, but they all know exactly what to look for. If you’re still not convinced that it’s worth your while to wipe your storage devices properly, just take a look at this list of things that could be found on them:



Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's emergency disaster declaration issued for the State of Michigan.

Assistance for the State and Affected Local Governments Can Include as Required:

  • FEMA is authorized to provide appropriate assistance for required emergency measures, authorized under Title V of the Stafford Act, to save lives and to protect property and public health and safety, or to lessen or avert the threat of a catastrophe in the designated areas.
  • Specifically, FEMA is authorized to provide emergency protective measures (Category B), limited to direct Federal assistance, under the Public Assistance program at 75 percent Federal funding. This emergency assistance is to provide water, water filters, water filter cartridges, water test kits, and other necessary related items for a period of no more than 90 days. 

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/media-library and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema and on Facebook at www.facebook.com/fema.

Tuesday, 19 January 2016 00:00

BCM / DR: Managing a Schedule

When planning our various BCM/DR components, you need to build and maintain some level of a schedule.  If you don’t have a schedule built for let’s say the BIA or the development of a Crisis Communications Plan, then Executives will never know when to expect the results and participants will continually ‘put you off’.  This is because they’ll know there’s no deadline so there’s no level of urgency to complete their tasks and thus, the BCM/DR component will never be completed.

When you do develop a schedule, don’t develop it in a silo.  You need participation and feedback from everyone involved so that dates and timelines are realistic and achievable.  If not, then no one will buy into your schedule and will do what they want when they want to- if at all.

A schedule also helps other managers assign resources at the appropriate times, as it’s their job to ensure their department employees are fully engaged with work and those that have timelines and specific goals and objectives will end up with the resources.  Your project – BCM program components – will fall by the wayside because you don’t have it mapped out for when they need to have a resource(s) available to assist.  If they don’t/ know when you need someone, they can’t and won’t, keep a resource sitting on the sidelines.



OXFORD, Miss. – Less than a month after severe storms, tornadoes and flooding swept across Mississippi, more than $1.5 million in state and federal disaster assistance has been approved to help those affected by the storms.

The Federal Emergency Management Agency has been contacted by 775 people for help or information regarding disaster assistance.

In addition to FEMA grants for individuals and families, other forms of disaster assistance are provided by partner agencies such as the U.S. Small Business Administration and voluntary agencies. The Mississippi Emergency Management Agency and FEMA often refer survivors to those agencies. All businesses are also referred to the SBA. Some survivors may be interested in other programs such as disaster unemployment assistance and disaster legal services.

The following is a snapshot of the disaster recovery effort as of Jan. 15:

  • Nearly 170 individuals and households approved for FEMA grants, including:
    • Nearly $1.3 million approved for housing grants, including short-term rental assistance and home repair costs.
    • More than $264,000 approved to cover other essential disaster-related needs such as medical and dental expenses and lost personal possessions.
  • 489 home inspections completed.
  • 283 visits to disaster recovery centers by people affected by the disaster.
  • Five disaster recovery centers open in Individual Assistance-designated counties.

No matter the degree of loss or insurance coverage, survivors in the five disaster-designated Mississippi counties are urged to apply for help. The Individual Assistance-designated counties are Benton, Coahoma, Marshall, Quitman and Tippah. Survivors can use any of the following methods to register:

  • By phone, call 800-621-FEMA (3362). People who are deaf, hard of hearing, or speech-impaired and use a TTY should call 800-462-7585. Lines are open 7 a.m. to 10 p.m. local time. Assistance is available in most languages.
  • Online registration can be done by computer, tablet, iPhone, Android or other mobile device at www.DisasterAssistance.gov.

Survivors who register with FEMA and are referred to SBA will be contacted with options on how to apply for a low-interest disaster loan. After being contacted by SBA, survivors should complete and submit an application even if they do not plan to accept a loan in order to continue the federal assistance process. It is part of the FEMA grant process and can pave the way for additional disaster assistance. SBA disaster loans are available with interest rates as low as 2.188 percent and terms up to 30 years.

Complete the SBA application online at https://disasterloan.sba.gov/ela. Call the SBA customer service center with questions at 800-659-2955. People who are deaf or hard of hearing and use a TTY can call 800-877-8339. For more information, visit sba.gov/disaster.

For more information on Mississippi disaster recovery, go to fema.gov/disaster/4248. Visit the MEMA website at msema.org or on Facebook at facebook.com/msemaorg.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA loan officers to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's disaster declaration issued for the State of Washington.

Assistance for the State and Affected Local and Tribal Governments Can Include as Required:

  • Payment of not less than 75 percent of the eligible costs for emergency protective measures taken to save lives and protect property and public health. Emergency protective measures assistance is available to state, eligible local and tribal governments on a cost-sharing basis. (Source: FEMA funded, state administered.)
  • Payment of not less than 75 percent of the eligible costs for repairing or replacing damaged public facilities, such as roads, bridges, utilities, buildings, schools, recreational areas and similar publicly owned property, as well as certain private non-profit organizations engaged in community service activities. (Source: FEMA funded, state administered.)
  • Payment of not more than 75 percent of the approved costs for hazard mitigation projects undertaken by state and local governments to prevent or reduce long-term risk to life and property from natural or technological disasters.  (Source: FEMA funded, state administered.)

How to Apply for Assistance:

  • Application procedures for state, local and tribal governments will be explained at a series of federal/state applicant briefings with locations to be announced in the affected area by recovery officials. Approved public repair projects are paid through the state from funding provided by FEMA and other participating federal agencies.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/media-library and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema and on Facebook at www.facebook.com/fema.

On Monday, the U.S. Supreme Court declined to consider an appeal from Nestle, Archer Daniel Midlands Co. and Cargill Inc., allowing a slave and child labor lawsuit to proceed against the three food industry giants.

Three plaintiffs who claim they were trafficked from Mali as child slaves and forced to work harvesting and cultivating beans in Cote d’Ivoire, and allege that the companies aided, abetted or failed to prevent the torture, forced labor and arbitrary detention they suffered.

According to Reuters:

The plaintiffs, who were originally from Mali, contend the companies aided and abetted human rights violations through their active involvement in purchasing cocoa from Ivory Coast. While aware of the child slavery problem, the companies offered financial and technical assistance to local farmers in a bid to guarantee the cheapest source of cocoa, the plaintiffs said.



Tuesday, 19 January 2016 00:00

Striving for Balance Between Data and Power

The data center is becoming more efficient by the day. This much is a given. But data loads are also increasing at an exponential rate, which leads many to believe that the two trends will cancel each other out: more data, but processed more efficiently, leading to a net neutral effect on things like energy consumption.

But is this really the case? Will our insatiable demand for data be met in perpetuity, or is there a risk that at some point it will exceed the support capabilities of worldwide energy production?

For starters, let’s look at the data side. According to Synergy Research Group, the cloud market alone is growing at a rate of about 28 percent per year. This is in terms of revenue growth, not infrastructure development, but it still points to a rapidly expanding market that will have to invest in new buildings and systems if it hopes to maintain this pace. And since this is the cloud, expect these facilities to be large and getting larger. The silver lining, of course, is that giant regional facilities serving multiple enterprises are bound to be more efficient than multiple smaller data centers each serving one owner.



Tuesday, 19 January 2016 00:00

BCI: The high cost of natural disasters

The high cost of natural disasters

Not much more than a quarter of global economic losses caused by natural catastrophes during 2015 were covered by insurance according to a new report by Aon Benfield. During the year there were 300 separate global natural disasters, as defined by the report's authors, significantly more than the 15-year average of 269 events. These caused a combined global economic loss of US$123, yet only US$35 billion was covered by insurance.

Despite the higher than average number of incidents, losses were down overall with the global economic loss being 30% below the 15-year average of US$175 billion, and the total insured loss being 31% below the 15-year average of US$51 billion. The Annual Global Climate and Catastrophe Report highlighted that there were 14 multi-billion dollar economic loss events around the world, with the costliest being forest fires that burned out of control in Indonesia. At US$16.1 billion, The World Bank noted that the economic loss from the fires represented 1.9% of the country's GDP.

Stephen Mildenhall, Chairman of Aon Analytics, said: "In many regions, economic catastrophe losses are very material relative to national GDP and yet are insured at much lower levels than in the United States and Europe. Of our top five economic losses, four occurred outside the United States and yet none of these was a top 10 insured loss owing to low insurance penetration in the affected countries."

The study reveals that the three costliest perils – flood, severe thunderstorm, and wildfire – accounted for 59% of all economic losses during the 12 months under review.

Steve Bowen, Associate Director and Meteorologist at Impact Forecasting, said: "While a notable uptick in recorded natural disaster events did not directly translate to greater financial losses in 2015, the year was marked by 31 individual billion-dollar disasters, or 20% more than the long-term average. For just the fourth time since 1980, there were more than 30 such events in a year. Asia once again incurred the greatest overall economic losses, representing 50% of the world total and four of the five costliest events. Despite 32% of global economic losses occurring in the United States, it accounted for 60% of the insured loss and seven of the top 10 costliest insured events."

Cyberattacks are now the greatest risk to doing business in North America, according to the just-released World Economic Forum’s (WEF) Global Risks Report 2016.

In North America, which includes the United States and Canada, cyberattacks and asset bubbles were considered among the top risks of doing business in the region.

The WEF noted that in the United States, the top risk is cyberattack, followed by data fraud or theft (the latter ranks 7th in Canada, which is why it scores 50 percent in the table below).

The risks related to the internet and cyber dependency are considered to be of highest concern for doing business in the wake of recent important attacks on companies, the WEF observed.



If you’ve noticed a few more empty offices or cubicles than usual around your workplace, there may be a good reason. This week, the Center for Disease Control (CDC) reported elevated flu activity in several regions of the country. Flu season in the U.S. is about to peak.

Thankfully, it doesn’t appear a major epidemic is on the horizon. However, even localized outbreaks of the flu can be highly detrimental to an organization’s operations. Each year more than 111 million work days are lost due to the flu. This equates to approximately $7 billion per year in sick days and lost productivity, according to www.flu.gov. That number doesn’t even include other seasonal illnesses.

A number of measures can be taken by employers to reduce the business impact of illness. Most of these measures involve some form of persistent and effective communications with employees, suppliers, partners and other stakeholders.



Many firms are dealing with the explosion of data, applications and new technology that are stretching IT infrastructure to its limits. According to recent reports, analysts expect to see continued growth in data center consolidation as data-centric companies seek efficiencies while mega-data centers continue to offer benefits of scale.

Data centers can enable customers to ‘right-size’ their environment, deliver enterprise-class DR solutions and provide trusted advisers with new IT solutions. Importantly, they can also support IT consolidation efforts.

Complementary actions, such as upgrading equipment and retrofitting sites, are top priorities for enterprise efficiency. Additionally, greater coordination and deployment of resources can include aligning facilities and IT teams’ processes.



Friday, 15 January 2016 00:00

Silent Data Corruption, the Backup Killer

Data corruption is simply an unintentional change to a bit. An occasional bad bit or unrecoverable read error is unlikely to take down an application or render a restore useless. However, corrupted data is not uncommon.

When data corruption goes undetected, it becomes silent data corruption and is a high risk for applications. And when they creep into backup and remain undetected, you have a real data integrity and restore problem on your hands.

Hardware and software both introduce errors into the data path. On the hardware side, head failures, noisy data transfer, electronic problems, aging and wear can introduce bit errors. And with a nod to 1950s science fiction movies, cosmic rays can cause DRAM soft errors (memory bit flips.)



(TNS) - A rare January hurricane formed Thursday in the Atlantic, the first one to form in that month in 78 years.

Hurricane Alex, with maximum sustained winds of 85 miles per hour, is projected to head almost straight north, a track that would pose no threat to the United States. At 11 a.m. Thursday, the storm was about 1,100 miles off the coast of Morocco, a position that put it closer to Africa than North America, according to the National Hurricane Center.

A hurricane warning was issued for the central Azores, a cluster of islands about 900 miles west of Portugal.

Alex formed six weeks after the end of the official hurricane season, a period from June 1 to Nov. 30 that sees the vast majority of hurricanes.



In his article for Security Week, Rafal Los asked an interesting question: Do you have a security policy for the Internet of Things (IoT) gadgets in your office?

We’re familiar with BYOD policies for our smartphones, tablets and laptops. Wouldn’t BYOD security policy cover IoT devices, which technically include smartphones and tablets? The difference, Los pointed out, is that many of our IoT devices are constantly connecting or streaming, and he asked:

How many things are showing up at the office this week that are an always-on conduit to your network from some external third party you really shouldn’t be trusting?



PipelineDB announced the release of PipelineDB Enterprise today. The product is the first commercial version of the open-source product the company released last summer.

PipelineDB is built on a new way of looking at SQL databases, thinking about streams of data rather than data at rest in big silos, co-founder Derek Nelson explained.

He says the company made a big bet on this type of database and so far it appears to be working quite well. While they don’t have exact numbers, he pegs the number of installations in the low thousands with deployments running all day long in the low hundreds.



A lot of wholesale data center capacity was gobbled up last year and the bulk of it was leased by cloud providers and companies providing other popular web services.

Jim Kerrigan, managing principal at North American Data Centers, a data center-focused commercial real estate firm, said wholesale data center providers did a lot more business with cloud companies than they did in 2014. Cloud, he said, was one of the things responsible for 2015 being one of the best data center leasing years ever.

“I was surprised how much cloud has done last year,” he said. “Forty percent of those deals are cloud-based companies.”



Energy consumption is perhaps the chief concern for data center operators, both in terms of cost and public image. A sensational headline at DatacenterDynamics highlights one perspective: “The truth is: data center power is out of control.” In the article, Peter Judge said, “The plain fact is that, no matter how efficiently we run them, data centers are expanding uncontrollably, and consuming increasing amounts of power. In fact, the efficiency improvements are contributing to the rapid growth.” He describes the effect of the Jevons paradox, which observes that efficiency increases with regard to consumption of a resource tend to increase—rather than decrease—demand for that resource.

Judge rightly notes that “there’s a very real way in which data center providers can’t be held responsible for ths [sic]. Data centers are just meeting a demand.” Effectively, it’s consumers of the services that data centers provide who are driving the increasing energy consumption. But even if data centers are increasing their consumption hand over fist, noting the larger energy picture is critical.



El Niño refers to the periodic disruption to the normal climatological state over the central and east Pacific Ocean that causes widespread atmospheric changes across North and South America. This phenomenon, combined with recent climate changes, has caused this year’s El Niño to be one of the most disruptive on record. Areas like California and Missouri have already been experiencing the devastating effects of flooding caused by higher than average rainfall levels.

Recently, we sat down with Dr. Mike Gold from Weather Decision Technologies, Inc. (WDT) who helped shed some additional light on what exactly El Niño is, and what effects we can expect to see from this year’s event. Dr Gold is a senior scientist and forecaster for WDT, focused on providing long-term forecasting for high impact weather events, such as El Niño.

We also had the pleasure of speaking to Mike Gauthier, Senior Vice President of Enterprise Solutions for WDT. He gave us a short presentation on what tools are available to manage critical assets in both routine and severe weather events, including a use case involving the recent Oklahoma ice storms.



Thursday, 14 January 2016 00:00

Big Data Goes Mainstream: What Now?

Now that big data initiatives are going mainstream in Fortune 1000 companies, CIOs and other C-level executives are targeting the next frontier -- how to transform all that information into products and services – according to a new report.

As we enter 2016, big data initiatives are becoming more the mainstream than cutting-edge, and many CIOs are now heading up efforts that go well beyond what they dreamed of implementing a decade ago.

Many organizations are still in transition as they look at the data they have, the data they want to add, the products and services they want to create with that data, and what infrastructure and tools they need to accomplish those goals, according to Randy Bean, CEO and managing director at NewVantage Partners, a management consulting firm that works with C-level executives at many financial services firms in the Fortune 1000.

"The past five years have been about big data," he told InformationWeek. "Organizations want to bring in new sources of data. They want to create new information-based products and services."



If you are a tech investor trying to follow the money right now, then the market can be very confusing in terms of deciding where to place your bets. If you are a tech job seeker thinking about a career change in 2016, then the market can be just as confusing when it comes to finding a position with the most upward mobility.

But if you properly separate out your view on the various sectors within tech, then it all becomes quite clear.

Personal computers (PCs) and software made for those machines were originally referred to as ‘tech’ - as in the ’tech industry’.  Tech broadened into information technology (IT) and more recently the cloud – or cloud computing. The internet and digital media are also called tech, along with all things mobile including smart phones and apps for those devices. Cybersecurity is a tech sector that was originally categorized within IT, but it has evolved to become relevant to the entire tech industry.

Here’s a fresh look at polar opposites in tech (in terms of growth) – the PC market and the cybersecurity market:



Correspondent banking could arguably be one of the most difficult business lines for AML (anti-money laundering) suspicious activity systems to monitor, but are there any opportunities for improvement and increased sophistication? The fundamental conundrum for compliance departments monitoring correspondent banking payment activity is that they must rely on the respondent bank’s AML policies, procedures, controls and technology systems to identify suspicious activity and to take appropriate steps to mitigate the risks, which could result in the respondent bank ending relationships with nefarious customers. In order to remain proactive, banks providing access to the U.S. financial markets via correspondent banking relationships should consider increasing the sophistication of how they detect suspicious activity based on what information is already contained in the wire payments and existing watch lists.

If, correspondent banks are monitoring their customers’ customers, then it requires several parsing algorithms to determine several key pieces of information such as:

  • Creating pseudo account numbers based on the originator and beneficiary names and addresses referenced in the wire payments.
  • Extracting country codes for the originator of the payments and, when available, for the beneficiary as well.



Thursday, 14 January 2016 00:00

Key risk management issues for 2016

Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year, according to new research by KPMG LLP. Effective risk management and mitigation will be critical , since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.   

"CROs today face an unprecedented number of new and emerging risks that can threaten corporate strategy if they are not identified quickly and managed properly," said Kelly Watson, National Service Group Leader for Risk Consulting at KPMG LLP.  "The CRO needs to lead an integrated, organization-wide risk management program that can turn potentially crippling risks into opportunities for innovation, cost reduction, improved compliance and competitive advantage." 

KPMG has identified seven key strategic, operational and external risk areas that should top CROs' risk management agendas this year:



Have you ever looked at an IT security plan and wondered, “what’s wrong with this picture?” When words like “policy”, “procedure” and even “implementation” are prominent, but others like “user”, “training”, “performance” and “awareness” seem to be pushed into the background, there may be room for improvement. Unless your context is entirely “lights-out” and computer-driven (still rare even in this age), human beings will be an integral and fundamental factor in your IT security planning and management. And unless your context is completely on-premises without any connections to the cloud (increasingly rare), the days of the bolt-on, “bigger fence” are numbered.



What are some technical considerations for cloud-based vulnerability scanners? originally appeared on Quora: The best answer to any question.

Answer by Sai Ramanan, Corporate Information Security Lead at Quora, on Quora:

Vulnerability scanning is a stalwart practice of the Information Security community.

Vulnerability scanners help identify potential security weaknesses at scale; e.g. missing patches, default passwords, coding or configuration weaknesses. As part of security best practices or meeting compliance requirements (PCI, HIPAA, GLBA and NERC CIP, etc), when you decided to implement a vulnerability scanning solution in your datacenter and scan your servers in the Cloud, you have to submit a third-party scan request to your cloud provider and whitelist the IPs, which can be time-consuming. There are also pre-authorized vulnerability scanning products available in the AWS marketplace such as Tenable Nessus Enterprise for AWS and QualysGuard Virtual scanner appliances, which can scan your instances on demand. In this article, I’m going to focus some of the considerations to keep in mind specific to pre-authorized vulnerability scanning products on Amazon Web Services environments.

As with any security tool, automated vulnerability scanners also play a vital role in helping you understand, manage, and remediate the security risks that may exist in your environment. There are multiple vulnerability scanning products available for free trial from AWS marketplace – Tenable Nessus, QualysGuard Virtual scanner appliance, Acunetix, Alert Logic, etc. Having evaluated the first two products for Quora, I can tell you that the cloud vulnerability scanning products has their own challenges and architectural considerations need to be properly vetted. Let’s look at some of these:



Three surveys provide data on the state of mobile development and security, and the news is not particularly heartening.

Perhaps the most interesting of the surveys is from Evans Data, which found that 56.7 percent of mobile developers follow security protocols set by their governments. The true nature of the result becomes more apparent when it is turned around: More than 40 percent don’t do what their governments tell them is the right thing.

