Workforce Productivity, IT Service Management, IT Job Description, Sarbanes Oxley, IT Salary Full and Disaster Planning
October 9th, 2006
Disaster recovery takes on extreme proportions
(Computerworld) -- Continental Airlines Inc. last week ran its first full-blown test of a new disaster recovery facility that it opened earlier this year in an former bomb shelter built by an eccentric Chinese oil baron.
The Houston-based airline decided to improve its business continuity and disaster recovery facilities last October after hurricanes Katrina and Rita, said John Stelly, managing director of technology. At that time, the company's off-site facility was located just 20 miles north of Houston and ran on the same power and telecommunications grid as the city, he said.
In March, Continental chose a bomb shelter run by Westlin Corp. in Montgomery, Texas. The shelter, which about 50 miles north of Houston, was originally designed in the 1980s to support up to 700 people for months. The facility extends 50 feet below ground and is not only farther from downtown Houston but is also served by a different power company and is on a different power grid, Stelly said.
Continental signed the lease by May 15 and had completed some retrofitting by July 1. While the airline had done some testing since July, the first full-scale operational test, which featured Continental running its entire organization for one shift from the facility, took place on October 3, Stelly said.
The facility takes up about 2,000 square feet of the 40,000-sq.-ft. underground bunker, which is where servers and other equipment are housed, Stelly said. The facility's primary shortfall -- literally -- is that its ceilings are only about 10 feet high, so Continental dealt with that by using shorter racks and more square footage, he said.
more info
September 26th, 2006
Microsoft admits WGA failures "coming up more commonly now"
Scrolling through the posts on Microsoft's official WGA Validation Problems forum is like reading accident reports from a multiple-car pileup on Interstate 5. Many of the victims are completely innocent and have no idea what hit them, and cleaning up the mess can be a nightmare.
Even a casual reading of the posts at the WGA Validation Problems forum makes it clear that WGA has serious problems. But Microsoft refuses to share any hard data about WGA installations, making it impossible for independent observers to quantify the extent of the problems. Until now, that is.
more info
September 20th, 2006
We are losing the security war
(IDG News Service) -- Companies are losing the battle to secure their IT systems from attacks by hackers and other threats, Bruce Schneier, the founder and chief technology officer of Counterpane Internet Security Inc., warned today.
"I don't think, on the whole, we are winning the security war; I think we are losing it," Schneier said in a speech webcast today at the Hack in the Box Security Conference (HITB) in Kuala Lumpur, Malaysia. As systems get more complex, they get less secure, he said. And as security technology improves, the complexity of modern IT systems increases even faster.
"The Internet is the most complex machine ever built," Schneier said. "This explains why security is getting worse."
In addition, the nature of the threat that companies face has changed in important ways. Where hacking was once considered an occupation for hobbyists, a growing number of hackers are now criminals with a profit motive. "The nature of the attacks are changing because the adversaries are changing," Schneier warned. "They have different motivations, different skill sets and different risk aversions."
Hobbyists now represent the minority of hackers, according to Schneier, which means hackers pose an even greater threat to companies. "The hobbyist is more interested in street cred; the criminal wants results," he said.
more info
September 14th, 2006
eBay to push for grid standards
(Computerworld) -- EBay Inc. is using grid computing to deliver services to its millions of users. Paul Strong, the online retailer's distinguished research scientist, said the biggest issue eBay faces in its grid deployment is managing a shared infrastructure across its more than 15,000 servers. Instead of managing individual servers, eBay wants its systems administrators to manage aggregations of servers or tiers of a service.
"That is where we are going -- we are trying to create tools that allow them to visualize the infrastructure differently and tools that automate activity." eBay must build its tools to accomplish this, which the company would like to change.
more info
September 11th, 2006
Cosmonaut takes on Microsoft
ZDNet News South African magnate Mark Shuttleworth has already conquered space. Now he's set his sights on cyberspace, where he hopes to challenge Microsoft.
Shuttleworth made his fortune by selling an Internet company he started in his Cape Town garage. He then spent $20 million on becoming the world's second space tourist in 2002, and the first African in orbit.
Now, he is taking on U.S. technology behemoth Microsoft by pioneering free computer software that he hopes will revolutionize the way computers are used, and make the Internet accessible to millions in Africa and other emerging markets.
"Ultimately open source is the platform of the future," Shuttleworth said. "It's one of those enormous waves that is taking over everything--like the Internet."
Shuttleworth's "Ubuntu" family of software programs is based on the Linux open-source operating system, which works on the principle that software is free and can be modified at no cost by anyone to suit local and specific needs--unlike rival Microsoft's proprietary software.
more info
September 4th, 2006
CA antivirus mistakenly flags Windows component
(IDG News Service) -- CA Inc. caused some headaches this week after its antivirus software inadvertently flagged part of the Windows OS as malware.