The press release offered a vague but useful breakdown. In North America, 67 percent follow their governments. The percent in Asia was “only slightly less” but dropped to one-third in the combined Europe, Middle East and Africa (EMEA) category.



Thursday, 14 January 2016 00:00

CDC: Global Health Security Agenda

The Plan for 2016: CDC and the President’s Global Health Security Agenda

2015 was a powerful reminder that a health threat anywhere is a health threat everywhere.  In 2016, CDC and partners are looking forward to continuing work on the President’s Global Health Security Agenda (GHSA), an initiative led by the Department of Health and Human Services.

In 2012, only 1 in 6 countries reported being fully prepared for disease outbreaks. As the Ebola epidemic in West Africa tragically demonstrated, it is often the countries with the fewest resources who are hit hardest by public health emergencies.  To better protect people everywhere, the United States has committed more than $1 billion over the next 5 years to help 30 countries better prepare for the health impacts of natural and man-made disasters.  More than half of this historic investment will focus on the continent of Africa to help prevent future outbreaks.

World map of pixels in gray and light gray

There are 30 GHSA countries: Bangladesh • Burkina Faso • Cameroon • Cambodia • Côte d’Ivoire • Democratic Republic of Congo • Ethiopia • Georgia • Ghana • Guinea • Haiti • India • Indonesia • Jordan • Kazakhstan • Kenya • Laos • Liberia • Mali • Mozambique • Pakistan • Peru • Rwanda • Senegal • Sierra Leone • Tanzania • Thailand • Uganda • Ukraine • Vietnam

Global Health Security Agenda Goals

The vision of GHSA is to stop disease outbreaks as quickly as possible.  Partners will work together to build a global network that can respond rapidly and effectively to disease outbreaks and help countries build their own capacity to prevent, detect, and respond to public health emergencies.

The GHSA focuses on accelerating progress toward a world safe from disease threats by supporting enhanced surveillance and biosecurity systems, immunization campaigns, and curtailing antimicrobial resistance. Establishing national laboratory and disease reporting systems will help detect threats early.  In addition to building epidemiologic and laboratory workforce capacity, GHSA also focuses on incident management system training and establishing emergency operations centers around the globe.

As President Obama said at the Global Health Security Agenda Summit in 2014, “We issued a challenge to ourselves and to all nations of the world to make concrete pledges towards three key goals:  prevent, detect, and respond.  We have to prevent outbreaks by reducing risks.  We need to detect threats immediately wherever they arise.  And we need to respond rapidly and effectively when we see something happening, so that we can save lives and avert even larger outbreaks.”

CDC’s Role in Global Health Security
CDC is improving preparedness and response internationally by building close relationships with ministries of health and other public health partners abroad to encourage public health and emergency management capacity building. The agency also provides GHSA countries with resources such as funds, administrative support, and dedicated personnel, including experts in emergency response, electronic surveillance systems, and specific health threats. CDC also links emergency response efforts to recovery efforts to ensure systems and processes that have been put in place for one response can be ready for the next public health emergency.

A person is giving another person a vaccine.

Ebola has reminded us that  to protect its citizens, each country should be equipped with a core set of public health capabilities to detect a threat when it emerges, respond rapidly and effectively, and prevent it wherever possible. All countries need to be prepared, since disease monitoring and emergency response begin at the local level.  Local responses will be quicker, more efficient, and more cost-effective than responding from a great distance. However, epidemics do not stay within borders and are not the problem of individual countries or regions. GHSA is an important step toward helping build capacity in other countries and ensuring that when national capacities are overwhelmed, the world moves immediately and decisively to contain the outbreak.

By Talkin’ Cloud

2016 could provide many growth opportunities for cloud services providers. Here’s why:

1. Total Cloud Infrastructure Spending Could Grow

International Data Corp predicted total spending on cloud IT infrastructure (server, storage and Ethernet switch, excluding double counting between server and storage) would grow by 24.1 percent to $32.6 billion in 2015. In addition, IDC noted it expected cloud IT infrastructure spending to expand at a compound annual growth rate (CAGR) of 15.1 percent through 2019.

2. Cloud Security Will Remain a Top Priority

Cloud application security provider Elastica recently found that the cost of exposed data in software-as-a-service (SaaS) may total up to $13.85 million per incident. However, CSPs can resolve security issues for businesses, ensuring these companies can protect their sensitive data that is stored in the cloud at all times.



Data volumes have been on a dramatic upswing since the decade began and are about to rise even faster now that Big Data and the Internet of Things are ramping up. So it would seem that enterprises of all sizes should be scrambling to boost their storage capacity, and yet the market is largely flat.

What’s going on here? Is storage infrastructure becoming so efficient that organizations are really doing more with less? Or are workloads already porting to the cloud in such great amounts that commodity platforms are supplanting high-cost on-premises deployments?

There is probably a little bit of truth to both notions, but many other factors are affecting the storage industry right now. Chief among them is the plethora of storage media in the channel that makes it hard to gauge exactly what is happening with storage in general. Gartner, for instance, notes that solid state storage and traditional hard disk are on pace to cross each other in 2017; that is, Flash is growing by about 20 percent per year while HD is at 4 percent. By mid-2017 or so, Flash will start to exceed hard disk in terms of revenue. Meanwhile, shipments of sub-1TB capacity are at the lowest level since 2012, which is counterintuitive considering that, while speed is important in modern architectures, raw capacity should also be growing to accommodate increasing volumes.



Nitin Donde is CEO of Talena, Inc.

To succeed in today’s data-rich and data-centric world, companies are building new, high-value applications on top of NoSQL, Hadoop and other modern data platforms. According to IDC, the big data market will reach $48 billion by 2019. At the same time DevOps processes are rapidly penetrating the Global 2000, impacting the very companies that are adopting these new data platforms. These teams and their processes are now responsible for managing data infrastructures that are orders of magnitude larger than anything companies have dealt with previously. As a result, big data, DevOps and data management are rapidly intersecting, and the speed at which groups are expected to support this new world order and launch new applications raises a new set of challenges, considerations and questions, including:

  1. How do data management principles change in the world of Big Data?
  2. How can agility and security co-exist in modern data environments?

Let’s address each of these issues in more detail.



(TNS) - Gov. Rick Snyder on Tuesday night activated the Michigan National Guard to assist with the ongoing crisis of the lead contamination of Flint's drinking water.

"As we work to ensure that all Flint residents have access to clean and safe drinking water, we are providing them with the direct assistance they need in order to stretch our resources further," Snyder said in a news release late Tuesday.

"The Michigan National Guard is trained and ready to assist the citizens of Flint."

Members of the National Guard are expected to staff fire stations and distribute bottles of water and water filters, freeing members of the American Red Cross to handle the door-to-door distribution of those items, Snyder Chief of Staff Jarrod Agen said. There were no immediate plans to use tanker trucks to distribute water, he said.



AUSTIN, Texas – Disasters such as floods and tornadoes commonly result in the loss of important documents. While it can seem like a daunting task, the good news for Texans is that many official papers and vital records are relatively easy to replace.

Survivors of October’s severe storms, tornadoes, straight-line winds and flooding, who have registered and applied for federal disaster assistance, should keep their personal information updated with the Federal Emergency Management Agency (FEMA) throughout the recovery process. Supplying copies of important documentation is a necessary part of registering with FEMA. Applicants should share any change of address, telephone and bank account numbers and insurance information with FEMA to keep that information up to date.

Check the list below to find out where to obtain official copies of your lost or damaged documents.

SNAP Card (Food Stamps):
Phone: 800-777-7328
Website: https://www.hhsc.state.tx.us/providers/LoneStar/EBT/EBThowto.html

Green Cards:
Phone: 800-375-5283
Website: http://www.uscis.gov/green-card/after-green-card-granted/replace-green-card

Birth and death certificates:
Phone: 888-963-7111
Website: https://www.dshs.state.tx.us/vs/reqproc/default.shtm

Texas Driver License:
Phone: 512-424-2600
Website: https://www.txdps.state.tx.us/DriverLicense/replace.htm

Bank Checks, ATM/Debit Cards, or Safe Deposit Boxes:
Phone: 877-275-3342
Website: www.fdic.gov

Credit Cards: Contact the issuing institution:

Texans in the following counties may register for disaster assistance for damage or losses sustained during the period Oct. 22 to Oct. 31: Bastrop, Brazoria, Caldwell, Cameron, Comal, Galveston, Guadalupe, Hardin, Harris, Hays, Hidalgo, Liberty, Navarro, Travis, Willacy and Wilson.

Survivors can apply online at DisasterAssistance.gov or by phone (voice, 711 or relay service) at 800-621-3362. TTY users should call 800-462-7585. The toll-free lines are open 7 a.m. to 10 p.m. seven days a week. Multilingual operators are available.

For more information on Texas recovery, visit the disaster web page at www.fema.gov/disaster/4245, Twitter at https://www.twitter.com/femaregion6 and the Texas Division of Emergency Management website, https://www.txdps.state.tx.us/dem.

# # #

All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. 

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it., or visiting SBA’s website at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

Visit www.fema.gov/texas-disaster-mitigation for publications and reference material on rebuilding and repairing safer and stronger.

Do businesses understand the cloud and its benefits? Recent data indicates confusion and doubt are prevalent among many cloud adoptees. 

A May 2015 survey of 300 IT managers completed by West IP Communications showed that many businesses are divided on the inherent benefits and risks associated with the cloud.

The survey results included:



Wednesday, 13 January 2016 00:00

BCI: Cyber incidents rank as major new threats

Cyber incidents rank as major new threats

The risk landscape for businesses is substantially changing in 2016 according to a new report by Allianz Global Corporate and Specialty. While businesses are less concerned about the impact of traditional industrial risks such as natural catastrophes or fires, they are increasingly worried about the impact of other disruptive events such as cyber incidents.

According to the Allianz Risk Barometer, business and supply chain interruption (BI) remains the top risk for businesses globally for the fourth year in succession. However, many companies are concerned that BI losses, which usually result from property damage, will increasingly be driven by cyber attacks, technical failure or geo-political instability as new 'non-physical damage' causes of disruption.

The corporate risk landscape is changing as many industrial sectors are undergoing a fundamental transformation,” explains AGCS CEO Chris Fischer Hirs. “New technologies, increasing digitalization and the ‘Internet of Things’ are changing customer behaviour, industrial operations and business models, bringing a wealth of opportunities, but also raising awareness of the need for an enterprise-wide response to new challenges. As insurers we need to work together with our corporate clients to help them to address these new realities in a comprehensive manner.

An area of increasing concern for businesses globally are cyber incidents which not only include cyber crime or data breaches, but technical IT failures as well. Loss of reputation (69%) is the main cause of economic loss as result of a cyber incident followed by business interruption (60%) and liability claims after a data breach (52%). These three cyber incidents are also the top three concerns for business continuity professionals according to the Business Continuity Institute's latest Horizon Scan Report.

The top ten risks according to the Allianz Risk Barometer are:

  • Business interruption (incl. supply chain disruption)
  • Market developments (volatility, intensified competition, market stagnation)
  • Cyber incidents (cyber crime, data breaches, IT failures)
  • Natural catastrophes (storm, flood, earthquake)
  • Changes in legislation and regulation (economic sanctions, protectionism)
  • Macroeconomic developments (austerity programs, commodity price increase, inflation/deflation)
  • Loss of reputation or brand value
  • Fire, explosion
  • Political risks (war, terrorism, upheaval)
  • Theft, fraud and corruption

With Director 7.7, you have the capability of configuring policies, rules and conditions that will alert you when the configured threshold has reached in your XenDesktop 7.7 environment. You can configure and manage proactive alerts and notifications either through the Director UI or using Powershell cmdlets.

In this post, we will take a look at how to configure, visualize your alerts, manage them, analyze their details and historically track alert trends.



(TNS) - As was the case in both 2014 and 2015, flood recovery will again dominate much of Boulder County government's work load this year, county commissioners said Tuesday.

"Even though flood recovery may no longer be at the forefront of the general public's mind, our staff continues to work tirelessly on this issue," Commissioner Cindy Domenico said.

Flood-related issues were just part of a package of topics that Domenico and Commissioners Elise Jones and Deb Gardner covered in their "State of the County" review of what they identified as Boulder County's accomplishments in 2015 — and what residents can expect from their county government in 2016.



This month, we focus on data center design. We’ll look into design best practices, examine in depth some of the most interesting recent design trends, explore new ideas, and talk with leading data center design experts.

Groupon may be the future of merchant discounts, but it uses a mathematical problem solving method formulated in the 1930s to optimize the data center design that supports its popular service.

Linear Programming models are used to maximize specific outcomes given numerous variables. The word “linear” refers to linear relationships between the variables.

The approach is common in other industries, such as transportation, energy, and telecommunications, but it also applies well in data center design, the Groupon team found, since there are clearly desirable outcomes and lots of variables.



Wednesday, 13 January 2016 00:00

Measurement: the next big resilience challenge?

Robin Gaddum looks at the ‘capabilities and capacity’ aspect of organizational resilience and explains why dynamic measurement is an essential requirement.

Resilience is a journey, not a destination. It is a dynamic characteristic because every organization is in a constant state of change, as are the environment in which it operates and its direct and indirect inter-dependencies with other organizations. An Organization may pursue resilience but may only be demonstrably resilient to a particular disruptive event at a moment in time.

So, how do you measure resilience? This is an important question. If you cannot measure its benefits, then making the business case for a resilience programme will be challenging. Quantifying return on investment (ROI) requires some form of measurement to show how the investment input results in valuable output. But how do you measure the unmeasurable?



After a rough year of cyberattacks and data breaches, the federal government is getting serious about protecting its sensitive information when in the hands of its contractors. As a result, contractors are being sent to the front lines of the fight.

Already, the Defense Department has imposed requirements to protect ""unclassified controlled technical information"," and it recently expanded these obligations via interim rules with immediate effect. The National Archives and Records Administration is about to complete its new regulation to better protect sensitive but unclassified federal information. The National Institute of Standards and Technology has issued new cyber protection standards intended for commercial companies. And the General Services Administration stands poised to issue new rules for schedule holders.

We are going to see new cyber protection requirements in many solicitations and contract modifications. And an unwary contractor might become a casualty when it certifies compliance, even implicitly, with "all IT security standards." For example, the second draft request for proposals for GSA's Alliant 2 subjects contractors to "all ordering activity IT security standards … and government wide laws or regulation applicable to the protection of government wide information security." How can a contractor certify before it knows what "sensitive data and information" will be part of the performance of a task order? Or even what all the standards will be? Yet if a contractor does not certify or impliedly certify, it may lose the chance to compete for award.



Wednesday, 13 January 2016 00:00

Converging Your Way to a New Data Center

Vested interests in the IT industry have a lot riding on the hope that the enterprise will want to keep some of its infrastructure in-house rather than push everything onto the cloud as the decade unfolds. But this is only likely to happen if on-premises hardware is low-cost, highly scalable and maintains a tight footprint.

This is why so many designers are touting converged and hyper-converged infrastructure. By filling small, modular appliances with massive computing, storage and networking capabilities, converged solutions will offer an efficient means to support critical workloads without sending data beyond the corporate firewall.

Expect CI and HCI to take the lion’s share of the IT narrative in the coming year, says NetApp’s Lee Caswell. By breaking down the barriers between servers, storage and compute, convergence not only simplifies hardware infrastructure, but makes it easier to manage as well. Admins will finally be able to shake off the tedium of hardware integration and focus on the more productive aspects of software innovation. This is why 451 Research predicts that 40 percent of enterprises plan to increase spending on converged solutions in the coming year.



One of the first use cases that most organizations have for the cloud involves some form of data protection. Rather than invest in a massive amount of infrastructure to house data that will be rarely accessed, many organizations prefer to take advantage of low-cost cloud services.

With that in mind, Quantum Corp. today extended its support for AWS with the release of Q-Cloud Protect, a virtual data deduplication appliance that serves to reduce the amount of data that organizations host on AWS. As a monthly service, Eric Bassier, director of product marketing for Quantum, says that unless AWS is actively managed, the amount of data on the cloud service can grow rapidly. Over time, the cost of hosting that data on AWS grows as well. Q-Cloud Protect is designed to reduce the amount of data on AWS by working with other data protection software from Quantum on AWS to identify data that is duplicated, says Bassier.

Bassier notes that over an extended period of time, storing data on AWS and other public clouds can wind up being more expensive than hosting it locally. For that reason, many organizations prefer to archive data in a public cloud, while using data protection software to store a copy of their more recent and important data locally. That hybrid cloud approach frequently eliminates the need to access data in AWS in all but the most dire of disaster recovery scenarios, says Bassier. That’s critical because while storing data in AWS is relatively inexpensive, accessing that data remotely over the network is an expensive proposition. More challenging still, the amount of time it can take to pull data down from the cloud probably exceeds most organizations’ recovery time objectives.



Tuesday, 12 January 2016 00:00

The Hybrid IT Mash-up

Matt Gerber is CEO of Digital Fortress

Love it or hate it, hybrid IT is here in force and it’s here to stay. The global market for hybrid cloud computing is estimated to grow from $25.28 billion in 2014 to $84.67 billion in 2019, according to a 2015 study published by Markets & Markets. Nearly half (48 percent) of enterprise respondents say they will adopt hybrid cloud systems and services in the near future.

Public cloud purists don’t like the idea of companies taking a steppingstone approach to cloud adoption; yet the reality is, many large companies are not ready to make a wholesale change. Compliance and regulatory requirements may stand in the way, or, they have invested too much money in on-premise systems that are still business-critical and don’t transition easily to the cloud. Hybrid cloud is, for many companies, a wonderful blend of the old and the new, offering a highly practical and manageable approach to innovation. You can maintain your highly customized, workhorse ERP system inside your own data center, while adding new agile customer-facing apps to the cloud.



Organizations are moving past the hype and into actual value when it comes to big data and analytics implementation, according to a new survey by CompTIA. But challenges remain, including a skills gap and the struggle to wrangle the growing quantity of data generated.

Companies are moving to the next stage with big data -- past the hype and into broader adoption. But new challenges are on the horizon, such as how to master all that data. Those are a couple of several key findings in a recent Computing Technology Industry Association (CompTIA) study.

The industry organization surveyed 402 IT professionals for the report released in December and found that 72% of respondents said big data projects had exceeded their expectations, and about 75% said their businesses would be stronger if they could harness all of their data.



Tuesday, 12 January 2016 00:00

Revive Your PC or Mac with an SSD

SSD hard drive technology is extremely fast in terms of reading data. It can either optimise a PC that is usually dedicated to video games with premium features, such as 4K or 3D, or revitalise an old PC or Mac. Most importantly, the computer can be adapted to accommodate a standard 3.5″ desktop or a 2.5″ laptop hard drive.

What is the procedure to be followed?

Changing a hard drive requires several steps. It can be done by yourself or by a professional. There are several things you should know before having a go at this task, in particular, including software that allows copying from one hard drive to another if you want to keep your regular working environment. In addition, you may need more specific software if you intend to copy a Macintosh hard drive (a PC can copy Macintosh hard drives) because the purpose of the drive-to-drive copy is that the software knows how to copy correctly the so-called partitions.

In the case of Macintosh, these are partitions of the HFS+ type, while Windows partitions are of the NTFS type. Generally, it is best to have a desktop PC running Windows (7, 8 or 10) to perform the operation because you may actually use the original PC drive to work with the copying software. This is then used to copy to the replacement drive or to copy the laptop drive to the SSD that will replace it.



Business continuity priorities don’t come much bigger than having a properly functioning supply chain. Whether an organisation is in the private or the public sector, supply chains have to work without interruption, profitably and to the satisfaction of end-customers. Over time, observations and experience have helped put together the following list of tips for BC management of this critical part of all companies. As we progress through 2016, here’s what to look out for.



Nearly four-fold increase in computing capacity to innovate U.S. forecasting in 2016


NOAA’s Weather and Climate Operational Supercomputer System is now running at record speed, with the capacity to process and analyze earth observations at quadrillions of calculations per second to support weather, water and climate forecast models. This investment to advance the field of meteorology and improve global forecasts secures the U.S. reputation as a world leader in atmospheric and water prediction sciences and services.

The computers — called Luna and Surge — are located at computing centers in Reston, Virginia and Orlando, Florida. They are now running at 2.89 petaflops each for a new total of 5.78 petaflops of operational computing capacity, up from 776 teraflops of processing power last year.

“This significant investment in our operational supercomputers equips us to handle the tidal wave of data that new observing platforms will generate and allows us to push our science and operations into exciting new territory, said Kathryn Sullivan, Ph.D., NOAA’s administrator. “The faster runs and better spatial and temporal resolution that Luna and Surge provide will allow NOAA to improve our environmental intelligence dramatically, giving the public faster and better predictions of weather, water and climate change. This enhanced environmental intelligence is vital to supporting the nation’s physical safety and economic security.”

Sullivan said the ultimate goal of investment in operational and research supercomputing capacity is to build resilient communities in the United States by arming people with reliable environmental intelligence to make good decisions, as NOAA works to build a Weather-Ready Nation.

The increase in supercomputing strength will allow NOAA to roll out a series operational model upgrades throughout 2016. For example:

  • Upgrades to the High Resolution Rapid Refresh Model (HRRR) will help meteorologists predict the amount, timing and type of precipitation in winter storms and the timing location and structure severe thunderstorms.
  • Implementation of the Weather Research and Forecasting Hydrologic Modeling System (WRF-Hydro) will expand the National Weather Service’s current water quantity forecasts at 3,600 locations to forecasts of flow, soil moisture, snow water equivalent, evapotranspiration, runoff and other parameters for 2.67 million river and stream locations across the country, representing a 700-fold increase in spatial density. This new information, provided nationally at the neighborhood scale, will enable forecasters to more accurately predict droughts and floods, and better support water resources decisions.
  • Upgrades to the Hurricane Weather Research and Forecasting Model (HWRF) will mark the first time NOAA models have had direct connections between the air, ocean and waves to improve forecasts of hurricane tracks and intensity. This upgrade will increase the number of storms NOAA can forecast for at any given time to 8.

The increase in supercomputing capacity comes via a $44.5 million investment using NOAA's operational high performance computing contract with IBM, $25 million of which was provided through the Disaster Relief Appropriations Act of 2013 related to the consequences of Hurricane Sandy. Cray Inc., headquartered in Seattle, serves as a subcontractor for IBM providing the new systems to NOAA.

NOAA’s mission is to understand and predict changes in the Earth's environment, from the depths of the ocean to the surface of the sun, and to conserve and manage our coastal and marine resources. Join us on FacebookTwitterInstagram and our other social media channels.

A new year brings new resolutions—commitments to achieve certain goals or make specific improvements.  While it’s certainly a good time for pledging to lose those few extra pounds, it’s also a great time to make resolutions for improving your business continuity communications. Maybe your mass notification program could use an improved diet and more exercise in 2016?

Feeding Your Emergency Communications System

A successful notification program starts with “feeding” the service with the right data. Accurate, up-to-date contact information is essential for effective enterprise alerting. Consider these tips for improving your notification system’s data diet:



Sticking to the rules of business continuity

Why do we have business continuity management programmes? Is it because we want to make sure our organizations are able to respond to a disruption? Probably yes! It is common sense that we would want to be prepared for any future crisis.

In some cases however, it is also because there is a legal obligation to do so. Many organizations are tightly regulated depending on what sector they are in or the country they are based, and therefore must have plans in place to deal with certain situations. Furthermore, the rules and regulations that govern us are often being revised, and sometimes it can be difficult to keep up with which ones are applicable.

There is a solution however. The Business Continuity Institute has published what it believes to be the most comprehensive list of legislation, regulations, standards and guidelines in the field of business continuity management. This list was put together based on information provided by the members of the Institute from all across the world. Some of the items may not relate directly to BCM, and should not be interpreted as being specifically designed for the industry, but rather they contain sections that could be useful to a BCM professional.

The ‘BCM Legislations, Regulations, Standards and Good Practice’ document breaks the list down by country and for each entry provides a brief summary of what the regulation entails, which industries it applies to, what the legal status of it is, who has authority for it and, of course, a link to the full document itself.

The BCI has done its best to check the validity of these details but takes no responsibility for their accuracy and currency at any particular time or in any particular circumstances.

Muda. It’s the Japanese word for waste and the enemy in modern supply chain management and manufacturing. Since the 1980s, lean thinking has revolutionized the way businesses operate by seeking to eliminate muda and free capital held in wasteful assets—that is, assets that do not add value to the overall process (e.g. excess inventory or underutilized equipment). Lean thinking is important and helps businesses to improve their processes and their bottom lines. It does however beg one key question that risk managers and business continuity professionals must ask: “how lean is too lean?” Wantonly cutting out all perceived muda to save money can actually have the opposite effect down the road. Organizations with global supply chains inherit significant risk due to the potential impact associated with a supply chain disruption.  In some cases, a disruption could threaten an organization’s ability to continue business or require large amounts of capital to recover. Organizations must fully examine their processes and supply chains to identify risk and make informed decisions on how lean is too lean.

This perspective—the third in the Risky Business Series—leverages a case study of the recent west coast dock worker strike to demonstrate the inherit risk of a supply chain that is too lean due to a virtual monopoly. This article also revisits evaluation and mitigation strategies from the first two Risky Business perspectives that organizations can use to reduce risk to an acceptable level.



Andres Rodriguez is CEO of Nasuni.

Two seemingly incompatible forces have collided in the enterprise over the past few years. The standard approach to storing and protecting files has come into direct conflict with the employee’s demand for mobile access to data. Employees want their files no matter where they are or what device they happen to be using. And they have proven that they’ll do anything to get those files, even if it means circumventing IT departments and all their carefully constructed security and enterprise controls.

So, how should enterprises extend employees the mobile access they demand without sacrificing performance and access for control, security and compliance? Most providers have approached this problem from one of two directions – consumer file sharing or enterprise storage.



Time Warner Cable (TWC) has reported the email addresses and passwords of up to 320,000 of its customers may have been compromised.

And, as a result, TWC tops this week's list of IT security newsmakers to watch, followed by Uber, WhatsApp and the Internal Revenue Service (IRS).

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:



Defining your data via data discovery and classification is the foundation for data security strategy. The idea that you must understand what data you have, where it is, and if it is sensitive data or not is one that makes sense at a conceptual level. The challenge, as usual, is with execution. Too often, data classification is reduced to an academic exercise rather than a practical implementation. The basics aren’t necessarily simple, and the existing tools and capabilities for data classification continue to evolve.* Still, there are several best practices that can help to put you on the road to success:



The National Capital Region (NCR), a collection of 18 sovereign jurisdictions including DC and parts of Maryland and Virginia, is responsible for promoting a safe environment for over five million residents. Equally important, NCR needs to communicate securely and effectively to their resident-base during both emergencies and non-emergency events.

After 10 years with the same notification system, NCR was looking for additional technology.  They turned to Sulayman Brown of Fairfax County for help. Sulayman, who is the Assistant Coordinator for the Fairfax County Office of Emergency Management, led the team charged with identifying and implementing a technology that could facilitate communication within and between jurisdictions.

We recently sat down with Sulayman who took us through the selection and implementation process and then described the system usage, not only for Fairfax County but for NCR as a whole.  Sulayman detailed the challenges the team faced throughout the entirety of the project, as well as the lessons learned.



Monday, 11 January 2016 00:00

Avnet CIO: Put Business At The Center Of IT

As an IT and electronics distributor, Avnet is in a unique position to view the trends driving the technology industry. It's also in the position of implementing those trends itself, including cloud computing and customer self-service. Here's how CIO Steve Phillips aligns IT with business at Avnet.

The giant tech distribution companies that serve as conduits between technology buyers and sellers are uniquely suited to observe trends in the IT space. Distributor Avnet's vantage point offers a particularly broad view, because it serves not only the IT market -- its Technology Solutions market -- which is in the midst of a big transformation to digital business, but also the Electronics Marketing business, serving the component market, which has gained more visibility with the rise of the Internet of Things (IoT).

And Avnet is not simply witnessing the transformation of the tech market, it's experiencing it, too.

Avnet CIO Steve Phillips, who also serves as a member of the InformationWeek Editorial Advisory Board, is driving that transformation within the distribution company by aligning his IT organization with the goals of the overall business. It's not a job he started yesterday, either. He's been in the role for 10 years at this $27.9 billion company, which has 19,000 employees in 90 countries.



(TNS) - The ranking member on the congressional committee overseeing the American Red Cross wants answers to how the organization's West Virginia chapter responded to several natural disasters in the state.

A letter, sent by Rep. Bennie Thompson, D-Miss., presses the organization's CEO Gail McGovern on how layoffs and cutbacks have affected its ability to respond to disasters. Thompson, the second-highest member sitting on the House's Homeland Security Committee, specifically asked about the effects on West Virginia and California.

Heavy criticism is aimed at the organization's national office in Washington, D.C., as McGovern leads the Red Cross through unprecedented cuts in both services and manpower while focusing more attention on fundraising. As a result, local emergency officials, not-for-profits and people closely associated with the regional chapter said services have declined drastically.



Monday, 11 January 2016 00:00

Who May Buy Verizon’s Data Centers?

While officially Verizon remains quiet about the alleged auction for its massive data center portfolio, the report that it is looking to offload some $2.5 billion worth of data centers isn’t far-fetched.

Other telecoms too have realized they aren’t prepared to spend as much as they learned was necessary to grow a data center business and stay competitive. This is generally considered a good time to sell, and at least some of the data centers in Verizon’s portfolio are highly valuable from a strategic point of view. There are plenty of companies that could benefit from taking them over, given that the price is right.



Monday, 11 January 2016 00:00

5 Steps To Good Social Media Governance

“How can compliance officers meet the challenge of building good governance in a world where new communications are consistently emerging?” asked Melissa Callison, Global Marketing and Corporate Affairs Compliance Executive of Bank of America during a recent event. Callison joined other financial services compliance professionals on a panel to discuss how to enable the business to use social media and other new forms of communications while meeting the regulatory requirements for communications with public.

In the end, it boils down to five key steps:

Clarify Everything

Callison said the first step is to define the entire social media program. Clarify the channels that you plan to use. Discover which entity of the business wants to use social media and why. Various job functions and activities within your firm may be regulated differently, so you need to know exactly who will be using social media so you may set employee use polices that comply with various rules and regulations. Build those policies by bringing the key stakeholders into the conversation to identify and mitigate risks together. These could include representatives from the business, sales, marketing, investor relations, compliance, risk, HR, Data, Security, Privacy and IT. Callison concluded by saying “good governance is really good social.”



For years, cyber security has been the province of IT specialist and technicians. Those days are long gone. If you ask a Board of Directors to identify a company’s most significant risk – cyber security is tops.

That is no big surprise. When you consider the consequences of a cyber intrusion or a more likely breach, companies suffer serious reputational and financial harm. Directors, senior executives and compliance officers should be concerned about cyber security.

But what is the role of the Chief Compliance Officer in cyber security risk management?

A CCO is not the sole owner, or even the most significant owner, of cyber security risk management. The Chief information Security Officer (CISOs) owns the risk. However, the CCO should be a strategic partner to the cyber security risk management program.



(TNS) - Lori Lawrence said she was standing in the hallway of her home near Central and Hillside on Wednesday night when the bedroom door started rattling. It was, she said, the sixth earthquake she’s felt in the past two years.

Friends filled up her Facebook feed with comments about the latest quake, which was actually two back-to-back quakes, the largest of which had a magnitude of 4.8.

It was intense enough that the city of Wichita, for the first time, sent out a team to examine whether any of its infrastructure had been affected by an earthquake. Reports had already been coming in about three water lines that had burst around the time of the quake. After a day of inspections, a few more potential cracks had turned up, including one at a wastewater treatment plant.



(TNS) - With their own muscle and help from platoons of volunteers, victims of the recent flood spent much of last week hauling soggy debris out of their homes.

Hopes for quickly repairing their lives hinge on two questions: Did they have flood insurance, and did they have enough of it?

Joe Nelson didn’t. His little wood-frame home in Eureka had 20 inches of water in the first floor. When the water went down, he called his insurance company. “They said there was nothing they could do for me,” he said.

Nelson rents the house from his 97-year-old grandfather. Nelson had a renters insurance policy, but standard policies don’t cover flood damage. To get coverage, renters must buy a separate policy.



(TNS) - The federal government's disaster relief agency has sent three officials to assist Michigan with the Flint drinking water crisis at the state's request, but Gov. Rick Snyder has not yet requested federal financial aid in connection with the ongoing public health emergency, a Michigan State Police spokeswoman said Saturday.

Rafael Lemaitre, director of public affairs for the Federal Emergency Management Agency in Washington, D.C., said on Twitter on Friday that FEMA has deployed two liaison officers to the Michigan Emergency Operations Center to provide technical assistance. A third FEMA liaison officer arrived Saturday, a state police official said.

Capt. Chris Kelenske, deputy director of emergency management and homeland security for the state police, asked FEMA on Wednesday to send the officials "to provide support if we have any questions" about the emergency response process, MSP spokeswoman Nicole Lisabeth told the Free Press on Saturday.



(TNS) - The unique topography of southern W.Va. has dictated a somewhat steady regime of flooding events.

In Logan County, the confluences of streams from Island Creek, Copperas Fork and Mud Fork into the Guyandotte River as well as myriad other streams and waterways have presented a constant challenge for residents.

Over the last year, fema.gov reports there were five disaster declarations in W.Va., and three of the five included flooding-related events in Logan County.

In response to continued problem in Logan County, local and state governments have addressed the issue with mitigation projects at Garrets Fork, Island Creek, Deskins Addition and Copperas Fork.



The city of Sacramento, Calif., is at the center of a video warning presumably posted by the hacker group Anonymous regarding an anti-camping ordinance aimed at the homeless Jan. 6.

In the roughly three-minute video, shown below, a masked figure claiming to represent the group said the city would face the “formidable talents” of its hackers unless the ordinance disallowing camping in public spaces was reconsidered.

Though the reported cases of Anonymous targeting local governments are relatively few, cities and counties nationwide have experienced similar threats over the last few years: In November of 2013, a Missouri town was singled out for the way it handled the rape investigation of two teenage girls; in December of 2014, the city of Fort Lauderdale, Fla.’s website was targeted due to laws passed around homeless behavior; and in mid-May of 2015, the Hancock County, Miss., Department of Human Services was included among threats made by the group as it pushed for reform in child protection agencies and family courts.



Friday, 08 January 2016 00:00

Big Data Is Now Key To Company Success

The manner in which businesses compete with one another and engage their customer bases has changed. While the global economy presents some unique opportunities for small to mid-sized businesses to thrive, the competition in most of these industries is at an exceptionally high level, meaning that businesses have to constantly work to maintain a competitive edge, while remaining focused on providing the optimal experience for their customers. Big data has taken on a major role in the process of equipping and preparing a business to compete, as well as providing the information that will ensure that they are able to effectively engage their customer base. Big data has become the new competitive advantage.

The Importance of Guarding Innate Vulnerabilities

The comprehensive nature of big data allows companies to guard themselves in areas of weakness. In the past, it was significantly more difficult for businesses to predict the movement and behavior of their competitors but through big data they can level the playing field by providing a wealth of data to project behavior. Large pools of data can be compiled to create a predictive system that can identify patterns allowing businesses to make better decisions.



FEMA Releases Severe El Nino Disaster Response Plan For California, Arizona, Nevada
Combined Federal, State task force to meet today at Governor’s Office of Emergency Services

SACRAMENTO, Calif. --  The FEMA Region 9 office, in Oakland, CA has established an El Niño task force charged with preparing the regional office and its partners for the impacts of El Niño.  Today, the FEMA Region 9 Office released its Severe El Nino Disaster Response plan and will convene a regional interagency steering committee meeting in Northern California to exercise the plan.

The task force has evaluated the core capabilities needed to prepare for, respond to, recover from and mitigate against any El Niño related incident that occurs across the office’s area of responsibility. The task force has developed an Executive Decision Support Guide, or response plan, and an interactive flood decision support tool to enhance the regional office’s ability to respond to potential El Niño flood events during the winter of 2015-2016. The plan seeks to align actionable decision points that provide critical information that leaders need to make informed decisions by determining the hazard level potentially impacting lives, public health, safety, property, and critical infrastructure.

The objectives of the task force developed in the plan:

  • Establish actionable processes and procedures to identify the location, potential impacts, and probability of occurrence of natural hazards
  • Identify key at-risk populations, critical facilities and natural/cultural resources
  • Identify gaps in core capabilities needed to overcome the threat
  • Develop key messages to motivate partners to prepare and act

The task force consists of subject matter experts from the FEMA Region 9 office as well as other federal, state, local, tribal and community partners.

"California is at risk for many types of disasters,” said Mark Ghilarducci, Director of the Governor’s Office of Emergency Services.  “These joint exercises with our partners allow us to prepare for and respond to emergencies.”

“Utilizing a ‘whole community’ approach to emergency management reinforces the fact that FEMA is only one part of our nation’s emergency management team,” said Bob Fenton, FEMA Region 9 Administrator. “The exercise gives us an opportunity to learn from each other, and from the experts in the areas where solutions will come from.”

“There aren’t many types of disasters capable of impacting all Arizonans, but a strong El Niño could cause flooding, evacuations and power outages anywhere (and everywhere) in the state,” said Arizona Department of Emergency and Military Affairs Deputy Director Wendy Smith-Reeve. “It takes a team effort to plan for, respond to and recover from the kinds of widespread consequences being talked about, which is why we’re invested in the education and training of and outreach to the whole community.”

FEMA recognizes that a government-centric approach to emergency management is not adequate to meet the challenges posed by a catastrophic incident.  Utilizing a “whole community” approach to emergency management reinforces that FEMA is only one part of our nation’s emergency management team.

The El Nino task force has focused on interpreting data in areas of California, Arizona and Nevada that have proved historically vulnerable in order to develop risk projections of current El Niño events.  It is through this assessment the task force seeks to determine the critical decision points needed by senior leaders during all phases of an incident from pre-incident, incident onset, through response and recovery.

Today, the FEMA Region 9 Office will participate in a Rehearsal of Concept (ROC) exercise with its disaster response partners to exercise the response plan and its flood decision support tools.  During this exercise, participants will identify issues, gaps and shortfalls that will be incorporated to enhance the plan’s utility.  The task force will leverage best available data from predictive modeling and other analytical tools to keep senior decision makers informed throughout potential El Niño events.  The efforts undertaking by the task force during the ROC will enable the FEMA Region 9 Office, its partners and ultimately the disaster survivor to make intelligent decisions for any El Niño related event.

(TNS) -- Virginia Beach could soon be up in the air.

The city is considering buying drones to help find missing children, respond to disasters and locate distressed boaters.

The Police Department as well as others in the city would be able to use the devices, Deputy Chief Tony Zucaro said Tuesday during a presentation to council members .

Drones might be new technology for the area, Zucaro said, but many cities already use them.

By the end of 2013, the Federal Aviation Administration had approved 550 applications to fly drones, according to the agency’s website.



In recent hearings on Capitol Hill, Congress pushed the Small Business Administration (SBA) for its cybersecurity failings. Lawmakers claim that SBA isn’t following recommendations made by the Government Accountability Office to put more emphasis on cybersecurity. As the House Small Business Committee reported:

Until SBA fully implements all of the required IT management initiatives, the agency cannot provide reasonable assurance that its IT investments are cost-effective, meet agency goals, or are effectively managed.

I understand the concern. After all, look at the fallout from the Office of Personnel Management (OPM) breach. Victims of that breach go well beyond government employees and contractors. (One of my holiday “gifts” was the formal letter from OPM telling me that my personal information was compromised, but I’m not a government employee or contractor. However, my personal information was required as part of someone else’s background check. You see how these breaches can spread well beyond the anticipated borders.) We also know that government agencies overall aren’t doing a good enough job with cybersecurity from multiple breaches over the past couple of years. So no, it doesn’t make sense that the SBA isn’t doing enough to meet standards set in September – unless there are budget issues, which seems to be the primary stumbling block for so many organizations.



Friday, 08 January 2016 00:00

Data Security Needs To Improve

2015 was very much the year when the media woke up to the potential damage that data theft can bring for consumers and businesses.

The most covered hack was the Ashley Madison hack, where 32 million users had their details stolen. This was more than simply their credit card numbers and addresses, as it included extremely personal aspects such as fetishes and what they were looking for in a partner. When the hacker's demands were not met and the information was made public, the damage went far beyond financial loss - there have been reports of divorces, loss of reputations and at least two reports of suicides.