The SANS Internet Storm Center reported the problem Friday saying that an overnight update to CA's eTrust Antivirus signatures had caused the software to flag a security-related process in Windows as malicious. The faulty update caused some Windows 2003 servers to crash and become unusable, .
The problem was that eTrust Antivirus was mistakenly flagging the Windows Lsass.exe process, said Bob Gordon, a CA spokesman. "CA quickly discovered and fixed an issue which temporarily caused some customers to detect a problem in their Lsass.exe files," he said in an e-mail.
According to Gordon, it took CA less than seven hours to fix the mix-up. The problem was introduced in the 30.3.3054 update, released at 2:53 a.m. Eastern Standard Time (EST) and fixed in the 30.3.3056 update, which was issued at 9:34 a.m. EST.
The Lsass.exe process is part of Windows' security mechanism. So users who had set their eTrust Antivirus to automatically remove malicious software may have found that their systems crashed and were unable to boot up Windows once Lsass.exe was removed.
CA's guidance for users who have been experiencing crashes as a result of the buggy update can be found on their site.
Antivirus software like CA's uses digital fingerprints, called signatures, to identify malicious software. In this case, eTrust Antivirus apparently mistook Lsass.exe for the Win32/Lassrv.B virus.
It is not unheard of for signature files to mistakenly identify legitimate software as malware, but it is remarkable that CA's software made the mistake with a well-known Windows component, according to Johannes Ullrich, chief research officer at SANS. CA should have been able to detect the problem in its quality-assurance testing, he said.
The mixup apparently did not disrupt a large number of users, but it still reflects poorly on vendors like CA, Ullrich said. "It's another loss in trust toward the antivirus business," he said. "It tells you that the antivirus vendors don't do the testing."
more info
September 2nd, 2006
Business Continuity & DRP Template Updated For Web Sites
Janco Associates, Inc. (Janco), announced today the release of Version 4.1 of its Disaster Recovery and Business Continuity Template. This electronic document is over 183 pages and can be used in the creation of a unique Disaster Recovery Plan (DRP) and Business Continuity plan (BCP) for any entity. In the process of creating DRPs and BCPs for organizations across the country, Janco has found every department, in every corporation or organization needs a universal, yet comprehensive DRP and BCP to safeguard the use of their computers and all related equipment and information which support enterprise wide operations in the event of a disaster.
Version 4.1 has detail activation procedures for the plan as well as a specific form set for web sites that are informational and e-commerce based.
more info
August 31st, 2006
Microsoft implores testers to jump on Vista RC1
(Network World) -- Microsoft Corp. is counting on its beta testers to be "aggressive" as they start working on Release Candidate 1 of Windows Vista in order for the software giant to make its ship dates, according to the executive overseeing the entire Vista project.
Sven Hallauer, director of release management for Windows Vista, said the product team of 5,000 engineers is working as much as 70-hour weeks on Vista RC1 as it heads for shipment.
RC1 is expected to ship early next month. A release candidate is code deemed good enough to ship but is put through a final round of testing.
During a podcast posted on the Windows Vista team blog, Hallauer said it is imperative that testers get to work immediately when RC1 is released and dedicate as much time as possible to testing and providing feedback back to Microsoft so it can meet its internal release dates. The company said Vista will ship in November.
more info
August 18th, 2006
Google Is Everywhere In Silicon Valley
(Reuters)—Google Inc. has turned the Silicon Valley town where it is headquartered into a showcase for the advantages of free, citywide wireless Internet access, in what might be called Google everywhere.
The Web search leader said on Tuesday that it is now making a Google-supported wireless Internet network generally available to the 72,000 residents of Mountain View, California, along with the town's office workers, daily visitors and the more than 1,000 Microsoft Corp. employees at the Google rival's 24-acre Mountain View campus.
Not just local laptop computer owners, but users of any other Wi-Fi device or telephone simply need to seek out nearby wireless networks and pick the "Google Wi-Fi" option. Once the device's browser window opens a Google log-on page appears.
Wireless customers with Google e-mail, instant messaging or home page accounts can sign in using with their normal passwords. Those wishing to remain anonymous can create a temporary user name and sign in to a default Google home page featuring local information on Mountain View and the surrounding region.
Google says it sees a spike in usage of its search and advertising services wherever broadband usage spreads. By offering wireless access inside homes, offices, schools and around town, Google expects further economic benefits.
more info
August 10th, 2006
Visa Tightens the Security Screws on 1,000 Merchants
In an effort to increase security measures across a wider spectrum of retailers and other businesses, Visa USA is moving 1,000 merchants that process between 1 million and 6 million credit card transactions in a year from Level 4 data security requirements to Level 2 data security requirements. The change, which will be enforced beginning Sept. 30, means merchants will be subject to mandatory quarterly network vulnerability scans and a yearly self-assessment. Because such measures are merely recommended for Level 4 merchants, very few even pay attention to them, experts say, so the move is a good one on Visa's part. more info
|