Ashley Madison may have been the most high profile leak, but the larger and potentially more serious hacks at Anthem saw 80 million people having their records stolen from the medical insurer. Although the number of people affected was astronomical, arguably the most serious was Carphone Warehouse, where 2.7 million customer had their personal details and credit card information leaked.

These kinds of hacks are not only happening at irresponsible companies. The Office Of Personnel Management had a significant breach, and according to Reuters - 'said data stolen from its computer networks included Social Security numbers and other sensitive information on 21.5 million people who have undergone background checks for security clearances.' This is perhaps some of the most personal and important data that can be stolen, potentially leaking the (remove) information of some of the most important and powerful people in the US.



Friday, 08 January 2016 00:00

Why Working Sets May Be Working Against You

Lack of visibility into how information is being used can be extremely problematic in any data center, resulting in poor application performance, excessive operational costs, and over-investment in infrastructure hardware and software.

One of the biggest mysteries in modern day data centers is the “working set,” which refers to the amount of data that a process or workflow uses in a given time period. Many administrators find it hard to define, let alone understand and measure how working sets impact data center operations.

Virtualization helps by providing an ideal control plane for visibility into working set behavior, but hypervisors tend to present data in ways that can be easily misinterpreted, which can actually create more problems than are solved.



The flooding  in the UK during Christmas of 2015 has been truly saddening. Many people losing homes, livelihoods and irreplaceable mementoes. While the political world points fingers at one another they seem to forget that people, like you and I are caught up in all of this. Worst of all storm Frank is moving in as I write this on the 29th of December 2015. This is expected to bring more heavy rain and with that, more flooding. With the water courses already at capacity it is a prediction that will most likely come true.

On the 29th I was finally able to catch up with a few of my friends from the affected areas to get their thoughts on how they were coping and if I could offer help. First and foremost I’m happy to say everyone is well and safe.

The overwhelming message I received was that no one knew what was going on. There was no communication to tell people to evacuate. Or areas that were given a risk level in the morning, were revised later in the day and the residents didn’t get the updated message. For example, an area deemed as low risk just outside of Blackburn unexpectedly flooded. This left a young man with health issues marooned in his home with no idea what to do. “We were told it was safe and nothing more, we did not know what to do when the river burst its banks”. This is a story that is repeating its self over and over again.



A broad ensemble of very rare, but extremely high impact, events have the potential to cause wide-area devastation. However, they are normally ignored in contingency plans, being written off as too unlikely, or too difficult to prepare for. This attitude, while understandable, adds to the risk as, although rare, these events will occur at some point: and it is as likely to be this year or this decade as it is to be hundreds of years into the future.

A report published last year looked in detail at the risks of such extreme events and made proposals for preparations that could be made to increase the chance of community and organizational survival.

Extreme Geohazards: Reducing the Disaster Risk and Increasing Resilience’ was a joint initiative by the European Science Foundation (ESF), the Group on Earth Observations (GEO) and the Geohazard Community of Practice (GHCP). It addresses several types of geohazards, but puts special emphasis on the impending risk of catastrophic effects on populations and infrastructures should our growing and increasingly interconnected modern society be exposed to a very large volcanic eruption. The paper highlights the urgency of establishing an effective dialogue with a large community of stakeholders in order to develop robust risk management, disaster risk reduction, resilience, and sustainability plans in the coming years and decades.



Corporate policies on anything from safety to ethical sourcing are all about rules. Do this; don’t do that! Often created from the experience of everything that went wrong in the past, policies can soon turn into large, unwieldy documents. IT security also has its rules, some of them born of common sense, others of past problems. These rules for checking attribution of user access rights, encrypting data volumes and similar precautions, can easily mount into the hundreds. Some cloud services vendors now make rules-based management services part of their offering to customers, but with a key advantage that sets them apart from those other chunky policy documents that managers must cope with.



More Californians Preparing For Severe El Nino Flood Risk:  Residents Purchase 28,000 New Flood Insurance Policies in California
28,084 New National Flood Insurance Program Policies Purchased in California since August

OAKLAND, Calif. – The Federal Emergency Management Agency (FEMA) today released new data on

National Flood Insurance Program (NFIP) Policies, showing an increase of more than 20,000 new NFIP Policies written in California during the month of November 2015.

There is a 30 – 90 day waiting period for new policies to be reported to FEMA and the latest available data, released today, shows an increase of 28,084 new flood insurance policies purchased in California from August 31 – November 30, 2015.

“Flooding is the most costly and devastating disaster we face as a nation,” said FEMA Region 9 Administrator Robert Fenton.  “The major increase in flood policies show Californians are taking the threat seriously and taking powerful steps to protect their families and property.  Those who may need and not have a flood policy should act today, as policies generally take 30 days to go into effect.”  

The 12% increase is the first of its kind in recent history.  The previous reporting period showed that policies increased 3% from August 31 to October 31.  During that timeframe, 7,181 new federal flood insurance policies were written in California.   

“We are encouraged by the number of Californians that are becoming financially prepared for the flooding that is expected from El Nino,” said Janet Ruiz, California Representative for the Insurance Information Institute.   “It is crucial to protect our families and homes by preparing for catastrophes ahead of time.”

FEMA administers the National Flood Insurance Program (NFIP) and works closely with more than 80 private insurance companies to offer flood insurance to homeowners, renters, and business owners.  In order to qualify for flood insurance, the home or business must be in a community that has joined the NFIP and agreed to enforce sound floodplain management standards.

Flooding can happen anywhere, but certain areas are especially prone to serious flooding.   Many areas in California are at increased flood risk from El Niño, as a direct result of wildfires and drought.

  • Residents should be aware of a couple things:
    • You can’t get flood insurance at the last minute. In most cases, it takes 30 days for a new flood insurance policy to go into effect. So get your policy now.
    • Only Flood Insurance Covers Flood Damage. Most standard homeowner’s policies do not cover flood damage.
    • Get all the coverage you need.  Your agent can walk you through the policy.
  • Know your flood risk.  Visit FloodSmart.gov (or call 1-800-427-2419) to learn more about individual flood risk, explore coverage options and to find an agent in your area.
  • Flood insurance covers flood, but there are other affects from flooding that may apply to you.   Damage from mudflows is covered by flood insurance; damage from landslides and other earth movements is not.   Speak to your agent.

NFIP is a federal program and offers flood insurance which can be purchased through private property and casualty insurance agents.  Rates are set nationally and do not differ from company to company or agent to agent.  These rates depend on many factors, which include the date and type of construction of your home, along with your building's level of risk.

FEMA’s Region 9 office in Oakland, CA has established an El Niño Task Force and is working with the California Office of Emergency Services with the mission of preparing the Region and its partners for the impact of El Niño.  The task force is evaluating the core capabilities needed to protect against, mitigate, respond to, and recover from any flooding that occurs across the region this winter.  Last month, the FEMA Region 9 Office released its Draft Severe El Nino Disaster Response plan and convened a regional interagency steering committee meeting in Northern California to exercise the plan.

FEMA recognizes that a government-centric approach to emergency management is not adequate to meet the challenges posed by a catastrophic incident.  Utilizing a “whole community” approach to emergency management reinforces that FEMA is only one part of our nation’s emergency management team.

Visit Ready.gov for more preparedness tips and information and follow FEMARegion9 on Twitter.

By Ben J. Carnevale, Managing Editor

An emergency management plan is a course of action developed to mitigate the damage of potential events that could endanger an organization’s ability to function.

And, if your organization’s disaster preparedness team has had a difficult time getting the attention of upper management to support and fund your recommended initiation, evaluation and implementation of that plan …. then you might well have encountered a normalcy bias behavior from upper management.

For example, if that upper management team in the situation expressed above does not really believe that disasters may not be as much of a threat to the organization than your team does, then management may well be assuming that its current state of preparedness is just fine.

Thursday, 07 January 2016 00:00

CyberSecurity Trends for 2016

Cyber-security continued to be a key area of concern and struggle among organizations of all sizes in 2015, and, to no one’s surprise, cyber security related activities are going to most definitely affect many in 2016.
From its presence in the board room to political campaigns, cybersecurity related activities will continue to dominate tech news and trends in 2016. Organization leaders and the IT teams they oversee should continue to dedicate time to better understanding cybersecurity risks and solutions in the year ahead.
With the cybersecurity landscape constantly evolving, security and preparedness requirements and protection solutions must remain constantly vigilant and ready to match, if not anticipate, the cyber-attacker’s next moves.


Each week over 1 million people move into a city. Never before have the requirements for protecting citizens, property and infrastructure been more pressing. Sophisticated, applied technology can yield insights that shorten the cycle from incident to resolution. This infographic highlights several surprising statistics about topics ranging from weather forecasting to the average cost of crime.

Key Data Points

  • $9.6 billion in lost sales, jobs and investment in Mexico, due to urban crime and violence
  • 38% of security leaders, worldwide, believe a cyber attack will soon damage national infrastructure
  • $3257.20 The average cost of crime per US taxpayer
  • $300 billion in annual average global economic loss from natural disasters
  • $10 billion in estimated costs from cyclone Haiyan in the Phillippines
  • 9 of 10 public emergency calls in Nairobi go unanswered



The architecture of data centers and network infrastructure is undergoing a major transformation driven by mobility and accelerated by the Internet of Things. At a macro level, rather than seeing the need for 50 servers in one data center in the middle of nowhere, we are seeking out servers in 50 data centers very close to the edge.

The advancements in technology and platforms, as well as advancements in the broadband infrastructure, is also contributing to this transition. With more broadband networks being deployed and computing platforms advancing, pricepoints for outsourcing are decreasing. The fact that outsourcing eliminates the need to staff multiple environments makes it an even more attractive option.

The requirements in the smaller markets are similar to those in Tier-1 markets. For a third-party data center provider, it’s a very capital-intensive business. There has been so much demand, focus and investments in Tier-1 markets that Tier-2 or smaller markets are largely ignored. However, you’re going to start seeing a shift in focus into these smaller markets.



As the first of this year’s El Niño storms hits California, the state’s biggest city has launched a map to keep citizens up to date and help guide them to resources they might need in case of flooding.

The City of Los Angeles Information Technology Agency’s “El Niño Watch” website shows users a map of the county, including a layer showing rainfall severity and pins that show where residents can find sandbags, shelter, hardware stores and other resources. The map also lets users know the status of power outages and shows traffic alerts.

According to The Los Angeles Times, Tuesday's storm is already causing some flooding around the city.

The application runs in Google Maps, allowing users to plug in directions to pins on the map into smartphones.



What do chief information officers (CIOs) and IT managers expect from a managed service provider after a sale is completed?

A new survey from JDL Technologies, a Fort Lauderdale, Florida-based MSP, highlighted customer expectations for MSPs after the sale. 

JDL Technologies found 52 percent of CIOs and IT managers cited responsiveness as their top expectation after a sale is completed, and 49 percent named the ability to resolve issues quickly as a major priority.



Wednesday, 06 January 2016 00:00

Data Center Design: Which Standards to Follow?

The data center is a dedicated space were your firm houses it’s most important information and relies on it being safe and accessible. Best practices ensure that you are doing everything possible to keep it that way.

Best practices mean different things to different people and organizations. This series of articles will focus on the major best practices applicable across all types of data centers, including enterprise, colocation, and internet facilities. We will review codes, design standards, and operational standards. We will discuss best practices with respect to facility conceptual design, space planning, building construction, and physical security, as well as mechanical, electrical, plumbing, and fire protection. Facility operations, maintenance, and procedures will be the final topics for the series.

Following appropriate codes and standards would seem to be an obvious direction when designing new or upgrading an existing data center. Data center design and infrastructure standards can range from national codes (required), like those of the NFPA, local codes (required), like the New York State Energy Conservation Construction Code, and performance standards like the Uptime Institute’s Tier Standard (optional). Green certifications, such as LEED, Green Globes, and Energy Star are also considered optional.



The data loss

An American producer of construction materials received a big surprise when he opened a virtual tape library and noticed that the Commvault Media Agent database file was corrupted and all of the content was gone. The virtual tapes and the files stored in the Media Server were still intact, but they were not accessible via the Commvault Media Agent. The data storage solution of the client consisted of the Commvault Server and the Media Agent under the Commcell management system. Commvault Simpana 9 was the tool of choice for backup and archiving.

Initial attempts proved futile

Specialists from the Commvault support tried to retrieve the missing files from the volume of the Media Agent, which was located on a Dell MD 1200 storage system, using the Commvault Explorer Tools. But their effort to get the data this way proved to be unsuccessful. More than 3,500 virtual tapes and 25 tape sets were initially lost and because of that more than 230 million data were no longer accessible. In this situation, the Commvault specialists turned on Kroll Ontrack for help.



Wednesday, 06 January 2016 00:00

The top issues for cyber security in 2016

Imperva has made five predictions for what the main 2016 information security trends will be. The predictions come from an analysis of the data collected by its products in installations around the world, as well as from working closely with over 3,500 customers from across many verticals. 

The 2016 predictions are:



Communities weighing choices for capital improvement projects intended to improve their resilience to severe weather, wildfires, earthquakes, or other types of hazards now have a new guide to help them sort through the costs and benefits of each when deciding which investment is best for their particular circumstances.

Prepared by US National Institute of Standards and Technology (NIST) economists, the ‘Community Resilience Economic Decision Guide for Buildings and Infrastructure Systems’ details steps for evaluating the economic ramifications of contemplated resilience investments as well as the option of maintaining the status quo.

NIST's Community Resilience Planning Guide for Buildings and Infrastructure Systems lays out a six-step process to help communities improve their resilience by setting priorities and allocating resources to manage risks for their prevailing hazards. The new economic guide focuses on step four, plan development.

To download the Community Resilience Economic Decision Guide for Buildings and Infrastructure Systems, go to: http://dx.doi.org/10.6028/NIST.SP.1197

By: Kathryn Landis

Don’t get caught winging it! Follow these tips for a safe and healthy winter.

As the temperatures get colder, make sure you know how to stay warm. Wear warm winter clothes and plenty of extra layers, and listen for radio or television reports of travel advisories issued by the National Weather Service.

Play it Safe Outdoors  

Penguin sliding on ice

Unfortunately, we don’t have downy penguin coats to keep warm. When going outside, do not leave areas of the skin exposed to the cold. Learn to recognize the symptoms of hypothermia and frostbite.

When exposed to cold temperatures, your body begins to lose heat faster than it can be produced. Prolonged exposure to cold will eventually use up your body’s stored energy. The result is hypothermia, or abnormally low body temperature. Body temperature that is too low affects the brain, making the victim unable to think clearly or move well. This makes hypothermia particularly dangerous because a person may not know it is happening and won’t be able to do anything about it. Victims of hypothermia are often elderly people with inadequate food, clothing, or heating, babies sleeping in cold bedrooms, and people who remain outdoors for long period.

Warnings signs of hypothermia include shivering, exhaustion, confusion, fumbling hands, memory loss, slurred speech, and drowsiness. If you notice any of these signs, take the person’s temperature. If it is below 95°, the situation is an emergency—get medical attention immediately.

Visit CDC’s Outdoor Safety page for more information

Driving in a Winter Wonderland

Driving in severe winter weather can be dangerous and lead to accidents. Be sure to prepare a winter emergency kit for your car.  Include blankets, a flashlight, a shovel, an ice scraper, water and snacks, and a first aid kit. Make sure your car is serviced and has a full gas tank before a storm. Consider signing up for an all-weather driving course in your area to practice winter driving skills, and know what to do if you ever become stranded in your car.

penguin huddle

Stay Warm and Save $$$

Huddling is great, but may not be enough to keep you warm when winter weather hits. Learn how to prepare your home for winter weather and save on your electricity and heating bills. Insulating walls and attics, and putting weather-strips on doors and windows keeps heat inside and maximizes warmth.

Handle Heating Equipment Safely

When you need to warm up, take proper precautions and review instructions before handling heating equipment and fires. Have your heating system serviced by a qualified technician every year. Make sure fireplaces, wood stoves, and other combustion heaters are properly vented to the outside. Never leave children unattended near a space heater. Learn more by reading CDC’s Indoor Safety Guide.

Don’t Forget Your (Other) Furry Friends

walk like a penguin

If you have pets, make sure to bring them indoors. If you cannot bring them inside, provide adequate shelter to keep them warm and make sure they have access to unfrozen water.

Stay Chill around Ice

Walking on ice is dangerous and can cause serious falls on driveways, steps, and porches. Use rock salt or sand to melt the ice on driveways and sidewalks.If walking on ice can’t be avoided, walk like a penguin! Bend your back slightly and point your feet out – this increases your center of gravity. Stay flat-footed and take small steps or even shuffle for more stability. Keep your arms out to your sides to help balance.

Support Each Other

Holding Hands Penguins

Although it’s best to not leave the nest when severe winter weather hits, maintain your support network by checking in with family, friends and neighbors. Your neighbors might need extra help before and after a winter storm, so check in to make sure everyone is okay and has adequate heat. Use CDC’s PSAs and Podcasts to help spread winter preparedness messages. We’re all in this together!

Know how to prepare your ‘nest’ for upcoming winter weather using CDC’s Winter Weather Checklists.

Apple has filed for approval to build another massive data center campus adjacent to the existing Apple data center site in Reno, Nevada, local officials told the Reno Gazette Journal.

Codenamed “Project Huckleberry,” the plans call for a new shell with multiple data center clusters and a support building. Its design is similar to the company’s existing campus at Reno Technology Park, called Project Mills.

Mills isn’t fully built out yet, and when it is, it will consist of 14 buildings, totaling more than 400,000 square feet.

Apple applied for a permit to build a new 50 MW electrical substation at the site last year to support its growth in Reno. The campus is currently being served by a 15 MW feed from the utility NV Energy, according to the Gazette Journal.



Switch, operator of the massive SuperNap data center campus in Las Vegas, has signed its second solar power purchase agreement, which will ensure all of its Nevada data centers are fully powered by renewable energy.

The company announced last year an agreement to buy energy generated by a 100 MW solar farm in southern Nevada and made a commitment to powering its data centers 100 percent with renewable energy, as it became one of the first two data center providers to join the White House-driven climate pledge for the private sector. Switch signed the second PPA, for energy from an 80 MW solar project that’s also being built in southern Nevada, in December.

The company doesn’t disclose how much power its data centers consume. However, according to Adam Kramer, executive VP at Switch, the 180 MW in capacity it has contracted for will be enough to offset consumption of its existing Las Vegas campus as well as the new one it is building near Reno, Nevada, where the anchor tenant will be eBay.



Wednesday, 06 January 2016 00:00

Oil, Gas, Big Data and Big Changes

As gas prices have been falling steadily, many might begin to wonder if it's just the season, or if there's more going on with the man behind the curtain. And in fact, there is. As we see gas and oil prices plummet it's not just because the summer and fall traveling seasons are over. Instead, it's because gas and oil companies are beginning to turn to big data to help save on costs and get the most efficiency out of the oil infrastructure.

The term 'big data,' when applied to the oil and gas industry, describes large quantities of data coupled with increasing diversity and rate. Collecting and analyzing huge quantities of data rely on VSAT services to store and scrutinize the result. VSAT (Very Small Aperture Terminal) is an acronym for a satellite based communications system that is utilized for business. Because the large oil and gas corporations must determine where to drill new wells and avoid environmental concerns simultaneously, they are beginning to rely more on massive amounts of data to avoid risk and increase profits.



Wednesday, 06 January 2016 00:00

Web-Scale Storage: It’s Not All About Size

Bigger and faster. Those two words will be the running theme for storage infrastructure in the coming years as the enterprise steps up to the demands of Big Data, collaboration and other advancing initiatives.

But even though these two goals are relatively clear-cut, determining exactly how they are to be accomplished is still in limbo, with the biggest question remaining: Where should the bulk of storage infrastructure reside, at home or in the public cloud?

The ramifications of these decisions are already playing out in the vendor community in the form of continued consolidation. Following the much publicized merger between Dell and EMC late last year, NetApp announced an $870 million purchase of Flash developer SolidFire. Not only does this bring a scale-out, all-Flash array into NetApp’s portfolio, it also provides advanced data management and software-defined storage capabilities that will allow the company to compete more firmly for the highly dynamic data architectures that are taking hold in the enterprise and in the cloud. NetApp is already targeting web-scale applications like Hadoop and the rising tide of Dev/Ops functions that are poised to remake IT architecture.



HIPAA Secure Messaging Not Widely Adopted at Healthcare Institutions

It is a widely known fact in the healthcare industry that communication about protected health information (PHI) is not to be transmitted via unsecured devices. However, a recent study conducted by Infinite Convergence Solutions, Inc. found that 92 percent of healthcare institutions are not using HIPAA secure messaging.

“We are seeing a rapid adoption of mobile messaging in healthcare as the industry looks to work faster, improve patient care and reduce wasteful spending,” said Anurag Lal, CEO of Infinite Convergence Solutions. “The problem is that many healthcare institutions are not aware that the messaging apps and services are popular for daily personal use do not follow the administrative, physical and technical safeguards that HIPAA requires.”



Wednesday, 06 January 2016 00:00

Big Data Is Needed For Our New Urban Landscape

The concept of smart cities has been around for a while. The basis of it is simple - through using technology and data you can create a better, more sustainable urban environment.

According to the World Health Organisation, 54% of the global population live in urban areas, with the biggest growth shown in developing countries. The rate of growth is profound given that in 1960 only 34% of the global population lived in urban areas. These increases are unlikely to abate any time soon as they are predicted to be 1.84% per year between 2015 and 2020, 1.63% per year between 2020 and 2025, and 1.44% per year between 2025 and 2030.

With this kind of growth in urban areas, the pressure on almost every aspect of urban infrastructure will be significantly increased; however, through the development of so-called ’smart cities', dealing with this pressure will be much easier. The success of this transformation will generally fall to innovative data initiatives - below we have outlined some of the key areas where it will have the biggest impact.



The rise of digital has revolutionized how business work and serve their customers, but it has also added new dimensions of risk for financial services firms.  Five out of every six large companies – those with more than 2,500 employees – were attacked in 2014, a 40% increase over the previous year.  The costs of digital attacks are also increasing; the average annual cost per company of successful cyber-attacks increased to $20.8 million in financial services last year.  And many incidents go undetected for long periods of time, so the true scale of the problem is even greater.

Faced with these growing threats, banks, insurers and capital markets firms are strengthening their defenses.  But the attackers are nimble and adapt quickly to new countermeasures.  Some criminals are already inside the walls of the organization and cannot be stopped by traditional means.

Financial services firms need not only to bolster their defenses, but make themselves more resilient.  That means being better able to detect and contain cyber security breaches, to recover from them more quickly, and to maintain business continuity while suffering less operational, reputational and financial damage.



(TNS) - Monett and the railroad have a long history together.

Founded in 1887, the town was named after Henry Monett, a passenger agent for the New York Central and Hudson River Railroad Co.

It was laid out at the junction of what was then the St. Louis-San Francisco Railway Co. and a southbound branch, but apparently without much concern about Kelly Creek, which flows just north of the present railroad tracks.

That creek has been an ongoing source of trouble for Monett.



(TNS) - On the evening of April 25, 1994, Ellen Clark looked out the window of her Lancaster office and saw the sky had turned to a strange hue of green and gold.

“Somebody’s going to get a tornado tonight,” she said.

She was right. Eighteen minutes after she left her office, the building, along with the rest of Lancaster’s historic town square, was flattened by a tornado that left three dead and damaged about 700 homes and buildings.

It was one of the deadliest tornado outbreaks in recent North Texas history, before the storms last month that swept across Garland and Rowlett, killing 11 and causing an estimated $1.2 billion in damage.



Just two months ago I wrote about how the Internet of Things will fundamentally reshape the future of cyber warfare, evolving the cyber threat from simple website defacements, denial of service attacks, and data breaches, to affecting the physical world. Two weeks ago an hours-long power outage in Ukraine may have offered a preview of this new world as hackers were claimed to have disabled a portion of the nation’s power grid.

On the evening of December 23rd, power was lost across multiple cities in Ivano-Frankivs’ka oblast in Western Ukraine, leaving nearly half the region in the dark for almost six hours. While it has not yet been proven that a cyber attack was responsible for the outage, key related malware was found on the computer systems of the affected power company. More troubling, the malware in question not only had the capability to create a remote backdoor that would have allowed power to be cut off, but also included tools designed to permanently delete files and disable the hard drives of the industrial control computer systems.

Just last year was the first confirmed case of physical damage to a non-military target being caused by a cyber attack, when a German steel mill was “massively” damaged. The US Government is among many racing to develop offensive “lethal” cyber weapons designed to “trigger a nuclear plant meltdown; open a dam above a populated area, causing destruction; or disable air traffic control services, resulting in airplane crashes.”



Wednesday, 06 January 2016 00:00

The Next Energy Challenge of Computing

Computing always seems to be facing an energy crisis.

In the 1940s, mainframes were powered by power-hungry (and fragile) vacuum tubes. If you tried to make a Google data center out of early supercomputers like the ENIAC, it would consume as much energy as all of Manhattan.

Back in the ’90s and early 2000s, chip designers warned that chips could begin to emit the same amount of heat—for their size—as rocket nozzles or nuclear power plants, a trend that was stemmed with the advent of multithreaded and multicore devices.



Wednesday, 06 January 2016 00:00

Cabling solutions for tomorrow’s data center

As they become increasingly vital to the functioning of global societies and economies, the way in which data centers and networks are designed and used is changing rapidly.  The role of data centers has changed significantly in recent years. The data center is no longer a repository of huge volumes of information, but helps make all kinds of services possible. This has been triggered by a wide range of developments: the rise of ‘Big Data’, the Internet of Things, new ways of (remote) working and the rise of portable computing devices like tablets and smartphones.

Computing devices are increasingly equipped with communication capabilities. According to research firm Gartner, the Internet of Things will encompass 26 billion interconnected devices by 2020. By that time, Smart Buildings and Smart Cities will also be generating vast amounts of data. All this will lead to further changes and demands placed on data center networks and structured cabling.



Tuesday, 05 January 2016 00:00

Close of 2015 Sees More Rate Reductions

Insurers’ competition and ongoing fight for market share resulted in a composite rate down 4% in December for the U.S. property and casualty market. But while market cycles are here to stay, the current cycles are tame compared to some previous years. In 2002, there was a mean average rate increase of 30% and, in 2007, a mean average decrease of 13%, according to MarketScout.

“Market cycles are part of our life, be it insurance, real estate, interest rates or the price of oil. Market cycles are going to occur without question. The only questions are when, how much and how long.” MarketScout CEORichard Kerr said in a statement. “While it may seem the insurance industry has already been in a prolonged soft market cycle, we are only four months in. The market certainly feels like it has been soft for much longer, because rates bumped along at flat or plus 1% to 1½% from July 2014 to September 2015.” He pointed out that the technical trigger of a soft market occurs when the composite rate drops below par for three consecutive months.



If you come across the name Booz Allen Hamilton, it’s usually in connection with defense-agency IT services contracts worth tens of millions of dollars. The tech consulting and engineering giant, more than 100 years old, is primarily in the business of solving big technology problems for government agencies, although it does also work in the private sector.

What you don’t see is Booz Allen mentioned in the context of open source technology. But that’s something that may soon change, as the company’s recently formed group charged with driving the giant’s participation in the open source community picks up speed. Most of this group’s work is focused on data centers and cloud, Jarid Cottrell, a Booz Allen senior associate who leads its cloud computing and open source practice, said.

The reason Booz Allen now has an open source practice is the same reason companies like GE, John Deere, Walmart, and Target dedicate resources to open source. Like the manufacturing and retail giants, Booz Allen’s customers in government and in the private sector want to build and run software the same way internet giants like Google, Facebook, or Amazon do, and they want the kind of data center infrastructure – often referred to as hyper-scale infrastructure – those internet giants have devised to deliver their services. Market research firm Gartner calls this way of doing things “Mode 2.”



Tuesday, 05 January 2016 00:00

A new approach to business continuity…

Mel Gosling explains why he believes that business continuity needs a new way forward, and why the traditional business continuity plan no longer works for today’s organizations.

There is a growing body of business continuity practitioners that believe that a new approach to the discipline is both required and overdue. An example of this is the recent debate opened up by the publication of ‘The Continuity 2.0 Manifesto’ by David Lindstedt and Mark Armour.

I have recently added to that debate with a presentation to the November 2015 Business Continuity Institute’s BCI World conference entitled ‘The BC Plan is Dead!’, and in researching examples of companies that have stopped using traditional document based business continuity plans I have identified a set of key practices that I believe will drive the new approach. One of those companies, Marks and Spencer, gave an excellent practical demonstration at the end of my presentation of what they have managed to achieve with a new approach, ensuring that the audience understood that this is already happening and is not just a nice theory.



The Business Continuity Institute’s North America business continuity and resilience awards will take place on March 15, 2016, at DRJ Spring World 2016 in Orlando, Fla.

Entries are now open and this year’s categories include:

  • Continuity and Resilience Consultant 2016
  • Continuity and Resilience Professional (Private Sector) 2016
  • Continuity and Resilience Professional (Public Sector) 2016
  • Most Effective Recovery 2016
  • Continuity and Resilience Newcomer 2016
  • Continuity and Resilience Team 2016
  • Continuity and Resilience Provider (Service/Product) 2016
  • Continuity and Resilience Innovation 2016
  • Industry Personality 2016

The deadline for entries is February 14th 2016.

To enter, click here.

Barrels of apples can go bad, both literally and figuratively, because of just one rotten apple. The rot spreads from one apple to another until the whole barrel is infected. Not so long ago (in 2014), experts from security company ESET discovered 25,000 servers infected with malware, some of these servers being grouped together in a network and infected together. The common factor was the installation of the Linux/Ebury malware, allowing login information to be harvested and communicated to the attackers that installed the malware. According to the experts, attackers needed to compromise just one server to then gain easy access to others in the same network. But was this one bad apple – or the whole lot?



Emergency response, information technology, and healthcare communications are three scenarios in which notification systems play a critical role. Recent disasters have demonstrated the benefits of crowdsourcing during response efforts, so notification systems are leveraging this responsiveness through two-way communication technology that can both disseminate and receive information.

The critical communications world continues to evolve, resulting in users taking a closer look at their existing notification systems to determine whether they remain effective tools for communicating crucial information. However, before these systems can be assessed, it is important to first understand a few of the ways these tools are being utilized, the challenges faced within each use case, and how, as we look forward to 2016, these hurdles can be overcome.



Toyota, the world’s largest automaker, is planning to build a data center specifically to collect and analyze data from cars equipped with a new type of Data Communication Module, an upcoming feature that will enable the company’s next-generation connected-vehicle framework, which will transmit data over cellular networks.

“To build the IT infrastructure needed to support this significant expansion of vehicle data processing, the company will create a Toyota Big Data Center (TBDC) in the Toyota Smart Center,” the company said in a statement. “TBDC will analyze and process data collected by DCM, and use it to deploy services under high-level information security and privacy controls.”

Connected cars are one of the new quickly growing sources of data expected to drive growth in demand for data transmission, storage, and processing capacity, collectively referred to as the Internet of Things.



Tuesday, 05 January 2016 00:00

Cloud Services are Eating the World

Shlomo Kramer is the Co-Founder and CEO of Cato Networks.

The cloud revolution is impacting the technology sector. You can clearly see it in the business results of companies like HP and IBM. For sure, legacy technology providers are embracing the cloud. They are transforming their businesses from building and running on-premise infrastructures to delivering cloud-based services. The harsh reality is that this is a destructive transformation. For every dollar that exits legacy environments, only a fraction comes back through cloud services. This is the great promise of the cloud – maximizing economies of scale, efficient resource utilization and smart sharing of scarce capabilities.

It is just the latest phase of the destructive force that technology applies to all parts of our economy. Traditionally, technology vendors touted benefits such as personnel efficiencies and operational savings as part of the justification for purchasing new technologies – a politically correct way to refer to fewer people, offices and the support systems around them. This has now inevitably impacted the technology vendors themselves. Early indicators were abundant: Salesforce.com has displaced Siebel systems, reducing the need for costly and customized implementations; and Amazon AWS is increasingly displacing physical servers, reducing the need for processors, cabinets, cabling, power and cooling.



Tuesday, 05 January 2016 00:00

Manufacturing Vs. IT: Mind The Gap

If businesses have been automating factories since the Carter administration, why is manufacturing the last acceptable data silo in so many companies? And when will that change?

Until recently, absorbing the factory floor into the enterprise has been too expensive and complex for all but the biggest companies.

Assuming the hardware (primarily sensors) and software needed to gather, disseminate and analyze manufacturing data continues to evolve at the current pace -- a safe assessment -- the mainstreaming of manufacturing integration should occur in less than a decade.



Two texts. That’s all it takes to avoid potential stomach pains in Evanston, Ill.

Or at least, that was the goal behind an endeavor that pairs the city’s restaurant inspection scores on Yelp with text message alerts for diners. When the SMS program launched early in 2015 it was a quiet release. In fact, Erika Storlie, Evanston’s deputy manager, described the undertaking as more of a four-month side project than anything else.

The city had just completed a project with Yelp to feed restaurant inspection scores to the review site and wanted to investigate joining the scores with its 311 non-emergency texting app. The problem was, Evanston’s 311 app required a person on the other end to retrieve or record data and submit replies.



Healthcare is an industry that can benefit significantly from the use of big data and analytics, although it is currently lagging behind in terms of uptake due to the restrictive policy-driven protection that surrounds medical data.

However, as the ability to anonymize data has developed due to new technological innovations, the implementation of successful big data initiatives is likely to have an exponential effect on the industry. This data driven impact is a widely held belief too, with Health IT Analytics claiming that 95% of global healthcare leaders believe patient care is likely to change drastically.

This future may be closer than many people realize and almost every healthcare provider is utilizing data in one way or another at the moment. According to the Guardian, ‘Most healthcare organizations today are using two sets of data: retrospective data, basic event-based information collected from medical records, and real-time clinical data, the information captured and presented at the point of care (imaging, blood pressure, oxygen saturation, heart rate, etc).’ That being said, there are still several limitations to what can be done.



Much of the advice provided to automakers in a new McKinsey report has as its unspoken theme some level of information technology, including software development, data collection and analysis, and Internet of Things connectivity. In fact, the report said, software competence is becoming one of the most important differentiating factors for the auto industry, according to the report.


How automakers manufacture and sell cars has been pretty much the same for the past hundred years. That is about to change, according to a McKinsey & Co. report released today, and information technology -- particularly data collection and analytics -- will play a major role.

According to the report "Automotive Revolution -- Perspective Towards 2030," software competence is becoming one of the most important differentiating factors for the industry in areas including automobile safety systems, Internet connectivity, and infotainment. "As cars are increasingly integrated into the connected world, automakers will have no choice but to participate in the new mobility ecosystems that emerge as a result of technological and consumer trends," the McKinsey report said.



Monday, 04 January 2016 00:00

Major earthquake hits northeast India

An earthquake measuring 6.7 magnitude hit northeast India near its border with Myanmar and Bangladesh early Monday, the U.S. Geological Survey (USGS) confirmed. At least eight people were killed and 100 injured by falling debris in Imphal and elsewhere in Manipur state, police said.

The quake struck at 4:35 a.m. local time (6:05 p.m. ET on Sunday), about 20 miles northwest of Imphal, the capital of Manipur.

Media reports said five people were killed by the earthquake in neighboring Bangladesh, but there was no immediate confirmation from authorities.

Strong tremors were felt across the region, the BBC reported. Witness accounts reported a quake that was unlike anything they had felt before, NBC News reported, with residents awakened by shouting relatives and an intense shaking that lasted from 35 seconds to two minutes.



Monday, 04 January 2016 00:00

Enterprise Software Cloudification

More and more, software functions traditionally executed by the client are now pushed to the server and, moreover, to the Cloud.

One such example is media transformation, like when YouTube allows users to upload a video in one of the several formats, transforms and then serves it in number of formats and resolutions for all common video players; the resulting increase in productivity and convenience is tremendous.

Citrix is moving in the same direction and a recent XenApp/XenDesktop feature (Call Home Telemetry Service) uses Cloud-based Citrix Insight Services (CIS) to bring best experience to customers and Citrix support engineers. Here is a simplified schema of how telemetry facility is typically built:



Here are some of the most popular stories that ran on Data Center Knowledge in December.

How the Colo Industry is Changing – Customers are getting smarter about what they want from their data center providers; enterprises use more and more cloud services, and the role of colocation data centers as hubs for cloud access is growing quickly as a result; technology trends like the Internet of Things and DCIM are impacting the industry, each in its own way.

Hot Data Center Startup Vapor IO Raises First Round of Funding – Vapor IO, which came out of stealth earlier this year with a radical new design of the data center rack and sophisticated rack and server management software, has closed a Series A funding round, led by Goldman Sachs, with participation from Austin’s well-known VC firm AVX Partners.



Monday, 04 January 2016 00:00

Big Data Predictions For 2016

The hype around big data and analytics has gone through cycles over the past couple of years, starting with excitement about how much data we have and the potential for it. That moment was followed by that let-down, "now what?" feeling after organizations put the storage and tools in place and found themselves wondering what to do with it. There are so many technologies and trends to track -- machine learning, AI, advanced analytics, predictive analytics, real-time analytics, Hadoop, Spark, other Apache Foundation projects, open source, cloud-based-as-a-service offerings, self-service, and more.

Sponsor video, mouseover for sound

This past year was no exception. Everybody talks about the promise and the potential of big data. Yet there's a sense of disenchantment as CIOs search for use-cases to inspire change inside their own companies. They want to be shown, not told. They want the signal and not the noise.

We noticed that 2015 was a noisy year, and 2016 seems like it will be equally as loud. It's not something that CIOs can afford to tune out. With digital transformations and pure-play startups disrupting established industries -- Uber is the example everyone mentions first -- the pressure is on to leverage data in new ways for competitive advantage. CIOs need to straddle two different worlds -- satisfying their existing customer base while moving fast to deliver instant, data-driven services to customers, or they risk losing ground to market upstarts.



During the final quarter of 2015 Continuity Central conducted an online survey asking business continuity professionals about their expectations for 2016. Whilst many of the survey findings are similar to the same survey a year earlier, there are some interesting changes.

203 responses were received, with the majority (80.7 percent) being from large organizations (companies with more than 250 employees). The highest percentage of respondents were from the United States (35 percent), followed by the UK (33 percent). Significant numbers of responses were also received from Australia and New Zealand (10 percent) and Canada (5 percent).



Following is a summary of key federal disaster aid programs that can be made available as needed and warranted under President Obama's emergency disaster declaration issued for the State of Missouri.

Assistance for the State and Affected Local Governments Can Include as Required:

  • FEMA is authorized to provide appropriate assistance for required emergency measures, authorized under Title V of the Stafford Act, to save lives and to protect property and public health and safety, or to lessen or avert the threat of a catastrophe in the designated areas.
  • Specifically, FEMA is authorized to provide debris removal and emergency protective measures (Categories A and B), limited to direct Federal assistance, under the Public Assistance program at 75 percent Federal funding.

FEMA’s mission is to support our citizens and first responders and ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Stay informed of FEMA’s activities online: videos and podcasts available at http://www.fema.gov/medialibrary">www.fema.gov/medialibrary and http://www.youtube.com/fema">www.youtube.com/fema; follow us on Twitter at www.twitter.com/fema  and on Facebook at www.facebook.com/fema.

If you are thinking about a career change in 2016, then you might want to have a look at the burgeoning cybersecurity market which is expected to grow from $75 billion in 2015 to $170 billion by 2020.

A knack for cat and mouse play may indicate that you have an aptitude for cybersecurity. It is a field where the good guys — cybersecurity professionals — are pitted against the bad guys — cybercriminals a.k.a. hackers. Assuming you’d want to be a good guy – a career can mean a six-figure salary, job security, and the potential for upward mobility.

More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years, according to a 2015 analysis of numbers from the Bureau of Labor Statistics by Peninsula Press, a project of the Stanford University Journalism Program.



(TNS) - The year ended Thursday with the Mississippi River cresting at Alton some 3 feet short of the National Weather Service’s original prediction, a New Year’s gift to the city.

“It couldn’t have gone any smoother, with the city staff and volunteers that held it (water) back with a 1,000-foot-long wall, it was absolutely amazing,” a relieved Mayor Brant Walker said of the city’s Downtown flood containment efforts.

Walker spoke to a reporter as the river level at Melvin Price Locks and Dam 26 had stabilized at 35 feet plus varying fractions that fluctuated slightly throughout the day. The Service had kept to its prediction of 35.7 feet it made Wednesday for New Year’s Eve Day, making it the fourth-highest river crest recorded in Alton.



(TNS) - Despite extensive flooding in the St. Louis region, hospital officials say it's business as usual.

Days after intense rains, area rivers are pouring into homes and spilling onto major thoroughfares, impeding access to hospitals south of St. Louis.

SSM Health St. Clare Hospital in Fenton near Highway 141 and Interstate 44 is one of the hospitals located in an area with limited access to major highways.  

Jamie Sherman, spokeswoman for the Creve Coeur-based health system, said despite major flooding there has been no influx of patients or need for emergency services.



(TNS) - Recovery efforts continue in North Mississippi after damaging storms and tornadoes swept through the region Christmas Eve eve and Christmas Day.

As the clean-up continues, municipalities and counties across the state have shown support for the communities affected.

A group of Tupelo city officials and Mayor Jason Shelton traveled to Holly Springs Thursday morning to meet with Holly Springs Mayor Kelvin Buck, who is a Tupelo native.

The group spoke with Buck about their own experiences dealing with the aftermath of the Tupelo tornado in April 2014.



The data center has undoubtedly become much greener than it was even a decade ago. This was largely the result of fortunate circumstances: Scrutiny of IT industry power consumption habits came just as virtualization made it easier to support larger workloads with less infrastructure.

But like all initiatives, the greening of the data center must run its course, leaving one question. Has the real progress toward energy efficiency already been made, leaving only incremental gains going forward, or are new technologies waiting in the wings capable of producing equal or better improvement as we’ve seen in the past?

Looking at the numbers, it seems that green IT is only getting started. According to a new report from WinterGreen Research, the market for green enterprise solutions is approaching $70 billion, more than double that of 2009. And it isn’t necessarily new forms of data hardware like virtualization and Flash storage driving the change either, but improvements to tried-and-true platforms like the mainframe. The IBM zEnterprise 196 mainframe, for instance, is 60 percent faster than previous generations, meaning it pushes data through much quicker and uses less energy to process workloads. Also, top platforms like the new HP Integrity servers and EMC Ionix storage system are placing energy efficiency as a core attribute rather than a simple value-add.



With 2015 almost behind us, it’s time to look ahead to the amazing things that we will likely be hit upside the head with in 2016. You see, here in the tech space, we aren’t satisfied with just screwing up your work week. We want you to know that, during a time when you’d otherwise be recovering from a New Year’s hangover, there’ll be plenty of reasons to want to get drunk next year as well. So let’s look ahead to the technology wonders of 2016.

Everything You Have Is Obsolete

This, of course, is a given. Whatever the technology you were told was wonderful in 2015 will largely be obsolete and will generally suck in 2016. This is the industry’s way of letting you know that you’ll have a long and storied career defending what you bought last year against the amazing things you should have waited for this year. Aren’t you glad you are in the technology world? Don’t you envy the folks who have service jobs who typically don’t have to worry about this?



Chipotle is in the midst of a do or die crisis–well, maybe not die but suffer a long, painful recovery. I’m very curious how this will play out. How will they attempt to recover their reputation and more than that, their loyal fan base.

That is one thing I see as a real problem for them and for any company that attempts what I called earlier a holier-than-thou branding. This kind of intense brand-based loyalty, like Apple or maybe GoPro or even Starbucks, is based in part on a perceived alignment of personal values. Apple’s values are still linked in many ways to the 184 ad that set the tone for the company even though it is likely that few current Apple buyers have ever even seen the ad.

Chipotle was working hard to tie in to the healthy food values of the majority of Millenials and had earned high marks and strong loyalty based on those values–even though many of their “integrity” claims such as not using GMOs were questionable. While many believe (without much factual basis in my humble opinion) that the buy local and other integrity strategies results in healthier food, Chipotle is causing some deep questioning of that. Truth is, our traditional food production system is subject to the highest levels of scrutiny and inspection. Farmer’s market food isn’t. That’s an uncomfortable truth to many promoting healthy foods.



Monday, 04 January 2016 00:00

FEMA: Help Us Help You

SACRAMENTO, Calif. – The California Governor’s Office of Emergency Services (Cal OES) and the Federal Emergency Management Agency (FEMA) continue working together to help survivors of the Butte and Valley wildfires. More and more survivors continue to find temporary housing accommodation; as they do, they should continue to stay in touch with FEMA.

FEMA’s Individual and Households Program – which includes rental assistance and Manufactured Housing Units – is intended as a temporary solution to help bridge the gap for survivors until they can find a permanent housing solution.

Wildfire survivors and their families eligible for and living in temporary housing as of Dec. 28, 2015:

  • 838 households are receiving rental assistance.
  • 31 households have received Manufactured Housing Units.

Additionally, 521 households have been able to remain in their homes thanks to financial assistance that pays for home repairs or to replace necessary household items so they can remain safely at home.

There are 37 households using the Transitional Sheltering Assistance program, which offers temporary sheltering at hotels and motels for eligible applicants until they secure alternative housing accommodations.

 As a reminder, survivors who registered for housing and other federal assistance should keep in touch with FEMA and keep their contact information current, especially if they have changed their phone number, email address or mailing address.

FEMA may need to contact survivors for a number of reasons and without current contact information, the agency will not be able to reach them. After several attempts, cases are put on hold until the survivor contacts the agency.

Applicants can track their case status and should notify FEMA if they receive insurance settlements or discover additional damage.

How to stay in touch with FEMA:

  • Go to www.DisasterAssistance.gov.
  • Dial the FEMA Helpline at 800-621-3362 or (TTY) 800-462-7585.
  • For those who use 711 Relay or Video Relay services, call 800-621-3362.
  • These toll-free numbers are operated from 6 a.m. to midnight daily.
  • Multilingual phone operators are available on the FEMA Helpline. Choose Option 2 for Spanish and Option 3 for other languages.

In addition to temporary housing programs, these services remain available to survivors:

  • Crisis Counseling services provided through the Calaveras and Lake County Mental Health Departments. Crisis Counseling is designed to help both children and adults cope with the emotional stress associated with a disaster. 
    • Call the Calaveras County Mental Health Crisis Hotline: 800-499-3030 (the main office number is 209-754-6525).
    • Reach the Lake County Mental Health Crisis Hotline by calling 800-900-2075.
  • Disaster Legal Services (DLS) are provided to survivors free-of-charge through the Young Lawyers Division of the American Bar Association. Legal advice is limited to cases that will not produce a fee. Services include assistance with insurance claims, advice on landlord/tenant disputes, home repair contracts and contractors, mortgage-foreclosure issues, assisting in consumer protection matters, guidance on replacement of wills and other important legal documents. Disaster Legal Services can be reached at 800-657-0479 between 9 a.m. and 9 p.m., Monday through Friday. For TTY, dial 711.

For more information on California’s wildfire recovery, visit: Cal OES and http://www.fema.gov/disaster/4240. Follow us on Twitter @femaregion9 and @Cal_OES and on Facebook at https://www.facebook.com/FEMA and https://www.facebook.com/CaliforniaOES.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

Last Updated: 
December 30, 2015 - 16:34
State/Tribal Government or Region: 

If the cloud didn’t exist, disaster recovery experts would want to invent it. The two fit together that well.

One of the key elements of a disaster recovery/business continuity (DR/BC) plan is geographical diversity. Simply, if the equipment in one location goes down – and carries the data with it – it is a reasonable idea to have a duplicate of both elsewhere. That idea predates the cloud (or, at least, the latest version of it). But it is exactly what the cloud provides.

At Datamation, Christine Taylor offers insight into the use of the cloud for DR. It is important to remember that though the cloud is a tremendous tool for DR, it must be proactively managed to realize the full benefits. A very important point is that there are limitations to the cloud’s DR capabilities – unless the enterprise takes the appropriate steps.



WASHINGTON, D.C. – The U.S. Department of Homeland Security's Federal Emergency Management Agency announced that federal disaster aid has been made available to the State of Oklahoma to supplement state, tribal, and local recovery efforts in the areas affected by severe winter storms and flooding during the period of November 27-29, 2015.

The President's action makes federal funding available to state, tribal and eligible local governments and certain private nonprofit organizations on a cost-sharing basis for emergency work and the repair or replacement of facilities damaged by the severe winter storms and flooding in Alfalfa, Beckham, Blaine, Caddo, Canadian, Custer, Dewey, Ellis, Grady, Grant, Kingfisher, Kiowa, Logan, Major, Oklahoma, Roger Mills, Washita, and Woods counties.

Federal funding is available on a cost-sharing basis for hazard mitigation measures statewide.

William J. Doran III has been named as the Federal Coordinating Officer for federal recovery operations in the affected area.  Doran III said additional designations may be made at a later date if requested by the state and warranted by the results of further damage assessments.

Follow FEMA online at blog.fema.gov, www.twitter.com/fema, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at www.twitter.com/craigatfema.  The social media links provided are for reference only. 

FEMA does not endorse any non-government websites, companies or applications.  FEMA does not endorse any non-government websites, companies or applications.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

The Identity Theft Resource Center has been tracking security breaches since 2005, and it’s abundantly clear with the release of the organization’s latest report that the threat continues to grow each year. Although there were widely publicized breaches such as the U.S. government’s Office of Personnel Management, VTech Learning Lodge and Anthem in 2015, there are many more records that have been compromised to some extent, but that don’t get the press coverage or qualify as an official IT incident within the definition of the study.

For purposes of their report, the Identity Theft Resource Center defines a  breach as “an event in which an individual’s name plus Social Security Number (SSN), driver’s license number, medical record, or a financial record/credit/debit card is potentially put at risk – either in electronic or paper format.” According to the report, as of December 22, 2015, there had been 766 breaches that exposed 177,840,420 records so far in 2015.



As retailers know, the closing weeks of the year can represent nearly half of annual profits.  From Black Friday through New Year’s, retail sales increase exponentially, and employees and IT systems feel the strain.  In order to mitigate the effects of this added pressure and to prepare for any catastrophic event this holiday season, the experts at MissionMode have some business continuity tips to share to help you maximize holiday sales.

Safeguard Retail Sales with a Strong IT DR Plan

Whether your holiday rush happens online or in-store, system downtime can have extremely adverse effects on your holiday sales.   With all the hustle and bustle of the holidays, shoppers can be both harried and impatient. When faced with system-related delays at a retailer, they are very likely to go elsewhere to complete their purchases.  In order to ensure as close to 100% uptime as possible, it’s critical to have a strong IT disaster recovery plan in place. Key components of the plan should include:



Enterprise infrastructure is at a weird inflection point as 2016 rolls around. In some cases, it is getting larger, as with the hyperscale cloud providers, but elsewhere it is getting smaller, as with the new hyperconverged platforms hitting enterprise channels.

Both of these trends are the product of similar demands from providers of data services for increased modularity, density and energy efficiency. A hyperscaler seeks to leverage these features to produce maximum scale, while a hyperconverger wants to enable reasonable scale on the smallest possible footprint. At the same time, they require increasingly sophisticated management, automation and optimization to provide customized service to an ever-expanding application environment.

But while most of the headlines surrounding hyper-infrastructure highlight commodity, OEM hardware, the fact is that traditional vendors stand to gain as well, although perhaps not as much as in rack servers and storage arrays. Dell recently combined its two hyperscale businesses into a single entity, dubbed the Extreme Scale Infrastructure, which will address what the company calls hyperscale and sub-hyperscale markets. Both of these segments are looking for fast, scalable infrastructure, although they may have differing levels of in-house expertise in advanced architectures.



It’s that time of year when the industry pauses and reflects on what trends have emerged, what new technologies have arrived on the scene, and how business models have evolved. In the spirit of the season, here are three areas that I see continuing to positively impact the IT channel in 2016:



Valve, the company behind gaming platform Steam, said a recent caching issue allowed Steam users to see pages that included other users' account information.

And as a result, Valve tops this week's list of IT security newsmakers to watch, followed by Hyatt Hotels (H), Livestream and the Digital Citizens Alliance (DCA).

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week's edition of IT security stories to watch to find out:



Geary W. Sikich looks at the emerging business and political risks which organizations need to be aware of and make plans for.

It is December 16th 2015 as I write these lines. Today is Beethoven’s birthday, we are at the yearend and as Christmas approaches it is time to look at what 2016 may bring us. How well will we do, or, how poorly will we perform when, and if, unplanned for crises emerge from threats that we continue to overlook? 

My top picks for threats, emerging crisis issues and high impact risks in 2016 and their current status are:



The escalating threat from cybercrime is set to force companies into increasing the skills of their boardroom executives in 2016, a global security and risk management consulting firm has predicted.

"There is a lack of specialist cyber skills in boardrooms worldwide, which is likely to become increasingly clear as 2016 progresses," said Ed Stroz, executive chairman of Stroz Friedberg.

"Companies are under growing pressure from investors, customers and regulators seeking reassurance that cyber risks are being actively managed and that they have the capability to deal with the aftermath of an incident."

Stroz believes that cyber trends - from hacktivist and insider threats to implications of potential cyber legislation in 2016 - will push corporate boards into reviewing their options to ensure they are better informed and comfortable making risk management decisions.



Google has bought a defunct semiconductor plant in Clarksville, Tennessee, not far from Nashville, planning to convert it into a data center, state officials announced today.

The company expects to invest $600 million in the project. This will be the eighth Google data center in the US.

Hemlock Semiconductor built the $1.2 billion polysilicon plant in 2013 but did not launch it because of deteriorating market conditions for the material, used to make photovoltaic panels. The site has access to a lot of power and has a lot of infrastructure in place that Google can adapt for data center use.



Salesforce has contracted for 40 megawatts of wind power from a West Virginia wind farm, becoming the latest cloud giant to enter into a utility-scale renewable-energy purchase agreement for its data centers.

The purchase covers more capacity than all of the cloud-based business software giant’s servers consume in data centers that host them. Unlike other cloud giants, Salesforce doesn’t own and operate its data centers, leasing capacity from commercial data center providers instead.

While companies like Google, Facebook, and Microsoft, which own and operate a lot of their data center capacity have been signing larger renewable energy purchase agreements and more frequently, there’s been an uptick in renewable energy investment by data center providers this year. This uptick indicates there’s now more interest from major data center customers, such as Salesforce, in carbon-neutral colocation.



Christmas is rapidly approaching -- but is your customers' sensitive information safe? IT security remains a top concern for many IT professionals, which is reflected in recent data.

The June 2015 Spiceworks Voice of IT survey revealed about three-quarters of IT professionals considered their organizations at risk for technology, IT security and man-made disasters or incidents. 

In addition, 60 percent of respondents said they believe their organizations are not adequately investing in IT security.

Managed service providers (MSPs), however, can help customers improve their security and safeguard their sensitive data throughout the holiday season and into 2016.



Regulatory compliance is a fact of life for every enterprise. And since security has been in the hot seat lately, everyone’s paying more attention – and concern – to compliance. Businesses face increased scrutiny and are tasked with managing a growing number of regulatory requirements that must be met. At the same time, com­petitive pressures are mounting with the development of new technolo­gies and the evolution of customer expectations for digital experiences. Is it possible for businesses to deliver new products and services at high velocity while still satisfying their obligations for compliance?

In every company, software is playing an increasingly pivotal role. Software-based services are often the primary way a company connects and communicates with customers. From sophisticated banking services accessed entirely through mobile phones and browsers to automobiles differentiated in the market by how well they integrate with the consumer’s technology ecosystem, software is today’s competitive currency.

Enterprises have more motivation than ever to reconcile the conflict between complying with regulatory requirements and competing in the fast-moving digital marketplace. Insert DevOps.



Tuesday, 22 December 2015 00:00

Safely incorporating BYOD into your workplace

One of the biggest trends in the tech sector at the moment is undoubtedly mobile. With smartphones and tablets becoming more powerful every year, many people now view them as a practical replacement for their desktop or laptop PC.

In the third quarter of 2015 alone, nearly 353 million smartphones were sold around the world – a 15.5 per cent increase over the same period the previous year, according to Gartner. And it is not only in people’s personal lives where these devices are set to make an impact, as businesses across all sectors can expect to see these gadgets entering the workplace more frequently.

Often, business smartphones and tablets won’t be issued by the company, but will be the personal devices of employees. This trend is known as bring your own device (BYOD), and if you haven’t yet encountered it, you can expect to do so sooner rather than later.



Much of IT security revolves around the question of how much you believe users can think for themselves. Password salting is a solution likely to appeal to those who think users are unreliable, careless or otherwise unable to behave correctly when it comes to the proper use of passwords. Yet the brain is a muscle and needs regular exercise, including password push-ups and security question squats. Which way should you go? To help answer that question, first try our super-fast primer on what password salting actually is; or if you prefer, how to explain its importance to your CEO.



Hoping to exploit the edge over VMware in the enterprise data center it has due to the massive scale of its public cloud, Microsoft is preparing to launch the first preview release of Azure Stack – a private Azure cloud environment a company can stand up in its own data center that will look exactly like the public version of Azure to users and be seamlessly integrated with the public cloud.

This is a similar angle on hybrid cloud VMware has been pursuing since 2013, when it announced its vCloud Hybrid Service that was later rebranded into vCloud Air. VMware promised a virtual extension of a customer’s on-premise VMware environment into the cloud.

The public cloud portion of VMware’s hybrid cloud is hosted in fewer data centers than Azure, relying on smaller footprint in colocation facilities, while Microsoft spends billions of dollars on massive data centers around the world, in some cases building on its own and in other cases leasing large facilities wholesale.



(TNS) - Security at France’s 58 nuclear power plants was purportedly raised to its highest level last month as a result of the terrorist attacks in Paris, stoking concern over the safety of Japan’s nuclear facilities.

After the triple meltdown in Fukushima in 2011, Japan shut down all 48 of its viable commercial reactors in light of the crisis. But attempts are now being made to bring many back online.

And despite opposition from anti-nuclear activists and groups, two reactors in Sendai, Kagoshima Prefecture, were restarted this fall and summer, with applications for 26 more pending Nuclear Regulation Authority approval.



Tuesday, 22 December 2015 00:00

Joplin Storm Serves as Guide for Code Changes

(TNS) - The International Code Council has approved building code changes recommended by the National Institute of Standards and Technology after it conducted an in-depth investigation into the EF-5 tornado that struck Joplin, Mo., on May 22, 2011.

Enhanced protection will be required for new school buildings and additions to buildings on existing school campuses, as well as high-occupancy structures associated with schools where people regularly assemble, such as a gymnasium, theater or community center.

Under the updated codes, storm shelters must be provided that protect all occupants from storms with wind speeds of 250 mph, representing the maximum intensity category of EF-5.



Tuesday, 22 December 2015 00:00

Nixle in Action: Preparing for El Nino

How do you prepare for the unexpected? What can you learn from past severe weather events? Are you ready for the next big El Nino? 

Communities along the Southern Pacific Ocean are forced to ask themselves these questions with the upcoming storm, predicted to arrive in January and stay as long as May. El Nino typically cycles every three to seven years and brings unusually wet conditions causing flooding, mudslides, frequent storms, buckled roads, and destroyed homes. [1] A climatologist at NASA’s Jet Propulsion Lab warned that “these storms are imminent…El Nino is here. And it is huge.”

Communities that are in locations prone to the storm have already started preparing and have learned lessons from the strongest El Nino reported which was in 1988. With this year’s El Nino predicted to be the second largest by the National Weather Service, [2] no precaution is being overlooked. The California Department of Transportation has increased their maintenance staff by 25% and in Malibu, public works departments will be on call 24/7 during the storm. [3]



Tuesday, 22 December 2015 00:00

BCI: Time to spread goodwill

Time to spread goodwill

As business continuity professionals, we do our best to make sure that our organizations are able to withstand disruption and carry on in as normal a way as possible. But how do you cope when the disruption is so widespread? Even if by some miracle your organization remains intact and functional, devastation still lies all around you. Your customers and suppliers may not be able to access you. Your customers and suppliers may no longer exist.

This is what the people of Chennai are facing, a city in India where the BCI has only recently set up a new Forum. Torrential rain has resulted in terrible flooding. Hundreds of people have died, and thousands of families have been displaced. As many of us celebrate the season of peace and goodwill, it is important that we share a little bit of that with others. In a season when we can become so obsessed with what we get as presents, it is important that we keep our minds open to what we can give.

It has become traditional for the Business Continuity Institute to make a donation at this time of year and this year we will be sending money to the Chennai Flood Relief Fund being organized by Global Giving. Initially, the fund will help first responders meet survivors' immediate need for food, fuel, clean water, hygiene products, and shelter. Once initial relief work is complete, the fund will transition to support longer-term recovery efforts run by local, vetted organizations. If you would like to make a donation, just visit the Global Giving website.

The BCI wishes all our Chapter Leaders, Forum Leaders, the BCI Board, Global Membership Council and fellow business continuity and resilience professionals around the world, Seasons' Greetings and a healthy 2016.

Note that the BCI Central Office will be closed on the 25th and 28th December and the 1st January 2016, re-opening on Monday 4th January 2016. On the 29th, 30th and 31st December, the office will be staffed between 10am and 3pm only (GMT).

Throughout 2015, Everbridge was proud to work hand-in-hand with corporations of all sizes, across all industries to deliver top-notch security and safety for stakeholders.  Corporations are under immense pressure to keep employees, infrastructure and customer safe during various types of events – weather related emergencies, building security failures, data breeches etc.  The past year proves how critical it is for corporations to leverage a notification system to communicate with stakeholders and improve business continuity. With 2016 quickly approaching, we took a trip down memory lane and gathered some of our “best of 2015″ quotes, inclusions and testimonials from our partners, employees and customers.  Throughout the “best of” list, several themes persist including threat monitoring, IT Alerting and the Internet of Things.   

Thanks for taking some time to reflect on 2015 — here goes!



Monday, 21 December 2015 00:00

Getting to the True Data Center Cost

Will it be cheaper to run a particular application in the cloud than keeping it in the corporate data center? Would a colo be cheaper? Which servers in the data center are running at low utilization? Are there servers that have been forgotten about by the data center manager? Does it make sense to replace old servers with new ones? If it does, which ones would be best for my specific applications?

Those are examples of the essential questions every data center manager should be asking themselves and their team every day if they aren’t already. Together, they can be distilled down to a single ever-relevant question: How much does it cost to run an application?

Answering it is incredibly complex, which is the reason startups like TSO Logic, Romonet, or Coolan, among others, have sprung up in recent years. If you answer it correctly, the pay-off can be substantial, because almost all data centers are not running as efficiently as they can, and there’s always room for optimization and savings.



Monday, 21 December 2015 00:00

Is the Enterprise Destined for Dev/Ops?

Amid all the technological changes set to take place in the coming year, the enterprise is on the verge of a momentous operational and organizational transformation as well. One of the most significant aspects of this is the rise of Dev/Ops as the driving force behind the delivery of IT services.

Before long, virtually the entire data stack will sit atop a virtual architecture residing on commodity hardware. Sure, there will always be a need for bare-metal functionality, but even then, those resources will be treated like managed services within an automated, software-defined ecosystem.

This means knowledge workers hoping for a new application won’t have to wait for coders and IT technicians to come together in a months-long development process that usually ends in either marginal success or abject failure. In the future, a combined Dev/Ops team, including the business unit in need of the app, will create the code, test it in the lab, provision the virtual resources, and then launch it into production environments, all within a matter of days or weeks.



Monday, 21 December 2015 00:00

Structuring Your Data Team: 9 Best Practices

Structuring a solid data team would be a lot easier if there were a common blueprint that worked equally well for all organizations. However, since each organization is unique and change is constant, companies must continually reassess their needs.

Technology hype and competitive pressures tend to frustrate strategic thinking, however. Instead of defining goals and identifying problems that need to be solved up front, organizations sometimes acquire technology or talent without a plan, which tends to negatively affect ROI.

"You need to have a really well-defined business case beforehand," said Jonathan Foley, VP of science at a recruiting software provider Gild, in an interview. "Companies are building out data science teams before they need them, before they understand what data science is and what is going to be the desired effect on the business. It's a me-too phenomenon where it's seen as something that can have a competitive advantage. But unless the leadership really understands the expected outcome of having data science and machine learning, it just becomes a difficult task. You don't know who to hire and you don't know how to manage the team once you have it."



As we close out the year, it is now time to begin the retrospective reviews and predictions for the New Year. I will try to keep them to a minimum but I find it important to reflect and look forward to new challenges.

Compliance is a fast moving profession. More attention is being paid to the compliance function, and more companies are embracing the importance of compliance. The last twenty years has seen an explosion in enforcement, and the natural response of compliance.

As compliance begins to mature and establish itself on the governance landscape, there are many important challenges and trends. Compliance has to continuously evaluate itself as a function and as a profession. More structure is needed around training, professional standards and formal education programs. Until these issues are addressed, compliance is a profession in search of subject-matter experts.



Monday, 21 December 2015 00:00

Reporting DR & BCM Program Status as Red

I’ve noticed recently that many individuals working on various projects and programs, including Disaster Planning and Business Continuity, seem afraid to actually communicate some of the difficulties they’re encountering.  With most projects and programs, executives and sponsor expect to receive a regular update on the efforts and whether there are any major issues they need to be aware of.  In the majority of cases projects are reported on as either being;

1. GREEN – all is well and tracking to schedule, scope and budget;

2. AMBER (Yellow) – some minor hiccups and need to deal with some smaller issues or risks, which may need some participation by the sponsor to ensure scope, budget and schedule get back on track; and,

3. RED – all heck’s has broken loose and we’ve got a major problem.



Microsoft made a data analytics acquisition. IBM expanded its IoT Watson efforts with new APIs. Apple shut down its Twitter analytics acquisition. For this week's big data roundup, let's start with the threat of evil algorithms and robot overlords.

Well, maybe it's not that drastic, but if that dystopian future is coming, we may be better prepared now, thanks in part to Tesla founder Elon Musk.

Musk, together with several other tech firms and entrepreneurs, are pooling their fortunes to launch OpenAI, a nonprofit artificial intelligence research company. The aim is to advance digital intelligence in a way that is most likely to benefit humanity as a whole, unconstrained by the drive for financial return.



Monday, 21 December 2015 00:00

Has ISIS Become The Top Cyber Threat?

The media coverage and public debate following the November terror attacks in Paris might give one the impression that ISIS has suddenly become the top cyber threat to Western countries. Officials in France, the U.K., and Canada have seized on the Paris attack to promote a number of cyber security initiatives. In the United States, we have seen a renewed debate over encryption, as well a calls from both leading Democratic and Republican presidential candidates to censor the Internet to combat the threat that ISIS poses there. This is despite the fact that the Paris attacks were not cyber attacks and were planned “in plain sight” and without widespread use of sophisticated encryption technologies by the attackers.

We should ask two questions: First, has our attention really shifted towards ISIS as a cyber threat? Second, if so, is this shift warranted? In short, my answer to these questions is yes, there is reason to believe our attention has shifted, and no, this shift is not warranted.

As I have argued in my previous work, close observers of the history of the U.S. cyber security debate have noted a tendency for cyber threat perceptions to mirror larger national security concerns. That is, the perception of cyber threat actors can be influenced by other perceived threats that are not primarily about cyber security. Paris seems to provide an example of this phenomenon.



A new hazard mitigation plan lays out how local community officials can reduce vulnerability to natural and man-made hazards in Chatham County. That reduced vulnerability, in turn, can lead to lower flood insurance rates.

Emergency planners explained the latest edition of Chatham County's hazard mitigation plan at a public meeting Thursday afternoon at Garden City City Hall.

For the first time, the 2015 plan includes the threat of sea level rise, a reality that's becoming more apparent as high-tide flooding more frequently swamps area roads.

"In all coastal counties we're seeing a lot of that," said Margaret Walton, project manager for Atkins, the consulting company that helped produce the plan.



(TNS) - Ohio ranks in the bottom tier of states when it comes to preparing for and handling outbreaks of infectious disease, according to a new report.

The state received points for just three of 10 indicators examined in the report, “Outbreaks: Protecting Americans From Infectious Diseases.”

That means Ohio tied six other states — Idaho, Kansas, Michigan, Oklahoma, Oregon and Utah — for last place.

The five highest-scoring states — Delaware, Kentucky, Maine, New York and Virginia — received points for eight of 10 indicators.



Monday, 21 December 2015 00:00

Man-made Disaster Losses Increase in 2015

Natural catastrophes made up the lion’s share of global insured disaster losses in 2015, but a man-made loss was the year’s costliest.

Preliminary estimates from Swiss Re sigma put insured losses from disaster events at $32 billion in 2015, of which $23 billion were triggered by natural catastrophes and $9 billion by man-made disasters.

The explosions at the Port of Tianjin, China in August are expected to lead to claims of at least $2 billion, making it the costliest event of the year and the biggest man-made insured loss in Asia ever, sigma said.



Given the fact that most IT organizations are now storing orders of magnitude more data than they ever did in the past, it should not come as a surprise that usage of data deduplication tools is on the rise. The challenge is that different types of data respond better to different types of data deduplication algorithms.

To make it simpler for IT organizations to invoke those algorithms at the right time, Exablox this week announced that it is adding support for variable-length deduplication to its OneBloxstorage appliances alongside existing support for fixed-length deduplication and inline compression.

Sean Derrington, senior director of product management for Exablox, says that means within the context of a single storage pool, IT organizations can now apply policies to data that automatically invoke the most appropriate approach to data deduplication based on the type of data being stored.



SACRAMENTO, Calif. – The California Governor’s Office of Emergency Services (Cal OES), the Federal Emergency Management Agency and the U.S. Small Business Administration (SBA) have approved more than $30 million in disaster recovery grants and loans for survivors of the Butte and Valley wildfires.

“The job isn’t finished,” said FEMA Federal Coordinating Officer Tim Scranton. “We continue working with all of our recovery partners through the holiday season to help the survivors and communities in Calaveras and Lake counties recover and rebuild.”

“We have excellent teams who are dedicated to the mission,” said Cal OES State Coordinating Officer Charles Rabamad. “I’m continually inspired by the hard work and focus everyone has on trying to get those who were burned out of their houses into homes for the holidays."

Here is a snapshot of state and federal disaster assistance approved to date:

  • The registration period for federal assistance ended Nov. 23, 2015. During that timeframe, more than 3,700 Californians contacted FEMA for information or registered for assistance with FEMA.
  • $940,000 approved for survivors through California’s State Supplemental Grant Program.
  • More than 1,500 survivor households have been approved for a total of more than $11.5 million in FEMA Individual Assistance grants.
    • Of that, nearly $7.5 million was approved in Housing Assistance, which can include grants to help cover home repair and replacement costs as well as financial rental assistance.
    • 833 survivor households are receiving rental assistance. Of that number, 606 are renters and 227 are homeowners.
    • More than $4 million was approved for Other Needs Assistance, which helps survivors cover the cost of replacing lost contents and other disaster-related expenses.
  • SBA has approved $19.2 million in low-interest disaster loans to help business owners and residents with their recovery.
    • $16.9 million approved for 190 homeowners and renters.
    • $2.2 million for 34 businesses.
  • 35 survivor households are currently sheltering at hotels and motels through FEMA’s Transitional Sheltering Assistance program. The program is designed to provide temporary sheltering until alternative housing accommodations are made available.

Helping survivors find a safe, secure temporary place to live is the number one priority of the state and federal recovery team. FEMA is working with eligible survivor households in both counties to ensure their temporary housing needs are met. When it comes to temporary housing for survivors, the first option is always rental assistance as it is the fastest and most efficient form of temporary housing.

FEMA continues connecting eligible survivors with available rental resources within a reasonable commuting distance from their community. For survivors in areas where rental resources are not available, the agency is working to provide Manufactured Housing Units on both private sites and commercial sites.

FEMA, the state and the counties are coordinating to complete debris removal, secure utilities and complete required local licensing to move more Manufactured Housing Units onto feasible private sites. FEMA is also working with property owners at various commercial sites to complete required upgrades and move more units onto those locations.

Survivors can make changes or track their grant status online at DisasterAssistance.gov or by calling 800-621-3362; TTY 800-462-7585; 711 or Video Relay Service (VRS), call 800-621-3362.

Although the deadline has expired to apply for property damage loans from SBA, small, non-farm businesses, small agricultural cooperatives, small businesses engaged in aquaculture and most private nonprofit organizations of any size may continue to apply for an SBA Economic Injury Disaster Loan (EIDL) to help meet working capital needs caused by the disaster. EIDL assistance is available regardless of whether the business suffered any property damage. These loans help meet financial obligations and operating expenses, which could have been met had the disaster not occurred.

EIDL applicants may apply online via SBA’s secure website at https://disasterloan.sba.gov/ela.  Disaster loan information and application forms are also available from SBA’s Customer Service Center by calling 800-659-2955 or emailing This email address is being protected from spambots. You need JavaScript enabled to view it.. Individuals who are deaf or hard of hearing may call 800-877-8339. For more disaster assistance information, or to download applications, visit www.sba.gov/disaster.

For more information on California’s wildfire recovery, go to caloes.ca.gov and fema.gov/disaster/4240 and follow us on Twitter @femaregion9 and @Cal_OES, and on Facebook at facebook.com/FEMA and facebook.com/CaliforniaOES.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain and improve our capability to prepare for, protect against, respond to, recover from and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). If you have a speech disability or hearing loss and use a TTY, call 800-462-7585 directly; if you use 711 or Video Relay Service (VRS), call 800-621-3362.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who are referred to SBA for a disaster loan must apply to be eligible for additional FEMA assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

The SBA is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps businesses of all sizes, private non-profit organizations, homeowners and renters fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it..

The recent terrorist attacks in Paris and San Bernardino serve as reminders that man-made disasters are a growing reality in today’s world. Business resiliency, security and information technology professionals know they have a responsibility to prepare their organizations for frightening and disruptive events such as these. Further, these preparations must include methods for communicating across the organization in a secure, rapid and accurate way.

While typical mass notification methods such as SMS, telephony and email are viable channels in many cases, they each have their limitations. Take, for example, SMS service in Paris after the terrorist attack. The volume of SMS spam traffic into France compelled the government to block the delivery of certain types of international text messages (particularly two-way messages). This move negatively impacted the ability of certain businesses to communicate with employees and other stakeholders in the region via this widely-used channel.

Resiliency managers can’t control the actions of foreign or domestic governments. However, they can deploy the latest communication technologies that minimize or eliminate communication barriers, while gaining a greater degree of control over stakeholder interactions.



The number of Fortune 500 companies successfully using Big Data analytics as a way to improve business intelligence and efficiency is not very high. According to a Forbes article, it’s anticipated that the number could be as low as 15 percent. Among SMBs, that percentage is likely even lower.

One of the reasons so few are using Big Data is due to the lack of skilled professionals available to analyze the massive amounts of information being generated. Companies still don’t understand how to best leverage the collected data.

However, Big Data can be a real asset when properly utilized. It can customize customer offerings based on past purchases, it can anticipate supply and demand, and it can anticipate potential problem points and generate solutions. In short, Big Data can be a game changer for a business, as it was for these companies.



European Union’s three regulatory bodies have reached an agreement on common rules for governing data privacy across all member states. Europe’s data privacy reform has been in the making for at least three years and now finally appears close to enactment.

While addressing what businesses can and cannot do with users’ personal data and outlining rules for access to personal data by law enforcement, the packages do not address cross-border data flows, which until recently were governed by a set of rules called Safe Harbor but was stricken down by the European Commission, causing a stir in the cloud services industry, where the biggest players are by their nature operating globally distributed data center infrastructure.

“Our next step is now to remove unjustified barriers which limit cross-border data flow: local practice and sometimes national law, limiting storage and processing of certain data outside national territory,” Andrus Ansip, VP for the Digital Single Market, said in a statement on the recent agreement, reached earlier this week. Digital Single Market is an EC initiative to promote a unified single digital economy across the EU, governed by a common set of laws.



Friday, 18 December 2015 00:00

A Sobering View of International Cybercrime

A few months ago, I had the opportunity to sit in on a talk given by Christian Karam, a digital crime officer, cyber innovation and outreach, with Interpol, at G DATA’s 30th anniversary celebration. It was a fascinating discussion (and I got to continue it a bit on a shared cab ride with Karam the next day) about how cybercrime is universal yet regional, and how it is continuously evolving.

Karam’s talk focused on the difficulties facing law enforcement when it comes to stopping cybercrime internationally. Unlike security companies, law enforcement – Interpol specifically – isn’t just concerned with stopping cybercrime, but with putting the cybercriminals in prison. Why? Karam said:

If you just stop the criminals from their activities, they will come back with a smarter, faster, more elegant way to do damage.



The National Guard Bureau will deploy 13 new cyber protection teams composed of about 500 soldiers across the nation to help protect the network infrastructure, the military arm announced Dec. 9. The Air Guard will also deploy four new "Cyber Operations Squadrons" in Idaho, Michigan, Texas and Virginia, along with a "cyber Information Surveillance Reconnaissance (ISR) squadron" in California and a "cyber ISR group" in Massachusetts. Collectively the deployments are geared toward a federal effort to protect against mounting cyberthreats. The teams will run simulations, and share contacts, information and resources with local organizations to help thwart and prevent attacks.

The cyber protection teams will be deployed across Alabama, Arkansas, Colorado, Illinois, Kentucky, Louisiana, Minnesota, Mississippi, Missouri, Nebraska, New Jersey, New York, North Dakota, South Dakota, Tennessee, Texas, Utah and Wisconsin, joining four teams already deployed across California, Georgia, Indiana, Maryland, Michigan and Ohio.

The teams are positioned around the nation's 10 Federal Emergency Management Agency response regions. This infrastructure is needed to support operations in the growing cyber world, said Air Force Col. Kelly Hughes, chief of the Space and Cyber Warfare Operations Division at the Air National Guard Readiness Center.



In case you haven’t seen our latest news, this morning we announced we have received a third-party certificate of HIPAA compliance across all of our facilities, including Mail-Gard, by independent assessor, Crimson Security Inc.

Data security and compliance is critical to all of our customers, but especially to those in the highly regulated healthcare industry. Compliance to HIPAA requirements has always been a focus of our healthcare clients. We are considered a Business Associate under the HITECH Act, which extended our clients’ compliance requirements to companies such as ours.

While the third-party review is a new undertaking, IWCO Direct has focused on HIPAA compliance for years. In fact, our first self-evaluation dates back to 2006. Since that time we have continued annual audits and regular enhancements. However, as a means to measure and assure that our own internal audits and self-certifications were valid, this year we engaged Crimson Security to assess our HIPAA/HITECH control environment. This independent assessment provided us a “second set of eyes” that reinforced our internal security and compliance team efforts, as well as reassured our healthcare client base of our strong corporate security posture.

- See more at: http://www.iwco.com/blog/2015/12/18/hipaa-compliance-certificate/?utm_source=IWCO+Speaking+Direct+Newsletter&utm_campaign=7102768a10-RSS_EMAIL_CAMPAIGN&utm_medium=email&utm_term=0_6225488a32-7102768a10-104311797#sthash.6jhG8ION.dpuf

In case you haven’t seen our latest news, this morning we announced we have received a third-party certificate of HIPAA compliance across all of our facilities, including Mail-Gard, by independent assessor, Crimson Security Inc.

Data security and compliance is critical to all of our customers, but especially to those in the highly regulated healthcare industry. Compliance to HIPAA requirements has always been a focus of our healthcare clients. We are considered a Business Associate under the HITECH Act, which extended our clients’ compliance requirements to companies such as ours.

While the third-party review is a new undertaking, IWCO Direct has focused on HIPAA compliance for years. In fact, our first self-evaluation dates back to 2006. Since that time we have continued annual audits and regular enhancements. However, as a means to measure and assure that our own internal audits and self-certifications were valid, this year we engaged Crimson Security to assess our HIPAA/HITECH control environment. This independent assessment provided us a “second set of eyes” that reinforced our internal security and compliance team efforts, as well as reassured our healthcare client base of our strong corporate security posture.

- See more at: http://www.iwco.com/blog/2015/12/18/hipaa-compliance-certificate/?utm_source=IWCO+Speaking+Direct+Newsletter&utm_campaign=7102768a10-RSS_EMAIL_CAMPAIGN&utm_medium=email&utm_term=0_6225488a32-7102768a10-104311797#sthash.6jhG8ION.dpuf

InformationWeek is spotlighting the companies whose innovative solutions to technology and business challenges earned them a place on our 2015 Elite 100. For more on the program, and to see profiles of the Top 10 Elite 100 finalists, click here. If you're interested in nominating your company for consideration in the 2016 Elite 100, click here.

It's not every day that an IT project has internal business units jostling to use it. But that's exactly the situation Intuit IT had on its hands after the launch of the Intuit Analytics Cloud (IAC).

Sponsor video, mouseover for sound

Gathering and storing data wasn't a problem for Intuit, which offers financial software and tools such as TurboTax, QuickBooks, Quicken, and Mint.com. The challenge was deriving useful insight from all its data. That's why Intuit launched IAC: to turn lakes of data into pools of information.



​First ever CBCI graduation ceremony in Malaysia

GRCCS in collaboration with the Business Continuity Institute recently carried out the first Certificate of the BCI (CBCI) graduation ceremony at the Pullman Kuala Lumpur City Centre Hotel in Kuala Lumpur, Malaysia. The 30 graduates received their CBCI from David James-Brown FBCI, Chairman of the BCI, and witnessed by GRCCS Chairman YBhg. Tan Sri Dato’ Hj. Abd Karim B. Munisar.

The CBCI graduation ceremony was the first graduation ceremony for CBCI graduates to be carried out in Malaysia, and in the world. It is an initiative carried out by GRCCS to honour the 30 CBCI graduates on their achievement of acquiring the CBCI credential this year. All 30 CBCI graduates had attended the Good Practice Guidelines Training and CBCI Exam classes in 2015 carried out by GRCCS.

The CBCI graduation ceremony was also attended by Abdul Razak Yaacob, Chief Executive Officer of GRCCS and Chong Chen Voon, Chief Operating Officer of GRCCS, Nik Khairun Nisa Nik Mohd Khalid, Executive Director of GRCCS, other Executive Directors of GRCCS and distinguished guests from various organisations from the public sector, public listed companies, GLCs, universities and private companies, and was covered by many leading media networks including TV stations and newspapers in Malaysia. Some of the key government agencies that were present at the graduation ceremony are Malaysian Administrative Modernisation and Management Planning Unit (MAMPU), Prime Minister’s Department of Malaysia, Perbadanan Putrajaya (Putrajaya Corporation), and Kumpulan Semesta Sdn. Bhd. of Selangor State’s Menteri Besar Selangor Incorporated (MBI).

The 30 CBCI graduates are from various large organisations such as Bursa Malaysia (Malaysia Stock Exchange Authority), Maybank, Sime Darby, UMW Corporation, AEON, Measat, Berjaya Group, Boustead, Malaysian Technology Development Corporation (MTDC), Matrade, Malaysia Airlines, Takaful Ikhlas, Gas Malaysia, Okachi, Berjaya University College of Hospitality, MNRB, Pengurusan Asset Air Berhad (PAAB) and Universiti Sains Malaysia (USM) which represents the public sector, public listed companies, GLCs, universities and private companies.

Tan Sri Dato’ Hj. Abd Karim, Chairman of GRCCS said, “This is certainly encouraging and shows that all sectors in Malaysia are indeed embracing BCM. It is also gratifying to see the representatives from the Human Resource, Heads of Divisions and CEOs also present today to witness the achievement of the CBCI graduates from their respective companies.

This is the first CBCI graduation ceremony for Malaysia. I applaud GRCCS for taking the initiative to carry out this CBCI graduation ceremony to honour and provide recognition to the business continuity professionals and trust this will encourage the future growth of the BCM ecosystem in Malaysia,” said David James-Brown FBCI, Chairman of the BCI.

Tan Sri Dato’ Hj. Abd Karim Munisar also stressed the need for business continuity to be a boardroom agenda for organizations, considering the potentially devastating financial and organizational impact of a disaster. He said "employers have the added benefit of having certified practitioners who can help towards achieving alignment or certification to ISO 22301, or to demonstrate enhanced levels of resilience which can give the organization the edge over their competition."

GRC Consulting Services (GRCCS) is an established professional consulting firm specialising in Governance, Risk and Compliance (GRC) Advisory Services. GRCCS is a Licensed Training Provider for the BCI to deliver BCI certification courses in Malaysia and China. The BCI training is based on the BCI’s Good Practice Guidelines which themselves are aligned with the ISO 22301. GRCCS also provides Human Capital Development Advisory and is the leading provider of GRC integrated software i.e. CURA software and Governance Manager Software; and Everbridge Mass Notification System in Malaysia.


Thursday, 17 December 2015 00:00

How MSPs Improve Business Continuity

When an MSP asked a large agency within the State of Maryland if it could retrieve a file from six months ago with 100% confidence, the answer was no. What if the agency had to do a full system restore? What would that downtime look like? A week? A month? Even the organization's best-case estimate wasn’t sufficient, by today's RPO and RTO standards.

At the end of the day, the IT department at the Maryland government agency was looking to upgrade its legacy backup system, but couldn’t afford to make any more expensive upfront investments. This is why the agency turned to an MSP (SANS Technology) to simplify its disaster recovery and backup needs.

The Business Challenge: Finding a DR Solution That Could Protect Every OS and Every Server

One of SANS Technology’s customers, a large agency within the State of Maryland, was looking to move from tape backup to disk-based backup and protect an environment that included:



Thursday, 17 December 2015 00:00

How to Make It Through a Failed Security Audit

Embarrassing – or inevitable? How you view a failed security audit, whether in IT or at an overall organisational level, depends on whether you think security is a result or a process. There is a fundamental difference between the two points of view. In addition, current trends suggest that security is becoming less of an achievable state, and more of a continual improvement. Surveys confirm that many organisational executives consider that security breaches are no longer a question of “if”, but of “when”. In that case, a security audit should always “fail”. What counts is the reaction to such failure.



Akamai’s Third Quarter, 2015 State of the Internet Report had a bit of good news and a bit of bad news. As usual, the report offers a lot of numbers. Global connectivity speed increased a very small amount -- 0.2 percent -- to 5.1 Megabits per second (Mbps) from the second quarter. However, the gain represented a far more impressive 14 percent year-over-year increase.

Another bit of mixed news was found in average peak connection speed. It dipped a bit – 0.9 percent – to 32.2 Mbps from the second to the third quarters. That followed, however, an increase of 12 percent during the second quarter compared to the first. The year-over-year growth for the third quarter was 30 percent.

Highlights were noted for Singapore (a 25 percent speed increase to 135.4 Mbps) and Macao (an 18 percent increase to 73.7 Mbps). Singapore remained atop the international listings. The firm found that about 15 percent of the world has broadband connections that are 15 Mbps, which the company rates as “4K ready. This represents is a 5.3 percent increase from the second quarter.” In the U.S., 10 states had 10 percent or more unique IP addresses operating at speeds of 25 Mbps or higher.



Thursday, 17 December 2015 00:00

Four Steps to Achieving Safety Culture Success

When you think of safety culture, what comes to mind? Perhaps it is visions of hallway walls plastered with safety advisories, or the common “Safety First” banner that is hung high over the manufacturing or production floor. While these visual aids might make an organization appear safety-oriented, they are often not enough to build a true culture of safety.

Safety culture is defined by the shared beliefs, attitudes and practices that determine the performance of an organization’s safety and health management. As it turns out, every organization has a safety culture—whether it is good or bad, healthy or weak. Even employers with the best intentions may say they value safety in the workplace, but are unable to provide the proper resources, training and communication needed to fully engage their employees to become involved. In turn, when employers do not engage workers in the process of building a safe culture, employees may not be able to recognize an unsafe work environment or feel comfortable speaking to their managers about existing safety risks.

It’s no question that workplace safety should be a top priority, but organizations need to keep in mind that they will see the greatest success when everyone in the workforce is driving the commitment. Here are four steps organizations can take to ensure a strong safety culture:



Thursday, 17 December 2015 00:00

Switch CEO: Michigan Data Center Build is a Go

Now that the state legislature has approved tax breaks for data center owners and users in Michigan, the project to convert the pyramid-shaped office building outside of Grand Rapids is a go. Future of the project by Las Vegas-based data center provider Switch hinged on the bill’s passage, and lawmakers rushed it through the legislative process to get it approved before the holidays.

The bill, passed by the state House Tuesday, now heads to Governor Rick Snyder’s desk for signing. In a phone interview, Switch CEO Rob Roy said the company has decided to go ahead with its Michigan data center construction plans “100 percent.”

Those plans call for 2 million square feet of building space, including the Steelcase Pyramid and several additional buildings Switch plans to erect around it. The full build-out could take up to 10 years and include six buildings, the company’s spokesman Adam Kramer told us earlier.



The traditional enterprise vendors’ hold on the data center market is said to be shaky and growing weaker by the day as new cloud and white box solutions come into vogue. But by the numbers at least, it seems like the old guard is holding its own for the moment.

According to Synergy Research Group, HPE, Cisco and Microsoft are tops in the $120 billion data center infrastructure market, which itself is growing at about 3 percent per year based largely on sales of virtualization software, blade servers and security solutions. HPE controls about 25 percent of the market, followed by Cisco at 13 percent, and then Microsoft, which has about 70 percent of the total software spend. Somewhat ironically, the cloud is driving many of these revenue gains by spurring demand for hyperscale and private cloud infrastructure.

And despite what you hear about converged, commodity infrastructure and tightly integrated computing solutions, it seems that the rack server still rules the roost in the data center, says the UK Register. About $10 billion of the $29 billion in sales for the third quarter went to the rack, with growth moving roughly in sync with the overall infrastructure market. And while HPE does rule in the established enterprise market, Cisco is tops in the fast-growing service provider segment, which is eager to match servers with advanced, high-speed networking.



Identifying and managing emerging risks is perennially a top concern for most organizations, as an unforeseen threat can quickly impact company operations in a significant way. CEB research shows that progressive companies regularly scan for new risks and embed systems and processes that enable them to detect risks early. They also work to uncover risks by encouraging contrarian thinking and questioning strategic assumptions.

With this in mind, every quarter, we survey senior executives in risk, audit, finance and compliance at leading companies on key emerging risks and the potential impact, probability and velocity for their organizations. The dashboard in Figure 1 captures the percentage of survey respondents that select a given emerging risk as one of their top five concerns, giving us insight into which emerging risk events are the most important to companies.



Each year my team of futurists puts together a list of big trends for the coming year. We analyze how right we were with our “15 for 2015” and compile our “16 for 2016” (they must be dreading 2030). I’m relieved to see our methods are working; in 2015 we were right on the money – and money was one of the major things to change.

2015 saw Goldman Sachs as the first financial juggernaut to invest in Bitcoin, and I started to pay my daily London commute with Apple AAPL -1.83% Pay on my iWatch, along with 40% of Londoners now using contactless payments for the tube; Fintech has now entered a revolution.

We also backed autonomous machines, and the US airspace applications for drones have gone from 1 in 2014 to 50 per week as we stand today (source FAA), leading to a rapid need for “drone-ports,” where I’m sure Amazon will be keen to set up a duty-free shop. Other trends we highlighted included B2B ecommerce now rising at a rate twice as fast as B2C commerce did; “women as a customer” as all industries tackle diversity head on; and one of my personal favorites, and a brave one, was policymakers and diplomats globally coming together on trade and important policies like climate change. It was good to see that we are learning to compromise, as we saw with the climate change agreement.



(TNS) - During its first meeting since the Dec. 2 terror attack in San Bernardino in which 14 people were killed and 22 wounded, the San Bernardino County Board of Supervisors on Tuesday unanimously approved several measures that will ramp up security at county facilities, seek state and federal funding assistance and extend paid leave for environmental health employees.

The meeting began with an emotional remembrance ceremony for the victims. Board Chairman James Ramos led a prayer.

“We pray for the families of those that are going through this tragic time. We ask now that the continuing of prayers continue to come in to San Bernardino County, and specifically to our (Environmental Health Services) department,” Ramos said.



Thursday, 17 December 2015 00:00

Five Data Center Trends to Watch in 2016

Yossi Ben Harosh is President & CEOof RiT Technologies.

All signs indicate that 2016 will be a year of many challenges. Disruptive technologies will be introduced, the exponential increase in computing power will continue, while businesses will demand a prompt response to quickly changing requirements. At the same time the requirement to be highly resource efficient will stay the same.

As a result of these challenges we predict these changes will emerge in 2016:



In theory at least, a standard platform-as-a-service (PaaS) environment should greatly advance hybrid cloud computing by providing a common layer of software that abstracts away the underlying infrastructure complexity. To make sure that actually happens, the Cloud Foundry Foundation (CFF) announced today that it has created a certification through which IT organizations will be assured that multiple implementations of the open source Cloud Foundry PaaS are compatible with one another.

The first providers of Cloud Foundry PaaS software to attain a Cloud Foundry PaaS Certification include CenturyLink, Hewlett-Packard Enterprise, Huawei, IBM, Pivotal, SAP and Swisscom.

Cloud Foundry CEO Sam Ramji adds that this technology certification is the first step in a much broader certification effort that Cloud Foundry will embark on in 2016. As part of that effort, Cloud Foundry is working with some of the leading systems integrators in the industry to create a Cloud Foundry certification for technical professionals as well, says Ramji.



Technological advances and market forces are driving demand for data scientists, and universities are stepping up to fill the need by expanding their curriculums. Here's a closer look at some of the programs.

Data science isn't new, but as technologies and the job market have changed to create more demand for these skills, university offerings must change, too.

In some cases, existing courses and degree programs are simply being rebranded. In other cases, faculty members are purposely adding data science concepts to existing courses and creating new courses and degree programs.

"A case can be made that every student should develop data science skills. Computational thinking is another core part of the curriculum for a well-educated individual whether or not they become a programmer so they can understand the nature of what's involved and apply critical thinking to data analysis and data analytics," said Dan Lopresti, chair of Lehigh University's department of computer science and engineering, and also director of Lehigh's interdisciplinary Data X initiative.



Thursday, 17 December 2015 00:00

3 Reasons to Outsource IT Security to an MSP

A new Webroot survey of 300 IT decision-makers indicated many small and medium-sized businesses (SMBs) intend to increase their security budgets next year. 

The survey, titled "Are Organizations Completely Ready to Stop Cyberattacks?," revealed 81 percent of respondents said they plan to increase their annual IT security budget for 2016.

In addition, 81 percent noted they believe outsourcing IT solutions (including cybersecurity endeavors) would increase their bandwidth to address other areas of their business.

"SMBs play a pivotal role in helping drive the economies of all the countries polled, but past experiences have taught them they face an uphill battle when it comes to cybersecurity," said George Anderson, Webroot's director of product marketing, in a prepared statement. "This perception must change."



At this point, almost every modern data center will have worked with some type of virtualization technology. A recent Cisco report noted that cloud workloads are expected to more than triple (grow 3.3-fold) from 2014 to 2019, whereas traditional data center workloads are expected to see a global decline, for the first time, at a negative 1 percent CAGR from 2014 to 2019.

Traditionally, one server carried one workload. However, with increasing server computing capacity and virtualization, multiple workloads per physical server are common in cloud architectures. Cloud economics, including server cost, resiliency, scalability, and product lifespan, along with enhancements in cloud security, are promoting migration of workloads across servers, both inside the data center and across data centers (even data centers in different geographic areas).

With this in mind, it’s important to note that the modern hypervisor and cloud ecosystem have come a long way. VMware, Microsoft, Citrix, and others are paving the way with enterprise-ready technologies capable of consolidating an infrastructure and helping it grow harmoniously with other tools. Today, many systems are designed for virtualization and cloud readiness. In fact, best practices have been written around virtualizing heavy workloads such as SQL, Oracle, Exchange, and so on. Taking advantage of these cloud-ready platforms will make your data center more agile and more capable of meeting market demands.



— The emails arrived overnight Monday into Tuesday. They threatened the safety of hundreds of thousands of students in the nation’s two largest school districts, promising that a violent plan already had been set in motion and raising the specter of guns and bombs inside numerous classrooms.

New York City officials opted to open their public schools on time Tuesday, calling the message an amateurish hoax imitating a popular television series. But across the country in Los Angeles, Superintendent Ramon Cortines took a different tack, closing every school in his sprawling district in a move that disrupted the daily lives of more than 640,000 students and their families.

Maybe the threat wasn’t real. But maybe it was. And at a time when the world is reeling from terrorist attacks — including two weeks ago in San Bernardino, just an hour’s drive from Los Angeles — Cortines said he had no choice but to be cautious.



Wednesday, 16 December 2015 00:00

BCI: Terrorism as a lasting threat

Terrorism as a lasting threat

The threat of terrorism looms over many societies and has been a considerable source of concern for professionals in the protective disciplines. The Paris attacks are still fresh in the collective memory and brings to the fore how terrorism can profoundly disrupt our way of life. The latest Horizon Scan Report by the Business Continuity Institute featured acts of terrorism as one of the top ten threats that business continuity professionals worry about for the fourth year running – a sign of such lingering concern.

Terrorist acts confront our fundamental sense of security and therefore involve our emotions. Our emotions, for better or for worse, influence our judgments on risk and how we carry on with our lives. As our societies respond to this continuing threat, that tension between intellect and emotion is also played out. Given our role in the protective disciplines, we need to be aware of our personal judgments on risk which influence our professional decisions.

In the latest edition of the BCI's Working Paper Series, Tim Jordan captures this tension quite well as he discusses implications to the understanding of risk from a practitioner’s perspective, highlighting that terrorism is a persistent phenomenon. This is an important premise as it influences business continuity, the way we analyse the business impact of certain risks and our responsibility in making our organizations resilient.

The Paper concludes that the issue of managing risks associated with terrorism is complex and not easy to conceive. It is also not a topic which lies within the bounds of business continuity, risk and resilience. Nevertheless, our profession faces terrorism risks and the organizations we work for are affected directly or indirectly by terrorist acts. Therefore business continuity, risk and resilience practitioners should have a sound understanding of the issues and their accompanying effects.

In the end, terrorism and its effects influence the perception of risks and individual feelings. Business continuity, risk and resilience practitioners are not free from these effects. Given their important role, they are in a position where their tasks require them to critically examine their environment in a more considered way.

To download your free copy of ‘Terrorism as a lasting threat and its implications to practitioners’ view on risk', click here.

Wednesday, 16 December 2015 00:00

A Practical Approach to Supply Chain Risk

This article was republished with permission from Michael Volkov’s blog, Corruption, Crime & Compliance.

A Chief Compliance Officer can get so overwhelmed with risks that it is hard to keep their focus on priorities. Risks are everywhere and no compliance program can address every risk – the trick is keeping your eye on the ball and focusing on the significant risk.

There are lots of risks surrounding a company’s supply chain. Unfortunately, vendors, suppliers and their respective vendors and suppliers can drive you crazy when you start to calculate all the permutations. A supplier of a supplier of a supplier can create real risks for anyone in the chain.

In addressing this complex situation, a clear strategy has to be developed – predicated on defining the specific risks applicable to your supply chain.



DENTON, Texas – The Federal Emergency Management Agency (FEMA) urges people to buy flood insurance now – before the next flood hits.

Flooding is the nation’s number one natural disaster, a fact people in this part of the United States know all too well. Yet statistics indicate most people ignore the risks associated with flooding and do not buy flood insurance.

However, with some forecasters calling for a wet winter in many parts of the country, local residents should buck that trend, said FEMA Region 6 officials in Denton, Texas. Those wet winter forecasts come on the heels of a spring and summer that saw Arkansas, Louisiana, Oklahoma and Texas receive major disaster declarations for flooding.

“Nobody here will forget the heartbreaking images from this spring’s devastating floods,” said Regional Administrator Tony Robinson. “Losing your family’s treasured possessions to floodwaters is hard enough; not having insurance to cover the replacement costs makes a bad situation worse.”

People who want to know whether they live in a flood-prone area and how to get flood insurance can learn more on www.floodsmart.gov. The site contains a wealth of information about the risks and costs of flooding, and the benefits of insurance.

“Once you buy an insurance policy, it takes 30 days to go into effect – so the time to act is now, before the next heavy rains,” Robinson said.

Last Updated: 
December 15, 2015 - 16:48
State/Tribal Government or Region: 
Wednesday, 16 December 2015 00:00

Report Reveals Growing Trends in IT Outsourcing

More and more, companies are selecting colocation providers to help them manage complex data center environments, lower capital and operating costs, and shore up physical security.

These are the key findings from a recent Ponemon Institute research initiative on how companies are better managing the complexity and costs of their IT infrastructure

Top Reasons to Outsource

Managing data centers has become more complex. The Ponemon Institute’s research reveals IT leaders’ top three reasons to outsource to data center providers.